• Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Solved Trying to remove Generic.Trojan.DiscordStealer.B.D6426E8C

Status
Not open for further replies.
Phoenix VR

Phoenix VR

PCHF Member
Jan 1, 2023
38
3
24
#1
I know this has probably been resolved but I'm currently using Bitdefender when I do a scan, and can not take actions or delete it, its in the SYSTEM its self.

Does this file actually steal you Discord account or does it not do anything??

Log File
C:\Windows\System32\config\SOFTWARE=>(Embedded EXE g)Generic.Trojan.DiscordStealer.B.D6426E8C

I can't add the log since its a xml file.
 
#2
Hello @Phoenix VR and Welcome to PCHF :)


Download Autologger to your desktop.
Disable your Anitivirus/Defender prior to running.
  • Unzip it there. -- If you are unsure how to unzip a program, then use ---- http://www.7-zip.org/ ----
  • Right click Autologger and run as administrator. (Xp user double click)
  • AVZ4 will open and scan your machine, allow this to complete.
  • Upload Collectionlog.zip to your next reply.
 
#3
Here we go this is what I got.

Also a lot of stuff popped up and was kinda scared there for a moment, thought it was a scam software.
 

Attachments

  • CollectionLog-2023.01.01-16.14.zip
    121.4 KB · Views: 5
#5
Look in the Autologger folder and drag out the CheckBrowsersLNK file.
To your desktop.
AutoLogger\CheckBrowserLnk
Click to expand...
Drag and drop onto the ClearLNK utility .
After saving ClearLNK to desktop.
move.gif
Run HijackThis! as admin! (located in the folder ...Autologger\HijackThis)
Do a system scan, then check each item below, make sure and only check the items listed.
Then click Fix checked.
The computer will need to reboot, allow it to do so.

Code: 
O22 - Task (.job): (Not scheduled) Driver Easy Scheduled Scan.job - C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (file missing)
O22 - Tasks: (damaged) Driver Easy Scheduled Scan - C:\Program Files\Easeware\DriverEasy\DriverEasy.exe --scan (file missing) (user missing)
O22 - Tasks: (damaged) Opera GX scheduled assistant Autoupdate 1648223427 - D:\Opra\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="D:\Opra\assistant" $(Arg0) (file missing) (user missing)
O22 - Tasks: (damaged) Opera GX scheduled Autoupdate 1646322567 - D:\Opra\launcher.exe --scheduledautoupdate $(Arg0) (file missing) (user missing)
O22 - Tasks: Driver Easy Scheduled Scan - C:\Program Files\Easeware\DriverEasy\DriverEasy.exe --scan (file missing)
Please download the FRST 32 bit or FRST 64bit version to suit your operating system. It is important FRST is downloaded to your desktop.
If you are unsure if your operating system is 32 or 64 Bit please go HERE.
Once downloaded right click the FRST desktop icon and select "Run as administrator" from the menu
If you receive any security warnings, or the User Account Control warning opens at any time whilst using FRST you can safely allow FRST to proceed.
FRST will open with two dialogue boxes, accept the disclaimer.

  1. Accept the default whitelist options,
  2. If the additions.txt options box is not checked please select it.
  3. Then select Scan
  4. Frst will take a few minutes to scan your computer, and when finished will produce two log files on your desktop, FRST.txt, and Addition.txt. They will display immediately on the desktop, but can be reopened later as a notepad file.



2016-08-12_152002.jpg



Please Attach the contents of these logs in your next post for review by our Security Team
 
#7
These logs will take while to look over. Please run these two scans while you wait.

Adware Cleaner



  • Download AdwCleaner and save it to your Desktop
  • Right-click on AdwCleaner.exeand select, Run as Administrator
  • Accept the EULA (I accept), then click on Scan Now
  • Let the scan complete
  • Once the scan completes, make sure that every item listed in the different tabs is checked and click on the Clean & Repair button
  • Subsequently you may be asked to Run Basic Repair. This is optional. I would suggest holding off on this for now.
  • Once the cleaning process is complete, AdwCleaner will ask you to restart your computer
  • Close all other open windows and allow it to restart
  • After the restart, Notepad will open with the AdwCleaner cleaning log
  • Please Attach the contents of that log into your next reply to me
Download Malwarebytes v.4 . Install and run.


  • Once the MBAM dashboard opens, click on Settings (gear icon).
  • Click on Security tab and make sure that all four Scan options are enabled.
  • Close Settings and click on the Scan button on the dashboard.
  • Once the scan is completed make sure you have it quarantine any detections it finds.
  • If no detections were found click on the Save results drop-down, then the Export to TXT button and save the file as a Text file to your desktop.
  • If there were detections then once the quarantine has completed click on the View report button, then click the Export drop-down, then the Export to TXT button, and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply.
  • If the computer restarted to quarantine you can access the logs from the Detection History, then the History tab. Highlight the most recent scan and double-click to open it. Then click the Export drop-down, then the Export to TXT button, and save the file as a Text file to your desktop or other location you can find and include that log on your next reply.
 
#8
Btw the Malwarebytes is gonna take awhile, Just saying that now, Because I already did a scan and it had 9 detections and I quarantine the 9 detections but then I removed the program from my computer so I don't think I have the log to that, but the scan took about 4-5 hours I think to fully done the scan

edit: Oh nvm its done haha

There are two other files u requested.
 

Attachments

  • AdwCleaner[C00].txt
    3.6 KB · Views: 3
  • Malware scan.txt
    5 KB · Views: 3
#9
Download and run Startup lite.
Copy the content of the code box below.
Do not copy the word code!!!
Right Click FRST and run as Administrator.
Click Fix once (!) and wait. The program will create a log file (Fixlog.txt).
Attach it to your next message.

Code: 
Start::
CloseProcesses:
SystemRestore: On
CreateRestorePoint:
RemoveProxy:
Task: {13934F45-3DB8-4A72-AE65-2FDC266FDB29} - \VWK -> No File <==== ATTENTION
Task: {6277E1C0-7D24-4662-BB4F-67ABF0F95F4B} - \nslooksvc32 -> No File <==== ATTENTION
Task: {A54EF4A9-2A51-49F3-8628-C9759C5A6EC9} - \nslooksvc64 -> No File <==== ATTENTION
S2 EpicOnlineServices; "C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe" [X]
S3 Rockstar Service; "C:\Program Files\Rockstar Games\Launcher\RockstarService.exe" [X]
S3 xldr_soulworker_tw; "C:\Program Files\Common Files\UNCHEATER\xldr_soulworker_tw.exe" [X]
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
C:\Windows\system32\DRIVERS\Hamdrv.sys
S3 GPUZ-v2; \??\C:\Users\theph\AppData\Local\Temp\GPUZ-v2.sys [X] <==== ATTENTION
S3 wtbt; \??\c:\steam\steamapps\common\super people playtest\engine\binaries\thirdparty\wondertrust\wtdrv64.sys [X]
C:\Users\theph\AppData\Local\Temp\GPUZ-v2.sys
C:\Program Files (x86)\Popcorn Time
CustomCLSID: HKU\S-1-5-21-1958790192-829533772-2814255167-1001_Classes\CLSID\{3fac1856-999e-7736-2d2f-0e5b1c670cbf}\localserver32 -> "D:\ProtonVPN.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-1958790192-829533772-2814255167-1001_Classes\CLSID\{dabdd0bb-59b7-7986-5d6b-fdb9aab34c57}\localserver32 -> "D:\Protonvpn\ProtonVPN.exe" -ToastActivated => No File
FirewallRules: [{9E962105-173E-4798-8021-9996AE8AE8A9}] => (Allow) D:\Steam\steamapps\common\Soulworker_TWN\SoulWorker.exe => No File
FirewallRules: [{5E86026C-42CD-44A3-94FC-55C86D519784}] => (Allow) D:\Steam\steamapps\common\Soulworker_TWN\SoulWorker.exe => No File
FirewallRules: [{D549F740-CC85-44E4-874F-D52AB04CEBDB}] => (Allow) C:\Program Files (x86)\Popcorn Time\nodejs\node.exe => No File
FirewallRules: [{80B2AC07-EF43-4E73-A0D2-B992EEF4B223}] => (Allow) C:\Program Files (x86)\Popcorn Time\nodejs\node.exe => No File
FirewallRules: [TCP Query User{31F61EAA-BED5-414F-A3A2-16BBDC8DCC46}D:\popcorn time\nodejs\node.exe] => (Allow) D:\popcorn time\nodejs\node.exe => No File
FirewallRules: [UDP Query User{4A3110F3-C13A-4D45-95AE-B383444358AA}D:\popcorn time\nodejs\node.exe] => (Allow) D:\popcorn time\nodejs\node.exe => No File
FirewallRules: [{346033CE-6D58-4E3B-9C31-4E4F70426A6E}] => (Block) D:\popcorn time\nodejs\node.exe => No File
FirewallRules: [{8BCD0C31-EAB9-4590-8B8D-670E09EB9F67}] => (Block) D:\popcorn time\nodejs\node.exe => No File
FirewallRules: [TCP Query User{9CDE6547-87FB-473B-90D2-3742B392DA11}C:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\steam\steamapps\common\grand theft auto v\gta5.exe => No File
FirewallRules: [UDP Query User{D1B40DB6-38D5-44E9-8986-7462405447E5}C:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\steam\steamapps\common\grand theft auto v\gta5.exe => No File
FirewallRules: [{D521D39B-BAB6-4B6A-B046-7CBBEEB7B5C2}] => (Block) C:\steam\steamapps\common\grand theft auto v\gta5.exe => No File
FirewallRules: [{F0EF785D-F2F7-440F-A41B-CAC7360ABBC9}] => (Block) C:\steam\steamapps\common\grand theft auto v\gta5.exe => No File
FirewallRules: [TCP Query User{02DB161E-E80E-4FC2-A86F-6A4F02470449}D:\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) D:\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [UDP Query User{9259E4F2-AA15-4DA8-B530-0BAC7391F87E}D:\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) D:\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [{A0AD8040-B999-4A11-9C12-4B89C319D2E7}] => (Block) D:\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [{F9F390AA-3A56-4ED3-8031-327B7FFBD23E}] => (Block) D:\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [TCP Query User{90B28D3C-E384-4120-9D6E-412036014182}C:\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [UDP Query User{8C4E2F26-2BF6-4A8C-AE24-6DCC36AE9A25}C:\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [{D02425EF-7561-4AFE-8E12-192BAA3F4C4A}] => (Block) C:\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [{460453E2-50DB-403A-9F3C-A1C6E2A4C221}] => (Block) C:\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [TCP Query User{4B7DE54A-2F7C-470B-B9C8-0470349A2B05}C:\users\theph\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\theph\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [UDP Query User{F2A63893-5734-4C05-B276-4FBCE32A7DBB}C:\users\theph\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\theph\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [{F737C0C2-7A50-4BF0-B7FB-B40657FE174E}] => (Block) C:\users\theph\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [{36F135F8-E77A-48EE-B79D-30788C5AE28A}] => (Block) C:\users\theph\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [TCP Query User{808F6FD5-9DAB-4462-B3A9-F89E191A3491}C:\steam\steamapps\common\battlefield 2042 open beta\bf.exe] => (Allow) C:\steam\steamapps\common\battlefield 2042 open beta\bf.exe => No File
FirewallRules: [UDP Query User{A34DB600-8CEF-4CB7-B92E-57C490817C34}C:\steam\steamapps\common\battlefield 2042 open beta\bf.exe] => (Allow) C:\steam\steamapps\common\battlefield 2042 open beta\bf.exe => No File
FirewallRules: [TCP Query User{B6E996CE-3281-4B2F-B997-69134D7BED70}D:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) D:\program files (x86)\origin games\battlefield 4\bf4.exe => No File
FirewallRules: [UDP Query User{DF127BC0-BBDA-456B-9622-DF238105984B}D:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) D:\program files (x86)\origin games\battlefield 4\bf4.exe => No File
FirewallRules: [{34ECD32E-165E-4A78-8B54-D448581A34DE}] => (Block) D:\program files (x86)\origin games\battlefield 4\bf4.exe => No File
FirewallRules: [{0FB8F455-3B5E-4DBC-8893-3E79065EDC50}] => (Block) D:\program files (x86)\origin games\battlefield 4\bf4.exe => No File
FirewallRules: [TCP Query User{56C80650-00DC-4C97-A0AE-97C57CAF94A8}D:\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{74DA758B-8E6F-49D6-84F5-C5BA499CB515}D:\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [{A4781D02-ABF6-4A3B-9683-34CB3F450635}] => (Block) D:\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [{5CB4F176-048E-4FBA-BCD3-4AC1BDFE42F8}] => (Block) D:\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{3C783258-89C5-4EFA-B941-D1B2BD4E676C}D:0\gobi\binaries\wingdk\back4blood.exe] => (Allow) D:0\gobi\binaries\wingdk\back4blood.exe => No File
FirewallRules: [UDP Query User{074E4B25-4086-465E-8B4B-0EC4FB317C13}D:0\gobi\binaries\wingdk\back4blood.exe] => (Allow) D:0\gobi\binaries\wingdk\back4blood.exe => No File
FirewallRules: [TCP Query User{B8B0BDC6-2082-4AD1-9BF8-DDA430477DDF}C:3\gobi\binaries\wingdk\back4blood.exe] => (Allow) C:3\gobi\binaries\wingdk\back4blood.exe => No File
FirewallRules: [UDP Query User{461E1F64-A9D9-463A-BFC6-B6CF42F546BA}C:3\gobi\binaries\wingdk\back4blood.exe] => (Allow) C:3\gobi\binaries\wingdk\back4blood.exe => No File
FirewallRules: [TCP Query User{9FDA8FE1-7AA7-42AE-ACA6-2EECD318B1FA}D:2\gobi\binaries\wingdk\back4blood.exe] => (Allow) D:2\gobi\binaries\wingdk\back4blood.exe => No File
FirewallRules: [UDP Query User{C8E70270-9907-4D12-A191-AAFEE6E5075A}D:2\gobi\binaries\wingdk\back4blood.exe] => (Allow) D:2\gobi\binaries\wingdk\back4blood.exe => No File
FirewallRules: [TCP Query User{E6549E5B-E404-4EAB-9E83-2723F3E9AFDD}D:5\gobi\binaries\wingdk\back4blood.exe] => (Allow) D:5\gobi\binaries\wingdk\back4blood.exe => No File
FirewallRules: [UDP Query User{1DC2E4AD-7A8E-438B-9CBA-BB54D28FF183}D:5\gobi\binaries\wingdk\back4blood.exe] => (Allow) D:5\gobi\binaries\wingdk\back4blood.exe => No File
FirewallRules: [TCP Query User{CADA40AF-4DD3-4D24-92D3-29619AA1580E}D:20\gobi\binaries\wingdk\back4blood.exe] => (Allow) D:20\gobi\binaries\wingdk\back4blood.exe => No File
FirewallRules: [UDP Query User{43BECECE-0A85-441A-B300-1FB1978789B2}D:20\gobi\binaries\wingdk\back4blood.exe] => (Allow) D:20\gobi\binaries\wingdk\back4blood.exe => No File
FirewallRules: [TCP Query User{D4735180-BD63-4530-ACBC-CFF83E036CBF}D:35\gobi\binaries\wingdk\back4blood.exe] => (Allow) D:35\gobi\binaries\wingdk\back4blood.exe => No File
FirewallRules: [UDP Query User{62448177-D111-4461-909D-AA2860A65E06}D:35\gobi\binaries\wingdk\back4blood.exe] => (Allow) D:35\gobi\binaries\wingdk\back4blood.exe => No File
FirewallRules: [TCP Query User{7C2EF5AF-76A3-44ED-8B13-8EAF7089EB73}D:49\gobi\binaries\wingdk\back4blood.exe] => (Allow) D:49\gobi\binaries\wingdk\back4blood.exe => No File
FirewallRules: [UDP Query User{CB74A912-EAA6-4468-A58C-5E0069C48D8E}D:49\gobi\binaries\wingdk\back4blood.exe] => (Allow) D:49\gobi\binaries\wingdk\back4blood.exe => No File
FirewallRules: [TCP Query User{B37C89AC-F38E-4B67-8E14-3769BA16CA2A}D:66\gobi\binaries\wingdk\back4blood.exe] => (Allow) D:66\gobi\binaries\wingdk\back4blood.exe => No File
FirewallRules: [UDP Query User{02FA3377-B37E-48BC-B08A-ACD793E20EDD}D:66\gobi\binaries\wingdk\back4blood.exe] => (Allow) D:66\gobi\binaries\wingdk\back4blood.exe => No File
FirewallRules: [TCP Query User{D4783F96-85E8-45A9-970E-91A124AB3F15}D:\minecraft\mods\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\minecraft\mods\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => No File
FirewallRules: [UDP Query User{752FA8FC-A499-4BA5-AD5A-E721AB34B637}D:\minecraft\mods\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\minecraft\mods\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => No File
FirewallRules: [{D1B01636-C0EB-4459-9B5D-DC7D2AB2B5E6}] => (Block) D:\minecraft\mods\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => No File
FirewallRules: [{F2CF93C9-6856-4D93-A984-E72407A782E6}] => (Block) D:\minecraft\mods\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => No File
FirewallRules: [TCP Query User{F2193B53-9BD5-4655-BD1F-C58A52BF3F79}D:\steam\steamapps\common\muse dash\musedash.exe] => (Allow) D:\steam\steamapps\common\muse dash\musedash.exe => No File
FirewallRules: [UDP Query User{31921002-2F48-4932-B100-D357D170D559}D:\steam\steamapps\common\muse dash\musedash.exe] => (Allow) D:\steam\steamapps\common\muse dash\musedash.exe => No File
FirewallRules: [{8AC908C8-1850-4450-A248-36FB7F11C26B}] => (Block) D:\steam\steamapps\common\muse dash\musedash.exe => No File
FirewallRules: [{4DB53A56-2B4A-4F9B-ABA2-75A115781FF8}] => (Block) D:\steam\steamapps\common\muse dash\musedash.exe => No File
FirewallRules: [TCP Query User{A5042826-9BBB-43BA-A5CF-8208869F3AFA}D:46\gobi\binaries\wingdk\back4blood.exe] => (Allow) D:46\gobi\binaries\wingdk\back4blood.exe => No File
FirewallRules: [UDP Query User{4BA2C693-CE9C-4249-AC62-12736E215978}D:46\gobi\binaries\wingdk\back4blood.exe] => (Allow) D:46\gobi\binaries\wingdk\back4blood.exe => No File
FirewallRules: [TCP Query User{B621E0C5-DD9F-435B-A0C0-1CF37DBF48D8}D:59\gobi\binaries\wingdk\back4blood.exe] => (Allow) D:59\gobi\binaries\wingdk\back4blood.exe => No File
FirewallRules: [UDP Query User{BDB99A1C-3FF3-4E44-A8B8-F7DA39155396}D:59\gobi\binaries\wingdk\back4blood.exe] => (Allow) D:59\gobi\binaries\wingdk\back4blood.exe => No File
FirewallRules: [TCP Query User{00B000FD-D14F-4C5B-8841-4F12B7094923}D:71\gobi\binaries\wingdk\back4blood.exe] => (Allow) D:71\gobi\binaries\wingdk\back4blood.exe => No File
FirewallRules: [UDP Query User{E538CDEA-23C7-49AE-A45C-2587CEDB165C}D:71\gobi\binaries\wingdk\back4blood.exe] => (Allow) D:71\gobi\binaries\wingdk\back4blood.exe => No File
FirewallRules: [TCP Query User{15096862-B0FA-4E43-830D-2D45A52C8BAC}D:\steam\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe => No File
FirewallRules: [UDP Query User{9412D668-136D-46B6-8C47-C86C0A9A201A}D:\steam\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe => No File
FirewallRules: [{D22E6B90-2315-4F93-B4CB-EDCEF71B68A1}] => (Allow) D:\Steam\steamapps\common\BABYLON'S FALL Beta Version\data\exe\Launcher.exe => No File
FirewallRules: [{E2191CD7-C649-4009-ABC5-6B15C4CBAB76}] => (Allow) D:\Steam\steamapps\common\BABYLON'S FALL Beta Version\data\exe\Launcher.exe => No File
FirewallRules: [TCP Query User{4044F367-FFD7-495A-AF9E-FEE39938481C}D:4\forzahorizon5.exe] => (Allow) D:4\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{1EBA9AB0-3D9C-42CC-8FE4-0F11C7723A87}D:4\forzahorizon5.exe] => (Allow) D:4\forzahorizon5.exe => No File
FirewallRules: [{F1E055FC-7775-47A1-9CBD-8CC3BCF15261}] => (Block) D:4\forzahorizon5.exe => No File
FirewallRules: [{7764C6A5-E9CC-4717-BA58-2278C7DDED07}] => (Block) D:4\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{B253CF45-7BAA-4821-9812-CCE87338EF15}D:9\forzahorizon5.exe] => (Allow) D:9\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{8540047F-9CDB-4453-8629-674FD8AC44AB}D:9\forzahorizon5.exe] => (Allow) D:9\forzahorizon5.exe => No File
FirewallRules: [{C7A71BC5-18BA-47D7-9DD9-357C4E1CCEDE}] => (Block) D:9\forzahorizon5.exe => No File
FirewallRules: [{84D3537D-6884-401C-9ADE-B921BB4322FB}] => (Block) D:9\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{1E5B22B5-C135-4B4D-A42D-384BDB6AC25F}D:\steam\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe] => (Block) D:\steam\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe => No File
FirewallRules: [UDP Query User{F1C0957E-AD38-4885-963A-37A95B12F116}D:\steam\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe] => (Block) D:\steam\steamapps\common\pavlovvr\pavlov\binaries\win64\pavlov-win64-shipping.exe => No File
FirewallRules: [{26016386-E0AD-4DD5-B3AE-75A5A85FD83D}] => (Allow) C:\Program Files\Unity\Hub\Editor\2018.4.20f1\Editor\Unity.exe => No File
FirewallRules: [{BAC54E1F-5110-4C53-970D-D22767AFE294}] => (Block) C:\Program Files\Unity\Hub\Editor\2018.4.20f1\Editor\Unity.exe => No File
FirewallRules: [{8C12B675-54C4-49A0-BAA4-8E5AD92EB28D}] => (Allow) C:\Steam\steamapps\common\VRChat\VRChat.exe => No File
FirewallRules: [{E8F51EA5-6AD7-48A6-B7E4-D33DB280D7EA}] => (Allow) C:\Steam\steamapps\common\VRChat\VRChat.exe => No File
FirewallRules: [TCP Query User{A788D721-8978-4E30-9209-E5A376EA5AA9}C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe => No File
FirewallRules: [UDP Query User{5467D34C-9895-4E14-8E7C-3E7EE2986960}C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe] => (Allow) C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe => No File
FirewallRules: [{E548FBCA-7861-4FB8-B7B8-91CB180776A4}] => (Block) C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe => No File
FirewallRules: [{DE063525-BF33-4B09-8946-3924D991FAA6}] => (Block) C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe => No File
FirewallRules: [TCP Query User{E526FD43-8645-480E-B718-CD5098CDFD69}C:\users\theph\appdata\local\vortxengine\app-2.2.17\signal-x64\signalrgb.exe] => (Allow) C:\users\theph\appdata\local\vortxengine\app-2.2.17\signal-x64\signalrgb.exe => No File
FirewallRules: [UDP Query User{A0AFBC87-D187-4DC3-BF66-2495FA2837D9}C:\users\theph\appdata\local\vortxengine\app-2.2.17\signal-x64\signalrgb.exe] => (Allow) C:\users\theph\appdata\local\vortxengine\app-2.2.17\signal-x64\signalrgb.exe => No File
FirewallRules: [{C4342C3B-6C62-43FC-84A2-7D0281B175AC}] => (Block) C:\users\theph\appdata\local\vortxengine\app-2.2.17\signal-x64\signalrgb.exe => No File
FirewallRules: [{83C7F112-2863-4AFC-84DB-D654FE2A8B15}] => (Block) C:\users\theph\appdata\local\vortxengine\app-2.2.17\signal-x64\signalrgb.exe => No File
FirewallRules: [TCP Query User{56277E1C-B2CD-4AD4-80B9-B87861FD753E}D:4\snowrunner.exe] => (Allow) D:4\snowrunner.exe => No File
FirewallRules: [UDP Query User{ECE85915-11EB-4C82-9B62-9B9C394FC526}D:4\snowrunner.exe] => (Allow) D:4\snowrunner.exe => No File
FirewallRules: [{138DEFD0-2870-4EA0-AB2F-312BC956E3B8}] => (Block) D:4\snowrunner.exe => No File
FirewallRules: [{FE551B0B-FF2F-4C8B-85B9-1141DC37EBFE}] => (Block) D:4\snowrunner.exe => No File
FirewallRules: [TCP Query User{9B56CC25-26C9-4DCE-AA06-032D9AA0491E}D:\steam\steamapps\common\for honor\forhonor.exe] => (Allow) D:\steam\steamapps\common\for honor\forhonor.exe => No File
FirewallRules: [UDP Query User{40485669-1F56-4113-A970-ABE2861675FA}D:\steam\steamapps\common\for honor\forhonor.exe] => (Allow) D:\steam\steamapps\common\for honor\forhonor.exe => No File
FirewallRules: [TCP Query User{0D1DB846-137A-4E20-90B2-D3D6A121FD34}D:\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\borderlands3\oakgame\binaries\win64\borderlands3.exe => No File
FirewallRules: [UDP Query User{09C37497-8826-4317-AC8C-64DA7CC152F8}D:\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) D:\borderlands3\oakgame\binaries\win64\borderlands3.exe => No File
FirewallRules: [{A55F2FF9-F783-449C-9DFD-D0AC801640B1}] => (Block) D:\borderlands3\oakgame\binaries\win64\borderlands3.exe => No File
FirewallRules: [{F7745EA0-3CFB-4753-93E3-3F353A5D746E}] => (Block) D:\borderlands3\oakgame\binaries\win64\borderlands3.exe => No File
FirewallRules: [TCP Query User{A69F37A0-6628-407C-8337-792D94B3ACE9}C:\steam\steamapps\common\battlefield 2042\bf2042.exe] => (Allow) C:\steam\steamapps\common\battlefield 2042\bf2042.exe => No File
FirewallRules: [UDP Query User{656321A2-0C4D-48C7-A755-0E76E45FE6CE}C:\steam\steamapps\common\battlefield 2042\bf2042.exe] => (Allow) C:\steam\steamapps\common\battlefield 2042\bf2042.exe => No File
FirewallRules: [TCP Query User{E4F943A5-827D-43FF-B7ED-62399DF9C504}D:\ready or not\ready.or.not\ready or not\readyornot.exe] => (Allow) D:\ready or not\ready.or.not\ready or not\readyornot.exe => No File
FirewallRules: [UDP Query User{0C1FFF4E-1C07-4835-BD0B-DBD7EA10C903}D:\ready or not\ready.or.not\ready or not\readyornot.exe] => (Allow) D:\ready or not\ready.or.not\ready or not\readyornot.exe => No File
FirewallRules: [{B6672493-0874-440F-A5EA-3EE6EB49F99A}] => (Block) D:\ready or not\ready.or.not\ready or not\readyornot.exe => No File
FirewallRules: [{EAB754E9-95EB-425A-928D-DB36F53F1740}] => (Block) D:\ready or not\ready.or.not\ready or not\readyornot.exe => No File
FirewallRules: [TCP Query User{944181CC-DFF7-4E6A-B34B-D38764598E5A}D:\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => No File
FirewallRules: [UDP Query User{897A1215-31A4-420D-A86B-43A2630770C6}D:\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => No File
FirewallRules: [{9E9A81C4-612A-4AE2-89BC-F0EA5ED59F8D}] => (Block) D:\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => No File
FirewallRules: [{0D6305BE-99EC-40F2-B5D1-2CD256C3271A}] => (Block) D:\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => No File
FirewallRules: [{B2AB5321-01BD-44DC-8946-12F5C9E06A41}] => (Allow) D:\Hamachi\hamachi-2-ui.exe => No File
FirewallRules: [{BAA99C50-7DC1-4BFB-8033-611D7F30825F}] => (Allow) D:\Hamachi\hamachi-2-ui.exe => No File
FirewallRules: [TCP Query User{6E701346-A11A-43DC-9DB7-4DD9A12BE5C1}D:\minecraft\mods\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) D:\minecraft\mods\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File
FirewallRules: [UDP Query User{2CA6CEC4-E067-4BF5-A8E5-D28A0D652A03}D:\minecraft\mods\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) D:\minecraft\mods\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File
FirewallRules: [{E63B9772-29F1-4EE9-AD43-0AFA781996AE}] => (Block) D:\minecraft\mods\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File
FirewallRules: [{49359754-FD9B-4233-BCD0-D87F4F57FC4F}] => (Block) D:\minecraft\mods\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File
FirewallRules: [TCP Query User{A23E9FA9-56FF-479C-A462-F7264A0D26D9}D:\minecraft\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) D:\minecraft\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File
FirewallRules: [UDP Query User{EAAA8D7E-4140-4E19-B1D4-69D5E73F52A5}D:\minecraft\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) D:\minecraft\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File
FirewallRules: [{9429E619-CA32-49AB-B524-B5ABEB5441F1}] => (Block) D:\minecraft\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File
FirewallRules: [{B57DC7DF-E73E-422C-8049-52E6027B5459}] => (Block) D:\minecraft\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File
FirewallRules: [TCP Query User{04962093-475E-434E-9B46-016BF1FF3A6D}D:\opra gx\opera.exe] => (Allow) D:\opra gx\opera.exe => No File
FirewallRules: [UDP Query User{345DD442-8271-4A30-9216-0CCD2F745BF3}D:\opra gx\opera.exe] => (Allow) D:\opra gx\opera.exe => No File
FirewallRules: [{E4E08FC4-1BEC-480C-93E4-56D8878BC131}] => (Block) D:\opra gx\opera.exe => No File
FirewallRules: [{BF52CD95-B00B-4D4F-BA84-0A5FE7883786}] => (Block) D:\opra gx\opera.exe => No File
FirewallRules: [{598084F8-D1C1-40C7-8935-F62C3E0A4076}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe => No File
FirewallRules: [{EF7C1776-0E4B-46F0-8223-DD2B4C465963}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe => No File
FirewallRules: [{04220494-473A-41EF-9ECB-1785B71AD0A3}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe => No File
FirewallRules: [{C92EEF20-1B43-4D0A-87E6-A5A87853C1F6}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe => No File
FirewallRules: [TCP Query User{F25BD3E9-DD6F-4E9B-B085-72B3C20B7357}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe => No File
FirewallRules: [UDP Query User{F876BF00-02B4-427D-951A-92CE78761104}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe => No File
FirewallRules: [{784872F7-DBF2-4A21-BE9C-FDD199F1F621}] => (Block) C:\program files (x86)\origin games\battlefield 4\bf4.exe => No File
FirewallRules: [{EDDD8D19-F9FF-4EF6-A529-9136AFFDAFA7}] => (Block) C:\program files (x86)\origin games\battlefield 4\bf4.exe => No File
FirewallRules: [TCP Query User{C8F3F941-C6FF-4B20-B325-3DA64284D0F7}D:\command and conquer - generals\command and conquer generals zero hour\generals.exe] => (Allow) D:\command and conquer - generals\command and conquer generals zero hour\generals.exe => No File
FirewallRules: [UDP Query User{6936D319-879F-45C7-9871-0C7CA2AF8CF7}D:\command and conquer - generals\command and conquer generals zero hour\generals.exe] => (Allow) D:\command and conquer - generals\command and conquer generals zero hour\generals.exe => No File
FirewallRules: [{3BC12811-1DE7-41B5-B954-E4C8BA96AA87}] => (Block) D:\command and conquer - generals\command and conquer generals zero hour\generals.exe => No File
FirewallRules: [{966A1B90-C698-4891-8F38-6F0DFDBCC414}] => (Block) D:\command and conquer - generals\command and conquer generals zero hour\generals.exe => No File
FirewallRules: [{234EBF06-48F7-44C8-9752-FD7E00272970}] => (Allow) C:\Steam\steamapps\common\Zenith MMO\UnityClient@Windows.exe => No File
FirewallRules: [{58B35F06-C48E-49E3-B421-AAA80BA8B06F}] => (Allow) C:\Steam\steamapps\common\Zenith MMO\UnityClient@Windows.exe => No File
FirewallRules: [TCP Query User{92492B3B-A4A2-4A33-BB64-A48351CC4AB8}D:\steam\steamapps\common\dark deception\ddeception\binaries\win64\ddeception-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\dark deception\ddeception\binaries\win64\ddeception-win64-shipping.exe => No File
FirewallRules: [UDP Query User{1FE7CDAB-D836-4EC5-B6CD-7F6015AC62ED}D:\steam\steamapps\common\dark deception\ddeception\binaries\win64\ddeception-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\dark deception\ddeception\binaries\win64\ddeception-win64-shipping.exe => No File
FirewallRules: [{838A86A7-2128-4DD7-9B2D-FE02D92CEFDA}] => (Block) D:\steam\steamapps\common\dark deception\ddeception\binaries\win64\ddeception-win64-shipping.exe => No File
FirewallRules: [{B5B6CC0B-7A94-4AD3-8C3B-7800F359837C}] => (Block) D:\steam\steamapps\common\dark deception\ddeception\binaries\win64\ddeception-win64-shipping.exe => No File
FirewallRules: [{AB76E5DF-C38E-49CC-B6D7-2EAE42393855}] => (Block) D:\Games\Dark Deception Chapter 4\DDeception.exe => No File
FirewallRules: [{EDC18894-48E1-4F4D-A7EF-D338142488D5}] => (Block) D:\Games\Dark Deception Chapter 4\DDeception.exe => No File
FirewallRules: [TCP Query User{45390749-7A5A-49C9-9593-93AEF66D73C8}D:\games\dark deception chapter 4\ddeception\binaries\win64\ddeception-win64-shipping.exe] => (Allow) D:\games\dark deception chapter 4\ddeception\binaries\win64\ddeception-win64-shipping.exe => No File
FirewallRules: [UDP Query User{ACD90679-14DD-4C15-A70F-18DC8F775390}D:\games\dark deception chapter 4\ddeception\binaries\win64\ddeception-win64-shipping.exe] => (Allow) D:\games\dark deception chapter 4\ddeception\binaries\win64\ddeception-win64-shipping.exe => No File
FirewallRules: [{D9CA9CFA-C0B5-4E69-B542-4B7076F9A0BB}] => (Block) D:\games\dark deception chapter 4\ddeception\binaries\win64\ddeception-win64-shipping.exe => No File
FirewallRules: [{F695E72F-F0B4-48A5-B7D7-05C96C1C8AAB}] => (Block) D:\games\dark deception chapter 4\ddeception\binaries\win64\ddeception-win64-shipping.exe => No File
FirewallRules: [TCP Query User{B6534E58-E0FF-4A59-9496-BE06E84DE2E8}C:\users\theph\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\theph\appdata\local\gamecenter\gamecenter.exe => No File
FirewallRules: [UDP Query User{0F4CBBBB-A83B-449C-B6D8-F9DC7D512A35}C:\users\theph\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\theph\appdata\local\gamecenter\gamecenter.exe => No File
FirewallRules: [{DB9B6A80-308D-4F6F-93A2-16510CF2DEF7}] => (Block) C:\users\theph\appdata\local\gamecenter\gamecenter.exe => No File
FirewallRules: [{6F23178F-D659-4157-8703-0F0DCD20F5B8}] => (Block) C:\users\theph\appdata\local\gamecenter\gamecenter.exe => No File
FirewallRules: [TCP Query User{CD87412C-013B-4198-89CC-F5C7D5B2876D}D:\games\doom app\doomseeker\doomseeker.exe] => (Allow) D:\games\doom app\doomseeker\doomseeker.exe => No File
FirewallRules: [UDP Query User{B111F2D9-4A15-4430-B399-9C87074B450D}D:\games\doom app\doomseeker\doomseeker.exe] => (Allow) D:\games\doom app\doomseeker\doomseeker.exe => No File
FirewallRules: [{98BE4A13-7871-4698-A5D2-DDA8310565F1}] => (Block) D:\games\doom app\doomseeker\doomseeker.exe => No File
FirewallRules: [{2A899D63-A762-4301-9DE5-A26CDF9FB9C7}] => (Block) D:\games\doom app\doomseeker\doomseeker.exe => No File
FirewallRules: [TCP Query User{934C2015-D09B-4772-B612-7A334715B4D0}D:\games\doom app\zandronum.exe] => (Allow) D:\games\doom app\zandronum.exe => No File
FirewallRules: [UDP Query User{FFF47B44-816E-43AE-AAF5-19CD00FA34B5}D:\games\doom app\zandronum.exe] => (Allow) D:\games\doom app\zandronum.exe => No File
FirewallRules: [{738AB59F-41D5-461A-9998-68945C663DA2}] => (Block) D:\games\doom app\zandronum.exe => No File
FirewallRules: [{2CA11FD3-ABE3-4460-BE69-4C53382A8DFC}] => (Block) D:\games\doom app\zandronum.exe => No File
FirewallRules: [TCP Query User{D1F96C49-9CEA-4BFD-B4A2-C37491FC550D}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe => No File
FirewallRules: [UDP Query User{133281D8-3345-4E25-9809-5431F1978F8C}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe => No File
FirewallRules: [TCP Query User{D5C68983-3756-43D3-A55E-329E80817E66}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe => No File
FirewallRules: [UDP Query User{966FB9D7-41AD-456D-98C7-4F1343228CB2}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe => No File
FirewallRules: [TCP Query User{062B7332-176A-49C8-9849-FB1755E19BC8}D:\enlisted\launcher.exe] => (Allow) D:\enlisted\launcher.exe => No File
FirewallRules: [UDP Query User{63DD2EAE-250A-4B41-8B38-817806EBC74B}D:\enlisted\launcher.exe] => (Allow) D:\enlisted\launcher.exe => No File
FirewallRules: [{DC31A0F8-BB91-4B94-B9C5-A5A8E99547AB}] => (Block) D:\enlisted\launcher.exe => No File
FirewallRules: [{E84A7528-E0D2-4D2B-887C-65F2400AE337}] => (Block) D:\enlisted\launcher.exe => No File
FirewallRules: [TCP Query User{11FA98A2-5142-4094-8E4C-E0FCD91203D6}C:\users\theph\appdata\local\discord\app-1.0.9004\discord.exe] => (Block) C:\users\theph\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [UDP Query User{2825E6FB-6859-4570-89B4-9F783CF23A40}C:\users\theph\appdata\local\discord\app-1.0.9004\discord.exe] => (Block) C:\users\theph\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [{2F852DA0-7BCC-4207-BA2C-2E83A3F89D0E}] => (Allow) C:\Users\theph\Desktop\Unlocker\UTDBkAGpWCn2Wy8T.exe => No File
FirewallRules: [{8E59FF32-21F8-4FB7-9487-92C929A2723E}] => (Allow) C:\Users\theph\Desktop\Unlocker\UTDBkAGpWCn2Wy8T.exe => No File
FirewallRules: [{2AE645DC-0D45-40B7-BF8E-F202DA4C6F51}] => (Allow) C:\Users\theph\Desktop\Unlocker\UTDBkAGpWCn2Wy8T.exe => No File
FirewallRules: [{FE3461EE-0F54-45A4-B946-21C87F011DF4}] => (Allow) C:\Users\theph\Desktop\Unlocker\UTDBkAGpWCn2Wy8T.exe => No File
FirewallRules: [TCP Query User{243983DB-3D2E-43D9-ABC8-D7D8D960A7DD}D:\warthunder\launcher.exe] => (Block) D:\warthunder\launcher.exe => No File
FirewallRules: [UDP Query User{26705C4E-2B5F-49B2-95E7-38896D93041A}D:\warthunder\launcher.exe] => (Block) D:\warthunder\launcher.exe => No File
FirewallRules: [TCP Query User{EFF5B575-8F6D-4208-A133-2E3B9B003D52}D:\warthunder\win64\aces.exe] => (Block) D:\warthunder\win64\aces.exe => No File
FirewallRules: [UDP Query User{2EBA6262-0C6D-472E-B07A-C78B7B3E1C8E}D:\warthunder\win64\aces.exe] => (Block) D:\warthunder\win64\aces.exe => No File
FirewallRules: [TCP Query User{8C16ECBB-B2B9-4B47-A240-16906BECBC01}D:\steam\steamapps\common\for honor\forhonor.exe] => (Block) D:\steam\steamapps\common\for honor\forhonor.exe => No File
FirewallRules: [UDP Query User{335D7A00-345A-4FEB-9374-28738FF5D902}D:\steam\steamapps\common\for honor\forhonor.exe] => (Block) D:\steam\steamapps\common\for honor\forhonor.exe => No File
FirewallRules: [TCP Query User{F9F9052A-04C5-4E38-9157-F085DC9784E2}C:\origin games\battlefield 4\bf4.exe] => (Allow) C:\origin games\battlefield 4\bf4.exe => No File
FirewallRules: [UDP Query User{ABCA69A7-DC65-43DF-B113-89B2172DF4B2}C:\origin games\battlefield 4\bf4.exe] => (Allow) C:\origin games\battlefield 4\bf4.exe => No File
FirewallRules: [{67539663-5BEA-4A4B-98BD-47DB9946AC46}] => (Block) C:\origin games\battlefield 4\bf4.exe => No File
FirewallRules: [{659AAF55-2969-4A71-814D-199DE33F7ED5}] => (Block) C:\origin games\battlefield 4\bf4.exe => No File
FirewallRules: [{1A5BEADF-EE4D-4059-9086-3C4418B608FF}] => (Allow) C:\Orgin Games\Battlefield 1\bf1Trial.exe => No File
FirewallRules: [{7BDFC255-439A-40F8-9BBA-E77F4262F2A9}] => (Allow) C:\Orgin Games\Battlefield 1\bf1Trial.exe => No File
FirewallRules: [{79EEC07E-5FCC-4E7C-B7E7-D183D2E28A7F}] => (Allow) C:\Orgin Games\Battlefield 1\bf1.exe => No File
FirewallRules: [{47327956-2C8B-4ACE-ACF7-F26923557020}] => (Allow) C:\Orgin Games\Battlefield 1\bf1.exe => No File
FirewallRules: [TCP Query User{FFFCE46B-BA56-4C98-A453-EACE5AB43EA4}D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [UDP Query User{712985CA-4A5D-40A6-B642-D90379681A5D}D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{E0163CDD-9F4A-404D-9471-F47136BEB29C}] => (Block) D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{C856BB7C-D06E-4D6E-9A33-478B9A79C261}] => (Block) D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{24E070E4-3039-482F-A4CA-0D1BC9A3CCAD}C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [UDP Query User{5F6FA378-10AC-4188-B72F-FFCBFB62E5D6}C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{20C3C409-9ED7-43D7-90E3-8EEA666F62AB}] => (Block) C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{2BA7C4D5-9F37-4F3B-B4E0-94CF4D00C9B1}] => (Block) C:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{110107A3-D4B9-4CF6-A1E2-969CAAB31E9A}C:\users\theph\downloads\beat.saber.v1.20.0.incl.all.dlc\beat.saber.v1.20.0.incl.all.dlc\beat.saber.v1.20.0.incl.all.dlc\beat saber.exe] => (Allow) C:\users\theph\downloads\beat.saber.v1.20.0.incl.all.dlc\beat.saber.v1.20.0.incl.all.dlc\beat.saber.v1.20.0.incl.all.dlc\beat saber.exe => No File
FirewallRules: [UDP Query User{B8BAE84E-9D42-41E7-A62C-C5D84B16FC68}C:\users\theph\downloads\beat.saber.v1.20.0.incl.all.dlc\beat.saber.v1.20.0.incl.all.dlc\beat.saber.v1.20.0.incl.all.dlc\beat saber.exe] => (Allow) C:\users\theph\downloads\beat.saber.v1.20.0.incl.all.dlc\beat.saber.v1.20.0.incl.all.dlc\beat.saber.v1.20.0.incl.all.dlc\beat saber.exe => No File
FirewallRules: [{2191101E-1A3E-4739-98AA-BAFAFF0BC9D5}] => (Block) C:\users\theph\downloads\beat.saber.v1.20.0.incl.all.dlc\beat.saber.v1.20.0.incl.all.dlc\beat.saber.v1.20.0.incl.all.dlc\beat saber.exe => No File
FirewallRules: [{898253E5-46E7-49E3-BD86-39A0B8DAB0AF}] => (Block) C:\users\theph\downloads\beat.saber.v1.20.0.incl.all.dlc\beat.saber.v1.20.0.incl.all.dlc\beat.saber.v1.20.0.incl.all.dlc\beat saber.exe => No File
FirewallRules: [TCP Query User{2DF40E66-474C-4577-B671-21107877501B}D:\opra\opera.exe] => (Allow) D:\opra\opera.exe => No File
FirewallRules: [UDP Query User{0F654994-1903-40C9-B27D-7397EB6EECEE}D:\opra\opera.exe] => (Allow) D:\opra\opera.exe => No File
FirewallRules: [{B4D843EF-A840-4034-9FE4-4C1C55727545}] => (Block) D:\opra\opera.exe => No File
FirewallRules: [{AE44E5F3-F83F-46EF-95E9-EC68BD899781}] => (Block) D:\opra\opera.exe => No File
FirewallRules: [TCP Query User{3E469D73-A664-4C5A-993C-7D9E549695D9}D:\saintsrowthethird\srttr.exe] => (Allow) D:\saintsrowthethird\srttr.exe => No File
FirewallRules: [UDP Query User{054EA97C-8CEC-4A2B-9B9D-368318A27120}D:\saintsrowthethird\srttr.exe] => (Allow) D:\saintsrowthethird\srttr.exe => No File
FirewallRules: [{A19C8347-FC5C-45AB-B3C5-9CA02CE5760B}] => (Block) D:\saintsrowthethird\srttr.exe => No File
FirewallRules: [{99E6CDB9-B11E-4ECA-B0AE-0BDE9A7D4671}] => (Block) D:\saintsrowthethird\srttr.exe => No File
FirewallRules: [{711015FB-0ADD-4179-B533-9F2710D0E609}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe => No File
FirewallRules: [TCP Query User{F90B24F5-80C3-4109-B3B2-AFEF9D7927B1}C:\epic games\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) C:\epic games\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe => No File
FirewallRules: [UDP Query User{D2F34CDF-48A2-491D-900A-1A7B53EF77AA}C:\epic games\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) C:\epic games\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe => No File
FirewallRules: [{0506D9EF-567F-4B0F-BF47-D4E9EC875F73}] => (Block) C:\epic games\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe => No File
FirewallRules: [{88ACA749-B3CF-4256-88C0-92EF9385FAE6}] => (Block) C:\epic games\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe => No File
FirewallRules: [TCP Query User{5FFE7F73-C940-4D55-8114-1E4ED9D1B32D}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{FCCADD12-E53A-48C2-A67D-9CD2487B92F9}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [TCP Query User{011D0E6F-061F-434B-8C91-393F8654CBDB}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{B4C54019-1545-4177-8E84-B53A38EBB58D}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [TCP Query User{D969FC56-0E7A-48DE-93BE-20E3E1393622}C:\overwatch\_retail_\overwatch.exe] => (Allow) C:\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [UDP Query User{4639DD4B-B7AD-44C8-94F1-28542EAA9EFB}C:\overwatch\_retail_\overwatch.exe] => (Allow) C:\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [{B6463541-D48E-4CDA-BF97-D843E5ADFA47}] => (Block) C:\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [{2BCC012B-85DC-43D3-92E1-806C41830EEB}] => (Block) C:\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [TCP Query User{DBA9CE6F-BDF9-4B49-8CB0-3F73B09D10F3}C:\steam\steamapps\common\the corridor\thecorridor\binaries\win64\thecorridor-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\the corridor\thecorridor\binaries\win64\thecorridor-win64-shipping.exe => No File
FirewallRules: [UDP Query User{9D053355-5727-43C2-BF1F-00ED1B207010}C:\steam\steamapps\common\the corridor\thecorridor\binaries\win64\thecorridor-win64-shipping.exe] => (Allow) C:\steam\steamapps\common\the corridor\thecorridor\binaries\win64\thecorridor-win64-shipping.exe => No File
FirewallRules: [{2C23D3FD-5AA1-4DA9-96F5-5E1B470FDABA}] => (Block) C:\steam\steamapps\common\the corridor\thecorridor\binaries\win64\thecorridor-win64-shipping.exe => No File
FirewallRules: [{4E481AA8-A9EC-47B8-89DB-C97EC2C8B5D0}] => (Block) C:\steam\steamapps\common\the corridor\thecorridor\binaries\win64\thecorridor-win64-shipping.exe => No File
FirewallRules: [{9AC3BD2A-3EDB-417B-B25D-71E541A19F87}] => (Allow) C:\Tom Clancy's The Division 2\TheDivision2.exe => No File
FirewallRules: [{7BAA1836-2562-455B-A5A2-3C46B5C5FC7A}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe => No File
FirewallRules: [{79AD3D46-DDFE-49F6-888E-AD74B15E9C8F}] => (Allow) D:\Steam\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe => No File
FirewallRules: [{FBE9230A-634D-4F9A-89D7-2AFC62D770BF}] => (Allow) C:\Program Files\Unity\Hub\Editor\2019.4.31f1\Editor\Unity.exe => No File
FirewallRules: [{A2E5FEAB-F590-4EE8-BC4A-8D8F6E753F18}] => (Block) C:\Program Files\Unity\Hub\Editor\2019.4.31f1\Editor\Unity.exe => No File
FirewallRules: [TCP Query User{70FE5D77-6FFD-4B25-972A-9F1A82D50AC9}D:\beat saber\bslegacylauncher\bslegacylauncher\beat saber\beat saber.exe] => (Allow) D:\beat saber\bslegacylauncher\bslegacylauncher\beat saber\beat saber.exe => No File
FirewallRules: [UDP Query User{11A65CD7-0B56-4E39-8722-5873150279EF}D:\beat saber\bslegacylauncher\bslegacylauncher\beat saber\beat saber.exe] => (Allow) D:\beat saber\bslegacylauncher\bslegacylauncher\beat saber\beat saber.exe => No File
FirewallRules: [{CCCA9135-B7EA-4C89-94E2-1BE262EE42C6}] => (Block) D:\beat saber\bslegacylauncher\bslegacylauncher\beat saber\beat saber.exe => No File
FirewallRules: [{4C5E1F79-EA3A-4CDE-9194-71A43B317A93}] => (Block) D:\beat saber\bslegacylauncher\bslegacylauncher\beat saber\beat saber.exe => No File
FirewallRules: [TCP Query User{77D891CF-9451-429D-9A8C-1F122106B889}C:\users\theph\appdata\local\medal\app-4.1000.0\medal.exe] => (Allow) C:\users\theph\appdata\local\medal\app-4.1000.0\medal.exe => No File
FirewallRules: [UDP Query User{3D67AF3B-099A-4E35-B41D-B63AC765271C}C:\users\theph\appdata\local\medal\app-4.1000.0\medal.exe] => (Allow) C:\users\theph\appdata\local\medal\app-4.1000.0\medal.exe => No File
FirewallRules: [{66364A3F-A86B-4AB3-8987-94899484942D}] => (Block) C:\users\theph\appdata\local\medal\app-4.1000.0\medal.exe => No File
FirewallRules: [{28AD15E9-B0F6-403C-B794-E916BB33939A}] => (Block) C:\users\theph\appdata\local\medal\app-4.1000.0\medal.exe => No File
FirewallRules: [TCP Query User{75A30ABE-00EA-415D-81BC-A8B788F7B553}D:\epic games\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) D:\epic games\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe => No File
FirewallRules: [UDP Query User{08A02502-D277-4C35-8CF0-0676EFE8805C}D:\epic games\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe] => (Allow) D:\epic games\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe => No File
FirewallRules: [{1CD4D411-F5C7-43C8-BEBC-5BD321D8EB8D}] => (Block) D:\epic games\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe => No File
FirewallRules: [{1F9B3E63-950C-4C08-910B-FB6A6CFCB3FB}] => (Block) D:\epic games\tinytinaswonderlands\oakgame\binaries\win64\wonderlands.exe => No File
FirewallRules: [{051A6BD2-DB3D-4D19-8DDE-0B57E52339FF}] => (Allow) D:\BlueStacks X\BlueStacksWeb.exe => No File
FirewallRules: [{48189302-C41C-484C-85E0-E6C9C7F37647}] => (Allow) D:\BlueStacks X\Cloud Game.exe => No File
FirewallRules: [{2D702D56-6248-4686-807F-E81AEE07A1F6}] => (Allow) C:\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File
FirewallRules: [{50CC7929-4C84-4BD2-AD93-63B436BB703D}] => (Allow) C:\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File
FirewallRules: [{4FA5E25B-B09A-41B2-BDD3-018AFF28B13C}] => (Allow) D:\Steam\steamapps\common\Squad\squad_launcher.exe => No File
FirewallRules: [{7602CC3C-6C77-44FB-9852-A63DFC3CDDDE}] => (Allow) D:\Steam\steamapps\common\Squad\squad_launcher.exe => No File
FirewallRules: [{2AD21C80-2D92-4B34-BAD9-7DA980BC6978}] => (Allow) C:\Users\theph\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{FFB42D4A-3033-4EE5-A216-B4B9B4AC0F57}] => (Allow) C:\Users\theph\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{FBDD005C-6C5F-4ED4-9E33-9911C4CE4AA3}] => (Allow) D:\Steam\steamapps\common\The Cycle\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File
FirewallRules: [{9199BCF5-7BF4-4353-B9D7-AD8B0B4497EA}] => (Allow) D:\Steam\steamapps\common\The Cycle\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File
FirewallRules: [{33B8D0E0-59A8-4D4D-9BB4-C1009277F10F}] => (Allow) D:\Steam\steamapps\common\The Cycle\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File
FirewallRules: [{BC0B9581-D2E4-43FC-B779-A9B976E51A5E}] => (Allow) D:\Steam\steamapps\common\The Cycle\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe => No File
FirewallRules: [{CD3EA9A8-5DA8-430E-8A26-CBF53DDA6953}] => (Allow) C:\Steam\steamapps\common\OVR_AdvancedSettings\AdvancedSettings.exe => No File
FirewallRules: [{5236A421-4632-4FB2-995B-C0FE728C1569}] => (Allow) C:\Steam\steamapps\common\OVR_AdvancedSettings\AdvancedSettings.exe => No File
FirewallRules: [{92DC00FD-6870-4BC1-B976-558E3F3C1E9E}] => (Allow) C:\Steam\steamapps\common\Necesse\Necesse.exe => No File
FirewallRules: [{C2E32954-A3B5-4742-B258-12FE182C438E}] => (Allow) C:\Steam\steamapps\common\Necesse\Necesse.exe => No File
FirewallRules: [{C5C6E8BE-1F41-4E6B-81B5-5D7B33DEFEC2}] => (Allow) C:\Steam\steamapps\common\Soulstice\Soulstice.exe => No File
FirewallRules: [{9930BC8A-E668-455F-AC3F-A6D238FCFB0A}] => (Allow) C:\Steam\steamapps\common\Soulstice\Soulstice.exe => No File
FirewallRules: [{FF2FDC7C-2A85-4583-91E1-5728E30EAF8D}] => (Allow) C:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe => No File
FirewallRules: [{1B667B39-98A6-48CB-9B2F-B4CD8FA29D8E}] => (Allow) C:\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe => No File
FirewallRules: [{9582A46B-CDE0-4869-82E0-5FB2A6BD4658}] => (Allow) C:\Steam\steamapps\common\GarrysMod\hl2.exe => No File
FirewallRules: [{3836FCE3-7D65-41DC-B871-B8AB4F469DD7}] => (Allow) C:\Steam\steamapps\common\GarrysMod\hl2.exe => No File
FirewallRules: [{27B8E929-7BFC-470A-B193-EA2FB90FA7DE}] => (Allow) D:\BlueStacks X\BlueStacksWeb.exe => No File
FirewallRules: [{5B7AF0AD-5886-4CF2-8C43-2B9D1E33247B}] => (Allow) D:\BlueStacks X\Cloud Game.exe => No File
FirewallRules: [{8220E0E9-00CB-4BB6-9312-624B3A8F350F}] => (Allow) C:\Steam\steamapps\common\VRising\VRising.exe => No File
FirewallRules: [{B5F11DD1-8087-49A3-829F-2EAF9A661605}] => (Allow) C:\Steam\steamapps\common\VRising\VRising.exe => No File
FirewallRules: [{C3CD103C-2E9A-4AB2-A6C1-0B435DAF71CB}] => (Allow) C:\Steam\steamapps\common\Absolver\Absolver.exe => No File
FirewallRules: [{CF01E790-D915-4781-A92C-111F1E853CA5}] => (Allow) C:\Steam\steamapps\common\Absolver\Absolver.exe => No File
FirewallRules: [{9C08EAB8-96A6-4EA9-8776-87017DE50EF2}] => (Allow) C:\Steam\steamapps\common\XSOverlay_Beta\XSOverlay.exe => No File
FirewallRules: [{EB0C8B33-777A-4D56-8CDE-268F68049A7E}] => (Allow) C:\Steam\steamapps\common\XSOverlay_Beta\XSOverlay.exe => No File
FirewallRules: [{E88DE245-ABE4-4164-839E-32CDA0DC4BAE}] => (Allow) C:\Steam\steamapps\common\7 Days To Die\7dLauncher.exe => No File
FirewallRules: [{43D02197-3DAA-4E15-8F60-0CA5A1E460FA}] => (Allow) C:\Steam\steamapps\common\7 Days To Die\7dLauncher.exe => No File
FirewallRules: [{73D0B84D-3D96-48DF-BF46-CFDE82A0172B}] => (Allow) C:\Steam\steamapps\common\Risk of Rain 2\Risk of Rain 2.exe => No File
FirewallRules: [{D834E6A3-D180-4843-96E4-FEE5858CB814}] => (Allow) C:\Steam\steamapps\common\Risk of Rain 2\Risk of Rain 2.exe => No File
FirewallRules: [{77E2E6B9-5C28-47FD-AF6D-FA697DA00960}] => (Allow) C:\Steam\steamapps\common\Necesse\jre\bin\javaw.exe => No File
FirewallRules: [{C3221A63-1AB7-4D1E-BC10-7B5AB2930ECD}] => (Allow) C:\Steam\steamapps\common\Necesse\jre\bin\javaw.exe => No File
FirewallRules: [{247FB8F6-84BC-4E64-9E2C-9A032EFF8F93}] => (Allow) C:\Steam\steamapps\common\GarrysMod\bin\gmod.exe => No File
FirewallRules: [{DC627657-388F-4F3D-8AD0-2D09F58CE3E4}] => (Allow) C:\Steam\steamapps\common\GarrysMod\bin\gmod.exe => No File
FirewallRules: [{E935D942-FD32-4974-887B-89E51D8D0E1A}] => (Allow) C:\Steam\steamapps\common\GarrysMod\bin\win64\gmod.exe => No File
FirewallRules: [{826D02DA-6820-4DFE-A2A0-9D3781F1FD54}] => (Allow) C:\Steam\steamapps\common\GarrysMod\bin\win64\gmod.exe => No File
FirewallRules: [{D198F89A-BE38-4C9B-BC60-2197395FB857}] => (Allow) D:\Steam\steamapps\common\Soulstice\Soulstice.exe => No File
FirewallRules: [{D378A4A9-5B03-4F7D-9440-FE9B0A281408}] => (Allow) D:\Steam\steamapps\common\Soulstice\Soulstice.exe => No File
FirewallRules: [{FD75C54B-223B-4B3A-9738-11EE4A026B68}] => (Allow) C:\Program Files\Elgato\4KCaptureUtility\4KCaptureUtility.exe => No File
FirewallRules: [{374E307B-60D0-41EA-930B-2513D3DDAC86}] => (Allow) C:\Steam\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe => No File
FirewallRules: [{95AD20A7-8A72-47D6-811A-7C78C88C7C93}] => (Allow) C:\Steam\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe => No File
FirewallRules: [{60012540-EC15-4FA5-B725-78787EA458FB}] => (Allow) D:\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File
FirewallRules: [{67774D32-F94A-434B-8D53-607BC37ABA8D}] => (Allow) D:\Steam\steamapps\common\ELDEN RING\Game\start_protected_game.exe => No File
FirewallRules: [{FB71D621-3E91-4E1C-9F40-E6FF23F6AB7C}] => (Allow) D:\Steam\steamapps\common\Necesse\jre\bin\javaw.exe => No File
FirewallRules: [{FE618DA8-141E-4890-B3BC-8801C30438E4}] => (Allow) D:\Steam\steamapps\common\Necesse\jre\bin\javaw.exe => No File
FirewallRules: [{AEB32D80-0C4F-4FBE-811C-D8F99AEE0C3E}] => (Allow) C:\Tower Of Fantasy\Hotta\Binaries\Win64\INTLWebViewHelper.exe => No File
FirewallRules: [{31A76480-2C83-42BE-8856-FFC82255B844}] => (Allow) C:\Program Files (x86)\Popcorn Time\nodejs\node.exe => No File
FirewallRules: [{342211AD-9989-424B-843F-66FAAE9DD935}] => (Allow) C:\Program Files (x86)\Popcorn Time\nodejs\node.exe => No File
FirewallRules: [{A640C54B-6DB0-457A-BFFB-8D29DD0235E4}] => (Allow) C:\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe => No File
FirewallRules: [{640BF1B1-6575-458B-9D31-155C04441BF8}] => (Allow) C:\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe => No File
FirewallRules: [{FEB6C1D5-4823-4748-B432-273260742997}] => (Allow) C:\Steam\steamapps\common\Cyberpunk 2077\REDprelauncher.exe => No File
FirewallRules: [{6FB684A0-CA5B-4A81-A40D-B24FD8767F76}] => (Allow) C:\Steam\steamapps\common\Cyberpunk 2077\REDprelauncher.exe => No File
FirewallRules: [{D7D4EE90-3ED1-4F0D-8BBE-CA9228B34AA0}] => (Allow) D:\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe => No File
FirewallRules: [{157CA7DF-34B2-415C-B789-0D00AE3F9BD0}] => (Allow) D:\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe => No File
FirewallRules: [{BCD564B7-8A01-4F1E-998E-B4E95FB672C4}] => (Allow) C:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe => No File
FirewallRules: [{213437FE-832D-48F9-889C-97EF9F870FEA}] => (Allow) C:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe => No File
FirewallRules: [{E4825967-EEC0-4823-AC18-7A71CF05C225}] => (Allow) D:\Steam\steamapps\common\GarrysMod\bin\gmod.exe => No File
FirewallRules: [{EF832176-F856-410D-A912-94376E10DAB6}] => (Allow) D:\Steam\steamapps\common\GarrysMod\bin\gmod.exe => No File
FirewallRules: [{6736A801-8F2A-4551-AA2A-A9CFF88ADA10}] => (Allow) D:\Steam\steamapps\common\GarrysMod\bin\win64\gmod.exe => No File
FirewallRules: [{CBF60054-6AB9-4A3D-BC51-F22003FBCD37}] => (Allow) D:\Steam\steamapps\common\GarrysMod\bin\win64\gmod.exe => No File
FirewallRules: [{36CDA989-9F0B-4EEA-934B-6F5F3A58C46A}] => (Allow) C:\Steam\steamapps\common\PHtest\RaidGame.exe => No File
FirewallRules: [{610CAE14-7AC1-49E0-BC65-2E7FBA0D2310}] => (Allow) C:\Steam\steamapps\common\PHtest\RaidGame.exe => No File
FirewallRules: [{4ACB164E-C9BA-47B2-9BF3-72D6FC62434E}] => (Allow) D:\Steam\steamapps\common\GarrysMod\bin\gmod.exe => No File
FirewallRules: [{E248CEBC-4F1E-46D2-BEEA-47AE13A40118}] => (Allow) D:\Steam\steamapps\common\GarrysMod\bin\gmod.exe => No File
FirewallRules: [{EF18D080-AAF2-4506-99F0-18434E4267E6}] => (Allow) D:\Steam\steamapps\common\GarrysMod\bin\win64\gmod.exe => No File
FirewallRules: [{A6F46048-191A-4C8B-BE4D-F365FB4441D5}] => (Allow) D:\Steam\steamapps\common\GarrysMod\bin\win64\gmod.exe => No File
FirewallRules: [{628C06FE-F2E2-4C2D-BCFA-1C38A6ABEFB9}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{FACA5CA8-9587-42F4-922D-58492BF45F8A}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe => No File
FirewallRules: [{2C441771-0DE9-4062-B5C0-C3B0706D5EA6}] => (Allow) C:\ProgramData\ZeroTier\One\zerotier-one_x64.exe => No File
FirewallRules: [{7CD15B0D-583B-4505-81CC-196DB0518D8B}] => (Allow) C:\Steam\steamapps\common\Gotham Knights\GothamKnights.exe => No File
FirewallRules: [{016A7AB2-73A4-4B6C-B2FD-65547B62CD88}] => (Allow) C:\Steam\steamapps\common\Gotham Knights\GothamKnights.exe => No File
FirewallRules: [{4480DF79-FB2F-4840-97F8-31E64F573CF3}] => (Allow) C:\Steam\steamapps\common\Dying Light 2\ph\work\bin\x64\DyingLightGame_x64_rwdi.exe => No File
FirewallRules: [{22895656-2314-46BE-9F53-C5362710FFDF}] => (Allow) C:\Steam\steamapps\common\Dying Light 2\ph\work\bin\x64\DyingLightGame_x64_rwdi.exe => No File
FirewallRules: [{597B9900-ABAD-40C3-808A-00001A191D0F}] => (Allow) C:\Steam\steamapps\common\Warframe\Tools\Launcher.exe => No File
FirewallRules: [{53EFB07F-A8EA-4B08-A6CC-9B8C740E393F}] => (Allow) C:\Steam\steamapps\common\Warframe\Warframe.x64.exe => No File
FirewallRules: [{6ADED815-9B87-4DC2-96D5-E1929E6B5856}] => (Allow) C:\Steam\steamapps\common\Warframe\Warframe.x64.exe => No File
FirewallRules: [{D122E617-CC8E-45A7-A734-F64BF80809A9}] => (Allow) C:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe => No File
FirewallRules: [{5D7AD582-A85D-428D-AA77-C58C1C4788B5}] => (Allow) C:\Steam\steamapps\common\Warframe\Tools\Launcher.exe => No File
FirewallRules: [{0418645A-DDBE-4CE3-9861-EA8450D3DF99}] => (Allow) C:\Steam\steamapps\common\Warframe\Warframe.x64.exe => No File
FirewallRules: [{CD5DF783-B08D-4E74-84ED-C65EA7BD1820}] => (Allow) C:\Steam\steamapps\common\Warframe\Warframe.x64.exe => No File
FirewallRules: [{068F72B4-8F68-420C-BDEC-A38CF617DEDF}] => (Allow) C:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe => No File
FirewallRules: [{270D7C0C-2549-4FE0-8492-B0D3B48D1406}] => (Allow) D:\Steam\steamapps\common\Dark and Darker Playtest\DungeonCrawler.exe => No File
FirewallRules: [{D3FF73C4-4375-4712-ADCF-D3511CC91938}] => (Allow) D:\Steam\steamapps\common\Dark and Darker Playtest\DungeonCrawler.exe => No File
FirewallRules: [{8440F1C8-FC03-4A47-9CA3-59281553DB65}] => (Allow) D:\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe => No File
FirewallRules: [{611A3F18-21EE-4A1B-9B09-C86601B2557E}] => (Allow) D:\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe => No File
FirewallRules: [{49D61083-716D-4973-868D-9B30B8856199}] => (Allow) D:\Minecraft Curse Forge\overwolf\0.212.1.5\OverwolfBrowser.exe => No File
FirewallRules: [{86BAA9E9-11F7-4B4F-9354-FCAD9D843E0D}] => (Allow) D:\Minecraft Curse Forge\overwolf\0.212.1.5\OverwolfBrowser.exe => No File
FirewallRules: [{16F3DB57-734D-4D95-A469-B4B2C93A380B}] => (Block) D:\Minecraft Curse Forge\overwolf\0.212.1.5\OverwolfBrowser.exe => No File
FirewallRules: [{A7C52C86-FD05-4331-B047-43D070B3AC72}] => (Block) D:\Minecraft Curse Forge\overwolf\0.212.1.5\OverwolfBrowser.exe => No File
AlternateDataStreams: C:\ProgramData\agent.1653775616.bdinstall.v2.bin:648BE96FBB [4298]
AlternateDataStreams: C:\ProgramData\agent.update.1667380697.bdinstall.v2.bin:6D67FA1051 [4298]
AlternateDataStreams: C:\ProgramData\cl.1653775808.bdinstall.v2.bin:D863306057 [4298]
AlternateDataStreams: C:\ProgramData\cl.kit.1653775805.bdinstall.v2.bin:62052707C0 [4298]
AlternateDataStreams: C:\ProgramData\DP45977C.lfl:677104FCAA [4298]
AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [4298]
AlternateDataStreams: C:\ProgramData\screen.jpg:8C7DEC92B3 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk:09A0A90EF3 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk:8096E45125 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk:DC8F23BC3A [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk:E77773B271 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk:159ADC9AA1 [4298]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity Hub.lnk:830092544A [4298]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [8548]
AlternateDataStreams: C:\Users\theph\Application Data:374c9b336db4fa9522b72c58dcd0c3f9 [394]
AlternateDataStreams: C:\Users\theph\AppData\Roaming:374c9b336db4fa9522b72c58dcd0c3f9 [394]
AlternateDataStreams: C:\Users\theph\AppData\Local\Temp:$DATA [16]
C:\Windows\system32\drivers\etc\hosts
Hosts:
VirusTotal: C:\Windows\system32\Drivers\NeacSafe.sys
virusTotal: C:\ProgramData\DP45977C.lfl
cmd: net stop bits
Move: C:\ProgramData\Microsoft\Network\Downloader\qmgr*.db C:\ProgramData\Microsoft\Network\Downloader\qmgr*.db.old
cmd: net start bits
cmd:  bitsadmin /list /allusers
CMD: "%WINDIR%\SYSTEM32\lodctr.exe /R"
CMD: "%WINDIR%\SysWOW64\lodctr.exe /R"
CMD: "C:\Windows\SYSTEM32\lodctr.exe /R"
CMD: "C:\Windows\SysWOW64\lodctr.exe /R"
CMD: del /f /s /q %windir%\prefetch\*.*
CMD: del /s /q C:\Windows\SoftwareDistribution\download\*.*
CMD: del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cache\*.*"
cmd: del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\Cache\*.*"
cmd: del /s /q "%userprofile%\AppData\Local\Opera Software\Opera Stable\Cache\Cache_Data\*.*"
CMD: del /s /q "%userprofile%\AppData\Local\temp\*.*"
CMD: ipconfig /flushdns
C:\Windows\Temp\*.*
C:\WINDOWS\system32\*.tmp
C:\WINDOWS\syswow64\*.tmp
emptytemp:
Reboot:
End::
 
#11
We need to remove one last file.

Copy the content of the code box below.
Do not copy the word code!!!
Right Click FRST and run as Administrator.
Click Fix once (!) and wait. The program will create a log file (Fixlog.txt).
Attach it to your next message.

Code: 
start::
C:\ProgramData\DP45977C.lfl
end::
After running the above fix!!
How is the computer running? Issue solved?
 
#16
Disable your antivirus
Download Dr Web from the link below.
Save the file to your desktop.
Right Click on the randomly named file.
Run as administrator.
Agree to terms and continue.
Select objects for scanning, make sure all boxes are ticked.
Then check mark the click to select files and folders.
Make sure C: drive is checked.
Click OK.
Then click start scanning.
Once the scan is completed.
click on open report.
Then select file.
Save then save cureit.log to desktop.
Upload the log to https://catbox.moe/ or https://ufile.io/ and send me a link to the file.
If you are sure about the files detected being malicious.
Then make sure all items are ticked and under action move to delete.
Then hit the Neutralize button.
Reboot your computer after the scan.
 
#19
Ok, while I look over this.

Run this tool for me, it is similar to FRST but checks in different areas. I’ll check logs and provide another fix for you.

Download ZHP Suite to your desktop.
Right Click Run as admin.
Hit the scanner button.
Once it is complete a file name ZHPdiag.txt will be on your desktop.
Attach it.
Send this file to virustotal.

c:\users\theph\desktop\prinjectorfree\prinjector.exe

This is what Bitdefnder is saying is a virus. I believe this is a false positive, but we will see what virustotal says, if you do not know what this file is delete it.
 
Status
Not open for further replies.
Top Bottom
Back
Forums
Resources
Menu