Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-07-2023
Ran by tmmrcy (administrator) on LAPTOP-BQN0JE4L (HUAWEI BOD-WXX9) (06-07-2023 03:34:20)
Running from C:\Users\tzahi\Downloads\FRST64.exe
Loaded Profiles: tmmrcy
Platform: Microsoft Windows 11 Home Version 22H2 22621.1928 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(C:\Program Files\Huawei\HMS Core\HMSCoreService.exe ->) (Huawei Technologies Co., Ltd. -> Huawei Technologies Co., Ltd.) C:\Program Files\Huawei\HMS Core\HMSCoreContainer.exe
(C:\Program Files\Huawei\PCManager\MateBookService.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\PCManager\HwMdcCenter.exe
(C:\Program Files\Huawei\PCManager\MateBookService.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\PCManager\MBAMessageCenter.exe
(C:\Program Files\Huawei\PCManager\MBAMessageCenter.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\PCManager\DFSSearchService.exe
(C:\Program Files\Huawei\PCManager\MBAMessageCenter.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\PCManager\MessageCenterUI.exe
(C:\Program Files\Huawei\PCManager\MBAMessageCenter.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\PCManager\PerfWndMonHelper.exe
(C:\Program Files\Huawei\PCManager\MBAMessageCenter.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\PCManager\PerfWndMonHelper_x86.exe
(C:\Program Files\Intel\Intel Arc Control\ArcControl.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel Arc Control\ArcControlAssist.exe <5>
(DriverStore\FileRepository\cui_dch.inf_amd64_6673c5322430fc8a\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6673c5322430fc8a\igfxEMN.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(HWVEAudioService.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\WINDOWS\System32\HWVEAudioSession.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel Arc Control\ArcControl.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\WINDOWS\System32\NahimicService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitPhantomPDFUpdateService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\BasicService\BasicService.exe
(services.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\HwLcdEnhancement\LCD_Service.exe
(services.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\PCManager\MateBookService.exe
(services.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\WINDOWS\System32\HWVEAudioService.exe
(services.exe ->) (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.) C:\WINDOWS\System32\RPC\OSD\osdservice.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> Huawei Device Co., Ltd.) C:\Program Files\Huawei\Hiview\HiviewService.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> Huawei Technologies Co., Ltd.) C:\Program Files\Huawei\HMS Core\HMSCoreService.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> Huawei Technologies Co., Ltd.) C:\Program Files\Huawei\wucs\WUCSProxyService.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel Arc Control\ArcControlService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6673c5322430fc8a\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_f75fa513cf0ccec1\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a687edda40db3316\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_3b3ce26993cf233b\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\piecomponent.inf_amd64_0570478011758f12\Intel_PIE_Service.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.122.0611.0001\FileSyncHelper.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\msiexec.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\WINDOWS\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Goodix) C:\WINDOWS\System32\drivers\SessionService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_4b6fe1c4e6f1d68a\RtkAudUService64.exe <3>
(sihost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5131.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(svchost.exe ->) (21E1B422-257A-44A2-9C8F-379165856473 -> ) C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.17.0_x64__w2gh52qy24etm\Nahimic3.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2324.6.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\WINDOWS\System32\NahimicSvc64.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\WINDOWS\SysWOW64\NahimicSvc32.exe
(svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5131.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.13900.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.22621.1916_none_e90f859443098e59\TiWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_4b6fe1c4e6f1d68a\RtkAudUService64.exe [1256520 2021-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [739448 2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Intel® Arc™ Control] => C:\Program Files\Intel\Intel Arc Control\ArcControl.exe [1529384 2023-06-08] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-516455074-3529725477-31475253-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2606472 2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-516455074-3529725477-31475253-1001\...\Run: [MicrosoftEdgeAutoLaunch_2CDA1A8278879F750DEE63BCC2A16BEC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4113872 2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-516455074-3529725477-31475253-1001\...\Run: [] => [X]
HKLM\...\Print\Monitors\HP E111 Status Monitor: C:\WINDOWS\system32\hpinkstsE111LM.dll [393352 2017-04-14] (Hewlett Packard -> HP Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A1D9BE4-B8EC-4C57-A91D-D7E8D8DE94A0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157552 2023-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {1D7C5CAC-737A-452D-A236-EAA580A231D6} - System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1088616 ] (A-Volute SAS -> Nahimic)
Task: {1EBDEC72-F7EB-4367-A91D-1407EB41AB1F} - System32\Tasks\WpsExternal_tzahi_20221119083148 => C:\Users\tzahi\AppData\Local\Kingsoft\WPS Office\11.2.0.11388\office6\wpscloudsvr.exe [1057928 2022-11-19] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) -> /wpscloudlaunch /run_plugin /plugin_name=ktaskschdtool /plugin_entry=ktaskschdtool.dll /task=wpsexternal /launchtask /ver=1.0 /start_from=task_external
Task: {34DD68F5-B7EC-4BB3-B895-51CC362E44EB} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4150136 2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {376EBB42-42AF-4D9B-996E-9A2C76460B6B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26557376 2023-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {3C2411E2-875F-4A96-803B-AD1FC43AB975} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [829544 2021-07-02] (A-Volute SAS -> Nahimic)
Task: {42FE7CEB-8F85-4C25-95A6-4BD0F736AAC7} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\WINDOWS\System32\Wscript.exe [200704 2023-05-12] (Microsoft Windows -> Microsoft Corporation) -> //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {4398F590-BA0E-4042-B566-80B5E6BB3313} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26557376 2023-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {52CC6F32-6BA1-4633-B68E-42724D7EA72F} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [58832 2023-06-15] (HP Inc. -> HP Inc.)
Task: {6DEF4AB9-144A-495D-82D7-9170E5329F5D} - System32\Tasks\Window Update => C:\Users\tzahi\AppData\Local\Updates\Run.vbs [1015 2022-05-09] () [File not signed] <==== ATTENTION
Task: {74BD4F6A-54CF-4A9E-A8A5-B3328ED7AA71} - System32\Tasks\Windows Service Task => C:\Users\tzahi\AppData\Local\Updates\WindowsService.exe [5581312 2022-05-11] () [File not signed] <==== ATTENTION
Task: {783D56D1-678F-498D-8088-49B2C66E6E21} - System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [829544 ] (A-Volute SAS -> Nahimic)
Task: {89C88217-6FE5-472C-A4A5-BA18A1CA5495} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5002472 2023-03-28] (Intel Corporation -> Intel Corporation)
Task: {8AA31196-BD71-4997-9C0F-C5E5CC521A95} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [58832 2023-06-15] (HP Inc. -> HP Inc.)
Task: {8B915058-845F-43C0-A27E-CF36D34D133D} - System32\Tasks\WpsUpdateTask_tmmrcy => C:\Users\tzahi\AppData\Local\Kingsoft\WPS Office\11.2.0.11388\office6\wpsupdate.exe [172168 2022-11-19] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {A848FA44-1C8C-479F-A946-7E1AC9C29A71} - System32\Tasks\NahimicSvc64Run => C:\Windows\system32\NahimicSvc64.exe [1088616 2021-07-02] (A-Volute SAS -> Nahimic)
Task: {A976026E-4D8C-469E-AEFF-3F088580BC8B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {AC849E86-7356-4C55-A623-42BE30F8F601} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170456 2023-06-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {BD2A0C06-9B8F-41A6-A561-6C469C93768F} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5002472 2023-03-28] (Intel Corporation -> Intel Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {D16417EF-0C5E-40D7-821D-FA90EEA2B722} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-516455074-3529725477-31475253-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4150136 2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {E3A30FA9-D4F7-476E-85D1-09C722F93023} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {E48D667A-D43B-41D1-AE87-35C0BBF0EB86} - System32\Tasks\WpsUpdateTask_tzahi => C:\Users\tzahi\AppData\Local\Kingsoft\WPS Office\11.2.0.11388\office6\wpsupdate.exe [172168 2022-11-19] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {F12241CF-2EA8-43C2-9758-4D88AF469257} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157552 2023-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {F6A39165-6DE6-464C-8918-7E05503ED911} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0e1db6e2-967c-4181-ad20-1a7c8debc340}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f8d21a67-f548-45c5-a7aa-e808c1aba960}: [DhcpNameServer] 40.42.1.13
Edge:
=======
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\tzahi\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2023-07-06]
Edge Notifications: Profile 1 -> hxxps://pchelpforum.net; hxxps://teams.microsoft.com
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\tzahi\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-06-17]
Edge Extension: (Halo – Arrival) - C:\Users\tzahi\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ddgdgdmkcagpbibgcilbidjfokdngfld [2022-09-07]
Edge Extension: (Edge relevant text changes) - C:\Users\tzahi\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-05-19]
Edge HKU\S-1-5-21-516455074-3529725477-31475253-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [njjljiblognghfjfpcdpdbpbfcmhgafg]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi [2020-04-22] [Legacy]
FF HKLM\...\Firefox\Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi [2020-04-22]
FF HKLM-x32\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF HKLM-x32\...\Firefox\Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-10-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.371.2 -> C:\Program Files (x86)\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.371.2 -> C:\Program Files (x86)\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-10-29] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2020-04-22]
CHR HKU\S-1-5-21-516455074-3529725477-31475253-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gjgfobnenmnljakmhboildkafdkicala]
CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2020-04-22]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-07-06] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11774392 2023-06-07] (Microsoft Corporation -> Microsoft Corporation)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [43272 2023-07-03] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [212744 2023-07-03] (Intel Corporation -> Intel)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [813032 2022-07-06] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2022-07-15] (Epic Games Inc. -> Epic Games, Inc.)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.122.0611.0001\FileSyncHelper.exe [3446648 2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [381312 2020-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 FoxitPhantomPDFUpdateService; C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitPhantomPDFUpdateService.exe [1995184 2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 HiviewService; C:\Program Files\Huawei\Hiview\HiviewService.exe [5127064 2022-12-05] (Huawei Technologies Co., Ltd. -> Huawei Device Co., Ltd.)
S3 HmdfsOfficeSvc; C:\Program Files\Huawei\PCManager\hmdfsservice.exe [786312 2022-10-24] (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
S3 HmdfsPcSvc; C:\Program Files\Huawei\PCManager\hmdfsservice.exe [786312 2022-10-24] (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
S3 HmdfsPhoneSvc; C:\Program Files\Huawei\PCManager\hmdfsservice.exe [786312 2022-10-24] (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
R2 HMSCoreService; C:\Program Files\Huawei\HMS Core\HMSCoreService.exe [176712 2022-06-29] (Huawei Technologies Co., Ltd. -> Huawei Technologies Co., Ltd.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230352 2023-06-15] (HP Inc. -> HP Inc.)
R2 HwPCCoreService; C:\Program Files\Huawei\BasicService\BasicService.exe [629640 2022-10-24] (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
R2 HWVEAudioService; C:\WINDOWS\system32\HWVEAudioService.exe [104592 2021-03-27] (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
R2 HW_OSDServer; C:\Windows\system32\RPC\OSD\osdservice.exe [252168 2020-12-23] (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
R2 IntelArcControlService; C:\Program Files\Intel\Intel Arc Control\ArcControlService.exe [1432104 2023-06-08] (Intel Corporation -> Intel Corporation)
R2 LCD_Service; C:\Program Files\Huawei\HwLcdEnhancement\LCD_Service.exe [44424 2022-10-24] (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
R2 MBAMainService; C:\Program Files\Huawei\PCManager\MateBookService.exe [589192 2022-10-24] (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1675384 2021-07-02] (A-Volute SAS -> Nahimic)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.122.0611.0001\OneDriveUpdaterService.exe [3782520 2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2572096 2023-03-13] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3491144 2023-03-13] (Electronic Arts, Inc. -> Electronic Arts)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1244144 2023-06-29] (Rockstar Games, Inc. -> Rockstar Games)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182296 2021-06-23] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ucldr_Crowz_ST; C:\Program Files\Common Files\UNCHEATER\ucldr_Crowz_ST.exe [5613296 2022-04-10] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R2 WUCSProxy; C:\Program Files\HuaWei\wucs\WUCSProxyService.exe [7016008 2022-06-29] (Huawei Technologies Co., Ltd. -> Huawei Technologies Co., Ltd.)
S4 uhssvc; "C:\Program Files\Microsoft Update Health Tools\uhssvc.exe" [X]
S4 WdNisSvc; "%ProgramData%\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe" [X]
S4 WinDefend; "C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AcxHdAudio; C:\WINDOWS\System32\drivers\AcxHdAudio.sys [561152 2023-06-28] (Microsoft Windows -> Microsoft Corporation)
R3 ALSysIO; C:\Users\tzahi\AppData\Local\Temp\ALSysIO64.sys [47240 2023-07-04] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 dokan2; C:\Program Files\Huawei\PCManager\dokan2.sys [117176 2021-10-19] (Huawei Device Co., Ltd. -> Dokan Project)
R1 dokan2a; C:\Program Files\Huawei\PCManager\dokan2a.sys [403472 2022-05-03] (Huawei Device Co., Ltd. -> Dokan Project)
R3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps)
R3 DroidCamVideo; C:\WINDOWS\System32\DriverStore\FileRepository\droidcamvideo.inf_amd64_47e18363cbf3dfe0\droidcamvideo.sys [33784 2021-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_d0e63c4e3754f42f\iaLPSS2_GPIO2_TGL.sys [128152 2020-08-10] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_ab87bf17a571e523\iaLPSS2_I2C_TGL.sys [197272 2020-08-10] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_SPI_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_spi_tgl.inf_amd64_b6ea3d48ee329530\iaLPSS2_SPI_TGL.sys [155816 2020-08-10] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_UART2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_uart2_tgl.inf_amd64_1a8e964d43720594\iaLPSS2_UART2_TGL.sys [310440 2020-08-10] (Intel Corporation -> Intel Corporation)
R0 IBtRstd; C:\WINDOWS\System32\drivers\ibtrstd.sys [61376 2020-07-15] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85592 2020-06-16] (A-Volute -> Windows (R) Win 7 DDK provider)
S3 UniFairy_x64; C:\WINDOWS\system32\drivers\UniFairy_x64.sys [8209904 2022-07-05] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 unirsdt; C:\WINDOWS\system32\drivers\unirsdt.sys [6166504 2022-09-22] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [239664 2021-07-28] (Oracle Corporation -> Oracle Corporation)
R3 virtbus; C:\WINDOWS\System32\drivers\virtbus.sys [42968 2022-10-23] (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
R3 WDTDrv; C:\WINDOWS\System32\Drivers\WDTDrv.sys [46912 2020-07-14] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 WUCS; C:\WINDOWS\system32\drivers\WUCSDriver.sys [993728 2022-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Device Co., Ltd.)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [1431256 2022-04-10] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
U4 MsSecFlt; no ImagePath
U4 Sense; no ImagePath
U4 SgrmAgent; no ImagePath
U4 SgrmBroker; no ImagePath
S4 WdBoot; \SystemRoot\system32\drivers\wd\WdBoot.sys [X]
S4 WdFilter; \SystemRoot\system32\drivers\wd\WdFilter.sys [X]
S4 WdNisDrv; system32\drivers\wd\WdNisDrv.sys [X]
S3 WmFilter; \SystemRoot\system32\drivers\WmFilter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-07-06 03:34 - 2023-07-06 03:34 - 000030726 _____ C:\Users\tzahi\Downloads\FRST.txt
2023-07-06 03:33 - 2023-07-06 03:34 - 000000000 ____D C:\FRST
2023-07-06 03:33 - 2023-07-06 03:33 - 002383360 _____ (Farbar) C:\Users\tzahi\Downloads\FRST64.exe
2023-07-04 08:43 - 2023-07-04 14:16 - 000000000 ___HD C:\Intel
2023-07-04 08:43 - 2023-04-01 07:17 - 000001039 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telegram.lnk
2023-07-04 08:43 - 2021-09-05 05:39 - 000001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photoshop.lnk
2023-07-04 08:43 - 2021-09-05 05:30 - 000001021 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS Pro 16.lnk
2023-07-04 08:43 - 2021-09-05 05:07 - 000002367 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Teams for School.lnk
2023-07-04 08:33 - 2023-07-04 08:49 - 000000000 ___HD C:\$SysReset
2023-07-04 08:33 - 2023-07-03 21:51 - 000000000 ____D C:\$Windows.~BT
2023-07-03 22:11 - 2023-07-03 22:11 - 000000000 ____D C:\Users\tzahi\Documents\TotalAV
2023-07-03 22:10 - 2023-07-03 22:10 - 000000000 ____D C:\Users\tzahi\AppData\Local\GUI
2023-07-03 22:10 - 2023-07-03 22:10 - 000000000 ____D C:\ProgramData\SecuritySuite
2023-07-03 21:52 - 2023-07-03 22:13 - 000000000 ____D C:\Users\tzahi\AppData\Local\D3DSCache
2023-07-03 21:51 - 2023-07-04 21:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-07-03 21:27 - 2023-07-03 21:27 - 000000000 ____D C:\Users\tzahi\AppData\Local\ElevatedDiagnostics
2023-07-03 19:24 - 2023-07-03 19:24 - 000001427 _____ C:\WINDOWS\system32\default_error_stack-000025-000000.txt
2023-07-03 18:58 - 2023-07-06 03:32 - 000000000 ____D C:\Users\tzahi\AppData\Local\Updates
2023-07-03 18:58 - 2023-07-03 19:22 - 000003288 _____ C:\WINDOWS\system32\Tasks\Windows Service Task
2023-07-03 18:58 - 2023-07-03 19:22 - 000003252 _____ C:\WINDOWS\system32\Tasks\Window Update
2023-07-03 18:58 - 2023-07-03 18:58 - 000014544 _____ (OpenLibSys.org) C:\WINDOWS\system32\WinRing0x64.sys
2023-07-03 18:58 - 2023-07-03 18:58 - 000000000 ____D C:\Program Files (x86)\OceanofGames.ccom
2023-06-29 12:58 - 2023-06-29 12:58 - 000000360 _____ C:\Users\tzahi\Desktop\Grand Theft Auto V.url
2023-06-28 11:44 - 2023-07-03 19:24 - 000000000 ____D C:\Users\tmmrcy
2023-06-28 10:47 - 2023-06-28 10:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2023-06-28 10:44 - 2023-06-20 18:58 - 000515528 _____ (Intel) C:\WINDOWS\system32\libvpl.dll
2023-06-28 10:44 - 2023-06-20 18:58 - 000455664 _____ (Intel) C:\WINDOWS\SysWOW64\libvpl.dll
2023-06-28 10:44 - 2023-06-20 18:57 - 000937504 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2023-06-28 10:44 - 2023-06-20 18:56 - 000700360 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2023-06-28 10:44 - 2023-06-20 18:55 - 000586232 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2023-06-28 10:44 - 2023-06-20 18:55 - 000447760 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2023-06-28 10:44 - 2023-06-20 18:54 - 000488056 _____ C:\WINDOWS\SysWOW64\IntelControlLib32.dll
2023-06-28 10:44 - 2023-06-20 18:51 - 002184128 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-06-28 10:44 - 2023-06-20 18:51 - 002184128 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-06-28 10:44 - 2023-06-20 18:51 - 001618368 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-06-28 10:44 - 2023-06-20 18:51 - 001618368 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-06-28 10:44 - 2023-06-20 18:51 - 001481672 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-06-28 10:44 - 2023-06-20 18:51 - 001481672 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-06-28 10:44 - 2023-06-20 18:51 - 001214400 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-06-28 10:44 - 2023-06-20 18:51 - 001214400 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-06-28 10:44 - 2023-06-20 18:51 - 000497648 _____ C:\WINDOWS\system32\ze_tracing_layer.dll
2023-06-28 10:44 - 2023-06-20 18:51 - 000437752 _____ C:\WINDOWS\system32\ze_loader.dll
2023-06-28 10:44 - 2023-06-20 18:51 - 000288192 _____ C:\WINDOWS\system32\ze_validation_layer.dll
2023-06-28 10:44 - 2023-06-20 18:50 - 027958720 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll
2023-06-28 10:44 - 2023-06-20 18:50 - 020682736 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll
2023-06-28 10:44 - 2023-06-20 18:49 - 000274288 _____ C:\WINDOWS\system32\ControlLib.dll
2023-06-28 10:44 - 2023-06-20 18:49 - 000223608 _____ C:\WINDOWS\SysWOW64\ControlLib32.dll
2023-06-22 01:35 - 2023-06-22 01:37 - 000000795 _____ C:\Users\tzahi\Untitled1.ipynb
2023-06-22 01:32 - 2023-06-22 01:34 - 000001270 _____ C:\Users\tzahi\Final Exam Practice.ipynb
2023-06-22 01:19 - 2023-06-22 01:51 - 000041694 _____ C:\Users\tzahi\CMPE_107_CH5_Functions.ipynb
2023-06-18 09:52 - 2023-06-18 09:52 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000024-000000.txt
2023-06-14 16:31 - 2023-06-14 16:31 - 000638976 _____ C:\WINDOWS\system32\smartscreen.exe
2023-06-13 17:28 - 2023-07-04 08:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TLauncher
2023-06-07 08:39 - 2023-06-07 08:39 - 000003670 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2023-06-07 08:39 - 2023-04-25 11:32 - 000047240 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-07-06 03:33 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-07-06 03:33 - 2022-05-07 08:22 - 000000000 ____D C:\WINDOWS\INF
2023-07-06 03:32 - 2023-05-12 10:31 - 000001517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2023-07-06 03:32 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-07-06 03:32 - 2021-09-13 21:38 - 000000000 ____D C:\Users\tzahi\AppData\Roaming\PCManager
2023-07-06 03:32 - 2021-09-03 22:17 - 000000000 ___RD C:\Users\tzahi\OneDrive
2023-07-06 03:32 - 2021-03-09 05:43 - 000000000 ____D C:\ProgramData\Package Cache
2023-07-04 22:30 - 2022-05-07 08:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-07-04 21:20 - 2021-04-14 21:10 - 000000000 ____D C:\ProgramData\Goodix
2023-07-04 21:18 - 2022-05-07 08:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-07-04 14:29 - 2021-11-25 11:07 - 000000000 ___RD C:\Users\tzahi\Documents\EXCEL Files
2023-07-04 14:20 - 2022-09-22 08:53 - 000850372 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-07-04 14:16 - 2022-09-22 08:53 - 000003112 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
2023-07-04 14:16 - 2022-09-22 08:53 - 000003092 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
2023-07-04 14:16 - 2022-09-22 08:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-07-04 14:16 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\ServiceState
2023-07-04 14:16 - 2022-05-07 08:17 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2023-07-04 14:16 - 2021-03-09 05:39 - 000012288 ___SH C:\DumpStack.log.tmp
2023-07-04 14:15 - 2021-09-04 12:50 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-07-04 08:51 - 2023-03-01 21:48 - 000000000 ____D C:\WINDOWS\Panther
2023-07-04 08:50 - 2023-02-21 22:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)
2023-07-04 08:50 - 2022-09-22 08:51 - 000000000 ____D C:\Users\tzahi\AppData\Roaming\Microsoft\Crypto
2023-07-04 08:50 - 2022-09-22 08:50 - 000000000 ____D C:\Users\tzahi\AppData\Roaming\Microsoft\Windows
2023-07-04 08:50 - 2022-09-22 08:50 - 000000000 ____D C:\Users\tzahi
2023-07-04 08:50 - 2022-05-12 08:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2023-07-04 08:50 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2023-07-04 08:50 - 2022-03-03 16:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HUAWEI
2023-07-04 08:50 - 2021-09-05 05:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2023-07-04 08:50 - 2020-11-19 10:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-07-04 06:41 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-07-03 22:15 - 2022-05-07 08:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-07-03 21:51 - 2022-09-22 08:52 - 000015243 _____ C:\WINDOWS\diagwrn.xml
2023-07-03 21:51 - 2022-09-22 08:52 - 000015243 _____ C:\WINDOWS\diagerr.xml
2023-07-03 21:26 - 2021-10-21 14:44 - 000000000 ____D C:\Users\tzahi\AppData\Local\CrashDumps
2023-07-03 21:23 - 2022-05-07 08:24 - 000000000 ____D C:\Program Files\Windows Defender
2023-07-03 21:23 - 2022-05-07 08:24 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-07-03 21:22 - 2022-09-22 08:49 - 000618256 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-07-03 21:13 - 2022-05-07 08:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-07-03 20:08 - 2021-09-05 05:01 - 000000000 ____D C:\Program Files\TeamViewer
2023-07-03 19:38 - 2022-05-07 08:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-07-03 19:30 - 2021-09-03 22:16 - 000000000 ____D C:\Users\tzahi\AppData\Local\Packages
2023-07-03 19:24 - 2022-05-14 12:04 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-06-30 14:39 - 2022-10-11 00:20 - 000000000 ____D C:\Users\tzahi\Desktop\Important Documents
2023-06-30 14:39 - 2022-05-12 02:59 - 000000000 ____D C:\Users\tzahi\Documents\Recovery Codes
2023-06-30 14:39 - 2021-09-05 05:41 - 000000000 ____D C:\Users\tzahi\Documents\PDF FIles
2023-06-30 13:59 - 2022-04-27 01:53 - 000000525 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2023-06-30 13:57 - 2020-11-19 10:32 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-06-29 13:33 - 2021-09-04 03:20 - 000000000 ____D C:\Users\tzahi\Documents\Rockstar Games
2023-06-29 13:32 - 2023-02-22 22:46 - 000000000 ____D C:\Users\tzahi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2023-06-29 13:32 - 2021-09-04 03:15 - 000000000 ____D C:\ProgramData\Rockstar Games
2023-06-29 13:32 - 2021-09-04 03:13 - 000000000 ____D C:\Program Files\Rockstar Games
2023-06-29 13:32 - 2021-09-04 03:13 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2023-06-29 10:00 - 2022-09-22 08:53 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-516455074-3529725477-31475253-1001
2023-06-29 10:00 - 2022-09-22 08:53 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-06-29 10:00 - 2021-09-03 22:14 - 000002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-06-29 09:55 - 2022-11-19 11:05 - 000000000 ____D C:\Users\tzahi\Desktop\English 181-191
2023-06-28 11:43 - 2023-05-12 11:43 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2023-06-28 11:22 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\UUS
2023-06-28 11:22 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-06-28 11:22 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2023-06-28 11:22 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-06-28 11:22 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-06-28 11:22 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-06-28 11:22 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-06-28 11:22 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-06-28 11:22 - 2022-05-07 08:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-06-28 11:00 - 2022-09-22 08:51 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-06-28 10:44 - 2021-03-09 05:43 - 000000000 ____D C:\Program Files\Intel
2023-06-28 08:59 - 2021-03-09 05:43 - 000000000 ____D C:\Program Files (x86)\Intel
2023-06-23 19:15 - 2021-10-20 20:46 - 000000000 ____D C:\Users\tzahi\AppData\Roaming\.tlauncher
2023-06-23 08:03 - 2023-02-20 22:34 - 000000000 ____D C:\ProgramData\Nahimic
2023-06-22 01:51 - 2023-04-06 15:35 - 000000000 ____D C:\Users\tzahi\AppData\Roaming\jupyter
2023-06-22 01:35 - 2023-04-06 15:35 - 000000000 ____D C:\Users\tzahi\.ipynb_checkpoints
2023-06-19 00:52 - 2021-09-04 22:14 - 000000000 ____D C:\Users\tzahi\AppData\Roaming\Microsoft\Word
2023-06-17 03:25 - 2022-05-12 08:08 - 000000000 ____D C:\Program Files\Microsoft Office
2023-06-17 02:52 - 2022-10-25 19:32 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2023-06-17 02:52 - 2022-10-25 19:32 - 000062968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2023-06-17 02:52 - 2021-09-04 22:46 - 002807296 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2023-06-17 02:52 - 2021-09-04 22:46 - 000247288 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2023-06-17 02:52 - 2021-09-04 22:46 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2023-06-17 02:51 - 2021-11-20 19:39 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2023-06-17 02:51 - 2021-09-04 22:46 - 000493048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2023-06-17 02:51 - 2021-09-04 22:46 - 000202232 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2023-06-15 21:29 - 2022-09-22 08:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2023-06-15 21:29 - 2021-09-05 06:13 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2023-06-15 05:28 - 2021-09-04 04:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-06-15 05:26 - 2021-09-04 04:44 - 170078616 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-06-15 00:59 - 2022-09-22 08:53 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-06-15 00:59 - 2022-09-22 08:53 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-06-14 04:10 - 2022-11-19 09:31 - 000000000 ____D C:\Users\tzahi\AppData\Roaming\kingsoft
2023-06-14 00:39 - 2022-04-14 09:32 - 000000000 ____D C:\Users\tzahi\AppData\Roaming\.minecraft
2023-06-13 17:21 - 2021-09-04 22:42 - 000000000 ____D C:\Program Files (x86)\Steam
2023-06-09 12:10 - 2022-10-16 19:25 - 000000000 ____D C:\Users\tzahi\Desktop\Physics 101 Notes
2023-06-07 13:56 - 2022-09-22 08:53 - 000003834 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2023-06-07 08:39 - 2022-09-22 08:53 - 000003762 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2023-06-07 08:39 - 2022-09-22 08:53 - 000003528 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
==================== Files in the root of some directories ========
2021-09-05 05:08 - 2021-09-05 05:08 - 000000128 ____H () C:\Users\tzahi\AppData\Roaming\ecf00c38dc807e105d881c433a6b455dd2c606b6
2021-09-12 10:38 - 2021-12-06 20:52 - 082428480 _____ (Sony) C:\Users\tzahi\AppData\Local\pcc.exe
2021-12-29 21:33 - 2022-01-14 10:15 - 000007597 _____ () C:\Users\tzahi\AppData\Local\Resmon.ResmonCfg
==================== FLock ==============================
2023-06-14 16:31 C:\WINDOWS\system32\smartscreen.exe
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2023
Ran by tmmrcy (06-07-2023 03:34:57)
Running from C:\Users\tzahi\Downloads
Microsoft Windows 11 Home Version 22H2 22621.1928 (X64) (2022-09-22 05:53:16)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-516455074-3529725477-31475253-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-516455074-3529725477-31475253-503 - Limited - Disabled)
Guest (S-1-5-21-516455074-3529725477-31475253-501 - Limited - Disabled)
tmmrcy (S-1-5-21-516455074-3529725477-31475253-1001 - Administrator - Enabled) => C:\Users\tzahi
WDAGUtilityAccount (S-1-5-21-516455074-3529725477-31475253-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-516455074-3529725477-31475253-1001\...\uTorrent) (Version: 3.5.5.46348 - BitTorrent Inc.)
Anaconda3 2022.10 (Python 3.9.13 64-bit) (HKLM\...\Anaconda3 2022.10 (Python 3.9.13 64-bit)) (Version: 2022.10 - Anaconda, Inc.)
Anaconda3 2022.10 (Python 3.9.13 64-bit) (HKU\S-1-5-21-516455074-3529725477-31475253-1001\...\Anaconda3 2022.10 (Python 3.9.13 64-bit)) (Version: 2022.10 - Anaconda, Inc.)
Batman Episode 5 (HKLM-x32\...\Batman Episode 5_is1) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Core Temp 1.17.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.17.1 - ALCPU)
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.11 - Bloodshed Software)
Discord (HKU\S-1-5-21-516455074-3529725477-31475253-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
Documentation Manager (HKLM\...\{619AF8CA-69CA-4463-88F7-86E2E387FB66}) (Version: 22.230.0.8 - Intel Corporation) Hidden
DroidCam Client (HKLM-x32\...\DroidCam) (Version: 6.4.3 - DEV47APPS)
Dynamic Application Loader Host Interface Service (HKLM\...\{1216C70E-6887-41B6-8EDB-FD91B5A8708F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{A7BBC0A6-3DB0-41CC-BCED-DDFC5D4F3060}) (Version: 1.2.17.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
FiveM (HKU\S-1-5-21-516455074-3529725477-31475253-1001\...\CitizenFX_FiveM) (Version: - Cfx.re)
Foxit PhantomPDF (HKLM-x32\...\{0a0d1ae2-8a54-11ea-8e74-54bf64a63c26}) (Version: 10.0.0.35798 - Foxit Software Inc.)
Free Cam 8 (HKLM-x32\...\{31FACC6B-2EB0-4092-B715-FE8B8916A967}) (Version: 8.7.27159 - iSpring Solutions Inc.)
Halo 2 Project Cartographer (HKU\S-1-5-21-516455074-3529725477-31475253-1001\...\Halo 2 Project Cartographer) (Version: 01.7.00.00 - H2PC)
HMS Core (HKLM\...\HMS Core) (Version: 6.6.0.300 - Huawei Technologies Co., Ltd.)
HP DeskJet 2130 series Basic Device Software (HKLM\...\{A81ACE32-12C9-43C8-BFD6-BEA725ACB9F4}) (Version: 40.11.1124.17107 - HP Inc.)
HP Dropbox Plugin (HKLM-x32\...\{D12BC084-97D6-438A-AA7C-5962608D17A0}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{BFA42100-DB54-467A-BB87-CF70732B4065}) (Version: 36.0.41.58587 - HP)
Huawei PC Manager(Multi-screen Collaboration and Official Driver) (HKLM\...\PC Manager) (Version: 13.0.2.370 - Huawei Device Co., Ltd.)
HW OSD (HKLM\...\HwOsd) (Version: 11.0.5.3 - Huawei Device Co., Ltd.)
Intel Driver && Support Assistant (HKLM-x32\...\{0F7F6F7B-684E-435A-9FCE-C8A1F71EDA14}) (Version: 23.3.25.6 - Intel) Hidden
Intel(R) Chipset Device Software (HKLM\...\{368C1112-09E1-4EE3-A274-9118DF101CA9}) (Version: 10.1.18460.8229 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{a2c684b7-4a4b-425f-a805-1e88940804b0}) (Version: 10.1.18460.8229 - Intel(R) Corporation)
Intel(R) Computing Improvement Program (HKLM\...\{438CD419-50DF-4A15-B9AD-986D47085E54}) (Version: 2.4.09146 - Intel Corporation)
Intel(R) Dynamic Tuning (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.7.10400.15556 - Intel Corporation)
Intel(R) Dynamic Tuning Technology (HKLM-x32\...\{bb67b2ec-1792-405b-8351-21bcc9f00f45}) (Version: 8.7.10400.15556 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{0703311b-31d5-4c17-9668-c48dee4b7749}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{209fc91f-5b9a-4901-ac8f-cb1759c75a18}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{34663e82-6c5e-4b48-b1b1-fee1881dc39b}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{34989299-2d34-4a1b-baa2-4de4fafbb4d0}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{55fc13d0-814b-49bb-b13b-27836022cfb9}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{7e58df71-ff1c-43fd-a618-5511b76c0dd9}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{8850e5d7-7f46-4a65-8f61-90533664733c}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{907b050d-5a10-4585-a175-7003de7204b2}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{b4e016a7-e963-49d7-9b66-4d635026af31}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{c4456f6f-fe06-4281-b612-7431efe37891}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{d1d0fa4c-90ba-4580-9bc0-161e91344b1c}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{e8608a5e-87fa-4830-99b6-f679b87d3cb6}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Icls (HKLM\...\{DA3AEB76-773F-417C-B053-7A9A28F413B2}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM\...\{2C22227F-09AF-4498-AEFD-6DC10FCD664F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2033.15.0.1783 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{B3956502-1A32-4061-8A99-015E9EA66132}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{C046A888-9C09-411B-B3C8-73F77E861243}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{A670C124-DF72-42A3-8C1A-061FF3A09E29}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.2031.2 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{BA425414-4D86-4FB0-8EEE-FA7F34E79C00}) (Version: 30.100.2031.2 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000230-0220-1033-84C8-B8D95FA3C8C3}) (Version: 22.230.0.2 - Intel Corporation)
Intel® Arc™ Control (HKLM\...\{13865A06-C2AB-4814-BAE6-69FCB841C8DA}) (Version: 1.69.5033.3 - Intel Corporation) Hidden
Intel® Arc™ Control (HKLM-x32\...\{5893f084-4b18-43be-a951-629c07848117}) (Version: 1.69.5033.3 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{0ddcdf18-17cd-44ad-af4e-ba6821421c30}) (Version: 23.3.25.6 - Intel)
Intel® Software Installer (HKLM-x32\...\{09b61d86-bc76-4353-a7d8-ebc9e2822195}) (Version: 22.230.0.8 - Intel Corporation) Hidden
Java 8 Update 371 (HKLM-x32\...\{71124AE4-039E-4CA4-87B4-2F32180371F0}) (Version: 8.0.3710.11 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft .NET Core Host - 3.1.32 (x64) (HKLM\...\{8A8E3A04-83BC-4CDE-9259-893B666C1AB1}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.32 (x64) (HKLM\...\{ABC6B3C2-1A8D-4C5E-AC16-C2AE44F02743}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM\...\{A741B803-3F0E-4684-81EF-FC128D15A92C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM-x32\...\{784973c8-d618-4ac8-97ed-1fd52c5bdf2f}) (Version: 3.1.32.31915 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 114.0.1823.67 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 114.0.1823.67 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Halo (HKLM-x32\...\Halo) (Version: - Microsoft)
Microsoft Office Professional Plus 2021 - en-us (HKLM\...\ProPlus2021Retail - en-us) (Version: 16.0.16501.20210 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.122.0611.0001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16501.20152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16501.20152 - Microsoft Corporation) Hidden
OpenIV (HKU\S-1-5-21-516455074-3529725477-31475253-1001\...\OpenIV) (Version: 4.1.1502 - .black/OpenIV Team)
Origin (HKLM-x32\...\Origin) (Version: 10.5.122.52971 - Electronic Arts, Inc.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.74.1546_B - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.8.4 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TLauncher (HKLM-x32\...\TLauncher) (Version: 2.885 - TLauncher Inc.)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 125.0.10582 - Ubisoft)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
WPS Office (11.2.0.11388) (HKU\S-1-5-21-516455074-3529725477-31475253-1001\...\Kingsoft Office) (Version: 11.2.0.11388 - Kingsoft Corp.)
Zoom (HKU\S-1-5-21-516455074-3529725477-31475253-1001\...\ZoomUMX) (Version: 5.7.7 (1105) - Zoom Video Communications, Inc.)
Packages:
=========
Forza Horizon 4 -> C:\Program Files\WindowsApps\Microsoft.SunriseBaseGame_1.477.714.2_x64__8wekyb3d8bbwe [2023-04-06] (Microsoft Studios)
Forza Horizon 4 Formula Drift Car Pack -> C:\Program Files\WindowsApps\Microsoft.FormulaDriftCarPack_1.0.3.2_neutral__8wekyb3d8bbwe [2023-02-22] (Microsoft Studios)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_146.3.1087.0_x64__v10z8vjag6ke6 [2023-07-03] (HP Inc.)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1900.9.106.0_x64__8xx8rvfyw5nnt [2023-07-04] (Meta) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.39.0_x64__8wekyb3d8bbwe [2023-01-03] (Microsoft Corp.)
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.2.16.0_x64__8wekyb3d8bbwe [2023-06-09] (Microsoft Studios)
ms-resource:app_name_ms_todo -> C:\Program Files\WindowsApps\Microsoft.Todos_2.97.61391.0_x64__8wekyb3d8bbwe [2023-07-03] (Microsoft Corporation) [Startup Task]
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.60961.0_x64__8wekyb3d8bbwe [2023-04-24] (Microsoft Corporation)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-09-22] (Microsoft Corporation)
ms-resource:System_Item_Title_IntelGraphicsControlPanel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5131.0_x64__8j3eq9eme6ctt [2023-07-03] (INTEL CORP) [Startup Task]
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.17.0_x64__w2gh52qy24etm [2023-07-03] (A-Volute)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-10-26] (Netflix, Inc.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-09-14] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.25.247.0_x64__dt26b99r8h8gj [2023-07-03] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.214.1149.0_x86__zpdnekdrzrea0 [2023-06-22] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2324.6.0_x64__cv1g1gvanyjgm [2023-07-03] (WhatsApp Inc.) [Startup Task]
WiFi Analyzer -> C:\Program Files\WindowsApps\19965MATTHAFNER.WIFIANALYZER_2.6.1.0_x64__gs5k5vmxr2ste [2023-07-03] (Matt Hafner)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.851.1712.0_x64__8wekyb3d8bbwe [2023-05-24] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.882.2207.0_x64__8wekyb3d8bbwe [2023-06-28] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.882.2207.0_x86__8wekyb3d8bbwe [2023-06-28] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-516455074-3529725477-31475253-1001_Classes\CLSID\{28A80003-18FD-411D-B0A3-3C81F618E22B}\InprocServer32 -> C:\Users\tzahi\AppData\Local\Kingsoft\WPS Office\11.2.0.11388\office6\kwpsmenushellext64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-516455074-3529725477-31475253-1001_Classes\CLSID\{7C360CF9-D475-44FC-8163-AD6C95CF5F5D}\InprocServer32 -> C:\Users\tzahi\AppData\Local\Kingsoft\WPS Office\11.2.0.11388\office6\kmso2pdfplugins64.dll (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.122.0611.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.122.0611.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.122.0611.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.122.0611.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.122.0611.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.122.0611.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.122.0611.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.122.0611.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.122.0611.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.122.0611.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.122.0611.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.122.0611.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.122.0611.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.122.0611.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.122.0611.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2020-04-22] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers1: [HwShareMenu] -> {9557F42F-BD61-4E26-9752-33A8A20FC9F9} => C:\Program Files\Huawei\PCManager\ShareMenu.dll [2022-10-24] (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
ContextMenuHandlers1: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DFSDriveMenu] -> {9557F42F-BD61-4E26-9752-33A8A20FC9F9} => C:\Program Files\Huawei\PCManager\ShareMenu.dll [2022-10-24] (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.122.0611.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.) [File not signed]
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.122.0611.0001\FileSyncShell64.dll [2023-06-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2020-04-22] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-22] (MagicISO, Inc.) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-516455074-3529725477-31475253-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\tzahi\AppData\Local\Kingsoft\WPS Office\11.2.0.11388\office6\kwpsmenushellext64.dll [2022-11-19] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers4_S-1-5-21-516455074-3529725477-31475253-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\tzahi\AppData\Local\Kingsoft\WPS Office\11.2.0.11388\office6\kwpsmenushellext64.dll [2022-11-19] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\tzahi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
2022-03-22 15:59 - 2021-10-30 05:08 - 001080832 _____ () [File not signed] C:\Program Files\HuaWei\wucs\sqlcipher.dll
2023-04-25 11:32 - 2023-04-25 11:32 - 001600512 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll
2023-04-25 11:32 - 2023-04-25 11:32 - 002165760 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2021-11-12 12:53 - 2021-11-12 12:53 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-11-12 12:53 - 2021-11-12 12:53 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2021-11-12 12:53 - 2021-11-12 12:53 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2023-03-14 22:10 - 2021-11-12 12:53 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2023-03-14 22:10 - 2021-11-12 12:53 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2023-03-14 22:10 - 2021-11-12 12:53 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2023-03-14 22:10 - 2021-11-12 12:53 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2023-03-14 22:10 - 2021-11-12 12:53 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2023-03-14 22:10 - 2021-11-12 12:53 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Recovery:err [1590]
AlternateDataStreams: C:\ProgramData\droidcam-client-options-v2:8329C6407A [10]
AlternateDataStreams: C:\ProgramData\droidcam-settings:3FFAD04353 [10]
AlternateDataStreams: C:\ProgramData\droidcam.log:ADD74D6E12 [10]
AlternateDataStreams: C:\ProgramData\ecf00c38dc807e105d881c433a6b455dd2c606b6:2EA0371A72 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net.lnk:E2208A86CD [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DroidCam Client.lnk:96D1DD3380 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF.lnk:4851378599 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Cam 8.lnk:6991C8B2BC [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP DeskJet 2130 series.lnk:25ED2E7AB7 [10]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [2734]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
SearchScopes: HKU\S-1-5-21-516455074-3529725477-31475253-1001 -> DefaultScope {D070BD48-05DB-4F29-BB4E-FCEA17667687} URL =
SearchScopes: HKU\S-1-5-21-516455074-3529725477-31475253-1001 -> {D070BD48-05DB-4F29-BB4E-FCEA17667687} URL =
BHO: Foxit PhantomPDF Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin_x64.dll [2020-04-22] (FOXIT SOFTWARE INC. -> )
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-03-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre-1.8\bin\ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Foxit PhantomPDF Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2020-04-22] (FOXIT SOFTWARE INC. -> )
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre-1.8\bin\jp2ssv.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Foxit PhantomPDF Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin_x64.dll [2020-04-22] (FOXIT SOFTWARE INC. -> )
Toolbar: HKLM-x32 - Foxit PhantomPDF Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2020-04-22] (FOXIT SOFTWARE INC. -> )
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-06-07] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-516455074-3529725477-31475253-1001\...\sharepoint.com -> hxxps://doguakdeniz-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 12:14 - 2023-07-03 22:15 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2022-04-27 01:53 - 2023-06-30 13:59 - 000000525 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.29 HUAWEI_MatePad_11-ce7ac16.mshome.net # 2023 7 5 7 10 59 24 936
192.168.137.1 LAPTOP-BQN0JE4L.mshome.net # 2028 6 3 28 10 59 24 936
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
HKU\S-1-5-21-516455074-3529725477-31475253-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\tzahi\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\abstract-background-5544x2480-10823.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-516455074-3529725477-31475253-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-516455074-3529725477-31475253-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-516455074-3529725477-31475253-1001\...\StartupApproved\Run: => "XperiaCompanionAgent"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{EA28C9BF-57C5-43E3-A2F1-CCBA70771B67}G:\games\scrap mechanic\release\scrapmechanic.exe] => (Allow) G:\games\scrap mechanic\release\scrapmechanic.exe => No File
FirewallRules: [TCP Query User{EB19FCAB-5755-47FD-B469-2AC6B697F463}G:\games\scrap mechanic\release\scrapmechanic.exe] => (Allow) G:\games\scrap mechanic\release\scrapmechanic.exe => No File
FirewallRules: [UDP Query User{B5F0B45F-121A-4751-8BCA-446A8D83452A}G:\games\epic games\arksurvivalevolved\shootergame\binaries\win64\shootergame.exe] => (Allow) G:\games\epic games\arksurvivalevolved\shootergame\binaries\win64\shootergame.exe => No File
FirewallRules: [TCP Query User{AD6655D5-D0F0-4383-9CFF-B4CF0DA2FF31}G:\games\epic games\arksurvivalevolved\shootergame\binaries\win64\shootergame.exe] => (Allow) G:\games\epic games\arksurvivalevolved\shootergame\binaries\win64\shootergame.exe => No File
FirewallRules: [UDP Query User{F628B4F6-1D8D-45A0-9E94-7CF81819442B}G:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) G:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [TCP Query User{A0BCCD4D-9A5B-4B0B-A7F2-A0786144B0BF}G:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) G:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{C6452449-CB73-4359-A274-18F6844A794E}G:\games\epic games\fallguys\fallguys_client_game.exe] => (Block) G:\games\epic games\fallguys\fallguys_client_game.exe => No File
FirewallRules: [TCP Query User{4D4716CE-B023-4059-8BB5-69109DE13CD6}G:\games\epic games\fallguys\fallguys_client_game.exe] => (Block) G:\games\epic games\fallguys\fallguys_client_game.exe => No File
FirewallRules: [UDP Query User{0079DD27-BE20-40EF-96B7-B041B8C38B42}C:8\games\call of duty modern warfare\modernwarfare.exe] => (Allow) C:8\games\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{8290BD0F-9C0D-4C57-B4E6-6BD9F1BF4979}C:8\games\call of duty modern warfare\modernwarfare.exe] => (Allow) C:8\games\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{EC880E9B-6339-4142-A9DF-195CF4B7F548}C:4\games\call of duty modern warfare\modernwarfare.exe] => (Allow) C:4\games\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{7455CCF7-4821-46E1-9AC4-99DAAC1ED0C9}C:4\games\call of duty modern warfare\modernwarfare.exe] => (Allow) C:4\games\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{86A1D011-AF02-4E84-905B-041E00021A8E}G:\games\call of duty modern warfare\modernwarfare.exe] => (Allow) G:\games\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{FD82AA22-29D1-463E-BEA6-B6BCFFE9B6F6}G:\games\call of duty modern warfare\modernwarfare.exe] => (Allow) G:\games\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{91A86FBF-F7E3-4D90-8B48-AB7AE27860E5}C:\users\tzahi\appdata\local\discord\app-1.0.9005\discord.exe] => (Allow) C:\users\tzahi\appdata\local\discord\app-1.0.9005\discord.exe => No File
FirewallRules: [TCP Query User{D7262939-48C9-4911-9D26-FC73EBD360B3}C:\users\tzahi\appdata\local\discord\app-1.0.9005\discord.exe] => (Allow) C:\users\tzahi\appdata\local\discord\app-1.0.9005\discord.exe => No File
FirewallRules: [{01148211-9260-478B-BFBE-BEBF656A6723}] => (Allow) G:\Games\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe => No File
FirewallRules: [{C6947DE2-5C0B-473A-8EEC-87C982DD0923}] => (Allow) G:\Games\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe => No File
FirewallRules: [{DDCD9EDB-FA3F-4A35-A805-FFDE8C260241}] => (Allow) G:\Games\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe => No File
FirewallRules: [{C6A1318C-2AA9-4295-B067-F1E127337781}] => (Allow) G:\Games\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe => No File
FirewallRules: [{B85120DE-6858-4F4F-9A5C-04534AC5DB19}] => (Allow) G:\Games\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe => No File
FirewallRules: [{51474B11-90B4-42F4-BA7B-2F0EF0E2EBA6}] => (Allow) G:\Games\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe => No File
FirewallRules: [UDP Query User{6E76F11A-31FD-47D9-808C-DC26B315FB10}G:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Allow) G:\steamlibrary\steamapps\common\war thunder\win64\aces.exe => No File
FirewallRules: [TCP Query User{D74A2248-60C0-4216-BC08-9EC19356DCC4}G:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Allow) G:\steamlibrary\steamapps\common\war thunder\win64\aces.exe => No File
FirewallRules: [{DF69DABD-6F13-4E02-B946-3434A01E33D3}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe => No File
FirewallRules: [{7B70BD56-3B0F-434B-ABF3-FC98622B5050}] => (Allow) G:\\Nox\bin\Nox.exe => No File
FirewallRules: [{9EB7B4F0-A658-4C3C-8826-10F4D6FDCEE0}] => (Allow) C:4\SteamLibrary\steamapps\common\War Thunder\eac_wt_mlauncher.exe => No File
FirewallRules: [{0AC01DF3-1247-44E6-9ACB-C344CC07ABCE}] => (Allow) C:4\SteamLibrary\steamapps\common\War Thunder\eac_wt_mlauncher.exe => No File
FirewallRules: [{B17DD100-466D-4D6A-9761-32E58F86D229}] => (Allow) C:4\SteamLibrary\steamapps\common\War Thunder\launcher.exe => No File
FirewallRules: [{21132FD2-9F3A-446C-A5C4-26A2E43892C5}] => (Allow) C:4\SteamLibrary\steamapps\common\War Thunder\launcher.exe => No File
FirewallRules: [UDP Query User{CDAC9157-EF8A-44EF-9199-6A6DCF877134}C:\users\tzahi\appdata\roaming\.minecraft\runtime\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\tzahi\appdata\roaming\.minecraft\runtime\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{ACC88C82-6E4A-4F4F-A795-73DB027299AB}C:\users\tzahi\appdata\roaming\.minecraft\runtime\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\tzahi\appdata\roaming\.minecraft\runtime\java-runtime-gamma\bin\javaw.exe
FirewallRules: [{2218EC88-AB59-40E2-8429-C7901D99CB2C}] => (Allow) C:6\Games\Apex\EasyAntiCheat_launcher.exe => No File
FirewallRules: [{D80405D4-2D08-47F3-93C3-E289D250F4DF}] => (Allow) C:6\Games\Apex\EasyAntiCheat_launcher.exe => No File
FirewallRules: [UDP Query User{B67C447F-BB5D-45A2-81D9-F74B8A9638DE}C:0\games\alienisolation\ai.exe] => (Allow) C:0\games\alienisolation\ai.exe => No File
FirewallRules: [TCP Query User{0F2EE437-3297-4AD6-9036-C68B225E1ED2}C:0\games\alienisolation\ai.exe] => (Allow) C:0\games\alienisolation\ai.exe => No File
FirewallRules: [UDP Query User{6B9146FE-1C34-4923-AEF8-2C7854C53F6A}C:8\steamlibrary\steamapps\common\destiny 2\destiny2.exe] => (Allow) C:8\steamlibrary\steamapps\common\destiny 2\destiny2.exe => No File
FirewallRules: [TCP Query User{40B18058-B3EA-410C-AABC-67F7B0CE5A76}C:8\steamlibrary\steamapps\common\destiny 2\destiny2.exe] => (Allow) C:8\steamlibrary\steamapps\common\destiny 2\destiny2.exe => No File
FirewallRules: [{AF31A34F-3AE4-4177-852C-FB25F9EA6512}] => (Allow) G:\SteamLibrary\steamapps\common\raceroom racing experience\Game\RRRE.exe => No File
FirewallRules: [{670A6739-0E4B-4FA0-B399-AFA9BF3DCCEB}] => (Allow) G:\SteamLibrary\steamapps\common\raceroom racing experience\Game\RRRE.exe => No File
FirewallRules: [{F7D4E450-DA93-4EE0-8A49-71E56D22956B}] => (Allow) G:\SteamLibrary\steamapps\common\raceroom racing experience\Game\x64\RRRE64.exe => No File
FirewallRules: [{48D7F757-F925-4334-9406-86D65CEEDF92}] => (Allow) G:\SteamLibrary\steamapps\common\raceroom racing experience\Game\x64\RRRE64.exe => No File
FirewallRules: [UDP Query User{C9823F84-1984-4090-907F-DC3702EE5C3C}G:\steamlibrary\steamapps\common\destiny 2\destiny2.exe] => (Allow) G:\steamlibrary\steamapps\common\destiny 2\destiny2.exe => No File
FirewallRules: [TCP Query User{9B1C125E-F31B-4EB1-A660-4A42AD0031B8}G:\steamlibrary\steamapps\common\destiny 2\destiny2.exe] => (Allow) G:\steamlibrary\steamapps\common\destiny 2\destiny2.exe => No File
FirewallRules: [UDP Query User{8D778748-74C2-4A53-8246-F355CDB36559}D:\games\thealtocollection\the alto collection.exe] => (Allow) D:\games\thealtocollection\the alto collection.exe => No File
FirewallRules: [TCP Query User{BE086E0D-5C43-4C1F-9345-8CFBB02837E0}D:\games\thealtocollection\the alto collection.exe] => (Allow) D:\games\thealtocollection\the alto collection.exe => No File
FirewallRules: [UDP Query User{93616156-6050-4782-9135-382098F0125B}C:\users\tzahi\downloads\_oceanofgames.com_beamng_drive_v0.17.0.2\beamng.drive.v0.17.0.2\bin64\beamng.drive.x64.exe] => (Allow) C:\users\tzahi\downloads\_oceanofgames.com_beamng_drive_v0.17.0.2\beamng.drive.v0.17.0.2\bin64\beamng.drive.x64.exe => No File
FirewallRules: [TCP Query User{F2376F81-F25A-4240-9DA7-074BED35B83A}C:\users\tzahi\downloads\_oceanofgames.com_beamng_drive_v0.17.0.2\beamng.drive.v0.17.0.2\bin64\beamng.drive.x64.exe] => (Allow) C:\users\tzahi\downloads\_oceanofgames.com_beamng_drive_v0.17.0.2\beamng.drive.v0.17.0.2\bin64\beamng.drive.x64.exe => No File
FirewallRules: [UDP Query User{13D6E50B-8C50-4C01-BD48-F76ED594F5C1}C:\users\tzahi\appdata\roaming\utorrent\updates\3.5.5_46200.exe] => (Allow) C:\users\tzahi\appdata\roaming\utorrent\updates\3.5.5_46200.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{353ACCB8-F62C-488B-A610-12860458E4DE}C:\users\tzahi\appdata\roaming\utorrent\updates\3.5.5_46200.exe] => (Allow) C:\users\tzahi\appdata\roaming\utorrent\updates\3.5.5_46200.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{9ADC7A0D-6B8A-4780-AD91-F58B0AF10FE3}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [TCP Query User{4DD82B7C-7456-4F85-AC55-594AC94FF4F9}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [{5240E39F-9644-4A12-BD38-D757DE5CDE3B}] => (Allow) C:\Program Files\Huawei\PCManager\HWVCR.exe => No File
FirewallRules: [UDP Query User{C5CC5E83-9AE7-430E-8A69-893AAB721002}G:\games\alienisolation\ai.exe] => (Allow) G:\games\alienisolation\ai.exe => No File
FirewallRules: [TCP Query User{13C379D5-EDCE-4E1F-AAA7-7056FB3B1656}G:\games\alienisolation\ai.exe] => (Allow) G:\games\alienisolation\ai.exe => No File
FirewallRules: [UDP Query User{B31C2896-6F9F-4BB8-915F-6463DE3E92CA}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{57A72B6A-3BC4-4BC4-B935-F764EE63E2C1}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{BFDC8DDA-B806-4CFA-936F-74361414B688}] => (Allow) D:\Games\BatmanArkhamKnight\Binaries\Win64\BatmanAK.exe => No File
FirewallRules: [{D349103B-4285-496E-9CB5-0D02ACF2C655}] => (Allow) D:\Games\BatmanArkhamKnight\Binaries\Win64\BatmanAK.exe => No File
FirewallRules: [{3E641BF7-7B82-4104-AE0B-9DB957AD3993}] => (Allow) D:\Games\BatmanArkhamKnight\Binaries\Win64\BatmanAK.exe => No File
FirewallRules: [{D4E98496-5FB9-439E-84B8-CA29C65E524D}] => (Allow) D:\Games\BatmanArkhamKnight\Binaries\Win64\BatmanAK.exe => No File
FirewallRules: [UDP Query User{032F130F-CE2D-4F0B-9689-EA25664C3B61}D:\games\halo 2 project cartographer\halo2.exe] => (Allow) D:\games\halo 2 project cartographer\halo2.exe => No File
FirewallRules: [TCP Query User{2E72795F-2FCB-4F29-9BC2-918C792784CE}D:\games\halo 2 project cartographer\halo2.exe] => (Allow) D:\games\halo 2 project cartographer\halo2.exe => No File
FirewallRules: [UDP Query User{96736BC3-6EAF-4D40-9749-EDDA9C099D12}C:4\haloinfinite.exe] => (Allow) C:4\haloinfinite.exe => No File
FirewallRules: [TCP Query User{799FC99B-3EE1-4608-8404-58E4F28D94C1}C:4\haloinfinite.exe] => (Allow) C:4\haloinfinite.exe => No File
FirewallRules: [UDP Query User{A22BB818-D073-47B3-A13D-9EE73A3A4545}G:\games\need for speed heat\needforspeedheat.exe] => (Allow) G:\games\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [TCP Query User{F2201F51-2D5A-477A-950E-92DDF6F77CBC}G:\games\need for speed heat\needforspeedheat.exe] => (Allow) G:\games\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [UDP Query User{9147ECAD-4EA4-4DEB-BF1D-AFA2E046C448}D:\games\halo - combat evolved\halo.exe] => (Allow) D:\games\halo - combat evolved\halo.exe => No File
FirewallRules: [TCP Query User{19BA2A16-59CB-4748-B66A-B30F21E6F212}D:\games\halo - combat evolved\halo.exe] => (Allow) D:\games\halo - combat evolved\halo.exe => No File
FirewallRules: [UDP Query User{F36DEEA1-23BF-4B09-B3D4-B174E93CDB1F}D:\games\batmanarkhamcity\binaries\win32\batmanac.exe] => (Allow) D:\games\batmanarkhamcity\binaries\win32\batmanac.exe => No File
FirewallRules: [TCP Query User{896A95CD-3759-4D51-9AF0-D659AA3F8C5B}D:\games\batmanarkhamcity\binaries\win32\batmanac.exe] => (Allow) D:\games\batmanarkhamcity\binaries\win32\batmanac.exe => No File
FirewallRules: [UDP Query User{33AD8D6C-6243-43FD-80BF-F6F245D9FC85}D:\games\batmanarkhamcity\binaries\win32\batmanac.exe] => (Allow) D:\games\batmanarkhamcity\binaries\win32\batmanac.exe => No File
FirewallRules: [TCP Query User{2A7286D4-1DDC-4BDC-8C8D-44F453D2D5AD}D:\games\batmanarkhamcity\binaries\win32\batmanac.exe] => (Allow) D:\games\batmanarkhamcity\binaries\win32\batmanac.exe => No File
FirewallRules: [UDP Query User{6979730F-9FD2-4E15-851D-42273A7836B5}E:\games\assetto corsa competizione\ac2\binaries\win64\ac2-win64-shipping.exe] => (Allow) E:\games\assetto corsa competizione\ac2\binaries\win64\ac2-win64-shipping.exe => No File
FirewallRules: [TCP Query User{7FAF4581-5E01-4380-A2AC-6EAAFEA7D2DA}E:\games\assetto corsa competizione\ac2\binaries\win64\ac2-win64-shipping.exe] => (Allow) E:\games\assetto corsa competizione\ac2\binaries\win64\ac2-win64-shipping.exe => No File
FirewallRules: [UDP Query User{7D0A512A-8B78-4D8E-8FA4-6866B09C41AA}D:6\games\need for speed heat\needforspeedheat.exe] => (Allow) D:6\games\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [TCP Query User{A7AEAB1E-82BA-48A9-93F3-A6422090A5CB}D:6\games\need for speed heat\needforspeedheat.exe] => (Allow) D:6\games\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [UDP Query User{0ACBD6DF-7CCF-4C90-B544-0490AFF45C28}C:8\games\need for speed heat\needforspeedheat.exe] => (Allow) C:8\games\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [TCP Query User{E076492C-43A7-4F0D-B98F-56C18F280BFC}C:8\games\need for speed heat\needforspeedheat.exe] => (Allow) C:8\games\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [UDP Query User{34220ABC-610D-48E8-9E83-5077596F3D71}C:0\games\need for speed heat\needforspeedheat.exe] => (Allow) C:0\games\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [TCP Query User{6C337EA5-260D-44CF-A356-0C9EE5A03E9D}C:0\games\need for speed heat\needforspeedheat.exe] => (Allow) C:0\games\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [UDP Query User{7474242E-5991-44A3-8A26-8BBFDCD44427}D:\games\halo 2 project cartographer\halo2.exe] => (Allow) D:\games\halo 2 project cartographer\halo2.exe => No File
FirewallRules: [TCP Query User{AB423B4E-4F6A-4D37-9175-822D9220F913}D:\games\halo 2 project cartographer\halo2.exe] => (Allow) D:\games\halo 2 project cartographer\halo2.exe => No File
FirewallRules: [UDP Query User{20C3997E-BCFB-448B-8B6A-3C2A949E262F}E:\games\need for speed heat\needforspeedheat.exe] => (Allow) E:\games\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [TCP Query User{633368D0-825A-4931-A016-8C0063235851}E:\games\need for speed heat\needforspeedheat.exe] => (Allow) E:\games\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [UDP Query User{A3AADF0F-C0D6-4D16-8D97-6D50753F8CDE}E:\need.for.speed.heat.fixed\need.for.speed.heat.fixed\need for speed heat\needforspeedheat.exe] => (Allow) E:\need.for.speed.heat.fixed\need.for.speed.heat.fixed\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [TCP Query User{6F079768-278D-4793-89E7-FFAEA7A20C57}E:\need.for.speed.heat.fixed\need.for.speed.heat.fixed\need for speed heat\needforspeedheat.exe] => (Allow) E:\need.for.speed.heat.fixed\need.for.speed.heat.fixed\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [UDP Query User{492D7C10-DE5B-4F47-A6A7-C509ACC13DAB}E:\games\scrap mechanic\release\scrapmechanic.exe] => (Allow) E:\games\scrap mechanic\release\scrapmechanic.exe => No File
FirewallRules: [TCP Query User{A3E321D0-A618-4D5A-8CBA-D7AEDB6D02A8}E:\games\scrap mechanic\release\scrapmechanic.exe] => (Allow) E:\games\scrap mechanic\release\scrapmechanic.exe => No File
FirewallRules: [{483E1497-5E75-4E0C-9C99-49677EACA549}] => (Allow) C:\Users\tzahi\AppData\Local\Temp\7zS1821\HP.EasyStart.exe => No File
FirewallRules: [{624BF7BD-7287-46A3-8BA5-DDE03D760207}] => (Allow) C:\Program Files\HP\HP DeskJet 2130 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{745143F7-3627-4358-B774-65469BB22287}] => (Allow) C:\Program Files\HP\HP DeskJet 2130 series\Bin\USBSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [UDP Query User{2BE7F379-EA57-4382-AA63-BDDF28BCC7A7}D:\games\scrap mechanic\release\scrapmechanic.exe] => (Allow) D:\games\scrap mechanic\release\scrapmechanic.exe => No File
FirewallRules: [TCP Query User{6BE017BB-76DD-4F71-BE14-7D89CA9874CE}D:\games\scrap mechanic\release\scrapmechanic.exe] => (Allow) D:\games\scrap mechanic\release\scrapmechanic.exe => No File
FirewallRules: [UDP Query User{7C4ED888-1FF2-4BC2-AFC5-FADBE245A80F}C:\users\tzahi\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\tzahi\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{27ECEF1F-3BA5-408E-9365-942DD0019CB7}C:\users\tzahi\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\tzahi\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{B5E25C3C-619E-4DF7-8CE9-13D3BC92A016}D:\games\call of duty - world at war\codwawmp.exe] => (Allow) D:\games\call of duty - world at war\codwawmp.exe => No File
FirewallRules: [TCP Query User{3688B6D7-87FE-4ACC-AEA5-A2F1D916A656}D:\games\call of duty - world at war\codwawmp.exe] => (Allow) D:\games\call of duty - world at war\codwawmp.exe => No File
FirewallRules: [UDP Query User{B4F8C979-E8D9-4621-99DC-39CB33225CF9}D:\games\call of duty - world at war\codwaw.exe] => (Allow) D:\games\call of duty - world at war\codwaw.exe => No File
FirewallRules: [TCP Query User{46BC3532-350C-4B08-879B-6CA2D25348B8}D:\games\call of duty - world at war\codwaw.exe] => (Allow) D:\games\call of duty - world at war\codwaw.exe => No File
FirewallRules: [UDP Query User{981D4048-3A8E-466A-8A6E-33CE7E14930B}D:\scrap.mechanic.v0.5.1.659\scrap.mechanic.v0.5.1.659\scrap mechanic\release\scrapmechanic.exe] => (Allow) D:\scrap.mechanic.v0.5.1.659\scrap.mechanic.v0.5.1.659\scrap mechanic\release\scrapmechanic.exe => No File
FirewallRules: [TCP Query User{CEB568B2-B264-4B20-A3AC-1883A3B110CD}D:\scrap.mechanic.v0.5.1.659\scrap.mechanic.v0.5.1.659\scrap mechanic\release\scrapmechanic.exe] => (Allow) D:\scrap.mechanic.v0.5.1.659\scrap.mechanic.v0.5.1.659\scrap mechanic\release\scrapmechanic.exe => No File
FirewallRules: [UDP Query User{CF9F81C2-2267-47CB-A8D2-7C26F4D9F630}C:\users\tzahi\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\tzahi\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{4063D162-4AE4-40DF-AFFF-DEAB784CA913}C:\users\tzahi\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\tzahi\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{EBADD02C-BBC9-4F0F-9F8F-66DE30B15C99}D:\gtav\gta5.exe] => (Allow) D:\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{0216A500-D61C-46EB-8B32-DE85C9E383D1}D:\gtav\gta5.exe] => (Allow) D:\gtav\gta5.exe => No File
FirewallRules: [TCP Query User{8FA96D3B-E7E6-45FF-9065-A1D32C49FB38}E:\2016 office\office 2013-2016 c2r install v5.9.5\files\bin\kmss.exe] => (Allow) E:\2016 office\office 2013-2016 c2r install v5.9.5\files\bin\kmss.exe => No File
FirewallRules: [UDP Query User{48AE4541-051A-47BB-8800-EA48B79BD852}E:\2016 office\office 2013-2016 c2r install v5.9.5\files\bin\kmss.exe] => (Allow) E:\2016 office\office 2013-2016 c2r install v5.9.5\files\bin\kmss.exe => No File
FirewallRules: [{B562A4CE-27C2-4D1D-B7E4-3A36C96E0F92}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{304EE8D8-3F5A-49A5-BECF-3575DB29617E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BAFF4445-C787-451D-ABE8-BDC6E4FAC935}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A24A1572-C7C5-4B01-B3AC-B0E51B6CE4E8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4E91C996-AC44-4DBD-B236-80F2EEB400A1}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe => No File
FirewallRules: [{2F9AC40A-89F9-42DF-8DAC-1E95C36F659E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe => No File
FirewallRules: [{E181A739-F50D-47C4-B096-B24A0FE73C69}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe => No File
FirewallRules: [{D49FB4CB-2370-485A-B4F9-0F0DBEA5B0ED}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe => No File
FirewallRules: [{DF49A91C-5D4E-469B-B7CE-643823718E89}] => (Allow) C:\Users\tzahi\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{FF74FF6D-CE35-49AF-BCC6-3FE721870BFC}] => (Allow) C:\Users\tzahi\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{06E27EE6-529B-47B7-B780-C7C90E0ED745}] => (Allow) C:\Users\tzahi\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{191F5EB6-5D65-45FD-A5C3-497B3FE7E194}] => (Allow) C:\Users\tzahi\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{D98FDDD9-F538-49E3-8C37-15C161B58243}] => (Allow) C:\Users\tzahi\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{2A31E666-7087-4A06-95CA-C91D900259B9}D:\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{4213F32C-23B4-45CC-B534-0DF1FE3B2E5D}D:\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{164886CA-B042-419F-9A19-8B2FD218A56B}D:\games\call of duty - world at war\codwaw.exe] => (Allow) D:\games\call of duty - world at war\codwaw.exe => No File
FirewallRules: [UDP Query User{55CCA0CE-89F8-46B3-A341-76D1F41F9389}D:\games\call of duty - world at war\codwaw.exe] => (Allow) D:\games\call of duty - world at war\codwaw.exe => No File
FirewallRules: [TCP Query User{A945DC9E-537C-4D94-BE0F-5C583BF08EC2}D:\games\need for speed heat\needforspeedheat.exe] => (Allow) D:\games\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [UDP Query User{296D16E9-D655-4045-8277-49C46A79C436}D:\games\need for speed heat\needforspeedheat.exe] => (Allow) D:\games\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [TCP Query User{052E67D2-1DEF-4EF8-A9C6-0474F5E19FB8}D:\games\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\games\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{A272DE0D-1538-40C5-8009-DFECDAE829F0}D:\games\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\games\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{08784593-E73B-4C4B-BE0B-7BCE48CF8476}D:\games\gtav\gta5.exe] => (Allow) D:\games\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{AF409DEC-2DB2-4B0C-B6C9-750C36ADA323}D:\games\gtav\gta5.exe] => (Allow) D:\games\gtav\gta5.exe => No File
FirewallRules: [TCP Query User{E5FBC816-AC93-40F4-B865-10090B2324FE}C:\users\tzahi\appdata\local\temp\microsoftedgedownloads\53df87b7-962c-419e-94be-39c94be73dc7\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\tzahi\appdata\local\temp\microsoftedgedownloads\53df87b7-962c-419e-94be-39c94be73dc7\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [UDP Query User{14DBF5DF-3D0A-4F40-A274-B342EA877FF0}C:\users\tzahi\appdata\local\temp\microsoftedgedownloads\53df87b7-962c-419e-94be-39c94be73dc7\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\tzahi\appdata\local\temp\microsoftedgedownloads\53df87b7-962c-419e-94be-39c94be73dc7\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [TCP Query User{688E2E3D-AAFB-40FA-9D31-39E89F90AC8F}C:\users\tzahi\appdata\local\temp\microsoftedgedownloads\b6403e6f-4fbd-416e-9e1a-9a029cacedf0\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\tzahi\appdata\local\temp\microsoftedgedownloads\b6403e6f-4fbd-416e-9e1a-9a029cacedf0\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [UDP Query User{95A5A608-C279-42A9-ADE4-D68320D5B4CD}C:\users\tzahi\appdata\local\temp\microsoftedgedownloads\b6403e6f-4fbd-416e-9e1a-9a029cacedf0\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\tzahi\appdata\local\temp\microsoftedgedownloads\b6403e6f-4fbd-416e-9e1a-9a029cacedf0\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [TCP Query User{F5917260-8A37-4CF4-80D9-066BEF8509A2}C:\users\tzahi\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\tzahi\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{B2C71823-5E92-4AA9-BC02-D15A42562402}C:\users\tzahi\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\tzahi\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{404A6B72-A68D-4603-8F4C-46CF062CDD13}C:\users\tzahi\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\tzahi\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{474F5B6E-7604-49E4-89B7-5EC033D01880}C:\users\tzahi\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\tzahi\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{4A0FDF09-C814-4D16-8B2B-311A6B34D8BE}C:\users\tzahi\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\tzahi\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{088B53CC-385E-4375-8986-0D21D16223F9}C:\users\tzahi\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe] => (Allow) C:\users\tzahi\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{1739FFA1-65B5-4DA9-AAE0-AE9BDAAF28A2}C:\users\tzahi\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\tzahi\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{2EA08748-D7F4-4FF0-8843-A97F80082E6E}C:\users\tzahi\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\tzahi\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{67879EC0-7F45-43E2-A1BE-6E172D789D8E}E:\zip files\office 2013-2016 c2r install v5.9.5\files\bin\kmss.exe] => (Allow) E:\zip files\office 2013-2016 c2r install v5.9.5\files\bin\kmss.exe => No File
FirewallRules: [UDP Query User{911A7058-14F7-469B-B8F3-AAF9868BD92B}E:\zip files\office 2013-2016 c2r install v5.9.5\files\bin\kmss.exe] => (Allow) E:\zip files\office 2013-2016 c2r install v5.9.5\files\bin\kmss.exe => No File
FirewallRules: [TCP Query User{F338CC62-138A-4312-916E-1A7175017E8C}D:\games\gtav\gta5.exe] => (Allow) D:\games\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{3902C0A1-9C7B-4A41-AC27-62391E508EC2}D:\games\gtav\gta5.exe] => (Allow) D:\games\gtav\gta5.exe => No File
FirewallRules: [TCP Query User{0F56E17D-578F-4D7D-A730-0F0B080E1139}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{02FE9A59-75D1-4B09-810C-BAE04F5E68BD}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{82549B22-3496-4A57-9AD6-883C97470EFD}G:\games\call of duty - world at war\codwaw.exe] => (Allow) G:\games\call of duty - world at war\codwaw.exe => No File
FirewallRules: [UDP Query User{575F1E90-FC88-48C5-A116-C87C21E942DD}G:\games\call of duty - world at war\codwaw.exe] => (Allow) G:\games\call of duty - world at war\codwaw.exe => No File
FirewallRules: [{868539F8-B2F4-44DB-AA82-C1B99DCC3AE9}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Kerbal Space Program\KSP_x64.exe => No File
FirewallRules: [{F2000940-5EE3-4319-B89D-93FB90F55851}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Kerbal Space Program\KSP_x64.exe => No File
FirewallRules: [TCP Query User{FCF10B71-8708-4A5A-B4C2-1C88081325DD}G:\games\epic games\gtav\gta5.exe] => (Allow) G:\games\epic games\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{DFBA9E29-CF2C-4602-9AFB-5F05A40658DB}G:\games\epic games\gtav\gta5.exe] => (Allow) G:\games\epic games\gtav\gta5.exe => No File
FirewallRules: [{47A73207-3BA6-4617-9183-C3E577806E1B}] => (Allow) C:\Program Files\Huawei\PCManager\HwExScreen.exe (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
FirewallRules: [{695AA84C-C6F1-44FE-8A8B-7618020CBD29}] => (Allow) C:\Program Files\Huawei\PCManager\HwExScreen.exe (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
FirewallRules: [{C41F783A-62C6-47A9-8B25-EA25514E98F3}] => (Allow) C:\Program Files\Huawei\PCManager\HwExScreen.exe (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
FirewallRules: [{CC70A4A5-D07B-4BF0-993C-EB4F4D8E00CC}] => (Allow) C:\Program Files\Huawei\PCManager\HwExScreen.exe (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
FirewallRules: [{EA7AEB47-F243-4E32-A7F7-283E5B034C33}] => (Allow) C:\Program Files\Huawei\PCManager\HwExScreen.exe (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
FirewallRules: [{EB743446-677D-4E57-9163-574EEE2191E6}] => (Allow) C:\Program Files\Huawei\PCManager\HwMirror.exe (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
FirewallRules: [{77FC2787-94C0-401A-8017-4937626ABB15}] => (Allow) C:\Program Files\Huawei\PCManager\HwMirror.exe (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
FirewallRules: [{077ECFA9-D03C-48B1-A262-0305C940FE98}] => (Allow) C:\Program Files\Huawei\PCManager\HwMirror.exe (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
FirewallRules: [{7CA8893A-BD42-4A46-BB93-B77E47B0D3B2}] => (Allow) C:\Program Files\Huawei\PCManager\HwMirror.exe (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
FirewallRules: [{246D140C-9362-471F-9378-FFDBA944F763}] => (Allow) C:\Program Files\Huawei\PCManager\HwMirror.exe (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
FirewallRules: [{75B3F4BD-8A15-4F76-B3A8-A87D82722CF0}] => (Allow) C:\Program Files\Huawei\PCManager\hmdfsservice.exe (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
FirewallRules: [{73F30F65-AE19-4C2B-AE1C-DE4AF1996A00}] => (Allow) C:\Program Files\Huawei\PCManager\hmdfsservice.exe (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
FirewallRules: [{907EDA94-129E-4E08-94F2-B3D0FD5A5DEA}] => (Allow) C:\Program Files\Huawei\PCManager\hmdfsservice.exe (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
FirewallRules: [{7F5EAC2E-9BFB-4AEE-AE7A-231CFB2197B7}] => (Allow) C:\Program Files\Huawei\PCManager\hmdfsservice.exe (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
FirewallRules: [{ED348C74-04D7-4833-8A83-B1461AD0B438}] => (Allow) C:\Program Files\Huawei\PCManager\hmdfsservice.exe (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
FirewallRules: [{B6F7D6F6-8E19-443B-815C-18AF3CAE6958}] => (Allow) C:\Program Files\Huawei\PCManager\distributedfileservice.exe (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
FirewallRules: [{BE1C6A13-DA3A-46BD-A88A-874C083EE926}] => (Allow) C:\Program Files\Huawei\PCManager\distributedfileservice.exe (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
FirewallRules: [{FA1E39E1-6A96-4BB8-AC9C-EE2E4B67EF9E}] => (Allow) C:\Program Files\Huawei\PCManager\distributedfileservice.exe (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
FirewallRules: [{DBDFA9E9-8495-40B3-A85E-B08396CC5B84}] => (Allow) C:\Program Files\Huawei\PCManager\distributedfileservice.exe (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
FirewallRules: [{A27B01A1-3CB8-49D1-9561-8DF592C30BC3}] => (Allow) C:\Program Files\Huawei\PCManager\distributedfileservice.exe (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
FirewallRules: [{7D9704AE-8F10-499D-A17C-494D69BE8B1A}] => (Allow) C:\Program Files\Huawei\PCManager\WeLook.exe (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
FirewallRules: [{A366E840-6FA3-46F7-8BA4-BC0DE8F5EA51}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{B936A21D-4D1B-4007-9CE3-2A57C9687689}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{18E9511D-46B7-4AF6-B5A7-246DC43E1FD0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{7C927E17-F6A0-4FF0-8A51-60413B2D3297}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{33F23815-FBA9-4F0E-AD13-86CEA1F3A12B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{0F54CC9A-62FA-4252-A806-03BE91226BD9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{55452FB0-B240-44E1-ABE9-353B866A3337}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{80039718-1023-4E22-9EE4-4AC364E70D2F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{644642DF-CAEF-47FF-9E40-0470941187AA}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{3BB5B344-A168-41FE-BC38-696315D9485D}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{0B369198-1A59-4B7F-B0BC-46C9EFAD6998}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{93358649-8692-4B9B-BFD5-CF3A5462AF41}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{3221B027-1D2C-4539-A3EB-7B37128F8051}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{96CA939F-6DAD-40A1-B381-68E0F1356FF3}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{7C526CC0-51BE-429B-B68D-774591ADD0C9}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{DD682023-17D4-4D26-8649-59378350961A}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{6D73BF28-7E09-469D-AC55-6B6BA3B07165}] => (Allow) G:\SteamLibrary\steamapps\common\Kerbal Space Program\PDLauncher\LauncherPatcher.exe => No File
FirewallRules: [{08B6734A-AD50-4CC9-A5AC-11BABE336224}] => (Allow) G:\SteamLibrary\steamapps\common\Kerbal Space Program\PDLauncher\LauncherPatcher.exe => No File
FirewallRules: [TCP Query User{3518FD20-0E74-4BCB-B848-9C4457DC352C}C:0\games\epic games\gtav\gta5.exe] => (Allow) C:0\games\epic games\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{901B7417-78B6-44AB-BC9E-84080A7A6BD9}C:0\games\epic games\gtav\gta5.exe] => (Allow) C:0\games\epic games\gtav\gta5.exe => No File
FirewallRules: [TCP Query User{6E18A220-0088-40AB-BC50-A213E8CF5608}C:4\games\epic games\gtav\gta5.exe] => (Allow) C:4\games\epic games\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{CAEBC1F0-DE91-401C-9B66-1805EEE89BD0}C:4\games\epic games\gtav\gta5.exe] => (Allow) C:4\games\epic games\gtav\gta5.exe => No File
FirewallRules: [TCP Query User{95F4086A-76EA-400E-86AA-86889102979E}C:\users\tzahi\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\tzahi\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [UDP Query User{754DE51B-2ECA-4221-B4A2-C12D1625CCC2}C:\users\tzahi\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\tzahi\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe (TASKS ME - IT DEVELOPMENT (AILENE BULALACAO TAGOLGOL) -> Cfx.re)
FirewallRules: [TCP Query User{E8CFD126-90D3-40C1-B8D7-E06FFD558F15}C:\users\tzahi\appdata\local\discord\app-1.0.9011\discord.exe] => (Allow) C:\users\tzahi\appdata\local\discord\app-1.0.9011\discord.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [UDP Query User{61E94D63-A178-41EF-9D53-2012B3394D0D}C:\users\tzahi\appdata\local\discord\app-1.0.9011\discord.exe] => (Allow) C:\users\tzahi\appdata\local\discord\app-1.0.9011\discord.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [{2EA198D2-F5CF-4D21-A571-02146DBDD8D3}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23078.300.1950.927_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E76499F9-0013-4AD2-92F4-24818FD67E3D}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23078.300.1950.927_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{45187A72-1DCD-44B4-8BB9-4242BD246879}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5D43B417-5712-4C53-9794-FBCEEB050768}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{7FE08657-F96A-4A49-B769-4DD6948BC24D}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{2DAA5A39-D37F-43EC-BE02-D79E3B8022A3}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{F9B8995A-E3A9-4E03-9241-99B8D9976B43}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{AF8FB3BD-94FF-4513-8DCD-1273528467A4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.214.1149.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1D202A49-808B-4E8E-94F3-8BC9663D15C1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.214.1149.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4279B845-E4FE-445B-A3D3-DFEAC4376956}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.214.1149.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D7335225-4EBC-46E7-A867-17D1DDB80472}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.214.1149.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C3E03410-CD02-467D-8836-FC6DFCA423D7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.214.1149.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6E7899CD-FBCB-45F0-81DB-BC84E6EB1C69}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.214.1149.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{746F3AD2-4DEF-47A8-930B-986DB7FA6BAE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.214.1149.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8D470BA2-B31F-4B3C-8BD5-16FE43DD4BF8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.214.1149.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F83340B9-0207-43BA-94C4-1AFE3FB664CF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.214.1149.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{754488E5-D738-4C1E-80B2-EC0008AB3185}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.214.1149.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3CCA5E02-682A-415F-925A-3CE189952D21}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E84E577A-7754-4173-9F2B-46DE2F87A8B8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9100DA5C-5B5E-4108-9547-FF05EDBB0E8B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{370A3BB0-CACE-4D7A-8B86-FAD7C0F84657}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4A13457D-585C-4564-8D5F-335639EDC997}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.67\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{077579CC-4FEC-4CA2-9ED1-AB1851B9E4EF}] => (Allow) C:\Program Files\Huawei\PCManager\MBAMessageCenter.exe (Huawei Device Co., Ltd. -> Huawei Device Co., Ltd.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:461.23 GB) (Free:252 GB) (55%)
==================== Faulty Device Manager Devices ============
Name: Virtual Display Device
Description: Virtual Display Device
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Huawei
Service: WUDFRd
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (07/04/2023 10:36:47 PM) (Source: Universal Print) (EventID: 1) (User: )
Description: Failure response trying to get MPS Discovery Endpoint from MS Graph. HttpStatus=12007, TraceId: mcpmanagementservice.dll
Error: (07/04/2023 02:35:32 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Faulting application name: DisplaySwitch.exe, version: 10.0.22621.1928, time stamp: 0x64ba1e96
Faulting module name: DisplaySwitch.exe, version: 10.0.22621.1928, time stamp: 0x64ba1e96
Exception code: 0xc0000409
Fault offset: 0x000000000001d7b2
Faulting process id: 0x0x4590
Faulting application start time: 0x0x1d9ae6ba3ffb97e
Faulting application path: C:\WINDOWS\system32\DisplaySwitch.exe
Faulting module path: C:\WINDOWS\system32\DisplaySwitch.exe
Report Id: 7be7d9d9-059c-494a-b970-976d04f93237
Faulting package full name:
Faulting package-relative application ID:
Error: (07/03/2023 09:51:50 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-BQN0JE4L$ via https://intc-keyid-b066d9697f5d3a07b425c10f587cceecf16ffe58.microsoftaik.azure.net/templates/Aik/scep failed:
GetCACaps
Method: GET(15ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
System errors:
=============
Error: (07/06/2023 03:31:48 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Miniport Microsoft Wi-Fi Direct Virtual Adapter #4, {09488615-b6d1-4e7d-beb0-98da4ac09c15}, had event 74
Error: (07/04/2023 09:19:12 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-BQN0JE4L)
Description: The server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} did not register with DCOM within the required timeout.
Error: (07/04/2023 09:17:31 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Miniport Microsoft Wi-Fi Direct Virtual Adapter #4, {09488615-b6d1-4e7d-beb0-98da4ac09c15}, had event 74
Error: (07/04/2023 02:16:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The luafv service failed to start due to the following error:
This driver has been blocked from loading
Error: (07/04/2023 02:16:20 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-BQN0JE4L)
Description: The server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} did not register with DCOM within the required timeout.
Error: (07/03/2023 10:15:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The luafv service failed to start due to the following error:
This driver has been blocked from loading
Error: (07/03/2023 09:51:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The luafv service failed to start due to the following error:
This driver has been blocked from loading
Error: (07/03/2023 09:51:40 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!
CodeIntegrity:
===============
Date: 2023-07-04 14:17:08
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.67\msedgewebview2.exe) attempted to load \Device\HarddiskVolume3\ProgramData\A-Volute\A-Volute.Nahimic\Modules\Scheduled\x64\AudioDevProps2.dll that did not meet the Microsoft signing level requirements.
Date: 2023-07-03 22:10:46
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\protected_elam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: HUAWEI 1.18 11/02/2022
Motherboard: HUAWEI BOD-WXX9-PCB
Processor: 11th Gen Intel(R) Core(TM) i5-1135G7 @ 2.40GHz
Percentage of memory in use: 39%
Total physical RAM: 16183.3 MB
Available physical RAM: 9744.48 MB
Total Virtual: 17207.3 MB
Available Virtual: 10730.15 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:461.23 GB) (Free:252 GB) (Model: WDC PC SN730 SDBPNTY-512G-1027) NTFS
\\?\Volume{9a0dabee-9acc-4d60-be69-c3079cfd1a82}\ (WINPE) (Fixed) (Total:0.5 GB) (Free:0.13 GB) FAT32
\\?\Volume{494f1438-4524-4393-8a1c-323bdd1f24ec}\ (Onekey) (Fixed) (Total:14 GB) (Free:1.77 GB) NTFS
\\?\Volume{b395fef3-abfd-4d8e-a4a8-4a1a0f71ea08}\ (WinRE) (Fixed) (Total:1 GB) (Free:0.35 GB) NTFS
\\?\Volume{0a1fd3ba-eb4e-4d8d-83e7-d6538410e931}\ (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.14 GB) FAT32
==================== MBR & Partition Table ====================
==================== End of Addition.txt =======================# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-06-2023
# Duration: 00:00:05
# OS: Windows 11 (Build 22621.1928)
# Scanned: 32085
# Detected: 12
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.Legacy C:\ProgramData\Tencent
PUP.Optional.Legacy C:\Users\tzahi\AppData\Local\Tencent
PUP.Optional.Legacy C:\Users\tzahi\AppData\Roaming\Tencent
PUP.Optional.Legacy C:\Users\tzahi\Documents\TotalAV
PUP.Optional.Legacy C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TotalAV
PUP.Optional.PCProtect C:\ProgramData\SecuritySuite
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.PCProtect HKCU\Software\SSProtect
PUP.Optional.PCProtect HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService
PUP.Optional.TotalAV HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant
PUP.Optional.TotalAV HKLM\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\com.totalav.passwordvaultassistant
PUP.Optional.TotalAV HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant
PUP.Optional.TotalAV HKLM\Software\Classes\totalav
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Clean:
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-06-2023
# Duration: 00:00:01
# OS: Windows 11 (Build 22621.1928)
# Cleaned: 12
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\SecuritySuite
Deleted C:\ProgramData\Tencent
Deleted C:\Users\tzahi\AppData\Local\Tencent
Deleted C:\Users\tzahi\AppData\Roaming\Tencent
Deleted C:\Users\tzahi\Documents\TotalAV
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TotalAV
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\SSProtect
Deleted HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted HKLM\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted HKLM\Software\Classes\totalav
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2353 octets] - [06/07/2023 11:44:26]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########-Log Details-
Scan Date: 7/7/23
Scan Time: 3:56 PM
Log File: a45324da-1cc5-11ee-b917-9c2976227bbb.json
-Software Information-
Version: 4.5.32.271
Components Version: 1.0.2051
Update Package Version: 1.0.72045
License: Trial
-System Information-
OS: Windows 11 (Build 22621.1928)
CPU: x64
File System: NTFS
User: LAPTOP-BQN0JE4L\tmmrcy
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 323621
Threats Detected: 2
Threats Quarantined: 2
Time Elapsed: 2 min, 57 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 2
PUM.Optional.DisabledSecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|FIREWALLDISABLENOTIFY, Replaced, 5211, 293295, 1.0.72045, , ame, , ,
PUM.Optional.DisabledSecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|UPDATESDISABLENOTIFY, Replaced, 5211, 293296, 1.0.72045, , ame, , ,
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 0
(No malicious items detected)
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
start::
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
Task: {6DEF4AB9-144A-495D-82D7-9170E5329F5D} - System32\Tasks\Window Update => C:\Users\tzahi\AppData\Local\Updates\Run.vbs [1015 2022-05-09] () [File not signed] <==== ATTENTION
Task: {74BD4F6A-54CF-4A9E-A8A5-B3328ED7AA71} - System32\Tasks\Windows Service Task => C:\Users\tzahi\AppData\Local\Updates\WindowsService.exe [5581312 2022-05-11] () [File not signed] <==== ATTENTION
R3 ALSysIO; C:\Users\tzahi\AppData\Local\Temp\ALSysIO64.sys [47240 2023-07-04] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION
C:\Users\tzahi\AppData\Local\Temp\ALSysIO64.sys
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-516455074-3529725477-31475253-1001\...\Run: [] => [X]
S4 uhssvc; "C:\Program Files\Microsoft Update Health Tools\uhssvc.exe" [X]
S4 WdBoot; \SystemRoot\system32\drivers\wd\WdBoot.sys [X]
S4 WdFilter; \SystemRoot\system32\drivers\wd\WdFilter.sys [X]
S4 WdNisDrv; system32\drivers\wd\WdNisDrv.sys [X]
S3 WmFilter; \SystemRoot\system32\drivers\WmFilter.sys [X]
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
Task: {42FE7CEB-8F85-4C25-95A6-4BD0F736AAC7} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\WINDOWS\System32\Wscript.exe [200704 2023-05-12] (Microsoft Windows -> Microsoft Corporation) -> //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {6DEF4AB9-144A-495D-82D7-9170E5329F5D} - System32\Tasks\Window Update => C:\Users\tzahi\AppData\Local\Updates\Run.vbs [1015 2022-05-09] () [File not signed] <==== ATTENTION
Task: {74BD4F6A-54CF-4A9E-A8A5-B3328ED7AA71} - System32\Tasks\Windows Service Task => C:\Users\tzahi\AppData\Local\Updates\WindowsService.exe [5581312 2022-05-11] () [File not signed] <==== ATTENTION
Task: {A976026E-4D8C-469E-AEFF-3F088580BC8B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {E3A30FA9-D4F7-476E-85D1-09C722F93023} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {F6A39165-6DE6-464C-8918-7E05503ED911} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {BD2A0C06-9B8F-41A6-A561-6C469C93768F} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5002472 2023-03-28] (Intel Corporation -> Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0e1db6e2-967c-4181-ad20-1a7c8debc340}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f8d21a67-f548-45c5-a7aa-e808c1aba960}: [DhcpNameServer] 40.42.1.13
S3 UniFairy_x64; C:\WINDOWS\system32\drivers\UniFairy_x64.sys [8209904 2022-07-05] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 unirsdt; C:\WINDOWS\system32\drivers\unirsdt.sys [6166504 2022-09-22] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
C:\WINDOWS\system32\drivers\UniFairy_x64.sys
C:\WINDOWS\system32\drivers\unirsdt.sys
U4 MsSecFlt; no ImagePath
U4 Sense; no ImagePath
U4 SgrmAgent; no ImagePath
U4 SgrmBroker; no ImagePath
2021-09-05 05:08 - 2021-09-05 05:08 - 000000128 ____H () C:\Users\tzahi\AppData\Roaming\ecf00c38dc807e105d881c433a6b455dd2c606b6
C:\Users\tzahi\AppData\Roaming\ecf00c38dc807e105d881c433a6b455dd2c606b6
AlternateDataStreams: C:\Recovery:err [1590]
AlternateDataStreams: C:\ProgramData\droidcam-client-options-v2:8329C6407A [10]
AlternateDataStreams: C:\ProgramData\droidcam-settings:3FFAD04353 [10]
AlternateDataStreams: C:\ProgramData\droidcam.log:ADD74D6E12 [10]
AlternateDataStreams: C:\ProgramData\ecf00c38dc807e105d881c433a6b455dd2c606b6:2EA0371A72 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net.lnk:E2208A86CD [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DroidCam Client.lnk:96D1DD3380 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF.lnk:4851378599 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Cam 8.lnk:6991C8B2BC [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP DeskJet 2130 series.lnk:25ED2E7AB7 [10]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [2734]
SearchScopes: HKU\S-1-5-21-516455074-3529725477-31475253-1001 -> DefaultScope {D070BD48-05DB-4F29-BB4E-FCEA17667687} URL =
SearchScopes: HKU\S-1-5-21-516455074-3529725477-31475253-1001 -> {D070BD48-05DB-4F29-BB4E-FCEA17667687} URL =
FirewallRules: [UDP Query User{EA28C9BF-57C5-43E3-A2F1-CCBA70771B67}G:\games\scrap mechanic\release\scrapmechanic.exe] => (Allow) G:\games\scrap mechanic\release\scrapmechanic.exe => No File
FirewallRules: [TCP Query User{EB19FCAB-5755-47FD-B469-2AC6B697F463}G:\games\scrap mechanic\release\scrapmechanic.exe] => (Allow) G:\games\scrap mechanic\release\scrapmechanic.exe => No File
FirewallRules: [UDP Query User{B5F0B45F-121A-4751-8BCA-446A8D83452A}G:\games\epic games\arksurvivalevolved\shootergame\binaries\win64\shootergame.exe] => (Allow) G:\games\epic games\arksurvivalevolved\shootergame\binaries\win64\shootergame.exe => No File
FirewallRules: [TCP Query User{AD6655D5-D0F0-4383-9CFF-B4CF0DA2FF31}G:\games\epic games\arksurvivalevolved\shootergame\binaries\win64\shootergame.exe] => (Allow) G:\games\epic games\arksurvivalevolved\shootergame\binaries\win64\shootergame.exe => No File
FirewallRules: [UDP Query User{F628B4F6-1D8D-45A0-9E94-7CF81819442B}G:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) G:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [TCP Query User{A0BCCD4D-9A5B-4B0B-A7F2-A0786144B0BF}G:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) G:\games\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{C6452449-CB73-4359-A274-18F6844A794E}G:\games\epic games\fallguys\fallguys_client_game.exe] => (Block) G:\games\epic games\fallguys\fallguys_client_game.exe => No File
FirewallRules: [TCP Query User{4D4716CE-B023-4059-8BB5-69109DE13CD6}G:\games\epic games\fallguys\fallguys_client_game.exe] => (Block) G:\games\epic games\fallguys\fallguys_client_game.exe => No File
FirewallRules: [UDP Query User{0079DD27-BE20-40EF-96B7-B041B8C38B42}C:8\games\call of duty modern warfare\modernwarfare.exe] => (Allow) C:8\games\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{8290BD0F-9C0D-4C57-B4E6-6BD9F1BF4979}C:8\games\call of duty modern warfare\modernwarfare.exe] => (Allow) C:8\games\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{EC880E9B-6339-4142-A9DF-195CF4B7F548}C:4\games\call of duty modern warfare\modernwarfare.exe] => (Allow) C:4\games\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{7455CCF7-4821-46E1-9AC4-99DAAC1ED0C9}C:4\games\call of duty modern warfare\modernwarfare.exe] => (Allow) C:4\games\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{86A1D011-AF02-4E84-905B-041E00021A8E}G:\games\call of duty modern warfare\modernwarfare.exe] => (Allow) G:\games\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{FD82AA22-29D1-463E-BEA6-B6BCFFE9B6F6}G:\games\call of duty modern warfare\modernwarfare.exe] => (Allow) G:\games\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{91A86FBF-F7E3-4D90-8B48-AB7AE27860E5}C:\users\tzahi\appdata\local\discord\app-1.0.9005\discord.exe] => (Allow) C:\users\tzahi\appdata\local\discord\app-1.0.9005\discord.exe => No File
FirewallRules: [TCP Query User{D7262939-48C9-4911-9D26-FC73EBD360B3}C:\users\tzahi\appdata\local\discord\app-1.0.9005\discord.exe] => (Allow) C:\users\tzahi\appdata\local\discord\app-1.0.9005\discord.exe => No File
FirewallRules: [{01148211-9260-478B-BFBE-BEBF656A6723}] => (Allow) G:\Games\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe => No File
FirewallRules: [{C6947DE2-5C0B-473A-8EEC-87C982DD0923}] => (Allow) G:\Games\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe => No File
FirewallRules: [{DDCD9EDB-FA3F-4A35-A805-FFDE8C260241}] => (Allow) G:\Games\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe => No File
FirewallRules: [{C6A1318C-2AA9-4295-B067-F1E127337781}] => (Allow) G:\Games\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe => No File
FirewallRules: [{B85120DE-6858-4F4F-9A5C-04534AC5DB19}] => (Allow) G:\Games\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe => No File
FirewallRules: [{51474B11-90B4-42F4-BA7B-2F0EF0E2EBA6}] => (Allow) G:\Games\TxGameAssistant\AppMarket\DL\syzs_dl_svr.exe => No File
FirewallRules: [UDP Query User{6E76F11A-31FD-47D9-808C-DC26B315FB10}G:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Allow) G:\steamlibrary\steamapps\common\war thunder\win64\aces.exe => No File
FirewallRules: [TCP Query User{D74A2248-60C0-4216-BC08-9EC19356DCC4}G:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Allow) G:\steamlibrary\steamapps\common\war thunder\win64\aces.exe => No File
FirewallRules: [{DF69DABD-6F13-4E02-B946-3434A01E33D3}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe => No File
FirewallRules: [{7B70BD56-3B0F-434B-ABF3-FC98622B5050}] => (Allow) G:\\Nox\bin\Nox.exe => No File
FirewallRules: [{9EB7B4F0-A658-4C3C-8826-10F4D6FDCEE0}] => (Allow) C:4\SteamLibrary\steamapps\common\War Thunder\eac_wt_mlauncher.exe => No File
FirewallRules: [{0AC01DF3-1247-44E6-9ACB-C344CC07ABCE}] => (Allow) C:4\SteamLibrary\steamapps\common\War Thunder\eac_wt_mlauncher.exe => No File
FirewallRules: [{B17DD100-466D-4D6A-9761-32E58F86D229}] => (Allow) C:4\SteamLibrary\steamapps\common\War Thunder\launcher.exe => No File
FirewallRules: [{21132FD2-9F3A-446C-A5C4-26A2E43892C5}] => (Allow) C:4\SteamLibrary\steamapps\common\War Thunder\launcher.exe => No File
FirewallRules: [{2218EC88-AB59-40E2-8429-C7901D99CB2C}] => (Allow) C:6\Games\Apex\EasyAntiCheat_launcher.exe => No File
FirewallRules: [{D80405D4-2D08-47F3-93C3-E289D250F4DF}] => (Allow) C:6\Games\Apex\EasyAntiCheat_launcher.exe => No File
FirewallRules: [UDP Query User{B67C447F-BB5D-45A2-81D9-F74B8A9638DE}C:0\games\alienisolation\ai.exe] => (Allow) C:0\games\alienisolation\ai.exe => No File
FirewallRules: [TCP Query User{0F2EE437-3297-4AD6-9036-C68B225E1ED2}C:0\games\alienisolation\ai.exe] => (Allow) C:0\games\alienisolation\ai.exe => No File
FirewallRules: [UDP Query User{6B9146FE-1C34-4923-AEF8-2C7854C53F6A}C:8\steamlibrary\steamapps\common\destiny 2\destiny2.exe] => (Allow) C:8\steamlibrary\steamapps\common\destiny 2\destiny2.exe => No File
FirewallRules: [TCP Query User{40B18058-B3EA-410C-AABC-67F7B0CE5A76}C:8\steamlibrary\steamapps\common\destiny 2\destiny2.exe] => (Allow) C:8\steamlibrary\steamapps\common\destiny 2\destiny2.exe => No File
FirewallRules: [{AF31A34F-3AE4-4177-852C-FB25F9EA6512}] => (Allow) G:\SteamLibrary\steamapps\common\raceroom racing experience\Game\RRRE.exe => No File
FirewallRules: [{670A6739-0E4B-4FA0-B399-AFA9BF3DCCEB}] => (Allow) G:\SteamLibrary\steamapps\common\raceroom racing experience\Game\RRRE.exe => No File
FirewallRules: [{F7D4E450-DA93-4EE0-8A49-71E56D22956B}] => (Allow) G:\SteamLibrary\steamapps\common\raceroom racing experience\Game\x64\RRRE64.exe => No File
FirewallRules: [{48D7F757-F925-4334-9406-86D65CEEDF92}] => (Allow) G:\SteamLibrary\steamapps\common\raceroom racing experience\Game\x64\RRRE64.exe => No File
FirewallRules: [UDP Query User{C9823F84-1984-4090-907F-DC3702EE5C3C}G:\steamlibrary\steamapps\common\destiny 2\destiny2.exe] => (Allow) G:\steamlibrary\steamapps\common\destiny 2\destiny2.exe => No File
FirewallRules: [TCP Query User{9B1C125E-F31B-4EB1-A660-4A42AD0031B8}G:\steamlibrary\steamapps\common\destiny 2\destiny2.exe] => (Allow) G:\steamlibrary\steamapps\common\destiny 2\destiny2.exe => No File
FirewallRules: [UDP Query User{8D778748-74C2-4A53-8246-F355CDB36559}D:\games\thealtocollection\the alto collection.exe] => (Allow) D:\games\thealtocollection\the alto collection.exe => No File
FirewallRules: [TCP Query User{BE086E0D-5C43-4C1F-9345-8CFBB02837E0}D:\games\thealtocollection\the alto collection.exe] => (Allow) D:\games\thealtocollection\the alto collection.exe => No File
FirewallRules: [UDP Query User{93616156-6050-4782-9135-382098F0125B}C:\users\tzahi\downloads\_oceanofgames.com_beamng_drive_v0.17.0.2\beamng.drive.v0.17.0.2\bin64\beamng.drive.x64.exe] => (Allow) C:\users\tzahi\downloads\_oceanofgames.com_beamng_drive_v0.17.0.2\beamng.drive.v0.17.0.2\bin64\beamng.drive.x64.exe => No File
FirewallRules: [TCP Query User{F2376F81-F25A-4240-9DA7-074BED35B83A}C:\users\tzahi\downloads\_oceanofgames.com_beamng_drive_v0.17.0.2\beamng.drive.v0.17.0.2\bin64\beamng.drive.x64.exe] => (Allow) C:\users\tzahi\downloads\_oceanofgames.com_beamng_drive_v0.17.0.2\beamng.drive.v0.17.0.2\bin64\beamng.drive.x64.exe => No File
FirewallRules: [UDP Query User{9ADC7A0D-6B8A-4780-AD91-F58B0AF10FE3}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [TCP Query User{4DD82B7C-7456-4F85-AC55-594AC94FF4F9}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [{5240E39F-9644-4A12-BD38-D757DE5CDE3B}] => (Allow) C:\Program Files\Huawei\PCManager\HWVCR.exe => No File
FirewallRules: [UDP Query User{C5CC5E83-9AE7-430E-8A69-893AAB721002}G:\games\alienisolation\ai.exe] => (Allow) G:\games\alienisolation\ai.exe => No File
FirewallRules: [TCP Query User{13C379D5-EDCE-4E1F-AAA7-7056FB3B1656}G:\games\alienisolation\ai.exe] => (Allow) G:\games\alienisolation\ai.exe => No File
FirewallRules: [{BFDC8DDA-B806-4CFA-936F-74361414B688}] => (Allow) D:\Games\BatmanArkhamKnight\Binaries\Win64\BatmanAK.exe => No File
FirewallRules: [{D349103B-4285-496E-9CB5-0D02ACF2C655}] => (Allow) D:\Games\BatmanArkhamKnight\Binaries\Win64\BatmanAK.exe => No File
FirewallRules: [{3E641BF7-7B82-4104-AE0B-9DB957AD3993}] => (Allow) D:\Games\BatmanArkhamKnight\Binaries\Win64\BatmanAK.exe => No File
FirewallRules: [{D4E98496-5FB9-439E-84B8-CA29C65E524D}] => (Allow) D:\Games\BatmanArkhamKnight\Binaries\Win64\BatmanAK.exe => No File
FirewallRules: [UDP Query User{032F130F-CE2D-4F0B-9689-EA25664C3B61}D:\games\halo 2 project cartographer\halo2.exe] => (Allow) D:\games\halo 2 project cartographer\halo2.exe => No File
FirewallRules: [TCP Query User{2E72795F-2FCB-4F29-9BC2-918C792784CE}D:\games\halo 2 project cartographer\halo2.exe] => (Allow) D:\games\halo 2 project cartographer\halo2.exe => No File
FirewallRules: [UDP Query User{96736BC3-6EAF-4D40-9749-EDDA9C099D12}C:4\haloinfinite.exe] => (Allow) C:4\haloinfinite.exe => No File
FirewallRules: [TCP Query User{799FC99B-3EE1-4608-8404-58E4F28D94C1}C:4\haloinfinite.exe] => (Allow) C:4\haloinfinite.exe => No File
FirewallRules: [UDP Query User{A22BB818-D073-47B3-A13D-9EE73A3A4545}G:\games\need for speed heat\needforspeedheat.exe] => (Allow) G:\games\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [TCP Query User{F2201F51-2D5A-477A-950E-92DDF6F77CBC}G:\games\need for speed heat\needforspeedheat.exe] => (Allow) G:\games\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [UDP Query User{9147ECAD-4EA4-4DEB-BF1D-AFA2E046C448}D:\games\halo - combat evolved\halo.exe] => (Allow) D:\games\halo - combat evolved\halo.exe => No File
FirewallRules: [TCP Query User{19BA2A16-59CB-4748-B66A-B30F21E6F212}D:\games\halo - combat evolved\halo.exe] => (Allow) D:\games\halo - combat evolved\halo.exe => No File
FirewallRules: [UDP Query User{F36DEEA1-23BF-4B09-B3D4-B174E93CDB1F}D:\games\batmanarkhamcity\binaries\win32\batmanac.exe] => (Allow) D:\games\batmanarkhamcity\binaries\win32\batmanac.exe => No File
FirewallRules: [TCP Query User{896A95CD-3759-4D51-9AF0-D659AA3F8C5B}D:\games\batmanarkhamcity\binaries\win32\batmanac.exe] => (Allow) D:\games\batmanarkhamcity\binaries\win32\batmanac.exe => No File
FirewallRules: [UDP Query User{33AD8D6C-6243-43FD-80BF-F6F245D9FC85}D:\games\batmanarkhamcity\binaries\win32\batmanac.exe] => (Allow) D:\games\batmanarkhamcity\binaries\win32\batmanac.exe => No File
FirewallRules: [TCP Query User{2A7286D4-1DDC-4BDC-8C8D-44F453D2D5AD}D:\games\batmanarkhamcity\binaries\win32\batmanac.exe] => (Allow) D:\games\batmanarkhamcity\binaries\win32\batmanac.exe => No File
FirewallRules: [UDP Query User{6979730F-9FD2-4E15-851D-42273A7836B5}E:\games\assetto corsa competizione\ac2\binaries\win64\ac2-win64-shipping.exe] => (Allow) E:\games\assetto corsa competizione\ac2\binaries\win64\ac2-win64-shipping.exe => No File
FirewallRules: [TCP Query User{7FAF4581-5E01-4380-A2AC-6EAAFEA7D2DA}E:\games\assetto corsa competizione\ac2\binaries\win64\ac2-win64-shipping.exe] => (Allow) E:\games\assetto corsa competizione\ac2\binaries\win64\ac2-win64-shipping.exe => No File
FirewallRules: [UDP Query User{7D0A512A-8B78-4D8E-8FA4-6866B09C41AA}D:6\games\need for speed heat\needforspeedheat.exe] => (Allow) D:6\games\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [TCP Query User{A7AEAB1E-82BA-48A9-93F3-A6422090A5CB}D:6\games\need for speed heat\needforspeedheat.exe] => (Allow) D:6\games\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [UDP Query User{0ACBD6DF-7CCF-4C90-B544-0490AFF45C28}C:8\games\need for speed heat\needforspeedheat.exe] => (Allow) C:8\games\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [TCP Query User{E076492C-43A7-4F0D-B98F-56C18F280BFC}C:8\games\need for speed heat\needforspeedheat.exe] => (Allow) C:8\games\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [UDP Query User{34220ABC-610D-48E8-9E83-5077596F3D71}C:0\games\need for speed heat\needforspeedheat.exe] => (Allow) C:0\games\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [TCP Query User{6C337EA5-260D-44CF-A356-0C9EE5A03E9D}C:0\games\need for speed heat\needforspeedheat.exe] => (Allow) C:0\games\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [UDP Query User{7474242E-5991-44A3-8A26-8BBFDCD44427}D:\games\halo 2 project cartographer\halo2.exe] => (Allow) D:\games\halo 2 project cartographer\halo2.exe => No File
FirewallRules: [TCP Query User{AB423B4E-4F6A-4D37-9175-822D9220F913}D:\games\halo 2 project cartographer\halo2.exe] => (Allow) D:\games\halo 2 project cartographer\halo2.exe => No File
FirewallRules: [UDP Query User{20C3997E-BCFB-448B-8B6A-3C2A949E262F}E:\games\need for speed heat\needforspeedheat.exe] => (Allow) E:\games\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [TCP Query User{633368D0-825A-4931-A016-8C0063235851}E:\games\need for speed heat\needforspeedheat.exe] => (Allow) E:\games\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [UDP Query User{A3AADF0F-C0D6-4D16-8D97-6D50753F8CDE}E:\need.for.speed.heat.fixed\need.for.speed.heat.fixed\need for speed heat\needforspeedheat.exe] => (Allow) E:\need.for.speed.heat.fixed\need.for.speed.heat.fixed\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [TCP Query User{6F079768-278D-4793-89E7-FFAEA7A20C57}E:\need.for.speed.heat.fixed\need.for.speed.heat.fixed\need for speed heat\needforspeedheat.exe] => (Allow) E:\need.for.speed.heat.fixed\need.for.speed.heat.fixed\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [UDP Query User{492D7C10-DE5B-4F47-A6A7-C509ACC13DAB}E:\games\scrap mechanic\release\scrapmechanic.exe] => (Allow) E:\games\scrap mechanic\release\scrapmechanic.exe => No File
FirewallRules: [TCP Query User{A3E321D0-A618-4D5A-8CBA-D7AEDB6D02A8}E:\games\scrap mechanic\release\scrapmechanic.exe] => (Allow) E:\games\scrap mechanic\release\scrapmechanic.exe => No File
FirewallRules: [{483E1497-5E75-4E0C-9C99-49677EACA549}] => (Allow) C:\Users\tzahi\AppData\Local\Temp\7zS1821\HP.EasyStart.exe => No File
FirewallRules: [UDP Query User{2BE7F379-EA57-4382-AA63-BDDF28BCC7A7}D:\games\scrap mechanic\release\scrapmechanic.exe] => (Allow) D:\games\scrap mechanic\release\scrapmechanic.exe => No File
FirewallRules: [TCP Query User{6BE017BB-76DD-4F71-BE14-7D89CA9874CE}D:\games\scrap mechanic\release\scrapmechanic.exe] => (Allow) D:\games\scrap mechanic\release\scrapmechanic.exe => No File
FirewallRules: [UDP Query User{B5E25C3C-619E-4DF7-8CE9-13D3BC92A016}D:\games\call of duty - world at war\codwawmp.exe] => (Allow) D:\games\call of duty - world at war\codwawmp.exe => No File
FirewallRules: [TCP Query User{3688B6D7-87FE-4ACC-AEA5-A2F1D916A656}D:\games\call of duty - world at war\codwawmp.exe] => (Allow) D:\games\call of duty - world at war\codwawmp.exe => No File
FirewallRules: [UDP Query User{B4F8C979-E8D9-4621-99DC-39CB33225CF9}D:\games\call of duty - world at war\codwaw.exe] => (Allow) D:\games\call of duty - world at war\codwaw.exe => No File
FirewallRules: [TCP Query User{46BC3532-350C-4B08-879B-6CA2D25348B8}D:\games\call of duty - world at war\codwaw.exe] => (Allow) D:\games\call of duty - world at war\codwaw.exe => No File
FirewallRules: [UDP Query User{981D4048-3A8E-466A-8A6E-33CE7E14930B}D:\scrap.mechanic.v0.5.1.659\scrap.mechanic.v0.5.1.659\scrap mechanic\release\scrapmechanic.exe] => (Allow) D:\scrap.mechanic.v0.5.1.659\scrap.mechanic.v0.5.1.659\scrap mechanic\release\scrapmechanic.exe => No File
FirewallRules: [TCP Query User{CEB568B2-B264-4B20-A3AC-1883A3B110CD}D:\scrap.mechanic.v0.5.1.659\scrap.mechanic.v0.5.1.659\scrap mechanic\release\scrapmechanic.exe] => (Allow) D:\scrap.mechanic.v0.5.1.659\scrap.mechanic.v0.5.1.659\scrap mechanic\release\scrapmechanic.exe => No File
FirewallRules: [TCP Query User{EBADD02C-BBC9-4F0F-9F8F-66DE30B15C99}D:\gtav\gta5.exe] => (Allow) D:\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{0216A500-D61C-46EB-8B32-DE85C9E383D1}D:\gtav\gta5.exe] => (Allow) D:\gtav\gta5.exe => No File
FirewallRules: [TCP Query User{8FA96D3B-E7E6-45FF-9065-A1D32C49FB38}E:\2016 office\office 2013-2016 c2r install v5.9.5\files\bin\kmss.exe] => (Allow) E:\2016 office\office 2013-2016 c2r install v5.9.5\files\bin\kmss.exe => No File
FirewallRules: [UDP Query User{48AE4541-051A-47BB-8800-EA48B79BD852}E:\2016 office\office 2013-2016 c2r install v5.9.5\files\bin\kmss.exe] => (Allow) E:\2016 office\office 2013-2016 c2r install v5.9.5\files\bin\kmss.exe => No File
FirewallRules: [{4E91C996-AC44-4DBD-B236-80F2EEB400A1}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe => No File
FirewallRules: [{2F9AC40A-89F9-42DF-8DAC-1E95C36F659E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe => No File
FirewallRules: [{E181A739-F50D-47C4-B096-B24A0FE73C69}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe => No File
FirewallRules: [{D49FB4CB-2370-485A-B4F9-0F0DBEA5B0ED}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe => No File
FirewallRules: [{191F5EB6-5D65-45FD-A5C3-497B3FE7E194}] => (Allow) C:\Users\tzahi\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{D98FDDD9-F538-49E3-8C37-15C161B58243}] => (Allow) C:\Users\tzahi\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{2A31E666-7087-4A06-95CA-C91D900259B9}D:\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{4213F32C-23B4-45CC-B534-0DF1FE3B2E5D}D:\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{164886CA-B042-419F-9A19-8B2FD218A56B}D:\games\call of duty - world at war\codwaw.exe] => (Allow) D:\games\call of duty - world at war\codwaw.exe => No File
FirewallRules: [UDP Query User{55CCA0CE-89F8-46B3-A341-76D1F41F9389}D:\games\call of duty - world at war\codwaw.exe] => (Allow) D:\games\call of duty - world at war\codwaw.exe => No File
FirewallRules: [TCP Query User{A945DC9E-537C-4D94-BE0F-5C583BF08EC2}D:\games\need for speed heat\needforspeedheat.exe] => (Allow) D:\games\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [UDP Query User{296D16E9-D655-4045-8277-49C46A79C436}D:\games\need for speed heat\needforspeedheat.exe] => (Allow) D:\games\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [TCP Query User{052E67D2-1DEF-4EF8-A9C6-0474F5E19FB8}D:\games\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\games\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{A272DE0D-1538-40C5-8009-DFECDAE829F0}D:\games\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\games\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{08784593-E73B-4C4B-BE0B-7BCE48CF8476}D:\games\gtav\gta5.exe] => (Allow) D:\games\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{AF409DEC-2DB2-4B0C-B6C9-750C36ADA323}D:\games\gtav\gta5.exe] => (Allow) D:\games\gtav\gta5.exe => No File
FirewallRules: [TCP Query User{E5FBC816-AC93-40F4-B865-10090B2324FE}C:\users\tzahi\appdata\local\temp\microsoftedgedownloads\53df87b7-962c-419e-94be-39c94be73dc7\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\tzahi\appdata\local\temp\microsoftedgedownloads\53df87b7-962c-419e-94be-39c94be73dc7\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [UDP Query User{14DBF5DF-3D0A-4F40-A274-B342EA877FF0}C:\users\tzahi\appdata\local\temp\microsoftedgedownloads\53df87b7-962c-419e-94be-39c94be73dc7\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\tzahi\appdata\local\temp\microsoftedgedownloads\53df87b7-962c-419e-94be-39c94be73dc7\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [TCP Query User{688E2E3D-AAFB-40FA-9D31-39E89F90AC8F}C:\users\tzahi\appdata\local\temp\microsoftedgedownloads\b6403e6f-4fbd-416e-9e1a-9a029cacedf0\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\tzahi\appdata\local\temp\microsoftedgedownloads\b6403e6f-4fbd-416e-9e1a-9a029cacedf0\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [UDP Query User{95A5A608-C279-42A9-ADE4-D68320D5B4CD}C:\users\tzahi\appdata\local\temp\microsoftedgedownloads\b6403e6f-4fbd-416e-9e1a-9a029cacedf0\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\tzahi\appdata\local\temp\microsoftedgedownloads\b6403e6f-4fbd-416e-9e1a-9a029cacedf0\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [TCP Query User{67879EC0-7F45-43E2-A1BE-6E172D789D8E}E:\zip files\office 2013-2016 c2r install v5.9.5\files\bin\kmss.exe] => (Allow) E:\zip files\office 2013-2016 c2r install v5.9.5\files\bin\kmss.exe => No File
FirewallRules: [UDP Query User{911A7058-14F7-469B-B8F3-AAF9868BD92B}E:\zip files\office 2013-2016 c2r install v5.9.5\files\bin\kmss.exe] => (Allow) E:\zip files\office 2013-2016 c2r install v5.9.5\files\bin\kmss.exe => No File
FirewallRules: [TCP Query User{F338CC62-138A-4312-916E-1A7175017E8C}D:\games\gtav\gta5.exe] => (Allow) D:\games\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{3902C0A1-9C7B-4A41-AC27-62391E508EC2}D:\games\gtav\gta5.exe] => (Allow) D:\games\gtav\gta5.exe => No File
FirewallRules: [TCP Query User{82549B22-3496-4A57-9AD6-883C97470EFD}G:\games\call of duty - world at war\codwaw.exe] => (Allow) G:\games\call of duty - world at war\codwaw.exe => No File
FirewallRules: [UDP Query User{575F1E90-FC88-48C5-A116-C87C21E942DD}G:\games\call of duty - world at war\codwaw.exe] => (Allow) G:\games\call of duty - world at war\codwaw.exe => No File
FirewallRules: [{868539F8-B2F4-44DB-AA82-C1B99DCC3AE9}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Kerbal Space Program\KSP_x64.exe => No File
FirewallRules: [{F2000940-5EE3-4319-B89D-93FB90F55851}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Kerbal Space Program\KSP_x64.exe => No File
FirewallRules: [TCP Query User{FCF10B71-8708-4A5A-B4C2-1C88081325DD}G:\games\epic games\gtav\gta5.exe] => (Allow) G:\games\epic games\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{DFBA9E29-CF2C-4602-9AFB-5F05A40658DB}G:\games\epic games\gtav\gta5.exe] => (Allow) G:\games\epic games\gtav\gta5.exe => No File
FirewallRules: [{A366E840-6FA3-46F7-8BA4-BC0DE8F5EA51}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{B936A21D-4D1B-4007-9CE3-2A57C9687689}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{18E9511D-46B7-4AF6-B5A7-246DC43E1FD0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{7C927E17-F6A0-4FF0-8A51-60413B2D3297}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{33F23815-FBA9-4F0E-AD13-86CEA1F3A12B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{0F54CC9A-62FA-4252-A806-03BE91226BD9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{55452FB0-B240-44E1-ABE9-353B866A3337}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{80039718-1023-4E22-9EE4-4AC364E70D2F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{644642DF-CAEF-47FF-9E40-0470941187AA}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{3BB5B344-A168-41FE-BC38-696315D9485D}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{0B369198-1A59-4B7F-B0BC-46C9EFAD6998}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{93358649-8692-4B9B-BFD5-CF3A5462AF41}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{3221B027-1D2C-4539-A3EB-7B37128F8051}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{96CA939F-6DAD-40A1-B381-68E0F1356FF3}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{7C526CC0-51BE-429B-B68D-774591ADD0C9}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{DD682023-17D4-4D26-8649-59378350961A}] => (Allow) D:\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{6D73BF28-7E09-469D-AC55-6B6BA3B07165}] => (Allow) G:\SteamLibrary\steamapps\common\Kerbal Space Program\PDLauncher\LauncherPatcher.exe => No File
FirewallRules: [{08B6734A-AD50-4CC9-A5AC-11BABE336224}] => (Allow) G:\SteamLibrary\steamapps\common\Kerbal Space Program\PDLauncher\LauncherPatcher.exe => No File
FirewallRules: [TCP Query User{3518FD20-0E74-4BCB-B848-9C4457DC352C}C:0\games\epic games\gtav\gta5.exe] => (Allow) C:0\games\epic games\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{901B7417-78B6-44AB-BC9E-84080A7A6BD9}C:0\games\epic games\gtav\gta5.exe] => (Allow) C:0\games\epic games\gtav\gta5.exe => No File
FirewallRules: [TCP Query User{6E18A220-0088-40AB-BC50-A213E8CF5608}C:4\games\epic games\gtav\gta5.exe] => (Allow) C:4\games\epic games\gtav\gta5.exe => No File
FirewallRules: [UDP Query User{CAEBC1F0-DE91-401C-9B66-1805EEE89BD0}C:4\games\epic games\gtav\gta5.exe] => (Allow) C:4\games\epic games\gtav\gta5.exe => No File
C:\WINDOWS\system32\drivers\etc\hosts
C:\WINDOWS\system32\drivers\etc\hosts.ics
Hosts:
CMD: del /f /s /q %windir%\prefetch\*.*
CMD: del /s /q C:\Windows\SoftwareDistribution\download\*.*
CMD: del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cache\*.*"
cmd: del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\Cache\*.*"
cmd: del /s /q "%userprofile%\AppData\Local\Opera Software\Opera Stable\Cache\Cache_Data\*.*"
CMD: del /s /q "%userprofile%\AppData\Local\temp\*.*"
CMD: ipconfig /flushdns
C:\Windows\Temp\*.*
C:\WINDOWS\system32\*.tmp
C:\WINDOWS\syswow64\*.tmp
emptytemp:
Reboot:
End::
