Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26.02.2024 01 Ran by Anna (03-03-2024 19:55:54) Running from C:\Users\Anna\Downloads Microsoft Windows 11 Home Version 23H2 22631.3235 (X64) (2023-04-08 18:27:29) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= (If an entry is included in the fixlist, it will be removed.) Administrator (S-1-5-21-3629802013-1886598439-4032456429-500 - Administrator - Disabled) Anna (S-1-5-21-3629802013-1886598439-4032456429-1001 - Administrator - Enabled) => C:\Users\Anna DefaultAccount (S-1-5-21-3629802013-1886598439-4032456429-503 - Limited - Disabled) Guest (S-1-5-21-3629802013-1886598439-4032456429-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-3629802013-1886598439-4032456429-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Norton Security Ultra (Disabled - Out of date) {A2708B76-6835-6565-CB96-694212954A75} AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acer Configuration Manager (HKLM-x32\...\{8CB1A03C-9849-4744-AD56-341A18F9E3E2}) (Version: 2.5.22250 - Acer) Acer Jumpstart (HKLM-x32\...\{0C5ED25A-B8D1-4E71-BFCB-6B370A4EA19C}) (Version: 3.5.22220.20 - Acer) App Explorer (HKU\S-1-5-21-3629802013-1886598439-4032456429-1001\...\Host App Service) (Version: 0.273.4.677 - SweetLabs) <==== ATTENTION Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Black and White (HKLM-x32\...\{E51B4CD9-A0A6-4324-B26A-31B3F2DE26CE}) (Version: - ) Care Center Service (HKLM\...\{AFB52E98-7597-4484-9202-58F0FD3512ED}) (Version: 4.00.3042 - Acer Incorporated) CORSAIR iCUE Software (HKLM-x32\...\{9F97046E-BA53-42B7-8BBD-1E55413895F5}) (Version: 3.35.152 - Corsair) Discord (HKU\S-1-5-21-3629802013-1886598439-4032456429-1001\...\Discord) (Version: 1.0.9001 - Discord Inc.) Dixper Studio v3.0.3 (HKLM\...\{267760CC-0CDD-4A82-8376-3CFFC9A51414}_is1) (Version: v3.0.3 - Dixper Software S.L.) Dragon (HKLM-x32\...\{3C8FA4F4-8471-4C60-9002-9B9F78B7B483}) (Version: 4 - Realtek) DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3026 - Acer Incorporated) Dynamic Application Loader Host Interface Service (HKLM\...\{415FFF31-9007-4CA8-96D1-076BA3A9C9AF}) (Version: 1.0.0.0 - Intel Corporation) Hidden Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.) Farmerama (HKU\S-1-5-21-3629802013-1886598439-4032456429-1001\...\Farmerama) (Version: 1.2.8 - Bigpoint GmbH) Final Fantasy VII Remake Intergrade (HKLM-x32\...\Final Fantasy VII Remake Intergrade_is1) (Version: 0.0.0 - DODI-Repacks) FineCam (HKLM-x32\...\FineCam) (Version: 1.0.2 - FineShare Inc.) GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.60.2 - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 122.0.6261.95 - Google LLC) GoTrust ID Plugin 2.0.10.26 (HKLM\...\GoTrust ID Plugin) (Version: 2.0.10.26 - GoTrust ID Inc.) Intel(R) Chipset Device Software (HKLM\...\{B4BF76D4-C8E0-4341-A8C5-A33D1C506DED}) (Version: 10.1.18263.8193 - Intel Corporation) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{66879245-162d-47f5-bac4-840156a7c01e}) (Version: 10.1.18263.8193 - Intel(R) Corporation) Intel(R) Dynamic Tuning (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.7.10200.12510 - Intel Corporation) Intel(R) Icls (HKLM\...\{8AED275A-8D6E-4BDD-A323-2EBF65069F58}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) LMS (HKLM\...\{7F2945F5-72C8-4621-BC89-03FD1E77B0A7}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2003.14.0.1461 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{9B766A0D-46AD-4448-9168-2ADD9EA9AED4}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{F1E47250-C115-4B96-8076-BBC7A6AC697E}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Driver (HKLM\...\{E6D4CC72-76E3-4E9F-A761-E0A4A4CBA984}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{4487026C-A32C-4FF5-858E-8DB890814949}) (Version: 17.8.0.1065 - Intel Corporation) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.17231.20236 - Microsoft Corporation) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.66 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.59 - Microsoft Corporation) Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation) Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.020.0128.0003 - Microsoft Corporation) Microsoft Teams classic (HKU\S-1-5-21-3629802013-1886598439-4032456429-1001\...\Teams) (Version: 1.6.00.33567 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation) Microsoft VC++ redistributables repacked. (HKLM\...\{C2990CBB-CA27-44ED-BCCB-D51CC090CC1D}) (Version: 12.0.0.0 - Intel Corporation) Hidden Microsoft VC++ redistributables repacked. (HKLM-x32\...\{A0E38EFD-4A2E-4DAA-B1AA-1A63F5309352}) (Version: 12.0.0.0 - Intel Corporation) Hidden Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden NitroSense Service (HKLM\...\{9089CCF1-ABBE-4271-A0F0-5119BF339A83}) (Version: 3.00.3008 - Acer Incorporated) NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation) NVIDIA Graphics Driver 472.80 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 472.80 - NVIDIA Corporation) NVIDIA PhysX System Software 9.20.0221 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.20.0221 - NVIDIA Corporation) obs-backgroundremoval version 1.1.5 (HKLM-x32\...\{1527c9ec-2638-4e3b-94d7-cc25d27cd725}_is1) (Version: 1.1.5 - Roy Shilkrot) Oculus (HKLM\...\Oculus) (Version: <3 - Facebook Technologies, LLC) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden OpenOffice 4.1.10 (HKLM-x32\...\{7CC01309-694E-48C0-86A7-1DDEE4232E9A}) (Version: 4.110.9807 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 10.5.101.48500 - Electronic Arts, Inc.) Quick Access Service (HKLM\...\{AB25551C-74EF-4BAB-9989-891517FCF9FF}) (Version: 3.00.3038 - Acer Incorporated) Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8923.1 - Realtek Semiconductor Corp.) Resident Evil 4 (HKLM-x32\...\Resident Evil 4_is1) (Version: - ) SAntivirus Realtime Protection Lite (HKLM-x32\...\SAntivirus) (Version: 1.0.22.22 - Corp DCom) <==== ATTENTION Snaz version 1.9.2.6 (HKLM-x32\...\{70A76031-FDC6-4F9B-BB5C-33776703F45A}_is1) (Version: 1.9.2.6 - JimsApps) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SteelSeries GG 57.0.0 (HKLM\...\SteelSeries GG) (Version: 57.0.0 - SteelSeries ApS) Streamlabs Chatbot version 1.0.2.81 (HKLM-x32\...\{08D3C5BB-C492-4916-B111-725081845380}_is1) (Version: 1.0.2.81 - Streamlabs) Streamlabs Desktop 1.9.0 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 1.9.0 - General Workings, Inc.) TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.11.6 - TeamViewer) Twitch (HKU\S-1-5-21-3629802013-1886598439-4032456429-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.) Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation) User Experience Improvement Program Service (HKLM\...\{E9495FD3-F73D-4D33-A104-047F9E8BE6C7}) (Version: 4.00.3106 - Acer Incorporated) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.2.0 - Elaborate Bytes) VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN) Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Walliant version 1.0.8.1 (HKU\S-1-5-21-3629802013-1886598439-4032456429-1001\...\{E72E2194-F430-4F4A-A262-1C8FF081B3A5}_is1) (Version: 1.0.8.1 - Walliant) Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) Zoom (HKU\S-1-5-21-3629802013-1886598439-4032456429-1001\...\ZoomUMX) (Version: 5.5.2 (12494.0204) - Zoom Video Communications, Inc.) Packages: ========= Acer Collection S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCollectionS_1.0.3004.0_x64__48frkmn4z8aw4 [2020-06-27] (Acer Incorporated) Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4 [2024-02-08] (Acer Incorporated) Amnesia: Collection -> C:\Program Files\WindowsApps\FrictionalGames.52549514D2D9A_1.0.5.0_x86__yhrbwy6qaj8bt [2023-09-16] (Frictional Games) Amnesia: Rebirth -> C:\Program Files\WindowsApps\FrictionalGames.AmnesiaRebirth_1.0.8.0_x64__yhrbwy6qaj8bt [2023-09-16] (Frictional Games) Amnesia: The Bunker -> C:\Program Files\WindowsApps\FrictionalGames.AmnesiaTheBunker_1.1.5.0_x64__yhrbwy6qaj8bt [2024-02-12] (Frictional Games) Bramble: The Mountain King -> C:\Program Files\WindowsApps\MergeGamesLimited.BrambleTheMountainKing_1.0.0.0_x64__j1rzjmssdh5zy [2023-09-17] (Merge Games Limited) Care Center S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCareCenterS_4.0.3042.0_x64__48frkmn4z8aw4 [2022-02-21] (Acer Incorporated) Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1100.416.0_x64__8wekyb3d8bbwe [2024-02-22] (Microsoft Corporation) Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.23.0_x64__xbfy0k16fey96 [2024-02-10] (Dropbox Inc.) DTS Sound Unbound -> C:\Program Files\WindowsApps\DTSInc.DTSSoundUnbound_2024.1.2.0_x64__t5j2fzbtdg37r [2024-02-28] (DTS, Inc.) DTS:X Ultra -> C:\Program Files\WindowsApps\DTSInc.DTSXUltra_1.13.2.0_x64__t5j2fzbtdg37r [2024-02-02] (DTS, Inc.) Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_10.77.3.0_x64__q4d96b2w5wcc2 [2024-02-28] (Evernote) [Startup Task] GoTrust ID -> C:\Program Files\WindowsApps\GOTrustTechnologyInc.GO-TrustAuthenticator_3.1.21.0_x64__0r04f53sqacg6 [2024-01-01] (GoTrustID Inc.) Hearts Deluxe -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.HeartsDeluxe_6.13.112.0_x64__kx24dqmazqk8j [2024-01-01] (Random Salad Games LLC) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_151.3.1092.0_x64__v10z8vjag6ke6 [2024-01-19] (HP Inc.) Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1037.0_x64__8j3eq9eme6ctt [2024-01-01] (INTEL CORP) Lies of P -> C:\Program Files\WindowsApps\Neowiz.3616725F496B_1.5.0.0_x64__r4z3116tdh636 [2024-02-14] (Neowiz) Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x64__8wekyb3d8bbwe [2022-02-21] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x86__8wekyb3d8bbwe [2022-02-21] (Microsoft Corporation) [MS Ad] Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2402.13002.0_x64__8wekyb3d8bbwe [2024-02-21] (Microsoft Corporation) [Startup Task] Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-15] (Microsoft Corp.) Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-02-14] (Microsoft Corporation) Microsoft.WindowsAppRuntime.CBS -> C:\WINDOWS\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2024-03-01] (Microsoft Corporation) MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24012.115.0_x64__cw5n1h2txyewy [2024-03-02] (Microsoft Windows) [Startup Task] Movie & Audio Studio -> C:\Program Files\WindowsApps\MAGIXSoftwareGmbH.MovieAudioStudio_1.1.4.0_x64__awcgk3qbzve1y [2023-12-05] (MAGIX Software GmbH) NitroSense_DT_V30 -> C:\Program Files\WindowsApps\AcerIncorporated.NitroSenseDTV30_3.0.3008.0_x64__48frkmn4z8aw4 [2020-06-27] (Acer Incorporated) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-04-08] (NVIDIA Corp.) PhotoDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PhotoDirectorforacerDesktop_8.0.5229.0_x64__ypz87dpxkv292 [2020-06-27] (CYBERLINK COM CORP) Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-05-20] (Microsoft Corporation) Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-04-21] (Microsoft Corporation) PowerDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PowerDirectorforacerDesktop_14.0.4304.0_x64__ypz87dpxkv292 [2020-06-27] (CYBERLINK COM CORP) QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3038.0_x64__48frkmn4z8aw4 [2022-02-07] (Acer Incorporated) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.23.242.0_x64__dt26b99r8h8gj [2024-02-16] (Realtek Semiconductor Corp) Simple FreeCell -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleFreeCell_3.7.79.0_x64__kx24dqmazqk8j [2024-01-01] (Random Salad Games LLC) Simple Mahjong -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleMahjong_6.4.96.0_x64__kx24dqmazqk8j [2024-01-01] (Random Salad Games LLC) Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.14.0_x64__kx24dqmazqk8j [2024-01-01] (Random Salad Games LLC) Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-02-02] (Microsoft Studios) [MS Ad] The Texas Chain Saw Massacre - PC Edition -> C:\Program Files\WindowsApps\GunMedia.TheTexasChainSawMassacre-PCEdition_1.0.23.0_x64__4vhmb1t397maw [2024-02-24] (Gun Media) User Experience Improvement Program -> C:\Program Files\WindowsApps\AcerIncorporated.UserExperienceImprovementProgram_4.0.3106.0_x64__48frkmn4z8aw4 [2020-06-27] (Acer Incorporated) Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2024-03-01] (Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3629802013-1886598439-4032456429-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Anna\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23334.10\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-12-09] (Intel(R) Rapid Storage Technology -> ) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell1.dll [2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG) ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell1.dll [2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG) ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-12-09] (Intel(R) Rapid Storage Technology -> ) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncShell64.dll [2024-02-16] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvae.inf_amd64_fdabed922efb6704\nvshext.dll [2022-01-04] (Nvidia Corporation -> NVIDIA Corporation) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== ==================== Loaded Modules (Whitelisted) ============= 2020-10-29 16:20 - 2020-10-29 16:20 - 000352768 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\ActionsConverters.dll 2020-10-29 15:52 - 2020-10-29 15:52 - 000759808 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\LegacyCommands.dll 2020-10-29 15:52 - 2020-10-29 15:52 - 000743936 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\LegacyNotifications.dll 2020-10-29 15:50 - 2020-10-29 15:50 - 000577536 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\MobileProto.dll 2020-10-29 15:51 - 2020-10-29 15:51 - 000203776 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\ModelHelpers.dll 2020-10-29 15:52 - 2020-10-29 15:52 - 000209408 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\quazip.dll 2020-10-29 15:51 - 2020-10-29 15:51 - 000101376 _____ () [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\zlib.dll 2021-01-08 23:37 - 2022-06-29 13:13 - 000131072 _____ (Countly) [File not signed] [File is in use] C:\Users\Anna\AppData\Local\Programs\Walliant\Countly.dll 2021-01-08 23:37 - 2018-01-10 15:34 - 000024064 _____ (Daniel Grunwald, Omer Mor, Alex Davies, jnm2) [File not signed] [File is in use] C:\Users\Anna\AppData\Local\Programs\Walliant\AsyncBridge.Net35.dll 2021-01-08 23:37 - 2018-05-11 11:52 - 000074240 _____ (Sentry) [File not signed] [File is in use] C:\Users\Anna\AppData\Local\Programs\Walliant\SharpRaven.dll 2020-09-22 10:06 - 2020-09-22 10:06 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll 2021-05-19 18:44 - 2021-05-19 18:44 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll 2021-05-19 18:44 - 2021-05-19 18:44 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll 2020-10-29 15:50 - 2020-10-29 15:50 - 002516992 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libcrypto-1_1.dll 2020-10-29 15:50 - 2020-10-29 15:50 - 000530944 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\libssl-1_1.dll 2021-05-19 18:44 - 2021-05-19 18:44 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll 2021-07-07 18:42 - 2021-05-19 18:44 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll 2021-07-07 18:42 - 2021-05-19 18:44 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll 2021-07-07 18:42 - 2021-05-19 18:44 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll 2021-07-07 18:42 - 2021-05-19 18:44 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll 2021-07-07 18:42 - 2021-05-19 18:44 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll 2021-07-07 18:42 - 2021-05-19 18:44 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== SearchScopes: HKU\S-1-5-21-3629802013-1886598439-4032456429-1001 -> DefaultScope {80B71B95-F6A0-472F-86EB-08E58FCF6FA9} URL = SearchScopes: HKU\S-1-5-21-3629802013-1886598439-4032456429-1001 -> {80B71B95-F6A0-472F-86EB-08E58FCF6FA9} URL = BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-02-03] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2019-03-19 04:49 - 2019-03-19 04:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Oculus\Support\oculus-runtime;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-3629802013-1886598439-4032456429-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Anna\Downloads\ohana 3.jpg DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. Network Binding: ============= WiFi: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled) Ethernet: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled) ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKU\S-1-5-21-3629802013-1886598439-4032456429-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-3629802013-1886598439-4032456429-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3629802013-1886598439-4032456429-1001\...\StartupApproved\Run: => "Steam" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{F81374F9-D98E-4013-B51E-789C0DCDB0DF}] => (Allow) C:\Program Files (x86)\FineShare\FineCam\FineCam.exe (FineShare Co., Ltd. -> FineShare Co., Ltd.) FirewallRules: [{F003D9A1-4554-4ADC-BCBC-FDD9E8D742ED}] => (Allow) C:\Program Files (x86)\FineShare\FineCam\FineCam.exe (FineShare Co., Ltd. -> FineShare Co., Ltd.) FirewallRules: [{CDBA24DA-E22F-41DC-87E1-1DEEC419BFE9}] => (Allow) D:\SteamLibrary\steamapps\common\LIV\LIV.App.exe (LIV Inc.) [File not signed] FirewallRules: [{AC4AF304-A62E-4C76-B90D-475C2890DEB4}] => (Allow) D:\SteamLibrary\steamapps\common\LIV\LIV.App.exe (LIV Inc.) [File not signed] FirewallRules: [UDP Query User{6FF31C49-48B4-4615-AB15-482BE1B7CD4F}E:\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File FirewallRules: [TCP Query User{A3E8B617-E637-44BA-9D26-70A1727A4ED7}E:\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) E:\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File FirewallRules: [{592712E1-4BF2-4732-BF23-D11D411135CA}] => (Allow) D:\SteamLibrary\steamapps\common\Resident Evil ReVerse\Reverse.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.) FirewallRules: [{F86EA40D-94F5-429F-AC2F-716A1609C759}] => (Allow) D:\SteamLibrary\steamapps\common\Resident Evil ReVerse\Reverse.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.) FirewallRules: [{D512265A-F552-45DA-A5D8-2C7DB8541DDA}] => (Allow) D:\SteamLibrary\steamapps\common\Resident Evil Village BIOHAZARD VILLAGE\re8.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.) FirewallRules: [{254BEE54-1761-4399-AF94-8D58017E6A09}] => (Allow) D:\SteamLibrary\steamapps\common\Resident Evil Village BIOHAZARD VILLAGE\re8.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.) FirewallRules: [{C6B52951-9435-4616-9576-F8F3BA1EF543}] => (Allow) D:\SteamLibrary\steamapps\common\RESIDENT EVIL 7 biohazard\re7.exe (CAPCOM CO., LTD. -> ) FirewallRules: [{42A313A7-688A-48FF-8FCD-8A2A16879CE2}] => (Allow) D:\SteamLibrary\steamapps\common\RESIDENT EVIL 7 biohazard\re7.exe (CAPCOM CO., LTD. -> ) FirewallRules: [{7061684C-F881-42B7-963C-20B8C7E1758B}] => (Allow) D:\SteamLibrary\steamapps\common\Total 15\Total 15.exe () [File not signed] FirewallRules: [{75B7DCDF-A33B-4E06-9C07-AC8108AC0A0C}] => (Allow) D:\SteamLibrary\steamapps\common\Total 15\Total 15.exe () [File not signed] FirewallRules: [{D420A285-6D0D-4E9B-B01D-975A982E9B51}] => (Allow) D:\SteamLibrary\steamapps\common\PIXASSO 2\Pixasso2.exe () [File not signed] FirewallRules: [{7D13902E-BA27-4BE7-B169-8C8DC72B3C03}] => (Allow) D:\SteamLibrary\steamapps\common\PIXASSO 2\Pixasso2.exe () [File not signed] FirewallRules: [{DDC3789E-01BC-4C69-9CFF-D338F69437FC}] => (Allow) E:\SteamLibrary\steamapps\common\Resident Evil 6\BH6.exe (CAPCOM CO., LTD. -> CAPCOM U.S.A, INC.) FirewallRules: [{1946C81B-BD4F-4725-A460-F2C34C430950}] => (Allow) E:\SteamLibrary\steamapps\common\Resident Evil 6\BH6.exe (CAPCOM CO., LTD. -> CAPCOM U.S.A, INC.) FirewallRules: [{F5650B93-E6D3-4E6E-BEA1-A979C98ED901}] => (Allow) D:\SteamLibrary\steamapps\common\The Forest\TheForestVR.exe => No File FirewallRules: [{B3A0A856-B980-4448-985B-31349CE3B0DC}] => (Allow) D:\SteamLibrary\steamapps\common\The Forest\TheForestVR.exe => No File FirewallRules: [{08A87039-74DC-44B7-BE8B-153928E61D67}] => (Allow) D:\SteamLibrary\steamapps\common\The Forest\TheForest.exe => No File FirewallRules: [{D3DD416D-012C-4B10-98D3-59E784A40DED}] => (Allow) D:\SteamLibrary\steamapps\common\The Forest\TheForest.exe => No File FirewallRules: [{F810E377-DAD0-4E9F-B3A4-4234DC9A1B4C}] => (Allow) D:\SteamLibrary\steamapps\common\Resident Evil 4\Bin32\bio4.exe => No File FirewallRules: [{B104A495-E831-4C11-8F25-969B84479384}] => (Allow) D:\SteamLibrary\steamapps\common\Resident Evil 4\Bin32\bio4.exe => No File FirewallRules: [{ECB72D3D-3CC9-4DF5-8FB6-27AB263FEB18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House Flipper\HouseFlipper.exe (Frozen District Sp. z o.o. -> ) FirewallRules: [{61CB5983-0C60-4690-9F72-48891E052724}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House Flipper\HouseFlipper.exe (Frozen District Sp. z o.o. -> ) FirewallRules: [{BB06458B-C480-48C0-91C3-FC99336A8F34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{74154128-CBF8-4F31-B35F-1501EDA5A642}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [{08C77492-3F60-4818-926C-C49A082AA21D}] => (Allow) D:\SteamLibrary\steamapps\common\Resident Evil 6\BH6.exe => No File FirewallRules: [{189A6C32-DAC9-410E-9613-99A3AC661543}] => (Allow) D:\SteamLibrary\steamapps\common\Resident Evil 6\BH6.exe => No File FirewallRules: [UDP Query User{05C32B39-DE64-4DF5-ACFF-5458BADF0FBA}D:\steamlibrary\steamapps\common\resident evil 5\re5dx9.exe] => (Allow) D:\steamlibrary\steamapps\common\resident evil 5\re5dx9.exe => No File FirewallRules: [TCP Query User{24DA6358-627D-42AB-A05B-69733C31E63B}D:\steamlibrary\steamapps\common\resident evil 5\re5dx9.exe] => (Allow) D:\steamlibrary\steamapps\common\resident evil 5\re5dx9.exe => No File FirewallRules: [{18F9BFC9-C575-443B-AEB1-38BE01F10FF5}] => (Allow) E:\SteamLibrary\steamapps\common\Resident Evil 4\Bin32\bio4.exe => No File FirewallRules: [{C0D383CC-E94D-44D5-9917-0BBFC6581993}] => (Allow) E:\SteamLibrary\steamapps\common\Resident Evil 4\Bin32\bio4.exe => No File FirewallRules: [{54159E6B-BBF1-4E4B-862A-8C860148634B}] => (Allow) E:\SteamLibrary\steamapps\common\RESIDENT EVIL RESISTANCE\REResistance.exe => No File FirewallRules: [{F5914DFA-99AA-41D2-AA5B-F69D8DD4844F}] => (Allow) E:\SteamLibrary\steamapps\common\RESIDENT EVIL RESISTANCE\REResistance.exe => No File FirewallRules: [{C355BE56-5A4A-4A65-993C-F3E019BDDF2D}] => (Allow) E:\SteamLibrary\steamapps\common\RE3\re3.exe => No File FirewallRules: [{3F418D43-4AA9-492E-9957-9091F49B3872}] => (Allow) E:\SteamLibrary\steamapps\common\RE3\re3.exe => No File FirewallRules: [{435025B7-6D53-40D0-AB3E-43B9BB3C405C}] => (Allow) E:\SteamLibrary\steamapps\common\RESIDENT EVIL 2 BIOHAZARD RE2\re2.exe => No File FirewallRules: [{CC28F002-69D6-42A7-81CA-3A678C54E284}] => (Allow) E:\SteamLibrary\steamapps\common\RESIDENT EVIL 2 BIOHAZARD RE2\re2.exe => No File FirewallRules: [{0A94928E-843F-44C7-99BD-8AEC8020B123}] => (Allow) E:\SteamLibrary\steamapps\common\Borderlands\Binaries\Borderlands.exe => No File FirewallRules: [{F67B9BF8-A44F-4B10-A541-D81B0BA97832}] => (Allow) E:\SteamLibrary\steamapps\common\Borderlands\Binaries\Borderlands.exe => No File FirewallRules: [{A86F9456-72CD-4284-9A15-E931E34AA600}] => (Allow) C:\Program Files\Oculus\Software\Software\hyperbolic-magnetism-beat-saber\UnityCrashHandler64.exe (Unity Technologies ApS -> ) FirewallRules: [{F27E2702-F4EA-42F7-8FB1-D5F23DCA7F01}] => (Allow) C:\Program Files\Oculus\Software\Software\hyperbolic-magnetism-beat-saber\UnityCrashHandler64.exe (Unity Technologies ApS -> ) FirewallRules: [{8BA46A94-E6FA-4016-837D-5B65B63284D6}] => (Allow) C:\Program Files\Oculus\Software\Software\hyperbolic-magnetism-beat-saber\Beat Saber.exe () [File not signed] FirewallRules: [{5CCED484-FA42-4B50-83C7-43BC77CA5052}] => (Allow) C:\Program Files\Oculus\Software\Software\hyperbolic-magnetism-beat-saber\Beat Saber.exe () [File not signed] FirewallRules: [{59337C3C-64E7-4FD1-80EA-4E2F4A5976F0}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [File not signed] FirewallRules: [{2B76FF07-62CE-4A4F-B1D4-EA91120EB6A6}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [File not signed] FirewallRules: [{0F3EBB3C-FAC7-49F1-951C-9B165997AFEA}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Engine\Binaries\Win64\UnrealCEFSubProcess.exe => No File FirewallRules: [{A3000813-2F4A-4B39-B50C-5E8C307D7F28}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Engine\Binaries\Win64\UnrealCEFSubProcess.exe => No File FirewallRules: [{F55AFD02-D3C9-4EFC-91B4-8F97CC950EBF}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe => No File FirewallRules: [{1F0BA472-6EED-4C80-AED8-0A8CDAE171FD}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe => No File FirewallRules: [{A33F4F88-6DEA-4887-A622-A241333B4FEE}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe => No File FirewallRules: [{26990C26-BBCB-4518-AAA4-3657CD6A68EC}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe => No File FirewallRules: [{A239136B-26B8-4A8F-98FE-711B2F5B83C5}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> ) FirewallRules: [{3854CCDB-B04B-4BE4-80FC-1AD9C50910BD}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> ) FirewallRules: [{16E21177-1609-4230-9AFD-E19C077D159F}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC) FirewallRules: [{7D3E3D0A-A99C-4CCE-B3C1-1447EA2DB882}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC) FirewallRules: [{75DCB59F-61B7-419C-8D2F-EA43FFBED172}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC) FirewallRules: [{A6480CFA-BED5-41CE-A9F2-F721DD98AB25}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC) FirewallRules: [{CF32158A-918C-4564-B5A7-1684F7003A22}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> Facebook Technologies, LLC) FirewallRules: [{771047F4-1CFF-4EF0-B4EE-74567B675F40}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> Facebook Technologies, LLC) FirewallRules: [{BA55AA79-2AF1-42EC-BE53-2B3F080713B9}] => (Allow) C:\Program Files\Dixper Studio\dixper-studio\win-unpacked\dixper-studio.exe => No File FirewallRules: [{9D31D901-62FA-4263-B1BF-2D780ACCB0F6}] => (Allow) C:\Program Files\Dixper Studio\dixper-server\win-unpacked\dixper-server.exe => No File FirewallRules: [{6446A615-0E23-4D12-86EB-F239CE8B26AD}] => (Allow) C:\Program Files\Dixper Studio\dixper-studio\win-unpacked\dixper-studio.exe => No File FirewallRules: [{E93A971E-3DFB-4A02-AC47-5CF6E77EA713}] => (Allow) C:\Program Files\Dixper Studio\dixper-server\win-unpacked\dixper-server.exe => No File FirewallRules: [{4C99F9D3-3C1B-4230-9B77-8BE825C565E2}] => (Allow) D:\SteamLibrary\steamapps\common\House Flipper\HouseFlipper.exe => No File FirewallRules: [{6BE9489E-8786-4496-B426-401E008A43F2}] => (Allow) D:\SteamLibrary\steamapps\common\House Flipper\HouseFlipper.exe => No File FirewallRules: [{3C7238CD-3096-4F37-AF02-0AE06909E444}] => (Allow) C:\Users\Anna\AppData\Roaming\Zoom\bin\airhost.exe => No File FirewallRules: [{C77EF02D-01ED-4794-9CBF-12FB442A0F8C}] => (Allow) C:\Users\Anna\AppData\Roaming\Zoom\bin\airhost.exe => No File FirewallRules: [{21E88EF1-9FBC-4369-945E-509C6BF88E16}] => (Allow) C:\Users\Anna\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [UDP Query User{79EE533E-213A-4A37-8F81-A7C960ED74E2}D:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) D:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe => No File FirewallRules: [TCP Query User{B7DDD7C7-E7C1-4477-8C19-735465A350CB}D:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) D:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe => No File FirewallRules: [{98FA48A7-118C-43AE-A732-D662FF5C483B}] => (Allow) D:\SteamLibrary\steamapps\common\In Silence\In Silence.exe => No File FirewallRules: [{C1553BB8-2E78-4023-BD92-86F9EE54AC56}] => (Allow) D:\SteamLibrary\steamapps\common\In Silence\In Silence.exe => No File FirewallRules: [{F16A97E4-69CB-490B-A70B-702B48616918}] => (Allow) D:\SteamLibrary\steamapps\common\Dead by Daylight\DeadByDaylight.exe => No File FirewallRules: [{11A01FD2-D732-4F06-8452-B9B633DCDDD5}] => (Allow) D:\SteamLibrary\steamapps\common\Dead by Daylight\DeadByDaylight.exe => No File FirewallRules: [{432FE724-0E00-421C-ACB1-262A22EAF7A8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{FC565B0C-C59B-4208-8295-6602AC7DF1D1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{43AEADB9-FA1F-4D25-9E7E-452D52739D29}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.) FirewallRules: [{A501D998-BE36-4DE1-905F-77885D35988F}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.) FirewallRules: [{DCF26D90-5B7D-4B60-959A-D648AD511795}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{03E775CA-8378-4692-8214-B13E39FF8C06}] => (Allow) D:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{74A2E2BD-E756-45BD-9A32-D37358ADC640}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File FirewallRules: [{E1D666EE-B4DD-4529-8B79-FDD58D1D1E77}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File FirewallRules: [{FF79B391-44EC-4D6A-B950-3E58230073B9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{A23CBAD1-8EA6-449D-9634-6D47CB13EB85}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{C8B75803-3B6B-4C35-BF62-AA5CCD864694}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{55CEA8E0-E683-40DA-8924-0308734CCAA6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{A600D4BA-A656-405F-BB74-244ED54144A9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{16DAF73F-0E9C-4965-92B1-782072210372}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{F23496C3-CCEB-4BEF-8AA8-76AE3CE5D296}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File FirewallRules: [{450AAAB3-6EA1-4C3C-B7E6-273E7EF95FF5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{E5E7F36A-56A4-410C-9266-1958E24BBFBE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{20CDBD55-16DF-4FDA-BD57-57A989404CB5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{69CA6770-3E80-49C6-B687-5C4F0AA2B1F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{687A12A8-D6E3-4D74-B4D8-30A0CF2A2AD2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{556F4404-7F57-4375-9AF4-7216D954344B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{8B212DDC-97C3-461C-9A87-07DD005448A4}] => (Allow) C:\Program Files\Dixper Studio\dixper-server\win-unpacked\dixper-server.exe => No File FirewallRules: [{65E9B08F-55E5-45A2-A8E3-CB4C8B1236B5}] => (Allow) C:\Program Files\Dixper Studio\dixper-studio\win-unpacked\dixper-studio.exe => No File FirewallRules: [{867DC07E-25EA-4265-AA62-7D83AEA2CEB7}] => (Allow) C:\Program Files\Dixper Studio\dixper-server\win-unpacked\dixper-server.exe => No File FirewallRules: [{E63203C0-B534-4D9C-80A4-8B43C0529591}] => (Allow) C:\Program Files\Dixper Studio\dixper-studio\win-unpacked\dixper-studio.exe => No File FirewallRules: [{AAB74665-BD07-43DA-9337-40417890D15F}] => (Allow) C:\Users\Anna\AppData\Local\Dixper Studio\dixper-studio\win-unpacked\dixper-studio.exe (Dixper Software S.L. -> Dixper Software S.L.) FirewallRules: [{2D2624EC-B4B3-4D3D-90A7-7D253D4F4DDA}] => (Allow) C:\Users\Anna\AppData\Local\Dixper Studio\dixper-updater\win-unpacked\dixper-updater.exe => No File FirewallRules: [{9F2B90AB-E2DF-4089-BFC0-E4B1957F7A9F}] => (Allow) C:\Users\Anna\AppData\Local\Dixper Studio\dixper-studio\win-unpacked\dixper-studio.exe (Dixper Software S.L. -> Dixper Software S.L.) FirewallRules: [{38CA09CB-CE17-41C8-967E-F6AE1BE15778}] => (Allow) C:\Users\Anna\AppData\Local\Dixper Studio\bin\dixper-helper-x64.exe => No File FirewallRules: [{F2EE2A9A-E4DF-4196-BCBA-6CB7AF7A7D79}] => (Allow) C:\Users\Anna\AppData\Local\Dixper Studio\bin\dixper-helper-Win32.exe => No File FirewallRules: [{D27B2A2D-DC92-413B-86EB-B6A62569E96B}] => (Allow) C:\Program Files\Dixper Studio\dixper-updater\win-unpacked\dixper-updater.exe (Dixper Software S.L. -> Dixper Software S.L.) FirewallRules: [{99480210-E411-4C18-AA6C-64A125467117}] => (Allow) C:\Users\Anna\AppData\Local\Dixper Studio\dixper-studio\win-unpacked\dixper-studio.exe (Dixper Software S.L. -> Dixper Software S.L.) FirewallRules: [{15F58391-3F26-474D-86C6-04D47E83DDFA}] => (Allow) C:\Users\Anna\AppData\Local\Dixper Studio\bin\dixper-helper-x64.exe => No File FirewallRules: [{E6D36629-7C99-46CA-99E8-30FDCB3DD209}] => (Allow) C:\Users\Anna\AppData\Local\Dixper Studio\bin\dixper-helper-Win32.exe => No File FirewallRules: [{F8DC410F-734A-4CC5-8347-C44785030132}] => (Allow) C:\Program Files\Dixper Studio\dixper-updater\win-unpacked\dixper-updater.exe (Dixper Software S.L. -> Dixper Software S.L.) FirewallRules: [{8E9B77AB-762E-4588-8B94-BDF88E43E633}] => (Allow) C:\Users\Anna\AppData\Local\Dixper Studio\dixper-studio\win-unpacked\dixper-studio.exe (Dixper Software S.L. -> Dixper Software S.L.) FirewallRules: [{3F1F5578-113D-4248-9EFE-6C105D75B98D}] => (Allow) C:\Users\Anna\AppData\Local\Dixper Studio\bin\dixper-helper-x64.exe => No File FirewallRules: [{CD9C0EF8-448F-4F85-8CB8-035429E798AE}] => (Allow) C:\Users\Anna\AppData\Local\Dixper Studio\bin\dixper-helper-Win32.exe => No File FirewallRules: [{20775B65-9089-44A0-9712-8D3DE760F0BF}] => (Allow) C:\Program Files\Dixper Studio\dixper-updater\win-unpacked\dixper-updater.exe (Dixper Software S.L. -> Dixper Software S.L.) FirewallRules: [{3ACD2E9B-6372-4A95-8C9E-3E966F6E55B1}] => (Allow) C:\Users\Anna\AppData\Local\Dixper Studio\dixper-studio\win-unpacked\dixper-studio.exe (Dixper Software S.L. -> Dixper Software S.L.) FirewallRules: [{456D7FC8-191B-4BCF-B416-EF3460E104DA}] => (Allow) C:\Users\Anna\AppData\Local\Dixper Studio\bin\dixper-helper-x64.exe => No File FirewallRules: [{21F308E2-6456-4FC8-9627-28E0B17C31DA}] => (Allow) C:\Users\Anna\AppData\Local\Dixper Studio\bin\dixper-helper-Win32.exe => No File FirewallRules: [{1808D5A6-CA3F-4508-BE4F-8B89209EFC56}] => (Allow) C:\Program Files\Dixper Studio\dixper-updater\win-unpacked\dixper-updater.exe (Dixper Software S.L. -> Dixper Software S.L.) FirewallRules: [{E4CE5200-4170-4A6E-A000-FF13E9D38025}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\New World\NewWorldLauncher.exe => No File FirewallRules: [{4E6F54D0-0F65-4BAA-99B6-2AB61BF0D8E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\New World\NewWorldLauncher.exe => No File FirewallRules: [TCP Query User{0A691A8C-FDC6-4DFD-9738-2D4654731252}C:\program files (x86)\steam\steamapps\common\new world\bin64\newworld.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\new world\bin64\newworld.exe => No File FirewallRules: [UDP Query User{67A04EDC-9E68-46A9-B85C-D5D2B767134B}C:\program files (x86)\steam\steamapps\common\new world\bin64\newworld.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\new world\bin64\newworld.exe => No File FirewallRules: [{60FBEDB5-8122-43B4-82C1-C1C3DF27A5B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Propnight\Propnight.exe => No File FirewallRules: [{BC9F65E0-C981-4FC6-9624-0873320B7A2A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Propnight\Propnight.exe => No File FirewallRules: [TCP Query User{3E50F11A-77B1-4128-BC31-66FA0C4C83AF}C:\program files (x86)\steam\steamapps\common\propnight\propnight\binaries\win64\propnight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\propnight\propnight\binaries\win64\propnight-win64-shipping.exe => No File FirewallRules: [UDP Query User{A3B12365-082C-4F9D-9BF2-5A50099E7AE4}C:\program files (x86)\steam\steamapps\common\propnight\propnight\binaries\win64\propnight-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\propnight\propnight\binaries\win64\propnight-win64-shipping.exe => No File FirewallRules: [{C2EEC24F-00D6-4F31-813A-DBB6EA4879F0}] => (Allow) D:\SteamLibrary\steamapps\common\RuneScape\bin\win64\RuneScape.exe => No File FirewallRules: [{7A90CA3B-F8F3-4B74-982A-58CCE48C9DDA}] => (Allow) D:\SteamLibrary\steamapps\common\RuneScape\bin\win64\RuneScape.exe => No File FirewallRules: [{4117BEA9-69CD-455D-88E8-974890FD73C9}] => (Allow) C:\Users\Anna\AppData\Local\Dixper Studio\dixper-studio\win-unpacked\dixper-studio.exe (Dixper Software S.L. -> Dixper Software S.L.) FirewallRules: [{A32AD43E-6285-4287-8138-A23B96DE28E4}] => (Allow) C:\Users\Anna\AppData\Local\Dixper Studio\bin\dixper-helper-x64.exe => No File FirewallRules: [{20D6A202-769C-477F-8BFA-798B87DE1400}] => (Allow) C:\Users\Anna\AppData\Local\Dixper Studio\bin\dixper-helper-Win32.exe => No File FirewallRules: [{4305F9CB-17B7-4AD5-998C-69D36E829CEE}] => (Allow) C:\Program Files\Dixper Studio\dixper-updater\win-unpacked\dixper-updater.exe (Dixper Software S.L. -> Dixper Software S.L.) FirewallRules: [{A917CCDF-94B4-4C99-B3B3-D0F88BB513A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Propnight\Propnight\Binaries\Win64\Propnight_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{A729046C-00E8-4AA7-8487-38F1EA36737B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Propnight\Propnight\Binaries\Win64\Propnight_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [TCP Query User{4B92D6D1-4F8C-4C3A-B6FC-81A6C0FA14A4}D:\riseofthetombraider\rottr.exe] => (Allow) D:\riseofthetombraider\rottr.exe => No File FirewallRules: [UDP Query User{F27EC6B1-20A8-45B8-B47E-34AAD8572B51}D:\riseofthetombraider\rottr.exe] => (Allow) D:\riseofthetombraider\rottr.exe => No File FirewallRules: [TCP Query User{F0D277BF-CBA2-4207-B4C2-CA47A61EB612}C:\program files (x86)\steam\steamapps\common\propnight\propnight\binaries\win64\propnight.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\propnight\propnight\binaries\win64\propnight.exe => No File FirewallRules: [UDP Query User{06D764A7-B69D-49D9-88D8-527192283457}C:\program files (x86)\steam\steamapps\common\propnight\propnight\binaries\win64\propnight.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\propnight\propnight\binaries\win64\propnight.exe => No File FirewallRules: [{FCF6E6D3-2A58-49A9-B969-58172796A45F}] => (Allow) D:\SteamLibrary\steamapps\common\Phasmophobia\Phasmophobia.exe => No File FirewallRules: [{65772CC7-C734-49AF-86FA-E22556C6E6CA}] => (Allow) D:\SteamLibrary\steamapps\common\Phasmophobia\Phasmophobia.exe => No File FirewallRules: [{D1F24E5F-E8FF-43E4-904D-2A70D3E8788F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{D787D66E-3C94-4475-AA6A-09047F8A50A3}C:\users\anna\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\anna\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{5C5BD47C-0D61-46E6-B3EA-64257545FF97}C:\users\anna\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\anna\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{41A982C7-3B72-4D7B-BE69-968004405C8F}] => (Allow) D:\SteamLibrary\steamapps\common\Panzer Dragoon Remake\Panzer Dragoon Remake.exe () [File not signed] FirewallRules: [{C34C5316-5B67-43BA-965D-7B35E612E029}] => (Allow) D:\SteamLibrary\steamapps\common\Panzer Dragoon Remake\Panzer Dragoon Remake.exe () [File not signed] FirewallRules: [{6666686E-D09E-48AC-A769-02FD6305C5E2}] => (Allow) D:\SteamLibrary\steamapps\common\The Outlast Trials\TOTClient.exe (Red Barrels Inc.) [File not signed] FirewallRules: [{F31607AE-9C9F-4A1D-9CB8-B66CC5DBC13E}] => (Allow) D:\SteamLibrary\steamapps\common\The Outlast Trials\TOTClient.exe (Red Barrels Inc.) [File not signed] FirewallRules: [{84DDEDAD-AD91-47DD-BA12-0C42A79BC8DC}] => (Allow) D:\SteamLibrary\steamapps\common\THE HOUSE OF THE DEAD Remake\The House of the Dead Remake.exe () [File not signed] FirewallRules: [{75669C7E-F3F3-4771-AF72-6D9C4C6746A6}] => (Allow) D:\SteamLibrary\steamapps\common\THE HOUSE OF THE DEAD Remake\The House of the Dead Remake.exe () [File not signed] FirewallRules: [TCP Query User{07E40AD7-8088-4209-8D7B-074B0E05E375}C:\xboxgames\the texas chain saw massacre - pc edition\content\bbqgame\binaries\wingdk\bbqclient-wingdk-shipping.exe] => (Allow) C:\xboxgames\the texas chain saw massacre - pc edition\content\bbqgame\binaries\wingdk\bbqclient-wingdk-shipping.exe (Access Denied) [File not signed] FirewallRules: [UDP Query User{FB2A45F5-48D0-4E97-8C54-A397F837E7E0}C:\xboxgames\the texas chain saw massacre - pc edition\content\bbqgame\binaries\wingdk\bbqclient-wingdk-shipping.exe] => (Allow) C:\xboxgames\the texas chain saw massacre - pc edition\content\bbqgame\binaries\wingdk\bbqclient-wingdk-shipping.exe (Access Denied) [File not signed] FirewallRules: [{814B5BD0-8A21-4142-A2EB-8638FA3A23EC}] => (Allow) C:\Users\Anna\AppData\Roaming\Streamlabs\Streamlabs Chatbot\Streamlabs Chatbot.exe (General Workings, Inc. -> hxxps://www.Streamlabs.com) FirewallRules: [{E8A7DE4C-C3DF-489A-AF9F-9B393EA88CC0}] => (Allow) C:\Users\Anna\AppData\Roaming\Streamlabs\Streamlabs Chatbot\Streamlabs Chatbot.exe (General Workings, Inc. -> hxxps://www.Streamlabs.com) FirewallRules: [{1D559573-9459-4DB3-A74D-0375CA650514}] => (Allow) C:\Users\Anna\AppData\Roaming\Streamlabs\Streamlabs Chatbot\Streamlabs Chatbot.exe (General Workings, Inc. -> hxxps://www.Streamlabs.com) FirewallRules: [{B2C5A956-6DF9-4DA3-920E-FA0045D5C5C8}] => (Allow) C:\Users\Anna\AppData\Roaming\Streamlabs\Streamlabs Chatbot\Streamlabs Chatbot.exe (General Workings, Inc. -> hxxps://www.Streamlabs.com) FirewallRules: [{FF00F905-9B9B-429E-91E9-80494B794926}] => (Allow) C:\Users\Anna\AppData\Roaming\Streamlabs\Streamlabs Chatbot\Streamlabs Chatbot.exe (General Workings, Inc. -> hxxps://www.Streamlabs.com) FirewallRules: [{862E80AF-8F0A-47F3-899C-DD4F8F7D5939}] => (Allow) C:\Users\Anna\AppData\Roaming\Streamlabs\Streamlabs Chatbot\Streamlabs Chatbot.exe (General Workings, Inc. -> hxxps://www.Streamlabs.com) FirewallRules: [TCP Query User{7E8E81EE-C260-44B1-9CD3-3031A74A5517}D:\xbox\lies of p\content\liesofp\binaries\wingdk\lop-wingdk-shipping.exe] => (Allow) D:\xbox\lies of p\content\liesofp\binaries\wingdk\lop-wingdk-shipping.exe (Access Denied) [File not signed] FirewallRules: [UDP Query User{C40756B5-7FA1-4B56-98BB-7C01129F2CF7}D:\xbox\lies of p\content\liesofp\binaries\wingdk\lop-wingdk-shipping.exe] => (Allow) D:\xbox\lies of p\content\liesofp\binaries\wingdk\lop-wingdk-shipping.exe (Access Denied) [File not signed] FirewallRules: [TCP Query User{A9014ADA-0FED-4D94-99A5-D2125E28A069}D:\xbox\bramble- the mountain king\content\bramble_tmk\binaries\wingdk\bramble_tmk-wingdk-shipping.exe] => (Allow) D:\xbox\bramble- the mountain king\content\bramble_tmk\binaries\wingdk\bramble_tmk-wingdk-shipping.exe (Access Denied) [File not signed] FirewallRules: [UDP Query User{970A892A-6C84-404F-A8F9-3FEB94182053}D:\xbox\bramble- the mountain king\content\bramble_tmk\binaries\wingdk\bramble_tmk-wingdk-shipping.exe] => (Allow) D:\xbox\bramble- the mountain king\content\bramble_tmk\binaries\wingdk\bramble_tmk-wingdk-shipping.exe (Access Denied) [File not signed] FirewallRules: [TCP Query User{D24B0143-CABF-4831-846D-D9A0C7AE616B}E:\resident evil 4\re4.exe] => (Allow) E:\resident evil 4\re4.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.) FirewallRules: [UDP Query User{777B01BF-1BC9-4EA8-A014-2244C6430B5C}E:\resident evil 4\re4.exe] => (Allow) E:\resident evil 4\re4.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.) FirewallRules: [{1A5F7ACA-CA5D-46DD-861A-F55F037B2AAB}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24033.1005.2701.7380_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{BA68F91E-5617-4F2F-B506-C9918A213746}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24033.1005.2701.7380_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{F74767DE-A931-4568-B5EE-23C8AB25C1B2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{8CC50620-2421-41BC-A1A1-3350BE3840DC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{2D62B5AE-9573-49A4-A4E7-DFA708B429E9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{857BF5F4-12A4-4904-9922-CD2A9D3889C8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.113.3210.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{7471F7BE-9D95-4FCC-8902-B0FB8D7D10A2}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{4105A160-0367-4661-8E58-2F5E7D79C31D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.59\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Restore Points ========================= 28-02-2024 21:24:19 Windows Update 02-03-2024 23:37:35 Windows Update ==================== Faulty Device Manager Devices ============ Name: FineShare FineCam Description: FineShare FineCam Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: FineShare Inc. Service: FineCam Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Unknown USB Device (Device Descriptor Request Failed) Description: Unknown USB Device (Device Descriptor Request Failed) Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard USB Host Controller) Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Event log errors: ======================== Application errors: ================== Error: (03/03/2024 05:36:22 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-8BTD1LK) Description: Faulting application name: GalaxyClient Helper.exe, version: 2.0.60.2, time stamp: 0x63f611e4 Faulting module name: KERNELBASE.dll, version: 10.0.22621.3235, time stamp: 0x67defb6c Exception code: 0xe0000008 Fault offset: 0x00149542 Faulting process ID: 0x0x1fa4 Faulting application start time: 0x0x1da6ce1132d1a01 Faulting application path: C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report ID: d1621a3a-6953-410d-8bbb-173e962c5357 Faulting package full name: Faulting package-relative application ID: Error: (03/02/2024 08:34:49 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-8BTD1LK) Description: Faulting application name: GalaxyClient Helper.exe, version: 2.0.60.2, time stamp: 0x63f611e4 Faulting module name: KERNELBASE.dll, version: 10.0.22621.3235, time stamp: 0x67defb6c Exception code: 0xe0000008 Fault offset: 0x00149542 Faulting process ID: 0x0x2510 Faulting application start time: 0x0x1da6c30d51aa4dc Faulting application path: C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report ID: 8b9ed179-6b30-4b99-8c3e-6a0d78727fe0 Faulting package full name: Faulting package-relative application ID: Error: (03/01/2024 11:33:12 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-8BTD1LK) Description: Faulting application name: GalaxyClient Helper.exe, version: 2.0.60.2, time stamp: 0x63f611e4 Faulting module name: KERNELBASE.dll, version: 10.0.22621.3235, time stamp: 0x67defb6c Exception code: 0xe0000008 Fault offset: 0x00149542 Faulting process ID: 0x0x4c7c Faulting application start time: 0x0x1da6b80a34922da Faulting application path: C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report ID: 7bbcddc9-c1f3-471c-8ef4-b57d902e9edd Faulting package full name: Faulting package-relative application ID: Error: (03/01/2024 02:30:26 AM) (Source: OVRServiceLauncher) (EventID: 0) (User: ) Description: Event-ID 0 Error: (03/01/2024 02:29:21 AM) (Source: OVRServiceLauncher) (EventID: 0) (User: ) Description: Event-ID 0 Error: (02/29/2024 09:29:47 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-8BTD1LK) Description: Faulting application name: GalaxyClient Helper.exe, version: 2.0.60.2, time stamp: 0x63f611e4 Faulting module name: KERNELBASE.dll, version: 10.0.22621.3155, time stamp: 0x587de32b Exception code: 0xe0000008 Fault offset: 0x00149542 Faulting process ID: 0x0x9268 Faulting application start time: 0x0x1da6aa62b82f8b5 Faulting application path: C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report ID: dda7f3b1-b1f8-4943-99a9-c3ec3aba2db8 Faulting package full name: Faulting package-relative application ID: Error: (02/29/2024 12:28:06 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-8BTD1LK) Description: Faulting application name: GalaxyClient Helper.exe, version: 2.0.60.2, time stamp: 0x63f611e4 Faulting module name: KERNELBASE.dll, version: 10.0.22621.3155, time stamp: 0x587de32b Exception code: 0xe0000008 Fault offset: 0x00149542 Faulting process ID: 0x0x8348 Faulting application start time: 0x0x1da69f5f8d0306f Faulting application path: C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report ID: 0483b3e9-4f8f-47e8-a117-c51730aa3467 Faulting package full name: Faulting package-relative application ID: Error: (02/28/2024 03:26:50 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-8BTD1LK) Description: Faulting application name: GalaxyClient Helper.exe, version: 2.0.60.2, time stamp: 0x63f611e4 Faulting module name: KERNELBASE.dll, version: 10.0.22621.3155, time stamp: 0x587de32b Exception code: 0xe0000008 Fault offset: 0x00149542 Faulting process ID: 0x0x5910 Faulting application start time: 0x0x1da6945c3201335 Faulting application path: C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report ID: 42b32f69-ea7a-4dad-b9d5-51a1abe84478 Faulting package full name: Faulting package-relative application ID: System errors: ============= Error: (03/02/2024 11:37:42 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone. Error: (03/02/2024 08:31:36 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone. Error: (03/02/2024 08:31:30 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8BTD1LK) Description: DCOM got error "87" attempting to start the service GamingServices with arguments "Unavailable" in order to run the server: {3E8C9ABE-9226-4609-BF5B-60288A391DEE} Error: (03/02/2024 08:31:30 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8BTD1LK) Description: DCOM got error "87" attempting to start the service GamingServices with arguments "Unavailable" in order to run the server: {3E8C9ABE-9226-4609-BF5B-60288A391DEE} Error: (03/02/2024 08:31:30 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8BTD1LK) Description: DCOM got error "87" attempting to start the service GamingServices with arguments "Unavailable" in order to run the server: {3E8C9ABE-9226-4609-BF5B-60288A391DEE} Error: (03/02/2024 08:31:30 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8BTD1LK) Description: DCOM got error "87" attempting to start the service GamingServices with arguments "Unavailable" in order to run the server: {3E8C9ABE-9226-4609-BF5B-60288A391DEE} Error: (03/02/2024 08:31:30 AM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-8BTD1LK) Description: DCOM got error "87" attempting to start the service GamingServices with arguments "Unavailable" in order to run the server: {D529741A-1BF1-4D1E-9976-35089622E758} Error: (03/02/2024 08:31:22 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9MWPM2CQNLHN-Microsoft.GamingServices. Windows Defender: ================ Date: 2024-03-03 02:40:51 Description: Microsoft Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:Win32/DefenderTamperingRestore&threatid=2147741622&enterprise=0 Name: VirTool:Win32/DefenderTamperingRestore Severity: Severe Category: Tool Path: regkeyvalue:_hklm\software\policies\microsoft\windows defender\\DisableAntiSpyware Detection Origin: Unknown Detection Type: Concrete Detection Source: System Process Name: Unknown Security intelligence Version: AV: 1.405.947.0, AS: 1.405.947.0, NIS: 1.405.947.0 Engine Version: AM: 1.1.24020.9, NIS: 1.1.24020.9 Date: 2024-03-02 22:30:30 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2024-03-01 22:31:12 Description: Microsoft Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:Win32/DefenderTamperingRestore&threatid=2147741622&enterprise=0 Name: VirTool:Win32/DefenderTamperingRestore Severity: Severe Category: Tool Path: regkeyvalue:_hklm\software\policies\microsoft\windows defender\\DisableAntiSpyware Detection Origin: Unknown Detection Type: Concrete Detection Source: System Process Name: Unknown Security intelligence Version: AV: 1.405.836.0, AS: 1.405.836.0, NIS: 1.405.836.0 Engine Version: AM: 1.1.24020.9, NIS: 1.1.24020.9 Date: 2024-02-29 23:19:00 Description: Microsoft Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:Win32/DefenderTamperingRestore&threatid=2147741622&enterprise=0 Name: VirTool:Win32/DefenderTamperingRestore Severity: Severe Category: Tool Path: regkeyvalue:_hklm\software\policies\microsoft\windows defender\\DisableAntiSpyware Detection Origin: Unknown Detection Type: Concrete Detection Source: System Process Name: Unknown Security intelligence Version: AV: 1.405.766.0, AS: 1.405.766.0, NIS: 1.405.766.0 Engine Version: AM: 1.1.24010.10, NIS: 1.1.24010.10 Date: 2024-02-28 23:18:03 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Event[0] Date: 2024-01-31 17:37:30 Description: Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions. Date: 2024-01-24 02:40:31 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.403.2465.0 Update Source: Microsoft Malware Protection Center Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.23110.2 Error code: 0x80070020 Error description: The process cannot access the file because it is being used by another process. Date: 2024-01-24 02:40:31 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.403.2465.0 Update Source: Microsoft Malware Protection Center Security intelligence Type: AntiSpyware Update Type: Full Current Engine Version: Previous Engine Version: 1.1.23110.2 Error code: 0x80070020 Error description: The process cannot access the file because it is being used by another process. Date: 2024-01-24 02:40:31 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.403.2465.0 Update Source: Microsoft Malware Protection Center Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.23110.2 Error code: 0x80070020 Error description: The process cannot access the file because it is being used by another process. Date: 2024-01-21 16:21:52 Description: Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed. Feature: On Access Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions. CodeIntegrity: =============== Date: 2024-02-14 02:46:47 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system. Date: 2023-11-28 19:07:32 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== BIOS: American Megatrends Inc. R01-A0 04/22/2020 Motherboard: Acer Nitro N50-610 Processor: Intel(R) Core(TM) i7-10700 CPU @ 2.90GHz Percentage of memory in use: 59% Total physical RAM: 16292.43 MB Available physical RAM: 6663.8 MB Total Virtual: 30116.43 MB Available Virtual: 17359.54 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:237.91 GB) (Free:16.59 GB) (Model: WDC PC SN530 SDBPNPZ-512G-1014) NTFS Drive d: (DATA2) (Fixed) (Total:931.51 GB) (Free:177.97 GB) (Model: WDC WD10EZEX-21WN4A0) NTFS Drive e: (DATA) (Fixed) (Total:237.9 GB) (Free:99.15 GB) (Model: WDC PC SN530 SDBPNPZ-512G-1014) NTFS \\?\Volume{39d45e76-3010-4919-bf80-097c09778227}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.3 GB) NTFS \\?\Volume{e47f3b7e-d86f-4bcc-ba15-543b32f68b13}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32 ==================== MBR & Partition Table ==================== ==================== End of Addition.txt =======================