Untitled

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26.02.2024 01
Ran by UZER (04-03-2024 12:26:01)
Running from C:\Users\UZER\Downloads\avs
Microsoft Windows 11 Pro Version 22H2 22621.3155 (X64) (2023-09-02 12:43:17)
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4015671430-4189389437-3832571869-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4015671430-4189389437-3832571869-503 - Limited - Disabled)
Guest (S-1-5-21-4015671430-4189389437-3832571869-501 - Limited - Disabled)
John (S-1-5-21-4015671430-4189389437-3832571869-1005 - Administrator - Enabled)
UZER (S-1-5-21-4015671430-4189389437-3832571869-1001 - Administrator - Enabled) => C:\Users\UZER
WDAGUtilityAccount (S-1-5-21-4015671430-4189389437-3832571869-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 23.01 (x64) (HKLM\...\7-Zip) (Version: 23.01 - Igor Pavlov)
A Plague Tale: Innocence (HKLM-x32\...\A Plague Tale: Innocence_is1) (Version:  - )
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 23.006.20320 - Adobe)
Adobe After Effects 2019 (HKLM-x32\...\AEFT_16_1_2) (Version: 16.1.2 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601052}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 5.01.29.2026 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.22.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.10.0.2198 - Advanced Micro Devices, Inc.)
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{8de7ed70-e784-45ea-951c-088ea579e49a}) (Version: 5.01.29.2026 - Advanced Micro Devices, Inc.) Hidden
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 8.0.8 - AnyDesk Software GmbH)
AOMEI Partition Assistant Pro Edition 5.5 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-5498165BF300}_is1) (Version:  - AOMEI Technology Co., Ltd.)
AutoHotkey (HKLM\...\AutoHotkey) (Version: 2.0.5 - AutoHotkey Foundation LLC)
Baldurs Gate - Enhanced Edition (HKLM-x32\...\Baldurs Gate - Enhanced Edition_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Beyond: Two Souls (HKLM-x32\...\Beyond: Two Souls_is1) (Version:  - )
Bitwarden (HKU\S-1-5-21-4015671430-4189389437-3832571869-1001\...\173a9bac-6f0d-50c4-8202-4744c69d091a) (Version: 2024.1.0 - Bitwarden Inc.)
BlueStacks App Player (HKLM\...\BlueStacks_nxt) (Version: 5.20.110.1001 - now.gg, Inc.)
BlueStacks Services (HKU\S-1-5-21-4015671430-4189389437-3832571869-1001\...\BlueStacksServices) (Version: 3.0.8 - now.gg, Inc.)
BlueStacks X (HKU\S-1-5-21-4015671430-4189389437-3832571869-1001\...\BlueStacks X) (Version: 10.10.8.1001 - now.gg, Inc.)
Boris FX Continuum 2019 Plug-ins for Adobe and Compatible Products (HKLM\...\{4488274F-E3B1-4895-BDEE-6AAB9FE70208}_is1) (Version: 12.0.0 - Boris FX, Inc.)
Boris FX Continuum 2019 Plug-ins for OpenFX and Compatible Products (HKLM\...\{CD3E4D20-4EAA-461F-9025-FAD60661D06D}_is1) (Version: 12.0.0 - Boris FX, Inc.)
BorisFX Sapphire AE (HKLM\...\GenArts Sapphire AE_is1) (Version: 13.20 - Boris FX, Inc. & Team V.R)
Brothers - A Tale of Two Sons (HKLM-x32\...\1171070121_is1) (Version: 2.0.0.2 - GOG.com)
Bully. Scholarship Edition (HKLM-x32\...\Bully. Scholarship Edition_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, SeRaph1)
Call of Duty - World at War (HKLM-x32\...\Call of Duty - World at War_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Call of Duty: Infinite Warfare (HKLM-x32\...\Call of Duty: Infinite Warfare_is1) (Version:  - )
Cheat Engine 7.5 (HKLM\...\Cheat Engine_is1) (Version:  - Cheat Engine)
CONTROL: Ultimate Edition (HKLM-x32\...\CONTROL: Ultimate Edition_is1) (Version:  - )
CPUID CPU-Z MSI 2.03 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 2.03 - CPUID, Inc.)
Cyberpunk 2077 (HKLM-x32\...\Cyberpunk 2077_is1) (Version:  - )
Dark Souls Remastered (HKLM-x32\...\Dark Souls Remastered_is1) (Version:  - )
Discord (HKU\S-1-5-21-4015671430-4189389437-3832571869-1001\...\Discord) (Version: 1.0.9016 - Discord Inc.)
Dishonored 2 (HKLM-x32\...\Dishonored 2_is1) (Version:  - )
Divinity: Original Sin - Enhanced Edition (HKLM-x32\...\Divinity: Original Sin - Enhanced Edition_is1) (Version:  - )
Dragon's Dogma: Dark Arisen (HKLM-x32\...\Dragon's Dogma: Dark Arisen_is1) (Version:  - )
Dying Light 2 (HKLM-x32\...\Dying Light 2_is1) (Version:  - )
ENE Video Capture Box HAL (HKLM\...\{A096611D-BA11-4A1A-8D09-0A0462D7C8F2}) (Version: 1.0.5.15 - Ene Tech.) Hidden
ENE Video Capture Box HAL (HKLM-x32\...\{974259bf-3ed1-4cd6-9ed1-40c7f601a786}) (Version: 1.0.5.15 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{6b617af3-c8f4-45a8-bf47-b32ffb4da1cc}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
ENE_External_Device_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.11.1 - ENE Tech) Hidden
ENE_External_Device_HAL (HKLM-x32\...\{bb9d349f-b87b-4026-b336-1604708bd09c}) (Version: 1.0.11.1 - ENE Tech) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.6.3 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM-x32\...\{c662a481-d76a-4188-95d2-6eb4ffd55542}) (Version: 1.0.6.3 - ENE TECHNOLOGY INC.) Hidden
Enslaved Odyssey to the West Premium Edition version 1.0 u1 (HKLM-x32\...\Enslaved Odyssey to the West Premium Edition_is1) (Version: 1.0 u1 - Namco)
Epic Games Launcher (HKLM-x32\...\{AEB35C6C-B6D4-4AA0-8452-DE699737B5F6}) (Version: 1.3.82.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{35905844-0610-427D-86A0-2103FABE3D4D}) (Version: 2.0.42.0 - Epic Games, Inc.)
ExtFS Drivers By SupremeGamers (HKLM-x32\...\{88D9D9D9-CCBC-4BA1-97B0-7E108DF7FBDE}) (Version: 69.69 - Improved By SupremeGamers)
Far Cry 5 (HKLM-x32\...\Far Cry 5_is1) (Version:  - )
Gang Beasts v1.21.1 (HKLM-x32\...\Gang-Beasts-v1.21.1_is1) (Version: 1.0.0.0 - )
Geeks3D FurMark 1.37.2.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: 1.37.2.0 - Geeks3D)
Git (HKLM\...\Git_is1) (Version: 2.42.0 - The Git Development Community)
Glary Utilities PRO 6.5 (HKLM-x32\...\Glary Utilities) (Version: 6.5.0.8 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 120.0.6099.217 - Google LLC)
Google Input Tools (HKLM\...\GoogleInputFramework) (Version:  - Google Inc.)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Hamachi (HKLM-x32\...\{03617B81-046F-458B-A222-5FFCE3538D06}) (Version: 2.3.0.106 - LogMeIn, Inc.) Hidden
Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.3.0.106 - LogMeIn, Inc.)
Heavy Rain (HKLM-x32\...\Heavy Rain_is1) (Version:  - )
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.34.330 - SurfRight B.V.)
Horizon: Zero Down CE (HKLM-x32\...\Horizon: Zero Down CE_is1) (Version:  - )
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Java 8 Update 401 (64-bit) (HKLM\...\{71024AE4-039E-4CA4-87B4-2F64180401F0}) (Version: 8.0.4010.10 - Oracle Corporation)
Kena: Bridge of Spirits (HKLM-x32\...\Kena: Bridge of Spirits_is1) (Version:  - )
Kingdom Come: Deliverance (HKLM-x32\...\Kingdom Come: Deliverance_is1) (Version:  - )
KMPlayer 64X (remove only) (HKLM\...\KMPlayer 64X) (Version: 2023.9.26.17 - PandoraTV)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Legacy Launcher Stable version rolling (HKU\S-1-5-21-4015671430-4189389437-3832571869-1001\...\71d7e4bb-0c72-3340-984d-9007c5ab9b16_is1) (Version: rolling - Legacy Launcher Team)
LEGO Marvel Super Heroes 2 (HKLM-x32\...\LEGO Marvel Super Heroes 2_is1) (Version:  - )
Lightshot-5.5.0.7 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.7 - Skillbrains)
Mafia 3: Definitive Edition (HKLM-x32\...\Mafia 3: Definitive Edition_is1) (Version:  - )
Metro Redux (HKLM-x32\...\Metro Redux_is1) (Version:  - )
Microsoft .NET 6.0 Templates 6.0.414 (x64) (HKLM\...\{F377D98A-EB31-4935-ABFC-C97BFDA3185F}) (Version: 24.7.49301 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.22 (x64) (HKLM\...\{00492157-700E-4270-A84F-998D6F5F120E}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.22 (x64_arm) (HKLM\...\{9BC43809-EB59-42FE-AE11-AE8AA69BA284}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.22 (x64_arm64) (HKLM\...\{9197674C-A168-4F44-81F4-7F12F613B481}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.22 (x64_x86) (HKLM\...\{693031F5-1322-49FB-B103-E407EF141250}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.22 (x64) (HKLM\...\{A575E059-0C3F-4138-B87A-BAF55CABA9FA}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.22 (x64) (HKLM\...\{E7598167-2D5C-4704-8777-8A25289EB8FE}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.22 (x64) (HKLM\...\{853BA4E9-D41A-4FF6-AB22-A6FFDD77EA78}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft .NET SDK 6.0.414 (x64) (HKLM-x32\...\{b76d8c88-935c-45d0-984a-e25b668b089d}) (Version: 6.4.1423.42517 - Microsoft Corporation)
Microsoft .NET Standard Targeting Pack - 2.1.0 (x64) (HKLM\...\{A7036CFB-B403-4598-85FF-D397ABB88173}) (Version: 24.0.28113 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 6.0.22 (x64) (HKLM\...\{E5ED75AE-C585-4E92-ABB1-C73D15B6FCFB}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft .NET Toolset 6.0.414 (x64) (HKLM\...\{8D0CDDD5-8363-48B0-9C23-8D7E08224BD5}) (Version: 24.7.49301 - Microsoft Corporation) Hidden
Microsoft Access MUI (English) 2013 (HKLM-x32\...\{90150000-0015-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (HKLM-x32\...\{90150000-0117-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.22 Shared Framework (x64) (HKLM\...\{9AE95AE3-1EA4-3A47-960F-45FBA5AC756D}) (Version: 6.0.22.23424 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.22 Targeting Pack (x64) (HKLM\...\{62B3D87C-C00E-3D18-84E2-4B82862F6F5C}) (Version: 6.0.22.23424 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (HKLM-x32\...\{90150000-0090-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.60 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.60 - Microsoft Corporation)
Microsoft Excel MUI (English) 2013 (HKLM-x32\...\{90150000-0016-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (HKLM-x32\...\{90150000-00BA-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (HKLM-x32\...\{90150000-0044-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (HKLM\...\{90150000-002A-0000-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (HKLM-x32\...\{90150000-00E1-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (HKLM-x32\...\{90150000-00E2-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Proofing (English) 2013 (HKLM-x32\...\{90150000-002C-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (HKLM-x32\...\{90150000-001F-0C0A-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2013 (HKLM\...\{90150000-002A-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2013 (HKLM\...\{90150000-0116-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (HKLM-x32\...\{90150000-006E-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (HKLM-x32\...\{90150000-0115-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-4015671430-4189389437-3832571869-1001\...\OneDriveSetup.exe) (Version: 24.020.0128.0003 - Microsoft Corporation)
Microsoft OneNote MUI (English) 2013 (HKLM-x32\...\{90150000-00A1-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (HKLM-x32\...\{90150000-001A-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (HKLM-x32\...\{90150000-0018-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (HKLM-x32\...\{90150000-0019-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft SQL Server 2014 Express LocalDB  (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual Basic/C++ Runtime (x86) (HKLM-x32\...\{C5E3A69D-D391-45A6-A8FB-00B01E2B010D}) (Version: 1.1.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation)
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33135 (HKLM-x32\...\{9C19C103-7DB1-44D1-A039-2C076A633A38}) (Version: 14.38.33135 - Microsoft Corporation)
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33135 (HKLM-x32\...\{286DC39B-5FB7-4AFF-9DD4-22DB47664CD7}) (Version: 14.38.33135 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{12167277-4066-37DA-B8FC-4A623FD237E1}) (Version: 10.0.60917 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-4015671430-4189389437-3832571869-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.86.2 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.22 (x64) (HKLM\...\{6B3108CD-E279-4795-BCBF-BDEA037A7913}) (Version: 48.88.914 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 6.0.22 (x64) (HKLM\...\{E00BA379-8B79-448C-B6CF-8E378BF0B1C5}) (Version: 48.88.914 - Microsoft Corporation) Hidden
Microsoft Word MUI (English) 2013 (HKLM-x32\...\{90150000-001B-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Android.Manifest-6.0.300 (HKLM\...\{F4E591C2-810D-4D36-B4F9-DC55103019D1}) (Version: 128.75.16384 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.iOS.Manifest-6.0.300 (HKLM\...\{BBA9C60D-75E7-44EE-922D-069AA85C8EC1}) (Version: 125.191.42208 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.MacCatalyst.Manifest-6.0.300 (HKLM\...\{FEB76EC8-02F4-46E6-8031-BE403766D13A}) (Version: 125.191.42208 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.macOS.Manifest-6.0.300 (HKLM\...\{F590F859-2F6A-4559-9D09-A8FC442AF16B}) (Version: 100.255.42208 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Maui.Manifest-6.0.300 (HKLM\...\{C2863251-07E7-44A0-B2F8-4C4E2AF08937}) (Version: 24.78.0 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.tvOS.Manifest-6.0.300 (HKLM\...\{69B1631F-5F98-4C6C-B757-46B0ECC8EDBB}) (Version: 125.191.42208 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.Manifest (HKLM\...\{7CBF3451-2A94-4DFD-8355-6B97C5EABB26}) (Version: 48.27.39026 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.Manifest (HKLM\...\{DBB48387-294D-4179-81CB-B06A97F8CD8E}) (Version: 48.3.40665 - Microsoft Corporation) Hidden
Middle-earth: Shadow of War DE (HKLM-x32\...\Middle-earth: Shadow of War DE_is1) (Version:  - )
Mount and Blade - Warband  - Viking Conquest (HKLM-x32\...\Mount and Blade: Warband  - Viking Conquest_is1) (Version: 2.1.1.11 - GOG.com)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 123.0 (x64 en-US)) (Version: 123.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 115.2.3 - Mozilla)
Mozilla Thunderbird (x64 en-US) (HKU\S-1-5-21-4015671430-4189389437-3832571869-1001\...\Mozilla Thunderbird 115.8.0 (x64 en-US)) (Version: 115.8.0 - Mozilla)
MSI Afterburner 4.6.5 (HKLM-x32\...\Afterburner) (Version: 4.6.5 - MSI Co., LTD)
MSI App Player (HKU\S-1-5-21-4015671430-4189389437-3832571869-1001\...\BlueStacks X_msi5) (Version: 10.0.30.6340 - now.gg, Inc.)
MSI App Player Engine (HKLM\...\BlueStacks_msi5) (Version: 5.12.120.6303 - now.gg, Inc.)
MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2023.1127.01 - MSI)
NARUTO SHIPPUDEN: UNS 2 (HKLM-x32\...\NARUTO SHIPPUDEN: UNS 2_is1) (Version:  - )
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.6.2 - Notepad++ Team)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Graphics Driver 551.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenIV (HKU\S-1-5-21-4015671430-4189389437-3832571869-1001\...\OpenIV) (Version: 4.1.1502 - .black/OpenIV Team)
Opera GX Stable 107.0.5045.37 (HKU\S-1-5-21-4015671430-4189389437-3832571869-1001\...\Opera GX 107.0.5045.37) (Version: 107.0.5045.37 - Opera Software)
Oracle VM VirtualBox 7.0.12 (HKLM\...\{63D7619C-79C2-42B6-A463-060F52EAF7C0}) (Version: 7.0.12 - Oracle and/or its affiliates)
osu! (HKLM-x32\...\{47d10753-015c-449f-9ed2-841bc60f1302}) (Version: latest - ppy Pty Ltd)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Pale Moon 33.0.0 (x64 en-US) (HKLM\...\Pale Moon 33.0.0 (x64 en-US)) (Version: 33.0.0 - Moonchild Productions)
PDFgear 2.1.0 (HKLM\...\{7DACF63A-4EE4-4837-9AF9-C65D4509FFB4}_is1) (Version: 2.1.0 - PDFgear)
PowerShell 7-x64 (HKLM\...\{3E1D544C-E761-430F-B278-43E9FBFF0E4F}) (Version: 7.3.6.0 - Microsoft Corporation)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden
Python 3.12.0 (64-bit) (HKU\S-1-5-21-4015671430-4189389437-3832571869-1001\...\{cf9c4d97-48a7-4a27-b9fc-91b88a803c40}) (Version: 3.12.150.0 - Python Software Foundation)
Python 3.12.0 Core Interpreter (64-bit) (HKLM\...\{6B58F6F9-656A-4CC4-8BAB-22177BFFA45F}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Development Libraries (64-bit) (HKLM\...\{225BAA2C-BDCA-4D63-9D72-D92CE5E2421D}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Documentation (64-bit) (HKLM\...\{5DF0B8D8-4E7F-43EB-AD16-30FFA931A905}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Executables (64-bit) (HKLM\...\{575EC8EB-A481-4CF1-BAB0-3C1DBD2E50A7}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 pip Bootstrap (64-bit) (HKLM\...\{24B8988D-E785-4124-BF77-1DC6A3E62050}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Standard Library (64-bit) (HKLM\...\{14BBD330-AA3F-4F7A-8A39-DFB28AECFA82}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Tcl/Tk Support (64-bit) (HKLM\...\{6EAF677E-4EE8-4A22-9781-9131C5298D26}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Test Suite (64-bit) (HKLM\...\{0A9B38A7-D393-44A5-A94E-9FEC927DC39C}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{3182A195-B671-44A8-B0C7-7876B916BA5A}) (Version: 3.12.150.0 - Python Software Foundation)
Radmin VPN 1.4.1 (HKLM-x32\...\{2CDA3179-67A1-410A-81A9-AB1A4FD89DF9}) (Version: 1.4.4642.1 - Famatech)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.9.0131.020813 - Razer Inc.)
Ready or Not (HKLM-x32\...\Ready or Not_is1) (Version:  - )
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9514.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 11.4.1201.2021 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2_is1) (Version: 0.0.0 - DODI-Repacks)
Riot Client  (HKU\S-1-5-21-4015671430-4189389437-3832571869-1001\...\Riot Game Riot_Client.) (Version:  - Riot Games, Inc)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
RivaTuner Statistics Server 7.3.4 (HKLM-x32\...\RTSS) (Version: 7.3.4 - Unwinder)
Roblox Player for UZER (HKU\S-1-5-21-4015671430-4189389437-3832571869-1001\...\roblox-player) (Version:  - Roblox Corporation)
RogueKiller version 15.15.2.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 15.15.2.0 - Adlice Software)
Sekiro: Shadows Die Twice (HKLM-x32\...\Sekiro: Shadows Die Twice_is1) (Version:  - )
Spotify (HKU\S-1-5-21-4015671430-4189389437-3832571869-1001\...\Spotify) (Version: 1.2.32.997.g4c6498b6 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Subnautica (HKLM-x32\...\Subnautica_is1) (Version:  - )
SWAT 4 Gold Edition (HKLM-x32\...\1409964317_is1) (Version: 2.0.0.4 - GOG.com)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.6.1 - TeamSpeak Systems GmbH)
Telegram Desktop (HKU\S-1-5-21-4015671430-4189389437-3832571869-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.13.1 - Telegram FZ-LLC)
TeraCopy (HKLM\...\{DF5325DF-1F43-4282-85D5-1CA3353E6B13}) (Version: 3.17 - Code Sector)
The Wolf Among Us (HKLM-x32\...\The Wolf Among Us_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Tixati (HKLM-x32\...\tixati) (Version:  - )
Trapcode Suite (HKLM\...\Trapcode Suite v15.1.7) (Version:  - Red Giant LLC)
Ultimate Marvel vs. Capcom 3 (HKLM-x32\...\Ultimate Marvel vs. Capcom 3_is1) (Version:  - )
Undertale (HKLM-x32\...\1456487183_is1) (Version: 1.06 - GOG.com)
VALORANT (HKU\S-1-5-21-4015671430-4189389437-3832571869-1001\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
Vampire: The Masquerade - Bloodlines (HKLM-x32\...\1207659240_is1) (Version: 1.2 (UP 11.1/11.0/10.2) hotfix - GOG.com)
Verbatim_SureFireGaming_Product (HKLM\...\{35CB65C6-A7E3-4EE7-AD40-738D70A72164}) (Version: 1.0.3.11 - Verbatim) Hidden
Verbatim_SureFireGaming_Product (HKLM-x32\...\{d601832a-0d94-46ce-9b19-78e8a5887313}) (Version: 1.0.3.11 - Verbatim) Hidden
Virtual Controller version 1.0.7.2 (HKLM\...\{95eade20-dfac-442c-b723-f7f6cdbc87cd}_is1) (Version: 1.0.7.2 - VIRTUAL)
Visual C++ 10.0 CRT (x64) (HKLM\...\{BFF61907-AA2D-3A26-8666-98D956A62ABC}) (Version: 10.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Voicemod (HKLM\...\{8435A407-F778-4647-9CDB-46E5EC50BAD0}_is1) (Version: 2.44.4.0 - Voicemod S.L.)
WD P40 Game Drive (HKLM\...\{EE55DBAE-ECDD-4ADD-AAB5-23DE848B0996}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WD P40 Game Drive (HKLM-x32\...\{72b1a866-fc31-4381-bff3-fa6cd8823777}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
Windscribe (HKLM\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 2.8.6 - Windscribe Limited)
WinISO 7.1.1 (HKLM\...\WinISO 7) (Version: 7.1.1 - Macgo International Limited)
WinRAR 6.23 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.23.0 - win.rar GmbH)
WO Mic Client (HKLM-x32\...\WOMic) (Version:  - )
Zemana AntiMalware version 3.2.28 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.28 - Zemana)

Packages:
=========

DayOne -> C:\Program Files\WindowsApps\dayone.me-AE047428_1.0.0.0_neutral__nhdec9wt9yr76 [2023-11-28] (dayone.me)
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1100.416.0_x64__8wekyb3d8bbwe [2024-03-04] (Microsoft Corporation)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.23.0_neutral__8xx8rvfyw5nnt [2024-02-14] (Instagram)
Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-01-12] (Microsoft Corporation)
MSI Center -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.32.0_x64__kzh8wxbdkxb8p [2024-02-25] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
MSI Game Bar -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSIGameBar_2.0.15.0_x64__kzh8wxbdkxb8p [2023-08-22] (MICRO-STAR INTERNATIONAL CO., LTD)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2024-03-04] (NVIDIA Corp.)
OneDrive -> C:\Program Files\WindowsApps\microsoft.microsoftskydrive_19.23.19.0_x64__8wekyb3d8bbwe [2024-02-13] (Microsoft Corporation)
Power Automate -> C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_11.2402.223.0_x64__8wekyb3d8bbwe [2024-02-17] (Microsoft Corporation) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.49.318.0_x64__dt26b99r8h8gj [2024-02-21] (Realtek Semiconductor Corp)
Samsung Notes -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungNotes_4.3.239.0_x64__wyx1vj98g3asy [2024-03-04] (Samsung Electronics Co, Ltd.) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.5.0_x64__cv1g1gvanyjgm [2024-02-04] (WhatsApp Inc.) [Startup Task]
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-02-15] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2023-08-26] (win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4015671430-4189389437-3832571869-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4015671430-4189389437-3832571869-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4015671430-4189389437-3832571869-1001_Classes\CLSID\{89b2b650-c4dd-d68b-46e7-3176f1973c8b}\localserver32 -> C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
CustomCLSID: HKU\S-1-5-21-4015671430-4189389437-3832571869-1001_Classes\CLSID\{BEA218D2-6950-497B-9434-61683EC065FE}\InprocServer32 -> C:\Users\UZER\AppData\Local\Programs\Python\Launcher\pyshellext.amd64.dll (Python Software Foundation -> Python Software Foundation)
CustomCLSID: HKU\S-1-5-21-4015671430-4189389437-3832571869-1001_Classes\CLSID\{ea804861-17fb-4eef-970c-117d45d055de}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll => No File
CustomCLSID: HKU\S-1-5-21-4015671430-4189389437-3832571869-1001_Classes\CLSID\{f9517764-05a4-a748-620a-95087d06a241}\localserver32 -> "C:\Program Files\Cloudflare\Cloudflare WARP\Cloudflare WARP.exe" -ToastActivated => No File
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2021-03-30] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities\x64\ContextHandler.dll [2024-01-15] (Glarysoft Ltd -> Glarysoft Ltd)
ContextMenuHandlers1: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2023-09-04] (CODE SECTOR PTY LTD -> Code Sector)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities\x64\ContextHandler.dll [2024-01-15] (Glarysoft Ltd -> Glarysoft Ltd)
ContextMenuHandlers2: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2023-09-04] (CODE SECTOR PTY LTD -> Code Sector)
ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2023-06-02] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
ContextMenuHandlers4: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2023-09-04] (CODE SECTOR PTY LTD -> Code Sector)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_493585427225c794\nvshext.dll [2024-02-08] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2021-03-30] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities\x64\ContextHandler.dll [2024-01-15] (Glarysoft Ltd -> Glarysoft Ltd)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2023-06-02] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
ContextMenuHandlers6: [TeraCopy] -> {2386CB87-96FF-473D-A009-957E3BFE6F88} => C:\Program Files\TeraCopy\Context.dll [2023-09-04] (CODE SECTOR PTY LTD -> Code Sector)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => c:\windows\system32\rtvcvfw64.dll [246272 2012-09-29] () [File not signed]
HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\SysWOW64\l3codecp.acm [196608 2022-05-07] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-29] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2023-08-28 18:09 - 2023-06-20 13:30 - 000101376 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\desktop.ini:CachedTiles [5250]
AlternateDataStreams: C:\ProgramData\Reprise:jhqduwvxlctbqqijsf`usjbm`bfjhiqhqjm [0]
AlternateDataStreams: C:\ProgramData\system.conf:0F57F3FDE6 [4290]
AlternateDataStreams: C:\ProgramData\system.conf:422D4106AB [4290]
AlternateDataStreams: C:\ProgramData\WnHqYU0nH4:8B7ED396EA [3442]
AlternateDataStreams: C:\ProgramData\WnHqYU0nH4:D39ABDACE2 [4290]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [4290]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2019.lnk:F49A58740E [4290]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk:7661CCE9BF [4290]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ahk2Exe.lnk:0676F50C01 [4290]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey Dash.lnk:B4B3884CBE [4290]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey Window Spy.lnk:88F1223DAF [4290]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 5.lnk:088221F38A [4290]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks Multi-Instance Manager.lnk:FE00AE19CB [4290]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [4290]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [4290]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Private Browsing.lnk:C5112377E0 [4290]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk:980850BA8A [4290]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities.lnk:D4E36E77FE [4290]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk:8096E45125 [4290]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk:E77773B271 [4290]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk:159ADC9AA1 [4290]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pale Moon.lnk:335CDB8984 [4290]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk:F208FC6732 [4290]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk:4D17D28237 [3442]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [8308]
AlternateDataStreams: C:\Users\UZER\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\UZER\Application Data:eb92b835a834003ac00ee2632de0e925 [394]
AlternateDataStreams: C:\Users\UZER\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\UZER\AppData\Roaming:eb92b835a834003ac00ee2632de0e925 [394]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR540 => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR540.SYS => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-1.8\bin\ssv.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)

2023-08-28 21:44 - 2023-09-02 19:29 - 000000435 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.23.240.1 GreenIce.mshome.net # 2028 8 4 31 13 59 12 199

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> c:\program files (x86)\common files\oracle\java\javapath;c:\program files (x86)\common files\intel\shared libraries\redist\intel64\compiler;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;c:\program files\git\cmd;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;c:\program files\powershell\7\;c:\program files\dotnet\;c:\program files\microsoft sql server\120\tools\binn\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-4015671430-4189389437-3832571869-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\UZER\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\Screenshot (1079).png
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: ) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Hamachi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Radmin: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet 8: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Fortect"
HKLM\...\StartupApproved\Run32: => "RadminVPN"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-4015671430-4189389437-3832571869-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_F35FF757D0FBB6BA4FAC20DCBAB7B09A"
HKU\S-1-5-21-4015671430-4189389437-3832571869-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4015671430-4189389437-3832571869-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4015671430-4189389437-3832571869-1001\...\StartupApproved\Run: => "NoxMultiPlayer"
HKU\S-1-5-21-4015671430-4189389437-3832571869-1001\...\StartupApproved\Run: => "Opera GX Browser Assistant"
HKU\S-1-5-21-4015671430-4189389437-3832571869-1001\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-4015671430-4189389437-3832571869-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-4015671430-4189389437-3832571869-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-4015671430-4189389437-3832571869-1001\...\StartupApproved\Run: => "RiotClient"
HKU\S-1-5-21-4015671430-4189389437-3832571869-1001\...\StartupApproved\Run: => "Voicemod"
HKU\S-1-5-21-4015671430-4189389437-3832571869-1001\...\StartupApproved\Run: => "Synapse3"
HKU\S-1-5-21-4015671430-4189389437-3832571869-1001\...\StartupApproved\Run: => "electron.app.BlueStacks Services"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{EF1BC47E-2D49-4FD0-8D2E-E6F9C4C2F35B}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe () [File not signed]
FirewallRules: [{00226690-662E-41CA-8A13-5C4FBB1EF143}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe () [File not signed]
FirewallRules: [{35F8093B-7E45-4792-8D0C-E8B93F4C03E7}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe () [File not signed]
FirewallRules: [{EDA9A73E-A71C-4C2D-A8A0-8E78BD17D247}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe () [File not signed]
FirewallRules: [UDP Query User{1C1359C6-94F4-41C2-8BDE-0D4ED31EDC30}C:\users\uzer\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\uzer\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{80D7BB3D-E07D-4621-916F-0C9DE96C12B3}C:\users\uzer\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\uzer\appdata\local\programs\opera gx\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{0F8F46CE-F1D8-4977-827B-7E6E53C9ACCD}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe (Tixati Software Inc. -> Tixati Software Inc.)
FirewallRules: [TCP Query User{ED0FEAA7-A262-4F81-A96D-E5D308F991BA}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe (Tixati Software Inc. -> Tixati Software Inc.)
FirewallRules: [UDP Query User{CC4D5B09-D98D-497F-8A5C-FFB32CF13D0B}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{76AD6C30-79D4-4D25-94F8-EBFB75FC2090}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{8E058D81-69A4-4AB4-AEFA-8B1709ECFEDA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{CB74ABBA-721C-417A-837E-8D845C2D2F4D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8880936C-5306-4C48-AEFF-1E3398D199FA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BA4636E8-091C-4302-BA07-FE1817DFEE2A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9161534F-50E5-4DE5-A712-7AC06D435644}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{57DAC8F1-B306-44FE-BA97-E5E06F86BBA9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{57CDD2C7-D37D-4B3F-A2DD-A6FA76F9702C}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23195.1511.2279.823_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A2D40B57-C348-434C-B62F-FCA412BD0486}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23195.1511.2279.823_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{C1B3F0A0-D6B1-4D38-A860-C39C102FF428}C:\users\uzer\appdata\roaming\.tlauncher\legacy\minecraft\jre\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\uzer\appdata\roaming\.tlauncher\legacy\minecraft\jre\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{485207D5-3210-44B0-A1AE-C4D78B8714F7}C:\users\uzer\appdata\roaming\.tlauncher\legacy\minecraft\jre\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\uzer\appdata\roaming\.tlauncher\legacy\minecraft\jre\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{1E727CBD-85B9-4CC3-A74A-04FA80D08067}C:\users\uzer\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\uzer\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{A8123756-2126-4154-B4C7-AF0CFCC67FC5}C:\users\uzer\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\uzer\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{BD1A7C3E-9F86-4A1C-B641-6A5380FFC71F}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{926D0CB0-D196-45EE-BFB8-64812D0D9E43}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{76D2E765-3E92-4535-AE31-DCF6C849B8C1}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [{70C2312B-B7C6-45EE-B98B-E522F4C556C9}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [TCP Query User{8AE009AD-6722-4F14-ABFF-8890F8BA3D57}C:\users\uzer\downloads\anydesk.exe] => (Allow) C:\users\uzer\downloads\anydesk.exe => No File
FirewallRules: [UDP Query User{2CFD0D5D-4EB4-4BB0-882E-6563646E33DD}C:\users\uzer\downloads\anydesk.exe] => (Allow) C:\users\uzer\downloads\anydesk.exe => No File
FirewallRules: [TCP Query User{27BF522E-575E-4AC7-8BF0-9CA24C0A8328}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{04A14C37-4032-4573-86BF-C2BCA2BDF160}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C7596BB6-C5C6-4D0D-9C2D-49560FBD2B1C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.60\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6F354E20-F5A8-46C0-A674-C3A17B1DF1DC}] => (Allow) C:\Program Files (x86)\Radmin VPN\RvControlSvc.exe (Famatech Corp. -> Famatech Corp.)
FirewallRules: [TCP Query User{6BFF26F9-9637-412B-B025-B9DD681A4CCF}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games)
FirewallRules: [UDP Query User{4113DF94-0E9C-4E0F-90DE-A9EE93935FB8}C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) C:\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe (Riot Games, Inc. -> Riot Games)
FirewallRules: [TCP Query User{1F395CFC-D57C-43B5-B464-63B8EF3580E1}F:\games\divinity - original sin - enhanced edition\shipping\eocapp.exe] => (Allow) F:\games\divinity - original sin - enhanced edition\shipping\eocapp.exe () [File not signed]
FirewallRules: [UDP Query User{07214D41-E937-45DC-8B68-73C682B09F94}F:\games\divinity - original sin - enhanced edition\shipping\eocapp.exe] => (Allow) F:\games\divinity - original sin - enhanced edition\shipping\eocapp.exe () [File not signed]
FirewallRules: [TCP Query User{428B7546-2EB8-41E9-9A3E-ABD9C1BBCDB9}C:\users\uzer\appdata\roaming\.tlauncher\legacy\minecraft\jre\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\uzer\appdata\roaming\.tlauncher\legacy\minecraft\jre\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{F65105AE-4B06-4F47-9D04-91516B354199}C:\users\uzer\appdata\roaming\.tlauncher\legacy\minecraft\jre\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\uzer\appdata\roaming\.tlauncher\legacy\minecraft\jre\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{4D167E7F-B6F9-4C89-8255-1CCFBA029F61}F:\games\kingdom come - deliverance\bin\win64\kingdomcome.exe] => (Allow) F:\games\kingdom come - deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{3CD1AE1C-BAA8-42CA-BD58-D29CE6BB7685}F:\games\kingdom come - deliverance\bin\win64\kingdomcome.exe] => (Allow) F:\games\kingdom come - deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [TCP Query User{8E824C14-5A41-432A-9FAF-1575927BBF43}F:\games\borderlands\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) F:\games\borderlands\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe => No File
FirewallRules: [UDP Query User{BE283385-85DD-4560-A38E-4D88712AE641}F:\games\borderlands\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe] => (Allow) F:\games\borderlands\borderlands - the pre-sequel\binaries\win32\borderlandspresequel.exe => No File
FirewallRules: [TCP Query User{0D2C0D71-1503-4714-A84C-8A7E4BC50DD4}F:\games\brothers - a tale of two sons\binaries\win32\brothers.exe] => (Allow) F:\games\brothers - a tale of two sons\binaries\win32\brothers.exe (Starbreeze Studios AB) [File not signed]
FirewallRules: [UDP Query User{DF86AD9A-AF9C-4990-8152-B4FCB507B46E}F:\games\brothers - a tale of two sons\binaries\win32\brothers.exe] => (Allow) F:\games\brothers - a tale of two sons\binaries\win32\brothers.exe (Starbreeze Studios AB) [File not signed]
FirewallRules: [{C7811605-458D-4F23-B76D-9E38B7030A24}] => (Block) LPort=445
FirewallRules: [{466709AF-7998-4108-B5B3-E2B9BC1321D3}] => (Block) LPort=445
FirewallRules: [{D2198B5B-F072-4066-AC16-281422A36D2B}] => (Block) LPort=139
FirewallRules: [{BB662D3F-76AD-43D6-B3A5-EE2458832ABE}] => (Block) LPort=139
FirewallRules: [{348520F0-1172-402B-9098-0A5E2DD5DC46}] => (Allow) LPort=3389
FirewallRules: [TCP Query User{A93381CA-EE2F-4F50-8AB1-5D6A0E0B894D}F:\games\enslaved odyssey to the west premium edition\binaries\win32\enslaved.exe] => (Allow) F:\games\enslaved odyssey to the west premium edition\binaries\win32\enslaved.exe => No File
FirewallRules: [UDP Query User{2A90566C-8EC7-40C7-912F-7C05C6437DE3}F:\games\enslaved odyssey to the west premium edition\binaries\win32\enslaved.exe] => (Allow) F:\games\enslaved odyssey to the west premium edition\binaries\win32\enslaved.exe => No File
FirewallRules: [{7C452977-A637-4A2A-A2AB-9F73B033C8EA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{5F77088B-0FFB-45E9-A1AC-75B524E38423}F:\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) F:\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{D0394DF8-992A-4974-B81F-520C55CDC3C8}F:\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) F:\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [TCP Query User{AB610483-EF21-441C-BAD0-F7576E722153}F:\games\dying light 2\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe] => (Allow) F:\games\dying light 2\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe (Techland S.A. -> Techland)
FirewallRules: [UDP Query User{26F995F4-6219-43AA-BC94-4788582538D0}F:\games\dying light 2\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe] => (Allow) F:\games\dying light 2\ph\work\bin\x64\dyinglightgame_x64_rwdi.exe (Techland S.A. -> Techland)
FirewallRules: [TCP Query User{6C3F4366-EB48-4645-BB64-9DC1CD5C6F3E}F:\games\red dead redemption 2\rdr2.exe] => (Allow) F:\games\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games) [File not signed]
FirewallRules: [UDP Query User{C6AF4BA7-EB5B-4533-A51A-84220785A0E3}F:\games\red dead redemption 2\rdr2.exe] => (Allow) F:\games\red dead redemption 2\rdr2.exe (Rockstar Games, Inc. -> Rockstar Games) [File not signed]
FirewallRules: [TCP Query User{78ED9865-A5E0-45F5-8E66-A1313FE1A720}F:\games\swat 4\contentexpansion\system\swat4x.exe] => (Allow) F:\games\swat 4\contentexpansion\system\swat4x.exe (Sierra Entertainment, Inc.) [File not signed]
FirewallRules: [UDP Query User{1F5E6903-76A2-47AF-AB3A-B95061D4C13E}F:\games\swat 4\contentexpansion\system\swat4x.exe] => (Allow) F:\games\swat 4\contentexpansion\system\swat4x.exe (Sierra Entertainment, Inc.) [File not signed]
FirewallRules: [{F4F20AB8-DFF2-49E0-BDC6-34E1C8AFC3AA}] => (Allow) C:\Program Files\Pale Moon\palemoon.exe (Mark Straver -> Moonchild Productions)
FirewallRules: [{D1FCD058-5BF0-40DF-8BF7-28E7C4F5E8F6}] => (Allow) C:\Program Files\Pale Moon\palemoon.exe (Mark Straver -> Moonchild Productions)
FirewallRules: [{79FE5E7A-CA3F-4EE6-A9D0-AE7CF0CF3492}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D790B61B-AFE2-4F8E-8358-C78A523897C7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F6D75291-9FE0-48FD-B2D7-22A4C13A5E75}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6037C5E1-6EF2-43B7-BB9D-424004729219}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{578EF980-E082-4F78-B23D-5C1476156BB6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3070C64F-39F3-4F44-B1AA-511AAD9A04F7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{CBD6F233-9BD9-4D2C-80CC-09BCA68A233D}F:\games\call of duty - world at war\codwaw.exe] => (Allow) F:\games\call of duty - world at war\codwaw.exe => No File
FirewallRules: [UDP Query User{02ED744D-37EE-4122-B1A7-1E6F5BD44ECD}F:\games\call of duty - world at war\codwaw.exe] => (Allow) F:\games\call of duty - world at war\codwaw.exe => No File
FirewallRules: [{7C595FD1-E5D8-4A1E-ACE2-D7EBC48FC765}] => (Allow) F:\SteamLibrary\steamapps\common\Cry of Fear\CoFLaunchApp.exe (Team Psykskallar) [File not signed]
FirewallRules: [{0F33D8D6-2A96-41F3-BD4C-DDA02CDEBE62}] => (Allow) F:\SteamLibrary\steamapps\common\Cry of Fear\CoFLaunchApp.exe (Team Psykskallar) [File not signed]
FirewallRules: [TCP Query User{FA6B219F-1768-42E4-86FD-8C9D2492366A}F:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [UDP Query User{52D1D01B-1576-4459-B116-41420C11CBC4}F:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [TCP Query User{A2596DCF-3516-4940-AF0A-6285A2375749}F:\steamlibrary\steamapps\common\cry of fear\cof.exe] => (Allow) F:\steamlibrary\steamapps\common\cry of fear\cof.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{4788A789-D608-4972-B0CD-A1CB975CCBEB}F:\steamlibrary\steamapps\common\cry of fear\cof.exe] => (Allow) F:\steamlibrary\steamapps\common\cry of fear\cof.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{F51B6206-C789-4DBE-9DFE-CB0386CCEFC9}F:\games\gang beasts v1.21.1\gang beasts.exe] => (Allow) F:\games\gang beasts v1.21.1\gang beasts.exe () [File not signed]
FirewallRules: [UDP Query User{F425E640-991E-4D58-BC35-A27AFC5FAE4D}F:\games\gang beasts v1.21.1\gang beasts.exe] => (Allow) F:\games\gang beasts v1.21.1\gang beasts.exe () [File not signed]
FirewallRules: [{9024EAD6-8DED-4F03-900F-22270B7EDFBE}] => (Allow) F:\SteamLibrary\steamapps\common\Underlords\game\bin\win64\underlords.exe (Valve -> )
FirewallRules: [{DBA9F9C9-E5C0-416D-ABE2-FACC1E6ADBDE}] => (Allow) F:\SteamLibrary\steamapps\common\Underlords\game\bin\win64\underlords.exe (Valve -> )
FirewallRules: [{B8677285-358F-4CFF-8C38-3CCDD4F3845A}] => (Allow) F:\Emulators\BlueStacks X\BlueStacksWeb.exe (Now.gg, INC -> Bluestack Systems, Inc.)
FirewallRules: [{C97808E0-9D3F-478D-88F3-562840363076}] => (Allow) F:\Emulators\BlueStacks X\Cloud Game.exe (Now.gg, INC -> COMPANY NAME)
FirewallRules: [{D0686D71-B74B-4594-9ECB-684B88854B01}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Now.gg, INC -> BlueStack Systems)
FirewallRules: [{E0E8D6EB-D4C0-457E-B308-FAAE854567CF}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe (Now.gg, INC -> The Qt Company Ltd.)
FirewallRules: [TCP Query User{54F56A99-0B06-4974-9910-556060495890}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{9AA6AE78-D425-4B79-B492-D06AC7F0243D}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{C5928A91-D30A-4B97-A4DA-AFA2C876A606}F:\games\heavy rain\heavyrain.exe] => (Allow) F:\games\heavy rain\heavyrain.exe () [File not signed]
FirewallRules: [UDP Query User{0C73751F-89F9-41CB-BEE3-543EC49FC51E}F:\games\heavy rain\heavyrain.exe] => (Allow) F:\games\heavy rain\heavyrain.exe () [File not signed]
FirewallRules: [{F0C9FA59-BBA7-4D03-B6A3-91537300624E}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{4E7CDCA7-4DC8-4E79-82DC-45E18D52B67D}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{7BF1272F-62E8-4703-AAAA-15DF2FECAC54}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{BB7F3DD3-9293-4125-B594-0F95B08AD55B}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{D19A6CD8-BC74-45AB-821B-32D2A690C83C}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{14CB6E3B-3040-404D-8264-E854CCD48BBD}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [TCP Query User{7DCAA8FF-1A09-4369-9EC9-88979E857208}F:\games\call of duty - infinite warfare\iw7_ship.exe] => (Allow) F:\games\call of duty - infinite warfare\iw7_ship.exe (Activision Publishing -> Activision)
FirewallRules: [UDP Query User{EB73BA0A-05AD-4455-92B6-BEA4CFC55A2A}F:\games\call of duty - infinite warfare\iw7_ship.exe] => (Allow) F:\games\call of duty - infinite warfare\iw7_ship.exe (Activision Publishing -> Activision)
FirewallRules: [{A5D19410-2E08-4874-8457-CFCE45A8BDF8}] => (Allow) F:\SteamLibrary\steamapps\common\Combat Master\CombatMaster.exe () [File not signed]
FirewallRules: [{E1C914F6-B4BF-4E96-AF0C-A3FD23873F6F}] => (Allow) F:\SteamLibrary\steamapps\common\Combat Master\CombatMaster.exe () [File not signed]
FirewallRules: [{15B11F24-5D7E-4974-A712-2029E185F422}] => (Allow) LPort=32683
FirewallRules: [{2CBF7CAD-E49B-45B0-BACB-3B3826544BDC}] => (Allow) LPort=26822

==================== Restore Points =========================

Check "VSS" service


==================== Faulty Device Manager Devices ============

Name: Realtek(R) Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft Hyper-V Virtual Machine Bus Provider
Description: Microsoft Hyper-V Virtual Machine Bus Provider
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vmbusr
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft Hyper-V Virtualization Infrastructure Driver
Description: Microsoft Hyper-V Virtualization Infrastructure Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Vid
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Realtek PCIe GbE Family Controller
Description: Realtek PCIe GbE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: rt68cx21
Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)
Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

Name: NVIDIA High Definition Audio
Description: NVIDIA High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: NVHDA
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: AMD High Definition Audio Device
Description: AMD High Definition Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Advanced Micro Devices
Service: AtiHDAudioService
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft Hyper-V PCI Server
Description: Microsoft Hyper-V PCI Server
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vpcivsp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft Hyper-V Virtual Disk Server
Description: Microsoft Hyper-V Virtual Disk Server
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: storvsp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Description: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvvad_WaveExtensible
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: WO Mic Device
Description: WO Mic Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Wolicheng Tech Ltd.
Service: WOVAD
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Voicemod Virtual Audio Device (WDM)
Description: Voicemod Virtual Audio Device (WDM)
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Voicemod S.L.
Service: VOICEMOD_Driver
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: ========================

Application errors:
==================
Error: (03/04/2024 12:26:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80070424, The specified service does not exist as an installed service..

Operation:
   Set Snapshot Context

Context:
   Execution Context: Requestor

Error: (03/04/2024 12:26:29 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name Software Provider cannot be started. [0x80070424, The specified service does not exist as an installed service.]

Operation:
   Set Snapshot Context

Context:
   Execution Context: Requestor

Error: (03/04/2024 12:21:09 PM) (Source: Application Error) (EventID: 1000) (User: VINLANDER)
Description: Faulting application name: HitmanPro_x64.exe, version: 3.8.34.330, time stamp: 0x65439dd7
Faulting module name: HitmanPro_x64.exe, version: 3.8.34.330, time stamp: 0x65439dd7
Exception code: 0xc0000005
Fault offset: 0x00000000002ccc01
Faulting process id: 0x0xd4
Faulting application start time: 0x0x1da6dfeaa82edae
Faulting application path: C:\Users\UZER\Downloads\avs\HitmanPro_x64.exe
Faulting module path: C:\Users\UZER\Downloads\avs\HitmanPro_x64.exe
Report Id: 815787ea-a87d-4438-a57f-4b8f2676791f
Faulting package full name:
Faulting package-relative application ID:

Error: (03/04/2024 12:18:36 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Users\UZER\Downloads\avs\HitmanPro_x64.exe ; Description = Checkpoint by HitmanPro; Error = 0x80042302).

Error: (03/04/2024 12:18:36 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x80070424, The specified service does not exist as an installed service..

Operation:
   Set Snapshot Context

Context:
   Execution Context: Requestor

Error: (03/04/2024 12:18:36 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name Software Provider cannot be started. [0x80070424, The specified service does not exist as an installed service.]

Operation:
   Set Snapshot Context

Context:
   Execution Context: Requestor

Error: (03/04/2024 12:11:16 PM) (Source: AntiMalware) (EventID: 0) (User: )
Description: Application has encountered a problem and needs to be closed. Please contact the adminstrator with the following information:

System.ComponentModel.Win32Exception (0x80004005): Error creating window handle.
   at System.Windows.Forms.NativeWindow.CreateHandle(CreateParams cp)
   at System.Windows.Forms.Control.CreateHandle()
   at System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)
   at System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)
   at System.Windows.Forms.Control.CreateControl()
   at System.Windows.Forms.Control.ControlCollection.Add(Control value)
   at Zemana.AntiMalware.UI.Services.ScanPanelController.<>c__DisplayClass12_0.<AddScanFailedPanel>b__0(Panel pnl) in Z:\Projects\Zemana AntiMalware Staging\Zemana.AntiMalware.UI\Services\ScanPanelController.cs:line 73Error creating window handle.

Stack Trace:
   at System.Windows.Forms.NativeWindow.CreateHandle(CreateParams cp)
   at System.Windows.Forms.Control.CreateHandle()
   at System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)
   at System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)
   at System.Windows.Forms.Control.CreateControl()
   at System.Windows.Forms.Control.ControlCollection.Add(Control value)
   at Zemana.AntiMalware.UI.Services.ScanPanelController.<>c__DisplayClass12_0.<AddScanFailedPanel>b__0(Panel pnl) in Z:\Projects\Zemana AntiMalware Staging\Zemana.AntiMalware.UI\Services\ScanPanelController.cs:line 73

Error: (03/04/2024 11:24:53 AM) (Source: VSS) (EventID: 12292) (User: )
Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070424, The specified service does not exist as an installed service.
].


Operation:
   Obtain a callable interface for this provider
   List interfaces for all providers supporting this context
   Query Shadow Copies

Context:
   Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshot Context: -1
   Snapshot Context: -1
   Execution Context: Coordinator


System errors:
=============
Error: (03/04/2024 12:26:20 PM) (Source: DCOM) (EventID: 10005) (User: VINLANDER)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (03/04/2024 12:26:20 PM) (Source: DCOM) (EventID: 10005) (User: VINLANDER)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{F087771F-D74F-4C1A-BB8A-E16ACA9124EA}

Error: (03/04/2024 12:26:20 PM) (Source: DCOM) (EventID: 10005) (User: VINLANDER)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{6D18AD12-BDE3-4393-B311-099C346E6DF9}

Error: (03/04/2024 12:26:20 PM) (Source: DCOM) (EventID: 10005) (User: VINLANDER)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{03CA98D6-FF5D-49B8-ABC6-03DD84127020}

Error: (03/04/2024 12:26:20 PM) (Source: DCOM) (EventID: 10005) (User: VINLANDER)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{659CDEA7-489E-11D9-A9CD-000D56965251}

Error: (03/04/2024 12:26:20 PM) (Source: DCOM) (EventID: 10005) (User: VINLANDER)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{BB6DF56B-CACE-11DC-9992-0019B93A3A84}

Error: (03/04/2024 12:26:20 PM) (Source: DCOM) (EventID: 10005) (User: VINLANDER)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{1ECCA34C-E88A-44E3-8D6A-8921BDE9E452}

Error: (03/04/2024 12:26:20 PM) (Source: DCOM) (EventID: 10005) (User: VINLANDER)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{4D233817-B456-4E75-83D2-B17DEC544D12}


Windows Defender:
================
Date: 2024-03-01 20:37:31
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2024-02-28 16:53:52
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen!pz&threatid=2147890630&enterprise=0
Name: HackTool:Win32/Keygen!pz
Severity: High
Category: Tool
Path: file:_E:\KeyGen\KeyGen.exe
Detection Origin: Network share
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.405.701.0, AS: 1.405.701.0, NIS: 1.405.701.0
Engine Version: AM: 1.1.24010.10, NIS: 1.1.24010.10

Date: 2024-02-27 18:13:21
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen!pz&threatid=2147890630&enterprise=0
Name: HackTool:Win32/Keygen!pz
Severity: High
Category: Tool
Path: file:_E:\KeyGen\KeyGen.exe
Detection Origin: Network share
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.405.678.0, AS: 1.405.678.0, NIS: 1.405.678.0
Engine Version: AM: 1.1.24010.10, NIS: 1.1.24010.10

Date: 2024-02-27 17:01:29
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen!pz&threatid=2147890630&enterprise=0
Name: HackTool:Win32/Keygen!pz
Severity: High
Category: Tool
Path: file:_E:\KeyGen\KeyGen.exe
Detection Origin: Network share
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.405.678.0, AS: 1.405.678.0, NIS: 1.405.678.0
Engine Version: AM: 1.1.24010.10, NIS: 1.1.24010.10

Date: 2024-02-27 16:00:01
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen!pz&threatid=2147890630&enterprise=0
Name: HackTool:Win32/Keygen!pz
Severity: High
Category: Tool
Path: file:_E:\KeyGen\KeyGen.exe
Detection Origin: Network share
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.405.671.0, AS: 1.405.671.0, NIS: 1.405.671.0
Engine Version: AM: 1.1.24010.10, NIS: 1.1.24010.10
Event[0]

Date: 2024-03-04 12:24:10
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2024-03-04 12:07:45
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2024-02-28 17:03:50
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.405.701.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24010.10
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2024-02-19 16:57:52
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.405.231.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24010.10
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2024-02-17 11:34:44
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.405.101.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24010.10
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

CodeIntegrity:
===============
Date: 2024-03-04 00:34:49
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\dokan.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: American Megatrends International, LLC. B.I0 04/27/2023
Motherboard: Micro-Star International Co., Ltd. B450M PRO-VDH MAX (MS-7A38)
Processor: AMD Ryzen 5 5600G with Radeon Graphics
Percentage of memory in use: 20%
Total physical RAM: 15764.96 MB
Available physical RAM: 12492.89 MB
Total Virtual: 48532.96 MB
Available Virtual: 45753.39 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:232.18 GB) (Free:36.99 GB) (Model: KINGSTON SNVS250G) NTFS
Drive d: (Aleesha) (Fixed) (Total:931.51 GB) (Free:59.63 GB) (Model: USB3.0 Super Speed SCSI Disk Device) NTFS
Drive f: (Alfred) (Fixed) (Total:931.51 GB) (Free:45.32 GB) (Model: ST1000DM010-2EP102) NTFS

\\?\Volume{bda17902-a1e1-4d23-a40d-a60fb318fccf}\ () (Fixed) (Total:0.59 GB) (Free:0.06 GB) NTFS
\\?\Volume{f137ff10-907d-47c6-9dce-cbf252b8355c}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 1A620CF3)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=42)

==========================================================
Disk: 1 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 5503E6A7)

Partition: GPT.

==================== End of Addition.txt =======================