content copied
content
Start::
SystemRestore: On
CreateRestorePoint:
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{03B29243-35DA-4858-920E-B70A007DF5AA}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.217.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{041F9391-C79D-44EE-AA4E-AF4E029C4B47}\InprocServer32 -> C:\Users\ACER\AppData\Local\Google\Update\1.3.36.112\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{1C67DF85-7959-43C0-92F8-2CAD0314C31C}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.201.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{1F9E0710-2073-435F-9C1B-F29946205947}\InprocServer32 -> C:\Users\ACER\AppData\Local\Google\Update\1.3.36.152\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{22D49062-B8D3-4DD5-B9C2-A044EA04D5CD}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.223.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{2919A592-BF5E-4AF5-A658-84454D70841E}\InprocServer32 -> C:\Users\ACER\AppData\Local\Google\Update\1.3.36.202\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{2ABD6384-2E18-40E8-8439-F06D21E0B03D}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.195.43\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{2B49DB21-41C5-44C0-8358-CA4C76205AE1}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.209.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{2EF7E390-2F7C-4F9A-9B7D-4A87B56B711D}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.173.51\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{2FDB3305-19B8-4FE2-972B-ED5E97CBBD6E}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.195.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{38971E90-14FD-44F6-AA45-1447B653F873}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.173.45\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{41B09861-5409-4D44-8CA4-D49FBFAA2E6F}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.195.49\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{448DD314-7FBB-429C-9DAA-C05A00D235A8}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.215.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{4FFB4BD8-A109-4F25-A4DB-313678B19417}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.195.31\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{5247F326-2FF0-4920-998E-12AA35F0883C}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.213.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{5D44759C-CF3F-433D-9EA0-267E45577C77}\InprocServer32 -> C:\Users\ACER\AppData\Local\Google\Update\1.3.36.212\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{5E9DEE2B-5F44-4C87-84B8-D2E7B11D7017}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.229.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{608D599A-DCA6-4A7C-BED7-AFCD8465345A}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.175.29\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{64C6EFB9-8F79-4106-B975-067448DC768F}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{674CB023-C9D4-4286-B1FF-A1FF76AD4B27}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.227.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{69545769-8D02-4B07-A481-AD374CD8D5D1}\InprocServer32 -> C:\Users\ACER\AppData\Local\Google\Update\1.3.36.131\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{75399D28-E622-4973-8752-BC0F7DC47AF3}\InprocServer32 -> C:\Users\ACER\AppData\Local\Google\Update\1.3.36.122\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{78C1ADF4-6DAE-4164-AEFA-4E3EAD9E750A}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.195.19\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{79F05C14-E714-4C12-9924-93C812894CB0}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.195.57\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{7C9A348D-C321-47AC-904F-150312A5430F}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.175.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{7EFB4924-4B93-4C43-9832-9C3D05E85214}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.195.59\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{88B20FC8-EBD6-4181-B5F6-50F45BFF722E}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.167.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{89b2b650-c4dd-d68b-46e7-3176f1973c8b}\localserver32 -> "C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{8DC94452-5748-435A-B24F-B0F57718821E}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.225.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{997809F3-33FD-4FD6-A2ED-CEF50F3263B1}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.169.31\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{9C391760-8CB8-4F1E-AB7D-0C9915EFB004}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.211.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.195.25\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{A78355B5-2A4D-486B-B97A-43448FC8C34D}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.207.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{AA0C8DF4-8EEB-489C-A922-5B6D264C19E8}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.161.35\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{ABF66F82-B04C-4FE4-8272-661539463FE1}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{AE9899FA-E21F-4D91-BD1F-59BC10E56CA1}\InprocServer32 -> C:\Users\ACER\AppData\Local\Google\Update\1.3.36.292\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{B06CDB94-367C-47AD-BB4F-C8B6DF7EF889}\InprocServer32 -> C:\Users\ACER\AppData\Local\Google\Update\1.3.36.132\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.195.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{B29F5F83-90DF-479A-BDE7-8A9F4412E394}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.171.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{BB04C6F8-598E-4733-ABB4-07489C863436}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.205.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{BC4C72EF-3055-4A6D-86E1-AE4D24DB63CA}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.195.35\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{BCF99248-58CE-4562-B227-14D1E171B49D}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.221.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{BE5C2E39-090F-46A2-AFAA-47540743B4FE}\InprocServer32 -> C:\Users\ACER\AppData\Local\Google\Update\1.3.36.102\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{BFBE0943-74C5-40E0-9E80-0B808109E95D}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.163.19\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{C88B3957-621C-415B-8EE5-B688FC7EF924}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.195.61\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{CA07EE63-A212-4373-AE82-FBF92FCA8DCC}\InprocServer32 -> C:\Users\ACER\AppData\Local\Google\Update\1.3.36.242\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E}\InprocServer32 -> C:\Users\ACER\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{CAE1760A-CB07-481B-8F9A-BC65510AF5D5}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.185.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{D1CE12B0-2529-4B24-BE8E-189735EA0DC1}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.165.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{D2188EEC-2B0F-488C-8ECA-5285E8ECD87D}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.195.69\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{D8599F80-3D26-46D2-8CF1-0AD21B0ECF31}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.195.65\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{DA06AAE8-5748-4509-850F-17AA522F8372}\InprocServer32 -> C:\Users\ACER\AppData\Local\Google\Update\1.3.36.272\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{DAA7499A-B3AC-4419-A89B-124318504051}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.185.29\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{E4949BE6-C9FF-4AFA-8672-6127D857418B}\InprocServer32 -> C:\Users\ACER\AppData\Local\Google\Update\1.3.36.312\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{E76F97B1-1AE9-497C-9FA4-F57BBABAD54A}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.185.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{E8791438-3525-48BF-A600-C577AD1674C2}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.173.49\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{ECCE2756-C45D-4E13-BC2D-EC9F138997E6}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.199.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{F1CBF5EB-347F-4E4C-90AC-E43339FC34EC}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.173.55\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4030880917-4125870195-3449955818-1001_Classes\CLSID\{F46A78BD-06FC-442C-88DF-0500F08F2379}\InprocServer32 -> C:\Users\ACER\AppData\Local\Microsoft\EdgeUpdate\1.3.195.45\psuser_64.dll => No File
AlternateDataStreams: C:\Users\ACER\Downloads\KAOS MAGAZINE.af~lock~:com.dropbox.ignored [10]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [2888]
FirewallRules: [UDP Query User{5833613A-DFD1-4634-B664-6F883BB012DC}C:\users\acer\appdata\local\discord\app-1.0.9205\discord.exe] => (Allow) C:\users\acer\appdata\local\discord\app-1.0.9205\discord.exe => No File
FirewallRules: [TCP Query User{CF30C9E1-06CD-45F5-94B1-1D5A96D63637}C:\users\acer\appdata\local\discord\app-1.0.9205\discord.exe] => (Allow) C:\users\acer\appdata\local\discord\app-1.0.9205\discord.exe => No File
FirewallRules: [UDP Query User{6F0F02FB-9229-415C-8D27-3EF36B4CCB57}C:\users\acer\appdata\local\discord\app-1.0.9204\discord.exe] => (Allow) C:\users\acer\appdata\local\discord\app-1.0.9204\discord.exe => No File
FirewallRules: [TCP Query User{AEBB7EC4-0B6C-412B-8746-51FBE222927F}C:\users\acer\appdata\local\discord\app-1.0.9204\discord.exe] => (Allow) C:\users\acer\appdata\local\discord\app-1.0.9204\discord.exe => No File
FirewallRules: [UDP Query User{428C0FB7-8E9E-403A-B292-F0ECC4E7B5F1}C:\users\acer\appdata\local\discord\app-1.0.9202\discord.exe] => (Block) C:\users\acer\appdata\local\discord\app-1.0.9202\discord.exe => No File
FirewallRules: [TCP Query User{5561E115-DE61-46DB-8FBD-E66C7C03C081}C:\users\acer\appdata\local\discord\app-1.0.9202\discord.exe] => (Block) C:\users\acer\appdata\local\discord\app-1.0.9202\discord.exe => No File
FirewallRules: [{4CD8262F-1031-4ACE-9724-3E6A06088A41}] => (Allow) C:\Program Files\InfinityNikkiGlobal Launcher\InfinityNikkiGlobal\InfinityNikki.exe => No File
FirewallRules: [{97042AD5-F0AC-40DD-948F-B08D31016DC4}] => (Allow) C:\Program Files\InfinityNikkiGlobal Launcher\InfinityNikkiGlobal\X6Game\Binaries\Win64\X6Game-Win64-Shipping.exe => No File
FirewallRules: [{8282452C-14AB-4BDB-9B88-8DC885652DA7}] => (Allow) C:\Program Files\InfinityNikkiGlobal Launcher\1.0.9\xstarter.exe => No File
FirewallRules: [{494C5C40-2B0D-4465-85B6-92C315827487}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Homicipher Prologue\Homicipher Prologue\Homicipher.exe => No File
FirewallRules: [{DE3ABFA6-E0FE-4A09-843A-F3483A610B77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Homicipher Prologue\Homicipher Prologue\Homicipher.exe => No File
FirewallRules: [UDP Query User{F34C9867-ACB8-4C4F-9E58-BBDE301BCAF0}C:\users\acer\appdata\local\programs\sims 4 mod manager\sims 4 mod manager.exe] => (Block) C:\users\acer\appdata\local\programs\sims 4 mod manager\sims 4 mod manager.exe => No File
FirewallRules: [TCP Query User{376265F4-0D90-4817-88C1-46A8D89399BF}C:\users\acer\appdata\local\programs\sims 4 mod manager\sims 4 mod manager.exe] => (Block) C:\users\acer\appdata\local\programs\sims 4 mod manager\sims 4 mod manager.exe => No File
FirewallRules: [UDP Query User{40314EE3-8850-47D4-A8BF-699D6D51255F}C:\users\acer\downloads\citra-windows-msys2-20240303-0ff3440\nightly\citra-qt.exe] => (Allow) C:\users\acer\downloads\citra-windows-msys2-20240303-0ff3440\nightly\citra-qt.exe => No File
FirewallRules: [TCP Query User{3A821449-5B98-4234-9F1F-1D1102D2FE32}C:\users\acer\downloads\citra-windows-msys2-20240303-0ff3440\nightly\citra-qt.exe] => (Allow) C:\users\acer\downloads\citra-windows-msys2-20240303-0ff3440\nightly\citra-qt.exe => No File
FirewallRules: [{C4D216F3-B28D-4BF9-8E00-89892BED8996}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe => No File
FirewallRules: [{1531BDFB-0DA3-4F3E-AB76-78DE2FBF5765}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe => No File
FirewallRules: [{2903F113-A44B-405D-8907-03532A5CF0D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.218.999.0_x64__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{76B719EE-9A6B-4686-9676-1EB69A49F538}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.218.999.0_x64__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{83A79383-8ADE-43FB-BAFC-74C8D941945F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.218.999.0_x64__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{E4C9751F-2DE7-4D18-BAB1-E2C0F4BB74D9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.218.999.0_x64__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{D29AE9D8-18AA-4F23-86E8-F25E9526C298}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.218.999.0_x64__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{040888F3-0D73-4BA3-AD57-71AB723E5B75}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.218.999.0_x64__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{2A3C0262-0E5B-4F51-8206-8E2C7898FF20}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.218.999.0_x64__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{E6A66BC5-AFC4-481C-9360-7DAC0E3D58B8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.218.999.0_x64__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{C4CBC9A9-E3F3-44C3-BB35-F8173E288162}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.218.999.0_x64__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{D4A94805-04B6-4333-8BD5-22E540D7B43D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.218.999.0_x64__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [UDP Query User{CD2FAFDA-D0BC-4388-97A3-D2B2FDFFC098}C:\users\acer\appdata\local\programs\@anydoelectron-app\anydo.exe] => (Allow) C:\users\acer\appdata\local\programs\@anydoelectron-app\anydo.exe => No File
FirewallRules: [TCP Query User{40C3C765-18E7-4D04-8FD9-DA43E782C135}C:\users\acer\appdata\local\programs\@anydoelectron-app\anydo.exe] => (Allow) C:\users\acer\appdata\local\programs\@anydoelectron-app\anydo.exe => No File
FirewallRules: [{0520254B-7911-4050-9DB5-26E2E14BE740}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe => No File
FirewallRules: [{6B8AD783-6C2B-4B29-9CEA-AAEBFDBDCB6D}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe => No File
FirewallRules: [UDP Query User{E28F99E5-B08E-4F4F-9D7C-F67A095CCE0C}C:\program files\star rail\games\starrail_data\plugins\x86_64\zfgamebrowser.exe] => (Block) C:\program files\star rail\games\starrail_data\plugins\x86_64\zfgamebrowser.exe => No File
FirewallRules: [TCP Query User{85FBDAC3-7617-4FE2-83AB-D36DF70BC4A4}C:\program files\star rail\games\starrail_data\plugins\x86_64\zfgamebrowser.exe] => (Block) C:\program files\star rail\games\starrail_data\plugins\x86_64\zfgamebrowser.exe => No File
FirewallRules: [UDP Query User{3CB1EE64-5BD3-4DED-ADDA-F53C72223597}C:\program files\star rail\games\starrail.exe] => (Allow) C:\program files\star rail\games\starrail.exe => No File
FirewallRules: [TCP Query User{2A0A5A08-E31A-4C41-8B1B-46B9465F375E}C:\program files\star rail\games\starrail.exe] => (Allow) C:\program files\star rail\games\starrail.exe => No File
FirewallRules: [{F157423F-519C-47E7-904F-42E5540D1DA4}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe => No File
FirewallRules: [UDP Query User{1FB3FCB2-E4FF-4225-9C27-F3265368BEB1}C:\identityv\ccmini\ccmini.exe] => (Block) C:\identityv\ccmini\ccmini.exe => No File
FirewallRules: [TCP Query User{96B75935-FCC9-4AAF-86FD-184A5AAE559A}C:\identityv\ccmini\ccmini.exe] => (Block) C:\identityv\ccmini\ccmini.exe => No File
FirewallRules: [{A66B9D73-CC62-4F0A-A8A4-C04408849F1F}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe => No File
FirewallRules: [{D72EB739-B08E-422F-892F-BA916EDB7C04}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe => No File
FirewallRules: [{874FFDF6-FB96-4C44-A4A4-8D30C74C66D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FapGoddess_Steam\FapGoddess_Steam\FapGoddess.exe => No File
FirewallRules: [{EAB074CB-9A1E-481A-8F5D-D4C7F4516137}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FapGoddess_Steam\FapGoddess_Steam\FapGoddess.exe => No File
FirewallRules: [UDP Query User{C37FFE5D-CD52-433A-BC53-FBACF681D6D5}C:\program files\genshin impact\genshin impact game\genshinimpact_data\plugins\zfgamebrowser.exe] => (Block) C:\program files\genshin impact\genshin impact game\genshinimpact_data\plugins\zfgamebrowser.exe => No File
FirewallRules: [TCP Query User{4C2B194D-A6F8-4047-B13F-F6D2DED95531}C:\program files\genshin impact\genshin impact game\genshinimpact_data\plugins\zfgamebrowser.exe] => (Block) C:\program files\genshin impact\genshin impact game\genshinimpact_data\plugins\zfgamebrowser.exe => No File
FirewallRules: [UDP Query User{B6D67382-48F3-4AFB-B945-8F3154989E17}C:\program files\unity hub\unity hub.exe] => (Block) C:\program files\unity hub\unity hub.exe => No File
FirewallRules: [TCP Query User{E697904A-87FC-4D4D-ABB8-B4C2062A4A7C}C:\program files\unity hub\unity hub.exe] => (Block) C:\program files\unity hub\unity hub.exe => No File
FirewallRules: [{1459FB73-2DB3-4E08-BE75-E9C131E0D581}] => (Allow) C:\Program Files\Unity Hub\Unity Hub.exe => No File
FirewallRules: [UDP Query User{FEF27205-AA8B-49BA-82D9-B98807D7F6B3}C:\identityv\dwrg.exe] => (Block) C:\identityv\dwrg.exe => No File
FirewallRules: [TCP Query User{858BDD19-FF9A-4A53-A533-08D9DB042552}C:\identityv\dwrg.exe] => (Block) C:\identityv\dwrg.exe => No File
FirewallRules: [{F7C65795-CE4A-4F02-BF3A-5900D0A21E2E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{43F3BC96-015F-4CAB-A48F-FB6EAF4CF070}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [UDP Query User{A056F747-A5E5-4F6A-8A31-FC98BF78B0B5}C:\users\acer\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\acer\appdata\local\google\chrome\application\chrome.exe => No File
FirewallRules: [TCP Query User{20BC8AEA-CA0F-4265-9769-A6E87EE98B1D}C:\users\acer\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\acer\appdata\local\google\chrome\application\chrome.exe => No File
FirewallRules: [UDP Query User{70B3F8EE-2DB7-4567-B8E9-EC81E490DBD8}C:\program files\genshin impact\genshin impact game\genshinimpact.exe] => (Block) C:\program files\genshin impact\genshin impact game\genshinimpact.exe => No File
FirewallRules: [TCP Query User{DF23CCF0-EBF5-4749-899F-225746CFAB64}C:\program files\genshin impact\genshin impact game\genshinimpact.exe] => (Block) C:\program files\genshin impact\genshin impact game\genshinimpact.exe => No File
FirewallRules: [{67829023-DCB4-409D-B58F-EEF3C49DA0E3}] => (Allow) C:\Users\ACER\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{6F6B857E-915D-4CDE-B0D2-FAE6275C2D2F}] => (Allow) C:\Users\ACER\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{4C5C5FC2-F8E6-4B77-BC68-159BA1BE2C54}] => (Allow) C:\Users\ACER\AppData\Roaming\Zoom\bin\Zoom.exe => No File
FirewallRules: [{D6352E96-AD49-46C6-B884-0B9CD9A5E156}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => No File
FirewallRules: [{C9F40144-0C95-4C60-BDD9-1F7892901554}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => No File
FirewallRules: [{B49E2CFB-75C7-4B48-B999-C28300FFB5F5}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{18B22F52-FB84-4AE2-ACDE-C698FDB6EB49}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe => No File
Task: {E5C75876-C0A4-4099-BB8B-BD7B4A33DC84} - System32\Tasks\Microsoft\Windows\Clip\ClipESU => %SystemRoot%\system32\clipesu.exe (No File)
Task: {0CEA384A-BA0C-4703-AD1E-380E454B1895} - System32\Tasks\Microsoft\Windows\Clip\ClipESUConsumer => %SystemRoot%\system32\ClipESUConsumer.exe -evaluateEligibility (No File)
Task: {5214C872-51A3-4DEE-9D45-B57957777FBF} - System32\Tasks\Microsoft\Windows\Clip\ClipESUConsumerProcessECUpdate => %SystemRoot%\system32\ClipESUConsumer.exe -persistEligibilityStatus (No File)
Task: {F76FA247-0F98-4FDE-B90D-D6CD51254684} - System32\Tasks\Microsoft\Windows\Clip\ClipEsuConsumerProcessPreOrder => %SystemRoot%\system32\ClipESUConsumer.exe -postProcessPreOrder (No File)
Task: {8D7AD77B-2DCF-4768-AD1C-2F1C50E7FDAE} - System32\Tasks\Microsoft\Windows\Clip\ClipEsuConsumerProcessRefund => %SystemRoot%\system32\ClipESUConsumer.exe -processRefund (No File)
Task: {8C3F601D-7991-4B78-8587-52C0ED5E0941} - System32\Tasks\Microsoft\Windows\Clip\EnableClipESU => %SystemRoot%\system32\clipesu.exe -e (No File)
Task: {E88D9B2C-DDEA-47B2-9582-085153004DB5} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {CAB76809-EDC0-40D2-A888-AD9BEDF4E88A} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => %windir%\System32\UNP\UpdateNotificationMgr.exe (No File)
Task: {8E58E85F-826E-4FB8-992E-B28DA5FFAFE0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => %systemroot%\system32\MusNotification.exe Display (No File)
Task: {6EF84740-A732-4F61-9B6B-3BD2522551C8} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {78C80CF8-2855-42BF-9C35-A44651E5F791} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
U4 AppMgmt; no ImagePath
U4 CscService; no ImagePath
U4 napagent; no ImagePath
U4 p2pimsvc; no ImagePath
U4 p2psvc; no ImagePath
U4 PeerDistSvc; no ImagePath
U4 PNRPsvc; no ImagePath
2024-09-30 12:21 - 2024-09-30 12:21 - 000000048 ____R () C:\Users\ACER\AppData\Local\BE13CF2D389BDA5696A443B600C383CC
2025-01-16 19:26 - 2025-01-16 19:26 - 000000048 ____R () C:\Users\ACER\AppData\Local\F86DFBE9C51036DC0AD58CB444DBF624
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {8C403031-CC24-488B-A409-AAB6B31B17DA} - System32\Tasks\App Explorer => C:\Users\ACER\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [10495528 2026-03-12] (SweetLabs Inc -> SweetLabs, Inc) <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
StartPowerShell:
# This snippet downloads Emsisoft Emergency Kit (EEK) from the Emsisoft's official site, updates it, scans with it.
# Do note that the executable is 300MB and may take some time to download.
# ---
# This will scan for malware and PUP's in 1) system memory 2) important folders as documentation says
# It will scan in compressed archives, in mail archives, in NTFS alternate data streams and use cloud requests
# ---
# You can use argument "/delete" to delete found objects including references but this is permanent and irreversible.
# You can remove the "/quick" argument to do a full scan but that may take longer than what FRST can handle.
# You can use argument "/quarantine="[folder]"" to put found malware into quarantine, but I personally prefer first verifying the detections.
$downloadUrl = "https://dl.emsisoft.com/EmsisoftEmergencyKit.exe"
$systemDrive = $env:SystemDrive
$frstPath = "$systemDrive\FRST"
$savePath = "$frstPath\EEK.exe"
$extractPath = "$frstPath\EEK"
if (-not (Test-Path $frstPath)) {
New-Item -Path $frstPath -ItemType Directory -Force | Out-Null
}
if (-not (Test-Path $extractPath)) {
New-Item -Path $extractPath -ItemType Directory -Force | Out-Null
}
Invoke-WebRequest -Uri $downloadUrl -OutFile $savePath -UseBasicParsing
$proc = Start-Process -FilePath $savePath -ArgumentList "-s -d`"$extractPath`"" -PassThru
while (-not (Test-Path "$extractPath\bin64\a2cmd.exe")) { Start-Sleep -Milliseconds 1000 }
Stop-Process -Id $proc.Id -Force -ErrorAction SilentlyContinue
if ([Environment]::Is64BitOperatingSystem) {
$a2cmdPath = Join-Path $extractPath "bin64\a2cmd.exe"
} else {
$a2cmdPath = Join-Path $extractPath "bin32\a2cmd.exe"
}
Start-Process -FilePath $a2cmdPath -ArgumentList "/update" -Wait -NoNewWindow
Start-Process -FilePath $a2cmdPath -ArgumentList "/malware /quick /m /t /pup /a /am /cloud=1 /la=`"$frstPath\EEK_scan.log`"" -Wait -NoNewWindow
Get-Content "$frstPath\EEK_scan.log"
exit
EndPowerShell:
StartPowerShell:
# Downloads newest AdwCleaner version directly from Malwarebytes, performs an update, scans, cleans and writes the log in console
# Does not clean preinstalled objects, only PUP/Adware
# If you would like to delete preinstalled objects, add an argument /preinstalled to the /clean argument
# If you would like to only scan with it, change the argument from /clean to /scan
New-Item -ItemType Directory -Force -Path "$env:SystemDrive\AdwCleaner" | Out-Null
Invoke-WebRequest -Uri "https://adwcleaner.malwarebytes.com/adwcleaner?channel=release" -OutFile "$env:SystemDrive\AdwCleaner\AdwCleanerFRST.exe"
Start-Process -FilePath "$env:SystemDrive\AdwCleaner\AdwCleanerFRST.exe" -ArgumentList "/eula" -Wait -WindowStyle Hidden
$logFile = "$env:SystemDrive\AdwCleaner\AdwCleanerOutputFRST.txt"
Start-Process -FilePath "$env:SystemDrive\AdwCleaner\AdwCleanerFRST.exe" -ArgumentList "/noreboot /clean" -Wait -WindowStyle Hidden -RedirectStandardOutput $logFile
Get-Content $logFile -Encoding Unicode
Remove-Item -Path $logFile -Force -ErrorAction SilentlyContinue
EndPowerShell:
CMD: reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer" /v "SmartScreenEnabled" /t REG_SZ /d "Warn" /f
CMD: reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /v "EnableWebContentEvaluation" /t REG_DWORD /d 1 /f
CMD: netsh int ip reset
CMD: netsh int ipv6 reset
CMD: ipconfig /flushDNS
CMD: netsh winsock reset catalog
C:\Users\CurrentUserName\AppData\Local\Temp\*
C:\Windows\Temp\*
C:\Windows\SystemTemp\*
EmptyTemp:
End::
Warning
Executing a Fixlist on the wrong system may permanently damage it. Continue only if this link was meant for you.
To view the content, acknowledge this warning.