Trying to remove Generic.Trojan.DiscordStealer.B.D6426E8C

**Malnutrition** · 01-01-2023, 03:48 PM

Hello @Phoenix VR and Welcome to PCHF

Download Autologger to your desktop.
[COLOR=rgb(184, 49, 47)]Disable your Anitivirus/Defender prior to running.
[ul]
[li]Unzip it there. – If you are unsure how to unzip a program, then use ---- http://www.7-zip.org/ ----[/li][li]Right click Autologger and [COLOR=rgb(184, 49, 47)]run as administrator. (Xp user double click)[/li][li]AVZ4 will open and scan your machine, allow this to complete.[/li][li]Upload [COLOR=rgb(184, 49, 47)]Collectionlog.zip to your next reply.[/li][/ul][/COLOR][/COLOR][/COLOR]

**Phoenix_VR** · 01-01-2023, 04:16 PM

Here we go this is what I got.

Also a lot of stuff popped up and was kinda scared there for a moment, thought it was a scam software.

**Malnutrition** · 01-01-2023, 04:19 PM

No scams here. It will take me about 20 minutes or so to check these logs. I will have a reply for you in few.

**Malnutrition** · 01-01-2023, 04:44 PM

Look in the Autologger folder and drag out the CheckBrowsersLNK file.
To your desktop.
AutoLogger\CheckBrowserLnk

Drag and drop onto the ClearLNK utility .
After saving ClearLNK to desktop.
[IMG alt=“move.gif”]https://dragokas.com/tools/move.gif

Run HijackThis! as admin! (located in the folder …Autologger\HijackThis)
Do a system scan, then check each item below, make sure and only check the items listed.
Then click Fix checked.
The computer will need to reboot, allow it to do so.

Code:

O22 - Task (.job): (Not scheduled) Driver Easy Scheduled Scan.job - C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (file missing)
O22 - Tasks: (damaged) Driver Easy Scheduled Scan - C:\Program Files\Easeware\DriverEasy\DriverEasy.exe --scan (file missing) (user missing)
O22 - Tasks: (damaged) Opera GX scheduled assistant Autoupdate 1648223427 - D:\Opra\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="D:\Opra\assistant" $(Arg0) (file missing) (user missing)
O22 - Tasks: (damaged) Opera GX scheduled Autoupdate 1646322567 - D:\Opra\launcher.exe --scheduledautoupdate $(Arg0) (file missing) (user missing)
O22 - Tasks: Driver Easy Scheduled Scan - C:\Program Files\Easeware\DriverEasy\DriverEasy.exe --scan (file missing)

Please download the FRST 32 bit or FRST 64bit version to suit your operating system. It is important FRST is downloaded to your desktop.
If you are unsure if your operating system is 32 or 64 Bit please go HERE.
Once downloaded right click the FRST desktop icon and select “Run as administrator” from the menu
If you receive any security warnings, or the User Account Control warning opens at any time whilst using FRST you can safely allow FRST to proceed.
FRST will open with two dialogue boxes, accept the disclaimer.

[ol]
[li]Accept the default whitelist options,[/li][li]If the additions.txt options box is not checked please select it.[/li][li]Then select Scan[/li][li]Frst will take a few minutes to scan your computer, and when finished will produce two log files on your desktop, FRST.txt, and Addition.txt. They will display immediately on the desktop, but can be reopened later as a notepad file.[/li][/ol]

Code:

    [IMG alt="2016-08-12_152002.jpg"]https://pchelpforum.net/attachments/2016-08-12_152002-jpg.797/

Please Attach the contents of these logs in your next post for review by our Security Team[/IMG]

**Phoenix_VR** · 01-01-2023, 05:48 PM

Here are both the files you requested. Also I did the first thing u said.

**Malnutrition** · 01-01-2023, 05:51 PM

These logs will take while to look over. Please run these two scans while you wait.

Adware Cleaner

[ul]
[li]Download AdwCleaner and save it to your Desktop[/li][li]Right-click on AdwCleaner.exeand select, Run as Administrator[/li][li]Accept the EULA (I accept), then click on Scan Now[/li][li]Let the scan complete[/li][li]Once the scan completes, make sure that every item listed in the different tabs is checked and click on the Clean & Repair button[/li][li]Subsequently you may be asked to Run Basic Repair. This is optional. I would suggest holding off on this for now.[/li][li]Once the cleaning process is complete, AdwCleaner will ask you to restart your computer[/li][li]Close all other open windows and allow it to restart[/li][li]After the restart, Notepad will open with the AdwCleaner cleaning log[/li][li]Please Attach the contents of that log into your next reply to me[/li][/ul]

Download Malwarebytes v.4 . Install and run.

[ul]
[li]Once the MBAM dashboard opens, click on Settings (gear icon).[/li][li]Click on Security tab and make sure that all four Scan options are enabled.[/li][li]Close Settings and click on the Scan button on the dashboard.[/li][li]Once the scan is completed make sure you have it quarantine any detections it finds.[/li][li]If no detections were found click on the Save results drop-down, then the Export to TXT button and save the file as a Text file to your desktop.[/li][li]If there were detections then once the quarantine has completed click on the View report button, then click the Export drop-down, then the Export to TXT button, and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply.[/li][li]If the computer restarted to quarantine you can access the logs from the Detection History, then the History tab. Highlight the most recent scan and double-click to open it. Then click the Export drop-down, then the Export to TXT button, and save the file as a Text file to your desktop or other location you can find and include that log on your next reply.[/li][/ul]

**Phoenix_VR** · 01-01-2023, 06:13 PM

Btw the Malwarebytes is gonna take awhile, Just saying that now, Because I already did a scan and it had 9 detections and I quarantine the 9 detections but then I removed the program from my computer so I don’t think I have the log to that, but the scan took about 4-5 hours I think to fully done the scan

edit: Oh nvm its done haha

There are two other files u requested.

**Malnutrition** · 01-01-2023, 06:27 PM

Download and run [COLOR=rgb(147, 101, 184)]Startup lite.

Copy the content of the code box below.
[COLOR=rgb(184, 49, 47)]Do not copy the word code!!!
Right Click FRST and run as Administrator.
Click Fix once (!) and wait. The program will create a log file (Fixlog.txt).
Attach it to your next message.

[ICODE] Start:: CloseProcesses: SystemRestore: On CreateRestorePoint: RemoveProxy: Task: {13934F45-3DB8-4A72-AE65-2FDC266FDB29} - \VWK -> No File <==== ATTENTION Task: {6277E1C0-7D24-4662-BB4F-67ABF0F95F4B} - \nslooksvc32 -> No File <==== ATTENTION Task: {A54EF4A9-2A51-49F3-8628-C9759C5A6EC9} - \nslooksvc64 -> No File <==== ATTENTION S2 EpicOnlineServices; "C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe" [X] S3 Rockstar Service; "C:\Program Files\Rockstar Games\Launcher\RockstarService.exe" [X] S3 xldr_soulworker_tw; "C:\Program Files\Common Files\UNCHEATER\xldr_soulworker_tw.exe" [X] S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.) C:\Windows\system32\DRIVERS\Hamdrv.sys S3 GPUZ-v2; \??\C:\Users\theph\AppData\Local\Temp\GPUZ-v2.sys [X] <==== ATTENTION S3 wtbt; \??\c:\steam\steamapps\common\super people playtest\engine\binaries\thirdparty\wondertrust\wt drv64.sys [X] C:\Users\theph\AppData\Local\Temp\GPUZ-v2.sys C:\Program Files (x86)\Popcorn Time CustomCLSID: HKU\S-1-5-21-1958790192-829533772-2814255167-1001_Classes\CLSID\{3fac1856-999e-7736-2d2f-0e5b1c670cbf}\localserver32 -> "D:\ProtonVPN.exe" -ToastActivated => No File CustomCLSID: HKU\S-1-5-21-1958790192-829533772-2814255167-1001_Classes\CLSID\{dabdd0bb-59b7-7986-5d6b-fdb9aab34c57}\localserver32 -> "D:\Protonvpn\ProtonVPN.exe" -ToastActivated => No File FirewallRules: [{9E962105-173E-4798-8021-9996AE8AE8A9}] => (Allow) D:\Steam\steamapps\common\Soulworker_TWN\SoulWorke r.exe => No File FirewallRules: [{5E86026C-42CD-44A3-94FC-55C86D519784}] => (Allow) D:\Steam\steamapps\common\Soulworker_TWN\SoulWorke r.exe => No File FirewallRules: [{D549F740-CC85-44E4-874F-D52AB04CEBDB}] => (Allow) C:\Program Files (x86)\Popcorn Time\nodejs\node.exe => No File FirewallRules: [{80B2AC07-EF43-4E73-A0D2-B992EEF4B223}] => (Allow) C:\Program Files (x86)\Popcorn Time\nodejs\node.exe => No File FirewallRules: [TCP Query User{31F61EAA-BED5-414F-A3A2-16BBDC8DCC46}D:\popcorn time\nodejs\node.exe] => (Allow) D:\popcorn time\nodejs\node.exe => No File FirewallRules: [UDP Query User{4A3110F3-C13A-4D45-95AE-B383444358AA}D:\popcorn time\nodejs\node.exe] => (Allow) D:\popcorn time\nodejs\node.exe => No File FirewallRules: [{346033CE-6D58-4E3B-9C31-4E4F70426A6E}] => (Block) D:\popcorn time\nodejs\node.exe => No File FirewallRules: [{8BCD0C31-EAB9-4590-8B8D-670E09EB9F67}] => (Block) D:\popcorn time\nodejs\node.exe => No File FirewallRules: [TCP Query User{9CDE6547-87FB-473B-90D2-3742B392DA11}C:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\steam\steamapps\common\grand theft auto v\gta5.exe => No File FirewallRules: [UDP Query User{D1B40DB6-38D5-44E9-8986-7462405447E5}C:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\steam\steamapps\common\grand theft auto v\gta5.exe => No File FirewallRules: [{D521D39B-BAB6-4B6A-B046-7CBBEEB7B5C2}] => (Block) C:\steam\steamapps\common\grand theft auto v\gta5.exe => No File FirewallRules: [{F0EF785D-F2F7-440F-A41B-CAC7360ABBC9}] => (Block) C:\steam\steamapps\common\grand theft auto v\gta5.exe => No File FirewallRules: [TCP Query User{02DB161E-E80E-4FC2-A86F-6A4F02470449}D:\fivem\fivem.app\data\cache\subproc ess\fivem_b2372_gtaprocess.exe] => (Allow) D:\fivem\fivem.app\data\cache\subprocess\fivem_b23 72_gtaprocess.exe => No File FirewallRules: [UDP Query User{9259E4F2-AA15-4DA8-B530-0BAC7391F87E}D:\fivem\fivem.app\data\cache\subproc ess\fivem_b2372_gtaprocess.exe] => (Allow) D:\fivem\fivem.app\data\cache\subprocess\fivem_b23 72_gtaprocess.exe => No File FirewallRules: [{A0AD8040-B999-4A11-9C12-4B89C319D2E7}] => (Block) D:\fivem\fivem.app\data\cache\subprocess\fivem_b23 72_gtaprocess.exe => No File FirewallRules: [{F9F390AA-3A56-4ED3-8031-327B7FFBD23E}] => (Block) D:\fivem\fivem.app\data\cache\subprocess\fivem_b23 72_gtaprocess.exe => No File FirewallRules: [TCP Query User{90B28D3C-E384-4120-9D6E-412036014182}C:\fivem\fivem.app\data\cache\subproc ess\fivem_b2372_gtaprocess.exe] => (Allow) C:\fivem\fivem.app\data\cache\subprocess\fivem_b23 72_gtaprocess.exe => No File FirewallRules: [UDP Query User{8C4E2F26-2BF6-4A8C-AE24-6DCC36AE9A25}C:\fivem\fivem.app\data\cache\subproc ess\fivem_b2372_gtaprocess.exe] => (Allow) C:\fivem\fivem.app\data\cache\subprocess\fivem_b23 72_gtaprocess.exe => No File FirewallRules: [{D02425EF-7561-4AFE-8E12-192BAA3F4C4A}] => (Block) C:\fivem\fivem.app\data\cache\subprocess\fivem_b23 72_gtaprocess.exe => No File FirewallRules: [{460453E2-50DB-403A-9F3C-A1C6E2A4C221}] => (Block) C:\fivem\fivem.app\data\cache\subprocess\fivem_b23 72_gtaprocess.exe => No File FirewallRules: [TCP Query User{4B7DE54A-2F7C-470B-B9C8-0470349A2B05}C:\users\theph\appdata\roaming\spotif y\spotify.exe] => (Allow) C:\users\theph\appdata\roaming\spotify\spotify.exe => No File FirewallRules: [UDP Query User{F2A63893-5734-4C05-B276-4FBCE32A7DBB}C:\users\theph\appdata\roaming\spotif y\spotify.exe] => (Allow) C:\users\theph\appdata\roaming\spotify\spotify.exe => No File FirewallRules: [{F737C0C2-7A50-4BF0-B7FB-B40657FE174E}] => (Block) C:\users\theph\appdata\roaming\spotify\spotify.exe => No File FirewallRules: [{36F135F8-E77A-48EE-B79D-30788C5AE28A}] => (Block) C:\users\theph\appdata\roaming\spotify\spotify.exe => No File FirewallRules: [TCP Query User{808F6FD5-9DAB-4462-B3A9-F89E191A3491}C:\steam\steamapps\common\battlefield 2042 open beta\bf.exe] => (Allow) C:\steam\steamapps\common\battlefield 2042 open beta\bf.exe => No File FirewallRules: [UDP Query User{A34DB600-8CEF-4CB7-B92E-57C490817C34}C:\steam\steamapps\common\battlefield 2042 open beta\bf.exe] => (Allow) C:\steam\steamapps\common\battlefield 2042 open beta\bf.exe => No File FirewallRules: [TCP Query User{B6E996CE-3281-4B2F-B997-69134D7BED70}D:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) D:\program files (x86)\origin games\battlefield 4\bf4.exe => No File FirewallRules: [UDP Query User{DF127BC0-BBDA-456B-9622-DF238105984B}D:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) D:\program files (x86)\origin games\battlefield 4\bf4.exe => No File FirewallRules: [{34ECD32E-165E-4A78-8B54-D448581A34DE}] => (Block) D:\program files (x86)\origin games\battlefield 4\bf4.exe => No File FirewallRules: [{0FB8F455-3B5E-4DBC-8893-3E79065EDC50}] => (Block) D:\program files (x86)\origin games\battlefield 4\bf4.exe => No File FirewallRules: [TCP Query User{56C80650-00DC-4C97-A0AE-97C57CAF94A8}D:\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty modern warfare\modernwarfare.exe => No File FirewallRules: [UDP Query User{74DA758B-8E6F-49D6-84F5-C5BA499CB515}D:\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty modern warfare\modernwarfare.exe => No File FirewallRules: [{A4781D02-ABF6-4A3B-9683-34CB3F450635}] => (Block) D:\call of duty modern warfare\modernwarfare.exe => No File FirewallRules: [{5CB4F176-048E-4FBA-BCD3-4AC1BDFE42F8}] => (Block) D:\call of duty modern warfare\modernwarfare.exe => No File FirewallRules: [TCP Query User{3C783258-89C5-4EFA-B941-D1B2BD4E676C}D:0\gobi\binaries\wingdk\back4blood.e xe] => (Allow) D:0\gobi\binaries\wingdk\back4blood.exe => No File FirewallRules: [UDP Query User{074E4B25-4086-465E-8B4B-0EC4FB317C13}D:0\gobi\binaries\wingdk\back4blood.e xe] => (Allow) D:0\gobi\binaries\wingdk\back4blood.exe => No File FirewallRules: [TCP Query User{B8B0BDC6-2082-4AD1-9BF8-DDA430477DDF}C:3\gobi\binaries\wingdk\back4blood.e xe] => (Allow) C:3\gobi\binaries\wingdk\back4blood.exe => No File FirewallRules: [UDP Query User{461E1F64-A9D9-463A-BFC6-B6CF42F546BA}C:3\gobi\binaries\wingdk\back4blood.e xe] => (Allow) C:3\gobi\binaries\wingdk\back4blood.exe => No File FirewallRules: [TCP Query User{9FDA8FE1-7AA7-42AE-ACA6-2EECD318B1FA}D:2\gobi\binaries\wingdk\back4blood.e xe] => (Allow) D:2\gobi\binaries\wingdk\back4blood.exe => No File FirewallRules: [UDP Query User{C8E70270-9907-4D12-A191-AAFEE6E5075A}D:2\gobi\binaries\wingdk\back4blood.e xe] => (Allow) D:2\gobi\binaries\wingdk\back4blood.exe => No File FirewallRules: [TCP Query User{E6549E5B-E404-4EAB-9E83-2723F3E9AFDD}D:5\gobi\binaries\wingdk\back4blood.e xe] => (Allow) D:5\gobi\binaries\wingdk\back4blood.exe => No File FirewallRules: [UDP Query User{1DC2E4AD-7A8E-438B-9CBA-BB54D28FF183}D:5\gobi\binaries\wingdk\back4blood.e xe] => (Allow) D:5\gobi\binaries\wingdk\back4blood.exe => No File FirewallRules: [TCP Query User{CADA40AF-4DD3-4D24-92D3-29619AA1580E}D:20\gobi\binaries\wingdk\back4blood. exe] => (Allow) D:20\gobi\binaries\wingdk\back4blood.exe => No File FirewallRules: [UDP Query User{43BECECE-0A85-441A-B300-1FB1978789B2}D:20\gobi\binaries\wingdk\back4blood. exe] => (Allow) D:20\gobi\binaries\wingdk\back4blood.exe => No File FirewallRules: [TCP Query User{D4735180-BD63-4530-ACBC-CFF83E036CBF}D:35\gobi\binaries\wingdk\back4blood. exe] => (Allow) D:35\gobi\binaries\wingdk\back4blood.exe => No File FirewallRules: [UDP Query User{62448177-D111-4461-909D-AA2860A65E06}D:35\gobi\binaries\wingdk\back4blood. exe] => (Allow) D:35\gobi\binaries\wingdk\back4blood.exe => No File FirewallRules: [TCP Query User{7C2EF5AF-76A3-44ED-8B13-8EAF7089EB73}D:49\gobi\binaries\wingdk\back4blood. exe] => (Allow) D:49\gobi\binaries\wingdk\back4blood.exe => No File FirewallRules: [UDP Query User{CB74A912-EAA6-4468-A58C-5E0069C48D8E}D:49\gobi\binaries\wingdk\back4blood. exe] => (Allow) D:49\gobi\binaries\wingdk\back4blood.exe => No File FirewallRules: [TCP Query User{B37C89AC-F38E-4B67-8E14-3769BA16CA2A}D:66\gobi\binaries\wingdk\back4blood. exe] => (Allow) D:66\gobi\binaries\wingdk\back4blood.exe => No File FirewallRules: [UDP Query User{02FA3377-B37E-48BC-B08A-ACD793E20EDD}D:66\gobi\binaries\wingdk\back4blood. exe] => (Allow) D:66\gobi\binaries\wingdk\back4blood.exe => No File FirewallRules: [TCP Query User{D4783F96-85E8-45A9-970E-91A124AB3F15}D:\minecraft\mods\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\minecraft\mods\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => No File FirewallRules: [UDP Query User{752FA8FC-A499-4BA5-AD5A-E721AB34B637}D:\minecraft\mods\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\minecraft\mods\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => No File FirewallRules: [{D1B01636-C0EB-4459-9B5D-DC7D2AB2B5E6}] => (Block) D:\minecraft\mods\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => No File FirewallRules: [{F2CF93C9-6856-4D93-A984-E72407A782E6}] => (Block) D:\minecraft\mods\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => No File FirewallRules: [TCP Query User{F2193B53-9BD5-4655-BD1F-C58A52BF3F79}D:\steam\steamapps\common\muse dash\musedash.exe] => (Allow) D:\steam\steamapps\common\muse dash\musedash.exe => No File FirewallRules: [UDP Query User{31921002-2F48-4932-B100-D357D170D559}D:\steam\steamapps\common\muse dash\musedash.exe] => (Allow) D:\steam\steamapps\common\muse dash\musedash.exe => No File FirewallRules: [{8AC908C8-1850-4450-A248-36FB7F11C26B}] => (Block) D:\steam\steamapps\common\muse dash\musedash.exe => No File FirewallRules: [{4DB53A56-2B4A-4F9B-ABA2-75A115781FF8}] => (Block) D:\steam\steamapps\common\muse dash\musedash.exe => No File FirewallRules: [TCP Query User{A5042826-9BBB-43BA-A5CF-8208869F3AFA}D:46\gobi\binaries\wingdk\back4blood. exe] => (Allow) D:46\gobi\binaries\wingdk\back4blood.exe => No File FirewallRules: [UDP Query User{4BA2C693-CE9C-4249-AC62-12736E215978}D:46\gobi\binaries\wingdk\back4blood. exe] => (Allow) D:46\gobi\binaries\wingdk\back4blood.exe => No File FirewallRules: [TCP Query User{B621E0C5-DD9F-435B-A0C0-1CF37DBF48D8}D:59\gobi\binaries\wingdk\back4blood. exe] => (Allow) D:59\gobi\binaries\wingdk\back4blood.exe => No File FirewallRules: [UDP Query User{BDB99A1C-3FF3-4E44-A8B8-F7DA39155396}D:59\gobi\binaries\wingdk\back4blood. exe] => (Allow) D:59\gobi\binaries\wingdk\back4blood.exe => No File FirewallRules: [TCP Query User{00B000FD-D14F-4C5B-8841-4F12B7094923}D:71\gobi\binaries\wingdk\back4blood. exe] => (Allow) D:71\gobi\binaries\wingdk\back4blood.exe => No File FirewallRules: [UDP Query User{E538CDEA-23C7-49AE-A45C-2587CEDB165C}D:71\gobi\binaries\wingdk\back4blood. exe] => (Allow) D:71\gobi\binaries\wingdk\back4blood.exe => No File FirewallRules: [TCP Query User{15096862-B0FA-4E43-830D-2D45A52C8BAC}D:\steam\steamapps\common\pavlovvr\pa vlov\binaries\win64\pavlov-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\pavlovvr\pavlov\binaries \win64\pavlov-win64-shipping.exe => No File FirewallRules: [UDP Query User{9412D668-136D-46B6-8C47-C86C0A9A201A}D:\steam\steamapps\common\pavlovvr\pa vlov\binaries\win64\pavlov-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\pavlovvr\pavlov\binaries \win64\pavlov-win64-shipping.exe => No File FirewallRules: [{D22E6B90-2315-4F93-B4CB-EDCEF71B68A1}] => (Allow) D:\Steam\steamapps\common\BABYLON'S FALL Beta Version\data\exe\Launcher.exe => No File FirewallRules: [{E2191CD7-C649-4009-ABC5-6B15C4CBAB76}] => (Allow) D:\Steam\steamapps\common\BABYLON'S FALL Beta Version\data\exe\Launcher.exe => No File FirewallRules: [TCP Query User{4044F367-FFD7-495A-AF9E-FEE39938481C}D:4\forzahorizon5.exe] => (Allow) D:4\forzahorizon5.exe => No File FirewallRules: [UDP Query User{1EBA9AB0-3D9C-42CC-8FE4-0F11C7723A87}D:4\forzahorizon5.exe] => (Allow) D:4\forzahorizon5.exe => No File FirewallRules: [{F1E055FC-7775-47A1-9CBD-8CC3BCF15261}] => (Block) D:4\forzahorizon5.exe => No File FirewallRules: [{7764C6A5-E9CC-4717-BA58-2278C7DDED07}] => (Block) D:4\forzahorizon5.exe => No File FirewallRules: [TCP Query User{B253CF45-7BAA-4821-9812-CCE87338EF15}D:9\forzahorizon5.exe] => (Allow) D:9\forzahorizon5.exe => No File FirewallRules: [UDP Query User{8540047F-9CDB-4453-8629-674FD8AC44AB}D:9\forzahorizon5.exe] => (Allow) D:9\forzahorizon5.exe => No File FirewallRules: [{C7A71BC5-18BA-47D7-9DD9-357C4E1CCEDE}] => (Block) D:9\forzahorizon5.exe => No File FirewallRules: [{84D3537D-6884-401C-9ADE-B921BB4322FB}] => (Block) D:9\forzahorizon5.exe => No File FirewallRules: [TCP Query User{1E5B22B5-C135-4B4D-A42D-384BDB6AC25F}D:\steam\steamapps\common\pavlovvr\pa vlov\binaries\win64\pavlov-win64-shipping.exe] => (Block) D:\steam\steamapps\common\pavlovvr\pavlov\binaries \win64\pavlov-win64-shipping.exe => No File FirewallRules: [UDP Query User{F1C0957E-AD38-4885-963A-37A95B12F116}D:\steam\steamapps\common\pavlovvr\pa vlov\binaries\win64\pavlov-win64-shipping.exe] => (Block) D:\steam\steamapps\common\pavlovvr\pavlov\binaries \win64\pavlov-win64-shipping.exe => No File FirewallRules: [{26016386-E0AD-4DD5-B3AE-75A5A85FD83D}] => (Allow) C:\Program Files\Unity\Hub\Editor\2018.4.20f1\Editor\Unity.ex e => No File FirewallRules: [{BAC54E1F-5110-4C53-970D-D22767AFE294}] => (Block) C:\Program Files\Unity\Hub\Editor\2018.4.20f1\Editor\Unity.ex e => No File FirewallRules: [{8C12B675-54C4-49A0-BAA4-8E5AD92EB28D}] => (Allow) C:\Steam\steamapps\common\VRChat\VRChat.exe => No File FirewallRules: [{E8F51EA5-6AD7-48A6-B7E4-D33DB280D7EA}] => (Allow) C:\Steam\steamapps\common\VRChat\VRChat.exe => No File FirewallRules: [TCP Query User{A788D721-8978-4E30-9209-E5A376EA5AA9}C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe => No File FirewallRules: [UDP Query User{5467D34C-9895-4E14-8E7C-3E7EE2986960}C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe => No File FirewallRules: [{E548FBCA-7861-4FB8-B7B8-91CB180776A4}] => (Block) C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe => No File FirewallRules: [{DE063525-BF33-4B09-8946-3924D991FAA6}] => (Block) C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe => No File FirewallRules: [TCP Query User{E526FD43-8645-480E-B718-CD5098CDFD69}C:\users\theph\appdata\local\vortxeng ine\app-2.2.17\signal-x64\signalrgb.exe] => (Allow) C:\users\theph\appdata\local\vortxengine\app-2.2.17\signal-x64\signalrgb.exe => No File FirewallRules: [UDP Query User{A0AFBC87-D187-4DC3-BF66-2495FA2837D9}C:\users\theph\appdata\local\vortxeng ine\app-2.2.17\signal-x64\signalrgb.exe] => (Allow) C:\users\theph\appdata\local\vortxengine\app-2.2.17\signal-x64\signalrgb.exe => No File FirewallRules: [{C4342C3B-6C62-43FC-84A2-7D0281B175AC}] => (Block) C:\users\theph\appdata\local\vortxengine\app-2.2.17\signal-x64\signalrgb.exe => No File FirewallRules: [{83C7F112-2863-4AFC-84DB-D654FE2A8B15}] => (Block) C:\users\theph\appdata\local\vortxengine\app-2.2.17\signal-x64\signalrgb.exe => No File FirewallRules: [TCP Query User{56277E1C-B2CD-4AD4-80B9-B87861FD753E}D:4\snowrunner.exe] => (Allow) D:4\snowrunner.exe => No File FirewallRules: [UDP Query User{ECE85915-11EB-4C82-9B62-9B9C394FC526}D:4\snowrunner.exe] => (Allow) D:4\snowrunner.exe => No File FirewallRules: [{138DEFD0-2870-4EA0-AB2F-312BC956E3B8}] => (Block) D:4\snowrunner.exe => No File FirewallRules: [{FE551B0B-FF2F-4C8B-85B9-1141DC37EBFE}] => (Block) D:4\snowrunner.exe => No File FirewallRules: [TCP Query User{9B56CC25-26C9-4DCE-AA06-032D9AA0491E}D:\steam\steamapps\common\for honor\forhonor.exe] => (Allow) D:\steam\steamapps\common\for honor\forhonor.exe => No File FirewallRules: [UDP Query User{40485669-1F56-4113-A970-ABE2861675FA}D:\steam\steamapps\common\for honor\forhonor.exe] => (Allow) D:\steam\steamapps\common\for honor\forhonor.exe => No File FirewallRules: [TCP Query User{0D1DB846-137A-4E20-90B2-D3D6A121FD34}D:\borderlands3\oakgame\binaries\win6 4\borderlands3.exe] => (Allow) D:\borderlands3\oakgame\binaries\win64\borderlands 3.exe => No File FirewallRules: [UDP Query User{09C37497-8826-4317-AC8C-64DA7CC152F8}D:\borderlands3\oakgame\binaries\win6 4\borderlands3.exe] => (Allow) D:\borderlands3\oakgame\binaries\win64\borderlands 3.exe => No File FirewallRules: [{A55F2FF9-F783-449C-9DFD-D0AC801640B1}] => (Block) D:\borderlands3\oakgame\binaries\win64\borderlands 3.exe => No File FirewallRules: [{F7745EA0-3CFB-4753-93E3-3F353A5D746E}] => (Block) D:\borderlands3\oakgame\binaries\win64\borderlands 3.exe => No File FirewallRules: [TCP Query User{A69F37A0-6628-407C-8337-792D94B3ACE9}C:\steam\steamapps\common\battlefield 2042\bf2042.exe] => (Allow) C:\steam\steamapps\common\battlefield 2042\bf2042.exe => No File FirewallRules: [UDP Query User{656321A2-0C4D-48C7-A755-0E76E45FE6CE}C:\steam\steamapps\common\battlefield 2042\bf2042.exe] => (Allow) C:\steam\steamapps\common\battlefield 2042\bf2042.exe => No File FirewallRules: [TCP Query User{E4F943A5-827D-43FF-B7ED-62399DF9C504}D:\ready or not\ready.or.not\ready or not\readyornot.exe] => (Allow) D:\ready or not\ready.or.not\ready or not\readyornot.exe => No File FirewallRules: [UDP Query User{0C1FFF4E-1C07-4835-BD0B-DBD7EA10C903}D:\ready or not\ready.or.not\ready or not\readyornot.exe] => (Allow) D:\ready or not\ready.or.not\ready or not\readyornot.exe => No File FirewallRules: [{B6672493-0874-440F-A5EA-3EE6EB49F99A}] => (Block) D:\ready or not\ready.or.not\ready or not\readyornot.exe => No File FirewallRules: [{EAB754E9-95EB-425A-928D-DB36F53F1740}] => (Block) D:\ready or not\ready.or.not\ready or not\readyornot.exe => No File FirewallRules: [TCP Query User{944181CC-DFF7-4E6A-B34B-D38764598E5A}D:\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => No File FirewallRules: [UDP Query User{897A1215-31A4-420D-A86B-43A2630770C6}D:\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => No File FirewallRules: [{9E9A81C4-612A-4AE2-89BC-F0EA5ED59F8D}] => (Block) D:\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => No File FirewallRules: [{0D6305BE-99EC-40F2-B5D1-2CD256C3271A}] => (Block) D:\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => No File FirewallRules: [{B2AB5321-01BD-44DC-8946-12F5C9E06A41}] => (Allow) D:\Hamachi\hamachi-2-ui.exe => No File FirewallRules: [{BAA99C50-7DC1-4BFB-8033-611D7F30825F}] => (Allow) D:\Hamachi\hamachi-2-ui.exe => No File FirewallRules: [TCP Query User{6E701346-A11A-43DC-9DB7-4DD9A12BE5C1}D:\minecraft\mods\install\runtime\jav a-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) D:\minecraft\mods\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File FirewallRules: [UDP Query User{2CA6CEC4-E067-4BF5-A8E5-D28A0D652A03}D:\minecraft\mods\install\runtime\jav a-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) D:\minecraft\mods\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File FirewallRules: [{E63B9772-29F1-4EE9-AD43-0AFA781996AE}] => (Block) D:\minecraft\mods\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File FirewallRules: [{49359754-FD9B-4233-BCD0-D87F4F57FC4F}] => (Block) D:\minecraft\mods\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File FirewallRules: [TCP Query User{A23E9FA9-56FF-479C-A462-F7264A0D26D9}D:\minecraft\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) D:\minecraft\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File FirewallRules: [UDP Query User{EAAA8D7E-4140-4E19-B1D4-69D5E73F52A5}D:\minecraft\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) D:\minecraft\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File FirewallRules: [{9429E619-CA32-49AB-B524-B5ABEB5441F1}] => (Block) D:\minecraft\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File FirewallRules: [{B57DC7DF-E73E-422C-8049-52E6027B5459}] => (Block) D:\minecraft\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File FirewallRules: [TCP Query User{04962093-475E-434E-9B46-016BF1FF3A6D}D:\opra gx\opera.exe] => (Allow) D:\opra gx\opera.exe => No File FirewallRules: [UDP Query User{345DD442-8271-4A30-9216-0CCD2F745BF3}D:\opra gx\opera.exe] => (Allow) D:\opra gx\opera.exe => No File FirewallRules: [{E4E08FC4-1BEC-480C-93E4-56D8878BC131}] => (Block) D:\opra gx\opera.exe => No File FirewallRules: [{BF52CD95-B00B-4D4F-BA84-0A5FE7883786}] => (Block) D:\opra gx\opera.exe => No File FirewallRules: [{598084F8-D1C1-40C7-8935-F62C3E0A4076}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe => No File FirewallRules: [{EF7C1776-0E4B-46F0-8223-DD2B4C465963}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe => No File FirewallRules: [{04220494-473A-41EF-9ECB-1785B71AD0A3}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe => No File FirewallRules: [{C92EEF20-1B43-4D0A-87E6-A5A87853C1F6}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe => No File FirewallRules: [TCP Query User{F25BD3E9-DD6F-4E9B-B085-72B3C20B7357}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe => No File FirewallRules: [UDP Query User{F876BF00-02B4-427D-951A-92CE78761104}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe => No File FirewallRules: [{784872F7-DBF2-4A21-BE9C-FDD199F1F621}] => (Block) C:\program files (x86)\origin games\battlefield 4\bf4.exe => No File FirewallRules: [{EDDD8D19-F9FF-4EF6-A529-9136AFFDAFA7}] => (Block) C:\program files (x86)\origin games\battlefield 4\bf4.exe => No File FirewallRules: [TCP Query User{C8F3F941-C6FF-4B20-B325-3DA64284D0F7}D:\command and conquer - generals\command and conquer generals zero hour\generals.exe] => (Allow) D:\command and conquer - generals\command and conquer generals zero hour\generals.exe => No File FirewallRules: [UDP Query User{6936D319-879F-45C7-9871-0C7CA2AF8CF7}D:\command and conquer - generals\command and conquer generals zero hour\generals.exe] => (Allow) D:\command and conquer - generals\command and conquer generals zero hour\generals.exe => No File FirewallRules: [{3BC12811-1DE7-41B5-B954-E4C8BA96AA87}] => (Block) D:\command and conquer - generals\command and conquer generals zero hour\generals.exe => No File FirewallRules: [{966A1B90-C698-4891-8F38-6F0DFDBCC414}] => (Block) D:\command and conquer - generals\command and conquer generals zero hour\generals.exe => No File FirewallRules: [{234EBF06-48F7-44C8-9752-FD7E00272970}] => (Allow) C:\Steam\steamapps\common\Zenith MMO\UnityClient@Windows.exe => No File FirewallRules: [{58B35F06-C48E-49E3-B421-AAA80BA8B06F}] => (Allow) C:\Steam\steamapps\common\Zenith MMO\UnityClient@Windows.exe => No File FirewallRules: [TCP Query User{92492B3B-A4A2-4A33-BB64-A48351CC4AB8}D:\steam\steamapps\common\dark deception\ddeception\binaries\win64\ddeception-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\dark deception\ddeception\binaries\win64\ddeception-win64-shipping.exe => No File FirewallRules: [UDP Query User{1FE7CDAB-D836-4EC5-B6CD-7F6015AC62ED}D:\steam\steamapps\common\dark deception\ddeception\binaries\win64\ddeception-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\dark deception\ddeception\binaries\win64\ddeception-win64-shipping.exe => No File FirewallRules: [{838A86A7-2128-4DD7-9B2D-FE02D92CEFDA}] => (Block) D:\steam\steamapps\common\dark deception\ddeception\binaries\win64\ddeception-win64-shipping.exe => No File FirewallRules: [{B5B6CC0B-7A94-4AD3-8C3B-7800F359837C}] => (Block) D:\steam\steamapps\common\dark deception\ddeception\binaries\win64\ddeception-win64-shipping.exe => No File FirewallRules: [{AB76E5DF-C38E-49CC-B6D7-2EAE42393855}] => (Block) D:\Games\Dark Deception Chapter 4\DDeception.exe => No File FirewallRules: [{EDC18894-48E1-4F4D-A7EF-D338142488D5}] => (Block) D:\Games\Dark Deception Chapter 4\DDeception.exe => No File FirewallRules: [TCP Query User{45390749-7A5A-49C9-9593-93AEF66D73C8}D:\games\dark deception chapter 4\ddeception\binaries\win64\ddeception-win64-shipping.exe] => (Allow) D:\games\dark deception chapter 4\ddeception\binaries\win64\ddeception-win64-shipping.exe => No File FirewallRules: [UDP Query User{ACD90679-14DD-4C15-A70F-18DC8F775390}D:\games\dark deception chapter 4\ddeception\binaries\win64\ddeception-win64-shipping.exe] => (Allow) D:\games\dark deception chapter 4\ddeception\binaries\win64\ddeception-win64-shipping.exe => No File FirewallRules: [{D9CA9CFA-C0B5-4E69-B542-4B7076F9A0BB}] => (Block) D:\games\dark deception chapter 4\ddeception\binaries\win64\ddeception-win64-shipping.exe => No File FirewallRules: [{F695E72F-F0B4-48A5-B7D7-05C96C1C8AAB}] => (Block) D:\games\dark deception chapter 4\ddeception\binaries\win64\ddeception-win64-shipping.exe => No File FirewallRules: [TCP Query User{B6534E58-E0FF-4A59-9496-BE06E84DE2E8}C:\users\theph\appdata\local\gamecent er\gamecenter.exe] => (Allow) C:\users\theph\appdata\local\gamecenter\gamecenter .exe => No File FirewallRules: [UDP Query User{0F4CBBBB-A83B-449C-B6D8-F9DC7D512A35}C:\users\theph\appdata\local\gamecent er\gamecenter.exe] => (Allow) C:\users\theph\appdata\local\gamecenter\gamecenter .exe => No File FirewallRules: [{DB9B6A80-308D-4F6F-93A2-16510CF2DEF7}] => (Block) C:\users\theph\appdata\local\gamecenter\gamecenter .exe => No File FirewallRules: [{6F23178F-D659-4157-8703-0F0DCD20F5B8}] => (Block) C:\users\theph\appdata\local\gamecenter\gamecenter .exe => No File FirewallRules: [TCP Query User{CD87412C-013B-4198-89CC-F5C7D5B2876D}D:\games\doom app\doomseeker\doomseeker.exe] => (Allow) D:\games\doom app\doomseeker\doomseeker.exe => No File FirewallRules: [UDP Query User{B111F2D9-4A15-4430-B399-9C87074B450D}D:\games\doom app\doomseeker\doomseeker.exe] => (Allow) D:\games\doom app\doomseeker\doomseeker.exe => No File FirewallRules: [{98BE4A13-7871-4698-A5D2-DDA8310565F1}] => (Block) D:\games\doom app\doomseeker\doomseeker.exe => No File FirewallRules: [{2A899D63-A762-4301-9DE5-A26CDF9FB9C7}] => (Block) D:\games\doom app\doomseeker\doomseeker.exe => No File FirewallRules: [TCP Query User{934C2015-D09B-4772-B612-7A334715B4D0}D:\games\doom app\zandronum.exe] => (Allow) D:\games\doom app\zandronum.exe => No File FirewallRules: [UDP Query User{FFF47B44-816E-43AE-AAF5-19CD00FA34B5}D:\games\doom app\zandronum.exe] => (Allow) D:\games\doom app\zandronum.exe => No File FirewallRules: [{738AB59F-41D5-461A-9998-68945C663DA2}] => (Block) D:\games\doom app\zandronum.exe => No File FirewallRules: [{2CA11FD3-ABE3-4460-BE69-4C53382A8DFC}] => (Block) D:\games\doom app\zandronum.exe => No File FirewallRules: [TCP Query User{D1F96C49-9CEA-4BFD-B4A2-C37491FC550D}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe => No File FirewallRules: [UDP Query User{133281D8-3345-4E25-9809-5431F1978F8C}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe => No File FirewallRules: [TCP Query User{D5C68983-3756-43D3-A55E-329E80817E66}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe => No File FirewallRules: [UDP Query User{966FB9D7-41AD-456D-98C7-4F1343228CB2}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe => No File FirewallRules: [TCP Query User{062B7332-176A-49C8-9849-FB1755E19BC8}D:\enlisted\launcher.exe] => (Allow) D:\enlisted\launcher.exe => No File FirewallRules: [UDP Query User{63DD2EAE-250A-4B41-8B38-817806EBC74B}D:\enlisted\launcher.exe] => (Allow) D:\enlisted\launcher.exe => No File FirewallRules: [{DC31A0F8-BB91-4B94-B9C5-A5A8E99547AB}] => (Block) D:\enlisted\launcher.exe => No File FirewallRules: [{E84A7528-E0D2-4D2B-887C-65F2400AE337}] => (Block) D:\enlisted\launcher.exe => No File FirewallRules: [TCP Query User{11FA98A2-5142-4094-8E4C-E0FCD91203D6}C:\users\theph\appdata\local\discord\ app-1.0.9004\discord.exe] => (Block) C:\users\theph\appdata\local\discord\app-1.0.9004\discord.exe => No File FirewallRules: [UDP Query User{2825E6FB-6859-4570-89B4-9F783CF23A40}C:\users\theph\appdata\local\discord\ app-1.0.9004\discord.exe] => (Block) C:\users\theph\appdata\local\discord\app-1.0.9004\discord.exe => No File FirewallRules: [{2F852DA0-7BCC-4207-BA2C-2E83A3F89D0E}] => (Allow) C:\Users\theph\Desktop\Unlocker\UTDBkAGpWCn2Wy8T.e xe => No File FirewallRules: [{8E59FF32-21F8-4FB7-9487-92C929A2723E}] => (Allow) C:\Users\theph\Desktop\Unlocker\UTDBkAGpWCn2Wy8T.e xe => No File FirewallRules: [{2AE645DC-0D45-40B7-BF8E-F202DA4C6F51}] => (Allow) C:\Users\theph\Desktop\Unlocker\UTDBkAGpWCn2Wy8T.e xe => No File FirewallRules: [{FE3461EE-0F54-45A4-B946-21C87F011DF4}] => (Allow) C:\Users\theph\Desktop\Unlocker\UTDBkAGpWCn2Wy8T.e xe => No File FirewallRules: [TCP Query User{243983DB-3D2E-43D9-ABC8-D7D8D960A7DD}D:\warthunder\launcher.exe] => (Block) D:\warthunder\launcher.exe => No File FirewallRules: [UDP Query User{26705C4E-2B5F-49B2-95E7-38896D93041A}D:\warthunder\launcher.exe] => (Block) D:\warthunder\launcher.exe => No File FirewallRules: [TCP Query User{EFF5B575-8F6D-4208-A133-2E3B9B003D52}D:\warthunder\win64\aces.exe] => (Block) D:\warthunder\win64\aces.exe => No File FirewallRules: [UDP Query User{2EBA6262-0C6D-472E-B07A-C78B7B3E1C8E}D:\warthunder\win64\aces.exe] => (Block) D:\warthunder\win64\aces.exe => No File FirewallRules: [TCP Query User{8C16ECBB-B2B9-4B47-A240-16906BECBC01}D:\steam\steamapps\common\for honor\forhonor.exe] => (Block) D:\steam\steamapps\common\for honor\forhonor.exe => No File FirewallRules: [UDP Query User{335D7A00-345A-4FEB-9374-28738FF5D902}D:\steam\steamapps\common\for honor\forhonor.exe] => (Block) D:\steam\steamapps\common\for honor\forhonor.exe => No File FirewallRules: [TCP Query User{F9F9052A-04C5-4E38-9157-F085DC9784E2}C:\origin games\battlefield 4\bf4.exe] => (Allow) C:\origin games\battlefield 4\bf4.exe => No File FirewallRules: [UDP Query User{ABCA69A7-DC65-43DF-B113-89B2172DF4B2}C:\origin games\battlefield 4\bf4.exe] => (Allow) C:\origin games\battlefield 4\bf4.exe => No File FirewallRules: [{67539663-5BEA-4A4B-98BD-47DB9946AC46}] => (Block) C:\origin games\battlefield 4\bf4.exe => No File FirewallRules: [{659AAF55-2969-4A71-814D-199DE33F7ED5}] => (Block) C:\origin games\battlefield 4\bf4.exe => No File FirewallRules: [{1A5BEADF-EE4D-4059-9086-3C4418B608FF}] => (Allow) C:\Orgin Games\Battlefield 1\bf1Trial.exe => No File FirewallRules: [{7BDFC255-439A-40F8-9BBA-E77F4262F2A9}] => (Allow) C:\Orgin Games\Battlefield 1\bf1Trial.exe => No File FirewallRules: [{79EEC07E-5FCC-4E7C-B7E7-D183D2E28A7F}] => (Allow) C:\Orgin Games\Battlefield 1\bf1.exe => No File FirewallRules: [{47327956-2C8B-4ACE-ACF7-F26923557020}] => (Allow) C:\Orgin Games\Battlefield 1\bf1.exe => No File FirewallRules: [TCP Query User{FFFCE46B-BA56-4C98-A453-EACE5AB43EA4}D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File FirewallRules: [UDP Query User{712985CA-4A5D-40A6-B642-D90379681A5D}D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File FirewallRules: [{E0163CDD-9F4A-404D-9471-F47136BEB29C}] => (Block) D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File FirewallRules: [{C856BB7C-D06E-4D6E-9A33-478B9A79C261}] => (Block) D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File FirewallRules: [TCP Query User{24E070E4-3039-482F-A4CA-0D1BC9A3CCAD}C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File FirewallRules: [UDP Query User{5F6FA378-10AC-4188-B72F-FFCBFB62E5D6}C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File FirewallRules: [{20C3C409-9ED7-43D7-90E3-8EEA666F62AB}] => (Block) C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File FirewallRules: [{2BA7C4D5-9F37-4F3B-B4E0-94CF4D00C9B1}] => (Block) C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File FirewallRules: [TCP Query User{110107A3-D4B9-4CF6-A1E2-969CAAB31E9A}C:\users\theph\downloads\beat.saber.v 1.20.0.incl.all.dlc\beat.saber.v1.20.0.incl.all.dl c\beat.saber.v1.20.0.incl.all.dlc\beat saber.exe] => (Allow) C:\users\theph\downloads\beat.saber.v1.20.0.incl.a ll.dlc\beat.saber.v1.20.0.incl.all.dlc\beat.saber. v1.20.0.incl.all.dlc\beat saber.exe => No File FirewallRules: [UDP Query User{B8BAE84E-9D42-41E7-A62C-C5D84B16FC68}C:\users\theph\downloads\beat.saber.v 1.20.0.incl.all.dlc\beat.saber.v1.20.0.incl.all.dl c\beat.saber.v1.20.0.incl.all.dlc\beat saber.exe] => (Allow) C:\users\theph\downloads\beat.saber.v1.20.0.incl.a ll.dlc\beat.saber.v1.20.0.incl.all.dlc\beat.saber. v1.20.0.incl.all.dlc\beat saber.exe => No File FirewallRules: [{2191101E-1A3E-4739-98AA-BAFAFF0BC9D5}] => (Block) C:\users\theph\downloads\beat.saber.v1.20.0.incl.a ll.dlc\beat.saber.v1.20.0.incl.all.dlc\beat.saber. v1.20.0.incl.all.dlc\beat saber.exe => No File FirewallRules: [{898253E5-46E7-49E3-BD86-39A0B8DAB0AF}] => (Block) C:\users\theph\downloads\beat.saber.v1.20.0.incl.a ll.dlc\beat.saber.v1.20.0.incl.all.dlc\beat.saber. v1.20.0.incl.all.dlc\beat saber.exe => No File FirewallRules: [TCP Query User{2DF40E66-474C-4577-B671-21107877501B}D:\opra\opera.exe] => (Allow) D:\opra\opera.exe => No File FirewallRules: [UDP Query User{0F654994-1903-40C9-B27D-7397EB6EECEE}D:\opra\opera.exe] => (Allow) D:\opra\opera.exe => No File FirewallRules: [{B4D843EF-A840-4034-9FE4-4C1C55727545}] => (Block) D:\opra\opera.exe => No File FirewallRules: [{AE44E5F3-F83F-46EF-95E9-EC68BD899781}] => (Block) D:\opra\opera.exe => No File FirewallRules: [TCP Query User{3E469D73-A664-4C5A-993C-7D9E549695D9}D:\saintsrowthethird\srttr.exe] => (Allow) D:\saintsrowthethird\srttr.exe => No File FirewallRules: [UDP Query User{054EA97C-8CEC-4A2B-9B9D-368318A27120}D:\saintsrowthethird\srttr.exe] => (Allow) D:\saintsrowthethird\srttr.exe => No File FirewallRules: [{A19C8347-FC5C-45AB-B3C5-9CA02CE5760B}] => (Block) D:\saintsrowthethird\srttr.exe => No File FirewallRules: [{99E6CDB9-B11E-4ECA-B0AE-0BDE9A7D4671}] => (Block) D:\saintsrowthethird\srttr.exe => No File FirewallRules: [{711015FB-0ADD-4179-B533-9F2710D0E609}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe => No File FirewallRules: [TCP Query User{F90B24F5-80C3-4109-B3B2-AFEF9D7927B1}C:\epic games\tinytinaswonderlands\oakgame\binaries\win64\ wonderlands.exe] => (Allow) C:\epic games\tinytinaswonderlands\oakgame\binaries\win64\ wonderlands.exe => No File FirewallRules: [UDP Query User{D2F34CDF-48A2-491D-900A-1A7B53EF77AA}C:\epic games\tinytinaswonderlands\oakgame\binaries\win64\ wonderlands.exe] => (Allow) C:\epic games\tinytinaswonderlands\oakgame\binaries\win64\ wonderlands.exe => No File FirewallRules: [{0506D9EF-567F-4B0F-BF47-D4E9EC875F73}] => (Block) C:\epic games\tinytinaswonderlands\oakgame\binaries\win64\ wonderlands.exe => No File FirewallRules: [{88ACA749-B3CF-4256-88C0-92EF9385FAE6}] => (Block) C:\epic games\tinytinaswonderlands\oakgame\binaries\win64\ wonderlands.exe => No File FirewallRules: [TCP Query User{5FFE7F73-C940-4D55-8114-1E4ED9D1B32D}D:\fortnite\fortnitegame\binaries\win 64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnitegame\binaries\win64\fortnitecl ient-win64-shipping.exe => No File FirewallRules: [UDP Query User{FCCADD12-E53A-48C2-A67D-9CD2487B92F9}D:\fortnite\fortnitegame\binaries\win 64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnitegame\binaries\win64\fortnitecl ient-win64-shipping.exe => No File FirewallRules: [TCP Query User{011D0E6F-061F-434B-8C91-393F8654CBDB}D:\fortnite\fortnitegame\binaries\win 64\fortniteclient-win64-shipping.exe] => (Block) D:\fortnite\fortnitegame\binaries\win64\fortnitecl ient-win64-shipping.exe => No File FirewallRules: [UDP Query User{B4C54019-1545-4177-8E84-B53A38EBB58D}D:\fortnite\fortnitegame\binaries\win 64\fortniteclient-win64-shipping.exe] => (Block) D:\fortnite\fortnitegame\binaries\win64\fortnitecl ient-win64-shipping.exe => No File FirewallRules: [TCP Query User{D969FC56-0E7A-48DE-93BE-20E3E1393622}C:\overwatch\_retail_\overwatch.exe] => (Allow) C:\overwatch\_retail_\overwatch.exe => No File FirewallRules: [UDP Query User{4639DD4B-B7AD-44C8-94F1-28542EAA9EFB}C:\overwatch\_retail_\overwatch.exe] => (Allow) C:\overwatch\_retail_\overwatch.exe => No File FirewallRules: [{B6463541-D48E-4CDA-BF97-D843E5ADFA47}] => (Block) C:\overwatch\_retail_\overwatch.exe => No File FirewallRules: [{2BCC012B-85DC-43D3-92E1-806C41830EEB}] => (Block) C:\overwatch\_retail_\overwatch.exe => No File FirewallRules: [TCP Query User{DBA9CE6F-BDF9-4B49-8CB0-3F73B09D10F3}C:\steam\steamapps\common\the corridor\thecorridor\binaries\win64\thecorridor-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\the corridor\thecorridor\binaries\win64\thecorridor-win64-shipping.exe => No File FirewallRules: [UDP Query User{9D053355-5727-43C2-BF1F-00ED1B207010}C:\steam\steamapps\common\the corridor\thecorridor\binaries\win64\thecorridor-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\the corridor\thecorridor\binaries\win64\thecorridor-win64-shipping.exe => No File FirewallRules: [{2C23D3FD-5AA1-4DA9-96F5-5E1B470FDABA}] => (Block) C:\steam\steamapps\common\the corridor\thecorridor\binaries\win64\thecorridor-win64-shipping.exe => No File FirewallRules: [{4E481AA8-A9EC-47B8-89DB-C97EC2C8B5D0}] => (Block) C:\steam\steamapps\common\the corridor\thecorridor\binaries\win64\thecorridor-win64-shipping.exe => No File FirewallRules: [{9AC3BD2A-3EDB-417B-B25D-71E541A19F87}] => (Allow) C:\Tom Clancy's The Division 2\TheDivision2.exe => No File FirewallRules: [{7BAA1836-2562-455B-A5A2-3C46B5C5FC7A}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Wi n64\RocketLeague.exe => No File FirewallRules: [{79AD3D46-DDFE-49F6-888E-AD74B15E9C8F}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Wi n64\RocketLeague.exe => No File FirewallRules: [{FBE9230A-634D-4F9A-89D7-2AFC62D770BF}] => (Allow) C:\Program Files\Unity\Hub\Editor\2019.4.31f1\Editor\Unity.ex e => No File FirewallRules: [{A2E5FEAB-F590-4EE8-BC4A-8D8F6E753F18}] => (Block) C:\Program Files\Unity\Hub\Editor\2019.4.31f1\Editor\Unity.ex e => No File FirewallRules: [TCP Query User{70FE5D77-6FFD-4B25-972A-9F1A82D50AC9}D:\beat saber\bslegacylauncher\bslegacylauncher\beat saber\beat saber.exe] => (Allow) D:\beat saber\bslegacylauncher\bslegacylauncher\beat saber\beat saber.exe => No File FirewallRules: [UDP Query User{11A65CD7-0B56-4E39-8722-5873150279EF}D:\beat saber\bslegacylauncher\bslegacylauncher\beat saber\beat saber.exe] => (Allow) D:\beat saber\bslegacylauncher\bslegacylauncher\beat saber\beat saber.exe => No File FirewallRules: [{CCCA9135-B7EA-4C89-94E2-1BE262EE42C6}] => (Block) D:\beat saber\bslegacylauncher\bslegacylauncher\beat saber\beat saber.exe => No File FirewallRules: [{4C5E1F79-EA3A-4CDE-9194-71A43B317A93}] => (Block) D:\beat saber\bslegacylauncher\bslegacylauncher\beat saber\beat saber.exe => No File FirewallRules: [TCP Query User{77D891CF-9451-429D-9A8C-1F122106B889}C:\users\theph\appdata\local\medal\ap p-4.1000.0\medal.exe] => (Allow) C:\users\theph\appdata\local\medal\app-4.1000.0\medal.exe => No File FirewallRules: [UDP Query User{3D67AF3B-099A-4E35-B41D-B63AC765271C}C:\users\theph\appdata\local\medal\ap p-4.1000.0\medal.exe] => (Allow) C:\users\theph\appdata\local\medal\app-4.1000.0\medal.exe => No File FirewallRules: [{66364A3F-A86B-4AB3-8987-94899484942D}] => (Block) C:\users\theph\appdata\local\medal\app-4.1000.0\medal.exe => No File FirewallRules: [{28AD15E9-B0F6-403C-B794-E916BB33939A}] => (Block) C:\users\theph\appdata\local\medal\app-4.1000.0\medal.exe => No File FirewallRules: [TCP Query User{75A30ABE-00EA-415D-81BC-A8B788F7B553}D:\epic games\tinytinaswonderlands\oakgame\binaries\win64\ wonderlands.exe] => (Allow) D:\epic games\tinytinaswonderlands\oakgame\binaries\win64\ wonderlands.exe => No File FirewallRules: [UDP Query User{08A02502-D277-4C35-8CF0-0676EFE8805C}D:\epic games\tinytinaswonderlands\oakgame\binaries\win64\ wonderlands.exe] => (Allow) D:\epic games\tinytinaswonderlands\oakgame\binaries\win64\ wonderlands.exe => No File FirewallRules: [{1CD4D411-F5C7-43C8-BEBC-5BD321D8EB8D}] => (Block) D:\epic games\tinytinaswonderlands\oakgame\binaries\win64\ wonderlands.exe => No File FirewallRules: [{1F9B3E63-950C-4C08-910B-FB6A6CFCB3FB}] => (Block) D:\epic games\tinytinaswonderlands\oakgame\binaries\win64\ wonderlands.exe => No File FirewallRules: [{051A6BD2-DB3D-4D19-8DDE-0B57E52339FF}] => (Allow) D:\BlueStacks X\BlueStacksWeb.exe => No File FirewallRules: [{48189302-C41C-484C-85E0-E6C9C7F37647}] => (Allow) D:\BlueStacks X\Cloud Game.exe => No File FirewallRules: [{2D702D56-6248-4686-807F-E81AEE07A1F6}] => (Allow) C:\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File FirewallRules: [{50CC7929-4C84-4BD2-AD93-63B436BB703D}] => (Allow) C:\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File FirewallRules: [{4FA5E25B-B09A-41B2-BDD3-018AFF28B13C}] => (Allow) D:\Steam\steamapps\common\Squad\squad_launcher.exe => No File FirewallRules: [{7602CC3C-6C77-44FB-9852-A63DFC3CDDDE}] => (Allow) D:\Steam\steamapps\common\Squad\squad_launcher.exe => No File FirewallRules: [{2AD21C80-2D92-4B34-BAD9-7DA980BC6978}] => (Allow) C:\Users\theph\AppData\Roaming\uTorrent\uTorrent.e xe => No File FirewallRules: [{FFB42D4A-3033-4EE5-A216-B4B9B4AC0F57}] => (Allow) C:\Users\theph\AppData\Roaming\uTorrent\uTorrent.e xe => No File FirewallRules: [{FBDD005C-6C5F-4ED4-9E33-9911C4CE4AA3}] => (Allow) D:\Steam\steamapps\common\The Cycle\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File FirewallRules: [{9199BCF5-7BF4-4353-B9D7-AD8B0B4497EA}] => (Allow) D:\Steam\steamapps\common\The Cycle\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File FirewallRules: [{33B8D0E0-59A8-4D4D-9BB4-C1009277F10F}] => (Allow) D:\Steam\steamapps\common\The Cycle\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File FirewallRules: [{BC0B9581-D2E4-43FC-B779-A9B976E51A5E}] => (Allow) D:\Steam\steamapps\common\The Cycle\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File FirewallRules: [{CD3EA9A8-5DA8-430E-8A26-CBF53DDA6953}] => (Allow) C:\Steam\steamapps\common\OVR_AdvancedSettings\Adv ancedSettings.exe => No File FirewallRules: [{5236A421-4632-4FB2-995B-C0FE728C1569}] => (Allow) C:\Steam\steamapps\common\OVR_AdvancedSettings\Adv ancedSettings.exe => No File FirewallRules: [{92DC00FD-6870-4BC1-B976-558E3F3C1E9E}] => (Allow) C:\Steam\steamapps\common\Necesse\Necesse.exe => No File FirewallRules: [{C2E32954-A3B5-4742-B258-12FE182C438E}] => (Allow) C:\Steam\steamapps\common\Necesse\Necesse.exe => No File FirewallRules: [{C5C6E8BE-1F41-4E6B-81B5-5D7B33DEFEC2}] => (Allow) C:\Steam\steamapps\common\Soulstice\Soulstice.exe => No File FirewallRules: [{9930BC8A-E668-455F-AC3F-A6D238FCFB0A}] => (Allow) C:\Steam\steamapps\common\Soulstice\Soulstice.exe => No File FirewallRules: [{FF2FDC7C-2A85-4583-91E1-5728E30EAF8D}] => (Allow) C:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe => No File FirewallRules: [{1B667B39-98A6-48CB-9B2F-B4CD8FA29D8E}] => (Allow) C:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe => No File FirewallRules: [{9582A46B-CDE0-4869-82E0-5FB2A6BD4658}] => (Allow) C:\Steam\steamapps\common\GarrysMod\hl2.exe => No File FirewallRules: [{3836FCE3-7D65-41DC-B871-B8AB4F469DD7}] => (Allow) C:\Steam\steamapps\common\GarrysMod\hl2.exe => No File FirewallRules: [{27B8E929-7BFC-470A-B193-EA2FB90FA7DE}] => (Allow) D:\BlueStacks X\BlueStacksWeb.exe => No File FirewallRules: [{5B7AF0AD-5886-4CF2-8C43-2B9D1E33247B}] => (Allow) D:\BlueStacks X\Cloud Game.exe => No File FirewallRules: [{8220E0E9-00CB-4BB6-9312-624B3A8F350F}] => (Allow) C:\Steam\steamapps\common\VRising\VRising.exe => No File FirewallRules: [{B5F11DD1-8087-49A3-829F-2EAF9A661605}] => (Allow) C:\Steam\steamapps\common\VRising\VRising.exe => No File FirewallRules: [{C3CD103C-2E9A-4AB2-A6C1-0B435DAF71CB}] => (Allow) C:\Steam\steamapps\common\Absolver\Absolver.exe => No File FirewallRules: [{CF01E790-D915-4781-A92C-111F1E853CA5}] => (Allow) C:\Steam\steamapps\common\Absolver\Absolver.exe => No File FirewallRules: [{9C08EAB8-96A6-4EA9-8776-87017DE50EF2}] => (Allow) C:\Steam\steamapps\common\XSOverlay_Beta\XSOverlay .exe => No File FirewallRules: [{EB0C8B33-777A-4D56-8CDE-268F68049A7E}] => (Allow) C:\Steam\steamapps\common\XSOverlay_Beta\XSOverlay .exe => No File FirewallRules: [{E88DE245-ABE4-4164-839E-32CDA0DC4BAE}] => (Allow) C:\Steam\steamapps\common\7 Days To Die\7dLauncher.exe => No File FirewallRules: [{43D02197-3DAA-4E15-8F60-0CA5A1E460FA}] => (Allow) C:\Steam\steamapps\common\7 Days To Die\7dLauncher.exe => No File FirewallRules: [{73D0B84D-3D96-48DF-BF46-CFDE82A0172B}] => (Allow) C:\Steam\steamapps\common\Risk of Rain 2\Risk of Rain 2.exe => No File FirewallRules: [{D834E6A3-D180-4843-96E4-FEE5858CB814}] => (Allow) C:\Steam\steamapps\common\Risk of Rain 2\Risk of Rain 2.exe => No File FirewallRules: [{77E2E6B9-5C28-47FD-AF6D-FA697DA00960}] => (Allow) C:\Steam\steamapps\common\Necesse\jre\bin\javaw.ex e => No File FirewallRules: [{C3221A63-1AB7-4D1E-BC10-7B5AB2930ECD}] => (Allow) C:\Steam\steamapps\common\Necesse\jre\bin\javaw.ex e => No File FirewallRules: [{247FB8F6-84BC-4E64-9E2C-9A032EFF8F93}] => (Allow) C:\Steam\steamapps\common\GarrysMod\bin\gmod.exe => No File FirewallRules: [{DC627657-388F-4F3D-8AD0-2D09F58CE3E4}] => (Allow) C:\Steam\steamapps\common\GarrysMod\bin\gmod.exe => No File FirewallRules: [{E935D942-FD32-4974-887B-89E51D8D0E1A}] => (Allow) C:\Steam\steamapps\common\GarrysMod\bin\win64\gmod .exe => No File FirewallRules: [{826D02DA-6820-4DFE-A2A0-9D3781F1FD54}] => (Allow) C:\Steam\steamapps\common\GarrysMod\bin\win64\gmod .exe => No File FirewallRules: [{D198F89A-BE38-4C9B-BC60-2197395FB857}] => (Allow) D:\Steam\steamapps\common\Soulstice\Soulstice.exe => No File FirewallRules: [{D378A4A9-5B03-4F7D-9440-FE9B0A281408}] => (Allow) D:\Steam\steamapps\common\Soulstice\Soulstice.exe => No File FirewallRules: [{FD75C54B-223B-4B3A-9738-11EE4A026B68}] => (Allow) C:\Program Files\Elgato\4KCaptureUtility\4KCaptureUtility.exe => No File FirewallRules: [{374E307B-60D0-41EA-930B-2513D3DDAC86}] => (Allow) C:\Steam\steamapps\common\EvolveGame\bin64_SteamRe tail\Evolve.exe => No File FirewallRules: [{95AD20A7-8A72-47D6-811A-7C78C88C7C93}] => (Allow) C:\Steam\steamapps\common\EvolveGame\bin64_SteamRe tail\Evolve.exe => No File FirewallRules: [{60012540-EC15-4FA5-B725-78787EA458FB}] => (Allow) D:\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File FirewallRules: [{67774D32-F94A-434B-8D53-607BC37ABA8D}] => (Allow) D:\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File FirewallRules: [{FB71D621-3E91-4E1C-9F40-E6FF23F6AB7C}] => (Allow) D:\Steam\steamapps\common\Necesse\jre\bin\javaw.ex e => No File FirewallRules: [{FE618DA8-141E-4890-B3BC-8801C30438E4}] => (Allow) D:\Steam\steamapps\common\Necesse\jre\bin\javaw.ex e => No File FirewallRules: [{AEB32D80-0C4F-4FBE-811C-D8F99AEE0C3E}] => (Allow) C:\Tower Of Fantasy\Hotta\Binaries\Win64\INTLWebViewHelper.exe => No File FirewallRules: [{31A76480-2C83-42BE-8856-FFC82255B844}] => (Allow) C:\Program Files (x86)\Popcorn Time\nodejs\node.exe => No File FirewallRules: [{342211AD-9989-424B-843F-66FAAE9DD935}] => (Allow) C:\Program Files (x86)\Popcorn Time\nodejs\node.exe => No File FirewallRules: [{A640C54B-6DB0-457A-BFFB-8D29DD0235E4}] => (Allow) C:\Steam\steamapps\common\Phasmophobia\Phasmophobi a.exe => No File FirewallRules: [{640BF1B1-6575-458B-9D31-155C04441BF8}] => (Allow) C:\Steam\steamapps\common\Phasmophobia\Phasmophobi a.exe => No File FirewallRules: [{FEB6C1D5-4823-4748-B432-273260742997}] => (Allow) C:\Steam\steamapps\common\Cyberpunk 2077\REDprelauncher.exe => No File FirewallRules: [{6FB684A0-CA5B-4A81-A40D-B24FD8767F76}] => (Allow) C:\Steam\steamapps\common\Cyberpunk 2077\REDprelauncher.exe => No File FirewallRules: [{D7D4EE90-3ED1-4F0D-8BBE-CA9228B34AA0}] => (Allow) D:\Steam\steamapps\common\ProjectZomboid\ProjectZo mboid64.exe => No File FirewallRules: [{157CA7DF-34B2-415C-B789-0D00AE3F9BD0}] => (Allow) D:\Steam\steamapps\common\ProjectZomboid\ProjectZo mboid64.exe => No File FirewallRules: [{BCD564B7-8A01-4F1E-998E-B4E95FB672C4}] => (Allow) C:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe => No File FirewallRules: [{213437FE-832D-48F9-889C-97EF9F870FEA}] => (Allow) C:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe => No File FirewallRules: [{E4825967-EEC0-4823-AC18-7A71CF05C225}] => (Allow) D:\Steam\steamapps\common\GarrysMod\bin\gmod.exe => No File FirewallRules: [{EF832176-F856-410D-A912-94376E10DAB6}] => (Allow) D:\Steam\steamapps\common\GarrysMod\bin\gmod.exe => No File FirewallRules: [{6736A801-8F2A-4551-AA2A-A9CFF88ADA10}] => (Allow) D:\Steam\steamapps\common\GarrysMod\bin\win64\gmod .exe => No File FirewallRules: [{CBF60054-6AB9-4A3D-BC51-F22003FBCD37}] => (Allow) D:\Steam\steamapps\common\GarrysMod\bin\win64\gmod .exe => No File FirewallRules: [{36CDA989-9F0B-4EEA-934B-6F5F3A58C46A}] => (Allow) C:\Steam\steamapps\common\PHtest\RaidGame.exe => No File FirewallRules: [{610CAE14-7AC1-49E0-BC65-2E7FBA0D2310}] => (Allow) C:\Steam\steamapps\common\PHtest\RaidGame.exe => No File FirewallRules: [{4ACB164E-C9BA-47B2-9BF3-72D6FC62434E}] => (Allow) D:\Steam\steamapps\common\GarrysMod\bin\gmod.exe => No File FirewallRules: [{E248CEBC-4F1E-46D2-BEEA-47AE13A40118}] => (Allow) D:\Steam\steamapps\common\GarrysMod\bin\gmod.exe => No File FirewallRules: [{EF18D080-AAF2-4506-99F0-18434E4267E6}] => (Allow) D:\Steam\steamapps\common\GarrysMod\bin\win64\gmod .exe => No File FirewallRules: [{A6F46048-191A-4C8B-BE4D-F365FB4441D5}] => (Allow) D:\Steam\steamapps\common\GarrysMod\bin\win64\gmod .exe => No File FirewallRules: [{628C06FE-F2E2-4C2D-BCFA-1C38A6ABEFB9}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File FirewallRules: [{FACA5CA8-9587-42F4-922D-58492BF45F8A}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe => No File FirewallRules: [{2C441771-0DE9-4062-B5C0-C3B0706D5EA6}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe => No File FirewallRules: [{7CD15B0D-583B-4505-81CC-196DB0518D8B}] => (Allow) C:\Steam\steamapps\common\Gotham Knights\GothamKnights.exe => No File FirewallRules: [{016A7AB2-73A4-4B6C-B2FD-65547B62CD88}] => (Allow) C:\Steam\steamapps\common\Gotham Knights\GothamKnights.exe => No File FirewallRules: [{4480DF79-FB2F-4840-97F8-31E64F573CF3}] => (Allow) C:\Steam\steamapps\common\Dying Light 2\ph\work\bin\x64\DyingLightGame_x64_rwdi.exe => No File FirewallRules: [{22895656-2314-46BE-9F53-C5362710FFDF}] => (Allow) C:\Steam\steamapps\common\Dying Light 2\ph\work\bin\x64\DyingLightGame_x64_rwdi.exe => No File FirewallRules: [{597B9900-ABAD-40C3-808A-00001A191D0F}] => (Allow) C:\Steam\steamapps\common\Warframe\Tools\Launcher. exe => No File FirewallRules: [{53EFB07F-A8EA-4B08-A6CC-9B8C740E393F}] => (Allow) C:\Steam\steamapps\common\Warframe\Warframe.x64.ex e => No File FirewallRules: [{6ADED815-9B87-4DC2-96D5-E1929E6B5856}] => (Allow) C:\Steam\steamapps\common\Warframe\Warframe.x64.ex e => No File FirewallRules: [{D122E617-CC8E-45A7-A734-F64BF80809A9}] => (Allow) C:\Steam\steamapps\common\Warframe\Tools\RemoteCra shSender.exe => No File FirewallRules: [{5D7AD582-A85D-428D-AA77-C58C1C4788B5}] => (Allow) C:\Steam\steamapps\common\Warframe\Tools\Launcher. exe => No File FirewallRules: [{0418645A-DDBE-4CE3-9861-EA8450D3DF99}] => (Allow) C:\Steam\steamapps\common\Warframe\Warframe.x64.ex e => No File FirewallRules: [{CD5DF783-B08D-4E74-84ED-C65EA7BD1820}] => (Allow) C:\Steam\steamapps\common\Warframe\Warframe.x64.ex e => No File FirewallRules: [{068F72B4-8F68-420C-BDEC-A38CF617DEDF}] => (Allow) C:\Steam\steamapps\common\Warframe\Tools\RemoteCra shSender.exe => No File FirewallRules: [{270D7C0C-2549-4FE0-8492-B0D3B48D1406}] => (Allow) D:\Steam\steamapps\common\Dark and Darker Playtest\DungeonCrawler.exe => No File FirewallRules: [{D3FF73C4-4375-4712-ADCF-D3511CC91938}] => (Allow) D:\Steam\steamapps\common\Dark and Darker Playtest\DungeonCrawler.exe => No File FirewallRules: [{8440F1C8-FC03-4A47-9CA3-59281553DB65}] => (Allow) D:\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe => No File FirewallRules: [{611A3F18-21EE-4A1B-9B09-C86601B2557E}] => (Allow) D:\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe => No File FirewallRules: [{49D61083-716D-4973-868D-9B30B8856199}] => (Allow) D:\Minecraft Curse Forge\overwolf\0.212.1.5\OverwolfBrowser.exe => No File FirewallRules: [{86BAA9E9-11F7-4B4F-9354-FCAD9D843E0D}] => (Allow) D:\Minecraft Curse Forge\overwolf\0.212.1.5\OverwolfBrowser.exe => No File FirewallRules: [{16F3DB57-734D-4D95-A469-B4B2C93A380B}] => (Block) D:\Minecraft Curse Forge\overwolf\0.212.1.5\OverwolfBrowser.exe => No File FirewallRules: [{A7C52C86-FD05-4331-B047-43D070B3AC72}] => (Block) D:\Minecraft Curse Forge\overwolf\0.212.1.5\OverwolfBrowser.exe => No File AlternateDataStreams: C:\ProgramData\agent.1653775616.bdinstall.v2.bin:6 48BE96FBB [4298] AlternateDataStreams: C:\ProgramData\agent.update.1667380697.bdinstall.v 2.bin:6D67FA1051 [4298] AlternateDataStreams: C:\ProgramData\cl.1653775808.bdinstall.v2.bin

863306057 [4298] AlternateDataStreams: C:\ProgramData\cl.kit.1653775805.bdinstall.v2.bin: 62052707C0 [4298] AlternateDataStreams: C:\ProgramData\DP45977C.lfl:677104FCAA [4298] AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [4298] AlternateDataStreams: C:\ProgramData\screen.jpg:8C7DEC92B3 [4298] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [4298] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk:09A0A90EF3 [4298] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [4298] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [4298] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk:8096E45125 [4298] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk

C8F23BC3A [4298] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk:E77773B271 [4298] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk:159ADC9AA1 [4298] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity Hub.lnk:830092544A [4298] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [8548] AlternateDataStreams: C:\Users\theph\Application Data:374c9b336db4fa9522b72c58dcd0c3f9 [394] AlternateDataStreams: C:\Users\theph\AppData\Roaming:374c9b336db4fa9522b 72c58dcd0c3f9 [394] AlternateDataStreams: C:\Users\theph\AppData\Local\Temp:$DATA [16] C:\Windows\system32\drivers\etc\hosts Hosts: VirusTotal: C:\Windows\system32\Drivers\NeacSafe.sys virusTotal: C:\ProgramData\DP45977C.lfl cmd: net stop bits Move: C:\ProgramData\Microsoft\Network\Downloader\qmgr*. db C:\ProgramData\Microsoft\Network\Downloader\qmgr*. db.old cmd: net start bits cmd: bitsadmin /list /allusers CMD: "%WINDIR%\SYSTEM32\lodctr.exe /R" CMD: "%WINDIR%\SysWOW64\lodctr.exe /R" CMD: "C:\Windows\SYSTEM32\lodctr.exe /R" CMD: "C:\Windows\SysWOW64\lodctr.exe /R" CMD: del /f /s /q %windir%\prefetch\*.* CMD: del /s /q C:\Windows\SoftwareDistribution\download\*.* CMD: del /s /q "%userprofile%\AppData\Local\Google\Chrome\Use r Data\Default\Cache\*.*" cmd: del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\Us er Data\Default\Cache\*.*" cmd: del /s /q "%userprofile%\AppData\Local\Opera Software\Opera Stable\Cache\Cache_Data\*.*" CMD: del /s /q "%userprofile%\AppData\Local\temp\*.*" CMD: ipconfig /flushdns C:\Windows\Temp\*.* C:\WINDOWS\system32\*.tmp C:\WINDOWS\syswow64\*.tmp emptytemp: Reboot: End:: [/ICODE][/COLOR][/COLOR]

**Phoenix_VR** · 01-01-2023, 06:42 PM

And here we go, PC had to restart.

**Malnutrition** · 01-01-2023, 06:46 PM

We need to remove one last file.

Copy the content of the code box below.
[COLOR=rgb(184, 49, 47)]Do not copy the word code!!!
Right Click FRST and run as Administrator.
Click Fix once (!) and wait. The program will create a log file (Fixlog.txt).
Attach it to your next message.

[ICODE]start:: C:\ProgramData\DP45977C.lfl end:: [/ICODE]

After running the above fix!!
How is the computer running? Issue solved?[/COLOR]

**Phoenix_VR** · 01-01-2023, 06:50 PM

My pc is running faster then before, so thank you for that I’ll have a look if this is gone.
[HEADING=2]Generic.Trojan.DiscordStealer.B.D6426E8C[/HEADING]

**Malnutrition** · 01-01-2023, 06:51 PM

Ok, run a scan with Bitdefender and let me know if the issue is still there. )

**Phoenix_VR** · 01-01-2023, 06:58 PM

Its still there,

C:\Windows\System32\config\SOFTWARE=>(Embedded EXE g)

Generic.Trojan.DiscordStealer.B.D6426E8C

**Phoenix_VR** · 01-01-2023, 06:58 PM

I would give you the log file of bitdefender
but its a xml file

Trying to remove Generic.Trojan.DiscordStealer.B.D6426E8C

Trying to remove Generic.Trojan.DiscordStealer.B.D6426E8C

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment