Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Think I've Got a Virus and Email and Bank Info Stolen [Closed]

Started by Propolis , Apr 27 2023 02:55 PM

  • This topic is locked This topic is locked

#1
Propolis
Posted 27 April 2023 - 02:55 PM

Propolis

    New Member

  • Member
  • Pip
  • 8 posts

So at some point I seem to have gotten a virus and I noticed my computer acting weird and slow/stuttery.

I received an email the next day stating someone was trying to recover my banking login where a code is emailed.

I immediately changed my email password and banking password, but they were quick and did an etransfer for $1400+.

I've contacted my bank and an investigation is going to be made so that the money can be returned to me since it was fraud.

 

So I tried to deal with scanning my computer to remove anything and seems every virus scanning website I try to view said Page Can Not Be Displayed.

I found a fix for that and I was able to install SuperAntispyware, Malawarebytes and ESET online scanner and they all found issues and quarantined or deleted things.

I feel there is something that keeps reinstalling on reboot as it keeps finding the same files after reboot.

Windows update no longer works.  Seems the service was completely removed.

Windows Defender did an offline scan and found issues and I assume fixed them, but I always says it's offline even after I manually turn it on.

 

So I am looking for some help on seeing if I still have an issue and if so fix it and other issues mentioned above.


  • 0

Advertisements

#2
Propolis
Posted 27 April 2023 - 02:55 PM

Propolis

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-04-2023
Ran by breck (administrator) on DESKTOP-P9UHPF8 (Gigabyte Technology Co., Ltd. Z390 AORUS PRO WIFI) (27-04-2023 16:41:19)
Running from C:\Users\breck\Downloads\FRST64.exe
Loaded Profiles: breck
Platform: Microsoft Windows 11 Pro Version 21H2 22000.1696 (X64) Language: English (United States)
Default browser: Brave
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.133\BraveCrashHandler.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.133\BraveCrashHandler64.exe
(C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\Google\Drive File Stream\74.0.3.0\crashpad_handler.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.212\GoogleCrashHandler.exe
(C:\Program Files\Google\Drive File Stream\74.0.3.0\crashpad_handler.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.212\GoogleCrashHandler64.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> ) C:\Program Files\Malwarebytes\Anti-Malware\MBAMCrashHandler.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\NZXT CAM\NZXT CAM.exe ->) (NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\target\x86_64-pc-windows-msvc\release\cam_helper.exe <3>
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23031.142.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23031.142.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.8900.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.58\msedgewebview2.exe <6>
(C:\ProgramData\Wargaming.net\GameCenter\wgc.exe ->) (Wargaming Group Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <3>
(C:\ProgramData\Wargaming.net\GameCenter\wgc.exe ->) (Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\WargamingErrorMonitor.exe
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(D:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(explorer.exe ->) () [File not signed] C:\Program Files\Rainlendar2\Rainlendar2.exe
(explorer.exe ->) (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe <27>
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\74.0.3.0\crashpad_handler.exe <2>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\nslookup.exe
(explorer.exe ->) (NZXT, Inc. -> NZXT, Inc.) C:\Program Files\NZXT CAM\NZXT CAM.exe <5>
(explorer.exe ->) (RealDefense, LLC -> SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(explorer.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) D:\Program Files (x86)\Steam\steam.exe
(explorer.exe ->) (Wargaming Group Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
(GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\Gigabyte\AppCenter\ApCent.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Sage Software, Inc. -> Sage) C:\Program Files (x86)\winsim\ConnectionManager\Simply.SystemTrayIcon.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
(services.exe ->) () [File not signed] C:\Program Files\Lexmark\Bidi\LM__bdsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\EasyTuneEngineService.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft) C:\Program Files (x86)\Gigabyte\GService\GCloud.exe
(services.exe ->) (Glarysoft Ltd -> Glarysoft Ltd) C:\Program Files (x86)\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_3de4831720bb2934\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (ND_Apps -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_8156678a4c5d0913\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\target\x86_64-pc-windows-msvc\release\service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_eb52bf0d4dccfcf3\RtkAudUService64.exe <2>
(services.exe ->) (Sage Software, Inc. -> Sage) C:\Program Files (x86)\winsim\ConnectionManager\SimplyConnectionManager.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\SpotifyWidgetProvider.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23031.142.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.8900.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_eb52bf0d4dccfcf3\RtkAudUService64.exe [3479488 2022-05-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [ConnectionManager] => C:\Program Files (x86)\Winsim\ConnectionManager\Simply.SystemTrayIcon.exe [95560 2010-08-25] (Sage Software, Inc. -> Sage)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [14632 2016-02-26] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe [53339416 2023-04-26] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe [53339416 2023-04-26] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3888328042-1456736896-2086988543-1001\...\Run: [Rainlendar2] => C:\Program Files\Rainlendar2\Rainlendar2.exe [3087872 2022-05-13] () [File not signed]
HKU\S-1-5-21-3888328042-1456736896-2086988543-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe [53339416 2023-04-26] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3888328042-1456736896-2086988543-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2181912 2023-04-20] (Wargaming Group Limited -> Wargaming.net)
HKU\S-1-5-21-3888328042-1456736896-2086988543-1001\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [4362600 2023-04-27] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3888328042-1456736896-2086988543-1001\...\Run: [Samsung DeX] => C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe [10071360 2023-02-14] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-3888328042-1456736896-2086988543-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [10992360 2023-03-24] (RealDefense, LLC -> SUPERAntiSpyware)
HKU\S-1-5-21-3888328042-1456736896-2086988543-1001\...\Run: [NZXT.CAM] => C:\Program Files\NZXT CAM\NZXT CAM.exe [146309056 2023-04-27] (NZXT, Inc. -> NZXT, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\74.0.3.0\GoogleDriveFS.exe [53339416 2023-04-26] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\LMU04R4C: C:\Windows\System32\spool\prtprocs\x64\LMU04R4C.DLL [294400 2021-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Lexmark International Inc.)
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\112.0.5615.138\Installer\chrmstp.exe [2023-04-21] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\112.1.50.121\Installer\chrmstp.exe [2023-04-19] (Brave Software, Inc. -> Brave Software, Inc.)
BootExecute: autocheck autochk *  
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0850DEC6-0D09-4CB1-97D9-5B474A2C6EF9} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {13D7AE42-4327-40E2-A108-B497D365AD25} - System32\Tasks\GBTECService => C:\Program Files (x86)\GIGABYTE\GBTECService\LiquidSensord.exe [253312 2021-06-23] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {1EFBC6B4-5BD1-4D36-841B-0E37EA8BFF51} - System32\Tasks\GraphicsCardEngine => C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\GraphicsCardEngineStarter.exe [234880 2021-04-13] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {223DA4EA-EC2E-476F-994E-ED68729DC1AE} - System32\Tasks\EasyTune => C:\Program Files (x86)\GIGABYTE\EasyTune\etinit.exe [17280 2021-04-08] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {2722B694-0604-476E-9C02-2DBFADAC412A} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [168880 2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {27B7D516-9D39-4FAC-85E2-A77557B742BA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {3B2C4746-DB98-49E5-92B5-5789D92222A4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2021-11-11] (Google Inc -> Google Inc.)
Task: {3EF42A1F-BEE8-482A-8FB9-BB006553D385} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2021-11-11] (Google Inc -> Google Inc.)
Task: {407C6021-F811-49B8-91F4-C5DE72023E92} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26409896 2023-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {49ED54DB-727D-461F-99A8-307CB9F58026} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-11-11] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {504CB405-9A02-430C-8D39-55EB91B4634E} - System32\Tasks\SUPERAntiSpyware Scheduled Task acf79be1-13eb-458e-b276-b5cb60d4459d => C:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2021-01-09] (SUPERAntiSpyware.com -> SUPERAdBlocker.com) -> "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:acf79be1-13eb-458e-b276-b5cb60d4459d
Task: {51361466-95FB-47A0-BB1B-7033F90CD45A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26409896 2023-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {567C7093-3034-4F04-9ECA-F8D427585562} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5B50814B-987C-4261-983B-5C52C6693A13} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {5EF6869A-1CE3-4AD5-A7ED-C22B6ADE9C1E} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2638856 2023-04-23] (Overwolf Ltd -> Overwolf LTD)
Task: {6772ACEF-657F-4407-9FCD-287E6DA58C9A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144272 2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {6DBBF966-C5F5-4EF4-8959-069AFCD24048} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel® Corporation)
Task: {6E5A4AAB-E90F-46F9-BBCA-5C6153CBD666} - System32\Tasks\Microsoft\Windows\WaaSMedic\DeferredWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {72F18CCF-42FC-42BA-9F9E-CE6B6EDABC22} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\breck\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-04-22] (ESET, spol. s r.o. -> ESET)
Task: {73179745-166E-4252-8B29-B06EAE97C69C} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-11-11] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {741105A7-49BC-40FC-81B0-6CC61B7D301B} - System32\Tasks\Wimmail\gmktotg => C:\Users\breck\AppData\Roaming\mjlfrtyo\sartst.exe -> "C:\Users\breck\AppData\Roaming\mjlfrtyo\sartst.chm" <==== ATTENTION
Task: {77F6DAE7-E5EC-4331-BD33-E54F5135766F} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {822EE48F-1A4E-450E-978E-D60D14257AE8} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9B607D3A-BE69-44DC-9B65-BA5794755884} - System32\Tasks\UpdateTaskMachineQC => C:\Program Files\Google\Chrome\updater.exe [760000000 2023-04-27] (TeamDaz EU) [File not signed]
Task: {9CB9BEC7-C91D-4C09-A635-5F7FFDF0AB7D} - System32\Tasks\SUPERAntiSpyware Scheduled Task be48b86f-554c-4b64-b99a-ad2cc1e99009 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2021-01-09] (SUPERAntiSpyware.com -> SUPERAdBlocker.com) -> "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:be48b86f-554c-4b64-b99a-ad2cc1e99009
Task: {9E9C3EC7-DBA0-449F-91DF-D2D66EF672FB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C6EB718C-FE89-4E5D-832B-488A946F53A4} - System32\Tasks\EasyTune 1 => C:\Program Files (x86)\GIGABYTE\EasyTune\etocfile.exe [20352 2021-10-11] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
Task: {C7B22099-6EA7-454C-BB69-13F6762C5209} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {CE0E2EF7-ECD3-4676-8635-FAB1CB8006AA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144272 2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D56E8FBF-767A-48A8-8286-45EEFB402E34} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {DED881D8-7025-4A4B-8CBF-52471771239A} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\breck\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-04-22] (ESET, spol. s r.o. -> ESET)
Task: {F47566E6-081F-4E61-92E4-2B03271B84FE} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F64BA0A0-A0DE-4BB7-BCA2-FBC37917C725} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task acf79be1-13eb-458e-b276-b5cb60d4459d.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task be48b86f-554c-4b64-b99a-ad2cc1e99009.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4734274b-9428-42ad-887f-8f5954a398be}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9912e0c9-a44e-41c0-b90e-53d99e347872}: [DhcpNameServer] 192.168.1.1
 
Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\breck\AppData\Local\Microsoft\Edge\User Data\Default [2023-04-22]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\breck\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-04-21]
Edge Extension: (Rakuten: Get Cash Back For Shopping) - C:\Users\breck\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmmlpenookphoknnpfilofakghemolmg [2023-04-21]
Edge Extension: (Receipt Hog Browser Bonus) - C:\Users\breck\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hinbiapkmegknklaiimiekdoepbhkcem [2021-11-11]
Edge Extension: (Amazon Assistant) - C:\Users\breck\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hkmnokmdbkkafgmpfhhiniclfnfpmogj [2023-04-21]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
 
FireFox:
========
FF DefaultProfile: beilzmuh.default
FF ProfilePath: C:\Users\breck\AppData\Roaming\Mozilla\Firefox\Profiles\beilzmuh.default [2022-06-29]
FF ProfilePath: C:\Users\breck\AppData\Roaming\Mozilla\Firefox\Profiles\5qhzi7h0.default-release [2023-04-25]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-04-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\breck\AppData\Local\Google\Chrome\User Data\Default [2023-04-26]
CHR Notifications: Default -> hxxps://vjr2ws.cophypserous.com; hxxps://www.instagram.com
CHR HomePage: Default -> hxxp://www.google.ca/
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.ca/"
CHR Extension: (BetterTTV) - C:\Users\breck\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2023-04-20]
CHR Extension: (Treatstream) - C:\Users\breck\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhdnfblkkeeiodimcaehninbcmiiahkm [2023-03-27]
CHR Extension: (Google Docs Offline) - C:\Users\breck\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-24]
CHR Extension: (The RebatesMe Cash Back Button) - C:\Users\breck\AppData\Local\Google\Chrome\User Data\Default\Extensions\gppahjpnghmiacfkbahpdnakchdkgodo [2022-11-23]
CHR Extension: (Crackle) - C:\Users\breck\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2021-11-11]
CHR Extension: (Rakuten Button Canada) - C:\Users\breck\AppData\Local\Google\Chrome\User Data\Default\Extensions\idpbkophnbfijcnlffdmmppgnncgappc [2022-10-25]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\breck\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-04-24]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\breck\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-01-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\breck\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-11]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKU\S-1-5-21-3888328042-1456736896-2086988543-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
 
Opera: 
=======
OPR Profile: C:\Users\breck\AppData\Roaming\Opera Software\Opera Stable [2021-11-12]
OPR Extension: (Rich Hints Agent) - C:\Users\breck\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-11-11]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\breck\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-11-11]
 
Brave: 
=======
BRA DefaultProfile: Default
BRA Profile: C:\Users\breck\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-04-27]
BRA Notifications: Default -> hxxps://business.google.com
BRA DefaultSearchKeyword: Default -> :g
BRA Extension: (Google Translate) - C:\Users\breck\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-03-22]
BRA Extension: (BetterTTV) - C:\Users\breck\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2023-04-20]
BRA Extension: (Treatstream) - C:\Users\breck\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bhdnfblkkeeiodimcaehninbcmiiahkm [2023-03-18]
BRA Extension: (Calendly: Meeting Scheduling Software) - C:\Users\breck\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cbhilkcodigmigfbnphipnnmamjfkipp [2023-04-24]
BRA Extension: (AdBlock — best ad blocker) - C:\Users\breck\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-04-24]
BRA Extension: (The RebatesMe Cash Back Button) - C:\Users\breck\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gppahjpnghmiacfkbahpdnakchdkgodo [2022-11-23]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\breck\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-04-20]
BRA Extension: (Automatic Twitch: Drops, Moments and Points) - C:\Users\breck\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\kfhgpagdjjoieckminnmigmpeclkdmjm [2023-03-09]
BRA Extension: (Application Launcher For Drive (by Google)) - C:\Users\breck\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-02-08]
BRA Extension: (Capital One Shopping: Add to Chrome for Free) - C:\Users\breck\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2023-04-27]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\breck\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-04-27]
BRA Extension: (Brave NTP background images) - C:\Users\breck\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2022-08-11]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications List (plaintext))) - C:\Users\breck\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2023-04-27]
BRA Extension: (Wallet Data Files Updater) - C:\Users\breck\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-04-24]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\breck\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-12-01]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\breck\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-04-25]
BRA Extension: (Brave Ad Block Updater (Default (plaintext))) - C:\Users\breck\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-04-27]
BRA Extension: (Brave NTP sponsored images) - C:\Users\breck\AppData\Local\BraveSoftware\Brave-Browser\User Data\jiacfhmaoegmmahbioiihgpfnjnklmoe [2023-04-27]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\breck\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-03-10]
BRA Extension: (Brave Ads Resources) - C:\Users\breck\AppData\Local\BraveSoftware\Brave-Browser\User Data\lgejdiamednlaeiknhnnjnkofmapfbbf [2023-04-19]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\breck\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-03-15]
BRA Extension: (Brave Ads Resources) - C:\Users\breck\AppData\Local\BraveSoftware\Brave-Browser\User Data\ocilmpijebaopmdifcomolmpigakocmo [2023-04-19]
BRA Extension: (Crypto Wallets) - C:\Users\breck\AppData\Local\BraveSoftware\Brave-Browser\User Data\odbfpeeihdkbihmopkbjmoonfanlbfcl [2022-08-02]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\breck\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-04-25]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2021-01-09] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9712432 2022-11-28] (BattlEye Innovations e.K. -> )
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-11-11] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162456 2021-11-11] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveVpnService; C:\Program Files\BraveSoftware\Brave-Browser\Application\112.1.50.121\brave_vpn_helper.exe [3015472 2023-04-19] (Brave Software, Inc. -> Brave Software, Inc.)
R2 CAMService; C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\target\x86_64-pc-windows-msvc\release\service.exe [654784 2023-04-27] (NZXT, Inc. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12634544 2023-04-06] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-06-25] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 EasyTuneEngineService; C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\EasyTuneEngineService.exe [147840 2022-01-25] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S2 GBTECService; C:\Program Files (x86)\Gigabyte\GBTECService\OLEDDisplayService.exe [16768 2021-06-23] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 Gservice; C:\Program Files (x86)\GIGABYTE\GService\GCloud.exe [19888 2016-12-02] (GIGA-BYTE TECHNOLOGY CO., LTD. -> Microsoft)
R2 GUBootService; C:\Program Files (x86)\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe [889232 2023-03-03] (Glarysoft Ltd -> Glarysoft Ltd)
S3 GUPMService; C:\Program Files (x86)\Glary Utilities 5\GUPMService.exe [76696 2023-04-13] (Glarysoft Ltd -> Glarysoft Ltd)
R2 LM__bdsvc; C:\Program Files\Lexmark\Bidi\LM__bdsvc.exe [691200 2021-06-24] () [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9245528 2023-04-20] (Malwarebytes Inc. -> Malwarebytes)
R2 MyService1; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [18944 2021-04-08] () [File not signed]
S2 OCButtonService; C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\OcButtonService.exe [127360 2021-04-13] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2638856 2023-04-23] (Overwolf Ltd -> Overwolf LTD)
S3 Sage Simply Accounting Transaction Manager 2011 - CDN; C:\Program Files (x86)\Winsim\TransactionManager2011 - CDN\Sage_SA.TransactionManager.exe [46440 2012-06-08] (Sage Software, Inc. -> Sage)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [245248 2023-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Simply Accounting Database Connection Manager; C:\Program Files (x86)\Winsim\ConnectionManager\SimplyConnectionManager.exe [20808 2010-08-25] (Sage Software, Inc. -> Sage)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2022-09-14] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2022-09-14] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
S3 VPN by Google One Service; C:\Program Files\Google\VPN by Google One\1.4.2.1\VpnByGoogleOneService.exe [5114648 2023-03-02] (Google LLC -> Google LLC)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\NisSrv.exe [3228400 2023-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe [133536 2023-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WsaService; C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForAndroid_2302.40000.9.0_x64__8wekyb3d8bbwe\WsaService\WsaService.exe [282624 2023-03-29] (Microsoft Corporation -> )
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_8156678a4c5d0913\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_8156678a4c5d0913\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [63392 2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 cpuz157; C:\WINDOWS\temp\cpuz157\cpuz157_x64.sys [43016 2023-04-27] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R2 Driver; C:\Program Files (x86)\EVGA\Kernel\driver-x64.sys [39856 2022-08-09] (EVGA Corp. -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [193888 2022-05-12] (Microsoft Windows -> Microsoft Corporation)
S3 GDDFUDriver; C:\WINDOWS\System32\drivers\GDDFUDriver.sys [31456 2022-10-12] (北京兆易创新科技股份有限公司 -> )
R3 gdrv3; C:\WINDOWS\System32\drivers\gdrv3.sys [45248 2022-09-06] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R1 googledrivefs31092; C:\WINDOWS\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-06] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 googtun; C:\WINDOWS\System32\drivers\googtun.sys [31296 2023-04-20] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [45056 2022-09-11] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-04-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt11.sys [232072 2023-04-27] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77736 2023-04-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181816 2023-04-27] (Malwarebytes Inc. -> Malwarebytes)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-13] (Nvidia Corporation -> NVIDIA Corporation)
R2 RtsUapx; C:\WINDOWS\system32\drivers\RtsUapx.sys [29688 2022-10-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 RtsUpx; C:\WINDOWS\system32\drivers\RtsUpx.sys [30328 2022-10-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2021-06-28] (Razer Inc. -> Razer Inc)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2021-01-09] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2021-01-09] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [133944 2021-06-28] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
S3 usbscan; C:\WINDOWS\System32\drivers\usbscan.sys [77824 2021-06-05] (Microsoft Corporation) [File not signed]
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [90112 2021-06-05] (Microsoft Windows -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49600 2023-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [497920 2023-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-04-11] (Microsoft Windows -> Microsoft Corporation)
U3 aswbdisk; no ImagePath
U3 avgbdisk; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2023-04-27 20:32 - 2023-04-27 20:32 - 175374336 _____ C:\WINDOWS\system32\config\SOFTWARE
2023-04-27 16:41 - 2023-04-27 16:41 - 000000000 ____D C:\Users\breck\Downloads\FRST-OlderVersion
2023-04-27 16:33 - 2023-04-27 16:33 - 000232072 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys
2023-04-27 16:33 - 2023-04-27 16:33 - 000181816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-04-27 16:27 - 2023-04-27 16:27 - 000003320 _____ C:\WINDOWS\system32\Tasks\UpdateTaskMachineQC
2023-04-25 23:18 - 2023-04-25 23:18 - 000000000 ____D C:\Users\breck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HyperX
2023-04-25 23:17 - 2023-04-25 23:17 - 046570616 _____ C:\Users\breck\Downloads\HyperX_Orbit_Installer_v1.2.28_20191101+(1).exe
2023-04-23 15:44 - 2023-04-23 15:44 - 000000000 ____D C:\Users\breck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2023-04-23 15:44 - 2023-04-23 15:44 - 000000000 ____D C:\Program Files\Unlocker
2023-04-23 15:43 - 2023-04-23 15:43 - 001078591 _____ C:\Users\breck\Downloads\Unlocker1.9.2.exe
2023-04-22 20:31 - 2023-04-22 20:31 - 003862520 _____ C:\Users\breck\Downloads\Autoruns.zip
2023-04-22 20:31 - 2023-04-22 20:31 - 000000000 ____D C:\Users\breck\Downloads\Autoruns
2023-04-22 20:11 - 2023-04-22 20:11 - 000003858 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2023-04-22 20:11 - 2023-04-22 20:11 - 000003416 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2023-04-22 20:07 - 2023-04-22 20:07 - 000000000 ____D C:\Users\breck\Downloads\wuauserv-service
2023-04-22 20:06 - 2023-04-22 20:07 - 000006406 _____ C:\Users\breck\Downloads\wuauserv-service.zip
2023-04-22 19:48 - 2023-04-27 16:23 - 000001382 _____ C:\Users\breck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-04-22 19:48 - 2023-04-22 19:48 - 015274968 _____ (ESET) C:\Users\breck\Downloads\esetonlinescanner.exe
2023-04-22 19:48 - 2023-04-22 19:48 - 000000000 ____D C:\Users\breck\AppData\Local\ESET
2023-04-22 19:00 - 2023-04-22 19:00 - 000000000 ____D C:\Users\breck\Downloads\usosvc
2023-04-22 18:59 - 2023-04-22 18:59 - 000001454 _____ C:\Users\breck\Downloads\usosvc.zip
2023-04-22 18:37 - 2023-04-22 19:35 - 000000000 ____D C:\Users\breck\AppData\Roaming\Microsoft\MMC
2023-04-22 18:33 - 2023-04-22 18:33 - 000000000 ____D C:\Users\Default\AppData\Local\D3DSCache
2023-04-22 08:27 - 2023-04-22 08:27 - 000002687 _____ C:\Users\breck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Weather Bar.lnk
2023-04-21 12:28 - 2023-04-27 20:32 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2023-04-21 08:39 - 2023-04-22 15:20 - 000000542 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task be48b86f-554c-4b64-b99a-ad2cc1e99009.job
2023-04-21 08:39 - 2023-04-22 15:20 - 000000542 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task acf79be1-13eb-458e-b276-b5cb60d4459d.job
2023-04-21 08:39 - 2023-04-21 08:39 - 000003782 _____ C:\WINDOWS\system32\Tasks\SUPERAntiSpyware Scheduled Task be48b86f-554c-4b64-b99a-ad2cc1e99009
2023-04-21 08:39 - 2023-04-21 08:39 - 000003700 _____ C:\WINDOWS\system32\Tasks\SUPERAntiSpyware Scheduled Task acf79be1-13eb-458e-b276-b5cb60d4459d
2023-04-21 08:39 - 2023-04-21 08:39 - 000001849 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2023-04-21 08:39 - 2023-04-21 08:39 - 000000000 ____D C:\Users\breck\AppData\Roaming\SUPERAntiSpyware.com
2023-04-21 08:39 - 2023-04-21 08:39 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2023-04-21 08:39 - 2023-04-21 08:39 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2023-04-20 23:41 - 2023-04-20 23:43 - 000139265 _____ C:\Users\breck\Downloads\Addition.txt
2023-04-20 23:40 - 2023-04-27 16:42 - 000039833 _____ C:\Users\breck\Downloads\FRST.txt
2023-04-20 23:40 - 2023-04-27 16:41 - 000000000 ____D C:\FRST
2023-04-20 23:29 - 2023-04-27 16:41 - 002382336 _____ (Farbar) C:\Users\breck\Downloads\FRST64.exe
2023-04-20 23:23 - 2023-04-21 08:17 - 000000000 ____D C:\ProgramData\AVG
2023-04-20 23:04 - 2023-04-21 08:17 - 000000000 ____D C:\ProgramData\Avast Software
2023-04-20 22:48 - 2023-04-27 16:33 - 000000000 ____D C:\Users\breck\AppData\Local\Malwarebytes
2023-04-20 22:48 - 2023-04-20 22:48 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-04-20 22:48 - 2023-04-20 22:48 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-04-20 22:48 - 2023-04-20 22:48 - 000000000 ____D C:\Users\breck\AppData\Local\mbam
2023-04-20 22:44 - 2023-04-20 22:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-04-20 22:44 - 2023-04-20 22:44 - 000000000 ____D C:\Program Files\Malwarebytes
2023-04-20 19:28 - 2023-04-20 19:28 - 000001299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VPN by Google One.lnk
2023-04-20 19:28 - 2023-04-20 19:28 - 000001287 _____ C:\Users\Public\Desktop\VPN by Google One.lnk
2023-04-20 10:07 - 2023-04-20 10:07 - 001490985 _____ C:\Users\breck\Downloads\Apilifevar_Brochure_US_Canada_2021.pdf
2023-04-18 09:27 - 2023-04-14 04:39 - 001607760 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-04-18 09:27 - 2023-04-14 04:39 - 001607760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-04-18 09:27 - 2023-04-14 04:38 - 002172496 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-04-18 09:27 - 2023-04-14 04:38 - 002172496 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-04-18 09:27 - 2023-04-14 04:38 - 001487896 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-04-18 09:27 - 2023-04-14 04:38 - 001479248 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-04-18 09:27 - 2023-04-14 04:38 - 001479248 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-04-18 09:27 - 2023-04-14 04:38 - 001227288 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-04-18 09:27 - 2023-04-14 04:38 - 001211472 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-04-18 09:27 - 2023-04-14 04:38 - 001211472 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-04-18 09:27 - 2023-04-14 04:35 - 000851464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2023-04-18 09:27 - 2023-04-14 04:35 - 000671240 _____ C:\WINDOWS\system32\nvofapi64.dll
2023-04-18 09:27 - 2023-04-14 04:35 - 000506904 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2023-04-18 09:27 - 2023-04-14 04:34 - 002166808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2023-04-18 09:27 - 2023-04-14 04:34 - 001621000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2023-04-18 09:27 - 2023-04-14 04:34 - 001535960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2023-04-18 09:27 - 2023-04-14 04:34 - 001194992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2023-04-18 09:27 - 2023-04-14 04:34 - 000979480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2023-04-18 09:27 - 2023-04-14 04:34 - 000758792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2023-04-18 09:27 - 2023-04-14 04:34 - 000741384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2023-04-18 09:27 - 2023-04-14 04:33 - 013769240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2023-04-18 09:27 - 2023-04-14 04:33 - 011650032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2023-04-18 09:27 - 2023-04-14 04:33 - 006084120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2023-04-18 09:27 - 2023-04-14 04:33 - 005911576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2023-04-18 09:27 - 2023-04-14 04:33 - 003429896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2023-04-18 09:27 - 2023-04-14 04:33 - 000457696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2023-04-18 09:27 - 2023-04-14 04:32 - 005835288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2023-04-18 09:27 - 2023-04-14 04:32 - 000853488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2023-04-18 09:27 - 2023-04-13 20:14 - 000104369 _____ C:\WINDOWS\system32\nvinfo.pb
2023-04-17 09:47 - 2023-04-17 09:48 - 021159592 _____ (Glarysoft Ltd) C:\Users\breck\Downloads\Glary_Utilities_v5.204.0.233.exe
2023-04-06 20:43 - 2023-04-07 08:24 - 000000000 ____D C:\Users\breck\AppData\Roaming\mjlfrtyo
2023-04-06 20:43 - 2023-04-06 20:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\Wimmail
2023-04-06 20:43 - 2023-04-06 20:43 - 000000000 ____D C:\Users\breck\AppData\Roaming\9AC7BA7B4A418A40
2023-04-06 20:43 - 2010-12-05 22:16 - 000090112 _____ (Vestris Inc.) C:\WINDOWS\system32\Vestris.ResourceLib.dll
2023-04-05 18:50 - 2023-04-05 18:50 - 000000000 ____D C:\ProgramData\BraveSoftware
2023-04-01 15:32 - 2023-04-01 15:32 - 000714059 _____ C:\Users\breck\Downloads\Airstill Instructions.pdf
2023-03-28 09:03 - 2023-03-28 09:05 - 090205574 _____ (Aslain ) C:\Users\breck\Downloads\Aslains_WoT_Modpack_Installer_v.1.20.0.1_06.exe
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2023-04-27 16:39 - 2021-11-11 03:15 - 000000000 ____D C:\WINDOWS\INF
2023-04-27 16:39 - 2021-11-11 00:28 - 000848898 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-04-27 16:35 - 2021-11-11 00:40 - 000000000 ____D C:\Program Files (x86)\Google
2023-04-27 16:34 - 2021-12-08 18:42 - 000000000 ____D C:\Users\breck\AppData\Roaming\NZXT CAM
2023-04-27 16:34 - 2021-11-11 03:16 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-04-27 16:34 - 2021-11-11 00:41 - 000000000 ___RD C:\Users\breck\My Drive
2023-04-27 16:33 - 2021-12-08 18:42 - 000000000 ____D C:\Program Files\NZXT CAM
2023-04-27 16:33 - 2021-11-11 03:16 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-04-27 16:33 - 2021-11-11 03:16 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-04-27 16:33 - 2021-11-11 00:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-04-27 16:33 - 2021-11-11 00:20 - 000000000 ____D C:\ProgramData\NVIDIA
2023-04-27 16:33 - 2021-01-29 21:37 - 000012288 ___SH C:\DumpStack.log.tmp
2023-04-27 16:33 - 2021-01-29 17:54 - 000000000 ____D C:\Users\breck\.rainlendar2
2023-04-27 16:33 - 2021-01-28 17:29 - 000000000 ___RD C:\Users\breck\OneDrive
2023-04-27 16:29 - 2021-11-13 23:31 - 000000000 ____D C:\Users\breck\AppData\Local\CrashDumps
2023-04-27 16:29 - 2021-11-11 03:13 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-04-27 16:29 - 2021-11-11 03:13 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-04-27 16:13 - 2021-01-29 09:23 - 000000000 ___SD C:\Users\breck\AppData\Roaming\Microsoft\Credentials
2023-04-27 14:33 - 2021-11-11 00:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-04-27 00:09 - 2021-11-11 11:10 - 000000000 ____D C:\Users\breck\AppData\Roaming\discord
2023-04-26 23:58 - 2021-11-11 11:10 - 000000000 ____D C:\Users\breck\AppData\Local\Discord
2023-04-26 14:02 - 2021-11-11 00:40 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-04-26 12:40 - 2021-11-14 17:22 - 000000000 ____D C:\Users\breck\AppData\Roaming\Microsoft\Excel
2023-04-25 23:18 - 2022-10-12 11:57 - 000000000 ____D C:\Program Files (x86)\HyperX
2023-04-25 22:34 - 2021-11-12 17:54 - 000000000 ____D C:\Users\breck\AppData\Roaming\Microsoft\Word
2023-04-25 08:30 - 2021-12-10 19:30 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3888328042-1456736896-2086988543-1001
2023-04-25 08:30 - 2021-11-11 03:16 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-25 08:30 - 2021-11-11 00:29 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3888328042-1456736896-2086988543-1001
2023-04-25 08:30 - 2021-11-11 00:29 - 000002383 _____ C:\Users\breck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-04-24 16:02 - 2021-11-11 00:27 - 000000000 ____D C:\Users\breck\AppData\Local\D3DSCache
2023-04-24 13:50 - 2021-11-11 00:40 - 000003714 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-04-24 13:50 - 2021-11-11 00:40 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-04-24 09:51 - 2021-11-27 11:20 - 000000000 ____D C:\ProgramData\Glarysoft
2023-04-24 09:49 - 2021-11-27 11:19 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5
2023-04-23 12:31 - 2021-11-16 20:42 - 000000000 ____D C:\Program Files (x86)\Overwolf
2023-04-23 08:19 - 2021-11-11 00:54 - 000000000 ____D C:\Users\breck\AppData\Roaming\weather-bar-app
2023-04-23 08:15 - 2021-11-11 00:20 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-04-23 08:15 - 2021-11-11 00:20 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-04-22 20:43 - 2021-11-11 11:39 - 000000000 ____D C:\ProgramData\LMStatus Center
2023-04-22 20:16 - 2021-11-11 00:27 - 000000000 ____D C:\Users\breck\AppData\Local\Packages
2023-04-22 20:16 - 2021-11-11 00:27 - 000000000 ____D C:\ProgramData\Packages
2023-04-22 20:13 - 2021-12-16 23:43 - 000000000 ____D C:\Users\breck\AppData\Local\Ubisoft Game Launcher
2023-04-22 19:30 - 2022-04-08 17:23 - 000000000 ____D C:\Users\breck\AppData\Local\ElevatedDiagnostics
2023-04-22 19:25 - 2021-11-11 03:14 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-04-22 18:51 - 2021-11-11 03:16 - 000000000 ____D C:\WINDOWS\system32\Catroot2.old
2023-04-22 18:40 - 2021-11-11 00:22 - 000000000 ____D C:\Users\breck\AppData\Roaming\Microsoft\Windows
2023-04-21 14:02 - 2021-11-11 17:24 - 000000000 ____D C:\Users\breck\AppData\Roaming\FileZilla
2023-04-21 08:39 - 2021-02-06 10:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2023-04-21 08:27 - 2021-11-11 00:22 - 000000000 ____D C:\Users\breck
2023-04-21 08:15 - 2021-11-11 01:01 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-04-21 08:15 - 2021-11-11 01:01 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-04-20 23:25 - 2021-11-11 03:16 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-04-20 22:59 - 2021-11-11 00:47 - 156112424 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-04-20 22:59 - 2021-11-11 00:47 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-04-20 22:53 - 2021-01-28 17:53 - 000000000 ___RD C:\Users\breck\Google Drive
2023-04-20 19:28 - 2021-11-11 00:40 - 000000000 ____D C:\Users\breck\AppData\Local\Google
2023-04-20 19:28 - 2021-11-11 00:40 - 000000000 ____D C:\Program Files\Google
2023-04-19 23:22 - 2021-11-11 00:36 - 000002364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2023-04-19 23:22 - 2021-11-11 00:36 - 000002323 _____ C:\Users\Public\Desktop\Brave.lnk
2023-04-18 09:42 - 2021-11-11 00:27 - 000000000 ____D C:\Users\breck\AppData\Local\NVIDIA
2023-04-17 09:49 - 2021-11-27 11:19 - 000001165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2023-04-17 09:49 - 2021-11-27 11:19 - 000001153 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2023-04-16 08:13 - 2021-11-11 00:53 - 000000000 ____D C:\Program Files\Microsoft Office
2023-04-14 04:31 - 2022-03-23 13:04 - 006798840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2023-04-14 04:31 - 2021-11-01 08:53 - 007935608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2023-04-12 18:27 - 2021-11-12 17:54 - 000000000 ____D C:\Users\breck\AppData\Roaming\Microsoft\Office
2023-04-11 19:55 - 2022-10-13 12:47 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-04-11 19:55 - 2022-10-13 12:47 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-04-11 16:22 - 2021-11-11 00:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-04-10 20:42 - 2021-11-11 00:24 - 000000000 ____D C:\WINDOWS\SoftwareDistribution.old
2023-04-10 20:42 - 2021-08-03 12:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield™ V
2023-04-10 12:09 - 2021-11-11 10:44 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-04-09 21:52 - 2021-11-16 20:38 - 000000000 ____D C:\Users\breck\AppData\Local\Overwolf
2023-04-07 17:58 - 2021-11-11 03:19 - 000000779 _____ C:\Users\Public\Desktop\Battlestate Games Launcher.lnk
2023-04-07 17:58 - 2021-01-28 20:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlestate Games
2023-04-05 18:22 - 2021-11-11 00:20 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-04-05 18:22 - 2021-11-11 00:20 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-04-01 22:09 - 2023-01-19 22:17 - 000000000 ____D C:\ProgramData\BrightData
 
==================== Files in the root of some directories ========
 
2022-06-16 17:00 - 2022-06-17 19:06 - 000000128 _____ () C:\Users\breck\AppData\Local\PUTTY.RND
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================

  • 0

#3
Propolis
Posted 27 April 2023 - 02:56 PM

Propolis

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-04-2023
Ran by breck (27-04-2023 16:42:29)
Running from C:\Users\breck\Downloads
Microsoft Windows 11 Pro Version 21H2 22000.1696 (X64) (2021-11-11 04:27:26)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
 
(If an entry is included in the fixlist, it will be removed.)
 
Administrator (S-1-5-21-3888328042-1456736896-2086988543-500 - Administrator - Disabled)
breck (S-1-5-21-3888328042-1456736896-2086988543-1001 - Administrator - Enabled) => C:\Users\breck
DefaultAccount (S-1-5-21-3888328042-1456736896-2086988543-503 - Limited - Disabled)
Guest (S-1-5-21-3888328042-1456736896-2086988543-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3888328042-1456736896-2086988543-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
@BIOS (HKLM-x32\...\{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.21.1203.1 - GIGABYTE) Hidden
@BIOS (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.21.1203.1 - GIGABYTE)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 23.001.20143 - Adobe)
Adobe AIR (HKLM-x32\...\{B373E236-B88C-48E0-96F2-D0E6FEEBB55F}) (Version: 33.1.1.932 - HARMAN International) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 33.1.1.932 - HARMAN International)
Adobe Anchor Service CS4 (HKLM-x32\...\{1618734A-3957-4ADD-8199-F973763109A8}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service x64 CS4 (HKLM\...\{887797BF-37A5-4199-B0C9-0D38D6196E9A}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS4 (HKLM-x32\...\{83877DB1-8B77-45BC-AB43-2BAC22E093E0}) (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (HKLM-x32\...\{94D398EB-D2FD-4FD1-B8C4-592635E8A191}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (HKLM\...\{90BA8112-80B3-4617-A3C1-BD2771B60F74}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific CS4 (HKLM-x32\...\{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Extra Settings CS4 (HKLM-x32\...\{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings CS4 (HKLM-x32\...\{0D6013AB-A0C7-41DC-973C-E93129C9A29F}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Recommended Settings CS4 (HKLM-x32\...\{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles CS CS4 (HKLM-x32\...\{63C24A08-70F3-4C8E-B9FB-9F21A903801D}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 (HKLM-x32\...\{0F723FC1-7606-4867-866C-CE80AD292DAF}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (HKLM\...\{8DAA31EB-6830-4006-A99F-4DF8AB24714F}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (HKLM-x32\...\{C52E3EC1-048C-45E1-8D53-10B0C6509683}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS4 (HKLM-x32\...\{67F0E67A-8E93-4C2C-B29D-47C48262738A}) (Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 (HKLM-x32\...\{16E16F01-2E2D-4248-A42F-76261C147B6C}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (HKLM\...\{A3454894-144A-4D80-B605-C128FE0D7329}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (HKLM-x32\...\{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}) (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS4 (HKLM-x32\...\{054EFA56-2AC1-48F4-A883-0AB89874B972}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Fonts All (HKLM-x32\...\{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Fonts All x64 (HKLM\...\{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 (HKLM-x32\...\{931AB7EA-3656-4BB7-864D-022B09E3DD67}) (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (HKLM\...\{8875A1C0-6308-4790-8CF6-D34E89880052}) (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Output Module (HKLM-x32\...\{BB4E33EC-8181-4685-96F7-8554293DEC6A}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (HKLM-x32\...\{F93C84A6-0DC6-42AF-89FA-776F7C377353}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files x64 CS4 (HKLM\...\{DFFABE78-8173-4E97-9C5C-22FB26192FC5}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (HKLM\...\{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (HKLM-x32\...\{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (HKLM-x32\...\{E4848436-0345-47E2-B648-8B522FCDA623}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (HKLM-x32\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop CS4 Support (HKLM-x32\...\{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Adobe Search for Help (HKLM-x32\...\{F0E64E2E-3A60-40D8-A55D-92F6831875DA}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Service Manager Extension (HKLM-x32\...\{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (HKLM-x32\...\{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support CS4 (HKLM-x32\...\{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support x64 CS4 (HKLM\...\{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (HKLM-x32\...\{05308C4E-7285-4066-BAE3-6B50DA6ED755}) (Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (HKLM-x32\...\{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}) (Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (HKLM\...\{295CFB7C-A57E-4313-93E7-68E7CE1D0332}) (Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (HKLM-x32\...\{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetCMYK (HKLM-x32\...\{68243FF8-83CA-466B-B2B8-9F99DA5479C4}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetRGB (HKLM-x32\...\{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Amazon Appstore (HKU\S-1-5-21-3888328042-1456736896-2086988543-1001\...\com.amazon.venezia) (Version: release-60.13.1.0.207502.0_259610 - amazon.com)
APP Center (HKLM-x32\...\{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.22.1031.1 - Gigabyte) Hidden
APP Center (HKLM-x32\...\InstallShield_{D50BEE9A-0EC6-4A58-BF90-35BDC6D6495D}) (Version: 3.22.1031.1 - Gigabyte)
Aslain's WoT Modpack version 1.20.0.1.06 (HKLM-x32\...\Aslains_WoT_Modpack_Installer_is1) (Version: 1.20.0.1.06 - Aslain)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1579.3 - AVAST Software) Hidden
AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1582.3 - AVG Technologies) Hidden
BakkesMod version 3.0 (HKLM\...\{BF029534-4334-4CFC-B771-50B7EE54346F}_is1) (Version: 3.0 - BakkesMod)
Battlestate Games Launcher 12.12.3.1981 (HKLM-x32\...\{B0FDA062-7581-4D67-B085-C4E7C358037F}_is1) (Version: 12.12.3.1981 - Battlestate Games)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 112.1.50.121 - Brave Software Inc)
BUFF (HKU\S-1-5-21-3888328042-1456736896-2086988543-1001\...\Overwolf_caboggillkkpgkiokbjmgldfkedbfnpkgadakcdl) (Version: 0.7.12.0 - Overwolf app)
Connect (HKLM-x32\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Customer Support (HKLM-x32\...\{B33D89E4-FB43-6749-447E-2E469AC9EB5B}) (Version: 1.0.0.0 - Lexmark International, Inc.)
Discord (HKU\S-1-5-21-3888328042-1456736896-2086988543-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
Documentation Manager (HKLM\...\{5D4B95B9-6199-4643-B41B-DEBD7048A263}) (Version: 22.160.0.3 - Intel Corporation) Hidden
EasyTune (HKLM-x32\...\{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.21.1223 - GIGABYTE) Hidden
EasyTune (HKLM-x32\...\InstallShield_{7F635314-EE21-4E4B-A68D-69AE70BA0E9B}) (Version: 1.21.1223 - GIGABYTE)
EasyTuneEngineService (HKLM-x32\...\{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.22.0211 - GIGABYTE) Hidden
EasyTuneEngineService (HKLM-x32\...\InstallShield_{964575C3-5820-4642-A89A-754255B5EFE1}) (Version: 1.22.0211 - GIGABYTE)
Escape from Tarkov (HKLM-x32\...\EscapeFromTarkov) (Version: 0.13.0.4.22617 - Battlestate Games)
EU Waste Recycling Information (HKLM-x32\...\{42DF7152-0B7D-7917-4633-94E00C7BE684}) (Version: 1.0.0.0 - Lexmark International, Inc.)
EVGA Precision X1 (HKLM\...\EVGA Precision X1) (Version: 1.3.7.0 - EVGA Corporation)
FileZilla 3.62.2 (HKLM-x32\...\FileZilla Client) (Version: 3.62.2 - Tim Kosse)
GBTECService (HKLM-x32\...\{759D7F2F-1F0D-461E-A3CD-BF58FC60DB2F}) (Version: 1.21.1124 - Gigabyte) Hidden
GBTECService (HKLM-x32\...\InstallShield_{759D7F2F-1F0D-461E-A3CD-BF58FC60DB2F}) (Version: 1.21.1124 - Gigabyte)
Glary Utilities 5.204 (HKLM-x32\...\Glary Utilities 5) (Version: 5.204.0.233 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 112.0.5615.138 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 74.0.3.0 - Google LLC)
Google Keep (HKU\S-1-5-21-3888328042-1456736896-2086988543-1001\...\c51d2d76fe6d868609af6a77214568a2) (Version: 1.0 - Google\Chrome)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.31.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google LLC) Hidden
GService (HKLM-x32\...\{D9CB4282-7B2A-4840-AD1D-9DA72B973DD9}) (Version: 1.19.0624.1 - GIGABYTE)
HP Color LaserJet Pro M452 (HKLM-x32\...\{60cc8319-2c81-4d9b-84ca-88a4faa33aff}) (Version: 16.0.19116.636 - Hewlett-Packard)
HP Unified IO (HKLM\...\{5C76ED0D-0F6F-4985-8B34-F9AE7834848F}) (Version: 2.0.0.434 - HP) Hidden
HP Unified IO (HKLM-x32\...\{F1390872-2500-4408-A46C-CD16C960C661}) (Version: 2.0.0.434 - HP) Hidden
HPCLJProM452 (HKLM-x32\...\{E7E2297B-B657-470B-9575-1B5ED16581D5}) (Version: 0.05.0000 - Hewlett-Packard) Hidden
HyperX Orbit (HKU\S-1-5-21-3888328042-1456736896-2086988543-1001\...\{53c94b83-921c-4bad-8707-d7d38e1a6935}) (Version: 0.0.1 - HyperX)
iMovie for Windows 2022 (HKLM\...\{9CC29C6A-B5FE-497B-8F23-52A2557A72C2}}_is1) (Version:  - VideoWin)
Information Center (HKLM-x32\...\{851828ED-8353-E017-70EE-BF284CE2B799}) (Version: 1.0.0.0 - Lexmark International, Inc.)
Intel® Network Connections 26.2.0.1 (HKLM\...\{AC44C09E-6D45-4F0F-8749-C3DF69A55FDE}) (Version: 26.2.0.1 - Intel) Hidden
Intel® Network Connections 26.2.0.1 (HKLM\...\PROSetDX) (Version: 26.2.0.1 - Intel)
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000160-0220-1033-84C8-B8D95FA3C8C3}) (Version: 22.160.0.4 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{8fca270b-04dc-46cd-a7dc-bca0425f10c6}) (Version: 22.160.0.3 - Intel Corporation) Hidden
kuler (HKLM-x32\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LED Sync (HKLM-x32\...\{417D2425-8783-46D4-97DF-EEF7CD17D656}) (Version: 1.1.1 - EVGA)
Lexmark Network Twain Scan Driver (HKLM-x32\...\{3376919A-5F1D-4383-4E76-11B5CDBA1069}) (Version: 1.21.169.0 - Lexmark International, Inc.)
Lexmark Printer Software G4 HBP Print Driver (HKLM\...\{9C528FAA-62BA-404A-8E4D-72D77A0ECBCD}) (Version: 4.2.2.0 - Lexmark International, Inc.)
Lexmark Printer Software G4 Scan Driver (HKLM\...\{53ED9732-0A14-DEFF-DF77-9011D947BFDB}) (Version: 4.2.1.0 - Lexmark International, Inc.)
Lexmark ScanBack Utility (HKLM\...\{A6CE3613-57D8-402D-976A-192B2E3A15CF}) (Version: 5.4.0.0 - Lexmark International, Inc.)
Lexmark Status Center (HKLM-x32\...\{F19EA150-D65B-44C3-B02F-C0E685B12044}) (Version: 2.6.61.0 - Lexmark International, Inc.)
Lexmark USB Bidi Solution (HKLM\...\{03C7784A-FEBA-40FB-9BF7-032F53E820F1}) (Version: 1.4.68.0 - Lexmark International, Inc.)
Malwarebytes version 4.5.27.262 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.27.262 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 112.0.1722.58 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 112.0.1722.58 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Volume - en-us) (Version: 16.0.16227.20280 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3888328042-1456736896-2086988543-1001\...\OneDriveSetup.exe) (Version: 23.083.0418.0001 - Microsoft Corporation)
Microsoft Project Professional 2019 - en-us (HKLM\...\ProjectPro2019Volume - en-us) (Version: 16.0.16227.20280 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{843E8BAC-637E-4354-94D7-73D910E2168F}) (Version: 4.71.0.0 - Microsoft Corporation)
Microsoft Visio Professional 2019 - en-us (HKLM\...\VisioPro2019Volume - en-us) (Version: 16.0.16227.20280 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.30.30704 (HKLM-x32\...\{BF08E976-B92E-4336-B56F-2171179476C4}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.30.30704 (HKLM-x32\...\{F6080405-9FA8-4CAA-9982-14E95D1A3DAC}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
MY.GAMES GameCenter (HKU\S-1-5-21-3888328042-1456736896-2086988543-1001\...\GameCenter) (Version: 4.1629 - MY.COM B.V.)
MySQL Connector/ODBC 3.51 (HKLM-x32\...\{F929096B-54A0-4C5C-B125-1E7EB1917412}) (Version: 3.51.19 - MySQL AB)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.4.8 - Notepad++ Team)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation)
NVIDIA Graphics Driver 531.68 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 531.68 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NZXT CAM 4.49.4 (HKLM\...\ac0666ae-ee66-5310-ac01-9d6348133b2d) (Version: 4.49.4 - NZXT, Inc.)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.2.4 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16227.20204 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.221.109.14 - Overwolf Ltd.)
PDF Settings CS4 (HKLM-x32\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (HKLM-x32\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (HKLM\...\{2D74E972-5A85-44DC-9193-8A302BA8C181}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version: 2.18.0 - Rainy)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9313.1 - Realtek Semiconductor Corp.)
Sage Simply Accounting 2011 (HKLM-x32\...\{53AB83B3-9908-44DF-97B5-C107140F26AD}) (Version: 18.10.2001 - Sage Software) Hidden
Sage Simply Accounting 2011 (HKLM-x32\...\InstallShield_{53AB83B3-9908-44DF-97B5-C107140F26AD}) (Version: 18.10.2001 - Sage Software)
Samsung DeX (HKLM-x32\...\{01CB0AC1-0B42-41CD-B569-A0485FEFE3CE}) (Version: 2.4.1.18 - Samsung Electronics Co., Ltd.) Hidden
Samsung DeX (HKLM-x32\...\{0ee140a4-adcc-4974-ad4c-210d225b488c}) (Version: 2.4.1.18 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.58.0 - Samsung Electronics Co., Ltd.)
StreamElements SE.Live (HKLM-x32\...\StreamElements OBS.Live) (Version: 22.9.8.69 - StreamElements)
Suite Shared Configuration CS4 (HKLM-x32\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 10.0.1250 - SUPERAntiSpyware.com)
tomato.gg (HKLM-x32\...\{F0A2ADC1-0B7F-4987-8B40-F54F40BD1487}_is1) (Version: 2023.03.24.1 - poliroid)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 103.2 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{D7B591D8-1091-4A00-A0B3-5301C45E5D51}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VPN by Google One (HKLM\...\{A1F022B1-145B-4EBF-9752-95B413C837A3}) (Version: 1.4.2.1 - Google LLC)
Wargaming.net Game Center (HKU\S-1-5-21-3888328042-1456736896-2086988543-1001\...\Wargaming.net Game Center) (Version: 23.1.0.2222 - Wargaming.net)
Weather Bar 1.0.0 (only current user) (HKU\S-1-5-21-3888328042-1456736896-2086988543-1001\...\62e3eecb-e013-549b-8222-3caf500ba8f3) (Version: 1.0.0 - Peter Schmalfeldt)
Windows Driver Package - GigaDevice (GDDFUDriver) USB  (09/03/2019 7.54.5.81) (HKLM\...\E1C31C17E655A1667E552C504E68A8254134BC65) (Version: 09/03/2019 7.54.5.81 - GigaDevice)
Windows Driver Package - Lexmark International Printer  (01/07/2016 2.15.1.0) (HKLM\...\5AC7AA4BC0B110A7835BDAE3EB847392F2D432D0) (Version: 01/07/2016 2.15.1.0 - Lexmark International)
Windows Driver Package - Lexmark International Printer  (01/29/2016 4.2.2.0) (HKLM\...\9F3CD1A858C48392BF12DFF7DDDC6734448C2F79) (Version: 01/29/2016 4.2.2.0 - Lexmark International)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
World of Tanks NA (HKU\S-1-5-21-3888328042-1456736896-2086988543-1001\...\740900249) (Version:  - Wargaming.net)
World of Warships ModStation (HKLM\...\{A8151413-D738-4556-BAC3-6344FA961EF2}_is1) (Version: 2.1.0.3 - Wargaming.net)
World_of_Warships (HKU\S-1-5-21-3888328042-1456736896-2086988543-1001\...\1527964767) (Version:  - Wargaming.net)
Zoom (HKU\S-1-5-21-3888328042-1456736896-2086988543-1001\...\ZoomUMX) (Version: 5.13.7 (12602) - Zoom Video Communications, Inc.)
 
Packages:
=========
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.93.6831.0_x64__8wekyb3d8bbwe [2023-03-29] (Microsoft Corporation) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-04-18] (NVIDIA Corp.)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-02-02] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-02-02] (Microsoft Corporation)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2022-05-03] (Adobe Systems Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.35.271.0_x64__dt26b99r8h8gj [2023-03-15] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-15] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0 [2023-03-31] (Spotify AB) [Startup Task]
Windows Subsystem for Android™ -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForAndroid_2302.40000.9.0_x64__8wekyb3d8bbwe [2023-03-29] (Microsoft Corp.) [Startup Task]
WindowsAppRuntime.1.1 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.1_1005.616.1651.0_x64__8wekyb3d8bbwe [2023-02-09] (Microsoft Corporation)
WindowsAppRuntime.1.1 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.1_1005.616.1651.0_x86__8wekyb3d8bbwe [2023-02-09] (Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3888328042-1456736896-2086988543-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\74.0.3.0\drivefsext.dll [2023-04-26] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\74.0.3.0\drivefsext.dll [2023-04-26] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\74.0.3.0\drivefsext.dll [2023-04-26] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\74.0.3.0\drivefsext.dll [2023-04-26] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2022-12-24] (Notepad++ -> )
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\74.0.3.0\drivefsext.dll [2023-04-26] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2023-03-03] (Glarysoft Ltd -> Glarysoft Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2023-03-03] (Glarysoft Ltd -> Glarysoft Ltd)
ContextMenuHandlers2: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-04-20] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers3: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\74.0.3.0\drivefsext.dll [2023-04-26] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\74.0.3.0\drivefsext.dll [2023-04-26] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_8156678a4c5d0913\nvshext.dll [2023-04-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2023-03-03] (Glarysoft Ltd -> Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-04-20] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\breck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Keep.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=eilembjdkfgodjkcjnpgpaenohkicgjd
 
==================== Loaded Modules (Whitelisted) =============
 
2023-04-27 16:33 - 2023-04-27 14:02 - 001569280 _____ () [File not signed] \\?\C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\CTITSDKDeviceTool.dll
2022-10-25 19:25 - 2022-10-25 19:25 - 001868800 _____ () [File not signed] C:\Program Files (x86)\Gigabyte\AppCenter\BDR_info.dll
2023-01-06 15:26 - 2023-01-06 15:26 - 013525504 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avcodec-58.dll
2023-01-06 15:26 - 2023-01-06 15:26 - 002586112 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avformat-58.dll
2023-01-06 15:26 - 2023-01-06 15:26 - 000658944 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\avutil-56.dll
2023-01-06 15:26 - 2023-01-06 15:26 - 000135680 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\brotlicommon.dll
2023-01-06 15:26 - 2023-01-06 15:26 - 000041984 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\brotlidec.dll
2023-01-06 15:26 - 2023-01-06 15:26 - 000056320 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\bz2.dll
2023-01-06 15:26 - 2023-01-06 15:26 - 001130496 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\cairo.dll
2023-01-06 15:26 - 2023-01-06 15:26 - 000222208 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\fontconfig.dll
2023-01-06 15:26 - 2023-01-06 15:26 - 000009728 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libcharset.dll
2023-01-06 15:26 - 2023-01-06 15:26 - 000117248 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libexpat.dll
2023-01-06 15:26 - 2023-01-06 15:26 - 000918016 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libiconv.dll
2023-01-06 15:26 - 2023-01-06 15:26 - 000164864 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\libpng16.dll
2023-01-06 15:26 - 2023-01-06 15:26 - 000152576 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\swresample-3.dll
2023-01-06 15:26 - 2023-01-06 15:26 - 000611328 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\swscale-5.dll
2023-01-06 15:26 - 2023-01-06 15:26 - 000074752 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\zlib1.dll
2021-06-24 10:33 - 2021-06-24 10:33 - 000268288 _____ () [File not signed] C:\Program Files\Lexmark\Bidi\LM__inpa.dll
2023-04-27 16:33 - 2023-04-27 14:02 - 002725376 _____ () [File not signed] C:\Program Files\NZXT CAM\ffmpeg.dll
2023-04-27 16:33 - 2023-04-27 14:02 - 000447488 _____ () [File not signed] C:\Program Files\NZXT CAM\libegl.dll
2023-04-27 16:33 - 2023-04-27 14:02 - 006985216 _____ () [File not signed] C:\Program Files\NZXT CAM\libglesv2.dll
2023-04-20 08:12 - 2023-04-27 14:02 - 000839168 _____ () [File not signed] C:\Program Files\NZXT CAM\vulkan-1.dll
2017-08-02 07:24 - 2017-08-02 07:24 - 000017920 _____ () [File not signed] C:\Program Files\Rainlendar2\lfs.dll
2017-08-02 07:37 - 2017-08-02 07:37 - 000331776 _____ () [File not signed] C:\Program Files\Rainlendar2\libical.dll
2017-08-02 07:37 - 2017-08-02 07:37 - 000063488 _____ () [File not signed] C:\Program Files\Rainlendar2\libicalss.dll
2017-08-02 07:24 - 2017-08-02 07:24 - 000314880 _____ () [File not signed] C:\Program Files\Rainlendar2\lua53.dll
2022-05-13 05:51 - 2022-05-13 05:51 - 000260608 _____ () [File not signed] C:\Program Files\Rainlendar2\plugins\GoogleCalendarPlugin.dll
2022-05-13 05:50 - 2022-05-13 05:50 - 000214016 _____ () [File not signed] C:\Program Files\Rainlendar2\plugins\GoogleTasksPlugin.dll
2022-05-13 05:50 - 2022-05-13 05:50 - 000123904 _____ () [File not signed] C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll
2022-11-17 08:47 - 2022-11-07 06:17 - 000387072 _____ () [File not signed] D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2022-11-17 08:47 - 2022-11-07 06:17 - 008052736 _____ () [File not signed] D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2008-08-14 08:15 - 2008-08-14 08:15 - 000481792 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files\Common Files\Adobe\Adobe Drive CS4\BIB.dll
2023-04-27 16:33 - 2023-04-27 14:02 - 002487808 _____ (CPUID) [File not signed] \\?\C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\common\cpuid\cpuidsdk64.dll
2022-08-24 12:45 - 2022-08-24 12:45 - 000242176 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [File not signed] C:\Program Files (x86)\Gigabyte\AppCenter\yccV3.dll
2021-11-05 17:07 - 2021-11-05 17:07 - 000236544 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) [File not signed] C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\yccV3.dll
2009-09-16 18:44 - 2009-09-16 18:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 18:45 - 2009-09-16 18:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 11:44 - 2009-09-16 11:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
2009-09-16 18:45 - 2009-09-16 18:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll
2023-01-06 15:26 - 2023-01-06 15:26 - 000055808 _____ (Open Source Software community LGPL) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\pthreadVC2.dll
2023-02-14 17:59 - 2023-02-14 17:59 - 004464640 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\NativeSamsungDexFramework.dll
2023-02-14 17:59 - 2023-02-14 17:59 - 002862080 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\SCommon.dll
2023-02-14 17:58 - 2023-02-14 17:58 - 006601216 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\SLocales.dll
2023-04-27 16:33 - 2023-04-27 14:02 - 000083456 _____ (Silicon Laboratories, Inc.) [File not signed] \\?\C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\nzxt-device\SiUSBXp64.dll
2019-10-10 10:13 - 2019-10-10 10:13 - 000422400 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files\Rainlendar2\libcurl.dll
2023-01-06 15:26 - 2023-01-06 15:26 - 000539136 _____ (The FreeType Project) [File not signed] C:\Program Files (x86)\Samsung\Samsung DeX\freetype.dll
2018-11-16 08:48 - 2018-11-16 08:48 - 002720768 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Rainlendar2\libcrypto-1_1-x64.dll
2018-11-16 08:49 - 2018-11-16 08:49 - 000658944 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Rainlendar2\libssl-1_1-x64.dll
2015-10-14 02:15 - 2015-10-14 02:15 - 002042368 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\Gigabyte\AppCenter\osvi.dll
2021-05-01 11:30 - 2021-05-01 11:30 - 002937344 _____ (wxWidgets development team) [File not signed] C:\Program Files\Rainlendar2\wxbase315u_vc_rny.dll
2021-05-01 11:34 - 2021-05-01 11:34 - 000181760 _____ (wxWidgets development team) [File not signed] C:\Program Files\Rainlendar2\wxbase315u_xml_vc_rny.dll
2021-05-01 11:33 - 2021-05-01 11:33 - 008469504 _____ (wxWidgets development team) [File not signed] C:\Program Files\Rainlendar2\wxmsw315u_core_vc_rny.dll
2021-05-01 11:34 - 2021-05-01 11:34 - 000781312 _____ (wxWidgets development team) [File not signed] C:\Program Files\Rainlendar2\wxmsw315u_html_vc_rny.dll
2021-05-01 11:36 - 2021-05-01 11:36 - 000880128 _____ (wxWidgets development team) [File not signed] C:\Program Files\Rainlendar2\wxmsw315u_propgrid_vc_rny.dll
2021-05-01 11:35 - 2021-05-01 11:35 - 000970240 _____ (wxWidgets development team) [File not signed] C:\Program Files\Rainlendar2\wxmsw315u_xrc_vc_rny.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\breck\AppData\Local\Temp:$DATA​ [16]
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-03-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-15] (Microsoft Corporation -> Microsoft Corporation)
 
2022-12-01 17:00 - 2022-12-16 16:49 - 000000443 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.18.144.1 DESKTOP-P9UHPF8.mshome.net # 2027 12 3 15 20 49 39 969
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3888328042-1456736896-2086988543-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\breck\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img2.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{E570D354-EF3A-4B20-B8FA-85DE86919F53}] => (Allow) D:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C22C45BF-05BA-4380-AD02-404293E27737}] => (Allow) D:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C74D98F1-CA4A-4C84-A0AB-35F5E8A024C9}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{CA1596E0-5AA3-4668-A5B1-6F8B4DE16502}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{ADFB4B7F-73AA-467B-8F1E-B2350BF8A1E3}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Destiny 2\destiny2launcher.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{3EBA8485-268A-49DE-A67D-C618E964EE55}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Destiny 2\destiny2launcher.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{C6B33290-D540-45C2-9302-DC4FDCCDD140}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{151E613E-50E5-4B28-8A24-9C79B7DEB7FC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{CFEE0BD2-737D-4E40-AF51-E083741E219E}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{3492BD22-708D-4BD9-A03D-4B4B6844FF05}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{A0E53093-CDC7-4F0B-BFF9-DBEC72C66322}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{74608D69-A831-49AD-8D39-29FB72F577EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{21444D55-95AD-4D96-855D-E79D6DC2F469}] => (Allow) C:\Users\breck\AppData\Local\Temp\RarSFX0\InstallationPackage\install\x64\installgui.exe => No File
FirewallRules: [{7A5DBCFC-BD60-4D33-947F-2B8FB65437B5}] => (Allow) C:\Users\breck\AppData\Local\Temp\RarSFX0\InstallationPackage\install\x64\installgui.exe => No File
FirewallRules: [TCP Query User{476BF0BC-4606-4334-82EE-6B1A055B6848}C:\users\breck\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\breck\appdata\local\programs\opera gx\opera.exe => No File
FirewallRules: [UDP Query User{3DE40740-7295-4F28-93B2-D996280CAB9B}C:\users\breck\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\breck\appdata\local\programs\opera gx\opera.exe => No File
FirewallRules: [{0C42BE6F-6D8C-42D8-A0E8-0E30EF23EF9E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [File not signed]
FirewallRules: [{2B390E04-3387-4D5A-BE60-5D28546721C6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [File not signed]
FirewallRules: [{7380EAAD-D150-45DE-8C09-8865223B07ED}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{CDBD3E5C-4536-46FD-97E9-C96F33E553C9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZLauncher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive)
FirewallRules: [{8F29B55C-745C-4EFB-870A-85A1BC07111D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [{EEB80678-C03A-4D75-A294-8213550799DE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe (BOHEMIA INTERACTIVE a.s. -> BattlEye Innovations)
FirewallRules: [TCP Query User{33D57242-36F4-47B4-A312-CE553C2C2973}C:\windows.old\users\breck\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\windows.old\users\breck\appdata\local\gamecenter\gamecenter.exe (LLC Mail.Ru -> )
FirewallRules: [UDP Query User{ED3D0561-FEE9-4FE8-BE03-23DA14A94190}C:\windows.old\users\breck\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\windows.old\users\breck\appdata\local\gamecenter\gamecenter.exe (LLC Mail.Ru -> )
FirewallRules: [{4E31B501-5790-43A6-BC47-3CC4B9153871}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{9CE5B261-916E-45B3-B1BD-853261C2DC78}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [TCP Query User{1C8AC857-15B8-4A91-B644-E91CA4F3E173}C:\users\breck\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\breck\appdata\local\programs\opera gx\opera.exe => No File
FirewallRules: [UDP Query User{21107AA4-98C6-4E62-BE84-62B9FE41CF62}C:\users\breck\appdata\local\programs\opera gx\opera.exe] => (Allow) C:\users\breck\appdata\local\programs\opera gx\opera.exe => No File
FirewallRules: [{B9AC1FE1-4C73-4113-819B-81ABA01D4146}] => (Allow) LPort=5353
FirewallRules: [{485367A5-586E-4A00-B4E0-CBB73C1019F7}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [{CF158D90-F248-4FC4-9C27-324F000157C4}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
FirewallRules: [TCP Query User{9603EAAC-D711-4CDB-A214-94BC2AF26164}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [UDP Query User{32CA2A8A-7020-4755-913F-6047535D08FD}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [TCP Query User{87CFABE7-7F8C-46EC-A11E-5A75D2640214}D:\program files (x86)\steam\steamapps\common\destiny 2\destiny2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [UDP Query User{88D1E1D2-8C57-459B-B6CD-02AD223F1964}D:\program files (x86)\steam\steamapps\common\destiny 2\destiny2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [TCP Query User{E2F2E187-CD9B-4670-9D88-FB675039FCB9}C:\games\world_of_tanks_na\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_na\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{E9799A24-C8BC-4C5D-AA9B-6C94706B2245}C:\games\world_of_tanks_na\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_na\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{17B57213-CCFB-4D69-BA4A-1ADD88B6D172}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Monopoly Poker\MONOPOLY Poker.exe () [File not signed]
FirewallRules: [{560910C2-2176-43ED-A4E3-547CB1C4DFE3}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Monopoly Poker\MONOPOLY Poker.exe () [File not signed]
FirewallRules: [{CE5D2AD2-9A8B-4952-839B-EC61E85902CD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Marvels Avengers\Avengers.exe (Crystal Dynamics, Inc -> Crystal Dynamics, Inc.)
FirewallRules: [{DC5BF177-90D8-47FD-AC1A-65F43F3FCEC6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Marvels Avengers\Avengers.exe (Crystal Dynamics, Inc -> Crystal Dynamics, Inc.)
FirewallRules: [{B7DBF189-4CCF-4995-9F9C-7BA16F94EC91}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Zero Hour\Zero Hour.exe () [File not signed]
FirewallRules: [{EB7CF00C-8F93-4C4E-AB5B-81353E2996B5}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Zero Hour\Zero Hour.exe () [File not signed]
FirewallRules: [{69DC8DC0-2BE6-4389-ABFC-F3D03E506B17}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Fishing Planet\FishingPlanet.exe (Unity Technologies ApS) [File not signed]
FirewallRules: [{547E8A4A-CC7C-4072-A7D2-A06A1297C3B3}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Fishing Planet\FishingPlanet.exe (Unity Technologies ApS) [File not signed]
FirewallRules: [{BA2B792F-277A-48CA-934B-DD8FE2A3A6A8}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\The Game of Life 2\GameOfLife2.exe () [File not signed]
FirewallRules: [{422FDCAA-91B9-4B23-A236-A55FFD2FF195}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\The Game of Life 2\GameOfLife2.exe () [File not signed]
FirewallRules: [{8C8366F4-1466-46C1-8952-E03882B03128}] => (Allow) D:\Battlestate Games\BsgLauncher\BsgLauncher.exe (BATTLESTATE GAMES LIMITED -> Battlestate Games)
FirewallRules: [{925C2C84-053F-4FF9-8866-0121B9425EF0}] => (Allow) D:\Battlestate Games\BsgLauncher\BsgLauncher.exe (BATTLESTATE GAMES LIMITED -> Battlestate Games)
FirewallRules: [{8162C024-6763-435C-9B25-2982B5E2D837}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\theHunter\launcher\launcher.exe => No File
FirewallRules: [{7617F0A0-9DD7-419F-A215-B808357C96CE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\theHunter\launcher\launcher.exe => No File
FirewallRules: [{47360609-528C-4C72-9440-F7EC932D7921}] => (Allow) d:\Program Files\Epic Games\TheDivision2\TheDivision2.exe => No File
FirewallRules: [TCP Query User{314D524E-33AF-4934-B76F-F29252B54877}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [UDP Query User{1A0F0294-C1AD-4335-93FC-3E016D79E8AB}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (Ubisoft Entertainment Sweden AB -> Ubisoft)
FirewallRules: [{9F8A116D-60ED-4182-98DB-B9D3269513D9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Back 4 Blood\Back4Blood.exe (WB Games) [File not signed]
FirewallRules: [{1E99E905-BBA3-4E59-8B3C-926EF67BCD2E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Back 4 Blood\Back4Blood.exe (WB Games) [File not signed]
FirewallRules: [TCP Query User{EBBDFF53-DB62-41F2-A66F-56B8E2124819}D:\program files\epic games\riseofthetombraider\rottr.exe] => (Allow) D:\program files\epic games\riseofthetombraider\rottr.exe => No File
FirewallRules: [UDP Query User{0D5241E3-B1C4-4C3F-9894-B8D8725B2362}D:\program files\epic games\riseofthetombraider\rottr.exe] => (Allow) D:\program files\epic games\riseofthetombraider\rottr.exe => No File
FirewallRules: [{FA5BE117-0022-42E9-9D2A-765D84C59E98}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Ready Or Not\ReadyOrNot.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{E120D317-A3A5-413B-A18E-0B6C131E133B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Ready Or Not\ReadyOrNot.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{3D101B77-B7B2-4C8A-9DAC-CB74D222AE3F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3E2F021B-2C20-4ABF-A34A-F5ABB689B1B9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{01BB989C-29EE-4237-B552-A42A72E77AA4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D9412F41-6D5B-4322-B34D-AEDF6DF69A5D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{12CC913E-B58C-415A-A499-6D5BE4B78782}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{C5C38912-8542-408F-A522-B23DA601F5ED}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{F68C994A-D26B-4B5C-8412-B57EA1AA1414}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{6B713BAA-9B4B-4082-A572-07B425276F4E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{279BC969-1EC0-486D-B39C-C6EE37FF96C7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{FB659DDB-0D24-4A58-BCB9-14CAED3BAE83}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{C54DB02C-A266-4410-BF07-3D793271C280}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{E978D953-A64B-434D-A848-BFF4795631BD}] => (Allow) C:\Users\breck\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{30895134-B0A2-4A24-B8F3-B2ECD10A3AC9}] => (Allow) C:\Users\breck\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{99B5F91E-A39F-49EF-94E0-3EAE007E68E0}] => (Allow) C:\Users\breck\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{8CF7F0A8-3E4D-4C5B-9F68-ADC7EC18F881}D:\program files (x86)\steam\steamapps\common\destiny 2\destiny2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [UDP Query User{6AFAC977-4963-48D6-A4E8-B8D41D8BAB1F}D:\program files (x86)\steam\steamapps\common\destiny 2\destiny2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{B5E4540E-16BC-4E33-AEBF-5E538AB15E61}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{571FF5C0-8505-414E-8A52-BD8CC807049B}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{F09E66DB-1C99-42B1-9761-651B9489D4A4}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{67575089-7370-4125-9CD1-5D9B0F654BE3}C:\program files (x86)\gigabyte\@bios\flashbios.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\flashbios.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
FirewallRules: [UDP Query User{9119E677-49B1-4EC9-B06F-D7C346A33229}C:\program files (x86)\gigabyte\@bios\flashbios.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\flashbios.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
FirewallRules: [{9106A2EA-53B6-4046-B59D-754F15E0F671}] => (Allow) LPort=9009
FirewallRules: [{51159955-07A7-4EBB-9389-A0F19B5E7399}] => (Allow) LPort=9009
FirewallRules: [{157FED41-F6A2-4A17-B1F1-5271E114B138}] => (Allow) LPort=9009
FirewallRules: [{521952E4-32D9-4980-B0FC-1CA3B0592C65}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{C90B1F8A-DB52-4DBB-A58E-CD0916A324D5}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{2D9C48B3-EE23-48E5-906C-A7BD25AEEF13}] => (Allow) LPort=9009
FirewallRules: [{8EE371E1-BA1E-4FEE-9E0A-3053C168AC75}] => (Allow) LPort=9009
FirewallRules: [{E04F516F-3215-4E1A-8057-90D6D1EFEFD4}] => (Allow) LPort=9009
FirewallRules: [{1381E6B6-C394-478D-9FEB-5491AF5FF03C}] => (Allow) LPort=9009
FirewallRules: [{158879EE-36A4-4F19-8A09-B199FF73586F}] => (Allow) LPort=9009
FirewallRules: [{BBB618F2-42CE-40F7-A289-ED4067B8A396}] => (Allow) LPort=9009
FirewallRules: [{160BAC95-E088-48FF-B777-25DD3E6E8B22}] => (Allow) LPort=9009
FirewallRules: [{8840635D-1140-48DB-82E3-67E273D7F93E}] => (Allow) LPort=9009
FirewallRules: [{DB611068-E92E-4A76-9DFB-E0F14002C80C}] => (Allow) LPort=9009
FirewallRules: [{92FD7707-C0E2-4798-B6B1-AF835E1EF00B}] => (Allow) LPort=9009
FirewallRules: [{057CB000-3DC7-44E3-A2ED-8B2C63561D15}] => (Allow) LPort=9009
FirewallRules: [{AA51B1C5-5429-4591-A14F-D0C9A701E5DF}] => (Allow) LPort=9009
FirewallRules: [{C6E87B99-1A2C-4690-8D88-33C430DCA447}] => (Allow) LPort=9009
FirewallRules: [{D1266090-A390-41FF-BEB8-34A4E6924F70}] => (Allow) LPort=9009
FirewallRules: [{6CE380BD-C48F-4DF8-90D0-D9089AD764FC}] => (Allow) LPort=9009
FirewallRules: [{0A6A18B0-6F1A-44F5-B371-6381406E5C7A}] => (Allow) LPort=9009
FirewallRules: [{893FEC99-895B-4CCE-808D-659DDDB73676}] => (Allow) LPort=9009
FirewallRules: [{C61F61B8-69D0-4029-BF41-92E1BBBC9740}] => (Allow) LPort=9009
FirewallRules: [{2E89259C-25D0-47BF-9ADD-C78D504053D2}] => (Allow) LPort=9009
FirewallRules: [{E652E49C-6B61-4761-BF19-02F3B7A6BC69}] => (Allow) LPort=9009
FirewallRules: [{ADCC7F6C-8D51-4114-A68F-A7C4FD51E4F8}] => (Allow) LPort=9009
FirewallRules: [{12C12DFC-ABEE-4666-A8C9-D256E53F83DB}] => (Allow) LPort=9009
FirewallRules: [{28D41E55-3CE2-4C63-8711-C364182CF665}] => (Allow) LPort=9009
FirewallRules: [{B41F7FAA-2E1B-4981-8D10-CAEAF56F540E}] => (Allow) LPort=9009
FirewallRules: [{FC3F3AA6-7421-4A83-8A3B-2E8A2CC9750C}] => (Allow) LPort=9009
FirewallRules: [{D4E84AEB-228D-4625-BF69-0CD40B2928AB}] => (Allow) LPort=9009
FirewallRules: [{D2AF1A4E-7CDB-4A86-B3B8-4D6428BE7E8F}] => (Allow) LPort=9009
FirewallRules: [{9A9813FD-DB45-4ACD-B921-4DF0E887C22E}] => (Allow) LPort=9009
FirewallRules: [{CDF4E76D-4091-41B3-8F79-F3191177E3A6}] => (Allow) LPort=9009
FirewallRules: [{4C4746CC-5BD8-4CC5-8AF9-8F83837C90CB}] => (Allow) LPort=9009
FirewallRules: [{AE7A525C-C306-4318-85A8-DD39A81D172A}] => (Allow) LPort=9009
FirewallRules: [{170D66CD-2F86-489C-943A-AE9883C6DA5B}] => (Allow) LPort=9009
FirewallRules: [{5A12E07F-BF46-41EE-86A8-33908F84538F}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{340A7DF6-1E91-4693-B933-C5B212E6BB64}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{DE551459-24CC-4F52-BE2D-6E08FBC84104}] => (Allow) LPort=9009
FirewallRules: [{B03B6A10-C003-448F-979A-BD514D7A1A45}] => (Allow) LPort=9009
FirewallRules: [{C18B04A0-CBA3-434B-ACB0-9880EB1EB827}] => (Allow) LPort=9009
FirewallRules: [{FFDC3B25-A063-4651-951A-151D9022DAB5}] => (Allow) LPort=9009
FirewallRules: [{C7D5AA52-B678-475C-9368-3DD3A385860F}] => (Allow) LPort=9009
FirewallRules: [{780C15CB-616E-4203-86DB-DE7474E51836}] => (Allow) LPort=9009
FirewallRules: [{3599D20B-6BEC-471E-9F12-3E7AD0C98FBD}] => (Allow) LPort=9009
FirewallRules: [{9F490910-9343-4733-9F49-4FB3807FFA5D}] => (Allow) LPort=9009
FirewallRules: [{78E9BC41-C107-4E42-9D68-9A2D404255B1}] => (Allow) LPort=9009
FirewallRules: [{33857BC8-31F5-427D-89C1-55DA1348BDFF}] => (Allow) LPort=9009
FirewallRules: [{E325160D-C106-4810-AF01-8B3F5A7A57D2}] => (Allow) LPort=9009
FirewallRules: [{EB66CA73-F533-431F-AE75-69E310061D2D}] => (Allow) LPort=9009
FirewallRules: [{9650D61D-BEE0-4E06-A842-98C3CB93D324}] => (Allow) LPort=9009
FirewallRules: [{D670C961-826C-4EC0-B0CB-F10CCE557ED7}] => (Allow) LPort=9009
FirewallRules: [{1334E428-358D-4B07-976D-DC916454F9C6}] => (Allow) LPort=9009
FirewallRules: [{175E0F29-212D-4889-88E5-69C2E9314F18}] => (Allow) LPort=9009
FirewallRules: [{8EE00AB5-DF13-4D7D-9254-3EEDDC11ACFB}] => (Allow) LPort=9009
FirewallRules: [{83CB976F-3EDB-42E8-9334-2367282FECE4}] => (Allow) LPort=9009
FirewallRules: [{3A884B34-6F11-4F93-8A59-F7F319E9A6AA}] => (Allow) LPort=9009
FirewallRules: [{FC6563E1-D9B2-4339-91D2-2DD5CF163632}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{E8242B0E-9D8D-47C5-9AAB-0A9C1C4D0F77}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{CD80DA5E-2899-423B-B4CE-75D5B29FF4B6}] => (Allow) LPort=9009
FirewallRules: [{148BEB53-72F2-4B72-BD91-7558A2575D02}] => (Allow) LPort=9009
FirewallRules: [{7045C775-F6FB-4EBE-AA2B-42ED444DAB37}] => (Allow) LPort=9009
FirewallRules: [{B621F2D5-7E53-47E4-9754-108218CCFF4C}] => (Allow) LPort=9009
FirewallRules: [{EFBE7C32-FD25-44BA-9FCC-0D2B2DEA78FB}] => (Allow) LPort=9009
FirewallRules: [{A4277D08-D8CC-4B59-945E-75E69376BF7F}] => (Allow) LPort=9009
FirewallRules: [{2F71CA51-3C2F-43D1-9FBF-DC8071373F8B}] => (Allow) LPort=9009
FirewallRules: [{90017C64-77F2-4B7E-BACE-B16B4BD72DC0}] => (Allow) LPort=9009
FirewallRules: [{820E7033-1214-451E-9095-D89B7F45554E}] => (Allow) LPort=9009
FirewallRules: [{066CBC42-A388-426A-9C0B-E4A048CD421F}] => (Allow) LPort=9009
FirewallRules: [{FBFF6A17-6EE5-4AAF-AD72-5AC196793A1F}] => (Allow) LPort=9009
FirewallRules: [{8BCB585C-6655-47CD-9DAE-AFA4E75135B1}] => (Allow) LPort=9009
FirewallRules: [{3376A03F-DF5C-40F2-8254-EED8534785A1}] => (Allow) LPort=9009
FirewallRules: [{58257539-CDC4-43FD-A13D-DF181470945F}] => (Allow) LPort=9009
FirewallRules: [{4916E335-94B0-4F16-9638-630029D82765}] => (Allow) LPort=9009
FirewallRules: [{7871F8D0-902E-43D8-9F8B-635B9CC9DF33}] => (Allow) LPort=9009
FirewallRules: [{78D12E41-5E73-42F1-BD5F-A47545F74A17}] => (Allow) C:\Users\breck\AppData\Local\Temp\RarSFX0\Lexmark_ScanBack\install\x64\installgui.exe => No File
FirewallRules: [{684E1FB1-32D4-42AF-B965-E9C8CE35DADC}] => (Allow) C:\Users\breck\AppData\Local\Temp\RarSFX0\Lexmark_ScanBack\install\x64\installgui.exe => No File
FirewallRules: [TCP Query User{091E29A4-8009-4227-8ED9-7438DF46D5A0}C:\program files (x86)\lexmark scanback utility\scanwiz.exe] => (Allow) C:\program files (x86)\lexmark scanback utility\scanwiz.exe (Lexmark International, Inc.) [File not signed]
FirewallRules: [UDP Query User{28AD532C-F849-4098-8C2F-7A7A565C1CA7}C:\program files (x86)\lexmark scanback utility\scanwiz.exe] => (Allow) C:\program files (x86)\lexmark scanback utility\scanwiz.exe (Lexmark International, Inc.) [File not signed]
FirewallRules: [{C81C9F21-3200-4B9B-99C0-1356CFD3C2A2}] => (Allow) LPort=9009
FirewallRules: [{94D719F7-3F18-49F9-B298-01567F253914}] => (Allow) LPort=9009
FirewallRules: [{FC00631A-7263-4738-B953-1EF8D15E9093}] => (Allow) LPort=9009
FirewallRules: [{F7C4ACCE-423E-4685-85C5-874E26D7EE9C}] => (Allow) LPort=9009
FirewallRules: [{566E9EFC-9DAE-4589-A213-8355E51B3B5A}] => (Allow) LPort=9009
FirewallRules: [{9BD961F9-B9A4-40B3-ABB7-4618D51C3E65}] => (Allow) LPort=9009
FirewallRules: [{33D85EBC-2782-4553-A554-9A854DDD8FBB}] => (Allow) LPort=9009
FirewallRules: [{C99150D5-2A1D-4AEE-A11D-88204029763B}] => (Allow) LPort=9009
FirewallRules: [{0767AD2F-1F0C-4DF8-A9B4-9B19C83FCBBC}] => (Allow) LPort=9009
FirewallRules: [{669EBD1F-9092-4014-8DD4-8CF27A9283DE}] => (Allow) LPort=9009
FirewallRules: [{54117156-C301-4403-9F52-08882C98D8F3}] => (Allow) LPort=9009
FirewallRules: [{C3299A3B-1179-4C74-B083-83AA61E059A2}] => (Allow) LPort=9009
FirewallRules: [{E1C0D7E9-63FB-4406-9CD2-7BEB0FF37709}] => (Allow) LPort=9009
FirewallRules: [{5F52BC32-7B26-489B-81BA-A6125E7EAC13}] => (Allow) LPort=9009
FirewallRules: [{1BA6387F-7968-4F1C-B6D4-9E24082F4C51}] => (Allow) LPort=9009
FirewallRules: [{E4E84E2E-6ACF-43E6-A65C-21EBEE1B2913}] => (Allow) LPort=9009
FirewallRules: [{3F04B393-5856-49A8-8D53-FDC952C87DDB}] => (Allow) LPort=9009
FirewallRules: [{C4735458-E27C-46BB-8BBB-86C2AD754126}] => (Allow) LPort=9009
FirewallRules: [{8BD383C7-2197-4FE7-8D5A-D6B9D74444DD}] => (Allow) LPort=9009
FirewallRules: [{4D483D7C-E0F7-48F9-BC5B-3103A774C9EA}] => (Allow) LPort=9009
FirewallRules: [{0EE3A5CF-B41F-4A8B-87D3-95361DF1B180}] => (Allow) LPort=9009
FirewallRules: [{3986697F-ED21-4A27-9CA5-E46B3655CCCE}] => (Allow) LPort=9009
FirewallRules: [{A6748CF7-6FD4-4589-B2E8-AB3AA21004D6}] => (Allow) LPort=9009
FirewallRules: [{EF22B5A8-32CB-420D-B15B-7C79D52CC7FB}] => (Allow) LPort=9009
FirewallRules: [{6AB1A857-DCD8-4BB4-9B5D-D6AC9D55D6E5}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{55BAD83F-F344-4361-9B0C-1F608F5099E4}D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [UDP Query User{CFFDB9C0-683B-46AC-A8A6-C0DC1021CA64}D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [{F9A11E99-D791-496A-B8EF-090B390FF55F}] => (Allow) LPort=9009
FirewallRules: [{7076D69F-CF35-41CB-B1E8-E518BAC0BF88}] => (Allow) LPort=9009
FirewallRules: [{149A687E-11A5-4949-AA38-049B79DC47DD}] => (Allow) LPort=9009
FirewallRules: [{E998913E-2FF5-4B67-A862-FB76DD143E9B}] => (Allow) LPort=9009
FirewallRules: [{D63A561E-714F-4162-BBB0-100ED14BD9CE}] => (Allow) LPort=9009
FirewallRules: [{81749375-1DBA-47F8-94B2-1D373181C14C}] => (Allow) LPort=9009
FirewallRules: [{E6488357-9C51-4803-AB1F-D0AC2E60BCFE}] => (Allow) LPort=9009
FirewallRules: [{771B589D-76C5-4729-A52D-2BAD87B5FBA6}] => (Allow) LPort=9009
FirewallRules: [{82AFDEBD-22F4-4767-BAD1-27654B90D694}] => (Allow) LPort=9009
FirewallRules: [{29F87E09-CF11-4C91-872B-3C15A9A3C518}] => (Allow) LPort=9009
FirewallRules: [{8F0AA8E5-D631-432C-8CB0-0ADF9807645C}] => (Allow) LPort=9009
FirewallRules: [{9C5B5645-677A-48E4-9261-7CB557ECF9A4}] => (Allow) LPort=9009
FirewallRules: [{C43DF4F4-C50D-488E-8B7C-166F4842C3C0}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\America's Army\AAPG\Binaries\Win32\AAGame.exe => No File
FirewallRules: [{2584195E-947B-4F47-BEC8-C4597C1DC60A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\America's Army\AAPG\Binaries\Win32\AAGame.exe => No File
FirewallRules: [{8D05BE14-AD1C-42F2-B648-AFAA4BDEEF1C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\America's Army\AAPG\Binaries\Win32\AALauncher32.exe => No File
FirewallRules: [{14F3870B-E6C1-469F-8D1C-FE8C3BFF0C2B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\America's Army\AAPG\Binaries\Win32\AALauncher32.exe => No File
FirewallRules: [{295A91AF-A791-4579-A31D-2172F9B21962}] => (Allow) LPort=9009
FirewallRules: [{6C3FA26C-87DF-4F6C-9B25-AEFD5E088C0A}] => (Allow) LPort=9009
FirewallRules: [{B5577A04-D206-406F-8BFA-DB32B64168DE}] => (Allow) LPort=9009
FirewallRules: [{73F13EE0-34B2-496D-A90B-98E85ED815C5}] => (Allow) LPort=9009
FirewallRules: [{20424EAE-41BD-40FD-9C34-B3BD3BD06A87}] => (Allow) LPort=9009
FirewallRules: [{BC14AEAE-1989-48F1-9911-00748D35EB45}] => (Allow) LPort=9009
FirewallRules: [{DF002568-14F8-4C79-861C-B60ED335FD66}] => (Allow) LPort=9009
FirewallRules: [{4E80B37C-8085-4B13-8474-1E0CB9BC983C}] => (Allow) LPort=9009
FirewallRules: [{46D43434-D5CD-43CD-8DB4-764A0557B0EB}] => (Allow) LPort=9009
FirewallRules: [{A2A6FCEF-EADD-413B-9E70-1BD32A09C8AA}] => (Allow) LPort=9009
FirewallRules: [{24603B19-A05E-4EB7-B349-5914428382E0}] => (Allow) LPort=9009
FirewallRules: [{E94B213C-29CE-4F83-B67D-33AB8A8BCA75}] => (Allow) LPort=9009
FirewallRules: [{F0B10955-100B-4139-9F2B-58281BADB4C0}] => (Allow) LPort=9009
FirewallRules: [{E971DABB-E6B4-4D38-A2E0-624C5771D4B0}] => (Allow) LPort=9009
FirewallRules: [{55D142E8-FCED-4844-99BE-C1E063245CDF}] => (Allow) LPort=9009
FirewallRules: [{D6480C73-1E1A-43B0-9334-EDCC0E37BFFA}] => (Allow) LPort=9009
FirewallRules: [{010BFC94-7439-4386-AD14-E8C4D41BCEE5}] => (Allow) LPort=9009
FirewallRules: [{EEF48264-0ACB-45B0-A46B-E744F2D22A47}] => (Allow) LPort=9009
FirewallRules: [{A4C6E468-602D-4F90-A382-031CF1B06531}] => (Allow) LPort=9009
FirewallRules: [{FFAB8CED-72ED-4CB3-8917-A088A317E609}] => (Allow) LPort=9009
FirewallRules: [{13C00A83-5876-413D-83DF-7932F8349CCE}] => (Allow) LPort=9009
FirewallRules: [{2D3FBE9E-4B43-4E5F-9162-0B0B7C33F9DB}] => (Allow) LPort=9009
FirewallRules: [{55BE2031-8E54-4574-9FF7-1A4F88248AA6}] => (Allow) LPort=9009
FirewallRules: [{D9D50683-83AB-4EF9-9789-0D3938B7ED3F}] => (Allow) LPort=9009
FirewallRules: [{71B7AF74-4394-4CC5-BBA5-424A49A15541}] => (Allow) LPort=9009
FirewallRules: [{FFB6B7D8-BF6D-4C23-9C8C-DD91FB00483B}] => (Allow) LPort=9009
FirewallRules: [{50BE1498-BA38-44D5-BF8F-A91C9406FE54}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Golf It!\GolfIt.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{43D54A71-9AFC-4C3D-BD69-E5F780FC18D9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Golf It!\GolfIt.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{4E966511-D1C7-43C7-9B00-0266EED7F518}] => (Allow) LPort=9009
FirewallRules: [{01C8DE54-4D99-4DAD-BF00-69EB7CBFFA64}] => (Allow) LPort=9009
FirewallRules: [{B546B287-B88B-4036-91A9-440075474E2D}] => (Allow) LPort=9009
FirewallRules: [{6714BD98-051E-4A07-911B-2A416FA01E87}] => (Allow) LPort=9009
FirewallRules: [{24BDCF9B-0464-44EB-AA49-5AA8F99E3416}] => (Allow) LPort=9009
FirewallRules: [{3FD6C861-613A-4B15-88B9-C5FA88AC3592}] => (Allow) LPort=9009
FirewallRules: [{26CE3AC0-15BE-4E42-8BC3-735A5FF13FBA}] => (Allow) LPort=9009
FirewallRules: [{F3A91291-785C-4EAF-ADC1-D47DA570B981}] => (Allow) LPort=9009
FirewallRules: [{6A664C23-CAB4-4BC0-AF16-C5BB91DEFC7D}] => (Allow) LPort=9009
FirewallRules: [{BB52198C-8A96-44C8-826F-6DD9935B61E0}] => (Allow) LPort=9009
FirewallRules: [{191B330B-0A77-4D79-9D17-AB4F6DC8D974}] => (Allow) LPort=9009
FirewallRules: [{4F9E31DF-8F5C-4D27-B52C-C3DD8F6F2AD7}] => (Allow) LPort=9009
FirewallRules: [{B9544A53-B001-4123-98CF-5454F545B819}] => (Allow) LPort=9009
FirewallRules: [{54FE47C1-7F60-4FCC-8AB2-D374E311356E}] => (Allow) LPort=9009
FirewallRules: [{8050E7E8-993C-4086-9F2D-6A3898C822E4}] => (Allow) LPort=9009
FirewallRules: [{83BE124F-E91E-4DA3-9326-1FC5DD3F61CE}] => (Allow) LPort=9009
FirewallRules: [{631D1789-19F8-471A-96E0-072A72DFF159}] => (Allow) LPort=9009
FirewallRules: [{C7BDA1A9-CAD0-4A8F-86DA-D43F29837031}] => (Allow) LPort=9009
FirewallRules: [{55279082-F4FD-4E84-805C-98B0687F896F}] => (Allow) LPort=9009
FirewallRules: [{85698697-089B-4FE3-BADA-FE17FFCA5713}] => (Allow) LPort=9009
FirewallRules: [{CC2FA2B1-9B30-480C-A46E-B3D4E4DEEC55}] => (Allow) LPort=9009
FirewallRules: [{B8A99735-57CB-47FA-99B0-268FD1128CC0}] => (Allow) LPort=9009
FirewallRules: [{62C20528-44C6-4661-8A65-71E2DD5D4824}] => (Allow) LPort=9009
FirewallRules: [{28F23DE8-99EC-45AB-9D08-1FC3138D9B23}] => (Allow) LPort=9009
FirewallRules: [{30ECB151-7FDC-4688-A589-A0E1BA4388F5}] => (Allow) LPort=9009
FirewallRules: [{41968AD0-F8A2-4A3A-B2D8-4D540281F59D}] => (Allow) LPort=9009
FirewallRules: [{30D37CBA-BA00-4D6D-89F1-2629D5282526}] => (Allow) LPort=9009
FirewallRules: [{1A0272BC-7348-4BA6-BA68-8EEDBCCD6400}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{E987E9F8-3BDA-4CC9-B7F4-A9B878B8E3FB}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{DC5BA5DA-B1DB-424A-B5F6-1AB5FB0A6D9A}] => (Allow) LPort=9009
FirewallRules: [{A3FA4823-E5DA-4E41-84BA-E6512F1249B6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{EFE5D44B-4499-43F9-9471-03DD4D852A9E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Escape Simulator\Escape Simulator.exe () [File not signed]
FirewallRules: [{892E038F-C78E-4222-8B7B-7C9313A99DBD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Escape Simulator\Escape Simulator.exe () [File not signed]
FirewallRules: [{BC0E25AC-F216-4895-A926-8DBB6E2A9FFF}] => (Allow) LPort=9009
FirewallRules: [{FB51BB1D-85BF-4684-AA50-AF5431A99B85}] => (Allow) LPort=9009
FirewallRules: [{204715FF-5B78-40D6-925C-D8C26B939E4E}] => (Allow) LPort=9009
FirewallRules: [{766A9E90-490C-4E67-B258-CCF338935629}] => (Allow) LPort=9009
FirewallRules: [{DC955F45-92A5-461F-BBC2-43AD1C418CAE}] => (Allow) LPort=9009
FirewallRules: [{263F9109-5C99-4C36-A093-46B1D9F716A1}] => (Allow) LPort=9009
FirewallRules: [{67AB0E23-C958-4482-B1BD-54BECB1EE8CC}] => (Allow) LPort=9009
FirewallRules: [{C69B49A6-5A9E-4C61-A14D-0634B9AD2557}] => (Allow) LPort=9009
FirewallRules: [{9F85C87C-6E67-4A45-B7B9-022F296B0CF4}] => (Allow) LPort=9009
FirewallRules: [{83F36390-785C-47F8-8CDD-781900C3F0A2}] => (Allow) LPort=9009
FirewallRules: [{871C9CAB-C517-43A5-B66D-0EBCA060D283}] => (Allow) LPort=9009
FirewallRules: [{4C6D15CD-AF0A-4D74-9E81-4110647AD7C7}] => (Allow) LPort=9009
FirewallRules: [{D6CA1497-1CD2-493F-86FA-A322CB9D8CA8}] => (Allow) LPort=9009
FirewallRules: [{71FD29AB-96F9-43DD-9CE8-069C690651C9}] => (Allow) LPort=9009
FirewallRules: [{CDBAF712-8298-4B0F-91BE-9E397C72D3A9}] => (Allow) LPort=9009
FirewallRules: [{297A4A8E-D9C4-422E-88EE-2C1DFDE70762}] => (Allow) LPort=9009
FirewallRules: [{3F946B89-1C29-4C38-8161-333160739A30}] => (Allow) LPort=9009
FirewallRules: [{838B4C92-5B93-404F-A45A-EED7B34A4F67}] => (Allow) LPort=9009
FirewallRules: [{70742C0A-B943-439D-946A-2C396F40694A}] => (Allow) LPort=9009
FirewallRules: [{396365F2-B43E-4EAF-B936-D1A38A63E617}] => (Allow) LPort=9009
FirewallRules: [{76F10BEE-1F72-48DC-91AE-63ED6372A070}] => (Allow) LPort=9009
FirewallRules: [{BB4A23E0-0F97-4521-96A4-6BBEE012EFF7}] => (Allow) LPort=9009
FirewallRules: [{41C6CE1C-07FC-4D89-BAB8-907AB24D1D12}] => (Allow) LPort=9009
FirewallRules: [{55F0CDDE-793F-441F-8D4A-9F2A216EEC5D}] => (Allow) LPort=9009
FirewallRules: [{754505EC-14A9-449F-9FED-BB834BCE25F3}] => (Allow) LPort=9009
FirewallRules: [{41925A7E-1671-420B-81D9-BF967FD97C1A}] => (Allow) LPort=9009
FirewallRules: [{5938E3AC-8246-4A18-A678-52B8D0A202FE}] => (Allow) LPort=9009
FirewallRules: [{67A65191-6C40-4453-B20B-29E1654BD11E}] => (Allow) LPort=9009
FirewallRules: [{0AF9AE9B-B457-47C2-90D8-A17D8979182D}] => (Allow) LPort=9009
FirewallRules: [{430BB21F-7F47-4459-89A7-90BE37D1F0B0}] => (Allow) LPort=9009
FirewallRules: [{52292451-5F2C-4E00-9703-C7ED71829A51}] => (Allow) LPort=9009
FirewallRules: [{E80C298F-5925-4ABF-99A7-BED7430DAB83}] => (Allow) LPort=9009
FirewallRules: [{B71A5785-F8AE-4BCD-90EF-3FA270E921CC}] => (Allow) LPort=9009
FirewallRules: [{91B067AE-D658-4A21-928B-0674704C0320}] => (Allow) LPort=9009
FirewallRules: [{E6BA8FDC-1A2C-4948-8CA6-CE702D62CAD0}] => (Allow) LPort=9009
FirewallRules: [{97E21229-7D13-4D5E-8C57-09F969979ED7}] => (Allow) LPort=9009
FirewallRules: [{20DD47F1-7F12-4FB8-B157-2AE2DDDFA9AC}] => (Allow) LPort=9009
FirewallRules: [{46698E00-83CB-486C-9CBF-0ED1743ACBC8}] => (Allow) LPort=9009
FirewallRules: [{1A04BC9E-B704-4953-A93B-2E8DAA9B6911}] => (Allow) LPort=9009
FirewallRules: [{148863AC-6786-469D-BDE1-4C77A0D736AF}] => (Allow) LPort=9009
FirewallRules: [{793E21EA-B743-4B52-B8C2-9EF81ADF0AEE}] => (Allow) LPort=9009
FirewallRules: [{0325ECAF-F1C1-489C-BF34-7A69FFD95081}] => (Allow) LPort=9009
FirewallRules: [{23274B5C-2875-46B2-A9ED-2747DB6639FF}] => (Allow) LPort=9009
FirewallRules: [{8A859328-4B00-45D1-80D1-1D14027ADA5F}] => (Allow) LPort=9009
FirewallRules: [{6270238E-E765-46B7-810F-7E273605A797}] => (Allow) LPort=9009
FirewallRules: [{8D02DD2C-8524-495E-8C53-F78ACD98EF42}] => (Allow) LPort=9009
FirewallRules: [{BF787B64-604A-45A5-B037-DA50AFD06EF0}] => (Allow) LPort=9009
FirewallRules: [{9A5EC865-C911-4C8E-B783-4F3C573D572E}] => (Allow) LPort=9009
FirewallRules: [{B7BDD8CF-99B4-426F-9FF1-D461A6AC1062}] => (Allow) LPort=9009
FirewallRules: [{A49B07BB-B744-4079-87F3-E20A67FA3947}] => (Allow) LPort=9009
FirewallRules: [{EB9EA4E2-892D-4B1E-B9C7-17E3B0F61567}] => (Allow) LPort=9009
FirewallRules: [{3E7B1A99-8762-4FDC-9782-D78CE540AE7E}] => (Allow) LPort=9009
FirewallRules: [{5BEA7E2C-3D53-411D-8A31-63A4B129E7E1}] => (Allow) LPort=9009
FirewallRules: [{E2E6C212-6493-4FC5-8D19-B2E407F0502B}] => (Allow) LPort=9009
FirewallRules: [{3F1510A2-D21F-4288-B8A3-3C628AA61B33}] => (Allow) LPort=9009
FirewallRules: [{604F2E33-00F2-4ED2-A2AD-F305D346BA85}] => (Allow) LPort=9009
FirewallRules: [{67050EF2-7156-460A-9FBD-008B97FDDDCC}] => (Allow) LPort=9009
FirewallRules: [{1CA2A976-DD66-4755-9D01-092DDC50DF18}] => (Allow) LPort=9009
FirewallRules: [{D6FF8E5D-8C53-4692-B3E1-0DF048B0C755}] => (Allow) LPort=9009
FirewallRules: [{BE9E3662-A0AB-43A3-BB13-B03D2D828DDC}] => (Allow) LPort=9009
FirewallRules: [{2F07DAC1-2A24-4E42-AA72-08585886E7EC}] => (Allow) LPort=9009
FirewallRules: [{1E90E689-2816-4682-979C-89AD47625168}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{8617C1E1-037B-4758-8D67-33215002042D}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{1CC665AD-37C6-409F-B7C2-DDE59BD48816}] => (Allow) LPort=9009
FirewallRules: [{6268BFB5-5D1A-4E09-AAD5-3084E6659402}] => (Allow) LPort=9009
FirewallRules: [{4DCFBB07-717A-4911-87FA-E8CDBA08DDDF}] => (Allow) LPort=9009
FirewallRules: [{82762C9F-E5D9-414E-9CA8-E6B83499EA91}] => (Allow) LPort=9009
FirewallRules: [{B8DAB122-A78F-4B7D-B6BA-26B47387EE32}] => (Allow) LPort=9009
FirewallRules: [{AF2AEBD8-C976-45FE-A37A-4D0C7BC57771}] => (Allow) LPort=9009
FirewallRules: [{516E0CE1-EF13-435A-BAE6-09E51BC7793A}] => (Allow) LPort=9009
FirewallRules: [{7DF706B5-6AA4-450F-8251-2D45D611643C}] => (Allow) LPort=9009
FirewallRules: [{C1A0D906-549D-41FD-BD07-70D5530683D9}] => (Allow) C:\Users\breck\AppData\Local\Temp\RarSFX0\Lexmark_ScanBack\install\x64\installgui.exe => No File
FirewallRules: [{B4C4E1CF-B186-4F10-92A1-901E63699907}] => (Allow) C:\Users\breck\AppData\Local\Temp\RarSFX0\Lexmark_ScanBack\install\x64\installgui.exe => No File
FirewallRules: [{30D300CB-5D99-42EE-9FCE-278D31288DE3}] => (Allow) LPort=9009
FirewallRules: [{D75A2148-4AB7-485B-9E0C-B23EB6A1F578}] => (Allow) LPort=9009
FirewallRules: [{2A8F08A3-41E7-4257-B941-5DD9464ABDBA}] => (Allow) LPort=9009
FirewallRules: [{FB3EF199-DC91-4C22-B1B6-6DFEDC2031EC}] => (Allow) LPort=9009
FirewallRules: [{D18E88B5-A774-444B-992A-D1DB036DB860}] => (Allow) LPort=9009
FirewallRules: [{388B5515-734F-4830-AF88-FFE0CFCC4D8B}] => (Allow) LPort=9009
FirewallRules: [{5C42C0B6-3E0C-4DBD-B37F-C1D60D2BF9F8}] => (Allow) LPort=9009
FirewallRules: [{665F370D-938F-49A3-8EF2-47604E07F5D2}] => (Allow) LPort=9009
FirewallRules: [{F62417E9-11AC-426D-BB4F-9C6CA5DE3A0F}] => (Allow) LPort=9009
FirewallRules: [{81F8935A-5719-4B91-BC4D-423A6D522EC4}] => (Allow) LPort=9009
FirewallRules: [{764F210F-B1D7-43E6-A2C3-1B80E9E629F1}] => (Allow) LPort=9009
FirewallRules: [{517CE802-FF93-4489-BD1D-929498F4E009}] => (Allow) LPort=9009
FirewallRules: [{E9858A63-A7ED-411B-9374-457318EF9956}] => (Allow) LPort=9009
FirewallRules: [{896C5A0A-BE6D-46AA-A48B-DF364D679C0F}] => (Allow) LPort=9009
FirewallRules: [{5FA10020-2CE2-4054-A11D-5D30845CD010}] => (Allow) LPort=9009
FirewallRules: [{268C3827-2233-4971-9489-F5E70918B8F2}] => (Allow) LPort=9009
FirewallRules: [{3D6AC8B0-679C-4D68-B2BC-7EE584023ECA}] => (Allow) LPort=9009
FirewallRules: [{C2FA5745-E983-4C09-9AF9-53BE344643B6}] => (Allow) LPort=9009
FirewallRules: [{CD701DB2-0267-49C0-9537-D7126C7AFCD3}] => (Allow) LPort=9009
FirewallRules: [{8C9E500C-B46F-4425-BA07-D157F6A80FB7}] => (Allow) LPort=9009
FirewallRules: [{58E777AF-7F4C-4021-A4F0-720CB643C78E}] => (Allow) LPort=9009
FirewallRules: [{B71B76D5-4C23-4DB8-9019-2881340622C6}] => (Allow) LPort=9009
FirewallRules: [{4A917577-A4AD-42E8-8BCF-5D5B76F4192C}] => (Allow) LPort=9009
FirewallRules: [{46329B30-40D9-40C0-9198-0CEEC06DF201}] => (Allow) LPort=9009
FirewallRules: [{B43FFC3C-81EC-403F-89A5-0D122DAA87AC}] => (Allow) LPort=9009
FirewallRules: [{C4B19CF0-1C4D-45E2-AF58-85265F294F3C}] => (Allow) LPort=9009
FirewallRules: [{9D6630D8-22E0-4D57-8C13-8664EBA3DD9C}] => (Allow) LPort=9009
FirewallRules: [{8967AB50-D375-4C54-95BA-9D73AAE1634D}] => (Allow) LPort=9009
FirewallRules: [{AED4DF14-AAC8-45EF-87FE-96F4CE1E3BA5}] => (Allow) LPort=9009
FirewallRules: [{0A5DA616-96D2-466B-84DC-D347D061A521}] => (Allow) LPort=9009
FirewallRules: [{CE974F8E-1433-4775-BF33-F36B6C4E5E63}] => (Allow) LPort=9009
FirewallRules: [{A64A50C9-DF50-44FC-996D-37137B2FBFF7}] => (Allow) LPort=9009
FirewallRules: [{E4339CE4-8FF9-42D3-9D9A-EDFB5BC0F50C}] => (Allow) LPort=9009
FirewallRules: [{5264732E-7204-44ED-BA84-298F38C77729}] => (Allow) LPort=9009
FirewallRules: [{1BB43372-55D3-426C-9A16-60009187A9C3}] => (Allow) LPort=9009
FirewallRules: [{046DBD8E-E819-4489-9461-5D2F1B35AD62}] => (Allow) LPort=9009
FirewallRules: [{D6E7D65E-B849-49C8-9313-F87E786DBA08}] => (Allow) LPort=9009
FirewallRules: [{189CC407-CD33-4B92-A458-8AD8498FE001}] => (Allow) LPort=9009
FirewallRules: [{4E285595-92B6-4139-A7BA-5028C2E8A482}] => (Allow) LPort=9009
FirewallRules: [{C7272970-6162-40A4-B087-D79BFBBDF5DC}] => (Allow) LPort=9009
FirewallRules: [{144CEE61-57E9-4238-B159-EC176B230D56}] => (Allow) LPort=9009
FirewallRules: [{A65827FC-DD7B-4754-9B20-6AEF88C1DE56}] => (Allow) LPort=9009
FirewallRules: [{D9719CEB-5E72-4B15-89BC-D2FE382BEBF7}] => (Allow) LPort=9009
FirewallRules: [{13EF6A4A-78E7-4B12-ADAD-B8C74FAC418E}] => (Allow) LPort=9009
FirewallRules: [{025C14EF-DCB2-4575-BEE3-46A7F25F858F}] => (Allow) LPort=9009
FirewallRules: [{D5FBEA77-3382-425B-84CD-8D43599117F3}] => (Allow) LPort=9009
FirewallRules: [{8CC7D018-3B3F-4D02-A5C4-0D7E2C026F05}] => (Allow) LPort=9009
FirewallRules: [{7796BBAD-CEDB-4AEB-A571-83320DA060F3}] => (Allow) LPort=9009
FirewallRules: [{BA8C192B-3FB1-4390-B9CC-5B51C4822895}] => (Allow) LPort=9009
FirewallRules: [{B51D3771-AD96-4E83-96F6-B06C6411A715}] => (Allow) LPort=9009
FirewallRules: [{BCA865AF-4892-4F9F-B0AC-A5D8D4F9155D}] => (Allow) LPort=9009
FirewallRules: [{9037CC43-DC6F-4E6E-8859-62CAF142C3FE}] => (Allow) LPort=9009
FirewallRules: [{82F9F58B-7A95-4DE3-86A0-A126FAB7186D}] => (Allow) LPort=9009
FirewallRules: [{99CB7152-E6E1-4046-ADF1-B1EDADE442DA}] => (Allow) LPort=9009
FirewallRules: [{984C651B-9D12-4126-8553-30058EB4838D}] => (Allow) LPort=9009
FirewallRules: [{E348FB82-E4F0-4889-97E3-803788CD7482}] => (Allow) LPort=9009
FirewallRules: [{15D6B7E9-F03E-49C3-8727-D987BE1C4128}] => (Allow) LPort=9009
FirewallRules: [{34E557FB-E103-4F23-B159-B5C62CBCB246}] => (Allow) LPort=9009
FirewallRules: [{75244806-E4B2-4BFD-BDF8-A3681405A0F6}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{77B651BE-9E16-4FE7-986F-0FDD9DF24979}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{D8F01AB7-36D8-46A9-A0DC-06E35E8F526F}] => (Allow) LPort=9009
FirewallRules: [{C53270E2-6522-4B72-8CF9-D11B4630A908}] => (Allow) LPort=9009
FirewallRules: [{15087DC4-8435-43CA-809D-EA8A28D1F2EC}] => (Allow) LPort=9009
FirewallRules: [{01E95CCA-D66F-4BEE-A75C-2460CC426E1D}] => (Allow) LPort=9009
FirewallRules: [{BA21A15D-EA2F-4DCF-B315-A34CE7CF2823}] => (Allow) LPort=9009
FirewallRules: [{587866E8-CE9B-415A-BD37-387C92F1BF42}] => (Allow) LPort=9009
FirewallRules: [{678B08E8-1573-4CFD-98CC-4D8D50112EED}] => (Allow) LPort=9009
FirewallRules: [{3C10E305-4970-4EA7-B8D2-F86F7618DBC4}] => (Allow) LPort=9009
FirewallRules: [{CAF945C2-36F9-4F6E-B58A-1DDFF732CD86}] => (Allow) LPort=9009
FirewallRules: [{E9FE5DF3-7DF8-49A7-90BA-9EA5FDC95092}] => (Allow) LPort=9009
FirewallRules: [{C30EFED3-F848-4186-BE0C-B2F1FE5E67CA}] => (Allow) LPort=9009
FirewallRules: [{CD2DA24B-3191-4178-AD0F-FF6C83BBBA50}] => (Allow) LPort=9009
FirewallRules: [{B1E520FF-172A-414E-9045-C5114B295B67}] => (Allow) LPort=9009
FirewallRules: [{58725448-578B-48D0-AE8A-A9A9132EC9A9}] => (Allow) LPort=9009
FirewallRules: [{3334914A-AA63-405D-B6FA-65751D5B0415}] => (Allow) LPort=9009
FirewallRules: [{D20AD30F-B935-4865-B05B-045FBC31603A}] => (Allow) LPort=9009
FirewallRules: [{53C36725-3AC7-407E-8442-9244AA7B1D21}] => (Allow) LPort=9009
FirewallRules: [{026ACDD8-271B-42C6-B4B3-9C7218A16A94}] => (Allow) LPort=9009
FirewallRules: [{582CC10C-D589-4602-AC09-9998AF151078}] => (Allow) LPort=9009
FirewallRules: [{EA45CE50-A61C-4C2F-8009-BCF378C879CB}] => (Allow) LPort=9009
FirewallRules: [{6EF2CA7B-43E2-4C53-BC55-ED2895FD2619}] => (Allow) LPort=9009
FirewallRules: [{F39F85F9-390B-4AF8-9169-95B1704B9749}] => (Allow) LPort=9009
FirewallRules: [{BBF15945-853E-42E6-BD41-2BCDA99D4FDA}] => (Allow) LPort=9009
FirewallRules: [{1BB39F5A-7B7C-41C3-B283-3353F03B9839}] => (Allow) LPort=9009
FirewallRules: [{C539A4BD-B13D-474B-9AFE-5CB96D8AEC6F}] => (Allow) LPort=9009
FirewallRules: [{00A23409-C584-4376-B5BF-95AE8A3CA29D}] => (Allow) LPort=9009
FirewallRules: [{9C1735A3-4A44-4EB8-BBED-96BCE8D586FB}] => (Allow) LPort=9009
FirewallRules: [{294A10EB-DFE5-45A6-8611-79D26EFA1C81}] => (Allow) LPort=9009
FirewallRules: [{DF0B5A8B-C3EA-4615-A363-8B284439FB22}] => (Allow) LPort=9009
FirewallRules: [{0706FB60-4A82-4CE5-B1CE-39CC54A8AD5F}] => (Allow) LPort=9009
FirewallRules: [{4491A0A9-149C-4220-8E61-8A3685807AD2}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{F2EC9327-438D-46F7-AAE5-0FDBCDB290E0}C:\games\world_of_tanks_na\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_na\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{15F2D522-367C-41B2-911E-3A696D628D67}C:\games\world_of_tanks_na\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_na\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{7D748AE2-8E0E-4CBD-A26E-1508804E51E5}] => (Allow) LPort=9009
FirewallRules: [{EEA5A535-2900-42E7-BDCE-7DF3D87E8B2A}] => (Allow) LPort=9009
FirewallRules: [{DC210AAF-0A9E-4345-931E-A3D2469F0982}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{3D39D1CC-959F-48F7-8B32-82187130A55B}D:\program files (x86)\steam\steamapps\common\awayout\haze1\binaries\win64\awayout.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\awayout\haze1\binaries\win64\awayout.exe => No File
FirewallRules: [UDP Query User{5EE80A1F-B015-4265-BE23-6ABA954E8DEA}D:\program files (x86)\steam\steamapps\common\awayout\haze1\binaries\win64\awayout.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\awayout\haze1\binaries\win64\awayout.exe => No File
FirewallRules: [{D5DA73F6-2918-4649-A26D-8B3476C31825}] => (Allow) LPort=9009
FirewallRules: [{D8A7A337-AF2F-4030-BA28-FFB14519D20B}] => (Allow) LPort=9009
FirewallRules: [{4C7960F5-628B-4672-AECC-277EEAF9AECE}] => (Allow) LPort=9009
FirewallRules: [{2614EEF9-313F-4E5A-BB95-BF8A9A72E728}] => (Allow) LPort=9009
FirewallRules: [{A06C32EB-E1B7-439A-9613-13B4646EB9D8}] => (Allow) LPort=9009
FirewallRules: [{4F72130C-172C-4B74-904B-11AC6D3A02BB}] => (Allow) LPort=9009
FirewallRules: [{12DFCCE8-136B-47C3-A348-A1972A2983EA}] => (Allow) LPort=9009
FirewallRules: [{B6BE02F8-A755-49C8-AC85-DF6793DF8F6F}] => (Allow) LPort=9009
FirewallRules: [{99A8FF2B-6DE9-4260-82CF-C66A39884FF2}] => (Allow) LPort=9009
FirewallRules: [{67A80B37-CF22-4A12-958A-C14514B719C3}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\theHunter\launcher\launcher.exe => No File
FirewallRules: [{B80E42A6-A830-4CED-BD14-F2EBBBFD4045}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\theHunter\launcher\launcher.exe => No File
FirewallRules: [{88F271A6-2D12-4637-B5B5-0B6829EE0763}] => (Allow) LPort=9009
FirewallRules: [{237A447D-34C6-494B-9D9A-293386499BDA}] => (Allow) LPort=9009
FirewallRules: [{141E062E-B5FC-4286-BA22-503B25D1497D}] => (Allow) LPort=9009
FirewallRules: [{3DC6D3E8-0E63-4930-AFAB-569C7345B000}] => (Allow) LPort=9009
FirewallRules: [{A69F8562-41A0-4917-88D4-5BBE9996BE6D}] => (Allow) LPort=9009
FirewallRules: [{D7C07220-C97F-45F3-A2B3-1F0FA9E0AB15}] => (Allow) LPort=9009
FirewallRules: [{2B7DB38D-4A39-41C8-8883-1589AE15C741}] => (Allow) LPort=9009
FirewallRules: [{C5F417F5-1862-481C-8920-BC0823AF8C5B}] => (Allow) LPort=9009
FirewallRules: [{ACEF4FB6-2FE0-4871-A238-5145E14FA538}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{B64E8F76-5356-4DAA-8A05-AE9B26FC1390}C:\program files (x86)\altserver\altserver.exe] => (Allow) C:\program files (x86)\altserver\altserver.exe => No File
FirewallRules: [UDP Query User{14088169-6987-4FA1-A460-4465C81CFB55}C:\program files (x86)\altserver\altserver.exe] => (Allow) C:\program files (x86)\altserver\altserver.exe => No File
FirewallRules: [{0F81B200-0830-486B-8F56-630EB5313331}] => (Allow) LPort=9009
FirewallRules: [{56A2651C-11F5-4845-91DB-B0FC25D0E1D8}] => (Allow) LPort=9009
FirewallRules: [{1F2137AF-0B29-4F2E-9D27-5E024C6BDAEC}] => (Allow) LPort=9009
FirewallRules: [{A07C2363-E00A-4F2C-B20C-7044CCB5A0F3}] => (Allow) LPort=9009
FirewallRules: [{05156A70-0071-49F9-9744-3EDF1C51D2CF}] => (Allow) LPort=9009
FirewallRules: [{3467E80E-9694-4B9E-BE83-44AE8E85232F}] => (Allow) LPort=9009
FirewallRules: [{0E2CE3E6-E434-4210-AA7D-CE09474F2659}] => (Allow) LPort=9009
FirewallRules: [{894B7323-95D9-4299-AA4D-E0E0F3E0441D}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{BADE4E1C-EAE6-4CA6-A383-7025CBA39D8E}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{E0DBE646-49B9-4438-9CDE-A3C4FFD80304}] => (Allow) LPort=9009
FirewallRules: [{36631623-17BB-41E8-94D8-DDA044568679}] => (Allow) LPort=9009
FirewallRules: [{DCB17898-7E26-4594-89B6-2D9720D8154D}] => (Allow) LPort=9009
FirewallRules: [{DBE268D7-9B61-4254-9ABF-2AFEAE235CC8}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{C39C31C0-B864-4E4A-A9D6-3D710D861C10}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{66DAD46D-31BC-4DBE-A987-00A91D110828}] => (Allow) LPort=9009
FirewallRules: [{FA6B8B2C-10C4-4CB9-A9DF-3F0DE20919A4}] => (Allow) LPort=9009
FirewallRules: [{E3E9AC80-1675-4E7D-BC5A-7060E7164BA9}] => (Allow) LPort=9009
FirewallRules: [{7E15DD4B-FCB0-4E69-A906-DA609A58CB54}] => (Allow) LPort=9009
FirewallRules: [{5C088CB0-7627-45EA-970E-20FD77DA68F9}] => (Allow) LPort=9009
FirewallRules: [{5B386F67-1705-4FAB-945F-C429AD341AA1}] => (Allow) LPort=9009
FirewallRules: [{36CCE737-BB50-414C-96EF-87D6B98A82DE}] => (Allow) LPort=9009
FirewallRules: [{495591C9-4BC3-42FF-8F2A-B9ED09C77623}] => (Allow) LPort=9009
FirewallRules: [{2B75D3D3-CE57-4F50-B224-DB64A1C85A91}] => (Allow) LPort=9009
FirewallRules: [{7B1E406C-6DD5-48CD-8387-6EAACEDEF1F4}] => (Allow) LPort=9009
FirewallRules: [{631DDFCC-2345-40F6-9201-C32E06645443}] => (Allow) LPort=9009
FirewallRules: [{C74C140A-4379-4577-AA69-ADF6E993FE93}] => (Allow) LPort=9009
FirewallRules: [{287596D5-803D-4AD7-9F1E-DF9ECDB3931F}] => (Allow) LPort=9009
FirewallRules: [{89B3DF0E-D1C8-4B7E-AA11-4829E3B16F86}] => (Allow) LPort=9009
FirewallRules: [{60877F5C-89EF-436E-9849-C03D09050EA6}] => (Allow) LPort=9009
FirewallRules: [{19697BB5-90EC-4C1E-A8AE-5E02AC96ADEF}] => (Allow) LPort=9009
FirewallRules: [{99C051F5-FEBE-4E80-9626-5FE41168DD26}] => (Allow) LPort=9009
FirewallRules: [{D30B9837-5B44-4DD9-BA29-C2A30D49FD34}] => (Allow) LPort=9009
FirewallRules: [{26260376-DCC7-47D7-8F3A-C2667CE6C8E1}] => (Allow) LPort=9009
FirewallRules: [{32311E33-0A7B-4BFB-B241-E15A6504A8A1}] => (Allow) LPort=9009
FirewallRules: [{DC650E6F-F126-46BB-A6C1-222F00967824}] => (Allow) LPort=9009
FirewallRules: [{087D32F0-1B12-401D-99A5-5D0C7E146351}] => (Allow) LPort=9009
FirewallRules: [{6931C587-9526-424F-AB3C-69F108329DAD}] => (Allow) LPort=9009
FirewallRules: [{BE596537-A938-4F40-A82B-1C385536E50C}] => (Allow) LPort=9009
FirewallRules: [{92325534-A036-48D7-9828-215373D0365E}] => (Allow) LPort=9009
FirewallRules: [{F28759A7-961D-4A5C-A19E-9A3182F989CE}] => (Allow) LPort=9009
FirewallRules: [{E88A58DB-7A49-42CC-86BF-618448B70BF6}] => (Allow) LPort=9009
FirewallRules: [{859F8B55-1070-43F1-A72B-1525059EE64F}] => (Allow) LPort=9009
FirewallRules: [{57B5F0AA-811A-43B7-81F0-A49D562093E6}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{E5C0200F-A8C6-403B-9A58-B35E64160CD9}C:\users\breck\appdata\local\discord\app-1.0.9007\discord.exe] => (Allow) C:\users\breck\appdata\local\discord\app-1.0.9007\discord.exe => No File
FirewallRules: [UDP Query User{8CDA0CF5-9BC2-4D49-B9BD-A4728E493AA9}C:\users\breck\appdata\local\discord\app-1.0.9007\discord.exe] => (Allow) C:\users\breck\appdata\local\discord\app-1.0.9007\discord.exe => No File
FirewallRules: [{EAC5973A-AAB1-4DA4-B03A-B0B85178FD17}] => (Allow) LPort=9009
FirewallRules: [{0A7ABECB-DB19-433F-B808-6C4C383051CD}] => (Allow) LPort=9009
FirewallRules: [{3D41E3F3-ADDD-4448-965D-DC6D78781E72}] => (Allow) LPort=9009
FirewallRules: [{D3BB7167-87FD-4FED-9F96-2F4893B0B6C5}] => (Allow) LPort=9009
FirewallRules: [{5899717F-6395-4E28-9810-7510681EBD6B}] => (Allow) LPort=9009
FirewallRules: [{F1BFA650-6326-4A9E-9B6B-1A8508B6DBEB}] => (Allow) LPort=9009
FirewallRules: [{4C88679A-876F-437E-A267-8B8D8CB94476}] => (Allow) LPort=9009
FirewallRules: [{7AAD2B84-9B09-4A5D-B3FE-27E1E9A885F1}] => (Allow) LPort=9009
FirewallRules: [{4E6945BC-AC5C-4DA4-A7CC-3E73142E7E23}] => (Allow) LPort=9009
FirewallRules: [{1EDFBDA2-6FD8-44F8-8843-D7BF54956D55}] => (Allow) LPort=9009
FirewallRules: [{47D5C577-1E0D-4061-9684-A68AC1C49968}] => (Allow) LPort=9009
FirewallRules: [{1514AF0A-864F-464A-A2F7-92F9B9AE1004}] => (Allow) LPort=9009
FirewallRules: [{4BE933C3-F166-49E5-90F1-D668E284F736}] => (Allow) LPort=9009
FirewallRules: [{840DBAA8-2A46-44E6-9E96-6CE5E8452A5E}] => (Allow) LPort=9009
FirewallRules: [{63D186CA-E869-45FB-BB61-F60BBC4B03BD}] => (Allow) LPort=9009
FirewallRules: [{F3EA9372-1844-4328-9711-8B550ADEF4F4}] => (Allow) LPort=9009
FirewallRules: [{38A650C2-D146-4B23-8309-BC0127C12075}] => (Allow) LPort=9009
FirewallRules: [{C3C53718-B35A-4926-92CE-4D586F471F1C}] => (Allow) LPort=9009
FirewallRules: [{689E6F30-5C07-4D95-84C1-1030BEEC0354}] => (Allow) LPort=9009
FirewallRules: [{F93652C7-E412-455F-B936-1DF2CF4DF54F}] => (Allow) LPort=9009
FirewallRules: [{085DB1D3-A786-4F2A-9A3C-DB1948C1DFE0}] => (Allow) LPort=9009
FirewallRules: [{2A03480F-A178-4B7A-A02E-3196AE2683C5}] => (Allow) LPort=9009
FirewallRules: [{BD005D5C-5113-4146-92E0-44946FD12532}] => (Allow) LPort=9009
FirewallRules: [{63201430-9410-4A78-A7CA-04DAB5AC0C08}] => (Allow) LPort=9009
FirewallRules: [{89780C42-14E7-4BB4-88BB-2DD8C9E8829A}] => (Allow) LPort=9009
FirewallRules: [{7B135396-1CC0-4304-9A60-420406AD152E}] => (Allow) LPort=9009
FirewallRules: [{295A45B4-3EC6-4A06-A8F1-EB36D08B2FA1}] => (Allow) LPort=9009
FirewallRules: [{2B5A1128-D57E-4A71-B5E5-C9DA7F2703DC}] => (Allow) LPort=9009
FirewallRules: [{C7375F0C-D98A-45B9-A799-E4FC4AA92F24}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{E65F5701-4455-4B07-9071-5CD2B82B3D83}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{CAA9C91D-4E21-45AB-860A-9D3071073B03}] => (Allow) LPort=9009
FirewallRules: [{C46B1D8A-4E2A-42A5-AD42-91A3443047A7}] => (Allow) LPort=9009
FirewallRules: [{B78A5617-4972-4CCA-A7B3-7DC44CACAAF6}] => (Allow) LPort=9009
FirewallRules: [{8D1167C5-679C-43AB-A8D1-D93085AE0750}] => (Allow) LPort=9009
FirewallRules: [{A7D56732-62E5-47A0-91C6-5E13C824B550}] => (Allow) LPort=9009
FirewallRules: [TCP Query User{F1025A07-8CF5-4392-9025-E74F9C0CE53C}D:\program files (x86)\steam\steamapps\common\ready or not\readyornot\binaries\win64\readyornot-win64-shipping.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\ready or not\readyornot\binaries\win64\readyornot-win64-shipping.exe (Void Interactive) [File not signed]
FirewallRules: [UDP Query User{650C0A35-3AA2-49EE-9C6F-90DCB5913203}D:\program files (x86)\steam\steamapps\common\ready or not\readyornot\binaries\win64\readyornot-win64-shipping.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\ready or not\readyornot\binaries\win64\readyornot-win64-shipping.exe (Void Interactive) [File not signed]
FirewallRules: [{0CE894BF-4958-479C-9CB8-B99B89358EF9}] => (Allow) LPort=9009
FirewallRules: [{D576A689-2BE4-4571-8085-B158061D55D7}] => (Allow) LPort=9009
FirewallRules: [{E6581101-CE7B-405D-BCEC-EB08C96B6481}] => (Allow) LPort=9009
FirewallRules: [{50D382C7-4605-4B44-9209-23E041A59D27}] => (Allow) LPort=9009
FirewallRules: [{A871A672-A367-4AB7-84EB-F4CF1A2A4302}] => (Allow) LPort=9009
FirewallRules: [{10B6F726-63BC-44B6-B2F6-1AF9959D5950}] => (Allow) LPort=9009
FirewallRules: [{B5EDA432-2194-4613-B43C-A0607FB10A84}] => (Allow) LPort=9009
FirewallRules: [{1AABAE26-DC6A-49EA-8060-B2CC134E7C41}] => (Allow) LPort=9009
FirewallRules: [{426E3CBD-1C57-4EAB-970E-70818298ACE6}] => (Allow) LPort=9009
FirewallRules: [{A4F1BF5C-25D5-4022-A789-F29CD1600A1F}] => (Allow) LPort=9009
FirewallRules: [{7459C868-1705-4C6C-9C59-1686305F26F6}] => (Allow) LPort=9009
FirewallRules: [{F0E69BAB-0A8A-4E14-BB61-42B43BF89DEC}] => (Allow) LPort=9009
FirewallRules: [{191DF671-6D47-4821-AF57-835279DB1AC7}] => (Allow) LPort=9009
FirewallRules: [{FF22CDB3-872A-4EB9-8615-01A79917D5FF}] => (Allow) LPort=9009
FirewallRules: [{AFC9F4B1-B61B-4902-8C1A-A3E01E61A431}] => (Allow) LPort=9009
FirewallRules: [{3C3D4117-11D7-4FE0-8609-462D54119C33}] => (Allow) LPort=9009
FirewallRules: [{722F3CF0-5E5C-4F3E-A9CA-ECC32815ED39}] => (Allow) LPort=9009
FirewallRules: [{3C0FA6CA-B34A-4891-B8C8-6E9FB2D5BD47}] => (Allow) LPort=9009
FirewallRules: [{1AD88C5C-E2FE-4998-948F-34BA8E81178F}] => (Allow) LPort=9009
FirewallRules: [{01D3D39A-AA74-440A-9E27-373C6A7EC664}] => (Allow) LPort=9009
FirewallRules: [{16935891-5039-40EE-A32B-26588E72B221}] => (Allow) LPort=9009
FirewallRules: [{568E18C5-3E00-4132-AB8D-2784A96C748B}] => (Allow) LPort=9009
FirewallRules: [{A46437BC-CBD6-4351-B617-2CC2E2D21E01}] => (Allow) LPort=9009
FirewallRules: [{3BCC474D-9E8A-4FF0-94BD-ADA5A3FE27AC}] => (Allow) LPort=9009
FirewallRules: [{7F3C8F6F-A756-4431-8CE5-5B5E474E4EBF}] => (Allow) LPort=9009
FirewallRules: [{165F0F1C-E6AF-4C57-820F-706FF88A5792}] => (Allow) LPort=9009
FirewallRules: [{78C3F9E4-7CA5-443B-A34D-2852FBA3778B}] => (Allow) LPort=9009
FirewallRules: [{5F62037F-2BC6-42F9-8B56-56D4468A98AF}] => (Allow) LPort=9009
FirewallRules: [{C7E6EB71-3333-4477-ACFE-6F2F3C554F24}] => (Allow) LPort=9009
FirewallRules: [{ECA3F6C1-D45F-4716-8B10-F66963CDE512}] => (Allow) LPort=9009
FirewallRules: [{44920B67-4209-4BCA-BA8B-635CD8EFE0A8}] => (Allow) LPort=9009
FirewallRules: [{64899E05-6133-4F59-A655-CF1BE69F2F67}] => (Allow) LPort=9009
FirewallRules: [{F3473CDF-0210-4D44-997A-F8D1BD1139A2}] => (Allow) LPort=9009
FirewallRules: [{04B7BAF3-F524-4548-A349-65D241F6E78E}] => (Allow) LPort=9009
FirewallRules: [{23D59087-100E-4818-8428-BC8D0A961B7D}] => (Allow) LPort=9009
FirewallRules: [{C8A7FEB3-0F5E-472D-9E0F-89545751E028}] => (Allow) LPort=9009
FirewallRules: [{222E5209-0615-4763-8536-D8EA855CA747}] => (Allow) LPort=9009
FirewallRules: [{C0ED1A5C-54BF-481D-9367-14C6B19BE18D}] => (Allow) LPort=9009
FirewallRules: [{4E6DD38D-8549-4B55-B1DF-E9DA5BF86734}] => (Allow) LPort=9009
FirewallRules: [{6970FA52-6529-4917-BED6-ACBC1232BEBA}] => (Allow) LPort=9009
FirewallRules: [{CC14DA9F-8BB5-439F-B4C3-5C2027AE9A68}] => (Allow) LPort=9009
FirewallRules: [{00EAA631-5E8B-40DC-8AA7-2D4409C8F1CD}] => (Allow) LPort=9009
FirewallRules: [{454CABFA-6D19-4682-B3B2-21D583F20831}] => (Allow) LPort=9009
FirewallRules: [{1CF34009-13DC-4801-B6E0-B5EFD4430C28}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Ready Or Not\Engine\Binaries\Win64\CrashReporter.exe () [File not signed]
FirewallRules: [{FE1AC79D-0025-422F-A49B-F8D596C6EDA2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Ready Or Not\Engine\Binaries\Win64\CrashReporter.exe () [File not signed]
FirewallRules: [{A1CBC70E-4724-4FC8-B311-D4997E2BE8E0}] => (Allow) LPort=9009
FirewallRules: [{B31C70DB-1AF0-4C63-A9A6-F25431E586D3}] => (Allow) LPort=9009
FirewallRules: [{68FFC6EE-2C0C-4A71-9CE2-B68CD5315AD2}] => (Allow) LPort=9009
FirewallRules: [{5B588029-F6CD-407C-9F6A-DFE53C5F39A2}] => (Allow) LPort=9009
FirewallRules: [{75AEBA80-ECF2-4A52-9C01-53D210E77D88}] => (Allow) LPort=9009
FirewallRules: [{E125B1C5-AF8E-4122-98EB-7C85C5F26024}] => (Allow) LPort=9009
FirewallRules: [{97774BAC-703C-425B-8CE8-9F23E9E7A7D3}] => (Allow) LPort=9009
FirewallRules: [{653B4A29-32CF-4504-8DC2-91D48F7BCA9D}] => (Allow) LPort=9009
FirewallRules: [{BDBB439F-C2EA-4D8C-955E-E8AF89276009}] => (Allow) LPort=9009
FirewallRules: [{E691B4F2-631B-42EA-BA95-BF36F5448E07}] => (Allow) LPort=9009
FirewallRules: [{4BE40356-4346-4F18-81B9-1BFAF22BF815}] => (Allow) LPort=9009
FirewallRules: [{119A405C-F2C4-4B6B-9533-06A463C46114}] => (Allow) LPort=9009
FirewallRules: [{B3A7D7A6-0D57-43FA-B0B0-D1076639FEF0}] => (Allow) LPort=9009
FirewallRules: [{C0A81DBB-3033-4CE0-B14B-091279B55028}] => (Allow) LPort=9009
FirewallRules: [{ECEDAA05-60B2-4927-9C5F-D7A70C6B484B}] => (Allow) LPort=9009
FirewallRules: [{3DB72493-B520-4E3A-98CE-05369D11DBB5}] => (Allow) LPort=9009
FirewallRules: [{071F18FE-BAAF-4E1A-8077-BF200F896FC6}] => (Allow) LPort=9009
FirewallRules: [{A5B80629-30DE-4B49-A0CC-88B93976E236}] => (Allow) LPort=9009
FirewallRules: [{AADE845B-3858-4FEA-9009-FDC063F174B6}] => (Allow) LPort=9009
FirewallRules: [{9DDC813F-33FC-4FFE-8093-5C10A00ED361}] => (Allow) LPort=9009
FirewallRules: [{EF3B3D4C-1DDB-421E-9A87-5512B1F55F3A}] => (Allow) LPort=9009
FirewallRules: [{17D0AA27-21FE-43AE-9C34-97E54455E5DC}] => (Allow) LPort=9009
FirewallRules: [{BED61790-7736-4ACC-8FA4-164C67277B3D}] => (Allow) LPort=9009
FirewallRules: [{633584B0-B808-4D2F-8EB8-A3D95AB89262}] => (Allow) LPort=9009
FirewallRules: [{B4D58351-B298-4311-8007-013E18E1DCEC}] => (Allow) LPort=9009
FirewallRules: [{77B7F088-D6A3-4F65-A5F9-7458DEFBD729}] => (Allow) LPort=9009
FirewallRules: [{6A2C66BA-B80A-44D7-AF27-630A74FF1E77}] => (Allow) LPort=9009
FirewallRules: [{EAD382DA-E10F-4605-91C8-42CA75A797AA}] => (Allow) LPort=9009
FirewallRules: [{7184175C-DC3C-484D-92DD-4E8CE7AB6C91}] => (Allow) LPort=9009
FirewallRules: [{70967382-A5D8-4C3F-B518-7D11A04936F4}] => (Allow) LPort=9009
FirewallRules: [{BE93BCED-E8C6-40C9-9997-51F688A1B27E}] => (Allow) LPort=9009
FirewallRules: [{9A99E18A-7A4A-4935-ABDD-F8CBD27CE58B}] => (Allow) LPort=9009
FirewallRules: [{6D55F063-6D62-44F4-8F53-2C0DAA96EA18}] => (Allow) LPort=9009
FirewallRules: [{305A260A-783F-4602-8A6C-486D15AAEFAC}] => (Allow) LPort=9009
FirewallRules: [{2D197399-330A-4309-BFAD-1B9F7844E879}] => (Allow) LPort=9009
FirewallRules: [{E257660A-D9E5-4A01-B9E7-879FDAD2BE8D}] => (Allow) LPort=9009
FirewallRules: [{306687AD-DACA-4657-9676-A77CD464A57D}] => (Allow) LPort=9009
FirewallRules: [{66B5DFA2-3E7D-49F7-A951-8819426A7A1F}] => (Allow) LPort=9009
FirewallRules: [{ABFC5891-159B-4669-BC21-497B6B100D88}] => (Allow) LPort=9009
FirewallRules: [{836C1268-7CD5-4B66-A851-D9642ABA0818}] => (Allow) LPort=9009
FirewallRules: [{7A162A48-B0AD-40DC-8AAF-7F48487C257E}] => (Allow) LPort=9009
FirewallRules: [{2291E063-7958-4408-9C4A-37902FC6629C}] => (Allow) LPort=9009
FirewallRules: [{2EF32389-66B1-4207-8079-F39113AA1422}] => (Allow) LPort=9009
FirewallRules: [{24A044E5-8123-4EDA-8559-37BE16E12B47}] => (Allow) LPort=9009
FirewallRules: [{1F37669E-733F-4842-A3E4-F33AA4F5B1F9}] => (Allow) LPort=9009
FirewallRules: [{C12D950C-2528-4EA9-86E2-74C52F370A5C}] => (Allow) LPort=9009
FirewallRules: [{5122049C-0C51-41C8-807A-70E7DC20F1A3}] => (Allow) LPort=9009
FirewallRules: [{A39930AE-D0C0-4824-878D-448A73C7C756}] => (Allow) LPort=9009
FirewallRules: [{8CC6869B-ECCD-4CF3-A087-4B81C2F26D91}] => (Allow) LPort=9009
FirewallRules: [{BA2F9C72-2063-45FE-B8EC-9A45D2F98B7E}] => (Allow) LPort=9009
FirewallRules: [{5EA3BE5F-2754-4FCA-875A-6A6608AD90AD}] => (Allow) LPort=9009
FirewallRules: [{CC244252-E6CD-4B9E-977F-23241EAFE6EE}] => (Allow) LPort=9009
FirewallRules: [{77E84881-8AA1-4C74-B3CC-2CCACA4B5238}] => (Allow) LPort=9009
FirewallRules: [{8C543CDA-00E4-4137-9040-380832F87F75}] => (Allow) LPort=9009
FirewallRules: [{B45E58FD-B459-49CB-AEAB-3BBCBD6EBD5A}] => (Allow) LPort=9009
FirewallRules: [{2A737B07-816B-4868-A832-078365130E4C}] => (Allow) LPort=9009
FirewallRules: [{DBF8AB87-8631-465A-80C8-1C45E07E3BC8}] => (Allow) LPort=9009
FirewallRules: [{50C81FE2-4B86-45A7-969D-7505087D0C14}] => (Allow) LPort=9009
FirewallRules: [{A63D8105-E65F-4C2A-AEF6-0528DFFFC7B0}] => (Allow) LPort=9009
FirewallRules: [{16F5F92E-CD3C-48E9-99F7-7F82C976CD30}] => (Allow) LPort=9009
FirewallRules: [{9D08C87A-A0EC-4E3D-8A96-E8469F7BF6CA}] => (Allow) LPort=9009
FirewallRules: [{EDC54852-2B5B-4E9D-B0B5-15974D7CAD60}] => (Allow) LPort=9009
FirewallRules: [{C9EA2DE3-6ABF-4AA2-8D0D-29A6ED6478BF}] => (Allow) LPort=9009
FirewallRules: [{14AF7F8B-B9EF-4D98-9D02-0A0C7E410728}] => (Allow) LPort=9009
FirewallRules: [{661DC288-9FD1-48B2-8836-4A5078DCD5E2}] => (Allow) LPort=9009
FirewallRules: [{0D2C2379-63DA-49A3-A14B-E33E99B243F1}] => (Allow) LPort=9009
FirewallRules: [{ECD213D3-7959-4A02-B38B-A8A13BAA8997}] => (Allow) LPort=9009
FirewallRules: [{97113D51-0635-458E-A341-44A409A990C3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{4C6C471F-DDAA-481E-A40C-2EA911101F43}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{98BC7313-EAD6-421D-90EB-896378D67E30}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{3FA7E2B1-3544-47F7-842D-8B4BFB3DE4C6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{BC08311E-FD6E-4CFD-8CB0-F9A66D3F5919}] => (Allow) LPort=9009
FirewallRules: [{CCB47CE3-561E-4819-88BB-5903E3C91B8B}] => (Allow) LPort=9009
FirewallRules: [{F6241B51-3898-43B2-BE98-324958A298D0}] => (Allow) LPort=9009
FirewallRules: [{00308C8D-B7C9-415C-9991-748C5EE527E1}] => (Allow) LPort=9009
FirewallRules: [{39462804-1E02-453B-96A1-759FC74503EC}] => (Allow) LPort=9009
FirewallRules: [{39C04BCE-0703-4961-94D9-E4531C6A0693}] => (Allow) LPort=9009
FirewallRules: [{BE51AA28-FB47-49E2-B212-FF36A9C25674}] => (Allow) LPort=9009
FirewallRules: [{F7208AD1-5A27-4C11-B82A-4B058B7ABA7A}] => (Allow) LPort=9009
FirewallRules: [{7B346BF2-1373-4332-AE62-A2656F4A741B}] => (Allow) LPort=9009
FirewallRules: [{20C8598A-2A13-403C-91A3-FBED6E2860C1}] => (Allow) LPort=9009
FirewallRules: [{7FEA256D-3FF2-42ED-B767-EA969E1B0511}] => (Allow) LPort=9009
FirewallRules: [{756AC505-6760-4F19-9CA8-7436A0F8257D}] => (Allow) LPort=9009
FirewallRules: [{8F4E31D0-DF98-4D42-96F5-01EF18188BE5}] => (Allow) LPort=9009
FirewallRules: [{44527ADF-BEEB-43A6-A4DB-55A3EAE482AC}] => (Allow) LPort=9009
FirewallRules: [{904624CC-41A5-41C7-B426-689EBBFBD7C5}] => (Allow) LPort=9009
FirewallRules: [{5D382076-2FBC-454C-8F1E-DC12B5F8FFFE}] => (Allow) LPort=9009
FirewallRules: [{D124AF98-A441-4C4A-9B45-70EC48A8387B}] => (Allow) LPort=9009
FirewallRules: [{9804567A-2899-48C2-ACFB-056148D0B8C6}] => (Allow) LPort=9009
FirewallRules: [{365863B1-6B98-4595-B2EF-0900633838A0}] => (Allow) LPort=9009
FirewallRules: [{C88BB4C1-EE0E-4B88-B1BE-8B4F4843A263}] => (Allow) LPort=9009
FirewallRules: [{5B9FB832-AA9D-48A4-8071-B24CD5F812BF}] => (Allow) LPort=9009
FirewallRules: [{06D859B8-EC76-432A-ACF0-0C3F75B08E9A}] => (Allow) LPort=9009
FirewallRules: [{2061A8E8-451B-4ECA-AE90-FCAE4B291022}] => (Allow) LPort=9009
FirewallRules: [{6D507F3E-8F6F-4B45-A653-E2F310F79474}] => (Allow) LPort=9009
FirewallRules: [{0F373FD4-5B24-4C39-90B9-7164C1225785}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{C43280E8-6E7D-4DDB-9897-EEFAD4AEE7D0}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{151A8E4C-B068-4158-BE9A-B8A9494D178E}] => (Allow) LPort=9009
FirewallRules: [{01B40948-1A98-4DE8-9BDB-1B271A1A9E73}] => (Allow) LPort=9009
FirewallRules: [{90742467-BD9C-436E-91D8-21FD600FB90A}] => (Allow) LPort=9009
FirewallRules: [{C8447D5C-F23F-4F8E-8659-8A19B0A33F04}] => (Allow) LPort=9009
FirewallRules: [{082CFB9F-E448-4CED-B27C-E7D8E43304F7}] => (Allow) LPort=9009
FirewallRules: [{5D14E079-C55F-4812-A8EF-A24A412BCB68}] => (Allow) LPort=9009
FirewallRules: [{D1C5FAB8-B0CF-45EB-8229-96D0514DE163}] => (Allow) LPort=9009
FirewallRules: [{1746E467-F00E-4620-B1D8-97B8813502C8}] => (Allow) LPort=9009
FirewallRules: [{7423E3AB-3546-4285-98F1-56779CA06D5C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{504FF481-B2E9-4A90-B563-3BB3B668F7B3}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{0B79EB31-7C3B-4B43-AC60-62E7BDF1A026}] => (Allow) LPort=9009
FirewallRules: [{4CCF5ED8-D44C-4852-AC5B-6BCD17C3C5DF}] => (Allow) LPort=9009
FirewallRules: [{B0F9D03F-8CA4-48C1-8710-47FDED2F8631}] => (Allow) LPort=9009
FirewallRules: [{458C2A53-7AC0-4FE5-B422-6FE244E45282}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{9526A926-E177-46F6-AA28-202B220ABCA1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{30C14E9D-9972-4E0B-81BB-5C51748336B9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{B8CA946D-FC06-4D8C-95A0-3D3E131DAA4F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{8E5175F3-CA73-417A-8E73-55B221EEF6A6}] => (Allow) LPort=9009
FirewallRules: [{9BE9E69D-39D0-49A8-9FD6-593857FACA45}] => (Allow) LPort=9009
FirewallRules: [{B7BFA511-E73D-4CA5-8882-D9667074197A}] => (Allow) LPort=9009
FirewallRules: [{B9377A8E-38A6-4455-836F-E40F806A1048}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{5F410D8B-0388-4890-B0D5-DA9BC1E9A587}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{DDF38718-BA68-4509-AB9B-77C69F47204E}] => (Allow) LPort=9009
FirewallRules: [{09CC9FE9-6879-4849-ADCE-D4ACD852341A}] => (Allow) LPort=9009
FirewallRules: [{F34A6A1A-EA1E-4820-A928-AF45EF971F6F}] => (Allow) LPort=9009
FirewallRules: [{46DF0E22-43BB-445B-A5DD-18994D08702C}] => (Allow) LPort=9009
FirewallRules: [{0FC90CC9-8047-4A45-8B6F-BCAF560B306D}] => (Allow) LPort=9009
FirewallRules: [{754B57D7-D647-44AC-87A0-C735EA51DC1D}] => (Allow) LPort=9009
FirewallRules: [{807A38F4-BBB7-47A3-B3D5-567526B2DF79}] => (Allow) LPort=9009
FirewallRules: [{8447561A-EEBD-4831-A197-48162DAD970A}] => (Allow) LPort=9009
FirewallRules: [{3BF1D488-9F28-40EB-859F-583496D9A76E}] => (Allow) LPort=9009
FirewallRules: [{92B82F5E-EFC6-40C2-B8D1-18F3B8412257}] => (Allow) LPort=9009
FirewallRules: [{9DB5DF67-94A0-4A40-8145-E2EB5C527868}] => (Allow) LPort=9009
FirewallRules: [{37E9AF05-4B80-45F7-B3C5-AA23F66EEDC8}] => (Allow) LPort=9009
FirewallRules: [{D5B5F741-8FC2-4D35-AADD-A234FDB5CCAB}] => (Allow) LPort=9009
FirewallRules: [{82A17A0D-E387-475A-897F-2AA5766D896E}] => (Allow) LPort=9009
FirewallRules: [{CBB995FA-66CD-429D-A14F-9097A70B56A1}] => (Allow) LPort=9009
FirewallRules: [{FEFB5D8D-E281-474E-8232-EF0517378628}] => (Allow) LPort=9009
FirewallRules: [{F0C34D59-A67E-4B52-953E-9CC89AC4E9E9}] => (Allow) LPort=9009
FirewallRules: [{F5F3D030-AF09-43AB-AA5A-4D8D7E7637F1}] => (Allow) LPort=9009
FirewallRules: [{E284778E-152B-4814-85A7-CAC13817626D}] => (Allow) LPort=9009
FirewallRules: [{57CDBA9F-3AD8-4BB4-87A0-86683FA7F624}] => (Allow) LPort=9009
FirewallRules: [{2B7086A2-D02C-44E6-B146-29E55129808D}] => (Allow) LPort=9009
FirewallRules: [{07D039A6-4F1E-45F0-98E3-67BC73A06413}] => (Allow) LPort=9009
FirewallRules: [{DDB68340-0529-4AB1-9AE2-5B39F6A2C51B}] => (Allow) LPort=9009
FirewallRules: [{4C0E91F3-41E8-4733-AA8C-1C0F2AD071C4}] => (Allow) LPort=9009
FirewallRules: [{D639E4C1-6BA3-48BC-A969-896DD07EEB9C}] => (Allow) LPort=9009
FirewallRules: [{17EFBECA-AA27-4531-BDF4-746FA6EC4567}] => (Allow) LPort=9009
FirewallRules: [{055EE07D-1812-4E80-8162-178CCA7D3295}] => (Allow) LPort=9009
FirewallRules: [{B173A0B1-2929-4C0D-870B-6B4BA9555752}] => (Allow) LPort=9009
FirewallRules: [{42347F85-8059-4376-974E-BE80A096748F}] => (Allow) LPort=9009
FirewallRules: [{EA78C215-6BA5-4E37-9EE1-5F6C52C23FE7}] => (Allow) LPort=9009
FirewallRules: [{251DF7FB-E1C2-445E-B8CF-0D4CC6B0A937}] => (Allow) C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsSubsystemForAndroid_2302.40000.9.0_x64__8wekyb3d8bbwe\WsaClient\WsaClient.exe (Microsoft Corporation -> )
FirewallRules: [{D5106467-AC6B-4DAD-928D-94CF91C23895}] => (Allow) LPort=9009
FirewallRules: [{CC729B23-0B62-4E08-83FA-AAD3487E47D3}] => (Allow) LPort=9009
FirewallRules: [{423DC9B6-C3B4-4DB9-9EB1-2978478376BC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{78B7AD7A-3B5E-48F2-A4A9-5B0940A5B113}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{2CE5C29B-C3D7-4871-81A2-7942D7E2D1AA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{7F6638FE-C854-4795-A208-A6D570CB4B68}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{B9246243-C108-4052-AB32-05B9D47F94B7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{39FC9C9F-648A-48E8-98B1-A35DA996667F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{81B8A0BF-DB56-4673-BF55-A936843D0FB7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{6E3B5BBA-2461-406F-9959-9F4E3D791AA7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{C629EBD4-1FB4-43D1-BFAD-8A4E242DF88E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{B402A924-8356-49D0-89A5-D442647F8F97}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{128FF177-9ED6-411E-B10E-0C68D1E3BF31}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{4F255D97-B072-4A9C-A3E6-2A9E2BF8DE7E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{85C5B8EF-71EC-4FCB-AC02-167D28AD005C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{E79FCCCD-571F-4747-B014-63E97816889A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> )
FirewallRules: [{95223E6C-0ECA-46E6-B685-17D6D92A3153}] => (Allow) LPort=9009
FirewallRules: [{BEB84007-4CB7-43FD-9815-80A1756FE838}] => (Allow) LPort=9009
FirewallRules: [{CCCEED80-D590-4748-93BF-1B16E6F6CC85}] => (Allow) LPort=9009
FirewallRules: [{B899F3F9-05A7-4889-9F82-1ABDA913310A}] => (Allow) LPort=9009
FirewallRules: [{7826E3C3-D36F-479D-8BE5-855AB731C08D}] => (Allow) LPort=9009
FirewallRules: [{5DE5CA66-2A34-4E39-BCB2-1DA2B1D67798}] => (Allow) LPort=9009
FirewallRules: [{C83A8A56-7F8F-4DFF-8317-DA9C90446B56}] => (Allow) LPort=9009
FirewallRules: [{82132125-37DD-45F0-BD63-6724F2F9ACFF}] => (Allow) LPort=9009
FirewallRules: [{A0C7DF05-6C65-4558-B0B6-E48B22D6AF92}] => (Allow) LPort=9009
FirewallRules: [{1B573EEB-4DDC-4535-A420-BE7889CB09C6}] => (Allow) LPort=9009
FirewallRules: [{64A20485-95EE-43F4-90A9-7AC3FD7C1A49}] => (Allow) LPort=9009
FirewallRules: [{6658BC44-863A-4B64-91F5-7014FF2E3372}] => (Allow) LPort=9009
FirewallRules: [{04D6D65B-610E-4FB3-8E17-1E250E4783C1}] => (Allow) LPort=9009
FirewallRules: [{76C5FCFB-79F5-4BBB-8271-E9E09B0F9A7D}] => (Allow) LPort=9009
FirewallRules: [{35556179-8050-43E6-B4A2-C3C73A875B58}] => (Allow) LPort=9009
FirewallRules: [{86AFB770-A43B-45C9-86F8-FAE5D0A8119E}] => (Allow) LPort=9009
FirewallRules: [{9DC5D25B-5628-471C-B9A4-F614EEA2CF0C}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23062.1104.1987.6038_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> )
FirewallRules: [{ABFAB661-C0D7-49B1-9FAF-9D0460253FA7}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23062.1104.1987.6038_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> )
FirewallRules: [{433C5ABD-1D97-49D9-9C09-730EBCE275E4}] => (Allow) LPort=9009
FirewallRules: [{AD0A6BC7-33BA-4C26-8F3B-D1C38D7BC6A4}] => (Allow) LPort=9009
FirewallRules: [{E2EF6896-437E-4FB4-A53E-E17E5BCE4458}] => (Allow) LPort=9009
FirewallRules: [{19DAE64A-7B8C-4E93-8AFE-6D50C1045BA1}] => (Allow) LPort=9009
FirewallRules: [{66C5B5E8-FBAD-44A2-92A5-D8AD2C383577}] => (Allow) D:\Battlestate Games\BsgLauncher\BsgLauncher.exe (BATTLESTATE GAMES LIMITED -> Battlestate Games)
FirewallRules: [{13D07680-FFE6-4FBD-9169-C282E0B8E1E2}] => (Allow) D:\Battlestate Games\BsgLauncher\BsgLauncher.exe (BATTLESTATE GAMES LIMITED -> Battlestate Games)
FirewallRules: [{91E86D83-EEE3-4693-A2F9-664FB57932BA}] => (Allow) LPort=9009
FirewallRules: [{44657CA7-43F5-4D99-83F5-6E41B7B31093}] => (Allow) LPort=9009
FirewallRules: [{0E2D492E-AA3F-4B11-9332-E13B1AABCA9A}] => (Allow) LPort=9009
FirewallRules: [{AF263FD0-359A-41CF-ACB6-72905199A890}] => (Allow) LPort=9009
FirewallRules: [{25F93F15-1393-453B-8BA4-84F5A262FDE7}] => (Allow) LPort=9009
FirewallRules: [{65FA54B7-14B9-4CD3-B64C-499BFCE25986}] => (Allow) LPort=9009
FirewallRules: [{DDEE0B95-57D6-4F21-AA1E-354B3767B52E}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{9F33D00D-6E38-49A5-A46D-F6FEDF99B670}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{05123139-E5A5-4E42-9E48-C2876C6C3C74}] => (Allow) LPort=9009
FirewallRules: [{86E635F3-B668-4E6D-9C26-8F124C90607E}] => (Allow) LPort=9009
FirewallRules: [{E84529E9-D49C-4D8B-892C-5EE711A195B5}] => (Allow) LPort=9009
FirewallRules: [{A5D525E4-F037-4922-9851-E6B36B5FE873}] => (Allow) LPort=9009
FirewallRules: [{6075B575-8A1E-4C31-9BC1-57424E3708DA}] => (Allow) LPort=9009
FirewallRules: [{85C14166-8249-4C6A-806A-A1B85432C189}] => (Allow) LPort=9009
FirewallRules: [{AD38BBBD-6A6D-4239-A209-6FD37E83AE6E}] => (Allow) LPort=9009
FirewallRules: [{0FCC9F64-3D01-4CAC-B949-CEBB298CD5F1}] => (Allow) LPort=9009
FirewallRules: [{384B335A-B736-43F3-A555-8D29FDD88F42}] => (Allow) LPort=9009
FirewallRules: [{761E8170-05C0-4CF5-A0F0-16681D64F865}] => (Allow) C:\Program Files (x86)\Overwolf\0.221.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{8B44398F-6DBA-4E4D-8B18-6BAD68D17D3A}] => (Allow) C:\Program Files (x86)\Overwolf\0.221.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{2BE81C36-683D-4DC1-8570-0D88EE0D4A57}] => (Block) C:\Program Files (x86)\Overwolf\0.221.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{D3A28E28-5C8C-44F0-933A-B02D20B87721}] => (Block) C:\Program Files (x86)\Overwolf\0.221.0.4\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{A656D1D1-C9F4-4BA9-B034-5F18227CD895}] => (Allow) C:\Program Files (x86)\Overwolf\0.221.109.14\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{92A5A85B-1492-4D00-B3F2-663C2FCEB1CB}] => (Allow) C:\Program Files (x86)\Overwolf\0.221.109.14\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{2CD32C18-6B0A-4612-9784-2BAF2013B2CE}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.58\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4EA52F32-38F4-4B22-8633-D5171F438CAD}] => (Allow) LPort=9009
 
==================== Restore Points =========================
 
21-04-2023 12:19:19 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (04/27/2023 04:29:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe, version: 10.0.22000.527, time stamp: 0xe6f2ec65
Faulting module name: edgehtml.dll, version: 11.0.22000.1641, time stamp: 0x8621bc5f
Exception code: 0xc0000602
Fault offset: 0x000000000072c682
Faulting process id: 0x74fc
Faulting application start time: 0x01d979016fa12854
Faulting application path: C:\WINDOWS\System32\svchost.exe
Faulting module path: C:\WINDOWS\System32\edgehtml.dll
Report Id: 04b8ae45-b245-43ae-9ed6-0ca09d1cce7c
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (04/27/2023 12:09:46 AM) (Source: CAM Service) (EventID: 1) (User: )
Description: request thread encountered an error: Failed to send result: io error: The pipe is being closed. (os error 232)
 
Error: (04/26/2023 12:07:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe, version: 10.0.22000.527, time stamp: 0xe6f2ec65
Faulting module name: edgehtml.dll, version: 11.0.22000.1641, time stamp: 0x8621bc5f
Exception code: 0xc0000602
Fault offset: 0x000000000072c682
Faulting process id: 0x8bb4
Faulting application start time: 0x01d97771091b8278
Faulting application path: C:\WINDOWS\System32\svchost.exe
Faulting module path: C:\WINDOWS\System32\edgehtml.dll
Report Id: 7251dbe8-aec6-4849-83b1-24a148004630
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (04/26/2023 12:07:20 AM) (Source: CAM Service) (EventID: 1) (User: )
Description: request thread encountered an error: Failed to send result: io error: The pipe is being closed. (os error 232)
 
Error: (04/25/2023 09:27:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RocketLeague.exe, version: 1.0.10897.0, time stamp: 0x6438d71f
Faulting module name: bakkesmod.dll, version: 0.0.0.0, time stamp: 0x64486482
Exception code: 0xc0000005
Fault offset: 0x00000000000cbe48
Faulting process id: 0x8164
Faulting application start time: 0x01d977de439e02a7
Faulting application path: D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe
Faulting module path: C:\Users\breck\AppData\Roaming\bakkesmod\bakkesmod\dll\bakkesmod.dll
Report Id: 62d6c383-7741-4a3c-8e97-9aed0cb95a5d
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (04/25/2023 07:49:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mysqld-nt.exe, version: 0.0.0.0, time stamp: 0x460162c3
Faulting module name: mysqld-nt.exe, version: 0.0.0.0, time stamp: 0x460162c3
Exception code: 0xc0000005
Fault offset: 0x0020d390
Faulting process id: 0x3ab4
Faulting application start time: 0x01d977d00e023399
Faulting application path: C:\Program Files (x86)\Winsim\ConnectionManager\MySqlBinary\5.0.38\mysql\mysqld-nt.exe
Faulting module path: C:\Program Files (x86)\Winsim\ConnectionManager\MySqlBinary\5.0.38\mysql\mysqld-nt.exe
Report Id: 4b71bb09-2b13-458a-bf87-8fc6fc03711f
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (04/25/2023 07:43:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mysqld-nt.exe, version: 0.0.0.0, time stamp: 0x460162c3
Faulting module name: mysqld-nt.exe, version: 0.0.0.0, time stamp: 0x460162c3
Exception code: 0xc0000005
Fault offset: 0x0020d390
Faulting process id: 0x49ec
Faulting application start time: 0x01d977cf9c2dc085
Faulting application path: C:\Program Files (x86)\Winsim\ConnectionManager\MySqlBinary\5.0.38\mysql\mysqld-nt.exe
Faulting module path: C:\Program Files (x86)\Winsim\ConnectionManager\MySqlBinary\5.0.38\mysql\mysqld-nt.exe
Report Id: e82c57ed-1dce-4216-ba12-6b7be131cc88
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (04/25/2023 02:13:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Widgets.exe, version: 421.20070.1500.0, time stamp: 0x641e44e9
Faulting module name: Geolocation.dll, version: 10.0.22000.1, time stamp: 0xaffc4aa2
Exception code: 0xc0000005
Fault offset: 0x000000000000e2c1
Faulting process id: 0x4d30
Faulting application start time: 0x01d9777109b1aa52
Faulting application path: C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.8900.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
Faulting module path: C:\Windows\System32\Geolocation.dll
Report Id: 9624a35d-0a92-41cb-8019-7a6912a5b77a
Faulting package full name: MicrosoftWindows.Client.WebExperience_423.8900.0.0_x64__cw5n1h2txyewy
Faulting package-relative application ID: Widgets
 
 
System errors:
=============
Error: (04/27/2023 04:33:10 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: 322122548500
 
Error: (04/27/2023 04:33:08 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: 322122548500
 
Error: (04/27/2023 04:33:04 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: 322122548500
 
Error: (04/27/2023 04:24:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
This driver has been blocked from loading
 
Error: (04/27/2023 04:24:09 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\breck\AppData\Local\Temp\ehdrv.sys
 
Error: (04/27/2023 04:24:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
This driver has been blocked from loading
 
Error: (04/27/2023 04:24:09 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\breck\AppData\Local\Temp\ehdrv.sys
 
Error: (04/27/2023 04:24:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
This driver has been blocked from loading
 
 
Windows Defender:
================
Date: 2023-04-20 23:52:18
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Full Scan
 
Date: 2023-04-19 23:59:19
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: HackTool:Win64/AutoKMS
Severity: High
Category: Tool
Path: file:_C:\Windows\SECOH-QAD.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\System32\svchost.exe
Security intelligence Version: AV: 1.387.1602.0, AS: 1.387.1602.0, NIS: 1.387.1602.0
Engine Version: AM: 1.1.20200.4, NIS: 1.1.20200.4
 
Date: 2023-04-19 23:59:19
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: HackTool:Win64/AutoKMS
Severity: High
Category: Tool
Path: file:_C:\Windows\SECOH-QAD.dll; file:_C:\Windows\SECOH-QAD.exe; imagefileexecoptions:_HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SppExtComObj.exe; imagefileexecoptions:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SppExtComObj.exe; regkey:_HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SppExtComObj.exe; regkey:_HKLM\SOFTWARE\Wow6432Node\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SppExtComObj.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\KMSpico\AutoPico.exe
Security intelligence Version: AV: 1.387.1602.0, AS: 1.387.1602.0, NIS: 1.387.1602.0
Engine Version: AM: 1.1.20200.4, NIS: 1.1.20200.4
 
Date: 2023-04-19 23:59:17
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: HackTool:Win64/AutoKMS
Severity: High
Category: Tool
Path: file:_C:\Windows\SECOH-QAD.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\System32\svchost.exe
Security intelligence Version: AV: 1.387.1602.0, AS: 1.387.1602.0, NIS: 1.387.1602.0
Engine Version: AM: 1.1.20200.4, NIS: 1.1.20200.4
 
Date: 2023-04-19 23:59:02
Description: 
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: HackTool:Win64/AutoKMS
Severity: High
Category: Tool
Path: file:_C:\Windows\SECOH-QAD.dll; file:_C:\Windows\SECOH-QAD.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\KMSpico\AutoPico.exe
Security intelligence Version: AV: 1.387.1602.0, AS: 1.387.1602.0, NIS: 1.387.1602.0
Engine Version: AM: 1.1.20200.4, NIS: 1.1.20200.4

CodeIntegrity:
===============
Date: 2023-04-27 16:24:09
Description: 
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume4\Users\breck\AppData\Local\Temp\ehdrv.sys that is not compatible with hypervisor enforcement. Failure bitmap 0x1. Status 0xC00000BB.
 
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. F11 10/15/2019
Motherboard: Gigabyte Technology Co., Ltd. Z390 AORUS PRO WIFI-CF
Processor: Intel® Core™ i9-9900K CPU @ 3.60GHz
Percentage of memory in use: 20%
Total physical RAM: 65468.61 MB
Available physical RAM: 52373.48 MB
Total Virtual: 75196.61 MB
Available Virtual: 59489.16 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:930.88 GB) (Free:518.6 GB) (Model: NVMe Samsung SSD 970 SCSI Disk Device) NTFS
Drive d: () (Fixed) (Total:931.5 GB) (Free:389.12 GB) (Model: NVMe Samsung SSD 970 SCSI Disk Device) NTFS
Drive g: (Google Drive) (Fixed) (Total:100 GB) (Free:100 GB) (Model: NVMe Samsung SSD 970 SCSI Disk Device) FAT32
 
\\?\Volume{d762804c-aa79-4cdf-99cc-41029f60f0f6}\ () (Fixed) (Total:0.52 GB) (Free:0.04 GB) NTFS
\\?\Volume{ebd2dd44-d72b-4925-8e5d-b2e7378b4783}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

  • 0

#4
DR M
Posted 29 April 2023 - 10:30 AM

DR M

    The Grecian Geek

  • Malware Removal
  • 4,113 posts

Hi, propolis

It seems that you are using KMSpico. This program is used to illegally activate Microsoft's products, such as Windows or Office.

 

Note that if the problem is with your Windows activation, then I can't assist you. we don't provide help if the operating system is not legally activated, with either OEM or Retail license. A not activated system consists a security risk, and it will give you many issues in the future. Regardless the legal factor, it is a waste of time to clean a not activated operating system, since soon or later it will have issues.
 
So... let's make some checks first.
 
1. Check the operating system

  • Press Windows icon on your Desktop, together with the letter R.
  • Type cmd, and press Ctrl + Shift + Enter to run Command Prompt as administrator.
  • Copy and paste the following command and press Enter:
slmgr /dli
  • After running the command, you will get a report. Please take a screenshot of what you got and attach it in your next reply. Here is an article where you can see how do you take a screenshot with the snipping tool, in case you need it.

 

2. CKScanner

  • Download CKScanner from here and save it to your desktop.
  • Doubleclick CKScanner.exe and click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify that the file is saved.
  • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

  • 0

#5
Propolis
Posted 29 April 2023 - 03:42 PM

Propolis

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Ok for starters before we get too far I just wanted you to be aware I've been having a hard time getting on your website and it's likely virus related.
Keep getting a white screen with something like website isn't avilable or some message like that.&nbsp; I kept cycling browsers until I finally got on.

As for the first comment about Microsoft activation, I guess I got what I paid for getting someone out of their house to build and setup the pc.
Told not to worry.&nbsp; Everything is included.&nbsp; Something new to deal with I guess.
&nbsp;
1st request.
&nbsp;
I took a snippit and pasted it here but when submitting it says file type not allowed.
So I copied into paint and attached it.
&nbsp;
&nbsp;
CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\users\breck\zomboid\lua\keys.ini
c:\windows\winsxs\amd64_openssh-common-components-onecore_31bf3856ad364e35_10.0.22000.1_none_12ea1a72b4886bec\ssh-keygen.exe
scanner sequence 3.GE.11.SDAPDZ
&nbsp;----- EOF -----&nbsp;
  • 0

#6
DR M
Posted 30 April 2023 - 02:12 AM

DR M

    The Grecian Geek

  • Malware Removal
  • 4,113 posts

Hi.

 

 

Ok for starters before we get too far I just wanted you to be aware I've been having a hard time getting on your website and it's likely virus related.

 

Not a malware related issue. It has to do with the Forum's settings and the browser's preferences. You can use Firefox instead and you won't get any errors.

 

There is no attachment in your post.

 

Also the log from the CKScanner is not complete.

 

 

I guess I got what I paid for getting someone out of their house to build and setup the pc.
Told not to worry

 

Seems that he installed you a pirated operating system. And this is really something to worry about.

 

I'll be waiting for what I asked you in my previous post, before I can tell anything else, though.


  • 0

#7
Propolis
Posted 30 April 2023 - 12:50 PM

Propolis

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Sorry I forgot to click on "Attach This File"

Attached Thumbnails

  • ss.jpg

  • 0

#8
Propolis
Posted 30 April 2023 - 01:10 PM

Propolis

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\users\breck\google drive\downloads\removewat.2.2.8 [www.expert2program.net].zip
c:\users\breck\google drive\downloads\adobe photoshop cs4 extended (proper fixed)  [blaze69]\adobe photoshop cs4 extended\adobe photoshop cs4 extended\crack\activation blocker.cmd
c:\users\breck\google drive\downloads\adobe photoshop cs4 extended (proper fixed)  [blaze69]\adobe photoshop cs4 extended\adobe photoshop cs4 extended\crack\amtlib.dll (x32)\amtlib.dll
c:\users\breck\google drive\downloads\adobe photoshop cs4 extended (proper fixed)  [blaze69]\adobe photoshop cs4 extended\adobe photoshop cs4 extended\crack\amtlib.dll (x64)\amtlib.dll
c:\users\breck\google drive\downloads\removewat.2.2.8 [www.expert2program.net]\read me.txt
c:\users\breck\google drive\downloads\removewat.2.2.8 [www.expert2program.net]\removewat.2.2.8 [www.expert2program.net]\read me.txt
c:\users\breck\google drive\downloads\windows 7 loader (2013)\keys.ini
c:\users\breck\zomboid\lua\keys.ini
c:\windows\winsxs\amd64_openssh-common-components-onecore_31bf3856ad364e35_10.0.22000.1_none_12ea1a72b4886bec\ssh-keygen.exe
scanner sequence 3.ED.11.OIBBL0
 ----- EOF -----


  • 0

#9
Propolis
Posted 30 April 2023 - 01:12 PM

Propolis

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

Thanks for the Firefox suggestion.  Seems much better now.


  • 0

#10
DR M
Posted 01 May 2023 - 12:52 AM

DR M

    The Grecian Geek

  • Malware Removal
  • 4,113 posts

Hi, propolis.

 

It appears that you have pirated programs installed in your computer (E.g. Photoshop). Have in mind that this kind of software consists the best and easier way to install malware in your computer.

 

What, however, is the most concerning thing here, is that your operating system is activated with KMS service. This maybe is due to several reasons: you bought the license from a questionable site or store, the computer belongs to a company, or you used KMS service to activate the operating system. From what you have said, the guy who built the computer for you used this way to activate Windows, probably without telling you the risks. This volume licenses in a personal system can cause several issues, soon or later, including malware infections, since no idea from where he got the copy he installed you.

 

What I recommend is to buy a Windows license directly from Microsoft. It's not cheap, but it's worth it spending that money than the stress and trouble that may come along with other routes.

 

Having said that, and since the Forum doesn't support any kind of piracy, unfortunately I can't help you, until you activate Windows with a legal license. Meaning, buy a Retail license.
 
Do you have any questions before I close the topic?

  • 0

#11
Propolis
Posted 01 May 2023 - 06:40 AM

Propolis

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts

The files on the Google Drive were from many years ago when using Windows 7 on another computer.  They copied over when installing Google Drive on this computer. The entire folder was deleted so not sure why it's stating the files are still there. 

So I guess the question is to buy a Windows license, how would I go about this and not loose any business documents and accounting programs on the pc?

Do I need to do a full new install, or can I get the license and then repair any further issues?


  • 0

#12
DR M
Posted 01 May 2023 - 08:06 AM

DR M

    The Grecian Geek

  • Malware Removal
  • 4,113 posts

So I guess the question is to buy a Windows license, how would I go about this and not loose any business documents and accounting programs on the pc?
Do I need to do a full new install, or can I get the license and then repair any further issues?

 
Normally, buying a Retail license and applying it would do the job. The thing is that I have no idea from where the system was downloaded so I would recommend a clean install of Windows, directly from Microsoft site.In this case, nothing will remain in the computer, so you must first backup your personal files, pictures, Music, Videos, Downloads. Unfortunately, you must install again all the apps and programs you need.

This link can guide you to perform a clean install: https://pureinfotech...ean_install_usb

 

 

The files on the Google Drive were from many years ago when using Windows 7 on another computer.  They copied over when installing Google Drive on this computer. The entire folder was deleted so not sure why it's stating the files are still there.

 

Perhaps syncing option is enabled.


  • 0

#13
DR M
Posted 11 May 2023 - 11:35 AM

DR M

    The Grecian Geek

  • Malware Removal
  • 4,113 posts

Since we can do nothing until the system is activated with a Retail license, I'm closing this topic.

 

If you need this topic reopened, please contact a staff member, or send me a personal message (hoover with the mouse on my profile name and choose Send message).

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP