Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-03-2026 Ran by TG02-007 (administrator) on ALEKS (HP Victus by HP 15L Gaming Desktop TG02-0xxx) (30-03-2026 13:21:21) Running from C:\Users\TG02-007\Downloads\FRST64.exe Loaded Profiles: TG02-007 & SQLTELEMETRY$SQLEXPRESS & MSSQL$SQLEXPRESS Platform: Microsoft Windows 11 Home Version 25H2 26200.8037 (X64) Language: Italian (Italy) -> English (United States) Default browser: FF Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzAppManager (C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzBTLEManager (C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaConnectManager (C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaConnectServer (C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDeviceManager (C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDiagnostic (C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzIoTDeviceManager (C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSmartlightingDeviceManager (C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzWDLDeviceManager (C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe (C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe <7> (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe (C:\Program Files\Mozilla Firefox\firefox.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe (C:\Program Files\Mozilla Firefox\firefox.exe ->) (Mozilla Corporation -> Mozilla Foundation) C:\Program Files\Mozilla Firefox\crashhelper.exe (C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.2.16.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.2.16.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe (C:\Windows\SysWOW64\wallpaperservice32.exe ->) (Skutta Software GmbH -> ) D:\SteamLibrary\steamapps\common\wallpaper_engine\wallpaper64.exe (Discord Inc. -> Discord Inc.) C:\Users\TG02-007\AppData\Local\Discord\app-1.0.9230\Discord.exe <6> (DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5c8ff28acd75bc32\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5c8ff28acd75bc32\x64\BridgeCommunication.exe (DriverStore\FileRepository\ipf_cpu.inf_amd64_cf5beef3831571d4\ipf_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_cf5beef3831571d4\ipf_helper.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.2.16.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2602.10.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe (explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Media Network\HPMediaNetwork.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <15> (SECOMN64.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe (services.exe ->) (Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (services.exe ->) (Broadcom Inc -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe (services.exe ->) (Broadcom Inc -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (services.exe ->) (Broadcom Inc -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (services.exe ->) (Broadcom Inc -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (services.exe ->) (HON HAI PRECISION INDUSTRY CO.LTD. -> ) C:\Program Files\FanControlApp\FanControlApp.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_ef460d1f2a35fc16\x64\TouchpointAnalyticsClientService.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5c8ff28acd75bc32\x64\AppHelperCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5c8ff28acd75bc32\x64\DiagsCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5c8ff28acd75bc32\x64\NetworkCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5c8ff28acd75bc32\x64\SysInfoCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_3c97e435117f8c16\x64\OmenCap\OmenCap.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_191d9fb378307f35\ipfsvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorvd.inf_amd64_74e28d819fb21cc3\RstMwService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_cf5beef3831571d4\ipf_uf.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe (services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267\logi_lamparray_service.exe (services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL16.SQLEXPRESS\MSSQL\Binn\sqlceip.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL16.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (services.exe ->) (Microsoft Corporation -> Windows (R) Win 7 DDK provider) C:\Program Files\Microsoft GameInput\x64\GameInputRedistService.exe <2> (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe (services.exe ->) (Mudfish Networks -> ) C:\Program Files (x86)\Mudfish Cloud VPN\mudrun_service.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhdci.inf_amd64_62514a5ce7cb3484\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9d3a92437ffb40b7\RtkAudUService64.exe <2> (services.exe ->) (Skutta Software GmbH -> ) C:\Windows\SysWOW64\wallpaperservice32.exe (services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe (sihost.exe ->) (04797BBC-C7BB-462F-9B66-331C81E27C0E -> TranslucentTB Open Source Developers) C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2026.1.0.0_x64__v826wp6bftszj\TranslucentTB.exe (sihost.exe ->) (649690DD-9BE8-48E7-8019-88DCA877AF4E -> McAfee, LLC) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe (sihost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.OMENLightStudio_1.0.66.0_x64__v10z8vjag6ke6\LightStudio-ui\LightStudio-background.exe (svchost.exe ->) (649690DD-9BE8-48E7-8019-88DCA877AF4E -> McAfee LLC) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe (svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe (svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\Overlay\OverlayHelper.exe (svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.241.0.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2024-03-02] (Adobe Inc. -> ) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (No File) HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [114040 2024-10-03] (Broadcom Inc -> VMware, Inc.) HKLM-x32\...\Run: [STOVE] => C:\ProgramData\Smilegate\STOVE\STOVE.exe (No File) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION HKLM\Software\Policies\...\system: [EnableActivityFeed] 0 HKLM\Software\Policies\...\system: [PublishUserActivities] 0 HKLM\Software\Policies\...\system: [UploadUserActivities] 0 HKU\S-1-5-19\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe (No File) HKU\S-1-5-19\...\RunOnce: [OMENCC_InstallationBooster] => C:\system.sav\util\OMENCC_InstallationBooster.exe (No File) HKU\S-1-5-20\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe (No File) HKU\S-1-5-20\...\RunOnce: [OMENCC_InstallationBooster] => C:\system.sav\util\OMENCC_InstallationBooster.exe (No File) HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\Run: [HPSEU_Host_Launcher] => C:\Program Files\HP\HP System Event Utility\Host Launcher\HpseuHostLauncher.exe [545864 2025-11-08] (HP Inc. -> HP Inc.) HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [5767832 2026-03-13] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\Run: [Discord] => C:\Users\TG02-007\AppData\Local\Discord\Update.exe [1525016 2023-12-19] (Discord Inc. -> GitHub) HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [50990008 2026-03-02] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3600072 2025-07-15] (Razer USA Ltd. -> Razer Inc.) HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\Run: [ProtonVPN] => C:\Program Files\Proton\VPN\ProtonVPN.Launcher.exe [12287472 2024-02-01] (Proton AG -> ProtonVPN) HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\Run: [electron.app.BlueStacks Services] => C:\Users\TG02-007\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe [162219656 2024-05-08] (Now.gg, INC -> now.gg, Inc.) HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\Run: [AF_uuid_514912] => ad9face8-89c5-4908-90f5-7ef275380aa0** *n*u*l*l*********‘·¸¾*ñ*—ProgramF (No File) HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\Run: [AF_counter_514912] => 4 (No File) HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\Run: [GalaxyClient] => [X] HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14591536 2026-01-18] (GOG sp. z o.o -> GOG.com) HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1987904 2026-03-23] (Overwolf Ltd -> Overwolf Ltd.) HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\Run: [stoat-desktop] => C:\Users\TG02-007\AppData\Local\Stoat\update.exe [2023936 2026-02-16] () [File not signed] HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\Policies\Explorer: [HideSCAMeetNow] 1 HKU\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe (No File) HKU\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\...\RunOnce: [OMENCC_InstallationBooster] => C:\system.sav\util\OMENCC_InstallationBooster.exe (No File) HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe (No File) HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\...\RunOnce: [OMENCC_InstallationBooster] => C:\system.sav\util\OMENCC_InstallationBooster.exe (No File) HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3600072 2025-07-15] (Razer USA Ltd. -> Razer Inc.) Startup: C:\Users\TG02-007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AltDriver_i386.lnk [2026-03-29] ShortcutTarget: AltDriver_i386.lnk -> C:\ProgramData\MgrMaintain\CircuitPilot.exe (PassMark Software Pty Ltd -> PassMark Software) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RocketDock.lnk [2026-01-18] ShortcutTarget: RocketDock.lnk -> C:\Program Files (x86)\RocketDock\RocketDock.exe (No File) GroupPolicy-Firefox: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {296F0E3E-E22E-4EAB-A10F-B898F2BAAD71} - \Microsoft\Windows\Setup\EM -> No File <==== ATTENTION Task: {7FFA39E8-164E-4B9D-B454-F9780113B674} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [302968 2024-09-30] (Now.gg, INC -> BlueStack Systems, Inc.) Task: {B1E5996B-224A-4C66-B2C6-72BF560BB4F7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [1015880 2026-01-27] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show Task: {77CC62E0-718F-4DB7-AD49-0D3E5BD99F74} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [480264 2026-01-27] (HP Inc. -> HP Inc.) Task: {284A9642-BDCE-4070-A234-F968F456B8F3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1176136 2026-01-27] (HP Inc. -> HP Inc.) Task: {B17CDE65-1A8D-4CBB-95C7-3E8D7DAA664D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1176136 2026-01-27] (HP Inc. -> HP Inc.) Task: {F79B819B-FABC-43F6-9B7A-47C9E1271E42} - System32\Tasks\HP\Consent Manager Launcher => C:\windows\system32\sc.exe [102400 2025-07-08] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice Task: {26EA2366-7196-453C-AC2E-FCA7BED3FE1F} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [91144 2026-01-16] (HP Inc. -> HP Inc.) Task: {F6AE12A2-F8DC-4F88-9F6A-CDD3F93FFFE8} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [91144 2026-01-16] (HP Inc. -> HP Inc.) Task: {802E138D-B6C5-45FC-B2FB-49EF3BB765E7} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ActionsServer\ActionsServer.exe [16404784 2026-03-28] (Microsoft Corporation -> Microsoft Corporation) Task: {7EEE0855-3614-47D7-8BF5-4721B08846AB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28533568 2026-03-22] (Microsoft Corporation -> Microsoft Corporation) Task: {E0FF34E7-53D2-46B5-81A7-D907B5A6F8EE} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16\opushutil.exe [73560 2026-03-28] (Microsoft Corporation -> Microsoft Corporation) Task: {99FBF1E2-650B-4799-ABA6-A476C162E5F7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28533568 2026-03-22] (Microsoft Corporation -> Microsoft Corporation) Task: {0DB27D2E-50D2-4779-82B6-BCF387CC23F5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [426776 2026-03-28] (Microsoft Corporation -> Microsoft Corporation) Task: {A61C8BAA-5C59-482B-89BA-2001947493A9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [426776 2026-03-28] (Microsoft Corporation -> Microsoft Corporation) Task: {06592DA7-6045-4F86-ABD7-83F6F1ABF67C} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [1349920 2026-03-28] (Microsoft Corporation -> Microsoft Corporation) Task: {43F89139-17DA-4F4F-B252-E4D16FD020CB} - System32\Tasks\Microsoft\Office\Office Startup Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ActionsServer\ActionsServer.exe [16404784 2026-03-28] (Microsoft Corporation -> Microsoft Corporation) Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File) Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File) Task: {6DC10BCF-BAAD-4F70-8BE0-58077E4A70B7} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [33920 2026-03-26] (Mozilla Corporation -> Mozilla Foundation) Task: {A7482885-687B-4792-9587-5D494AD384C0} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3337328 2026-01-16] (NVIDIA Corporation -> NVIDIA Corporation) Task: {3C6C49B6-0506-4805-9CB9-376BFEF8025A} - System32\Tasks\OmenInstallMonitor => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [77320 2026-03-18] (HP Inc. -> HP Inc.) Task: {D0D3ABD7-8C95-4D48-8AA1-1778591A26F0} - System32\Tasks\OmenInstallMonitorCustomEvent => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [77320 2026-03-18] (HP Inc. -> HP Inc.) Task: {A798FF2F-7AC5-494F-8B56-9689C7DE61C6} - System32\Tasks\OmenInstallMonitorCustomEvent-sid-S-1-5-21-3061952332-3695074-208723314-1001 => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [77320 2026-03-18] (HP Inc. -> HP Inc.) Task: {A0577BE4-9F70-4937-9510-A65B21D5D867} - System32\Tasks\OmenInstallMonitor-sid-S-1-5-21-3061952332-3695074-208723314-1001 => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [77320 2026-03-18] (HP Inc. -> HP Inc.) Task: {65CF5F89-5671-42FB-9CD0-7D279D04E578} - System32\Tasks\OmenOverlay => C:\Program Files\HP\Overlay\OverlayHelper.exe [67592 2026-03-18] (HP Inc. -> HP Inc.) Task: {F5B5F46D-452A-46CD-A3BE-B3C5802A0ACC} - System32\Tasks\OmenOverlayCustomEvent => C:\Program Files\HP\Overlay\OverlayHelper.exe [67592 2026-03-18] (HP Inc. -> HP Inc.) Task: {F8D42C0F-02EC-4BCB-A0F3-305E33A624B1} - System32\Tasks\OmenOverlayCustomEvent-sid-S-1-5-21-3061952332-3695074-208723314-1001 => C:\Program Files\HP\Overlay\OverlayHelper.exe [67592 2026-03-18] (HP Inc. -> HP Inc.) Task: {29F9D61C-D25F-406D-BFCC-C2FD180A007A} - System32\Tasks\OmenOverlay-sid-S-1-5-21-3061952332-3695074-208723314-1001 => C:\Program Files\HP\Overlay\OverlayHelper.exe [67592 2026-03-18] (HP Inc. -> HP Inc.) Task: {B467D368-27B2-4347-800A-ABC8AB4435EA} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1704453733 => C:\Program Files\Opera GX\autoupdate\opera_autoupdate.exe [6406088 2026-03-18] (Opera Norway AS -> Opera Software) -> --scheduledtask --productiscomponent --installdir="C:\Program Files\Opera GX\assistant" --producttype=assistant $(Arg0) Task: {6036A390-1FF8-4E2D-A9A8-8B15A89BEFFF} - System32\Tasks\Opera GX scheduled Autoupdate 1703764074 => C:\Program Files\Opera GX\autoupdate\opera_autoupdate.exe [6406088 2026-03-18] (Opera Norway AS -> Opera Software) Task: {788350FD-FD38-4395-95D8-5980DF77DE6F} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2399560 2026-03-23] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule Task: {30BC134F-1F81-47B1-8611-DB18D44F1E3C} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9d3a92437ffb40b7\RtkAudUService64.exe [1994024 2023-12-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {EF4221C7-2E4B-4403-92E3-380CEFB59326} - System32\Tasks\SystemOptimizer => C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe [167944 2026-03-18] (HP Inc. -> HP Inc.) Task: {7EABEF2B-67A4-4F8C-9AF5-2CC7EDEB239D} - System32\Tasks\SystemOptimizerCustomEvent => C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe [167944 2026-03-18] (HP Inc. -> HP Inc.) Task: {BE4041CA-1D92-4C03-8AE6-406B932F521C} - System32\Tasks\SystemOptimizerCustomEvent-sid-S-1-5-21-3061952332-3695074-208723314-1001 => C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe [167944 2026-03-18] (HP Inc. -> HP Inc.) Task: {84EDC9EC-7AEA-4DB9-902B-D547026ADBBC} - System32\Tasks\SystemOptimizer-sid-S-1-5-21-3061952332-3695074-208723314-1001 => C:\Program Files\HP\SystemOptimizer\SystemOptimizer.exe [167944 2026-03-18] (HP Inc. -> HP Inc.) Task: {1F38C9E5-6E48-496A-99EA-2929E14D8BCC} - System32\Tasks\SystemOptimizerTemp => C:\Users\TG02-007\AppData\Local\Temp\HP\SystemOptimizerTemp\SystemOptimizer.exe -update (No File) <==== ATTENTION Task: {FBCFB0B6-FAC0-4F3B-BC0F-43F7D883EF58} - System32\Tasks\Ubisoft\Ubisoft Connect Background Update => C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe [17246392 2026-01-09] (UBISOFT ENTERTAINMENT INC. -> Ubisoft) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\..\Interfaces\{c68fb878-8ca4-4dce-93f8-17d6230a8af6}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{c68fb878-8ca4-4dce-93f8-17d6230a8af6}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{c68fb878-8ca4-4dce-93f8-17d6230a8af6}: [DhcpDomain] lan Tcpip\..\Interfaces\{d3d4b0bf-d02c-4b56-8526-00c768cc1cfd}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{d3d4b0bf-d02c-4b56-8526-00c768cc1cfd}: [DhcpDomain] lan FireFox: ======== FF TaskBarID: 308046B0AF4A39CB -> C:\Program Files\Mozilla Firefox FF DefaultProfile: 3ubsekbl.default-release -> 308046B0AF4A39CB FF ProfilePath: C:\Users\TG02-007\AppData\Roaming\Mozilla\Firefox\Profiles\941yocr4.default [2024-01-06] FF ProfilePath: C:\Users\TG02-007\AppData\Roaming\Mozilla\Firefox\Profiles\3ubsekbl.default-release [2026-03-30] FF NewTabOverride: Mozilla\Firefox\Profiles\3ubsekbl.default-release -> Enabled: newtabtools@darktrojan.net FF NewTabOverride: Mozilla\Firefox\Profiles\3ubsekbl.default-release -> Disabled: {60B7679C-BED9-11E5-998D-8526BB8E7F8B} FF NewTabOverride: Mozilla\Firefox\Profiles\3ubsekbl.default-release -> Enabled: uBlock0@raymondhill.net FF Extension: (BetterTTV) - C:\Users\TG02-007\AppData\Roaming\Mozilla\Firefox\Profiles\3ubsekbl.default-release\Extensions\firefox@betterttv.net.xpi [2026-02-19] FF Extension: (Language: Italiano (Italian)) - C:\Users\TG02-007\AppData\Roaming\Mozilla\Firefox\Profiles\3ubsekbl.default-release\Extensions\langpack-it@firefox.mozilla.org.xpi [2026-03-27] FF Extension: (Streaming enhanced Netflix Disney Prime Video) - C:\Users\TG02-007\AppData\Roaming\Mozilla\Firefox\Profiles\3ubsekbl.default-release\Extensions\NetflixPrime@Autoskip.io.xpi [2026-03-20] FF Extension: (New Tab) - C:\Users\TG02-007\AppData\Roaming\Mozilla\Firefox\Profiles\3ubsekbl.default-release\Extensions\newtab@mozilla.org.xpi [2026-03-14] FF Extension: (New Tab Tools) - C:\Users\TG02-007\AppData\Roaming\Mozilla\Firefox\Profiles\3ubsekbl.default-release\Extensions\newtabtools@darktrojan.net.xpi [2024-02-05] FF Extension: (NordVPN) - C:\Users\TG02-007\AppData\Roaming\Mozilla\Firefox\Profiles\3ubsekbl.default-release\Extensions\nordvpnproxy@nordvpn.com.xpi [2026-02-12] FF Extension: (Discrub) - C:\Users\TG02-007\AppData\Roaming\Mozilla\Firefox\Profiles\3ubsekbl.default-release\Extensions\prathercc@gmail.com.xpi [2026-03-29] FF Extension: (SponsorBlock for YouTube - Skip Sponsorships) - C:\Users\TG02-007\AppData\Roaming\Mozilla\Firefox\Profiles\3ubsekbl.default-release\Extensions\sponsorBlocker@ajay.app.xpi [2025-12-17] FF Extension: (uBlock Origin) - C:\Users\TG02-007\AppData\Roaming\Mozilla\Firefox\Profiles\3ubsekbl.default-release\Extensions\uBlock0@raymondhill.net.xpi [2026-03-14] FF Extension: (Malwarebytes Browser Guard) - C:\Users\TG02-007\AppData\Roaming\Mozilla\Firefox\Profiles\3ubsekbl.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2026-03-29] FF Extension: (YouTube Anti Translate) - C:\Users\TG02-007\AppData\Roaming\Mozilla\Firefox\Profiles\3ubsekbl.default-release\Extensions\{458160b9-32eb-4f4c-87d1-89ad3bdeb9dc}.xpi [2025-09-12] FF Extension: (Popup Blocker Ultimate) - C:\Users\TG02-007\AppData\Roaming\Mozilla\Firefox\Profiles\3ubsekbl.default-release\Extensions\{60B7679C-BED9-11E5-998D-8526BB8E7F8B}.xpi [2024-01-06] FF Extension: (TTV LOL PRO) - C:\Users\TG02-007\AppData\Roaming\Mozilla\Firefox\Profiles\3ubsekbl.default-release\Extensions\{76ef94a4-e3d0-4c6f-961a-d38a429a332b}.xpi [2026-03-14] FF Extension: (Hide shorts for Youtube™) - C:\Users\TG02-007\AppData\Roaming\Mozilla\Firefox\Profiles\3ubsekbl.default-release\Extensions\{88ebde3a-4581-4c6b-8019-2a05a9e3e938}.xpi [2026-02-17] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2026-01-16] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File] FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-12-08] (Microsoft Corporation -> Microsoft Corporation) Edge: ======= Edge DefaultProfile: Profile 5 Edge Profile: C:\Users\TG02-007\AppData\Local\Microsoft\Edge\User Data\Profile 5 [2026-03-30] Edge Extension: (Google Docs Offline) - C:\Users\TG02-007\AppData\Local\Microsoft\Edge\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2026-03-24] Edge Extension: (Edge relevant text changes) - C:\Users\TG02-007\AppData\Local\Microsoft\Edge\User Data\Profile 5\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-11-12] Edge Extension: (uBlock Origin) - C:\Users\TG02-007\AppData\Local\Microsoft\Edge\User Data\Profile 5\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2026-03-11] Edge HKU\S-1-5-21-3061952332-3695074-208723314-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [fjoaledfpmneenckfbpdfhkmimnjocfa] Opera: ======= StartMenuInternet: (HKLM) Opera GXStable - C:\Program Files\Opera GX\opera.exe ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [1843392 2015-08-20] (Adobe Systems Incorporated -> Adobe Systems, Incorporated) R2 AzureAttestService; C:\Program Files\Microsoft\AzureAttestService\AzureAttestService.dll [152312 2019-08-19] (Microsoft Windows -> Microsoft Corporation) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [20311720 2026-03-14] (BattlEye Innovations e.K. -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13233464 2026-03-22] (Microsoft Corporation -> Microsoft Corporation) R2 dptftcs; C:\WINDOWS\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_191d9fb378307f35\ipfsvc.exe [557096 2023-06-23] (Intel Corporation -> Intel Corporation) S3 EAAntiCheatService; C:\Program Files\EA\AC\eaanticheat.gameservice.exe [154743544 2025-10-26] (Electronic Arts, Inc. -> Electronic Arts) S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [965416 2026-03-08] (EasyAntiCheat Oy -> Epic Games, Inc.) S3 EpicGamesUpdater; C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesUpdater.exe [3406264 2026-03-02] (Epic Games Inc. -> Epic Games, Inc.) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [1601952 2026-01-20] (Epic Games Inc. -> Epic Games, Inc.) S3 GalaxyClientService; \\?\C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2443312 2026-01-18] (GOG sp. z o.o -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7657008 2026-01-18] (GOG sp. z o.o -> GOG.com) R2 GameInputRedistService; C:\Program Files\Microsoft GameInput\x64\GameInputRedistService.exe [385960 2026-03-09] (Microsoft Corporation -> Windows (R) Win 7 DDK provider) R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [891256 2020-07-30] (HP Inc. -> HP Inc.) R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5c8ff28acd75bc32\x64\AppHelperCap.exe [911560 2026-02-23] (HP Inc. -> HP Inc.) R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5c8ff28acd75bc32\x64\DiagsCap.exe [909504 2026-02-23] (HP Inc. -> HP Inc.) R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5c8ff28acd75bc32\x64\NetworkCap.exe [905920 2026-02-23] (HP Inc. -> HP Inc.) R2 HPOmenCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_3c97e435117f8c16\x64\OmenCap\OmenCap.exe [755248 2024-10-25] (HP Inc. -> HP Inc.) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [244232 2026-01-16] (HP Inc. -> HP Inc.) R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5c8ff28acd75bc32\x64\SysInfoCap.exe [911040 2026-02-23] (HP Inc. -> HP Inc.) R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_ef460d1f2a35fc16\x64\TouchpointAnalyticsClientService.exe [639784 2025-10-01] (HP Inc. -> HP Inc.) R2 ID19 HP Fan Control Service; C:\Program Files\FanControlApp\FanControlApp.exe [283168 2020-04-29] (HON HAI PRECISION INDUSTRY CO.LTD. -> ) S2 Intel(R) Platform License Manager Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\PlatformLicenseManagerService.exe [741488 2023-12-14] (Intel Corporation -> Intel(R) Corporation) R2 ipfsvc; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_cf5beef3831571d4\ipf_uf.exe [2778760 2022-09-19] (Intel Corporation -> Intel Corporation) R2 logi_lamparray_service; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267\logi_lamparray_service.exe [9903656 2024-04-17] (Logitech Inc -> Logitech, Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [11420952 2026-03-29] (Malwarebytes Inc -> Malwarebytes) S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2026-03-29] (Malwarebytes Inc. -> Malwarebytes) S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26020.6-0\MpDefenderCoreService.exe [2088128 2026-03-26] (Microsoft Windows Publisher -> Microsoft Corporation) R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL16.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [722848 2022-10-08] (Microsoft Corporation -> Microsoft Corporation) R2 mudrun_service; C:\Program Files (x86)\Mudfish Cloud VPN\mudrun_service.exe [989136 2024-09-10] (Mudfish Networks -> ) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_62514a5ce7cb3484\Display.NvContainer\NVDisplay.Container.exe [1702632 2026-03-18] (NVIDIA Corporation -> NVIDIA Corporation) S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2399560 2026-03-23] (Overwolf Ltd -> Overwolf LTD) S3 ProtonVPN Service; C:\Program Files\Proton\VPN\v3.2.10\ProtonVPNService.exe [474824 2024-02-01] (Proton AG -> ProtonVPN) S3 ProtonVPN WireGuard; C:\Program Files\Proton\VPN\v3.2.10\ProtonVPN.WireGuardService.exe [474312 2024-02-01] (Proton AG -> ProtonVPN) R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1884808 2025-05-28] (Razer USA Ltd. -> Razer Inc.) R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [249480 2025-05-27] (Razer USA Ltd. -> Razer Inc.) R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1268176 2024-07-18] (Razer USA Ltd. -> Razer Inc.) R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256256 2024-10-15] (Razer USA Ltd. -> Razer Inc) R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [300232 2025-07-15] (Razer USA Ltd. -> Razer Inc.) S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1565304 2025-12-24] (Rockstar Games, Inc. -> Rockstar Games) R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [513672 2025-04-28] (Razer USA Ltd. -> Razer Inc.) S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL16.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [726952 2022-10-08] (Microsoft Corporation -> Microsoft Corporation) R2 SQLTELEMETRY$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL16.SQLEXPRESS\MSSQL\Binn\sqlceip.exe [300968 2022-10-08] (Microsoft Corporation -> Microsoft Corporation) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [21242680 2024-03-05] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 ucldr_ChaosZeroNightmare_GL; C:\Program Files\Common Files\Wellbia.com\ucldr_ChaosZeroNightmare_GL.exe [7022432 2025-11-02] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) S3 UpcElevationService; C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher Core\UpcElevationService.exe [351928 2026-01-09] (UBISOFT ENTERTAINMENT INC. -> Ubisoft) R2 VMAuthdService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [77176 2024-10-03] (Broadcom Inc -> VMware, Inc.) R2 VMnetDHCP; C:\WINDOWS\SysWOW64\vmnetdhcp.exe [373112 2024-10-03] (Broadcom Inc -> VMware, Inc.) R2 VMUSBArbService; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [1009112 2024-07-18] (Broadcom Inc -> VMware, Inc.) R2 VMware NAT Service; C:\WINDOWS\SysWOW64\vmnat.exe [420216 2024-10-03] (Broadcom Inc -> VMware, Inc.) S3 VmwareAutostartService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-autostart.exe [64888 2024-10-03] (Broadcom Inc -> ) R2 Wallpaper Engine Service; D:\SteamLibrary\steamapps\common\wallpaper_engine\wallpaper64.exe [4649456 2026-01-18] (Skutta Software GmbH -> ) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26020.6-0\NisSrv.exe [4451664 2026-03-26] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.26020.6-0\MsMpEng.exe [290704 2026-03-26] (Microsoft Windows Publisher -> Microsoft Corporation) S3 XD Client Service; C:\Program Files (x86)\XD_GAME\public\service.exe [X] ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [394176 2024-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Bluestack System Inc.) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae.sys [159296 2026-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R2 hcmon; C:\WINDOWS\system32\DRIVERS\hcmon.sys [72144 2024-07-18] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.) S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [43160 2026-03-30] (Microsoft Windows Hardware Compatibility Publisher -> ) S3 HoYoProtect; C:\WINDOWS\system32\HoYoKProtect.sys [3847832 2025-03-12] (Microsoft Windows Hardware Compatibility Publisher -> miHoYo) R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1421dec2010cc057\x64\hpcustomcapdriver.sys [18984 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.) R3 HPOmenCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_7a1ef17ecb1f36ce\x64\hpomencustomcapdriver.sys [24968 2024-07-12] (HP Inc. -> HP Inc.) R2 HpReadHWData; C:\WINDOWS\system32\drivers\HpReadHWData.sys [60072 2026-02-03] (HP Inc. -> Windows (R) Win 7 DDK provider) R0 iaStorVD; C:\WINDOWS\System32\drivers\iaStorVD.sys [1605320 2022-12-23] (Intel Corporation -> Intel Corporation) R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_04d4eecc5838a558\gna.sys [88784 2022-08-10] (Intel Corporation -> Intel Corporation) R3 ipf_acpi; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_acpi.inf_amd64_cf69bf74fab8a0f5\ipf_acpi.sys [87176 2022-09-19] (Intel Corporation -> Intel Corporation) R3 ipf_cpu; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_cf5beef3831571d4\ipf_cpu.sys [80520 2022-09-19] (Intel Corporation -> Intel Corporation) R3 ipf_lf; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_cf5beef3831571d4\ipf_lf.sys [443528 2022-09-19] (Intel Corporation -> Intel Corporation) S3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [82352 2026-02-10] (Microsoft Windows -> Microsoft Corporation) R3 logi_lamparray; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_cdf3ca3c77d5f267\logi_lamparray.sys [98864 2024-04-17] (Logitech Inc -> Logitech, Inc.) R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234600 2026-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2026-03-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\Drivers\farflt11.sys [214632 2026-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\System32\Drivers\mbam.sys [81000 2026-03-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [245864 2026-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [190096 2026-03-30] (Malwarebytes Inc -> Malwarebytes) S3 MUDWFP; C:\WINDOWS\system32\DRIVERS\MUDWFP.sys [37928 2024-03-17] (Microsoft Windows Hardware Compatibility Publisher -> ) S3 ovpn-dco; C:\WINDOWS\System32\drivers\ovpn-dco.sys [101008 2026-01-07] (WDKTestCert lev,133391533294737317 -> OpenVPN, Inc) S3 ProtonVPNCallout; C:\Program Files\Proton\VPN\v3.2.10\Resources\ProtonVPN.CalloutDriver.sys [34176 2023-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG) S4 RsFx0700; C:\WINDOWS\System32\DRIVERS\RsFx0700.sys [298392 2022-10-08] (Microsoft Corporation -> Microsoft Corporation) R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [67496 2023-03-23] (Realtek Semiconductor Corp. -> Realtek) S3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc) S3 RzDev_0067; C:\WINDOWS\System32\drivers\RzDev_0067.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc) R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [31232 2021-12-07] (OpenVPN Technologies, Inc. -> The OpenVPN Project) R1 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [249400 2022-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Nefarius Software Solutions e.U.) R0 vmci; C:\WINDOWS\System32\drivers\vmci.sys [106424 2024-07-17] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Inc.) R3 VMnetAdapter; C:\WINDOWS\System32\drivers\vmnetadapter.sys [31288 2024-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Inc.) R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [53704 2024-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Inc.) R2 VMnetuserif; C:\WINDOWS\system32\DRIVERS\vmnetuserif.sys [30664 2024-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Inc.) S3 vmusb; C:\WINDOWS\System32\drivers\vmusb.sys [57296 2024-07-18] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.) R2 vmx86; C:\WINDOWS\system32\DRIVERS\vmx86.sys [100920 2024-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Inc.) R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [91176 2024-07-17] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [21888 2026-03-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [641416 2026-03-26] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [103816 2026-03-26] (Microsoft Windows -> Microsoft Corporation) S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2024-03-15] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) S3 xhunter1; C:\WINDOWS\xhunter1.sys [194448 2025-12-05] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) U3 aspnet_state; no ImagePath S3 EAAntiCheat; system32\drivers\eaanticheat.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2026-03-30 13:21 - 2026-03-30 13:21 - 000047323 _____ C:\Users\TG02-007\Downloads\FRST.txt 2026-03-30 13:21 - 2026-03-30 13:21 - 000000000 ____D C:\FRST 2026-03-30 13:20 - 2026-03-30 13:20 - 002445824 _____ (Farbar) C:\Users\TG02-007\Downloads\FRST64.exe 2026-03-30 13:16 - 2026-03-30 13:16 - 000190096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2026-03-30 13:16 - 2026-03-30 13:16 - 000000000 ____D C:\Users\TG02-007\AppData\LocalLow\IGDump 2026-03-30 07:42 - 2026-03-30 07:42 - 000899978 _____ C:\WINDOWS\system32\perfh010.dat 2026-03-30 07:42 - 2026-03-30 07:42 - 000203048 _____ C:\WINDOWS\system32\perfc010.dat 2026-03-30 07:16 - 2026-03-30 07:17 - 000000000 ____D C:\AdwCleaner 2026-03-30 06:52 - 2026-03-30 06:52 - 000000000 ____D C:\Program Files\HitmanPro 2026-03-30 06:42 - 2026-03-30 06:49 - 000000000 ____D C:\ProgramData\HitmanPro 2026-03-30 06:41 - 2026-03-30 06:42 - 014701656 _____ (Sophos B.V.) C:\Users\TG02-007\Downloads\HitmanPro_x64.exe 2026-03-30 06:18 - 2026-03-30 06:18 - 000255400 _____ (360.cn) C:\ProgramData\StreamA32.exe 2026-03-30 06:18 - 2026-03-30 06:18 - 000000000 ____D C:\Users\Default\AppData\Local\Malwarebytes 2026-03-29 18:35 - 2026-03-29 18:51 - 000002100 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2026-03-29 18:35 - 2026-03-29 18:50 - 000000000 ____D C:\ProgramData\Malwarebytes 2026-03-29 18:35 - 2026-03-29 18:50 - 000000000 ____D C:\Program Files\Malwarebytes 2026-03-29 18:35 - 2026-03-29 18:35 - 000000000 ____D C:\Users\TG02-007\AppData\Local\mbam 2026-03-29 18:33 - 2026-03-29 18:34 - 280372224 _____ (Malwarebytes) C:\Users\TG02-007\Downloads\mb4-setup-consumer-4.6.17.334-1.0.2390-1.0.99165.exe 2026-03-29 18:31 - 2026-03-29 18:31 - 000000000 ____D C:\WINDOWS\LastGood 2026-03-29 18:25 - 2026-03-18 08:48 - 002421296 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2026-03-29 18:25 - 2026-03-18 08:48 - 002421296 _____ C:\WINDOWS\system32\vulkaninfo.exe 2026-03-29 18:25 - 2026-03-18 08:48 - 001923120 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2026-03-29 18:25 - 2026-03-18 08:48 - 001923120 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2026-03-29 18:25 - 2026-03-18 08:48 - 001625648 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2026-03-29 18:25 - 2026-03-18 08:48 - 001625648 _____ C:\WINDOWS\system32\vulkan-1.dll 2026-03-29 18:25 - 2026-03-18 08:48 - 001434672 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2026-03-29 18:25 - 2026-03-18 08:48 - 001434672 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2026-03-29 18:25 - 2026-03-18 08:48 - 000478952 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2026-03-29 18:25 - 2026-03-18 08:48 - 000375016 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2026-03-29 18:25 - 2026-03-18 08:45 - 001385704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2026-03-29 18:25 - 2026-03-18 08:45 - 000675048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll 2026-03-29 18:25 - 2026-03-18 08:45 - 000509160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll 2026-03-29 18:25 - 2026-03-18 08:44 - 105722088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2026-03-29 18:25 - 2026-03-18 08:44 - 028057832 _____ C:\WINDOWS\system32\nvidia-pcc.exe 2026-03-29 18:25 - 2026-03-18 08:44 - 002328296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2026-03-29 18:25 - 2026-03-18 08:44 - 001724136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2026-03-29 18:25 - 2026-03-18 08:44 - 001621224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2026-03-29 18:25 - 2026-03-18 08:44 - 001583336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2026-03-29 18:25 - 2026-03-18 08:44 - 001231592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2026-03-29 18:25 - 2026-03-18 08:44 - 001064680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2026-03-29 18:25 - 2026-03-18 08:44 - 000820456 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2026-03-29 18:25 - 2026-03-18 08:43 - 029136616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2026-03-29 18:25 - 2026-03-18 08:43 - 021713128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2026-03-29 18:25 - 2026-03-18 08:43 - 000469736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2026-03-29 18:25 - 2026-03-18 08:42 - 008441064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2026-03-29 18:25 - 2026-03-18 08:42 - 005925096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2026-03-29 18:25 - 2026-03-18 08:42 - 005674216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll 2026-03-29 18:25 - 2026-03-18 08:42 - 005516480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2026-03-29 18:25 - 2026-03-18 08:42 - 005011440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2026-03-29 18:25 - 2026-03-18 08:42 - 004466920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2026-03-29 18:25 - 2026-03-18 08:42 - 000853736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2026-03-29 18:25 - 2026-03-18 01:37 - 000162186 _____ C:\WINDOWS\system32\nvinfo.pb 2026-03-29 17:22 - 2026-03-30 09:45 - 000000000 ____D C:\Users\TG02-007\AppData\Local\Malwarebytes 2026-03-29 17:20 - 2026-03-29 17:20 - 002848568 _____ (Malwarebytes) C:\Users\TG02-007\Downloads\MBSetup.exe 2026-03-29 15:46 - 2026-03-29 15:46 - 000003336 _____ C:\Users\TG02-007\Downloads\ALL Dye Vendor(P1 AND P2)-301-2-1774780940.zip 2026-03-29 15:43 - 2026-03-29 15:46 - 000000000 ____D C:\Users\TG02-007\OneDrive\Desktop\CD JSON Mod Manager 2026-03-29 15:43 - 2026-03-29 15:43 - 000001882 _____ C:\Users\TG02-007\Downloads\NPC Trust Gain-350--33-1774786573.zip 2026-03-29 15:42 - 2026-03-29 15:43 - 065159440 _____ C:\Users\TG02-007\Downloads\CD JSON Mod Manager V7.5.2-113-7-5-2-1774776938.zip 2026-03-29 15:04 - 2026-03-29 15:04 - 000000000 ____D C:\Users\TG02-007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 2026-03-29 15:04 - 2026-03-29 15:04 - 000000000 ____D C:\Users\TG02-007\AppData\Local\Python 2026-03-29 15:04 - 2026-03-29 15:04 - 000000000 ____D C:\Users\TG02-007\AppData\Local\pip 2026-03-29 15:03 - 2026-03-29 15:03 - 046229451 _____ C:\Users\TG02-007\Downloads\python-manager-26.0.msix 2026-03-29 14:46 - 2026-03-29 14:30 - 000028144 _____ C:\Users\TG02-007\OneDrive\Desktop\patch_inventory.py 2026-03-29 14:46 - 2026-03-29 14:30 - 000000868 _____ C:\Users\TG02-007\OneDrive\Desktop\CDInventoryExpander.bat 2026-03-29 14:12 - 2026-03-30 09:56 - 000000000 ____D C:\Users\TG02-007\AppData\Local\cdumm 2026-03-29 14:11 - 2026-03-30 08:54 - 054485512 _____ C:\Users\TG02-007\OneDrive\Desktop\CD Ultimate Mods Manager v1.0.8-207-8-1774763534.exe 2026-03-29 14:09 - 2026-03-29 14:09 - 000008221 _____ C:\Users\TG02-007\Downloads\CDInventoryExpander V2.0.1-56-2-1774784880.zip 2026-03-29 12:11 - 2026-03-29 12:11 - 000000000 ____D C:\ProgramData\Lupa 2026-03-29 09:38 - 2026-03-29 09:38 - 000000000 ____D C:\Users\TG02-007\AppData\Local\Yandex 2026-03-29 09:37 - 2026-03-30 13:16 - 000000000 ____D C:\ProgramData\MgrMaintain 2026-03-29 09:37 - 2026-03-30 08:34 - 000000000 ____D C:\Users\TG02-007\gw.exe 2026-03-29 09:37 - 2026-03-30 08:34 - 000000000 ____D C:\Users\TG02-007\AppData\Roaming\Fofezayu 2026-03-29 09:37 - 2026-03-29 09:37 - 000000000 ____D C:\Users\TG02-007\AppData\Roaming\MgrMaintain 2026-03-29 09:36 - 2026-03-29 09:36 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem 2026-03-29 09:32 - 2026-03-29 09:32 - 000000000 ____D C:\Users\TG02-007\AppData\Roaming\RenPy 2026-03-29 09:31 - 2026-03-30 08:34 - 000000000 ____D C:\Users\TG02-007\Downloads\new 2026-03-28 20:14 - 2026-03-28 20:14 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2026-03-27 14:18 - 2026-03-27 14:18 - 000000000 ____D C:\WINDOWS\system32\Tasks\SoftLanding 2026-03-27 07:43 - 2026-03-27 07:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2026-03-26 20:54 - 2026-03-26 20:55 - 087064810 _____ C:\Users\TG02-007\OneDrive\Desktop\clip_1,774,551,275,141.mp4 2026-03-26 16:50 - 2026-03-27 14:18 - 000000000 ____D C:\Program Files\Mozilla Firefox 2026-03-26 07:15 - 2026-03-26 07:15 - 000002358 _____ C:\Users\TG02-007\Downloads\CDInventoryExpander_v1.3-56-1-3-1774234099.zip 2026-03-25 10:21 - 2026-03-25 10:21 - 032581791 _____ C:\Users\TG02-007\Downloads\OptiScaler_0.7.9.7z 2026-03-25 10:20 - 2026-03-25 10:20 - 005543232 _____ C:\Users\TG02-007\Downloads\DLSSwFSRGrtx20-30-37-1-0-1774105215.zip 2026-03-25 10:05 - 2026-03-30 09:00 - 000000000 ____D C:\Users\TG02-007\AppData\Local\Pearl Abyss 2026-03-24 13:37 - 2026-03-24 13:37 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2026-03-24 13:33 - 2026-03-05 06:46 - 000127208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2026-03-23 09:23 - 2026-03-23 09:23 - 013745154 _____ C:\Users\TG02-007\Downloads\RE9.zip 2026-03-22 18:56 - 2026-03-30 09:35 - 000000000 ____D C:\WINDOWS\CbsTemp 2026-03-22 11:11 - 2026-03-22 11:11 - 000000000 ____D C:\Users\TG02-007\AppData\Local\DEATH STRANDING 2 - ON THE BEACH 2026-03-22 11:10 - 2026-03-22 11:10 - 000000000 ____D C:\Users\TG02-007\OneDrive\Documenti\DEATH STRANDING 2 - ON THE BEACH 2026-03-22 11:10 - 2026-03-22 11:10 - 000000000 ____D C:\Users\TG02-007\AppData\Roaming\KOJIMA PRODUCTIONS 2026-03-20 08:17 - 2026-03-20 08:17 - 000000000 ____D C:\Program Files\Microsoft GameInput 2026-03-19 15:27 - 2026-03-19 15:27 - 000000000 ____D C:\Users\TG02-007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CapCut 2026-03-19 07:19 - 2026-03-19 07:19 - 000000000 ____D C:\Users\TG02-007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stremio 2026-03-15 16:40 - 2026-03-30 09:53 - 000000000 ____D C:\Users\TG02-007\OneDrive\Desktop\ss 2026-03-15 11:46 - 2026-03-15 11:52 - 000000000 ____D C:\common_attachment 2026-03-14 09:30 - 2026-03-14 09:30 - 000000000 ____D C:\Users\TG02-007\AppData\Local\Bytedance 2026-03-14 09:28 - 2026-03-14 09:28 - 000000000 ____D C:\Users\TG02-007\AppData\Local\VEDetector 2026-03-14 09:27 - 2026-03-14 20:30 - 000000000 ____D C:\Users\TG02-007\AppData\Local\CapCut 2026-03-14 05:43 - 2026-03-14 05:43 - 000000000 ____D C:\Users\TG02-007\AppData\Roaming\Bungie 2026-03-13 13:04 - 2026-03-13 13:04 - 000000000 ____D C:\Users\TG02-007\AppData\Local\SevGame 2026-03-10 23:40 - 2026-03-10 23:40 - 000083946 _____ C:\WINDOWS\SysWOW64\ctac.json 2026-03-10 23:40 - 2026-03-10 23:40 - 000083946 _____ C:\WINDOWS\system32\ctac.json 2026-03-10 23:40 - 2026-03-10 23:40 - 000036382 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json 2026-03-10 23:40 - 2026-03-10 23:40 - 000036382 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2026-03-06 21:55 - 2026-03-21 22:14 - 000453064 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_d.dll.0 2026-03-02 15:58 - 2026-03-02 15:58 - 000000000 ____D C:\Users\Default\AppData\Local\UnrealEngine ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2026-03-30 13:21 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp 2026-03-30 13:20 - 2023-12-28 14:17 - 000000000 ____D C:\Program Files (x86)\Steam 2026-03-30 13:18 - 2023-12-28 14:36 - 000000000 ___HD C:\Users\TG02-007\AppData\Local\Discord 2026-03-30 13:18 - 2023-12-28 14:36 - 000000000 ____D C:\Users\TG02-007\AppData\Roaming\discord 2026-03-30 13:17 - 2024-01-07 22:03 - 000000000 ____D C:\Users\TG02-007\AppData\Local\OGH 2026-03-30 13:17 - 2024-01-06 15:24 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2026-03-30 13:16 - 2024-12-04 17:37 - 000130670 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2 2026-03-30 13:16 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness 2026-03-30 13:16 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2026-03-30 13:16 - 2024-01-05 13:31 - 000000000 ___HD C:\Users\TG02-007\AppData\Local\CrashDumps 2026-03-30 13:15 - 2025-03-05 16:33 - 000000000 ____D C:\Program Files\TeamViewer 2026-03-30 13:15 - 2025-03-03 16:37 - 000000000 ____D C:\ProgramData\VMware 2026-03-30 13:15 - 2024-12-04 17:39 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2026-03-30 13:15 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ServiceState 2026-03-30 13:15 - 2023-11-20 17:19 - 000012288 ___SH C:\DumpStack.log.tmp 2026-03-30 13:15 - 2023-11-20 17:19 - 000000000 ____D C:\ProgramData\NVIDIA 2026-03-30 09:56 - 2024-04-01 09:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2026-03-30 08:34 - 2024-09-12 16:05 - 000000000 ____D C:\Users\TG02-007\AppData\Local\XIVLauncher 2026-03-30 08:34 - 2023-11-20 17:19 - 000000000 ____D C:\ProgramData\HP 2026-03-30 08:34 - 2022-08-28 23:26 - 000000000 ___HD C:\hp 2026-03-30 08:34 - 2022-08-28 22:16 - 000000000 ____D C:\Program Files\HPCommRecovery 2026-03-30 08:33 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps 2026-03-30 08:30 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\registration 2026-03-30 07:42 - 2024-12-04 17:41 - 002174374 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2026-03-30 07:42 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF 2026-03-30 07:35 - 2024-12-04 16:22 - 000000000 ____D C:\Users\TG02-007 2026-03-30 07:17 - 2023-11-21 12:31 - 000000000 ____D C:\Users\TG02-007\AppData\Roaming\Hewlett-Packard 2026-03-30 06:29 - 2025-05-28 08:31 - 000000000 ____D C:\Users\TG02-007\AppData\Roaming\Notepad++ 2026-03-29 20:55 - 2024-05-22 02:03 - 000000000 ____D C:\Users\TG02-007\AppData\Local\Ubisoft Game Launcher 2026-03-29 19:21 - 2023-11-21 12:16 - 000000000 ____D C:\Users\TG02-007\AppData\Local\NVIDIA 2026-03-29 18:35 - 2024-04-01 09:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2026-03-29 17:57 - 2023-12-28 14:18 - 000000000 ____D C:\Users\TG02-007\AppData\Local\Steam 2026-03-29 17:32 - 2024-04-07 21:57 - 000000000 ____D C:\Users\TG02-007\AppData\Roaming\Microsoft\Reaper 2026-03-29 17:32 - 2024-01-17 13:48 - 000000000 ____D C:\Users\TG02-007\OneDrive\Desktop\games 2026-03-29 17:21 - 2023-11-21 12:15 - 000000000 ____D C:\Users\TG02-007\AppData\Local\Packages 2026-03-29 17:21 - 2021-06-25 20:11 - 000000000 ____D C:\ProgramData\Packages 2026-03-29 10:18 - 2024-01-10 17:13 - 000000000 ____D C:\Users\TG02-007\AppData\Roaming\qBittorrent 2026-03-28 20:14 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2026-03-28 20:14 - 2022-08-28 22:16 - 000000000 ____D C:\Program Files\Microsoft Office 2026-03-28 20:09 - 2023-11-20 17:19 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2026-03-28 07:53 - 2023-11-21 02:18 - 000000000 ____D C:\Program Files\HP 2026-03-27 14:18 - 2024-01-06 15:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2026-03-27 07:43 - 2024-01-06 15:24 - 000001072 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2026-03-26 18:09 - 2023-11-21 12:15 - 000000000 ___HD C:\Users\TG02-007\AppData\Local\D3DSCache 2026-03-26 07:43 - 2024-05-16 05:07 - 000000000 ____D C:\Users\TG02-007\AppData\Roaming\WeMod 2026-03-26 06:07 - 2025-11-04 12:35 - 000001259 _____ C:\Users\TG02-007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wand (WeMod).lnk 2026-03-26 06:07 - 2024-06-20 01:45 - 000000000 ____D C:\Users\TG02-007\AppData\Local\WeMod 2026-03-26 06:07 - 2023-12-28 14:36 - 000000000 ____D C:\Users\TG02-007\AppData\Local\SquirrelTemp 2026-03-26 05:26 - 2024-12-17 16:20 - 000000000 ____D C:\Users\TG02-007\AppData\Local\Warframe 2026-03-26 05:05 - 2023-11-20 17:19 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2026-03-25 10:03 - 2023-12-28 13:47 - 000000000 ____D C:\Program Files\Opera GX 2026-03-25 08:32 - 2023-11-21 12:15 - 000000000 ___SD C:\Users\TG02-007\AppData\Roaming\Microsoft\Credentials 2026-03-24 22:39 - 2024-01-05 13:22 - 000000000 ____D C:\Users\TG02-007\OneDrive\Desktop\stuff 2026-03-24 22:00 - 2026-02-06 14:00 - 000000000 ____D C:\Program Files (x86)\Overwolf 2026-03-24 15:54 - 2024-01-08 19:47 - 000000000 ____D C:\Users\TG02-007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2026-03-24 13:37 - 2024-01-06 17:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation 2026-03-24 13:20 - 2024-12-04 17:39 - 000003834 _____ C:\WINDOWS\system32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2026-03-24 13:20 - 2024-01-05 14:00 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2026-03-24 12:00 - 2025-02-06 21:58 - 000003558 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-3061952332-3695074-208723314-1001 2026-03-24 12:00 - 2024-12-04 17:39 - 000003576 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3061952332-3695074-208723314-1001 2026-03-24 12:00 - 2024-12-04 17:39 - 000003358 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3061952332-3695074-208723314-1001 2026-03-24 12:00 - 2023-11-21 12:17 - 000002391 _____ C:\Users\TG02-007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2026-03-23 12:36 - 2024-12-04 17:39 - 000004222 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled assistant Autoupdate 1704453733 2026-03-23 12:36 - 2024-12-04 17:39 - 000004004 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1703764074 2026-03-23 12:36 - 2023-12-28 13:47 - 000001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera GX Browser .lnk 2026-03-22 21:12 - 2024-12-04 17:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2026-03-22 13:17 - 2025-02-08 20:53 - 000000000 ____D C:\WINDOWS\Minidump 2026-03-22 13:17 - 2023-10-16 12:34 - 183314887 ____N C:\WINDOWS\Minidump\032226-7312-01.dmp 2026-03-21 22:14 - 2023-12-28 14:23 - 004590024 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll 2026-03-21 22:14 - 2023-12-28 14:23 - 000911816 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll 2026-03-21 22:14 - 2023-12-28 14:23 - 000289224 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll 2026-03-21 22:14 - 2023-12-28 14:23 - 000260552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll 2026-03-21 22:14 - 2023-12-28 14:23 - 000166344 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll 2026-03-21 22:14 - 2023-12-28 14:23 - 000154056 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe 2026-03-21 22:14 - 2023-12-28 14:23 - 000084424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe 2026-03-20 20:56 - 2024-06-19 20:20 - 000000000 ____D C:\Users\TG02-007\AppData\Roaming\vlc 2026-03-19 07:18 - 2025-03-05 13:20 - 000004462 _____ C:\WINDOWS\system32\Tasks\OmenInstallMonitorCustomEvent-sid-S-1-5-21-3061952332-3695074-208723314-1001 2026-03-19 07:18 - 2025-03-05 13:20 - 000004058 _____ C:\WINDOWS\system32\Tasks\OmenInstallMonitor-sid-S-1-5-21-3061952332-3695074-208723314-1001 2026-03-19 07:17 - 2025-03-05 13:20 - 000004404 _____ C:\WINDOWS\system32\Tasks\OmenOverlayCustomEvent-sid-S-1-5-21-3061952332-3695074-208723314-1001 2026-03-19 07:17 - 2025-03-05 13:20 - 000004000 _____ C:\WINDOWS\system32\Tasks\OmenOverlay-sid-S-1-5-21-3061952332-3695074-208723314-1001 2026-03-19 07:16 - 2025-03-05 13:19 - 000004440 _____ C:\WINDOWS\system32\Tasks\SystemOptimizerCustomEvent-sid-S-1-5-21-3061952332-3695074-208723314-1001 2026-03-19 07:16 - 2025-03-05 13:19 - 000004038 _____ C:\WINDOWS\system32\Tasks\SystemOptimizer-sid-S-1-5-21-3061952332-3695074-208723314-1001 2026-03-19 07:16 - 2023-12-28 13:58 - 000000000 ___HD C:\Users\TG02-007\AppData\Local\HP_Inc 2026-03-17 22:32 - 2026-01-27 20:57 - 000000000 ____D C:\ProgramData\PackerCrashCanary 2026-03-17 22:22 - 2025-08-05 12:54 - 000000000 ____D C:\ProgramData\Packer 2026-03-17 22:22 - 2024-06-20 01:16 - 000000000 ____D C:\Users\TG02-007\AppData\Roaming\EasyAntiCheat 2026-03-15 16:28 - 2025-10-15 07:57 - 000000000 ____D C:\ProgramData\Whesvc 2026-03-14 05:42 - 2024-01-15 01:55 - 000000000 ___HD C:\Users\TG02-007\AppData\Local\BattlEye 2026-03-13 13:22 - 2025-04-25 13:05 - 000002164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\PlayStation® Accessories.lnk 2026-03-13 13:21 - 2024-01-05 23:22 - 000000000 ____D C:\Program Files\dotnet 2026-03-13 13:21 - 2022-08-28 22:35 - 000000000 ____D C:\ProgramData\Package Cache 2026-03-13 13:04 - 2024-01-06 03:03 - 000000000 ____D C:\Users\TG02-007\AppData\Local\UnrealEngine 2026-03-11 15:50 - 2026-01-24 12:53 - 000632560 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2026-03-11 15:49 - 2024-12-04 16:20 - 000000000 ____D C:\WINDOWS\InboxApps 2026-03-11 15:49 - 2024-04-01 18:40 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView 2026-03-11 15:49 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\F12 2026-03-11 15:49 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2026-03-11 15:49 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS 2026-03-11 15:49 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2026-03-11 15:49 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2026-03-11 15:49 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2026-03-11 15:49 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2026-03-11 15:49 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources 2026-03-11 15:49 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2026-03-11 15:49 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2026-03-11 15:49 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup 2026-03-11 15:49 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2026-03-11 15:49 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe 2026-03-11 15:49 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\migwiz 2026-03-11 15:49 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism 2026-03-11 15:49 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser 2026-03-11 15:49 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences 2026-03-11 15:49 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents 2026-03-11 15:49 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\BrowserCore 2026-03-11 15:49 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr 2026-03-11 15:49 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\appcompat 2026-03-11 15:49 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing 2026-03-11 10:58 - 2024-04-01 09:26 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2026-03-11 10:58 - 2024-04-01 09:26 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2026-03-10 23:40 - 2024-12-04 17:39 - 003270144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2026-03-09 23:48 - 2025-09-23 22:33 - 001154472 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\GameInputRedist.dll 2026-03-09 23:48 - 2025-09-23 22:33 - 000013736 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\GameInputRedist.dll 2026-03-08 10:31 - 2024-01-15 01:55 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat_EOS 2026-03-07 21:03 - 2024-12-04 17:39 - 000003686 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2026-03-07 21:03 - 2024-12-04 17:39 - 000003560 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2026-03-02 15:58 - 2024-01-06 03:03 - 000000000 ____D C:\ProgramData\Epic ==================== Files in the root of some directories ======== 2024-08-19 19:10 - 2024-12-03 15:31 - 000000000 _____ () C:\ProgramData\sldh.dat 2026-03-30 06:18 - 2026-03-30 06:18 - 000255400 _____ (360.cn) C:\ProgramData\StreamA32.exe 2025-07-02 10:48 - 2025-07-02 10:48 - 000000024 _____ () C:\Users\TG02-007\AppData\Roaming\C23W6Vk43XTwu662.dat 2022-09-04 12:51 - 2022-09-04 12:51 - 000000024 _____ () C:\Users\TG02-007\AppData\Roaming\Microsoft\Update.txt 2024-12-09 09:59 - 2024-12-09 09:59 - 000000048 ____R () C:\Users\TG02-007\AppData\Local\6E5DB14CBCBF1802671DBC4CF4A16DE7 2025-11-15 05:56 - 2025-11-15 05:56 - 000000048 ____R () C:\Users\TG02-007\AppData\Local\7CFC0A8D2AB49DD279CC580FDB000897 2024-02-02 17:36 - 2024-02-02 17:36 - 000006366 ____H () C:\Users\TG02-007\AppData\Local\91477623837 2024-01-05 13:36 - 2024-01-06 00:10 - 000005350 ____H () C:\Users\TG02-007\AppData\Local\91547068486 2024-01-09 05:01 - 2024-01-09 05:01 - 000005374 ____H () C:\Users\TG02-007\AppData\Local\91887170374 2024-01-06 13:30 - 2024-01-06 13:30 - 000005534 ____H () C:\Users\TG02-007\AppData\Local\92056688834 2025-07-20 23:34 - 2025-07-20 23:34 - 000008342 _____ () C:\Users\TG02-007\AppData\Local\kdenlive-layoutsrc 2025-07-20 23:34 - 2026-01-23 18:56 - 000003180 _____ () C:\Users\TG02-007\AppData\Local\kdenliverc 2024-01-05 19:02 - 2024-01-06 03:19 - 000007597 ____H () C:\Users\TG02-007\AppData\Local\Resmon.ResmonCfg 2025-07-20 23:34 - 2025-07-20 23:34 - 000004791 _____ () C:\Users\TG02-007\AppData\Local\user-places.xbel 2025-07-20 23:34 - 2025-07-20 23:34 - 000000000 _____ () C:\Users\TG02-007\AppData\Local\user-places.xbel.tbcache ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ======================== Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-03-2026 Ran by TG02-007 (30-03-2026 13:22:25) Running from C:\Users\TG02-007\Downloads Microsoft Windows 11 Home Version 25H2 26200.8037 (X64) (2024-12-04 15:39:16) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= (If an entry is included in the fixlist, it will be removed.) Administrator (S-1-5-21-3061952332-3695074-208723314-500 - Administrators - Disabled) DefaultAccount (S-1-5-21-3061952332-3695074-208723314-503 - Limited - Disabled) Guest (S-1-5-21-3061952332-3695074-208723314-501 - Limited - Disabled) TG02-007 (S-1-5-21-3061952332-3695074-208723314-1001 - Administrators - Enabled) => C:\Users\TG02-007 WDAGUtilityAccount (S-1-5-21-3061952332-3695074-208723314-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Malwarebytes (Enabled - Up to date) {A537353A-1D6A-F6B5-9153-CE1CF80FBE66} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 25.01 (x64) (HKLM\...\7-Zip) (Version: 25.01 - Igor Pavlov) AlecaFrame (HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\Overwolf_afmcagbpgggkpdkokjhjkllpegnadmkignlonpjm) (Version: 2.6.82 - Overwolf app) AULA F75 Max Gasket Mechanical Keyboard version 1.0.0.1 (HKLM-x32\...\{CAA6DFE3-8948-7523-DD4F-F280C51470VN}_is1) (Version: 1.0.0.1 - ) BlueStacks (HKLM\...\BlueStacks_nxt) (Version: 5.21.580.1019 - now.gg, Inc.) BlueStacks Services (HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\BlueStacksServices) (Version: 3.0.9 - now.gg, Inc.) Browser for SQL Server 2022 (HKLM-x32\...\{FDB357D5-CC78-480A-8D26-C15D1A877642}) (Version: 16.0.1000.6 - Microsoft Corporation) Bye Sweet Carole (HKLM-x32\...\Bye Sweet Carole_is1) (Version: - ) CapCut (HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\CapCut) (Version: 8.3.0.3497 - Bytedance Pte. Ltd.) CertsUpdater version 1.5 (HKLM-x32\...\{90DE7E86-6F5A-4125-9EC5-D95093C80093}_is1) (Version: 1.5 - Saber Interactive Inc.) Cheat Engine 7.6 (HKLM\...\Cheat Engine_is1) (Version: - Cheat Engine) DEATH STRANDING 2 (HKLM-x32\...\DEATH STRANDING 2_is1) (Version: - ) Discord (HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\Discord) (Version: 1.0.9230 - Discord Inc.) DiskMax 7.29 (HKLM\...\DiskMax) (Version: 7.29 - KoshyJohn.com) Epic Games Launcher (HKLM-x32\...\{B85FAA6E-A9AA-4655-9029-E1A4EDC05E1A}) (Version: 1.3.93.0 - Epic Games, Inc.) Epic Online Services (HKLM-x32\...\{6730F587-C259-4C4C-A527-F7FF31D970F8}) (Version: 4.2.1 - Epic Games, Inc.) GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 2.0.93.55 - GOG.com) HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.19.0 - HP) HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.) Integration Services (HKLM-x32\...\{C33A075E-FA96-4D75-AC9A-BF4CB73A28C2}) (Version: 16.0.5491.7 - Microsoft Corporation) Hidden kdenlive (HKLM-x32\...\kdenlive) (Version: 25.04.3 - KDE e.V.) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Life is Strange: Double Exposure (HKLM-x32\...\Life is Strange: Double Exposure_is1) (Version: - ) Malwarebytes version 5.5.2.242 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.5.2.242 - Malwarebytes) Microsoft .NET Host - 6.0.36 (x64) (HKLM\...\{D6932D97-36F1-40B8-9CDC-CA8365B21000}) (Version: 48.144.23141 - Microsoft Corporation) Hidden Microsoft .NET Host - 8.0.19 (x64) (HKLM\...\{B84443A1-BE1B-4C5E-B834-E12133604B12}) (Version: 64.76.37566 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.36 (x64) (HKLM\...\{A9E32B25-994B-4856-A12B-0EBED3050410}) (Version: 48.144.23141 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 8.0.0 (x64) (HKLM\...\{3A706840-2882-423C-90EB-B31545E2BC7A}) (Version: 64.0.4211 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 8.0.16 (x64) (HKLM\...\{D6A5E142-D69D-44D0-A004-5FF6108E7A7F}) (Version: 64.64.32758 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 8.0.19 (x64) (HKLM\...\{69A17DA9-300A-49B9-97F1-1EB7424570DE}) (Version: 64.76.37566 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.36 (x64) (HKLM\...\{C912E33F-956A-4921-9F55-CC11AE8F09AF}) (Version: 48.144.23141 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 8.0.0 (x64) (HKLM\...\{76DEEAB3-122F-4231-83C7-0C35363D02F9}) (Version: 64.0.4211 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 8.0.16 (x64) (HKLM\...\{02AF5757-3C24-4F01-83C5-16953208C1AE}) (Version: 64.64.32758 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 8.0.19 (x64) (HKLM\...\{B9F7A454-0CCD-410C-A3E0-D1AAC300F150}) (Version: 64.76.37566 - Microsoft Corporation) Hidden Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.19822.20114 - Microsoft Corporation) Microsoft 365 - it-it (HKLM\...\O365HomePremRetail - it-it) (Version: 16.0.19822.20114 - Microsoft Corporation) Microsoft Analysis Services OLE DB Provider (HKLM\...\{7CA9BDB2-DC47-44B5-B384-8938B461CC38}) (Version: 16.0.5143.0 - Microsoft Corporation) Hidden Microsoft Analysis Services OLE DB Provider (HKLM-x32\...\{8D96B285-698F-42BA-B483-A0A54D75ECD6}) (Version: 16.0.5143.0 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 146.0.3856.84 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 146.0.3856.84 - Microsoft Corporation) Hidden Microsoft GameInput (HKLM\...\{A9E31119-18D8-4BF7-8B63-3CFE78CA0ABD}) (Version: 3.3.163.0 - Microsoft Corporation) Microsoft Help Viewer 2.3 (HKLM-x32\...\{99DC6816-30B2-32EB-9E12-AF8944C4FA4E}) (Version: 2.3.28307 - Microsoft Corporation) Hidden Microsoft Help Viewer 2.3 (HKLM-x32\...\Microsoft Help Viewer 2.3) (Version: 2.3.28307 - Microsoft Corporation) Microsoft ODBC Driver 17 for SQL Server (HKLM\...\{0E0F96AC-80DE-4400-A40C-429D63293651}) (Version: 17.10.6.1 - Microsoft Corporation) Microsoft OLE DB Driver for SQL Server (HKLM\...\{76EB75D2-CCF6-41A9-90B6-922DE9146276}) (Version: 18.7.4.0 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\OneDriveSetup.exe) (Version: 26.035.0222.0002 - Microsoft Corporation) Microsoft OneNote - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 16.0.19822.20114 - Microsoft Corporation) Microsoft OneNote - it-it (HKLM\...\OneNoteFreeRetail - it-it) (Version: 16.0.19822.20114 - Microsoft Corporation) Microsoft SQL Server 2022 (64-bit) (HKLM\...\Microsoft SQL Server SQL2022) (Version: - Microsoft Corporation) Microsoft SQL Server 2022 RsFx Driver (HKLM\...\{629C8FC9-3763-4C58-8264-5288AE34AFEF}) (Version: 16.0.1000.6 - Microsoft Corporation) Hidden Microsoft SQL Server 2022 Setup (English) (HKLM\...\{BF4D8C4B-D931-4D62-A7ED-8A34B2FC0D1B}) (Version: 16.0.1000.6 - Microsoft Corporation) Microsoft SQL Server Management Studio - 20.2 (HKLM-x32\...\{98566bce-3110-4bc9-b372-a014a6eb5b58}) (Version: 20.2.30.0 - Microsoft Corporation) Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.25.18302 - Microsoft) Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211 (HKLM-x32\...\{d8bbe9f9-7c5b-42c6-b715-9ee898a2e515}) (Version: 14.44.35211.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35211 (HKLM-x32\...\{0b5169e3-39da-4313-808e-1f9c0407f3bf}) (Version: 14.44.35211.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.44.35211 (HKLM\...\{86AB2CC9-08BD-4643-B0F9-F82D006D72FF}) (Version: 14.44.35211 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.44.35211 (HKLM\...\{43B0D101-A022-48F4-9D04-BA404CEB1D53}) (Version: 14.44.35211 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.44.35211 (HKLM-x32\...\{C18FB403-1E88-43C8-AD8A-CED50F23DE8B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.44.35211 (HKLM-x32\...\{922480B5-CAEB-4B1B-AAA4-9716EFDCE26B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden Microsoft Visual Studio Tools for Applications 2019 (HKLM-x32\...\{f3fbabb4-bcfb-45eb-8fff-9b784fd68c38}) (Version: 16.0.31110 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2019 x64 Hosting Support (HKLM\...\{8E7A3713-551D-333A-9271-10EF4D77A80F}) (Version: 16.0.31110 - Microsoft Corporation) Hidden Microsoft Visual Studio Tools for Applications 2019 x86 Hosting Support (HKLM-x32\...\{E7A0CD34-1F9B-3496-ADB3-2F180D302F6A}) (Version: 16.0.31110 - Microsoft Corporation) Hidden Microsoft VSS Writer for SQL Server 2022 (HKLM\...\{AB5D8778-81F3-47E2-87A4-35E776CD664B}) (Version: 16.0.1000.6 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM\...\{61D4736B-3325-4D4A-BD41-8BD206C6A86E}) (Version: 48.144.23186 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM-x32\...\{0532b8f2-12d7-43de-95fc-7b87006758a8}) (Version: 6.0.36.34217 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 8.0.0 (x64) (HKLM\...\{113C0ADC-B9BD-4F95-9653-4F5BC540ED03}) (Version: 64.0.5329 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 8.0.0 (x64) (HKLM-x32\...\{17316079-d65a-4f25-a9f3-56c32781b15d}) (Version: 8.0.0.33101 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 8.0.16 (x64) (HKLM\...\{AAEFDC34-F493-41AC-A264-11FE93008418}) (Version: 64.64.32786 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 8.0.16 (x64) (HKLM-x32\...\{ce93c7b3-106f-4ee3-bf24-6a710e693ac3}) (Version: 8.0.16.34817 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 8.0.19 (x64) (HKLM\...\{A6EA542C-884C-4FE7-89E4-8C28E14B601C}) (Version: 64.76.37602 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 8.0.19 (x64) (HKLM-x32\...\{6b2575e2-0248-44c3-93f3-2eba040331ed}) (Version: 8.0.19.35118 - Microsoft Corporation) Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox) (Version: 149.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 121.0 - Mozilla) Mudfish Cloud VPN v5.13.2 (HKLM-x32\...\Mudfish Cloud VPN) (Version: 5.13.2 - Mudfish Networks) Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.6.7 - Notepad++ Team) NVIDIA App 11.0.6.383 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.6.383 - NVIDIA Corporation) NVIDIA FrameView SDK 1.5.11821.36727370 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.5.11821.36727370 - NVIDIA Corporation) NVIDIA Graphics Driver 595.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 595.97 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.4.5.7 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.5.7 - NVIDIA Corporation) NVIDIA PhysX System Software 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.19822.20104 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0410-1000-0000000FF1CE}) (Version: 16.0.19822.20104 - Microsoft Corporation) Hidden OpenOffice 4.1.15 (HKLM-x32\...\{7A10D0DA-1711-4CB1-8D71-81A6E0149B43}) (Version: 4.115.9813 - Apache Software Foundation) Opera GX Stable 128.0.5807.97 (HKLM-x32\...\Opera GX 128.0.5807.97) (Version: 128.0.5807.97 - Opera Software) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.296.0.23 - Overwolf Ltd.) PlayStation® Accessories (HKLM\...\{A27B17B9-90C8-4B07-83C6-1303FC186B6B}) (Version: 2.2.1.2 - Sony Interactive Entertainment Inc.) Proton VPN (HKLM\...\Proton VPN_is1) (Version: 3.2.10 - Proton AG) PS3Merge version 1.0.1.0 (HKLM-x32\...\PS3Merge_is1) (Version: 1.0.1.0 - Karmian.org) Python 3.14.3 (HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\pymanager-pythoncore-3.14-64) (Version: 3.14-64 - Python Software Foundation) qBittorrent (HKLM-x32\...\qBittorrent) (Version: 5.1.0 - The qBittorrent project) Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.10.0730.071519 - Razer Inc.) REDlauncher (HKLM\...\{5FAC19AE-9120-4D9B-AB70-EE91A5750A9D}) (Version: 4.2.0.4 - CD Projekt RED) Hidden Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.105.2733 - Rockstar Games) Rockstar Games SDK (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.4.0.146 - Rockstar Games) Soulframe (HKLM-x32\...\{DF5516F8-23E6-4965-8137-9E1871D801A8}) (Version: 1.0.0 - Digital Extremes) SQL Server 2022 Batch Parser (HKLM\...\{7EFD8B19-A9E6-41CF-A96F-B9B6E30EC345}) (Version: 16.0.1000.6 - Microsoft Corporation) Hidden SQL Server 2022 Common Files (HKLM\...\{6A68D32C-4C0D-4847-B70C-58E6B4D76A12}) (Version: 16.0.1000.6 - Microsoft Corporation) Hidden SQL Server 2022 Common Files (HKLM\...\{8770AF64-BB4B-4404-BDD6-6AF8E4C461FC}) (Version: 16.0.1000.6 - Microsoft Corporation) Hidden SQL Server 2022 Connection Info (HKLM\...\{770DA7F2-817B-4AA6-9160-08BB658ABDC6}) (Version: 16.0.1000.6 - Microsoft Corporation) Hidden SQL Server 2022 Connection Info (HKLM\...\{EAC54B82-7A37-4A9E-8953-474316BD40F6}) (Version: 16.0.1000.6 - Microsoft Corporation) Hidden SQL Server 2022 Database Engine Services (HKLM\...\{6621C765-569C-4D46-A8E9-C69A47971357}) (Version: 16.0.1000.6 - Microsoft Corporation) Hidden SQL Server 2022 Database Engine Services (HKLM\...\{C4CF167C-4739-4A3A-8D75-59C9C5F135CA}) (Version: 16.0.1000.6 - Microsoft Corporation) Hidden SQL Server 2022 Database Engine Shared (HKLM\...\{161B8D12-C41B-4ACF-9BB5-E1FEE6788869}) (Version: 16.0.1000.6 - Microsoft Corporation) Hidden SQL Server 2022 Database Engine Shared (HKLM\...\{D6E82158-05B9-4A18-A624-EA135BC77766}) (Version: 16.0.1000.6 - Microsoft Corporation) Hidden SQL Server 2022 DMF (HKLM\...\{5AB77D4E-9E5F-4627-B78B-129A5EC2858A}) (Version: 16.0.1000.6 - Microsoft Corporation) Hidden SQL Server 2022 DMF (HKLM\...\{DCA0C2D6-83BF-41AE-B1AB-C4181002DE40}) (Version: 16.0.1000.6 - Microsoft Corporation) Hidden SQL Server 2022 Shared Management Objects (HKLM\...\{12618131-AA9A-4DAE-9387-CE4417955B9F}) (Version: 16.0.1000.6 - Microsoft Corporation) Hidden SQL Server 2022 Shared Management Objects (HKLM\...\{6F8242AA-1B25-421C-8E45-FC5978D9AA3A}) (Version: 16.0.1000.6 - Microsoft Corporation) Hidden SQL Server 2022 Shared Management Objects Extensions (HKLM\...\{35EC6145-E333-42DB-BCB3-380DF6140C11}) (Version: 16.0.1000.6 - Microsoft Corporation) Hidden SQL Server 2022 Shared Management Objects Extensions (HKLM\...\{A0F7ACBA-075F-4BC7-A85A-5DC301FCEC74}) (Version: 16.0.1000.6 - Microsoft Corporation) Hidden SQL Server 2022 SQL Diagnostics (HKLM\...\{0CEFE958-E71A-4171-9DEF-77E9234A5613}) (Version: 16.0.1000.6 - Microsoft Corporation) Hidden SQL Server 2022 XEvent (HKLM\...\{94AEB0A0-365C-449B-B573-D2ECB353EB06}) (Version: 16.0.1000.6 - Microsoft Corporation) Hidden SQL Server 2022 XEvent (HKLM\...\{BD8B7339-7559-4FC3-95E6-264324D45235}) (Version: 16.0.1000.6 - Microsoft Corporation) Hidden SQL Server Management Studio (HKLM-x32\...\{98FA3A6A-2028-4F6B-993E-D1851F0D5EC6}) (Version: 20.2.30.0 - Microsoft Corp.) Hidden SQL Server Management Studio Language Pack - English (HKLM-x32\...\{644B42A8-9074-44B2-96AF-5501B6073FA5}) (Version: 20.2.30.0 - Microsoft Corp.) Hidden SSMS Post Install Tasks (HKLM-x32\...\{33F0F46E-51D3-46B5-9EAA-9415E9BA3A7A}) (Version: 20.2.30.0 - Microsoft Corporation) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Stremio (HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\Stremio) (Version: 4.4.181 - Smart Code Ltd) TeamViewer (HKLM\...\TeamViewer) (Version: 15.51.6 - TeamViewer) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 151.2.11050 - Ubisoft) UE Prerequisites (x64) (HKLM\...\{E171B21A-DA58-432D-A74B-D13B204BA477}) (Version: 1.0.16.0 - Epic Games, Inc.) Hidden UE Prerequisites (x64) (HKLM-x32\...\{aad8a4b2-74da-409d-abb6-79a299008692}) (Version: 1.0.16.0 - Epic Games, Inc.) Hidden UltraPlus Mod Manager version 1.9.4 (HKLM-x32\...\{39F4D0E5-E22E-4844-93EC-65BE747B74C6}_is1) (Version: 1.9.4 - UltraPlus) ViGEm Bus Driver (HKLM\...\{966606F3-2745-49E9-BF15-5C3EAA4E9077}) (Version: 1.22.0 - Nefarius Software Solutions e.U.) Visual Studio 2017 Isolated Shell for SSMS (HKLM-x32\...\{29BA18D9-00DF-4A08-BBBE-A0211A31D452}) (Version: 15.0.28307.421 - Microsoft Corporation) Hidden VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN) Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.15.2 - Black Tree Gaming Ltd.) Wand (HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\WeMod) (Version: 12.17.0 - WeMod) XIVLauncher (HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\XIVLauncher) (Version: 7.0.20 - XIVLauncher) Packages: ========= @{MicrosoftWindows.55182690.Taskbar_1000.26100.3775.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-06-12] () 5A894077.McAfeeSecurity -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2026-03-30] (McAfee LLC.) Dropbox - promozione -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.36.0_x64__xbfy0k16fey96 [2026-03-30] (Dropbox Inc.) HP -> C:\Program Files\WindowsApps\AD2F1837.myHP_54.52610.3208.0_x64__v10z8vjag6ke6 [2026-03-30] (HP Inc.) [Startup Task] HP Audio Center -> C:\Program Files\WindowsApps\AD2F1837.HPAudioCenter_1.47.308.0_x64__v10z8vjag6ke6 [2026-03-30] (HP Inc.) HP Enhanced Lighting -> C:\Program Files\WindowsApps\AD2F1837.HPEnhance_1.4.4.0_x64__v10z8vjag6ke6 [2026-03-30] (HP Inc.) HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_3.0.0.0_x64__v10z8vjag6ke6 [2026-03-30] (HP Inc.) HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.4.17.0_x64__v10z8vjag6ke6 [2026-03-30] (HP Inc.) HP QuickDrop -> C:\Program Files\WindowsApps\AD2F1837.HPQuickDrop_2.5.10921.0_x64__v10z8vjag6ke6 [2026-03-30] (HP Inc.) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_163.1.1121.0_x64__v10z8vjag6ke6 [2026-03-30] (HP Inc.) HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.51.14.0_x64__v10z8vjag6ke6 [2026-03-30] (HP Inc.) HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.2.16.0_x64__v10z8vjag6ke6 [2026-03-30] (HP Inc.) Ink.Handwriting.it-IT.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.it-IT.1.0_0.1082.2350.0_x64__8wekyb3d8bbwe [2026-03-30] (Microsoft Corporation) Ink.Handwriting.it-IT.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.it-IT.1.0_0.1082.2350.0_x86__8wekyb3d8bbwe [2026-03-30] (Microsoft Corporation) Ink.Handwriting.Main.it-IT.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.Main.it-IT.1.0_0.1082.2350.0_x64__8wekyb3d8bbwe [2026-03-30] (Microsoft Corporation) Intel® Rapid Storage Technology Application -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_20.0.1024.0_x64__8j3eq9eme6ctt [2026-03-30] (INTEL CORP) Local AI Manager for Microsoft 365 -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\AI [2026-03-29] () Malwarebytes Anti-Malware -> C:\Program Files\Malwarebytes\Anti-Malware [2026-03-30] () Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2511.3002.0_x64__8wekyb3d8bbwe [2026-03-30] (Microsoft Corporation) [Startup Task] Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2026-03-30] (Microsoft Corp.) Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_56.20201.588.0_x64__8wekyb3d8bbwe [2026-03-30] (Microsoft Corporation) Microsoft.Office.ActionsServer -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\ActionsServer [2026-03-28] () Minecraft Education -> C:\Program Files\WindowsApps\Microsoft.MinecraftEducationEdition_1.21.13201.0_x64__8wekyb3d8bbwe [2026-03-30] (Microsoft Studios) Notepad++ -> C:\Program Files\Notepad++\contextMenu [2025-05-28] (Notepad++) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.969.0_x64__56jybvy8sckqj [2026-03-30] (NVIDIA Corp.) OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16 [2026-03-28] () OMEN Gaming Hub -> C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2602.10.0_x64__v10z8vjag6ke6 [2026-03-30] (HP Inc.) [Startup Task] OMEN Light Studio -> C:\Program Files\WindowsApps\AD2F1837.OMENLightStudio_1.0.66.0_x64__v10z8vjag6ke6 [2026-03-30] (HP Inc.) [Startup Task] Python Install Manager -> C:\Program Files\WindowsApps\PythonSoftwareFoundation.PythonManager_26.0.240.0_x64__3847v3x7pw1km [2026-03-30] (Python Software Foundation) Solitario! -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.5.40.0_x64__kx24dqmazqk8j [2026-03-30] (Random Salad Games LLC) TranslucentTB -> C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2026.1.0.0_x64__v826wp6bftszj [2026-03-30] (Charles Milette) [Startup Task] WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe [2026-03-30] (Microsoft Corp.) WinAppRuntime.Main.1.8 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.8_8000.770.947.0_x64__8wekyb3d8bbwe [2026-03-30] (Microsoft Corp.) WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_8000.770.947.0_x64__8wekyb3d8bbwe [2026-03-30] (Microsoft Corp.) Windows HDR Calibration -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsHDRCalibration_1.0.152.0_x64__8wekyb3d8bbwe [2026-03-30] (Microsoft Corp.) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3061952332-3695074-208723314-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> "C:\Users\TG02-007\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe" -ToastActivated => No File CustomCLSID: HKU\S-1-5-21-3061952332-3695074-208723314-1001_Classes\CLSID\{4e6f7264-5650-4e00-0000-000000000000}\localserver32 -> "C:\Program Files\NordVPN\NordVPN.exe" -ToastActivated => No File CustomCLSID: HKU\S-1-5-21-3061952332-3695074-208723314-1001_Classes\CLSID\{50726f74-6f6e-2e56-504e-000000000000}\localserver32 -> C:\Program Files\Proton\VPN\v3.2.10\ProtonVPN.exe (Proton AG -> ) CustomCLSID: HKU\S-1-5-21-3061952332-3695074-208723314-1001_Classes\CLSID\{7d043d4e-4259-f459-3630-7b434fd7752c}\localserver32 -> C:\Program Files\HP\HP Media Network\HPMediaNetwork.exe (HP Inc. -> HP Inc.) CustomCLSID: HKU\S-1-5-21-3061952332-3695074-208723314-1001_Classes\CLSID\{EABAE40C-B27C-455A-B672-F234DD780948}\InprocServer32 -> C:\Users\TG02-007\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.25.18302\x64\Microsoft.Teams.MeetingAddin.DLL (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-03-02] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-03-02] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-03-02] (Adobe Inc. -> ) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2025-08-03] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-03-02] (Adobe Inc. -> ) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2026-03-29] (Malwarebytes Inc -> Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2025-08-03] (Igor Pavlov) [File not signed] ContextMenuHandlers5: [NvAppDesktopContext] -> {F2E8B4A1-9C7D-4F6E-B3A5-8D2C1F4E9B7A} => C:\Program Files\NVIDIA Corporation\NVIDIA App\NvCpl\nvui.dll [2026-01-16] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_62514a5ce7cb3484\nvshext.dll [2026-03-18] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2025-08-03] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-03-02] (Adobe Inc. -> ) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2026-03-29] (Malwarebytes Inc -> Malwarebytes) ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [MidisrvTransferComplete] => 1 HKLM\...\Drivers32: [midi1] => C:\windows\system32\wdmaud2.drv [143360 2026-03-10] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Drivers32: [midi1] => C:\Windows\SysWOW64\wdmaud2.drv [91648 2026-03-10] (Microsoft Windows -> Microsoft Corporation) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon.com.lnk -> C:\Program Files (x86)\Online Services\Amazon\WizLink.exe () -> hxxp://www.amazon.com/gp/ubp/oneButton/config/redirectHome?tagbase=hpga1-ubpl&ref=aagateway-taskbar-hp ==================== Loaded Modules (Whitelisted) ============= 2025-10-19 20:09 - 2025-10-19 20:09 - 003866624 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\6a32239ebc9da3b293d58208b57bf502\Newtonsoft.Json.ni.dll 2024-11-14 22:18 - 2026-03-24 13:20 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\WINDOWS\tracing:? [16] AlternateDataStreams: C:\ProgramData\BstShm_5.21.580.1019_nxt:0BA5A0C5AF [7714] AlternateDataStreams: C:\ProgramData\BstShm_5.21.580.1019_nxt:BFA2474391 [7714] AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [7714] AlternateDataStreams: C:\ProgramData\sldh.dat:136096DD5B [6002] AlternateDataStreams: C:\ProgramData\sldh.dat:AF7D5A4DE2 [6002] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [7714] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\McInst.exe:5333F5D8A9 [7714] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\McInst.exe:9DCDB32EE1 [7714] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [7714] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon.com.lnk:35D20EBEE5 [6002] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [7714] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [6002] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Private Browsing.lnk:C5112377E0 [6002] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Documentation.lnk:92B3809DA8 [7714] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass.lnk:F32536EEBE [6002] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [7714] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook (classic).lnk:5465085A2F [6002] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook (classic).lnk:BE800952D3 [6002] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [5154] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk:104946E0EA [3442] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [10134] AlternateDataStreams: C:\Users\TG02-007\Dati applicazioni:86dabf594e68b7fb8ac56037576b6591 [394] AlternateDataStreams: C:\Users\TG02-007\Dati applicazioni:c15540c89c88cd704ccd25de5f07f873 [394] AlternateDataStreams: C:\Users\TG02-007\Downloads\FRST64.exe:MBAM.Zone.Identifier [225] AlternateDataStreams: C:\Users\TG02-007\AppData\Roaming:86dabf594e68b7fb8ac56037576b6591 [394] AlternateDataStreams: C:\Users\TG02-007\AppData\Roaming:c15540c89c88cd704ccd25de5f07f873 [394] AlternateDataStreams: C:\Users\TG02-007\AppData\Local\Temp:$DATA​ [16] ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ============= SearchScopes: HKLM -> {FE9CE91E-B883-4217-9B43-F58F3AC7F652} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> {FE9CE91E-B883-4217-9B43-F58F3AC7F652} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-3061952332-3695074-208723314-1001 -> {FE9CE91E-B883-4217-9B43-F58F3AC7F652} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2026-01-27] (HP Inc. -> HP Inc.) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2026-01-30] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2026-01-27] (HP Inc. -> HP Inc.) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-03-28] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-03-28] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-03-28] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-03-28] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-03-28] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-03-28] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2026-03-28] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2026-03-28] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2021-06-05 14:08 - 2025-01-28 16:02 - 000002609 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 lmlicenses.wip4.adobe.com 127.0.0.1 lm.licenses.adobe.com 127.0.0.1 na1r.services.adobe.com 127.0.0.1 hlrcv.stage.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 activate.adobe.com 109.94.209.70 fitgirlrepacks.in # Fake FitGirl site 109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site 109.94.209.70 fitgirlrepacks.co # Fake FitGirl site 109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site 109.94.209.70 fitgirl-repacks.to # Fake FitGirl site 109.94.209.70 fitgirl-repack.com # Fake FitGirl site 109.94.209.70 fitgirlrepack.games # Fake FitGirl site 109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site 109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site 109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site 109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site 109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site 109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site 109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site 109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site 109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site 109.94.209.70 fitgirl-repack.net # Fake FitGirl site 109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site 109.94.209.70 fitgirlpack.site # Fake FitGirl site 109.94.209.70 www.fitgirlpack.site # Fake FitGirl site 109.94.209.70 fitgirl-repack.org # Fake FitGirl site 109.94.209.70 www.fitgirl-repack.org # Fake FitGirl site ==================== Network =========================== (Currently there is no automatic fix for this section.) DNS Servers: 8.8.8.8 - 8.8.4.4 Windows Firewall is enabled. Network Binding: ============= Connessione di rete Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys Ethernet 2: TAP-Win32 Adapter V9 -> tap0901.sys Wi-Fi: Realtek RTL8822CE 802.11ac PCIe Adapter -> rtwlane.sys Ethernet: Realtek Gaming GbE Family Controller -> rt640x64.sys VMware Network Adapter VMnet1: VMware Virtual Ethernet Adapter for VMnet1 -> vmnetadapter.sys VMware Network Adapter VMnet8: VMware Virtual Ethernet Adapter for VMnet8 -> vmnetadapter.sys nt_rtf64: Realtek LightWeight Filter (NDIS6.40) vmware_bridge: VMware Bridge Protocol ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\VMware\VMware Workstation\bin\;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\windows\System32\OpenSSH\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\dotnet\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Users\TG02-007\AppData\Local\Microsoft\WindowsApps;C:\Program Files\NVIDIA Corporation\NVIDIA app\NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Microsoft SQL Server\160\Tools\Binn\;C:\Program Files\Microsoft SQL Server\160\Tools\Binn\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\Microsoft SQL Server\160\DTS\Binn\;C:\Program Files (x86)\Microsoft SQL Server\160\DTS\Binn\ HKU\S-1-5-21-3061952332-3695074-208723314-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\TG02-007\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\comm scott nancy boy.jpg HKU\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 5) (TamperProtectionSource: 2) HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0) HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths|C:\Users\TG02-007\AppData\Roaming\Microsoft\Reaper HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths|C:\Users\TG02-007\OneDrive\Desktop\ds2 HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\TemporaryPaths|\\?\C:\Users\TG02-007\Downloads\The Last of Us - Part I [FitGirl Repack]\setup.exe ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKLM\...\StartupApproved\StartupFolder: => "RocketDock.lnk" HKLM\...\StartupApproved\Run32: => "ExpressVPNNotificationService" HKLM\...\StartupApproved\Run32: => "Opera GX Browser Assistant" HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess" HKLM\...\StartupApproved\Run32: => "dc_global" HKLM\...\StartupApproved\Run32: => "STOVE" HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\StartupApproved\Run: => "HPSEU_Host_Launcher" HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\StartupApproved\Run: => "RiotClient" HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_16A0BB183AD47197B9B56C99D4915FD2" HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\StartupApproved\Run: => "ProtonVPN" HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\StartupApproved\Run: => "Synapse3" HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\StartupApproved\Run: => "electron.app.BlueStacks Services" HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\StartupApproved\Run: => "Overwolf" HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\StartupApproved\Run: => "GogGalaxy" HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\StartupApproved\Run: => "stoat-desktop" HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\StartupApproved\Run: => "NordVPN" HKU\S-1-5-21-3061952332-3695074-208723314-1001\...\StartupApproved\Run: => "net.mullvad.vpn" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [UDP Query User{372195F8-9762-4848-B73E-62E9C84C1BA9}C:\users\tg02-007\onedrive\desktop\metal.gear.solid.master.collection.version\game\metal gear solid.exe] => (Allow) C:\users\tg02-007\onedrive\desktop\metal.gear.solid.master.collection.version\game\metal gear solid.exe => No File FirewallRules: [TCP Query User{EBD1BC26-D3A5-434F-97E7-DEB2BB828C04}C:\users\tg02-007\onedrive\desktop\metal.gear.solid.master.collection.version\game\metal gear solid.exe] => (Allow) C:\users\tg02-007\onedrive\desktop\metal.gear.solid.master.collection.version\game\metal gear solid.exe => No File FirewallRules: [{C977A299-447B-47B5-BAAE-D1D5AAE01905}] => (Allow) D:\SteamLibrary\steamapps\common\P3R\P3R\Binaries\Win64\P3R.exe => No File FirewallRules: [{3B6D5AE9-B13A-4376-B6AA-ECD7312E05C7}] => (Allow) D:\SteamLibrary\steamapps\common\P3R\P3R\Binaries\Win64\P3R.exe => No File FirewallRules: [UDP Query User{73E9C2D2-7DF7-4D46-8BC1-DB8FF4114E46}C:\users\tg02-007\appdata\local\discord\app-1.0.9166\discord.exe] => (Allow) C:\users\tg02-007\appdata\local\discord\app-1.0.9166\discord.exe => No File FirewallRules: [TCP Query User{DC9E75D4-AAFB-434B-B2E5-0221192D483F}C:\users\tg02-007\appdata\local\discord\app-1.0.9166\discord.exe] => (Allow) C:\users\tg02-007\appdata\local\discord\app-1.0.9166\discord.exe => No File FirewallRules: [{EEEAA01D-80A7-41E1-8736-9AA579D86828}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC 2015\Photoshop.exe => No File FirewallRules: [UDP Query User{425CBCA9-B020-42D7-94BD-803778F7AF02}C:\users\tg02-007\appdata\local\wemod\app-9.10.6\wemod.exe] => (Block) C:\users\tg02-007\appdata\local\wemod\app-9.10.6\wemod.exe => No File FirewallRules: [TCP Query User{274344EC-45E3-41D5-83B4-51D6AB6A010C}C:\users\tg02-007\appdata\local\wemod\app-9.10.6\wemod.exe] => (Block) C:\users\tg02-007\appdata\local\wemod\app-9.10.6\wemod.exe => No File FirewallRules: [{427379B9-4F4E-4EEE-B677-B4A59C931A84}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe (Now.gg, INC -> The Qt Company Ltd.) FirewallRules: [{F59AF803-AD32-43AA-9B71-4B83565D0BF9}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Now.gg, INC -> BlueStack Systems) FirewallRules: [{4B3122FF-B66E-4ED0-B9E9-2D3546FE76F9}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => No File FirewallRules: [{E09F6859-48EF-4D8E-A434-76B40CC2A12B}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Now.gg, INC -> Bluestack Systems, Inc.) FirewallRules: [{A0D7D2A6-B5F7-4EA5-8D47-C0D03940EFDF}] => (Allow) D:\SteamLibrary\steamapps\common\To the Moon Beachsode\To the Moon Beachsode\steamshim_parent.exe () [File not signed] FirewallRules: [{B93B1A6A-71E0-4A35-95C7-06F077768942}] => (Allow) D:\SteamLibrary\steamapps\common\To the Moon Beachsode\To the Moon Beachsode\steamshim_parent.exe () [File not signed] FirewallRules: [UDP Query User{0174897A-8D08-4109-B37E-D5CCAD79AC9B}C:\minionapp\minionapp.exe] => (Allow) C:\minionapp\minionapp.exe => No File FirewallRules: [TCP Query User{387A2DFF-D610-4840-BF13-A06EF57FD9FC}C:\minionapp\minionapp.exe] => (Allow) C:\minionapp\minionapp.exe => No File FirewallRules: [UDP Query User{2850DC1C-6A82-4EC2-B8F1-11241B5FBDA6}C:\program files (x86)\mudfish cloud vpn\mudwfp_proxy.exe] => (Allow) C:\program files (x86)\mudfish cloud vpn\mudwfp_proxy.exe (Mudfish Networks -> ) FirewallRules: [TCP Query User{38796798-589C-4B82-A3C6-544DD992884F}C:\program files (x86)\mudfish cloud vpn\mudwfp_proxy.exe] => (Allow) C:\program files (x86)\mudfish cloud vpn\mudwfp_proxy.exe (Mudfish Networks -> ) FirewallRules: [UDP Query User{49115211-77C6-4018-9CAD-C85D351AA655}D:\steamlibrary\steamapps\common\blackmythwukong\b1\binaries\win64\b1-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\blackmythwukong\b1\binaries\win64\b1-win64-shipping.exe => No File FirewallRules: [TCP Query User{A357FB53-4002-4DE4-A6CD-ECE4A133476F}D:\steamlibrary\steamapps\common\blackmythwukong\b1\binaries\win64\b1-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\blackmythwukong\b1\binaries\win64\b1-win64-shipping.exe => No File FirewallRules: [UDP Query User{AEE33DEB-163E-48CF-B492-2E90CA9D688B}C:\program files (x86)\epic games\wuthering waves\zenlesszonezero\games\zenlesszonezero game\zenlesszonezero.exe] => (Allow) C:\program files (x86)\epic games\wuthering waves\zenlesszonezero\games\zenlesszonezero game\zenlesszonezero.exe => No File FirewallRules: [TCP Query User{5AB21428-C9C6-4644-ADC2-6336A1A5528C}C:\program files (x86)\epic games\wuthering waves\zenlesszonezero\games\zenlesszonezero game\zenlesszonezero.exe] => (Allow) C:\program files (x86)\epic games\wuthering waves\zenlesszonezero\games\zenlesszonezero game\zenlesszonezero.exe => No File FirewallRules: [UDP Query User{A53D916F-9DDE-40C8-BBDB-F849C2F27DCD}C:\program files (x86)\epic games\wuthering waves\zenlesszonezero\games\zenlesszonezero game\zenlesszonezero_data\plugins\x86_64\zfgamebrowser.exe] => (Allow) C:\program files (x86)\epic games\wuthering waves\zenlesszonezero\games\zenlesszonezero game\zenlesszonezero_data\plugins\x86_64\zfgamebrowser.exe => No File FirewallRules: [TCP Query User{9499B2E3-490C-4448-B4E5-3F14BDD02051}C:\program files (x86)\epic games\wuthering waves\zenlesszonezero\games\zenlesszonezero game\zenlesszonezero_data\plugins\x86_64\zfgamebrowser.exe] => (Allow) C:\program files (x86)\epic games\wuthering waves\zenlesszonezero\games\zenlesszonezero game\zenlesszonezero_data\plugins\x86_64\zfgamebrowser.exe => No File FirewallRules: [{E5B8021A-FA67-400B-8E8C-FA9D260E7C1E}] => (Allow) D:\SteamLibrary\steamapps\common\ELDEN RING\AdvGuide\ELDEN RING Adventure Guide.exe => No File FirewallRules: [{2B780EA8-0E6E-432B-93AC-2264947D637C}] => (Allow) D:\SteamLibrary\steamapps\common\ELDEN RING\AdvGuide\ELDEN RING Adventure Guide.exe => No File FirewallRules: [{D8A82639-2BC2-4111-8B2B-89410E318F64}] => (Allow) D:\SteamLibrary\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File FirewallRules: [{BAE13B72-69D8-46BA-8B90-199AC1109D96}] => (Allow) D:\SteamLibrary\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File FirewallRules: [UDP Query User{1BA1F7CE-9964-4D5B-A5B5-4ECA8E29CA12}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{040AE1A8-1FD9-4104-A165-A7CADC47FDD0}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{561268C5-B7EB-4B97-A5E2-8FC96A29C93D}C:\program files (x86)\wuthering waves\wuthering waves game\client\binaries\win64\client-win64-shipping.exe] => (Allow) C:\program files (x86)\wuthering waves\wuthering waves game\client\binaries\win64\client-win64-shipping.exe => No File FirewallRules: [TCP Query User{40CCF00A-4973-468D-B039-C1CBBF9790E9}C:\program files (x86)\wuthering waves\wuthering waves game\client\binaries\win64\client-win64-shipping.exe] => (Allow) C:\program files (x86)\wuthering waves\wuthering waves game\client\binaries\win64\client-win64-shipping.exe => No File FirewallRules: [UDP Query User{27B1BCAF-8B58-4674-AA8B-1C7A4F43060C}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe => No File FirewallRules: [TCP Query User{EDE224E6-3940-40D9-A589-344729EDA522}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe => No File FirewallRules: [{3FF1BA22-3482-4B23-9928-36B3AAECBE43}] => (Allow) C:\Users\TG02-007\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => No File FirewallRules: [{F68E92D2-3D61-42A4-B0F0-9F96CD1FBD23}] => (Allow) C:\Users\TG02-007\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => No File FirewallRules: [UDP Query User{D8504C28-301E-4BF2-B87B-F270C91521BA}D:\games\persona 3 reload\content\p3r\binaries\wingdk\p3r.exe] => (Allow) D:\games\persona 3 reload\content\p3r\binaries\wingdk\p3r.exe => No File FirewallRules: [TCP Query User{61459B9A-E472-469E-8604-25BBB7501953}D:\games\persona 3 reload\content\p3r\binaries\wingdk\p3r.exe] => (Allow) D:\games\persona 3 reload\content\p3r\binaries\wingdk\p3r.exe => No File FirewallRules: [UDP Query User{459365E4-94B5-4874-8B2A-EB45FE3EC47D}D:\steamlibrary\steamapps\common\tekken 8\polaris\binaries\win64\polaris-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\tekken 8\polaris\binaries\win64\polaris-win64-shipping.exe => No File FirewallRules: [TCP Query User{B6970012-CFDE-498E-8A0A-6858464D6397}D:\steamlibrary\steamapps\common\tekken 8\polaris\binaries\win64\polaris-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\tekken 8\polaris\binaries\win64\polaris-win64-shipping.exe => No File FirewallRules: [{6BD6F25B-174F-489E-B0AA-C852255B29A9}] => (Allow) D:\SteamLibrary\steamapps\common\LikeADragon8\runtime\media\startup.exe => No File FirewallRules: [{FF2923BF-34A7-431A-91A1-C0671E922D13}] => (Allow) D:\SteamLibrary\steamapps\common\LikeADragon8\runtime\media\startup.exe => No File FirewallRules: [{A23BE184-C2E5-4895-A9A7-2E5060E9416A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{A05D9506-40FD-4257-BA08-0862EE5B749C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{EF6C249E-0129-4283-BD61-F02BCFCC6175}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File FirewallRules: [{5F57429A-E1A1-4D9C-878A-6206D1DE3845}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File FirewallRules: [TCP Query User{C850ACB3-B790-4FF7-A3B4-7E71116599D5}C:\xboxgames\lies of p\content\liesofp\binaries\wingdk\lop-wingdk-shipping.exe] => (Allow) C:\xboxgames\lies of p\content\liesofp\binaries\wingdk\lop-wingdk-shipping.exe => No File FirewallRules: [UDP Query User{220CBFB5-5AFF-4C67-A4D4-0A8955236EC2}C:\xboxgames\lies of p\content\liesofp\binaries\wingdk\lop-wingdk-shipping.exe] => (Allow) C:\xboxgames\lies of p\content\liesofp\binaries\wingdk\lop-wingdk-shipping.exe => No File FirewallRules: [{C2B4A23C-D9AD-4595-8675-DBC587EAE9C8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{043A592A-4513-48CC-AF6B-0315925F4D76}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{675E64AF-4AA4-4EAC-8358-85CBB2E5C3A9}C:\xboxgames\hi-fi rush\content\hibiki\binaries\wingdk\hi-fi-rush.exe] => (Allow) C:\xboxgames\hi-fi rush\content\hibiki\binaries\wingdk\hi-fi-rush.exe => No File FirewallRules: [UDP Query User{0354AA14-18BC-4A56-BC72-4FC7EE8D085B}C:\xboxgames\hi-fi rush\content\hibiki\binaries\wingdk\hi-fi-rush.exe] => (Allow) C:\xboxgames\hi-fi rush\content\hibiki\binaries\wingdk\hi-fi-rush.exe => No File FirewallRules: [{AC3151F1-FA48-445F-AC9A-DBC5FC355B02}] => (Allow) D:\Games\Red Dead Redemption 2\RDR2.exe => No File FirewallRules: [{54747941-2141-49EC-99A6-62D41BEA563C}] => (Allow) D:\Games\Red Dead Redemption 2\RDR2.exe => No File FirewallRules: [TCP Query User{501694CF-14BE-4F1E-A377-32C96E73E517}D:\games\riot\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) D:\games\riot\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe => No File FirewallRules: [UDP Query User{5EF11BB7-CC07-417D-925B-9B6E1BDBE7A5}D:\games\riot\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe] => (Allow) D:\games\riot\riot games\valorant\live\shootergame\binaries\win64\valorant-win64-shipping.exe => No File FirewallRules: [TCP Query User{5BC9AF16-1E58-4303-A772-FFA765494784}D:\games\remnant 2\content\remnant2\binaries\wingdk\remnant2-wingdk-shipping.exe] => (Allow) D:\games\remnant 2\content\remnant2\binaries\wingdk\remnant2-wingdk-shipping.exe => No File FirewallRules: [UDP Query User{3B4A7C66-A106-4CC7-9A5E-F6E42485E8AB}D:\games\remnant 2\content\remnant2\binaries\wingdk\remnant2-wingdk-shipping.exe] => (Allow) D:\games\remnant 2\content\remnant2\binaries\wingdk\remnant2-wingdk-shipping.exe => No File FirewallRules: [TCP Query User{F8DE39ED-36CF-49D0-883D-E73DF1C7C272}C:\users\tg02-007\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe] => (Allow) C:\users\tg02-007\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe (Smart Code OOD -> Node.js) FirewallRules: [UDP Query User{735CC514-20A4-4B41-812C-D07461A2AD89}C:\users\tg02-007\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe] => (Allow) C:\users\tg02-007\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe (Smart Code OOD -> Node.js) FirewallRules: [TCP Query User{8F5F1679-209E-4D36-A0B8-1F151BF18E57}D:\games\palworld\content\pal\binaries\wingdk\palworld-wingdk-shipping.exe] => (Allow) D:\games\palworld\content\pal\binaries\wingdk\palworld-wingdk-shipping.exe => No File FirewallRules: [UDP Query User{ED4F9B1E-3D6A-4E87-B2F6-5802964DCB3B}D:\games\palworld\content\pal\binaries\wingdk\palworld-wingdk-shipping.exe] => (Allow) D:\games\palworld\content\pal\binaries\wingdk\palworld-wingdk-shipping.exe => No File FirewallRules: [TCP Query User{E5681D0F-DEB6-4A91-84CC-4A0A612C0FF0}C:\program files (x86)\epic games\marvel rivals\marvelrivalsjktnw\marvelgame\marvel\binaries\win64\marvel-win64-shipping.exe] => (Allow) C:\program files (x86)\epic games\marvel rivals\marvelrivalsjktnw\marvelgame\marvel\binaries\win64\marvel-win64-shipping.exe => No File FirewallRules: [UDP Query User{CD149591-4D3B-4457-90C2-2003C8ED0AD2}C:\program files (x86)\epic games\marvel rivals\marvelrivalsjktnw\marvelgame\marvel\binaries\win64\marvel-win64-shipping.exe] => (Allow) C:\program files (x86)\epic games\marvel rivals\marvelrivalsjktnw\marvelgame\marvel\binaries\win64\marvel-win64-shipping.exe => No File FirewallRules: [{24F4B594-E551-4B34-86DA-07332D75446C}] => (Allow) D:\SteamLibrary\steamapps\common\SMITE 2\Windows\Hemingway.exe => No File FirewallRules: [{64C27BC5-60A7-4015-BF74-11D2B4583432}] => (Allow) D:\SteamLibrary\steamapps\common\SMITE 2\Windows\Hemingway.exe => No File FirewallRules: [TCP Query User{39DDDFAB-F338-4BB7-BD47-8145AA10E9FB}D:\games\voice of cards - the isle dragon roars\voiceofcardstheisledragonroars.exe] => (Block) D:\games\voice of cards - the isle dragon roars\voiceofcardstheisledragonroars.exe => No File FirewallRules: [UDP Query User{0869C26B-A7F0-447D-B260-DFC84513FE5B}D:\games\voice of cards - the isle dragon roars\voiceofcardstheisledragonroars.exe] => (Block) D:\games\voice of cards - the isle dragon roars\voiceofcardstheisledragonroars.exe => No File FirewallRules: [TCP Query User{B02FB21D-ECB0-456F-80F8-DA75E83CF669}D:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) D:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe => No File FirewallRules: [UDP Query User{4EA21810-1B6A-4557-8D96-C28456A00D99}D:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe] => (Allow) D:\steamlibrary\steamapps\common\baldurs gate 3\bin\bg3_dx11.exe => No File FirewallRules: [{41E7172D-8221-444A-BD0D-92E04A7CD4EF}] => (Allow) C:\Users\TG02-007\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => No File FirewallRules: [{3E5C25D3-9CA9-439B-9640-08C0F707964E}] => (Allow) D:\DaVinci\Resolve.exe => No File FirewallRules: [{8C6B77D2-0CB1-4DB5-B56F-5ED6BE858AAD}] => (Allow) D:\DaVinci\bmdpaneld.exe => No File FirewallRules: [{D6625077-9B3F-4DEE-8507-4687B9FC0F48}] => (Allow) D:\DaVinci\DaVinciPanelDaemon.exe => No File FirewallRules: [{D932791A-723F-4779-B048-BCA2D6B04C75}] => (Allow) D:\DaVinci\JLCooperPanelDaemon.exe => No File FirewallRules: [{FAFB2964-C091-4A7F-B7E6-DEF905DEF1F9}] => (Allow) D:\DaVinci\EuphonixPanelDaemon.exe => No File FirewallRules: [{FBD9BF75-72BF-4C29-A24B-FA55D3185955}] => (Allow) D:\DaVinci\TangentPanelDaemon.exe => No File FirewallRules: [{AF3A4105-E6E9-42F5-B4B1-3DFDD22403B1}] => (Allow) D:\DaVinci\ElementsPanelDaemon.exe => No File FirewallRules: [{2175E21E-B4BB-4666-A1A3-300F3D252D07}] => (Allow) D:\DaVinci\fuscript.exe => No File FirewallRules: [TCP Query User{2C57DEF6-C988-4429-B91B-AC074212DA74}D:\davinci\resolve.exe] => (Allow) D:\davinci\resolve.exe => No File FirewallRules: [UDP Query User{445059F1-05AD-486A-BDB1-19D8754308D8}D:\davinci\resolve.exe] => (Allow) D:\davinci\resolve.exe => No File FirewallRules: [TCP Query User{7DC57D39-6118-439C-9888-4C05C3A7DD05}D:\wuthering waves\wuthering waves game\client\binaries\win64\thirdparty\krpcsdk_global\krsdkres\krsdkwebview\krwebview.exe] => (Allow) D:\wuthering waves\wuthering waves game\client\binaries\win64\thirdparty\krpcsdk_global\krsdkres\krsdkwebview\krwebview.exe => No File FirewallRules: [UDP Query User{12EE21C5-BAA8-4D34-A65C-C8E07968B6D1}D:\wuthering waves\wuthering waves game\client\binaries\win64\thirdparty\krpcsdk_global\krsdkres\krsdkwebview\krwebview.exe] => (Allow) D:\wuthering waves\wuthering waves game\client\binaries\win64\thirdparty\krpcsdk_global\krsdkres\krsdkwebview\krwebview.exe => No File FirewallRules: [TCP Query User{FA756AFF-8FC6-41D3-9E5B-22156F753584}D:\games\until then\untilthen.exe] => (Block) D:\games\until then\untilthen.exe => No File FirewallRules: [UDP Query User{C4AC1119-8446-443D-8113-87D9E658E908}D:\games\until then\untilthen.exe] => (Block) D:\games\until then\untilthen.exe => No File FirewallRules: [{9BA364E7-9A3E-4065-80FC-4ED5519CBA70}] => (Allow) C:\Users\TG02-007\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe => No File FirewallRules: [{6F4CD15F-F59C-4C85-B575-4FE96ABEBB50}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (Broadcom Inc -> VMware, Inc.) FirewallRules: [{D76DB691-46D9-4EA3-8D4F-07EBD5A09C37}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (Broadcom Inc -> VMware, Inc.) FirewallRules: [{93B448FE-CA03-4789-B7D9-690A4A51533B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{5B124D18-1F14-463B-BA7C-15E72559BC35}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{7B1119D6-0302-4811-A19D-4F6001C7A54F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [{0125D0C5-701E-4800-9F61-D6277778BFBC}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [TCP Query User{ABC29AC9-D224-4F02-BF15-A35B786EEFD4}C:\users\tg02-007\downloads\helpwire client.exe] => (Allow) C:\users\tg02-007\downloads\helpwire client.exe => No File FirewallRules: [UDP Query User{C2EC5E7E-430F-4187-A7F4-5857F545A2C5}C:\users\tg02-007\downloads\helpwire client.exe] => (Allow) C:\users\tg02-007\downloads\helpwire client.exe => No File FirewallRules: [TCP Query User{A0A53070-470B-4EA6-9229-6ECE5DE9A5ED}C:\users\tg02-007\downloads\helpwire client(1).exe] => (Allow) C:\users\tg02-007\downloads\helpwire client(1).exe => No File FirewallRules: [UDP Query User{3E5E94CC-9A16-415B-B712-7CDFD1D32EFA}C:\users\tg02-007\downloads\helpwire client(1).exe] => (Allow) C:\users\tg02-007\downloads\helpwire client(1).exe => No File FirewallRules: [TCP Query User{405A665F-757F-4CE2-9977-7A58FAA43B7F}C:\users\tg02-007\downloads\helpwire client(4).exe] => (Allow) C:\users\tg02-007\downloads\helpwire client(4).exe => No File FirewallRules: [UDP Query User{3BB951D7-AF78-470A-8849-2FDA3790F791}C:\users\tg02-007\downloads\helpwire client(4).exe] => (Allow) C:\users\tg02-007\downloads\helpwire client(4).exe => No File FirewallRules: [TCP Query User{08C22CCD-E440-400D-81C9-023BD833078F}C:\users\tg02-007\downloads\helpwire client(5).exe] => (Allow) C:\users\tg02-007\downloads\helpwire client(5).exe => No File FirewallRules: [UDP Query User{149E1F6A-95A7-4086-A283-14331A5E76F2}C:\users\tg02-007\downloads\helpwire client(5).exe] => (Allow) C:\users\tg02-007\downloads\helpwire client(5).exe => No File FirewallRules: [TCP Query User{A538E1DE-6B0A-4068-9746-6763A4C3CD1B}C:\users\tg02-007\downloads\helpwire client(6).exe] => (Allow) C:\users\tg02-007\downloads\helpwire client(6).exe => No File FirewallRules: [UDP Query User{77E21DC7-424C-4D7B-B94F-8416A9D328B3}C:\users\tg02-007\downloads\helpwire client(6).exe] => (Allow) C:\users\tg02-007\downloads\helpwire client(6).exe => No File FirewallRules: [TCP Query User{0EDD24CD-4887-46FC-8FF1-30C37C8D0134}C:\users\tg02-007\downloads\helpwire client(7).exe] => (Allow) C:\users\tg02-007\downloads\helpwire client(7).exe => No File FirewallRules: [UDP Query User{86F40981-85FB-4618-994D-0A9194B8392D}C:\users\tg02-007\downloads\helpwire client(7).exe] => (Allow) C:\users\tg02-007\downloads\helpwire client(7).exe => No File FirewallRules: [{35480885-D594-4C82-8AFD-5B50FDB82CFA}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_25072.1501.3493.5261_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{0600E7F1-0813-41F1-994B-46303EE92C24}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_25072.1501.3493.5261_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{D90EE192-A63A-49EE-B4CC-E62F6FDC77A3}D:\games\clair obscur- expedition 33\content\sandfall\binaries\wingdk\sandfall-wingdk-shipping.exe] => (Allow) D:\games\clair obscur- expedition 33\content\sandfall\binaries\wingdk\sandfall-wingdk-shipping.exe => No File FirewallRules: [UDP Query User{B473DFED-E9A8-45DB-8D17-04687203DF2B}D:\games\clair obscur- expedition 33\content\sandfall\binaries\wingdk\sandfall-wingdk-shipping.exe] => (Allow) D:\games\clair obscur- expedition 33\content\sandfall\binaries\wingdk\sandfall-wingdk-shipping.exe => No File FirewallRules: [TCP Query User{60D05692-F2A5-40A1-89D1-84A0AFF1A39D}D:\steamlibrary\steamapps\common\until then\untilthen.exe] => (Allow) D:\steamlibrary\steamapps\common\until then\untilthen.exe => No File FirewallRules: [UDP Query User{6C87A0BB-AEAB-4B85-B374-56926435C89C}D:\steamlibrary\steamapps\common\until then\untilthen.exe] => (Allow) D:\steamlibrary\steamapps\common\until then\untilthen.exe => No File FirewallRules: [{C47A5067-5C11-45B2-90AE-4C289C841FFC}] => (Allow) D:\SteamLibrary\steamapps\common\Hades II\Ship\Hades2.exe => No File FirewallRules: [{710CACDF-2FDE-4653-AF94-16710225C600}] => (Allow) D:\SteamLibrary\steamapps\common\Hades II\Ship\Hades2.exe => No File FirewallRules: [TCP Query User{4AE12C08-D238-4744-AECE-2D9DE04DA80A}D:\games\armored core 6 - fires of rubicon\game\armoredcore6.exe] => (Allow) D:\games\armored core 6 - fires of rubicon\game\armoredcore6.exe => No File FirewallRules: [UDP Query User{5CBA3CCE-1766-48E6-94DC-8F6722AAA2AC}D:\games\armored core 6 - fires of rubicon\game\armoredcore6.exe] => (Allow) D:\games\armored core 6 - fires of rubicon\game\armoredcore6.exe => No File FirewallRules: [TCP Query User{CF827A82-075C-4918-89D3-8219EFEBB16D}C:\users\tg02-007\appdata\local\wemod\app-10.15.0\wemod.exe] => (Block) C:\users\tg02-007\appdata\local\wemod\app-10.15.0\wemod.exe => No File FirewallRules: [UDP Query User{AB496B27-60C8-486D-9823-6FC3A6C8EC4D}C:\users\tg02-007\appdata\local\wemod\app-10.15.0\wemod.exe] => (Block) C:\users\tg02-007\appdata\local\wemod\app-10.15.0\wemod.exe => No File FirewallRules: [TCP Query User{086FA61B-4133-4F05-9B6F-CC933F0FD58B}D:\games\epic games\crystalofatlanafzun\coaglobalgame\seria\binaries\win64\seria.exe] => (Allow) D:\games\epic games\crystalofatlanafzun\coaglobalgame\seria\binaries\win64\seria.exe => No File FirewallRules: [UDP Query User{A8D24C78-FBD9-4F5F-BC2A-67338F173379}D:\games\epic games\crystalofatlanafzun\coaglobalgame\seria\binaries\win64\seria.exe] => (Allow) D:\games\epic games\crystalofatlanafzun\coaglobalgame\seria\binaries\win64\seria.exe => No File FirewallRules: [TCP Query User{6A094B25-71F2-47DB-85A4-4E4A558255DC}D:\steamlibrary\steamapps\common\rematch playtest\runtime\binaries\win64\runtimeclient-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\rematch playtest\runtime\binaries\win64\runtimeclient-win64-shipping.exe => No File FirewallRules: [UDP Query User{43804104-A4E1-4C91-A632-362D11051A7F}D:\steamlibrary\steamapps\common\rematch playtest\runtime\binaries\win64\runtimeclient-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\rematch playtest\runtime\binaries\win64\runtimeclient-win64-shipping.exe => No File FirewallRules: [TCP Query User{31A2151F-FC15-4FEB-9F57-C5004FAF7434}D:\steamlibrary\steamapps\common\fantasy life i\game\binaries\win64\nfl1-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\fantasy life i\game\binaries\win64\nfl1-win64-shipping.exe => No File FirewallRules: [UDP Query User{914B980B-ED31-48AF-BB0B-8E1FAEBA8903}D:\steamlibrary\steamapps\common\fantasy life i\game\binaries\win64\nfl1-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\fantasy life i\game\binaries\win64\nfl1-win64-shipping.exe => No File FirewallRules: [TCP Query User{B18C0605-7D53-4E5D-8398-F1DE7AD42389}D:\steamlibrary\steamapps\common\vindictus defying fate demo\vindictus\binaries\win64\vindictus.exe] => (Allow) D:\steamlibrary\steamapps\common\vindictus defying fate demo\vindictus\binaries\win64\vindictus.exe => No File FirewallRules: [UDP Query User{917AC821-B5EA-4167-8E3D-894962D89667}D:\steamlibrary\steamapps\common\vindictus defying fate demo\vindictus\binaries\win64\vindictus.exe] => (Allow) D:\steamlibrary\steamapps\common\vindictus defying fate demo\vindictus\binaries\win64\vindictus.exe => No File FirewallRules: [{B0ADF68D-23E8-449A-A879-3350A5BC5223}] => (Allow) D:\FunPlus\DC Dark Legion\Launcher.exe => No File FirewallRules: [{2CB0B837-E7F1-4388-A0EE-413766106642}] => (Allow) D:\FunPlus\DC Dark Legion\Launcher.exe => No File FirewallRules: [{4ECC8467-3399-445F-9CB2-4491FA885B8B}] => (Allow) D:\FunPlus\DC Dark Legion\game\DC.exe => No File FirewallRules: [{2CCAFCCC-3430-4A2A-BAFE-D450660D8670}] => (Allow) D:\FunPlus\DC Dark Legion\game\DC.exe => No File FirewallRules: [TCP Query User{E4B2541A-2ED2-4A1C-B3DC-260BDD5638C0}D:\steamlibrary\steamapps\common\rematch\runtime\binaries\win64\runtimeclient-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\rematch\runtime\binaries\win64\runtimeclient-win64-shipping.exe => No File FirewallRules: [UDP Query User{F14A2587-75FC-4350-8C76-C386CC95FCBF}D:\steamlibrary\steamapps\common\rematch\runtime\binaries\win64\runtimeclient-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\rematch\runtime\binaries\win64\runtimeclient-win64-shipping.exe => No File FirewallRules: [{4FC71CE5-CDFA-49DA-8C14-B5BD15AD424D}] => (Allow) D:\SteamLibrary\steamapps\common\P5X\P5XLaunch\P5XGame.exe => No File FirewallRules: [{160A91D7-B4EE-45F9-A388-D66DCAB33A25}] => (Allow) D:\SteamLibrary\steamapps\common\P5X\P5XLaunch\P5XGame.exe => No File FirewallRules: [TCP Query User{28BCE52A-E9B0-4DE4-8F8B-3B0B25E8FE4A}D:\steamlibrary\steamapps\common\glacier events\bf6event.exe] => (Allow) D:\steamlibrary\steamapps\common\glacier events\bf6event.exe => No File FirewallRules: [UDP Query User{B52A7492-10F6-48FD-886D-9B006FB237FE}D:\steamlibrary\steamapps\common\glacier events\bf6event.exe] => (Allow) D:\steamlibrary\steamapps\common\glacier events\bf6event.exe => No File FirewallRules: [TCP Query User{57CB1F97-A35B-4EDA-A0C6-3F9198A9E85A}C:\users\tg02-007\appdata\local\discord\app-1.0.9202\discord.exe] => (Allow) C:\users\tg02-007\appdata\local\discord\app-1.0.9202\discord.exe => No File FirewallRules: [UDP Query User{35C1E6C7-E892-40E3-967F-9841A2B8C80E}C:\users\tg02-007\appdata\local\discord\app-1.0.9202\discord.exe] => (Allow) C:\users\tg02-007\appdata\local\discord\app-1.0.9202\discord.exe => No File FirewallRules: [TCP Query User{0195E396-56AC-4912-8AB6-0807FA891DDB}C:\users\tg02-007\appdata\local\wemod\app-11.0.2\wemod.exe] => (Allow) C:\users\tg02-007\appdata\local\wemod\app-11.0.2\wemod.exe => No File FirewallRules: [UDP Query User{DAA017A8-7294-420D-8532-044A8CA409B9}C:\users\tg02-007\appdata\local\wemod\app-11.0.2\wemod.exe] => (Allow) C:\users\tg02-007\appdata\local\wemod\app-11.0.2\wemod.exe => No File FirewallRules: [TCP Query User{D9AB58DC-DF7E-466A-AC05-40D4110E1015}D:\steamlibrary\steamapps\common\mgsdelta\mgsdelta\binaries\win64\mgsdelta-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\mgsdelta\mgsdelta\binaries\win64\mgsdelta-win64-shipping.exe => No File FirewallRules: [UDP Query User{592D7A1F-73D8-466B-99DB-213488408DF7}D:\steamlibrary\steamapps\common\mgsdelta\mgsdelta\binaries\win64\mgsdelta-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\mgsdelta\mgsdelta\binaries\win64\mgsdelta-win64-shipping.exe => No File FirewallRules: [TCP Query User{20A0A7CE-EDFA-4929-8949-6A3290413AA2}C:\riot games\2xko\live\lion\binaries\win64\lion-win64-shipping.exe] => (Allow) C:\riot games\2xko\live\lion\binaries\win64\lion-win64-shipping.exe => No File FirewallRules: [UDP Query User{E567BC31-3722-47AB-B442-68E13B9C8591}C:\riot games\2xko\live\lion\binaries\win64\lion-win64-shipping.exe] => (Allow) C:\riot games\2xko\live\lion\binaries\win64\lion-win64-shipping.exe => No File FirewallRules: [TCP Query User{07A6084F-3EB8-471C-B631-A307D47A4E96}D:\steamlibrary\steamapps\common\skate\skate.exe] => (Allow) D:\steamlibrary\steamapps\common\skate\skate.exe => No File FirewallRules: [UDP Query User{4588F0B1-742C-41B7-8E54-1EA3164DE275}D:\steamlibrary\steamapps\common\skate\skate.exe] => (Allow) D:\steamlibrary\steamapps\common\skate\skate.exe => No File FirewallRules: [{1E6CE83A-83EC-445B-8909-40AFE7CF4B52}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed] FirewallRules: [{D7885D13-B8C0-4413-A620-137960C3B2A8}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed] FirewallRules: [{C03107DA-A38E-46EF-A859-B4BB2E8E80C3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{879217B2-AD1E-44A8-AF17-A17AD9790EE3}] => (Allow) D:\SteamLibrary\steamapps\common\Blue Protocol Star Resonance\bpsr\BPSR_STEAM.exe => No File FirewallRules: [{9C252727-FDAA-479E-B2F3-33E79CEB4D55}] => (Allow) D:\SteamLibrary\steamapps\common\Blue Protocol Star Resonance\bpsr\BPSR_STEAM.exe => No File FirewallRules: [TCP Query User{D9B72D0D-2A39-4F54-81B0-EF55A4367175}D:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File FirewallRules: [UDP Query User{8D6E1AA4-9D4E-4375-A220-CE133E27A493}D:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\steamlibrary\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File FirewallRules: [TCP Query User{5824506B-B3D8-4427-8963-379782E51DA5}C:\users\tg02-007\onedrive\desktop\ballxpit\ballxpit\balls.exe] => (Allow) C:\users\tg02-007\onedrive\desktop\ballxpit\ballxpit\balls.exe => No File FirewallRules: [UDP Query User{EBECEBFC-2977-4E5A-8421-B32A4FEBC319}C:\users\tg02-007\onedrive\desktop\ballxpit\ballxpit\balls.exe] => (Allow) C:\users\tg02-007\onedrive\desktop\ballxpit\ballxpit\balls.exe => No File FirewallRules: [TCP Query User{C6D272DA-C659-48CA-BEF7-BB53B26F15BD}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{B27F075C-1D99-4FB8-B472-E401066E77E9}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{6E94F7D4-FADA-4FB9-A71B-22246625FEBB}D:\steamlibrary\steamapps\common\battlefield 6\bf6.exe] => (Allow) D:\steamlibrary\steamapps\common\battlefield 6\bf6.exe => No File FirewallRules: [UDP Query User{CEC58D3A-72D0-405E-BCC2-B71B008C070C}D:\steamlibrary\steamapps\common\battlefield 6\bf6.exe] => (Allow) D:\steamlibrary\steamapps\common\battlefield 6\bf6.exe => No File FirewallRules: [TCP Query User{848DA2BA-26FA-48BF-88DF-728D124B793B}C:\programdata\smilegate\games\chaoszeronightmare\bin\ssr-stove-shield.exe] => (Allow) C:\programdata\smilegate\games\chaoszeronightmare\bin\ssr-stove-shield.exe => No File FirewallRules: [UDP Query User{62A37141-3560-497A-8A27-18DC568665DA}C:\programdata\smilegate\games\chaoszeronightmare\bin\ssr-stove-shield.exe] => (Allow) C:\programdata\smilegate\games\chaoszeronightmare\bin\ssr-stove-shield.exe => No File FirewallRules: [{8F944EFA-F26B-408B-B4B4-710CDB3237DD}] => (Allow) D:\SteamLibrary\steamapps\common\Arc Raiders\PioneerGame.exe (Embark Studios AB -> Embark Studios AB) FirewallRules: [{1527B0BB-8655-4E3F-A247-CD849029D256}] => (Allow) D:\SteamLibrary\steamapps\common\Arc Raiders\PioneerGame.exe (Embark Studios AB -> Embark Studios AB) FirewallRules: [TCP Query User{20DD3D54-B936-4014-8DD4-1B862E1A63C1}D:\steamlibrary\steamapps\common\arc raiders\pioneergame\binaries\win64\pioneergame.exe] => (Allow) D:\steamlibrary\steamapps\common\arc raiders\pioneergame\binaries\win64\pioneergame.exe (Embark Studios AB -> Embark Studios AB) FirewallRules: [UDP Query User{E981FFFA-F8E7-4CDB-9C36-FED810BD6F5D}D:\steamlibrary\steamapps\common\arc raiders\pioneergame\binaries\win64\pioneergame.exe] => (Allow) D:\steamlibrary\steamapps\common\arc raiders\pioneergame\binaries\win64\pioneergame.exe (Embark Studios AB -> Embark Studios AB) FirewallRules: [{6DE59B89-EAF2-473B-B689-85CBFEBEF4A0}] => (Allow) D:\SteamLibrary\steamapps\common\Resident Evil 4\Bin32\bio4.exe => No File FirewallRules: [{3755A7DF-BCA3-459A-BEDA-4981476BC448}] => (Allow) D:\SteamLibrary\steamapps\common\Resident Evil 4\Bin32\bio4.exe => No File FirewallRules: [{83C2ADA7-D3EE-414F-ADF6-2DEE1F9A9BBE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{F3ACA65B-53B0-4289-9DF6-8F58317138BA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [TCP Query User{83FBF955-DDF8-4018-AE99-183D740A29F5}D:\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) D:\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe => No File FirewallRules: [UDP Query User{9B1B938E-7A2D-4872-BF6F-DBDA674DB900}D:\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) D:\steamlibrary\steamapps\common\red dead redemption 2\rdr2.exe => No File FirewallRules: [{65C5DC6F-04B1-4CB2-A762-1C35651DC9C9}] => (Allow) C:\ProgramData\Smilegate\STOVE\STOVE.exe => No File FirewallRules: [{1656D1CE-58DA-4128-90B8-CEB9BA5657AA}] => (Allow) C:\ProgramData\Smilegate\STOVE\STOVE.exe => No File FirewallRules: [TCP Query User{66640954-DF63-4D18-AEC0-715A57A493DA}C:\users\tg02-007\appdata\local\wemod\app-12.6.0\wand.exe] => (Allow) C:\users\tg02-007\appdata\local\wemod\app-12.6.0\wand.exe => No File FirewallRules: [UDP Query User{816B4B80-1D5F-4EAD-85DB-590F1289A30F}C:\users\tg02-007\appdata\local\wemod\app-12.6.0\wand.exe] => (Allow) C:\users\tg02-007\appdata\local\wemod\app-12.6.0\wand.exe => No File FirewallRules: [TCP Query User{788E297E-01E5-4910-B5ED-7EC7ABF749B5}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [UDP Query User{A39790ED-D104-4865-8D5B-51B331A4813F}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [{E44E99FE-3DBE-4338-8A0F-AE21624062E9}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Skutta Software GmbH -> ) FirewallRules: [{697C6C88-3A34-4964-82F7-6A0350336EFC}] => (Allow) D:\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Skutta Software GmbH -> ) FirewallRules: [TCP Query User{FAF03E7D-B35F-4284-ADF3-27CB54242D9B}D:\games\kingdom come - deliverance ii\bin\win64mastermastersteampgo\kingdomcome.exe] => (Allow) D:\games\kingdom come - deliverance ii\bin\win64mastermastersteampgo\kingdomcome.exe => No File FirewallRules: [UDP Query User{520A8131-30A3-4F67-B9A1-75A62D69441A}D:\games\kingdom come - deliverance ii\bin\win64mastermastersteampgo\kingdomcome.exe] => (Allow) D:\games\kingdom come - deliverance ii\bin\win64mastermastersteampgo\kingdomcome.exe => No File FirewallRules: [TCP Query User{00BECC2B-50F0-4C90-BA88-5C2807FBAD76}D:\games\gta v\gtavenhanced\gta5_enhanced.exe] => (Allow) D:\games\gta v\gtavenhanced\gta5_enhanced.exe => No File FirewallRules: [UDP Query User{682E6E99-5C8B-423F-85D1-B77579488C1C}D:\games\gta v\gtavenhanced\gta5_enhanced.exe] => (Allow) D:\games\gta v\gtavenhanced\gta5_enhanced.exe => No File FirewallRules: [TCP Query User{12347428-324D-47C6-8EE4-64F3E4D6943E}C:\users\tg02-007\appdata\local\wemod\app-12.8.0\wand.exe] => (Allow) C:\users\tg02-007\appdata\local\wemod\app-12.8.0\wand.exe => No File FirewallRules: [UDP Query User{C0877FB8-017B-4190-A804-FDEB44CDF114}C:\users\tg02-007\appdata\local\wemod\app-12.8.0\wand.exe] => (Allow) C:\users\tg02-007\appdata\local\wemod\app-12.8.0\wand.exe => No File FirewallRules: [TCP Query User{09770ABC-DE5D-4A5E-8F92-C6D8AD215AA0}C:\users\tg02-007\appdata\local\wemod\app-12.9.1\wand.exe] => (Block) C:\users\tg02-007\appdata\local\wemod\app-12.9.1\wand.exe => No File FirewallRules: [UDP Query User{86C758F2-598D-44F7-9791-F9421553954D}C:\users\tg02-007\appdata\local\wemod\app-12.9.1\wand.exe] => (Block) C:\users\tg02-007\appdata\local\wemod\app-12.9.1\wand.exe => No File FirewallRules: [{2BA96711-791C-4E15-8CD0-2ED03E5B2E18}] => (Allow) D:\SteamLibrary\steamapps\common\Expedition 33\Expedition33_Steam.exe (Sandfall Interactive, SAS -> Epic Games, Inc.) FirewallRules: [{F8433746-C022-4DC2-99A2-0E503BA1AF3F}] => (Allow) D:\SteamLibrary\steamapps\common\Expedition 33\Expedition33_Steam.exe (Sandfall Interactive, SAS -> Epic Games, Inc.) FirewallRules: [{D62C3A3F-E819-441B-838C-F5C7D1FD5555}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{4D73021A-B203-473A-91EE-64CFEE941384}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{C3F3D588-C222-4860-A3AD-A7DB42B325CD}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{6E0BEB7F-0533-48C9-9DE4-8B59C82085C7}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> ) FirewallRules: [{DB8623A4-E6A0-43BB-AD8D-515B7504727B}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{F6DB1C17-4E7E-4D8B-AA57-AB5C9134A5AF}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{4283E978-56F2-4131-9C35-44D2845AF490}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{863F476F-08A8-4C61-9973-6A624683F3DA}] => (Allow) D:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> ) FirewallRules: [{F6B12C63-3A3D-4F86-A302-9D7FFB9D7321}] => (Allow) D:\Games\Warframe\Warframe\Downloaded\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{1C58D78F-A739-47B5-94C5-0C24664FC542}] => (Allow) D:\Games\Warframe\Warframe\Downloaded\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{8A18739D-6741-4EE6-8019-013B8E62DE80}] => (Allow) D:\Games\Warframe\Warframe\Downloaded\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{07E1F366-D146-4E05-B1E3-CC5BCB6DF9D5}] => (Allow) D:\Games\Warframe\Warframe\Downloaded\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> ) FirewallRules: [{60FBC97B-7F2F-4E88-BE70-09E0D92ADAF4}] => (Allow) D:\Games\Warframe\Warframe\Downloaded\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{E6D88E3C-A37F-4DBA-9202-9FC5D42767AB}] => (Allow) D:\Games\Warframe\Warframe\Downloaded\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{886B86CD-96B1-4C60-B4E6-DCB8F1A54B86}] => (Allow) D:\Games\Warframe\Warframe\Downloaded\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{9986550A-C4DB-4C0C-A291-036320FB89C2}] => (Allow) D:\Games\Warframe\Warframe\Downloaded\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> ) FirewallRules: [{511DE48B-4130-40BA-BD19-E55BE1340180}] => (Allow) C:\Users\TG02-007\AppData\Local\Soulframe\Downloaded\Public\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{9E967262-02E7-4D62-9B36-119F3C616820}] => (Allow) C:\Users\TG02-007\AppData\Local\Soulframe\Downloaded\Public\Soulframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{72DAA1C1-956F-41C4-A71E-0C7DC123682C}] => (Allow) C:\Users\TG02-007\AppData\Local\Soulframe\Downloaded\Public\Soulframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{FBBAA1B0-9396-4FAA-9431-FC2527D1E4AC}] => (Allow) C:\Users\TG02-007\AppData\Local\Soulframe\Downloaded\Public\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> ) FirewallRules: [{998DD094-694C-4C5E-9C4C-E46D180259F7}] => (Allow) C:\Users\TG02-007\AppData\Local\Soulframe\Downloaded\Public\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{CACF537A-A53B-46FC-90AE-F8B182C39C80}] => (Allow) C:\Users\TG02-007\AppData\Local\Soulframe\Downloaded\Public\Soulframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{1F8A548A-8E51-4FDE-9045-10294BA732EA}] => (Allow) C:\Users\TG02-007\AppData\Local\Soulframe\Downloaded\Public\Soulframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes) FirewallRules: [{D0455110-1A4E-493B-B9FE-C269EE1AD4A8}] => (Allow) C:\Users\TG02-007\AppData\Local\Soulframe\Downloaded\Public\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> ) FirewallRules: [TCP Query User{365D0105-05FB-46FD-A7F5-182C6017FB8E}C:\users\tg02-007\appdata\local\stoat\app-1.2.0\stoat-desktop.exe] => (Allow) C:\users\tg02-007\appdata\local\stoat\app-1.2.0\stoat-desktop.exe (izzy) [File not signed] FirewallRules: [UDP Query User{3C9C85E3-FB11-4816-976A-585B660927A6}C:\users\tg02-007\appdata\local\stoat\app-1.2.0\stoat-desktop.exe] => (Allow) C:\users\tg02-007\appdata\local\stoat\app-1.2.0\stoat-desktop.exe (izzy) [File not signed] FirewallRules: [{8D5F9342-16F0-4ECF-BD8C-9660241F1DD5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.MinecraftEducationEdition_1.21.13201.0_x64__8wekyb3d8bbwe\Minecraft.Windows.exe (Microsoft Corporation -> ) FirewallRules: [{97C257B0-01AF-450E-9F16-454E06EE3167}] => (Allow) C:\Program Files\WindowsApps\Microsoft.MinecraftEducationEdition_1.21.13201.0_x64__8wekyb3d8bbwe\Minecraft.Windows.exe (Microsoft Corporation -> ) FirewallRules: [{7E1360EB-FF10-4D53-AF37-89F53ACF3F91}] => (Allow) D:\SteamLibrary\steamapps\common\Marathon\MarathonLauncher.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{6D22F558-F6F4-4107-9A04-15D1A66B2281}] => (Allow) D:\SteamLibrary\steamapps\common\Marathon\MarathonLauncher.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [TCP Query User{8204E35C-B6D9-4DD4-8726-D475F6B8BA10}C:\users\tg02-007\appdata\local\capcut\apps\8.2.0.3462\capcut.exe] => (Block) C:\users\tg02-007\appdata\local\capcut\apps\8.2.0.3462\capcut.exe (Bytedance Pte. Ltd. -> ByteDance) FirewallRules: [UDP Query User{1244D08D-A9F8-42A0-8623-A7B90FE04EF1}C:\users\tg02-007\appdata\local\capcut\apps\8.2.0.3462\capcut.exe] => (Block) C:\users\tg02-007\appdata\local\capcut\apps\8.2.0.3462\capcut.exe (Bytedance Pte. Ltd. -> ByteDance) FirewallRules: [{4282C5C1-9F37-43B6-AE23-0200514D95B6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2602.10.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{EA658F79-B4A2-4F0C-BE18-F892C9AEDCD0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2602.10.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{E14D5F2C-9872-4460-905A-1EA7F821BE23}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2602.10.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{15357F92-BBD3-4754-BD4B-BC7275984A90}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2602.10.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{3179920B-7456-4831-8453-E21B5A9083F4}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2602.10.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{3E97CC0E-87C7-463F-8D97-3D271C09AA98}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2602.10.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{C15E4536-EDD7-4D0D-BB61-975A136A93C4}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2602.10.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{5E0C0823-2D53-4758-B609-3D12D8325194}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2602.10.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{906E4484-9803-4F54-8FCE-6389EF9A300B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2602.10.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{5475C7DF-3CC6-492E-B8F2-AD5F212CF133}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2602.10.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{6DB9CEE3-F3C0-41F1-BDA6-B34ACBD9CE6F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2602.10.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{2094448C-42D6-4FB0-9243-CB66A5359CAF}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2602.10.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{071D3E6C-AFB8-4AF4-BFA6-B0F2CF2FC6E6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2602.10.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{9530B70C-604F-4400-AC43-8F7721591249}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2602.10.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{3F5977B6-4B50-4913-B865-848DB0348768}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2602.10.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [{412D36CC-28D6-4163-AB81-60A2E26BDF4D}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2602.10.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) FirewallRules: [TCP Query User{2440B7CA-7A57-4FDD-94AF-C80B0BED30DE}C:\users\tg02-007\appdata\local\wemod\app-12.16.0\wand.exe] => (Allow) C:\users\tg02-007\appdata\local\wemod\app-12.16.0\wand.exe (WeMod LLC -> WeMod) FirewallRules: [UDP Query User{0A5C7345-1E62-45C5-A3F4-1F12922959E6}C:\users\tg02-007\appdata\local\wemod\app-12.16.0\wand.exe] => (Allow) C:\users\tg02-007\appdata\local\wemod\app-12.16.0\wand.exe (WeMod LLC -> WeMod) FirewallRules: [{FB2B66F9-75DE-4C08-98E5-DC058EC65F7E}] => (Allow) C:\Program Files\Opera GX\opera.exe (Opera Norway AS -> Opera Software) FirewallRules: [{1A639FB7-FDA6-4B3D-990E-755DE949CF39}] => (Allow) C:\Program Files (x86)\Overwolf\0.294.3.2\OverwolfBrowser.exe => No File FirewallRules: [{211FB508-2501-4905-B95B-E4C85FFACB8B}] => (Allow) C:\Program Files (x86)\Overwolf\0.294.3.2\OverwolfBrowser.exe => No File FirewallRules: [{4DCE4936-0BAB-4388-BF10-119A3136294D}] => (Block) C:\Program Files (x86)\Overwolf\0.294.3.2\OverwolfBrowser.exe => No File FirewallRules: [{849022D8-B1E2-4042-AB5A-4D873EEC9E50}] => (Block) C:\Program Files (x86)\Overwolf\0.294.3.2\OverwolfBrowser.exe => No File FirewallRules: [{046FC8AE-5E31-4508-B08E-5C20D549E9C1}] => (Allow) C:\Program Files (x86)\Overwolf\0.292.142.12\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{530BA879-B749-4967-95B3-552D68206553}] => (Allow) C:\Program Files (x86)\Overwolf\0.292.142.12\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{834F5D28-4CE2-4B60-9DBE-7ECD3965D33A}] => (Block) C:\Program Files (x86)\Overwolf\0.292.142.12\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{07284B31-3367-42E0-AEDF-F7F924DFB685}] => (Block) C:\Program Files (x86)\Overwolf\0.292.142.12\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{D01BF84D-5B32-4542-A284-FC31F7511756}] => (Allow) C:\Program Files (x86)\Overwolf\0.296.0.23\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{BFD676A0-B0AB-4434-877C-3DD32415713A}] => (Allow) C:\Program Files (x86)\Overwolf\0.296.0.23\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [{6E5851FF-457E-4781-A81C-C78EA0B0422F}] => (Allow) D:\SteamLibrary\steamapps\common\Crimson Desert\bin64\CrimsonDesert.exe (Pearl abyss Corp -> PearlAbyss) FirewallRules: [{178FC0C4-62CE-463C-B931-60EE339B60B3}] => (Allow) D:\SteamLibrary\steamapps\common\Crimson Desert\bin64\CrimsonDesert.exe (Pearl abyss Corp -> PearlAbyss) FirewallRules: [TCP Query User{80B43258-792E-4551-A5AF-30E17E113272}C:\users\tg02-007\appdata\local\wemod\app-12.17.0\wand.exe] => (Allow) C:\users\tg02-007\appdata\local\wemod\app-12.17.0\wand.exe (WeMod LLC -> WeMod) FirewallRules: [UDP Query User{0CF0952C-0823-4718-BE0A-A677BCF3865E}C:\users\tg02-007\appdata\local\wemod\app-12.17.0\wand.exe] => (Allow) C:\users\tg02-007\appdata\local\wemod\app-12.17.0\wand.exe (WeMod LLC -> WeMod) ==================== Restore Points ========================= 30-03-2026 06:48:34 Checkpoint by HitmanPro 30-03-2026 06:49:27 Checkpoint by HitmanPro ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (03/30/2026 01:17:13 PM) (Source: MsiInstaller) (EventID: 1013) (User: NT AUTHORITY) Description: Product: HP Display Control Service -- The device is not a supported system. Aborting installation. Error: (03/30/2026 01:17:12 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY) Description: Product: HP Display Control Service -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2753. The arguments are: DisplayControl, , Error: (03/30/2026 01:16:58 PM) (Source: MsiInstaller) (EventID: 1013) (User: NT AUTHORITY) Description: Product: HP Display Control Service -- The device is not a supported system. Aborting installation. Error: (03/30/2026 01:16:57 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY) Description: Product: HP Display Control Service -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2753. The arguments are: DisplayControl, , Error: (03/30/2026 01:16:37 PM) (Source: Application Error) (EventID: 1000) (User: ALEKS) Description: Faulting application name: CircuitPilot.exe, version: 5.0.1000.0, time stamp: 0x673be972 Faulting module name: vcomp140.dll, version: 0.0.0.0, time stamp: 0x69984d56 Exception code: 0xc0000005 Fault offset: 0x000000000000585c Faulting process id: 0xf08 Faulting application start time: 0x1dcc036ac02e528 Faulting application path: C:\ProgramData\MgrMaintain\CircuitPilot.exe Faulting module path: C:\ProgramData\MgrMaintain\vcomp140.dll Report Id: c5cdcbbd-eae4-4924-8995-bb4d054f49ec Faulting package full name: Faulting package-relative application ID: Error: (03/30/2026 01:15:59 PM) (Source: IPF) (EventID: 17) (User: NT AUTHORITY) Description: Event-ID 17 Error: (03/30/2026 01:15:59 PM) (Source: IPF) (EventID: 17) (User: NT AUTHORITY) Description: Event-ID 17 Error: (03/30/2026 01:15:59 PM) (Source: IPF) (EventID: 17) (User: NT AUTHORITY) Description: Event-ID 17 System errors: ============= Error: (03/30/2026 01:20:56 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY) Description: The Secure Boot update failed to update SBAT with error -1878589247. For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931 Error: (03/30/2026 01:20:56 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT AUTHORITY) Description: Updated Secure Boot certificates are available on this device but have not yet been applied to the firmware. Review the published guidance to complete the update and maintain full protection. This device signature information is included here. DeviceAttributes: FirmwareManufacturer:AMI;FirmwareVersion:F.31;OEMModelBaseBoard:89B5;OEMManufacturerName:HP;OSArchitecture:amd64; BucketId: 5d0ca651242894982fadd0b688bd4abf6f1fdb4f506f0eefe4ddac007c1bbce2 BucketConfidenceLevel: Under Observation - More Data Needed UpdateType: For more information, please see https://go.microsoft.com/fwlink/?linkid=2301018. Error: (03/30/2026 09:56:29 AM) (Source: Microsoft-Windows-HAL) (EventID: 21) (User: NT AUTHORITY) Description: The hardware real-time clock was not set because evaluation of the ACPI Time and Alarm Device method failed. Status: 3221225473. Error: (03/30/2026 09:56:20 AM) (Source: DCOM) (EventID: 10010) (User: ALEKS) Description: The server Microsoft.WindowsStore_22602.1401.4.0_x64__8wekyb3d8bbwe!App.AppXbes12ecwhvvewxbmkmnasc9amnxfsx1c.mca did not register with DCOM within the required timeout. Error: (03/30/2026 09:56:20 AM) (Source: DCOM) (EventID: 10010) (User: ALEKS) Description: The server Microsoft.WindowsFeedbackHub_1.2602.13304.0_x64__8wekyb3d8bbwe!App.AppX8a6w88secebzyje9nrqc47xt488tkbmc.mca did not register with DCOM within the required timeout. Error: (03/30/2026 09:56:20 AM) (Source: DCOM) (EventID: 10010) (User: ALEKS) Description: The server Microsoft.StorePurchaseApp_22601.1401.1.0_x64__8wekyb3d8bbwe!App.AppXh68f74x901gdx01kwdh3szc5yp7bnmah.mca did not register with DCOM within the required timeout. Error: (03/30/2026 08:24:31 AM) (Source: Microsoft-Windows-HAL) (EventID: 21) (User: NT AUTHORITY) Description: The hardware real-time clock was not set because evaluation of the ACPI Time and Alarm Device method failed. Status: 3221225473. Error: (03/30/2026 08:24:30 AM) (Source: Microsoft-Windows-HAL) (EventID: 21) (User: NT AUTHORITY) Description: The hardware real-time clock was not set because evaluation of the ACPI Time and Alarm Device method failed. Status: 3221225473. Windows Defender: ================ Date: 2026-03-29 12:11:23 Description: Microsoft Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:MSIL/Heracles.MK!MTB&threatid=2147965149&enterprise=0 Name: Trojan:MSIL/Heracles.MK!MTB Severity: Grave Category: Trojan Path: file:_C:\ProgramData\Lupa\Cawe.dll Detection Origin: Computer locale Detection Type: Concreta Detection Source: Protezione in tempo reale Process Name: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe Security intelligence Version: AV: 1.447.65.0, AS: 1.447.65.0, NIS: 1.447.65.0 Engine Version: AM: 1.1.26020.3, NIS: 1.1.26020.3 Date: 2026-03-29 06:00:10 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Analisi veloce Stop Reason: Ѕςћέδűŀёđ ѕčǻп ώãŝ šĸїφφзđ вě¢áùśě τĥέ ļăšŧ ŝũĉčėšşƒцľ şĉдŋ ẅãś шϊţнìŋ ťнέ ĺáşţ 7 ðαγѕ Date: 2026-03-29 01:14:20 Description: Microsoft Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Crack!MTB&threatid=2147745913&enterprise=0 Name: HackTool:Win32/Crack!MTB Severity: Alto Category: Strumento Path: file:_C:\Users\TG02-007\Downloads\The Last of Us - Part I [FitGirl Repack]\setup.exe Detection Origin: Computer locale Detection Type: Percorso rapido Detection Source: Protezione in tempo reale Process Name: C:\Program Files\qBittorrent\qbittorrent.exe Security intelligence Version: AV: 1.447.57.0, AS: 1.447.57.0, NIS: 1.447.57.0 Engine Version: AM: 1.1.26020.3, NIS: 1.1.26020.3 Date: 2026-03-29 01:13:55 Description: Microsoft Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Crack!MTB&threatid=2147745913&enterprise=0 Name: HackTool:Win32/Crack!MTB Severity: Alto Category: Strumento Path: file:_C:\Users\TG02-007\Downloads\The Last of Us - Part I [FitGirl Repack]\setup.exe Detection Origin: Computer locale Detection Type: Percorso rapido Detection Source: Protezione in tempo reale Process Name: C:\Program Files\qBittorrent\qbittorrent.exe Security intelligence Version: AV: 1.447.57.0, AS: 1.447.57.0, NIS: 1.447.57.0 Engine Version: AM: 1.1.26020.3, NIS: 1.1.26020.3 Date: 2026-03-29 01:13:24 Description: Microsoft Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Crack!MTB&threatid=2147745913&enterprise=0 Name: HackTool:Win32/Crack!MTB Severity: Alto Category: Strumento Path: file:_C:\Users\TG02-007\Downloads\The Last of Us - Part I [FitGirl Repack]\setup.exe Detection Origin: Computer locale Detection Type: Percorso rapido Detection Source: Protezione in tempo reale Process Name: C:\Program Files\qBittorrent\qbittorrent.exe Security intelligence Version: AV: 1.447.57.0, AS: 1.447.57.0, NIS: 1.447.57.0 Engine Version: AM: 1.1.26020.3, NIS: 1.1.26020.3 Event[0] Date: 2026-03-26 04:05:38 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.447.9.0 Update Source: Server Microsoft Update Security intelligence Type: Antivirus Update Type: Completo Current Engine Version: Previous Engine Version: 1.1.26020.3 Error code: 0x80240016 Error description: Problema imprevisto durante la ricerca degli aggiornamenti. Per informazioni sull'installazione degli aggiornamenti o la risoluzione dei problemi relativi, consultare Guida e supporto tecnico. CodeIntegrity: =============== Date: 2026-03-30 13:19:05 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\ProgramData\Microsoft\Windows Defender\Platform\4.18.26020.6-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Microsoft signing level requirements. Date: 2026-03-30 13:18:45 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Users\TG02-007\AppData\Local\Discord\app-1.0.9230\Discord.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Overwolf\0.296.0.23\OWClient.dll that did not meet the Microsoft signing level requirements. Date: 2026-03-30 13:18:45 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Users\TG02-007\AppData\Local\Discord\app-1.0.9230\Discord.exe) attempted to load \Device\HarddiskVolume6\Program Files (x86)\Overwolf\0.296.0.23\ow-graphics-vulkan.dll that did not meet the Microsoft signing level requirements. Date: 2026-03-30 13:18:45 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Users\TG02-007\AppData\Local\Discord\app-1.0.9230\Discord.exe) attempted to load \Device\HarddiskVolume6\ProgramData\obs-studio-hook\we-graphics-hook64.dll that did not meet the Microsoft signing level requirements. Date: 2026-03-30 13:18:37 Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements. ==================== Memory info =========================== BIOS: AMI F.31 10/14/2024 Motherboard: HP 89B5 Processor: 12th Gen Intel(R) Core(TM) i7-12700F Percentage of memory in use: 60% Total physical RAM: 16139.44 MB Available physical RAM: 6333.12 MB Total Virtual: 53595.44 MB Available Virtual: 40916.86 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:475.86 GB) (Free:172.03 GB) (Model: NVMe INTEL SSDPEKNU512GZH) NTFS Drive d: (Volume) (Fixed) (Total:931.4 GB) (Free:402.65 GB) (Model: CT1000MX500SSD1) NTFS \\?\Volume{7a44eb19-bc48-42c8-84e7-0f21ec48910d}\ () (Fixed) (Total:0.8 GB) (Free:0.11 GB) NTFS \\?\Volume{05b27d6b-1640-4643-8828-d3721026ce9d}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32 \\?\Volume{43e869c6-d9a6-4675-a713-ced6247842df}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.14 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (Size: 476.9 GB) (Disk ID: B0D71E8A) Partition: GPT. ==================== End of Addition.txt =======================