Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19.04.2024 01
Ran by micha (08-05-2024 14:48:45)
Running from C:\Users\micha\OneDrive\Plocha
Microsoft Windows 11 Home Version 23H2 22631.3447 (X64) (2024-01-04 17:23:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-756127909-4058986209-260929036-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-756127909-4058986209-260929036-503 - Limited - Disabled)
Guest (S-1-5-21-756127909-4058986209-260929036-501 - Limited - Disabled)
micha (S-1-5-21-756127909-4058986209-260929036-1001 - Administrator - Enabled) => C:\Users\micha
WDAGUtilityAccount (S-1-5-21-756127909-4058986209-260929036-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
Amazon Corretto (x64) (HKLM\...\{70AB6CD3-CB93-40D5-BC15-E1026CDFBBC8}) (Version: 21.0.2.13 - Amazon)
AMD Privacy View (HKLM\...\{D8E24EA6-807B-48D0-86D6-A9C5E74B8F2C}) (Version: 1.02.0001 - Eyeware Tech SA)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 24.3.1 - Advanced Micro Devices, Inc.)
AVG Driver Updater (HKLM\...\AVG Driver Updater) (Version: 23.4.4881.12032 - AVG)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blackmagic RAW Common Components (HKLM\...\{02D4AF42-46AB-40EE-9C11-ED7B5291D875}) (Version: 4.0 - Blackmagic Design)
Blitz (HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 2.1.164 - Blitz, Inc.)
BlueStacks App Player (HKLM\...\BlueStacks_nxt) (Version: 5.14.22.1003 - now.gg, Inc.)
BlueStacks Services (HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\BlueStacksServices) (Version: 3.0.8 - now.gg, Inc.)
BlueStacks X (HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\BlueStacks X) (Version: 10.5.22.1006 - now.gg, Inc.)
Branding64 (HKLM\...\{492AEFBE-1B81-4C20-A111-E6974BB98EC5}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden
Brave (HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\BraveSoftware Brave-Browser) (Version: 124.1.65.114 - Autoři prohlížeče Brave)
Call of Duty (HKLM-x32\...\Call of Duty) (Version:  - Blizzard Entertainment)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version:  - Blizzard Entertainment)
CPUID CPU-Z 2.08 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.08 - CPUID, Inc.)
CPUID HWMonitor 1.52 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.52 - CPUID, Inc.)
CrystalDiskMark 8.0.4c (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.4c - Crystal Dew World)
CyberGhost 8 (HKLM\...\CyberGhost 8) (Version: 8.4.5.13632 - CyberGhost S.R.L.)
DaVinci Resolve (HKLM\...\{F4EFC61D-DA12-4A0C-9C11-0627E5CE7C92}) (Version: 19.0.00020 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{51FF8939-704B-4CC3-A66D-B193294342DC}) (Version: 2.1.0.0 - Blackmagic Design)
Discord (HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
DownloadHelper CoApp (HKLM-x32\...\DownloadHelper CoApp) (Version: 2.0.19.0 - ACLAP)
Dynamic Application Loader Host Interface Service (HKLM\...\{439E5170-CFC8-4944-8119-746ECF219399}) (Version: 1.0.0.0 - Intel Corporation) Hidden
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.188.0.5701 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{d473ca0c-6e51-4386-a9d8-0458f243b271}) (Version: 13.188.0.5701 - Electronic Arts)
Epic Games Launcher (HKLM-x32\...\{FAC47927-1A6A-4C6E-AD7D-E9756794A4BC}) (Version: 1.3.23.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.)
FACEIT (HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\FACEIT) (Version: 1.31.18 - FACEIT Ltd.)
FACEIT Anti-Cheat (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 2.1 - FACEIT LTD)
Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.15 - Blackmagic Design)
Free Download Manager (HKLM\...\{0C1D4CF2-5575-4786-834C-B0FC977E9714}}_is1) (Version: 6.20.0.5510 - Softdeluxe)
Geeks3D FurMark 1.21.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
GMenu (HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\4ac46a8d-c0d4-56ee-87f3-9abd4ce22e7f) (Version: 3.24.0 - AOC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 124.0.6367.119 - Google LLC)
Hamachi (HKLM-x32\...\{C00E2143-38F2-49BA-AB8A-03F22F02F0A4}) (Version: 2.3.0.111 - LogMeIn, Inc.) Hidden
Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.3.0.111 - LogMeIn, Inc.)
Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.1.176 - Riot Games, Inc.)
hide.me ovpn-dco (HKLM\...\{87204ADF-3210-47DB-8D0B-8F8F6B872DC2}) (Version: 0.9.3.0 - hide.me)
hide.me TAP-Windows6 (HKLM\...\{FCFCDF8A-2F07-4850-A489-33475E73A9D1}) (Version: 9.26.0.0 - hide.me)
hide.me VPN 4.0.4 (HKLM-x32\...\{0E00BDA5-7998-4889-BE4B-39A4BBD2EDFB}_is1) (Version: 4.0.4 - eVenture Limited)
Intel(R) Chipset Device Software (HKLM\...\{2EE411D3-03C6-4647-81F5-A3C13F25FDC5}) (Version: 10.1.18838.8284 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{2d8d3782-0c02-4681-87f4-e004b3d4a8f6}) (Version: 10.1.18838.8284 - Intel(R) Corporation)
Intel(R) LMS (HKLM\...\{DFFC9992-3A41-4155-A834-9831C6E58D98}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2130.16.0.2387 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{FA6E1882-F6C1-47E1-A6CB-FC1F5460E311}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{38F0D70E-8F07-4BF9-A5E0-6946C3D614D8}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.2129.8 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{A5530342-3F3E-4C02-9ECA-20DC35944BFD}) (Version: 30.100.2129.8 - Intel Corporation) Hidden
Iriun Webcam version 2.8.4 (HKLM-x32\...\IriunWebcam_is1) (Version: 2.8.4 - Iriun)
iTop Screenshot (HKLM-x32\...\iTop Screenshot_is1) (Version: 1.2.3.544 - iTop Inc.)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.3.7 - PandoraTV)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2024.2.534136 - Logitech)
LSC_Battletron 2.0.13 (HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\4682e427-f1d4-58e9-ae92-7249f6aeeff5) (Version: 2.0.13 - )
ManorLords (HKLM-x32\...\1361243432_is1) (Version: 0.7.954 - GOG.com)
Microsoft .NET Host - 6.0.14 (x86) (HKLM-x32\...\{364225D5-48A0-4CF2-9BDF-F72872EE07FF}) (Version: 48.59.55225 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.5 (x64) (HKLM\...\{F3B3A61B-DC16-429A-A260-DBAFE66741A9}) (Version: 48.23.40665 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.7 (x64) (HKLM\...\{E914E975-A0B1-49F7-AB71-28DACD495C44}) (Version: 56.31.61636 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.14 (x86) (HKLM-x32\...\{C20F1D07-10B7-4B92-8FA0-DF8E58D6467F}) (Version: 48.59.55225 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.5 (x64) (HKLM\...\{3E6CCD41-6B96-47BD-8E1E-D7B593CEE976}) (Version: 48.23.40665 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.7 (x64) (HKLM\...\{62A9DE14-DB7A-41D9-9D7E-ED494E6FCBAF}) (Version: 56.31.61636 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.14 (x86) (HKLM-x32\...\{101779FE-3FE4-420A-94DD-01B3ED37DE84}) (Version: 48.59.55225 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.5 (x64) (HKLM\...\{089A177D-98AE-4195-A115-D3C45613B875}) (Version: 48.23.40665 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.7 (x64) (HKLM\...\{ECCA3DB0-6DEF-42CD-A21A-F2F7B918FB59}) (Version: 56.31.61636 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 124.0.2478.80 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 124.0.2478.80 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\OneDriveSetup.exe) (Version: 24.062.0326.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33135 (HKLM-x32\...\{46c3b171-c15c-4137-8e1d-67eeb2985b44}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33135 (HKLM-x32\...\{9C19C103-7DB1-44D1-A039-2C076A633A38}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33135 (HKLM-x32\...\{286DC39B-5FB7-4AFF-9DD4-22DB47664CD7}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.14 (x86) (HKLM-x32\...\{0CA8F91E-EE14-4ED7-94A4-BAD16EA67D2F}) (Version: 48.59.55235 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.14 (x86) (HKLM-x32\...\{c31ad3df-16b7-41b3-81fa-7658cb450781}) (Version: 6.0.14.32124 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.5 (x64) (HKLM\...\{DE578B32-084A-49E7-8E55-6F58A37578C0}) (Version: 48.23.40699 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.5 (x64) (HKLM-x32\...\{0f711ee3-eb88-456d-acb4-c2ee31add211}) (Version: 6.0.5.31215 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 7.0.7 (x64) (HKLM\...\{593F16DC-C2D3-4740-ABD4-A171B4E32B06}) (Version: 56.31.61651 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.7 (x64) (HKLM-x32\...\{e875fc20-9a37-4344-b046-0bb037cb2d57}) (Version: 7.0.7.32525 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{A26EF561-5945-46FD-8094-FA34E44D460F}) (Version: 2.0.0.0 - Mojang)
MKVCleaver 64 bit (HKLM\...\{32886311-ABB4-45BE-8274-1F53641B2AC7}_is1) (Version: 0.8.0.0 - Ilia Bakhmoutski)
MKVToolNix 82.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 82.0.0 - Moritz Bunkus)
Movavi Video Converter 22 Premium (HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\Movavi Video Converter 22 Premium) (Version: 22.5.0 - Movavi)
MSI Afterburner 4.6.5 (HKLM-x32\...\Afterburner) (Version: 4.6.5 - MSI Co., LTD)
NordUpdater (HKLM\...\{6E35DB82-3D19-4DD6-B8CB-F082815FDE18}_is1) (Version: 1.4.4.1 - Nord Security)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 7.23.1.0 - Nord Security)
Novabench (HKLM\...\{33CB129E-2220-4858-AA71-4CE4CD7792CA}) (Version: 5.4.1 - Novabench Inc.)
Opera GX Stable 107.0.5045.89 (HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\Opera GX 107.0.5045.89) (Version: 107.0.5045.89 - Opera Software)
Paltalk (HKLM-x32\...\Paltalk) (Version:  - )
PSPad editor (HKLM\...\PSPad editor 64bit_is1) (Version: 5.0.7.775 - Jan Fiala)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.9.0430.042305 - Razer Inc.)
Real Estate Simulator (HKLM-x32\...\Real Estate Simulator_is1) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.50.511.2021 - Realtek)
Riot Client  (HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\Riot Game Riot_Client.) (Version:  - Riot Games, Inc)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
RivaTuner Statistics Server 7.3.4 (HKLM-x32\...\RTSS) (Version: 7.3.4 - Unwinder)
Roblox Player for micha (HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\roblox-player) (Version:  - Roblox Corporation)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.83.1767 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.2.6.9 - Rockstar Games)
STAR WARS™ Battlefront™ II (HKLM-x32\...\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}) (Version: 1.1.8.16162 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs Desktop 1.15.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 1.15.1 - General Workings, Inc.)
TeamSpeak (HKLM\...\{EE883F28-D7AF-48E5-87B6-1F59D856362F}) (Version: 5.0.0 - TeamSpeak)
Telegram Desktop (HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.16.8 - Telegram FZ-LLC)
TikTok LIVE Studio (HKLM\...\tiktoklivestudio) (Version: 0.54.0 -  TikTok Pte. Ltd.)
Time Adjuster STANDARD 3.1 (HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\TimeAdjuster) (Version:  - IrekSoftware.com)
TmUnitedForever Update 2010-03-15 (HKLM-x32\...\TmUnitedForever_is1) (Version:  - Nadeo)
U.GG 1.9.18 (HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\aca90cad-9059-53b1-8dc9-f846273ebdf3) (Version: 1.9.18 - Outplayed, Inc.)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
VALORANT (HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
Windscribe (HKLM\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 2.9.9 - Windscribe Limited)
WinRAR 6.24 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.24.0 - win.rar GmbH)
WireGuard (HKLM\...\{2FDB79CE-5193-4A39-82BB-E00158CC1533}) (Version: 0.5.3 - WireGuard LLC)
Xerox WorkCentre 6015B (HKLM-x32\...\{E16CF080-B932-4BA1-93FF-4021096F006C}) (Version: 1.009.00 - Xerox) Hidden
Xerox WorkCentre 6015B (HKLM-x32\...\InstallShield_{E16CF080-B932-4BA1-93FF-4021096F006C}) (Version: 1.009.00 - Xerox)
YKB 3400 PANZER (HKLM-x32\...\YKB 3400 PANZER) (Version: V1.05n - FAST CR a.s.)

Packages:
=========

AMD Radeon Software -> C:\Program Files\AMD\CNext\CNext [2024-04-17] (Advanced Micro Devices Inc.)
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1200.442.0_x64__8wekyb3d8bbwe [2024-03-21] (Microsoft Corporation)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-01-11] (Microsoft Corp.)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-03-21] (Microsoft Corporation)
Microsoft.Windows.Ai.Copilot.Provider -> C:\Program Files\WindowsApps\Microsoft.Windows.Ai.Copilot.Provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-03-23] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-03-15] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24032.58.0_x64__cw5n1h2txyewy [2024-04-16] (Microsoft Windows) [Startup Task]
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.9.0_x64__qmba6cd70vzyy [2024-03-31] (ASUSTeK COMPUTER INC.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0 [2024-04-16] (Spotify AB) [Startup Task]
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-03-15] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2024-01-05] (win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-756127909-4058986209-260929036-1001_Classes\CLSID\{002add35-e00a-f3ef-f484-215bb738aa23}\localserver32 -> "C:\Program Files (x86)\Camo Studio\CamoStudio.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-756127909-4058986209-260929036-1001_Classes\CLSID\{06B74C04-E813-4DD4-A972-172836EFA8D6}\InprocServer32 -> C:\Users\micha\AppData\Local\BraveSoftware\Update\1.3.361.149\psuser_64.dll (Brave Software, Inc. -> BraveSoftware Inc.)
CustomCLSID: HKU\S-1-5-21-756127909-4058986209-260929036-1001_Classes\CLSID\{06C9646D-2807-44C0-97D2-6DA0DB623DB4}\localserver32 -> C:\Users\micha\AppData\Local\BraveSoftware\Brave-Browser\Application\124.1.65.114\notification_helper.exe (Brave Software, Inc. -> Brave Software, Inc.)
CustomCLSID: HKU\S-1-5-21-756127909-4058986209-260929036-1001_Classes\CLSID\{2611B500-C92D-4949-B04B-9B7039C47E03}\InprocServer32 -> C:\Users\micha\AppData\Local\BraveSoftware\Update\1.3.361.147\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-756127909-4058986209-260929036-1001_Classes\CLSID\{4e6f7264-5650-4e00-0000-000000000000}\localserver32 -> C:\Program Files\NordVPN\NordVPN.exe (nordvpn s.a. -> nordvpn S.A.)
CustomCLSID: HKU\S-1-5-21-756127909-4058986209-260929036-1001_Classes\CLSID\{50726f74-6f6e-2e56-504e-000000000000}\localserver32 -> "C:\Program Files\Proton\VPN\v3.2.10\ProtonVPN.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-756127909-4058986209-260929036-1001_Classes\CLSID\{5C4D8D77-5B87-40CA-884E-F56858227E5C}\localserver32 -> C:\Program Files\TeamSpeak\notification_helper.exe => No File
CustomCLSID: HKU\S-1-5-21-756127909-4058986209-260929036-1001_Classes\CLSID\{C3B0D5E9-CAF5-48D2-AD21-41C74C237DEC}\InprocServer32 -> C:\Users\micha\AppData\Local\BraveSoftware\Update\1.3.361.149\psuser_64.dll (Brave Software, Inc. -> BraveSoftware Inc.)
CustomCLSID: HKU\S-1-5-21-756127909-4058986209-260929036-1001_Classes\CLSID\{E5C657EF-6BB1-4852-A192-2EF1DE230B6F}\InprocServer32 -> C:\Users\micha\AppData\Local\BraveSoftware\Update\1.3.361.143\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-756127909-4058986209-260929036-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files\PSPad editor\pspshellx64.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-756127909-4058986209-260929036-1001_Classes\CLSID\{F6E536F5-F795-49CE-A85D-2DA66503C6F1}\InprocServer32 -> C:\Users\micha\AppData\Local\BraveSoftware\Update\1.3.361.149\psuser_64.dll (Brave Software, Inc. -> BraveSoftware Inc.)
ContextMenuHandlers1_S-1-5-21-756127909-4058986209-260929036-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2023-11-09 11:59 - 2023-02-27 22:39 - 001393152 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.Core.Runtime.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 002772480 _____ () [File not signed] C:\G-Menu\ffmpeg.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000379904 _____ () [File not signed] C:\G-Menu\libegl.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 007863296 _____ () [File not signed] C:\G-Menu\libglesv2.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000085504 _____ () [File not signed] C:\G-Menu\resources\bin\lib\BeiYing\KBAccess_AGK600.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000081920 _____ () [File not signed] C:\G-Menu\resources\bin\lib\BeiYing\KBAccess_GK450_K901.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000130560 _____ () [File not signed] C:\G-Menu\resources\bin\lib\BeiYing\KBAccess_GK451_K916.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000081920 _____ () [File not signed] C:\G-Menu\resources\bin\lib\BeiYing\KBAccess_GK480_K901.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000085504 _____ () [File not signed] C:\G-Menu\resources\bin\lib\BeiYing\KBAccess_GK530.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000130560 _____ () [File not signed] C:\G-Menu\resources\bin\lib\BeiYing\KBAccess_K98_K916.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000091136 _____ () [File not signed] C:\G-Menu\resources\bin\lib\BeiYing\MSAccess_AGM600.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000091136 _____ () [File not signed] C:\G-Menu\resources\bin\lib\BeiYing\MSAccess_GM300.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000091136 _____ () [File not signed] C:\G-Menu\resources\bin\lib\BeiYing\MSAccess_GM310.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000091136 _____ () [File not signed] C:\G-Menu\resources\bin\lib\BeiYing\MSAccess_GM510.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000091136 _____ () [File not signed] C:\G-Menu\resources\bin\lib\BeiYing\MSAccess_GM530.dll
2024-03-15 19:10 - 2023-12-18 12:43 - 000176128 _____ (eVenture Limited) [File not signed] [File is in use] C:\Program Files (x86)\hide.me VPN\hidemesvc.dll
2024-03-15 19:10 - 2023-07-24 10:02 - 000013312 _____ (havendv) [File not signed] [File is in use] C:\Program Files (x86)\hide.me VPN\H.Formatters.BinaryFormatter.dll
2024-03-15 19:10 - 2023-07-24 10:02 - 000016384 _____ (havendv) [File not signed] [File is in use] C:\Program Files (x86)\hide.me VPN\H.Formatters.dll
2024-03-15 19:10 - 2023-07-24 10:02 - 000013824 _____ (havendv) [File not signed] [File is in use] C:\Program Files (x86)\hide.me VPN\H.Formatters.Newtonsoft.Json.dll
2024-03-15 19:10 - 2023-07-24 10:02 - 000028160 _____ (havendv) [File not signed] [File is in use] C:\Program Files (x86)\hide.me VPN\H.Pipes.AccessControl.dll
2024-03-15 19:10 - 2023-07-24 10:02 - 000111104 _____ (havendv) [File not signed] [File is in use] C:\Program Files (x86)\hide.me VPN\H.Pipes.dll
2024-03-15 19:10 - 2023-07-21 00:05 - 000014336 _____ (havendv) [File not signed] [File is in use] C:\Program Files (x86)\hide.me VPN\NamedPipeServerStream.NetFrameworkVersion.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000034304 _____ (LED_Control) [File not signed] [File is in use] C:\G-Menu\resources\bin\LED_Control.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000188416 _____ (Mark Heath) [File not signed] [File is in use] C:\G-Menu\resources\bin\NAudio.Core.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000173568 _____ (Mark Heath) [File not signed] [File is in use] C:\G-Menu\resources\bin\NAudio.Wasapi.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000828928 _____ (NLog) [File not signed] [File is in use] C:\G-Menu\resources\bin\NLog.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000046592 _____ (NLog) [File not signed] [File is in use] C:\G-Menu\resources\bin\NLog.Extensions.Logging.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000048128 _____ (NLog) [File not signed] [File is in use] C:\G-Menu\resources\bin\NLog.Web.AspNetCore.dll
2024-03-15 19:10 - 2023-09-12 10:56 - 000581632 _____ (Sentry.io) [File not signed] [File is in use] C:\Program Files (x86)\hide.me VPN\Sentry.dll
2024-01-12 16:05 - 2023-12-18 18:48 - 000125440 _____ (Softdeluxe) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\downloadsbatch.dll
2024-01-12 16:05 - 2023-12-18 18:50 - 003092480 _____ (Softdeluxe) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\downloadsbt.dll
2024-01-12 16:05 - 2023-12-18 18:49 - 000112128 _____ (Softdeluxe) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\downloadsjsp.dll
2024-01-12 16:05 - 2023-12-18 18:49 - 000216576 _____ (Softdeluxe) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\downloadsm3u.dll
2024-01-12 16:05 - 2023-12-18 18:49 - 000625152 _____ (Softdeluxe) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\downloadsms.dll
2024-01-12 16:05 - 2023-12-18 18:48 - 000358400 _____ (Softdeluxe) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\downloadswww.dll
2024-01-12 16:05 - 2023-12-18 18:36 - 000045056 _____ (Softdeluxe) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\logger.dll
2024-01-12 16:05 - 2023-12-18 18:38 - 000235008 _____ (Softdeluxe) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\quazip.dll
2024-01-12 16:05 - 2023-12-18 18:47 - 000691200 _____ (Softdeluxe) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\vmsclshared.dll
2024-01-12 16:05 - 2023-12-18 18:39 - 000043520 _____ (Softdeluxe) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\winunivappfeatures.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000014848 _____ (Swashbuckle.AspNetCore.Swagger) [File not signed] [File is in use] C:\G-Menu\resources\bin\Swashbuckle.AspNetCore.Swagger.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000084480 _____ (Swashbuckle.AspNetCore.SwaggerGen) [File not signed] [File is in use] C:\G-Menu\resources\bin\Swashbuckle.AspNetCore.SwaggerGen.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 003724800 _____ (Swashbuckle.AspNetCore.SwaggerUI) [File not signed] [File is in use] C:\G-Menu\resources\bin\Swashbuckle.AspNetCore.SwaggerUI.dll
2024-01-12 16:05 - 2023-04-27 20:27 - 002876928 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\libcrypto-1_1-x64.dll
2024-01-12 16:05 - 2023-04-27 20:27 - 000688640 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\libssl-1_1-x64.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000357888 _____ (TODO: <公司名>) [File not signed] C:\G-Menu\resources\bin\DDCHelperLib.dll
2011-03-23 12:20 - 2011-03-23 12:20 - 000285696 _____ (Xerox) [File not signed] C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmnet.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000832512 _____ (Zeasn) [File not signed] [File is in use] C:\G-Menu\resources\bin\G_Menu.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000074752 _____ (Zeasn.Audio.Sync.Lib) [File not signed] [File is in use] C:\G-Menu\resources\bin\Zeasn.Audio.Sync.Lib.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000167424 _____ (Zeasn.Com.Lib) [File not signed] [File is in use] C:\G-Menu\resources\bin\Zeasn.Com.Lib.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000123392 _____ (Zeasn.DDC.Lib) [File not signed] [File is in use] C:\G-Menu\resources\bin\Zeasn.DDC.Lib.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000071168 _____ (Zeasn.DTS.Lib) [File not signed] [File is in use] C:\G-Menu\resources\bin\Zeasn.DTS.Lib.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000748032 _____ (Zeasn.Equipment.Base.Lib) [File not signed] [File is in use] C:\G-Menu\resources\bin\Zeasn.Equipment.Base.Lib.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000152064 _____ (Zeasn.Equipment.Entity.Lib) [File not signed] [File is in use] C:\G-Menu\resources\bin\Zeasn.Equipment.Entity.Lib.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000250368 _____ (Zeasn.Equipment.Option.Lib) [File not signed] [File is in use] C:\G-Menu\resources\bin\Zeasn.Equipment.Option.Lib.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000171008 _____ (Zeasn.Framework.Core.Lib) [File not signed] [File is in use] C:\G-Menu\resources\bin\Zeasn.Framework.Core.Lib.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000087552 _____ (Zeasn.Framework.Game.Lib) [File not signed] [File is in use] C:\G-Menu\resources\bin\Zeasn.Framework.Game.Lib.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000044032 _____ (Zeasn.Log.Lib) [File not signed] [File is in use] C:\G-Menu\resources\bin\Zeasn.Log.Lib.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000053760 _____ (Zeasn.Open.Equipment.Lib) [File not signed] [File is in use] C:\G-Menu\resources\bin\Zeasn.Open.Equipment.Lib.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000138752 _____ (Zeasn.USB.BeiYing.Lib) [File not signed] [File is in use] C:\G-Menu\resources\bin\Zeasn.USB.BeiYing.Lib.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000107008 _____ (Zeasn.USB.CmediaSDK.Lib) [File not signed] [File is in use] C:\G-Menu\resources\bin\Zeasn.USB.CmediaSDK.Lib.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000072192 _____ (Zeasn.USB.ENE.Lib) [File not signed] [File is in use] C:\G-Menu\resources\bin\Zeasn.USB.ENE.Lib.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000059392 _____ (Zeasn.USB.IOne.Lib) [File not signed] [File is in use] C:\G-Menu\resources\bin\Zeasn.USB.IOne.Lib.dll
2024-05-01 10:15 - 2024-04-24 07:04 - 000270848 _____ (Zeasn.Win.Lib) [File not signed] [File is in use] C:\G-Menu\resources\bin\Zeasn.Win.Lib.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [3442]
AlternateDataStreams: C:\ProgramData\tyvfcquz.wxt:B63721167D [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk:27CED3D9D4 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Driver Updater.lnk:837EB8C671 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 5.lnk:088221F38A [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks Multi-Instance Manager.lnk:FE00AE19CB [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FACEIT AC.lnk:550995E265 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk:8096E45125 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk:E77773B271 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Novabench 5.lnk:B68549C808 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs Desktop.lnk:578370639A [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak.lnk:DBB58A0286 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TikTok LIVE Studio.lnk:1DE7D35192 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WireGuard.lnk:1C027AF69D [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WireGuard.lnk:EF9F19812A [3442]
AlternateDataStreams: C:\Users\micha\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\micha\OneDrive\Plocha\a.dirty.carnival.(2006).cze.1cd.(5529686).zip:shield [125]
AlternateDataStreams: C:\Users\micha\OneDrive\Plocha\a.dirty.carnival.(2006).cze.2cd.(4019880).zip:shield [125]
AlternateDataStreams: C:\Users\micha\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [9636]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 07:24 - 2024-04-15 22:07 - 000003128 _____ C:\Windows\system32\drivers\etc\hosts
109.94.209.70      fitgirlrepacks.in               # Fake FitGirl site
109.94.209.70      www.fitgirlrepacks.in           # Fake FitGirl site
109.94.209.70      fitgirlrepacks.co               # Fake FitGirl site
109.94.209.70      fitgirl-repacks.cc              # Fake FitGirl site
109.94.209.70      fitgirl-repacks.to              # Fake FitGirl site
109.94.209.70      fitgirl-repack.com              # Fake FitGirl site
109.94.209.70      fitgirl-repacks.website         # Fake FitGirl site
109.94.209.70      www.fitgirlrepacks.co           # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.cc          # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.to          # Fake FitGirl site
109.94.209.70      www.fitgirl-repack.com          # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.website     # Fake FitGirl site
109.94.209.70      ww9.fitgirl-repacks.xyz         # Fake FitGirl site
109.94.209.70      *.fitgirl-repacks.xyz           # Fake FitGirl site
109.94.209.70      fitgirl-repacks.xyz             # Fake FitGirl site
109.94.209.70      fitgirl-repack.net              # Fake FitGirl site
109.94.209.70      www.fitgirl-repack.net          # Fake FitGirl site
109.94.209.70      www.fitgirlpack.site            # Fake FitGirl site
109.94.209.70      fitgirl-repack.org              # Fake FitGirl site
109.94.209.70      www.fitgirl-repack.org          # Fake FitGirl site
109.94.209.70      fitgirlrepacks.pro              # Fake FitGirl site
109.94.209.70      www.fitgirlrepacks.pro          # Fake FitGirl site
109.94.209.70      fitgirlrepack.games             # Fake FitGirl site
109.94.209.70      www.fitgirlrepack.games         # Fake FitGirl site
109.94.209.70      fitgirl-repacks-site.org        # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks-site.org    # Fake FitGirl site
109.94.209.70      fitgirls-repacks.com            # Fake FitGirl site
109.94.209.70      fitgirlrepack.cc                # Fake FitGirl site
109.94.209.70      fitgirlrepacks.org              # Fake FitGirl site
109.94.209.70      www.fitgirls-repacks.com        # Fake FitGirl site

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files\Amazon Corretto\jdk21.0.2_13\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\WireGuard\;C:\Program Files\dotnet\;C:\Users\micha\AppData\Local\Microsoft\WindowsApps;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-756127909-4058986209-260929036-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\micha\Downloads\gta-6-game-art-4k-wallpaper-uhdpaper.com-280@1@n.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled) 
Ethernet 4: NordVPN LightWeight Firewall -> NordLwf (enabled) 
Hamachi: NordVPN LightWeight Firewall -> NordLwf (enabled) 
Wi-Fi: NordVPN LightWeight Firewall -> NordLwf (enabled) 

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "DriverUpdUI.exe"
HKLM\...\StartupApproved\Run32: => "Launcher6015B"
HKLM\...\StartupApproved\Run32: => "YKB 3400 PANZER"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\StartupApproved\StartupFolder: => "hide.me VPN.lnk"
HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\StartupApproved\Run: => "BraveSoftware Update"
HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\StartupApproved\Run: => "Opera GX Stable"
HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_ED02E366447D09E4F124EF89B233D989"
HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\StartupApproved\Run: => "com.blitz.app"
HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\StartupApproved\Run: => "Free Download Manager"
HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\StartupApproved\Run: => "RiotClient"
HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\StartupApproved\Run: => "PaltalkLauncher"
HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\StartupApproved\Run: => "Windscribe"
HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\StartupApproved\Run: => "PlanetVPN"
HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\StartupApproved\Run: => "NordVPN"
HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\StartupApproved\Run: => "Battle.net"
HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-756127909-4058986209-260929036-1001\...\StartupApproved\Run: => "electron.app.BlueStacks Services"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9FA1853F-3830-449D-96BC-0F76602326C4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2836EB75-5E4B-46C1-B6F3-6686EF65689C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EF63633E-4591-4DE8-88F7-A6FA8E56573A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1950B33B-8849-495D-A859-0E7A399B48B0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6EF7FA9E-5A63-493A-A28A-599B337FEFF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [{5DF08638-7E50-4822-8F71-3507B5024388}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [{C136A239-C02E-4254-860B-0FD6870D5239}] => (Allow) C:\Program Files (x86)\Treexy\Driver Fusion\DriverFusion.exe => No File
FirewallRules: [{1137DEE8-C842-4D7F-8ABF-5E7A0415461E}] => (Allow) C:\Program Files (x86)\Treexy\Driver Fusion\DriverFusion.exe => No File
FirewallRules: [{75EEBAF8-8C52-4182-9007-70F6D5C1273D}] => (Allow) C:\Program Files\AVG\Driver Updater\DriverUpdUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{1D89983F-664E-444D-AD05-FE9F0F33E0B9}] => (Allow) C:\Program Files\AVG\Driver Updater\DriverUpdUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [TCP Query User{EAE21C74-70FE-4D61-9267-FF2A5CE1FFDF}C:\users\micha\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\micha\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{6EC75A64-0CAF-4A3E-9BC8-667762A6F9BF}C:\users\micha\appdata\local\programs\opera gx\opera.exe] => (Block) C:\users\micha\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{586F4D36-DFB1-4147-8F0D-0F681E50BE9D}C:\users\micha\appdata\local\bravesoftware\brave-browser\application\brave.exe] => (Allow) C:\users\micha\appdata\local\bravesoftware\brave-browser\application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [UDP Query User{2F621DF5-2248-4050-9E02-CC9398C03B7D}C:\users\micha\appdata\local\bravesoftware\brave-browser\application\brave.exe] => (Allow) C:\users\micha\appdata\local\bravesoftware\brave-browser\application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [TCP Query User{EBD2E561-F6D6-4967-A688-3923FDC235C8}D:\gtav\gta5.exe] => (Allow) D:\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{70E84A33-F218-4385-814C-53D59D3AF56D}D:\gtav\gta5.exe] => (Allow) D:\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{F73190E3-97CF-4E44-AD6F-8AD326F6F2E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{E954F8F0-6B47-4906-B4E2-1F2FEA35A53A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [TCP Query User{A4FD6DEC-8822-4E5F-8814-00F6B5FCED87}C:\g-menu\g-menu.exe] => (Allow) C:\g-menu\g-menu.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> AOC)
FirewallRules: [UDP Query User{6034BAFF-072A-47A9-A8A9-AAB2CEF7EF97}C:\g-menu\g-menu.exe] => (Allow) C:\g-menu\g-menu.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> AOC)
FirewallRules: [TCP Query User{4943A82F-0DB6-46EB-993C-1F0748207E98}C:\g-menu\resources\bin\g_menu.exe] => (Allow) C:\g-menu\resources\bin\g_menu.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> Zeasn)
FirewallRules: [UDP Query User{FB04C1C3-4FDB-4E6C-B828-6D3DCAD90D7A}C:\g-menu\resources\bin\g_menu.exe] => (Allow) C:\g-menu\resources\bin\g_menu.exe (TOP VICTORY ELECTRONICS (TAIWAN) CO., LTD. -> Zeasn)
FirewallRules: [{B140F6D0-4966-4B96-A28D-240726FCC61F}] => (Allow) C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [File not signed]
FirewallRules: [{873E686D-DFE8-4664-AA71-2B115D39CC9E}] => (Allow) C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [File not signed]
FirewallRules: [{60CA60A2-A901-4825-9503-3142FAAA4A97}] => (Allow) C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [File not signed]
FirewallRules: [{DCDD4DB6-2FD2-4767-9773-ECD9ABB9B34C}] => (Allow) C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [File not signed]
FirewallRules: [{C3BEEFDA-C719-4364-AC9F-C5659DCB1DDF}] => (Allow) C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [File not signed]
FirewallRules: [{CDEB609B-621A-4F1A-B0B2-E039FA7F706C}] => (Allow) C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe (Softdeluxe) [File not signed]
FirewallRules: [{5DB72815-C59A-4B22-8D6A-46ECE900184E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crab Game\Crab Game.exe () [File not signed]
FirewallRules: [{FECFC465-75D8-4B41-8707-137D3FBE78E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crab Game\Crab Game.exe () [File not signed]
FirewallRules: [{8D395DE4-6E35-41C5-9F2C-874719AA68F9}] => (Allow) C:\Program Files (x86)\Iriun Webcam\IriunWebcam.exe (IriunWebcam) [File not signed]
FirewallRules: [TCP Query User{3D723B4E-5F61-412E-8887-554F180A9BA6}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games)
FirewallRules: [UDP Query User{59B328C5-E902-4B6D-992D-8A1B62A62185}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games)
FirewallRules: [TCP Query User{AACFA856-1859-43FA-B233-E966CE6EE5A1}D:\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) D:\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{2C7DF485-802B-4A66-BDDD-19A012BBF5EA}D:\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) D:\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{0341B711-6635-477F-9675-BDFE5900C2F4}D:\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{3159F337-2B03-4C0C-AE6C-3709FE6F17E2}D:\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{5CC7EFAB-2A76-4C35-A3C2-DE07B71B9086}C:\users\micha\appdata\local\webtorrent\app-0.24.0\webtorrent.exe] => (Allow) C:\users\micha\appdata\local\webtorrent\app-0.24.0\webtorrent.exe => No File
FirewallRules: [UDP Query User{61512821-A882-4F81-A73E-EA793CCCFE19}C:\users\micha\appdata\local\webtorrent\app-0.24.0\webtorrent.exe] => (Allow) C:\users\micha\appdata\local\webtorrent\app-0.24.0\webtorrent.exe => No File
FirewallRules: [{CCB869B0-B62C-46B0-8633-BCA8986D2927}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{672FB8E5-73E8-4BDC-8FE9-5A05F6EBF581}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [TCP Query User{1ED4C789-FA27-46D9-981B-12EADBD8C461}C:\users\micha\downloads\palworld\palworld.v0.1.3.0.hotfix-ofme\palworld\pal\binaries\win64\palworld-win64-shipping.exe] => (Allow) C:\users\micha\downloads\palworld\palworld.v0.1.3.0.hotfix-ofme\palworld\pal\binaries\win64\palworld-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{BC33C6E1-3E67-4D38-BAC8-607CFEA2633B}C:\users\micha\downloads\palworld\palworld.v0.1.3.0.hotfix-ofme\palworld\pal\binaries\win64\palworld-win64-shipping.exe] => (Allow) C:\users\micha\downloads\palworld\palworld.v0.1.3.0.hotfix-ofme\palworld\pal\binaries\win64\palworld-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{CBB1899D-7F17-4AC5-A547-1488E6C3EBC0}D:\7 days to die\7daystodie.exe] => (Block) D:\7 days to die\7daystodie.exe () [File not signed]
FirewallRules: [UDP Query User{F84CFD62-5DAF-4767-B016-32253C699048}D:\7 days to die\7daystodie.exe] => (Block) D:\7 days to die\7daystodie.exe () [File not signed]
FirewallRules: [{E1FC72C7-3B2C-4340-8E6D-C14CD9B828FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Legend of Korra\LoK.exe () [File not signed]
FirewallRules: [{1459BEB4-3A47-4DF7-973B-3A18B348A235}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Legend of Korra\LoK.exe () [File not signed]
FirewallRules: [TCP Query User{3EFB3FAA-3DF1-4E7C-8F76-5BE90E7FB0FA}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{D13BC272-EFB6-45A7-9836-D3CC53BA5563}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{FD7C0F16-8FBD-411D-8E3A-C171044C1DC8}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Block) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{6278786D-4D32-40E5-8512-A6B5CD358D67}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Block) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{17AE80D2-8DBB-41A8-9856-D0197755A3A7}C:\users\micha\downloads\palworld.v0.1.3.0.hotfix-ofme\palworld\pal\binaries\win64\palworld-win64-shipping.exe] => (Allow) C:\users\micha\downloads\palworld.v0.1.3.0.hotfix-ofme\palworld\pal\binaries\win64\palworld-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{3C76AA80-0E5A-48F6-AB1B-484DE6331A6B}C:\users\micha\downloads\palworld.v0.1.3.0.hotfix-ofme\palworld\pal\binaries\win64\palworld-win64-shipping.exe] => (Allow) C:\users\micha\downloads\palworld.v0.1.3.0.hotfix-ofme\palworld\pal\binaries\win64\palworld-win64-shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{E4B05FB7-3CE4-4639-AF22-5137242932BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Helldivers 2\bin\helldivers2.exe (Arrowhead Game Studios AB -> Arrowhead Game Studios AB)
FirewallRules: [{33BD2CB1-5A1A-40C0-9C8A-B5AD119466A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Helldivers 2\bin\helldivers2.exe (Arrowhead Game Studios AB -> Arrowhead Game Studios AB)
FirewallRules: [{07DE6518-0576-43F1-A612-55A8BAC5CAF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\911 Operator\911.exe => No File
FirewallRules: [{4403A881-7C0D-4826-9D74-B8DAE5877EFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\911 Operator\911.exe => No File
FirewallRules: [{DC14EACF-F224-483C-AB65-425D239883B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\911 Operator\CallEditor.exe => No File
FirewallRules: [{C800CCFA-96CE-492E-9E25-FC18C717FC02}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\911 Operator\CallEditor.exe => No File
FirewallRules: [{101D19CD-52A9-4BF3-B5FF-DA899BD30F73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Finals\Discovery.exe => No File
FirewallRules: [{B3AB68A4-1E8F-41C0-91BC-8208E1F75B1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Finals\Discovery.exe => No File
FirewallRules: [TCP Query User{87AAB270-EEEA-46C7-94BC-12B8FB45F175}C:\program files (x86)\steam\steamapps\common\the finals\discovery\binaries\win64\discovery.exe] => (Block) C:\program files (x86)\steam\steamapps\common\the finals\discovery\binaries\win64\discovery.exe (Embark Studios AB -> Embark Studios AB)
FirewallRules: [UDP Query User{83BC6DE1-1339-4105-966E-D86B95A8DFED}C:\program files (x86)\steam\steamapps\common\the finals\discovery\binaries\win64\discovery.exe] => (Block) C:\program files (x86)\steam\steamapps\common\the finals\discovery\binaries\win64\discovery.exe (Embark Studios AB -> Embark Studios AB)
FirewallRules: [{395698BE-6952-4D9F-B3B6-160DE308B9E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cookie Clicker\Cookie Clicker.exe (Orteil) [File not signed]
FirewallRules: [{09687171-C575-47E2-A251-610712C8C786}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cookie Clicker\Cookie Clicker.exe (Orteil) [File not signed]
FirewallRules: [TCP Query User{61BC447E-1F7F-4CB4-AC5E-5E0A354CCE16}C:\users\micha\appdata\local\programs\lsc_battletron\lsc_battletron.exe] => (Allow) C:\users\micha\appdata\local\programs\lsc_battletron\lsc_battletron.exe (GitHub, Inc.) [File not signed]
FirewallRules: [UDP Query User{739C285A-D54E-406A-B9DF-644DC8B080D5}C:\users\micha\appdata\local\programs\lsc_battletron\lsc_battletron.exe] => (Allow) C:\users\micha\appdata\local\programs\lsc_battletron\lsc_battletron.exe (GitHub, Inc.) [File not signed]
FirewallRules: [TCP Query User{95F6B84B-138E-4204-BA78-BCB2471D60E9}E:\anydesk.exe] => (Block) E:\anydesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [UDP Query User{C74BE1AD-28F3-4CFA-8D44-91DF3BF597F8}E:\anydesk.exe] => (Block) E:\anydesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [TCP Query User{46E9539E-DBBD-40BF-9C80-4B6CA26742FE}D:\call of duty modern warfare\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty modern warfare\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{2F0F4B1A-1734-4FDE-A570-E14EBD4B0F00}D:\call of duty modern warfare\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty modern warfare\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{3A9A0F5B-A92F-48D3-B6FB-7C0B2D4F64AB}D:\call of duty modern warfare\call of duty\_retail_\cod.exe] => (Allow) D:\call of duty modern warfare\call of duty\_retail_\cod.exe => No File
FirewallRules: [UDP Query User{DCFDEB75-AA39-4423-BEA5-AD4F5F68FE85}D:\call of duty modern warfare\call of duty\_retail_\cod.exe] => (Allow) D:\call of duty modern warfare\call of duty\_retail_\cod.exe => No File
FirewallRules: [TCP Query User{EB2D5D7D-38C0-4C04-A7E6-2B8FE16ECE85}C:\program files\tiktok live studio\0.53.4\tiktok live studio.exe] => (Allow) C:\program files\tiktok live studio\0.53.4\tiktok live studio.exe => No File
FirewallRules: [UDP Query User{A8A791BC-9118-4018-ABB2-8850487CF74C}C:\program files\tiktok live studio\0.53.4\tiktok live studio.exe] => (Allow) C:\program files\tiktok live studio\0.53.4\tiktok live studio.exe => No File
FirewallRules: [{ECFF4631-E110-4F2D-8ADA-F1577112B2A8}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.9.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{3AC777BB-285B-4857-B24F-A11D154BB2D0}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.9.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{BEE0F757-8ADC-48F5-BECC-6B155F00238A}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.9.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [{1BDA540D-7702-4467-B015-D657714966BD}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_4.0.9.0_x64__qmba6cd70vzyy\MyASUS\AsusMyASUS.exe (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTeK COMPUTER INC.)
FirewallRules: [TCP Query User{936E6E65-7022-43C3-94C5-CF639542CB1A}C:\program files\tiktok live studio\0.54.0\tiktok live studio.exe] => (Allow) C:\program files\tiktok live studio\0.54.0\tiktok live studio.exe (TikTok Pte. Ltd. ->  TikTok Pte. Ltd.)
FirewallRules: [UDP Query User{1BD309C4-8BCF-4984-9B52-0DDC320D1651}C:\program files\tiktok live studio\0.54.0\tiktok live studio.exe] => (Allow) C:\program files\tiktok live studio\0.54.0\tiktok live studio.exe (TikTok Pte. Ltd. ->  TikTok Pte. Ltd.)
FirewallRules: [TCP Query User{F7918B71-ACF5-4A69-BFDB-4D96E96B6572}C:\program files\amazon corretto\jdk21.0.2_13\bin\java.exe] => (Allow) C:\program files\amazon corretto\jdk21.0.2_13\bin\java.exe
FirewallRules: [UDP Query User{363EFE30-55A6-415A-AAF3-5CE8A921B72E}C:\program files\amazon corretto\jdk21.0.2_13\bin\java.exe] => (Allow) C:\program files\amazon corretto\jdk21.0.2_13\bin\java.exe
FirewallRules: [TCP Query User{304AB9F1-2DC3-4278-B36E-A9629042A8C7}D:\prop hunt\prophunt\binaries\win64\prophunt-win64-shipping.exe] => (Allow) D:\prop hunt\prophunt\binaries\win64\prophunt-win64-shipping.exe => No File
FirewallRules: [UDP Query User{AF184620-EB38-444F-ADFE-941285B426AC}D:\prop hunt\prophunt\binaries\win64\prophunt-win64-shipping.exe] => (Allow) D:\prop hunt\prophunt\binaries\win64\prophunt-win64-shipping.exe => No File
FirewallRules: [TCP Query User{BEA0A4C1-15D3-48D6-A5B7-0111F980CE80}D:\midnightghosthunt\midnightghosthunt\binaries\win64\midnightghosthunt-win64-shipping.exe] => (Allow) D:\midnightghosthunt\midnightghosthunt\binaries\win64\midnightghosthunt-win64-shipping.exe (Vaulted Sky Games) [File not signed]
FirewallRules: [UDP Query User{80014E9C-C36B-483A-9A0C-548C15542CF1}D:\midnightghosthunt\midnightghosthunt\binaries\win64\midnightghosthunt-win64-shipping.exe] => (Allow) D:\midnightghosthunt\midnightghosthunt\binaries\win64\midnightghosthunt-win64-shipping.exe (Vaulted Sky Games) [File not signed]
FirewallRules: [TCP Query User{1C579E50-6E71-417D-8649-37789F32516E}D:\fallguys\fallguys_client_game.exe] => (Allow) D:\fallguys\fallguys_client_game.exe () [File not signed]
FirewallRules: [UDP Query User{321FB993-D46C-4963-84E4-3F54587196DB}D:\fallguys\fallguys_client_game.exe] => (Allow) D:\fallguys\fallguys_client_game.exe () [File not signed]
FirewallRules: [{BC249AC8-A1DF-4CCF-8FAF-840DE899A613}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{642A7E3A-80FF-4A9B-ABBA-48243ED455D0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A5758CD0-344A-41F0-805E-F8CBA5529D76}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B7EFFC4A-C819-4717-8C9F-8B45B07787A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4A8B4D0C-3288-4976-A67A-8BFFD5834EBB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E56851CC-3C7F-4914-967B-1B84BC4B6231}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DF339FBD-B602-416D-B0FE-2DC8DF53194A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C811EB37-6A63-40D6-8070-3E9231B45A5B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4B0EDD17-0879-4D5C-9B7F-2A369A9B6E43}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7453F161-F038-484F-8F3C-75E049458EAC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.235.663.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [TCP Query User{406B6A51-3E01-469A-9606-DBF40994D6CC}C:\users\micha\appdata\local\temp\scoped_dir20704_1354223518\fivem.exe] => (Allow) C:\users\micha\appdata\local\temp\scoped_dir20704_1354223518\fivem.exe => No File
FirewallRules: [UDP Query User{43B63892-E1EA-4A56-B379-42643980B86F}C:\users\micha\appdata\local\temp\scoped_dir20704_1354223518\fivem.exe] => (Allow) C:\users\micha\appdata\local\temp\scoped_dir20704_1354223518\fivem.exe => No File
FirewallRules: [TCP Query User{9F3169CB-DA92-4499-8119-D188EDF6ED7E}C:\users\micha\appdata\local\temp\scoped_dir20704_1354223518\fivem.app\data\cache\subprocess\fivem_authbrowser] => (Allow) C:\users\micha\appdata\local\temp\scoped_dir20704_1354223518\fivem.app\data\cache\subprocess\fivem_authbrowser => No File
FirewallRules: [UDP Query User{A15C4DFC-E5C5-47D8-96F7-B6895718D229}C:\users\micha\appdata\local\temp\scoped_dir20704_1354223518\fivem.app\data\cache\subprocess\fivem_authbrowser] => (Allow) C:\users\micha\appdata\local\temp\scoped_dir20704_1354223518\fivem.app\data\cache\subprocess\fivem_authbrowser => No File
FirewallRules: [TCP Query User{F8E9540E-07BA-42FB-B2E2-2A908C3FD442}C:\users\micha\appdata\local\temp\scoped_dir20704_1354223518\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe] => (Allow) C:\users\micha\appdata\local\temp\scoped_dir20704_1354223518\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe => No File
FirewallRules: [UDP Query User{43757C62-253C-4226-9F9B-0DA08B7870BD}C:\users\micha\appdata\local\temp\scoped_dir20704_1354223518\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe] => (Allow) C:\users\micha\appdata\local\temp\scoped_dir20704_1354223518\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe => No File
FirewallRules: [TCP Query User{C9F29B00-6B37-44E0-99E1-F5E0EE9DE92D}C:\users\micha\appdata\local\temp\scoped_dir20704_1354223518\fivem.app\data\cache\subprocess\fivem_steamchild.exe] => (Allow) C:\users\micha\appdata\local\temp\scoped_dir20704_1354223518\fivem.app\data\cache\subprocess\fivem_steamchild.exe => No File
FirewallRules: [UDP Query User{B6D2DD90-39EB-4141-9302-05AE7E7C2B1E}C:\users\micha\appdata\local\temp\scoped_dir20704_1354223518\fivem.app\data\cache\subprocess\fivem_steamchild.exe] => (Allow) C:\users\micha\appdata\local\temp\scoped_dir20704_1354223518\fivem.app\data\cache\subprocess\fivem_steamchild.exe => No File
FirewallRules: [TCP Query User{49EBBBFC-0171-46B4-AF8E-C135364EECFF}C:\users\micha\appdata\local\temp\scoped_dir20704_1354223518\fivem.app\data\cache\subprocess\fivem_b3095_gtaprocess.exe] => (Allow) C:\users\micha\appdata\local\temp\scoped_dir20704_1354223518\fivem.app\data\cache\subprocess\fivem_b3095_gtaprocess.exe => No File
FirewallRules: [UDP Query User{0A052E5C-07A3-4744-A20F-910A9F3B7281}C:\users\micha\appdata\local\temp\scoped_dir20704_1354223518\fivem.app\data\cache\subprocess\fivem_b3095_gtaprocess.exe] => (Allow) C:\users\micha\appdata\local\temp\scoped_dir20704_1354223518\fivem.app\data\cache\subprocess\fivem_b3095_gtaprocess.exe => No File
FirewallRules: [{F18B8BA6-310E-4FB9-9065-3FCAF4405643}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{BA35FE7C-16E5-4B60-84FC-C770763C5A91}] => (Allow) C:\Riot Games\League of Legends\LeagueClient.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{59F4B6BB-8847-42D6-829F-C143C88A9B81}] => (Allow) D:\Star Wars Battlefront II\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{22D27F9A-E019-4863-A4CB-7A090BBE563E}] => (Allow) D:\Star Wars Battlefront II\STAR WARS Battlefront II\starwarsbattlefrontii_trial.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{F644100D-E1F8-45AF-8CFB-832B2DC08D02}] => (Allow) D:\Star Wars Battlefront II\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{499AC9C6-5322-456C-B278-B8DF5DE567BE}] => (Allow) D:\Star Wars Battlefront II\STAR WARS Battlefront II\starwarsbattlefrontii.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{00194851-ABAF-4DE6-A2AC-6D0E8A0A6FEF}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Now.gg, INC -> Bluestack Systems, Inc.)
FirewallRules: [{1D5B1E85-538E-47BF-9964-E686CA0AE907}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Now.gg, INC -> COMPANY NAME)
FirewallRules: [{FFF827A7-0D5D-4D6D-88DD-71961EEB8339}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Now.gg, INC -> BlueStack Systems)
FirewallRules: [{5613BD8F-1A4D-4848-BE64-AC84D568E8F7}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe (Now.gg, INC -> The Qt Company Ltd.)
FirewallRules: [TCP Query User{D78DC845-2495-435C-8448-457028B578B4}E:\lunch.lady.v1.7.1-ofme\lunch lady\projectcoop\binaries\win64\projectcoop-win64-shipping.exe] => (Allow) E:\lunch.lady.v1.7.1-ofme\lunch lady\projectcoop\binaries\win64\projectcoop-win64-shipping.exe (Manic Mice e.K.) [File not signed]
FirewallRules: [UDP Query User{B0134D89-BAC6-4A94-878F-97FB8A92F2E1}E:\lunch.lady.v1.7.1-ofme\lunch lady\projectcoop\binaries\win64\projectcoop-win64-shipping.exe] => (Allow) E:\lunch.lady.v1.7.1-ofme\lunch lady\projectcoop\binaries\win64\projectcoop-win64-shipping.exe (Manic Mice e.K.) [File not signed]
FirewallRules: [{FE3DD00A-84CE-47FC-BB9E-5AACE417A356}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe () [File not signed]
FirewallRules: [{A4742E2A-538F-4C52-AC2A-32BAF652E52E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe () [File not signed]
FirewallRules: [{0CB85268-504E-4CB1-9511-0A62E4F2E341}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe () [File not signed]
FirewallRules: [{C1A63D73-BF58-468F-A3A6-38727E3A8A00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe () [File not signed]
FirewallRules: [{F72044B0-9443-41D5-A5B6-2E33E3F12872}] => (Allow) D:\Davinci\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{442500C5-4FD9-4C26-A8CD-319B23918C0D}] => (Allow) D:\Davinci\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{9C9B2CA9-4EA0-4437-937A-90186F9A1F85}] => (Allow) D:\Davinci\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{4A671237-6A85-4F9E-AA56-CF1FA6908767}] => (Allow) D:\Davinci\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{3F13C3BF-ED36-4BA1-B363-5F25DDB463FF}] => (Allow) D:\Davinci\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{B01AF90E-4521-4CA7-B6DF-F495D6A4417D}] => (Allow) D:\Davinci\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{3AA63A7A-C347-4594-A09D-15D4EC7CB3B7}] => (Allow) D:\Davinci\ElementsPanelDaemon.exe => No File
FirewallRules: [{1B83629A-7DE3-4C58-A15B-1613450F1CEA}] => (Allow) D:\Davinci\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{599F2697-2059-45BC-B7A2-6E0AF39764A6}D:\davinci\resolve.exe] => (Allow) D:\davinci\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{1CC62896-B91F-481B-B38B-2C3211EAE645}D:\davinci\resolve.exe] => (Allow) D:\davinci\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{F3858ED4-E932-4CA2-BD59-858B81FD962F}D:\minecraft launcher\runtime\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe] => (Allow) D:\minecraft launcher\runtime\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe
FirewallRules: [UDP Query User{270370A6-8A26-4A76-A0E1-704AE2BAD8FC}D:\minecraft launcher\runtime\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe] => (Allow) D:\minecraft launcher\runtime\java-runtime-delta\windows-x64\java-runtime-delta\bin\javaw.exe
FirewallRules: [TCP Query User{2E3295B6-95C2-46E8-BD76-B29F6C5AB0DA}C:\users\micha\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\micha\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)
FirewallRules: [UDP Query User{5021C771-2866-41C0-9773-167143843945}C:\users\micha\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\micha\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)
FirewallRules: [TCP Query User{3FD1E73A-00AD-4969-87FA-039BBB97EF3F}D:\dying light 2\dying light 2 reloaded edition\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe] => (Allow) D:\dying light 2\dying light 2 reloaded edition\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe (Techland S.A. -> Techland)
FirewallRules: [UDP Query User{C17C76D4-0711-4318-8052-6DF002DC58D3}D:\dying light 2\dying light 2 reloaded edition\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe] => (Allow) D:\dying light 2\dying light 2 reloaded edition\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe (Techland S.A. -> Techland)
FirewallRules: [{CBF3A189-F53D-4797-AA27-041AEBBB5DCF}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (KRAFTON, Inc. -> KRAFTON, Inc.)
FirewallRules: [{CF1E1793-3C61-4055-8F14-43505C1723E6}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (KRAFTON, Inc. -> KRAFTON, Inc.)
FirewallRules: [TCP Query User{418849A2-22A0-4F4E-AEEF-483C550AE393}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (KRAFTON, Inc. -> KRAFTON, Inc.)
FirewallRules: [UDP Query User{C8E131F0-357C-4BD5-9660-B7A38E129210}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (KRAFTON, Inc. -> KRAFTON, Inc.)
FirewallRules: [{17C80A89-29AC-42A8-A01B-45B2C7CD3872}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{02491D4E-2CF9-4FAE-A680-EB11B7C7339F}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{22772E7C-1045-4C1F-B733-04D0AF96844B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{4E7C5802-086B-493E-9AE0-ACD9F7B908CF}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{D02F2A2B-3582-473C-A96A-193B69E5180B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{61EEC238-21C0-4F55-B6B8-B2D8ECCDE4AA}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{6620102E-8C46-400E-90B6-14A1490BA861}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{77E08961-6828-413D-9D38-C0330E746F86}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{35F0D7BF-947E-458A-8A9A-5F36D68B538F}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{464C16D3-55D9-4550-B7B7-78DBC036B29F}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{603C86AC-7E65-4A16-AA8B-2C8D8BCD1CC3}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{B8AF6BC5-549D-4E29-9F2E-65D6B2C3DB06}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{45374E8E-36A1-4B15-B3BC-D4CD2AD24C8D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.80\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{892FF6A1-9E37-42FB-BA90-49EFF211BEC7}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{81A84443-F560-4182-9FD1-ECF64A68177D}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)

==================== Restore Points =========================

08-05-2024 14:32:05 Windows Update

==================== Faulty Device Manager Devices ============

Name: Časovač událostí s vysokou přesností
Description: Časovač událostí s vysokou přesností
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní systémová zařízení)
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (05/08/2024 02:50:03 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2124-04-14T12:50:03Z. Kód chyby: 0x80041315

Error: (05/08/2024 02:49:33 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2124-04-14T12:49:33Z. Kód chyby: 0x80041315

Error: (05/08/2024 02:49:03 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2124-04-14T12:49:03Z. Kód chyby: 0x80041315

Error: (05/08/2024 02:48:33 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2124-04-14T12:48:33Z. Kód chyby: 0x80041315

Error: (05/08/2024 02:48:03 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2124-04-14T12:48:03Z. Kód chyby: 0x80041315

Error: (05/08/2024 02:47:33 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2124-04-14T12:47:33Z. Kód chyby: 0x80041315

Error: (05/08/2024 02:47:03 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2124-04-14T12:47:03Z. Kód chyby: 0x80041315

Error: (05/08/2024 02:46:33 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2124-04-14T12:46:33Z. Kód chyby: 0x80041315


System errors:
=============
Error: (05/08/2024 02:41:23 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x800f0991): 2024-04 Kumulativní aktualizace (Preview) pro Windows 11 Version 23H2 pro systémy založené na platformě x64 (KB5036980).

Error: (05/08/2024 02:39:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Hostitel synchronizace_e3dd1 byla ukončena s následující chybou: 
Pro mapovač koncových bodů nejsou k dispozici další koncové body.

Error: (05/08/2024 02:39:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Hostitel synchronizace_e3dd1 byla ukončena s následující chybou: 
Pro mapovač koncových bodů nejsou k dispozici další koncové body.

Error: (05/08/2024 02:39:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby: 
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (05/08/2024 02:39:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).

Error: (05/08/2024 02:37:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CG6Service neuspěla při spuštění v důsledku následující chyby: 
Systém nemůže nalézt uvedený soubor.

Error: (05/08/2024 02:37:02 PM) (Source: Microsoft-Windows-WER-SystemErrorReporting) (EventID: 1001) (User: NT AUTHORITY)
Description: 0x000000d4 (0xfffff807681dedd0, 0x0000000000000002, 0x0000000000000001, 0xfffff80723ae839f)C:\Windows\Minidump\050824-21156-01.dmp4e19fdc5-42c1-40b3-8061-bf34383fbc58

Error: (05/08/2024 02:36:45 PM) (Source: volmgr) (EventID: 162) (User: )
Description: Soubor se stavem systému byl úspěšně vygenerován.


Windows Defender:
================
Date: 2024-05-07 03:24:28
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {33EF2953-6084-4971-8107-32907E7A416C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM 

Date: 2024-05-06 15:58:40
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/Crack&threatid=2147745402&enterprise=0
Název: HackTool:Win64/Crack
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Users\micha\AppData\Roaming\Movavi Video Converter 22 Premium\bb2018.dll
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: Petr\micha
Název procesu: C:\Users\micha\AppData\Roaming\Movavi Video Converter 22 Premium\converter.exe
Verze bezpečnostních informací: AV: 1.409.717.0, AS: 1.409.717.0, NIS: 1.409.717.0
Verze modulu: AM: 1.1.24030.4, NIS: 1.1.24030.4 

Date: 2024-05-06 15:57:57
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/Mimikatz!MSR&threatid=2147787822&enterprise=0
Název: HackTool:Win64/Mimikatz!MSR
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Users\micha\AppData\Roaming\Movavi Video Converter 22 Premium\wtsapi32.dll
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: Petr\micha
Název procesu: C:\Users\micha\AppData\Roaming\Movavi Video Converter 22 Premium\converter.exe
Verze bezpečnostních informací: AV: 1.409.717.0, AS: 1.409.717.0, NIS: 1.409.717.0
Verze modulu: AM: 1.1.24030.4, NIS: 1.1.24030.4 

Date: 2024-05-05 02:38:50
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E2997A52-20F2-43C1-AA57-DCF935AD3018}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM 

Date: 2024-05-04 03:32:04
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {EDF8604B-2547-4959-B075-054F66C749A5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM 
﻿Event[0]

Date: 2024-01-12 13:46:39
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o nahrání podezřelého souboru pro další analýzu.
Název souboru: C:\Users\micha\Downloads\a4568a00-ed85-48c8-b8d9-2f740bf9c1cc.tmp
Sha256: 8acb8d37d985d05c292ca1a828cf2276c6427ca4e47b2a45e56b2798d7f237f7
Aktuální verze bezpečnostních informací: AV: 1.403.2030.0, AS: 1.403.2030.0
Aktuální verze modulu: 1.1.23110.2
Kód chyby: 0x80508016
 

Date: 2024-01-07 14:37:10
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o nahrání podezřelého souboru pro další analýzu.
Název souboru: C:\Users\micha\Downloads\c5d89295-3452-44c2-8ccc-93f77637c511.tmp
Sha256: b5354427c2046489a40f450e53baf3c22be23800e116ba151f13715b27a89bdb
Aktuální verze bezpečnostních informací: AV: 1.403.1780.0, AS: 1.403.1780.0
Aktuální verze modulu: 1.1.23110.2
Kód chyby: 0x80508016
 

Date: 2024-01-04 22:26:06
Description: 
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x8007045b
Popis chyby: Probíhá vypnutí systému. 
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte zařízení. 

CodeIntegrity:
===============
Date: 2024-05-08 14:37:28
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume8\Users\micha\AppData\Local\Discord\app-1.0.9146\Discord.exe) attempted to load \Device\HarddiskVolume8\Program Files\TikTok LIVE Studio\0.54.0\resources\app\electron\sdk\lib\GameDetour64.dll that did not meet the Microsoft signing level requirements. 

Date: 2024-05-08 14:37:28
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume8\Users\micha\AppData\Local\Discord\app-1.0.9146\Discord.exe) attempted to load \Device\HarddiskVolume8\ProgramData\obs-studio-hook\graphics-hook64.dll that did not meet the Microsoft signing level requirements. 


==================== Memory info =========================== 

BIOS: American Megatrends Inc. 1203 10/28/2021
Motherboard: ASUSTeK COMPUTER INC. TUF GAMING B560M-PLUS WIFI
Processor: 11th Gen Intel(R) Core(TM) i5-11400F @ 2.60GHz
Percentage of memory in use: 69%
Total physical RAM: 16217.73 MB
Available physical RAM: 4960.61 MB
Total Virtual: 33625.73 MB
Available Virtual: 19607.11 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:464.32 GB) (Free:47.07 GB) (Model: WDS500G1X0E-00AFY0) NTFS
Drive d: () (Fixed) (Total:931.07 GB) (Free:222.45 GB) (Model: ST1000DM003-1CH162) NTFS
Drive e: () (Fixed) (Total:930.38 GB) (Free:801.82 GB) (Model: WDC WD10EZRZ-00HTKB0) NTFS

\\?\Volume{46029b4d-50e3-4957-bc8f-c0b2a31dc2bc}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS
\\?\Volume{4b280e1e-daf8-44f3-842e-2a7f1ce8ec12}\ () (Fixed) (Total:0.51 GB) (Free:0.49 GB) NTFS
\\?\Volume{4046922e-7cb8-479c-aade-2270acc81986}\ () (Fixed) (Total:0.75 GB) (Free:0.08 GB) NTFS
\\?\Volume{08ab3d1f-4e35-4487-85f6-dbaed34b5da3}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
\\?\Volume{0cd24771-04e1-47f0-9f7a-3b9a182df020}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7D324914)
Partition 1: (Not Active) - (Size=931.1 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================