Fix result of Farbar Recovery Scan Tool (x64) Version: 05-11-2023 02 Ran by user (15-11-2023 11:28:16) Run:1 Running from C:\Users\user\Desktop Loaded Profiles: user Boot Mode: Normal ============================================== fixlist content: ***************** Start:: CreateRestorePoint: CloseProcesses: AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [5214] AlternateDataStreams: C:\Users\user\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394] AlternateDataStreams: C:\Users\user\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394] FirewallRules: [{7C962F1C-E23D-401D-9802-5CCB73186111}] => (Allow) C:\Windows\system32\winrmsrv.exe => No File FirewallRules: [UDP Query User{C42E9D18-0EE6-4F1C-B029-0EC9FAFA83FF}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe => No File FirewallRules: [TCP Query User{3F57588D-127F-4156-8697-46A6944363F3}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe => No File FirewallRules: [UDP Query User{EFD3CD3D-F02D-4147-AC25-D568A93C9F7D}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => No File FirewallRules: [TCP Query User{93EB7C0F-EEB8-48FC-8D6A-313516954E92}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => No File FirewallRules: [{72B55342-D459-41C1-AA5F-31630E17DFAD}] => (Allow) D:\SteamLibrary\steamapps\common\Sea of Thieves\Athena\Binaries\Win64\SoTGame.exe => No File FirewallRules: [{21E52BDF-D889-45EB-86BC-2D929EAD9849}] => (Allow) D:\SteamLibrary\steamapps\common\Sea of Thieves\Athena\Binaries\Win64\SoTGame.exe => No File FirewallRules: [UDP Query User{0FBA98CF-C38A-4817-91BD-07E11ADF48EB}D:\games\life is strange 2\lis2\binaries\win64\lis2-win64-shipping.exe] => (Block) D:\games\life is strange 2\lis2\binaries\win64\lis2-win64-shipping.exe => No File FirewallRules: [TCP Query User{94D6709C-1E80-4863-BDAE-DB5C77C6A13B}D:\games\life is strange 2\lis2\binaries\win64\lis2-win64-shipping.exe] => (Block) D:\games\life is strange 2\lis2\binaries\win64\lis2-win64-shipping.exe => No File FirewallRules: [UDP Query User{A1DA7F04-A7EC-4E05-B797-82B28CE20922}D:\games\life is strange - before the storm\life is strange - before the storm.exe] => (Block) D:\games\life is strange - before the storm\life is strange - before the storm.exe => No File FirewallRules: [TCP Query User{9C1F3FF5-BF5D-4DB4-A26A-6F25B8757D6D}D:\games\life is strange - before the storm\life is strange - before the storm.exe] => (Block) D:\games\life is strange - before the storm\life is strange - before the storm.exe => No File FirewallRules: [UDP Query User{22900A05-D86C-48BB-A2FD-BBAD7CA91893}D:\games\life is strange before the storm episode 1\life is strange - before the storm.exe] => (Block) D:\games\life is strange before the storm episode 1\life is strange - before the storm.exe => No File FirewallRules: [TCP Query User{E6E3E25C-FB87-4813-ACA7-66B178FA85C7}D:\games\life is strange before the storm episode 1\life is strange - before the storm.exe] => (Block) D:\games\life is strange before the storm episode 1\life is strange - before the storm.exe => No File FirewallRules: [{A079C6B1-4F1C-4112-B8C3-3C84C6B18FE1}] => (Allow) D:\SteamLibrary\steamapps\common\Apex Legends\EasyAntiCheat_launcher.exe => No File FirewallRules: [{758F25B2-1A09-4392-88CE-72C11BDFA2D9}] => (Allow) D:\SteamLibrary\steamapps\common\Apex Legends\EasyAntiCheat_launcher.exe => No File FirewallRules: [{C3C9FBB8-B846-4420-A28D-EF20EEFD368A}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe => No File FirewallRules: [{384CA0EE-6D34-4802-BA09-0E9713E60D76}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe => No File FirewallRules: [UDP Query User{A0C734F6-BB21-4052-849D-D254DCBD0F7B}D:\downloaded games\genshin impact\genshin impact game\genshinimpact.exe] => (Block) D:\downloaded games\genshin impact\genshin impact game\genshinimpact.exe => No File FirewallRules: [TCP Query User{6912006B-0F80-4FF7-A0F3-55BCB57AFED9}D:\downloaded games\genshin impact\genshin impact game\genshinimpact.exe] => (Block) D:\downloaded games\genshin impact\genshin impact game\genshinimpact.exe => No File FirewallRules: [{F1CE9C7D-0C3F-4B8F-BE38-A7B99CDCA303}] => (Allow) D:\SteamLibrary\steamapps\common\TellMeWhy\TME-Win64-Shipping.exe => No File FirewallRules: [{299019B7-E15F-4E27-B15E-D237C5E15357}] => (Allow) D:\SteamLibrary\steamapps\common\TellMeWhy\TME-Win64-Shipping.exe => No File FirewallRules: [UDP Query User{0A89E569-5AAD-4B6F-ACFA-D0F99D9A03F2}D:\downloaded games\crac 4\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\downloaded games\crac 4\the sims 4\game\bin\ts4_x64.exe => No File FirewallRules: [TCP Query User{4B25A570-3E8E-4348-A860-57E0FCF1E32F}D:\downloaded games\crac 4\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\downloaded games\crac 4\the sims 4\game\bin\ts4_x64.exe => No File FirewallRules: [UDP Query User{095A43DB-97E8-4881-ACB5-91B12EB4CD11}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe => No File FirewallRules: [TCP Query User{38042AB1-EFA6-4083-B8DD-795B16CCD7C9}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe => No File FirewallRules: [{11BD92F5-08EE-43BC-94AB-E73A7E7CD29C}] => (Allow) D:\SteamLibrary\steamapps\common\Super Jigsaw Puzzle Generations\Super Jigsaw Puzzle Generations.exe => No File FirewallRules: [{E68EDDA1-1ACD-4079-8A0C-10F98993AEB3}] => (Allow) D:\SteamLibrary\steamapps\common\Super Jigsaw Puzzle Generations\Super Jigsaw Puzzle Generations.exe => No File FirewallRules: [{DF9BECE5-F47D-4E8E-B97F-17146DD9ABF7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File FirewallRules: [{85E19E63-751B-4F10-BB46-EFB968C21EC8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File FirewallRules: [{DBE2F316-8646-40E0-9E9C-2313719655FE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File FirewallRules: [{052B74B8-87D4-44E4-AF6A-37E02898D24B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File FirewallRules: [TCP Query User{CA5627F9-256A-4E65-BFA2-8E4C97379605}C:1\avengers.exe] => (Block) C:1\avengers.exe => No File FirewallRules: [UDP Query User{6FE77037-D258-44A0-B68F-FF3227E82131}C:1\avengers.exe] => (Block) C:1\avengers.exe => No File FirewallRules: [{D1161E24-5DA3-4F43-9D0A-55015ECEC187}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe => No File FirewallRules: [{3D8D0E49-7214-4666-9742-A6F6C56C4FB6}] => (Allow) D:\SteamLibrary\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe => No File FirewallRules: [{4A03ABC2-5E4A-4066-A459-F68F921BDDF6}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe => No File FirewallRules: [{5C9ACFCA-02D9-472F-8E05-0F77D6887A2E}] => (Allow) D:\SteamLibrary\steamapps\common\Grand Theft Auto V\PlayGTAV.exe => No File FirewallRules: [TCP Query User{29F94393-0F01-4E70-AD15-A6CF1727B1D3}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File FirewallRules: [UDP Query User{B5CF3D31-0F13-4EF7-A88A-68B97A0EA0BF}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File FirewallRules: [TCP Query User{77F5A0D9-8AA8-4615-A3E1-02F2AB8B4260}D:\games\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\games\the sims 4\game\bin\ts4_x64.exe => No File FirewallRules: [UDP Query User{49C87CE7-559E-4900-A851-9DBD0517F3E7}D:\games\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\games\the sims 4\game\bin\ts4_x64.exe => No File FirewallRules: [TCP Query User{361A09FD-2D8A-4027-A383-10EE5AFF0637}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => No File FirewallRules: [UDP Query User{9913FB9E-B23B-4596-A2EE-B339C9E100C2}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => No File HKLM-x32\...\Run: [] => [X] HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (No File) HKLM\...\Policies\Explorer: [HideSCAHealth] 1 HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION HKLM\Software\Policies\...\system: [EnableSmartScreen] 0 Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [2023-01-16] ShortcutTarget: IMVU.lnk -> C:\Users\user\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe (No File) Task: {18C712AC-B0C4-4AD4-97B0-C26E8C9C73A4} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => C:\WINDOWS\system32\rundll32.exe [71680 2023-10-10] (Microsoft Windows -> Microsoft Corporation) -> StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION Task: {F1E6EF82-2E75-417F-AD84-3F3DB14B8E85} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => C:\WINDOWS\system32\rundll32.exe [71680 2023-10-10] (Microsoft Windows -> Microsoft Corporation) -> winscomrssrv.dll,SrvMainHost <==== ATTENTION Task: {CB01A83A-D781-439C-A7FE-A0B18F9887EB} - System32\Tasks\Microsoft\Windows\Wininet\Winlogui => winlogui.exe -o pool.supportxmr.com:80 -u 8AhFMmrfRy7H1hhdjLcikGfg9aC4YSr2NXYkqayusoB6exD1YaNjwCsjD7i7PRJodW22PZ7vGzMCn6eux57jrSjDJ3sBWpB -p x (No File) <==== ATTENTION S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\119.1.60.114\elevation_service.exe" [X] C:\Windows\System32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450 C:\Windows\System32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450B cmd: netsh advfirewall reset Powershell: wevtutil el | Foreach-Object {wevtutil cl "$_"} Hosts: EmptyTemp: End:: ***************** Restore point was successfully created. Processes closed successfully. C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully C:\Users\user\Application Data => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removed successfully "C:\Users\user\AppData\Roaming" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found. "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7C962F1C-E23D-401D-9802-5CCB73186111}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C42E9D18-0EE6-4F1C-B029-0EC9FAFA83FF}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3F57588D-127F-4156-8697-46A6944363F3}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EFD3CD3D-F02D-4147-AC25-D568A93C9F7D}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{93EB7C0F-EEB8-48FC-8D6A-313516954E92}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{72B55342-D459-41C1-AA5F-31630E17DFAD}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{21E52BDF-D889-45EB-86BC-2D929EAD9849}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0FBA98CF-C38A-4817-91BD-07E11ADF48EB}D:\games\life is strange 2\lis2\binaries\win64\lis2-win64-shipping.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{94D6709C-1E80-4863-BDAE-DB5C77C6A13B}D:\games\life is strange 2\lis2\binaries\win64\lis2-win64-shipping.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A1DA7F04-A7EC-4E05-B797-82B28CE20922}D:\games\life is strange - before the storm\life is strange - before the storm.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9C1F3FF5-BF5D-4DB4-A26A-6F25B8757D6D}D:\games\life is strange - before the storm\life is strange - before the storm.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{22900A05-D86C-48BB-A2FD-BBAD7CA91893}D:\games\life is strange before the storm episode 1\life is strange - before the storm.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E6E3E25C-FB87-4813-ACA7-66B178FA85C7}D:\games\life is strange before the storm episode 1\life is strange - before the storm.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A079C6B1-4F1C-4112-B8C3-3C84C6B18FE1}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{758F25B2-1A09-4392-88CE-72C11BDFA2D9}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C3C9FBB8-B846-4420-A28D-EF20EEFD368A}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{384CA0EE-6D34-4802-BA09-0E9713E60D76}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A0C734F6-BB21-4052-849D-D254DCBD0F7B}D:\downloaded games\genshin impact\genshin impact game\genshinimpact.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6912006B-0F80-4FF7-A0F3-55BCB57AFED9}D:\downloaded games\genshin impact\genshin impact game\genshinimpact.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F1CE9C7D-0C3F-4B8F-BE38-A7B99CDCA303}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{299019B7-E15F-4E27-B15E-D237C5E15357}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0A89E569-5AAD-4B6F-ACFA-D0F99D9A03F2}D:\downloaded games\crac 4\the sims 4\game\bin\ts4_x64.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4B25A570-3E8E-4348-A860-57E0FCF1E32F}D:\downloaded games\crac 4\the sims 4\game\bin\ts4_x64.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{095A43DB-97E8-4881-ACB5-91B12EB4CD11}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{38042AB1-EFA6-4083-B8DD-795B16CCD7C9}D:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{11BD92F5-08EE-43BC-94AB-E73A7E7CD29C}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E68EDDA1-1ACD-4079-8A0C-10F98993AEB3}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DF9BECE5-F47D-4E8E-B97F-17146DD9ABF7}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{85E19E63-751B-4F10-BB46-EFB968C21EC8}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DBE2F316-8646-40E0-9E9C-2313719655FE}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{052B74B8-87D4-44E4-AF6A-37E02898D24B}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CA5627F9-256A-4E65-BFA2-8E4C97379605}C:1\avengers.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6FE77037-D258-44A0-B68F-FF3227E82131}C:1\avengers.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D1161E24-5DA3-4F43-9D0A-55015ECEC187}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3D8D0E49-7214-4666-9742-A6F6C56C4FB6}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4A03ABC2-5E4A-4066-A459-F68F921BDDF6}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5C9ACFCA-02D9-472F-8E05-0F77D6887A2E}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{29F94393-0F01-4E70-AD15-A6CF1727B1D3}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B5CF3D31-0F13-4EF7-A88A-68B97A0EA0BF}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{77F5A0D9-8AA8-4615-A3E1-02F2AB8B4260}D:\games\the sims 4\game\bin\ts4_x64.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{49C87CE7-559E-4900-A851-9DBD0517F3E7}D:\games\the sims 4\game\bin\ts4_x64.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{361A09FD-2D8A-4027-A383-10EE5AFF0637}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9913FB9E-B23B-4596-A2EE-B339C9E100C2}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe" => removed successfully "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully "HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Update Binary" => not found "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth" => removed successfully HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully "HKLM\Software\Policies\Microsoft\Windows\System\\EnableSmartScreen" => removed successfully C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk => moved successfully "C:\Users\user\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe" => not found "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{18C712AC-B0C4-4AD4-97B0-C26E8C9C73A4}" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18C712AC-B0C4-4AD4-97B0-C26E8C9C73A4}" => removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => moved successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\StartupCheckLibrary" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F1E6EF82-2E75-417F-AD84-3F3DB14B8E85}" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1E6EF82-2E75-417F-AD84-3F3DB14B8E85}" => removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\WDI\SrvHost => moved successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WDI\SrvHost" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CB01A83A-D781-439C-A7FE-A0B18F9887EB}" => removed successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB01A83A-D781-439C-A7FE-A0B18F9887EB}" => removed successfully C:\WINDOWS\System32\Tasks\Microsoft\Windows\Wininet\Winlogui => moved successfully "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Wininet\Winlogui" => removed successfully HKLM\System\CurrentControlSet\Services\BraveElevationService => removed successfully BraveElevationService => service removed successfully "C:\Windows\System32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450" => not found "C:\Windows\System32\7B296FC0-376B-497d-B013-58F4D9633A22-5P-1.B5841A4C-A289-439d-8115-50AB69CD450B" => not found ========= netsh advfirewall reset ========= Ok. ========= End of CMD: ========= ========= wevtutil el | Foreach-Object {wevtutil cl "$_"} ========= wevtutil : Failed to clear log Microsoft-Windows-LiveId/Analytic. At C:\FRST\tmp.ps1:1 char:31 + wevtutil el | Foreach-Object {wevtutil cl "$_"} + ~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (Failed to clear...iveId/Analytic.:String) [], RemoteException + FullyQualifiedErrorId : NativeCommandError Access is denied. wevtutil : Failed to clear log Microsoft-Windows-LiveId/Operational. At C:\FRST\tmp.ps1:1 char:31 + wevtutil el | Foreach-Object {wevtutil cl "$_"} + ~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (Failed to clear...Id/Operational.:String) [], RemoteException + FullyQualifiedErrorId : NativeCommandError Access is denied. ========= End of Powershell: ========= C:\Windows\System32\Drivers\etc\hosts => moved successfully Hosts restored successfully. =========== EmptyTemp: ========== FlushDNS => completed BITS transfer queue => 1572864 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 203519919 B Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 626620743 B Windows/system/drivers => 148297165 B Edge => 0 B Chrome => 3454218273 B Brave => 268878779 B Firefox => 839020388 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 227835 B systemprofile32 => 417738 B LocalService => 417738 B NetworkService => 2428486 B user => 48670722 B RecycleBin => 2612808 B EmptyTemp: => 5.2 GB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 11:34:00 ====