Tcpip\..\Interfaces\{03cd2978-7417-46c8-9ec6-4658410da898}: [DhcpNameServer] 0.0.0.0 AlternateDataStreams: C:\ProgramData\TEMP:065D25EE [358] AlternateDataStreams: C:\ProgramData\TEMP:0FD841FF [174] FirewallRules: [UDP Query User{9BE4E3ED-8A0E-4901-9590-417B7F8365D8}C:\users\sharo\appdata\local\temp\7zs4f1c\enterprisedu.exe] => (Allow) C:\users\sharo\appdata\local\temp\7zs4f1c\enterprisedu.exe => No File FirewallRules: [TCP Query User{215BF92E-1AE9-4F53-9138-96C10EA3D941}C:\users\sharo\appdata\local\temp\7zs4f1c\enterprisedu.exe] => (Allow) C:\users\sharo\appdata\local\temp\7zs4f1c\enterprisedu.exe => No File FirewallRules: [{6A7D6F11-DEAB-448C-B4A0-D07A8FFC5870}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File FirewallRules: [{2EDDA6D7-5817-446B-9649-2FEC6B94DC9A}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => No File FirewallRules: [TCP Query User{70F416D1-BF9B-4C09-8943-9CB28527640D}C:\program files\openshot video editor\launch.exe] => (Allow) C:\program files\openshot video editor\launch.exe => No File FirewallRules: [UDP Query User{068A8DF0-B224-49F4-B0B8-9F69A73A4492}C:\program files\openshot video editor\launch.exe] => (Allow) C:\program files\openshot video editor\launch.exe => No File FirewallRules: [{2AD17F69-5F9A-4E52-A3CD-7932E3DAD19D}] => (Block) C:\program files\openshot video editor\launch.exe => No File FirewallRules: [{750DC6C6-4C12-409E-AB9B-19451CB2AE21}] => (Block) C:\program files\openshot video editor\launch.exe => No File FirewallRules: [{66D7593F-ECC9-48B6-BAC1-3569D8258ADF}] => (Allow) C:\Users\sharo\AppData\Local\Temp\7zS154D\HPDiagnosticCoreUI.exe => No File FirewallRules: [{7A07665E-905E-4A05-B60F-AED5BE209F4D}] => (Allow) C:\Users\sharo\AppData\Local\Temp\7zS154D\HPDiagnosticCoreUI.exe => No File FirewallRules: [{C8639CDA-57DF-430A-8255-789CC5B29522}] => (Allow) C:\Users\sharo\AppData\Local\Temp\7zS6C71\HPDiagnosticCoreUI.exe => No File FirewallRules: [{D4633C3D-6F8F-4245-B7F4-3D5F21B3E6DF}] => (Allow) C:\Users\sharo\AppData\Local\Temp\7zS6C71\HPDiagnosticCoreUI.exe => No File FirewallRules: [{61B89A54-656B-426F-977F-5B6A9FC94185}] => (Allow) C:\Users\sharo\AppData\Local\Temp\7zS32FE\HPDiagnosticCoreUI.exe => No File FirewallRules: [{BEF460DD-9E7E-4F63-8CA6-A72E6F7FEEE2}] => (Allow) C:\Users\sharo\AppData\Local\Temp\7zS32FE\HPDiagnosticCoreUI.exe => No File FirewallRules: [{6D87935D-D1CC-4D25-A04B-2459E5D4BF98}] => (Allow) C:\Users\sharo\AppData\Local\Temp\7zS336D\HPDiagnosticCoreUI.exe => No File FirewallRules: [{7B662E92-2257-4B50-96AD-52901260F585}] => (Allow) C:\Users\sharo\AppData\Local\Temp\7zS336D\HPDiagnosticCoreUI.exe => No File FirewallRules: [{5FFA91DF-6AAB-4FFF-9601-2A0117083B6A}] => (Allow) C:\Users\sharo\AppData\Local\Temp\7zS2CAD\HPDiagnosticCoreUI.exe => No File FirewallRules: [{B5313FD9-F582-4D42-9957-0F05F082FAED}] => (Allow) C:\Users\sharo\AppData\Local\Temp\7zS2CAD\HPDiagnosticCoreUI.exe => No File FirewallRules: [{4EE3D9AD-D403-49FB-A481-BB1DB51E41CE}] => (Allow) C:\Users\sharo\AppData\Local\Temp\7zS06CB\HPDiagnosticCoreUI.exe => No File FirewallRules: [{E2C3BF80-AC05-404E-A617-1C5C6BEADFF9}] => (Allow) C:\Users\sharo\AppData\Local\Temp\7zS06CB\HPDiagnosticCoreUI.exe => No File FirewallRules: [{F25E2DEB-B62E-42E8-A553-286314231DB4}] => (Allow) C:\Users\sharo\AppData\Local\Temp\7zS24C1\HPDiagnosticCoreUI.exe => No File FirewallRules: [{5032DDEC-1652-4DEA-BD15-45CF778AD115}] => (Allow) C:\Users\sharo\AppData\Local\Temp\7zS24C1\HPDiagnosticCoreUI.exe => No File FirewallRules: [{96C3A09E-2549-42D1-8F39-D00A454D27BD}] => (Allow) C:\Users\sharo\AppData\Local\Temp\7zS5E9A\HPDiagnosticCoreUI.exe => No File FirewallRules: [{D05F17B6-3049-432E-B2A6-19D90F18EEF0}] => (Allow) C:\Users\sharo\AppData\Local\Temp\7zS5E9A\HPDiagnosticCoreUI.exe => No File CMD: mkdir C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer CMD: mkdir C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database CMD: DISM /Online /Cleanup-Image /RestoreHealth CMD: SFC /scannow CMD: findstr /c:"[SR]" \windows\logs\cbs\cbs.log CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" Reboot: