There have been some strange goings on in regard to security on my computer and I'm not sure if I have an infection or not.
It seems somebody is somehow bypassing the use of my authenticator through google but when I check there are no strange devices that have used my google.
After a password reset and booting all connected devices from various sites/apps it seems somebody again got access and somehow the use of my google authenticator, all with no trace that I can find.
My only thought now is that perhaps my computer is compromised. I've checked my startup programs and recently installed programs and everything seems fine. I'm at a bit of a loss now.
Thanks!
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-05-2025
Ran by splif (31-05-2025 20:27:48)
Running from C:\Users\splif\Downloads
Microsoft Windows 11 Pro Version 24H2 26100.4202 (X64) (2024-11-20 17:21:33)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2642253706-1610672585-1098668419-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2642253706-1610672585-1098668419-503 - Limited - Disabled)
Guest (S-1-5-21-2642253706-1610672585-1098668419-501 - Limited - Disabled)
GuestAcc (S-1-5-21-2642253706-1610672585-1098668419-1005 - Limited - Enabled) => C:\Users\GuestAcc
splif (S-1-5-21-2642253706-1610672585-1098668419-1001 - Administrator - Enabled) => C:\Users\splif
WDAGUtilityAccount (S-1-5-21-2642253706-1610672585-1098668419-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 23.01 (x64) (HKLM\...\7-Zip) (Version: 23.01 - Igor Pavlov)
A3Launcher version 0.1.6.8 (HKLM-x32\...\{1E29A86E-9AE2-4CD8-74C8-6B170ED3C4D2}_is1) (Version: 0.1.6.8 - Maca134)
AMD Product Verification Tool version 1.0.6.4 (HKLM\...\{4242685A-EF3E-45FF-B4AE-758E49020936}}_is1) (Version: 1.0.6.4 - AMD)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 24.9.1 - Advanced Micro Devices, Inc.)
AutoHotkey 1.1.34.03 (HKLM\...\AutoHotkey) (Version: 1.1.34.03 - Lexikos)
Clair Obscur: Expedition 33 (HKLM-x32\...\Clair Obscur: Expedition 33_is1) (Version: - )
CMS (HKLM-x32\...\CMS) (Version: - )
Core Temp 1.18 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.18 - ALCPU)
Discord (HKU\S-1-5-21-2642253706-1610672585-1098668419-1001\...\Discord) (Version: 1.0.9004 - Discord Inc.)
DZLauncher version 0.1.6.8 (HKLM-x32\...\{1E299AE2-74C8-4CD8-6B17-A86E0ED3C4D2}_is1) (Version: 0.1.6.8 - Maca134)
DZSALauncher version 0.0.5.2 (HKLM-x32\...\DZSALauncher_is1) (Version: 0.0.5.2 - Maca134)
ENE_AIC_Marvell_HAL (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_AIC_Marvell_HAL (HKLM-x32\...\{887e18fb-6bc3-4cd4-b34e-32d9ff71bbae}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.3.32 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{acfd3daa-8cad-4514-bc73-64a154033052}) (Version: 1.0.3.32 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.5 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{2ddd3bd2-7bad-4020-a8b8-9650a834bb99}) (Version: 1.0.9.5 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{bf256b46-8ff7-48be-ab7f-5661e9a0651f}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.4.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM-x32\...\{ec10ac91-2e61-460a-b493-33f794a07682}) (Version: 1.0.4.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.8.0 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{7eeee667-b295-4acd-9a4e-1160421db765}) (Version: 1.0.8.0 - ENE Tech) Hidden
Epic Games Launcher (HKLM-x32\...\{7CFBE8DA-5BBB-44B2-BCD9-DB28996EBB67}) (Version: 1.3.135.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{C7D679C2-04A8-434A-8799-4C2F001388BE}) (Version: 2.9.0 - Epic Games, Inc.)
ES-DE 3.2.0 (HKLM-x32\...\ES-DE) (Version: 3.2.0 - Northwestern Software AB)
f.lux (HKU\S-1-5-21-2642253706-1610672585-1098668419-1001\...\Flux) (Version: 4.137 - f.lux Software LLC)
FileZilla 3.67.0 (HKU\S-1-5-21-2642253706-1610672585-1098668419-1001\...\FileZilla Client) (Version: 3.67.0 - Tim Kosse)
Geeks3D FurMark 1.31.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: 1.31.0.0 - Geeks3D)
GIMP 2.10.38-1 (HKU\S-1-5-21-2642253706-1610672585-1098668419-1001\...\GIMP-2_is1) (Version: 2.10.38 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 136.0.7103.116 - Google LLC)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.44.340 - SurfRight B.V.)
Honeyview (HKLM\...\Honeyview) (Version: 5.46 - Bandisoft.com)
HyperX NGenuity Software (HKLM-x32\...\{28211B6A-65EE-4713-8677-E8D41349A122}_is1) (Version: 5.2.8.1 - HyperX)
Intel® Chipset Device Software (HKLM\...\{89D00C61-DC40-4846-B938-E2E6158EDAAA}) (Version: 10.1.18836.8283 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{9b79ab4c-1596-44ee-84e2-a2001f7af089}) (Version: 10.1.18836.8283 - Intel® Corporation)
Intel® Serial IO (HKLM\...\{8EC4CB19-850D-4BD4-B914-F63DF7DAD67D}) (Version: 30.100.2131.26 - Intel Corporation) Hidden
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.2131.26 - Intel Corporation)
Jagex Launcher (HKLM-x32\...\Jagex Launcher) (Version: 0.26.0.0 - Jagex Ltd)
Java 8 Update 441 (64-bit) (HKLM\...\{77724AE4-039E-4CA4-87B4-2F64180441F0}) (Version: 8.0.4410.7 - Oracle Corporation)
Java SE Development Kit 23.0.2 (64-bit) (HKLM\...\{8EFDE921-88A2-5D0A-A920-0AB07B2A3181}) (Version: 23.0.2.0 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-2642253706-1610672585-1098668419-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Malwarebytes version 5.2.11.183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.2.11.183 - Malwarebytes)
Microsoft .NET Host - 6.0.11 (x64) (HKLM\...\{B92B890A-04F2-4880-BA20-20D4364FB263}) (Version: 48.47.50420 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.5 (x86) (HKLM-x32\...\{2F933E6C-13D1-4886-99EB-05ED0C42885B}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.11 (x64) (HKLM\...\{5E63E49B-C88C-46C5-855C-A7B07C11CDC8}) (Version: 48.47.50420 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.5 (x86) (HKLM-x32\...\{E3B06B8A-7FA4-4421-8A96-8503B2669F50}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.11 (x64) (HKLM\...\{C3DD1448-513A-4DB8-978D-6991562EA63D}) (Version: 48.47.50420 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.5 (x86) (HKLM-x32\...\{23D1DA1E-5CBC-4990-BB53-5974E8D0AB3A}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.5 (x86) (HKLM-x32\...\{75523047-69e0-4216-9104-99f4b310a769}) (Version: 7.0.5.32324 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 136.0.3240.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 136.0.3240.92 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-2642253706-1610672585-1098668419-1005\...\OneDriveSetup.exe) (Version: 22.012.0117.0003 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.19202 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34438 (HKLM-x32\...\{b49c10dd-4d54-45f8-ad13-fa25704456a4}) (Version: 14.42.34438.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34438 (HKLM-x32\...\{ba10fda9-f731-441f-a999-000bbb7ceec2}) (Version: 14.42.34438.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34438 (HKLM\...\{E528AD94-12D7-42C4-91A3-908BE28E9BD2}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34438 (HKLM\...\{2E15F519-4FDA-4834-B4EE-7EFCE7D8D4EE}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34438 (HKLM-x32\...\{A5592FEF-F948-4BA6-A066-8BBFC2DC7EE1}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34438 (HKLM-x32\...\{5D0C4511-3CA1-4FF8-A4BA-C0E1957ABEEA}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.11 (x64) (HKLM\...\{A39D4115-3A27-4245-AE92-3214B8B21932}) (Version: 48.47.50419 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.11 (x64) (HKLM-x32\...\{c4846f79-a633-4ae4-92a3-92fdbeb33da2}) (Version: 6.0.11.31823 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox (x64 en-GB) (HKLM\...\Mozilla Firefox 137.0.2 (x64 en-GB)) (Version: 137.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 119.0 - Mozilla)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.4.8 - Notepad++ Team)
Npcap (HKLM-x32\...\NpcapInst) (Version: 1.79 - Nmap Project)
NVIDIA Graphics Driver 536.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 536.67 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 30.0.2 - OBS Project)
OpenVPN 2.5.7-I602 amd64 (HKLM\...\{C57B257B-3D92-4AC0-8FE8-7D6FF81AEF73}) (Version: 2.5.036 - OpenVPN, Inc.)
Oxygen Not Included (HKLM-x32\...\Oxygen Not Included_is1) (Version: - )
Pulover's Macro Creator version 5.4.1 (HKLM\...\{223FFB42-2D49-4AF6-9EF2-82B7D0CAF8B4}_is1) (Version: 5.4.1 - Cloversoft Serviços de Informática Ltda)
Python 3.12.0 (64-bit) (HKU\S-1-5-21-2642253706-1610672585-1098668419-1001\...\{cf9c4d97-48a7-4a27-b9fc-91b88a803c40}) (Version: 3.12.150.0 - Python Software Foundation)
Python 3.12.0 Core Interpreter (64-bit) (HKLM\...\{6B58F6F9-656A-4CC4-8BAB-22177BFFA45F}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Development Libraries (64-bit) (HKLM\...\{225BAA2C-BDCA-4D63-9D72-D92CE5E2421D}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Documentation (64-bit) (HKLM\...\{5DF0B8D8-4E7F-43EB-AD16-30FFA931A905}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Executables (64-bit) (HKLM\...\{575EC8EB-A481-4CF1-BAB0-3C1DBD2E50A7}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 pip Bootstrap (64-bit) (HKLM\...\{24B8988D-E785-4124-BF77-1DC6A3E62050}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Standard Library (64-bit) (HKLM\...\{14BBD330-AA3F-4F7A-8A39-DFB28AECFA82}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Tcl/Tk Support (64-bit) (HKLM\...\{6EAF677E-4EE8-4A22-9781-9131C5298D26}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python 3.12.0 Test Suite (64-bit) (HKLM\...\{0A9B38A7-D393-44A5-A94E-9FEC927DC39C}) (Version: 3.12.150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{3182A195-B671-44A8-B0C7-7876B916BA5A}) (Version: 3.12.150.0 - Python Software Foundation)
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 5.0.1 - The qBittorrent project)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9235.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.50.511.2021 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
REDlauncher (HKU\S-1-5-21-2642253706-1610672585-1098668419-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - CD Projekt RED)
RetroArch (HKLM-x32\...\RetroArch) (Version: 1.21.0.0 - Libretro)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
RuneLite (HKU\S-1-5-21-2642253706-1610672585-1098668419-1001\...\RuneLite Launcher_is1) (Version: 2.6.7 - RuneLite)
SKYBOX (HKLM\...\SKYBOX) (Version: 1.1.8.465 - Beijing Zixiong Information Technology Co., Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Telegram Desktop (HKU\S-1-5-21-2642253706-1610672585-1098668419-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 5.13.1 - Telegram FZ-LLC)
TP-Link UB500 Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1015.1016.1016.210427 - TP-LINK TECHNOLOGIES CO., LTD.)
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C270D21B-2327-49B8-85F7-395133A93C75}) (Version: 8.92.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.9.5 - Black Tree Gaming Ltd.)
Windows PC Health Check (HKLM\...\{804A0628-543B-4984-896C-F58BF6A54832}) (Version: 3.7.2204.15001 - Microsoft Corporation)
Wireshark 4.4.6 x64 (HKLM-x32\...\Wireshark) (Version: 4.4.6 - The Wireshark developer community, hxxps://www.wireshark.org)
Packages:
=========
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3624.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-05-29] ()
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3775.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-05-29] ()
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3912.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-05-29] ()
@{MicrosoftWindows.Client.CoreAI_1000.26100.3912.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.Client.CoreAI/AIXHost/ClickToDo/AppDisplayName} -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CoreAI_cw5n1h2txyewy [2025-05-30] (Microsoft Windows)
@{MicrosoftWindows.Client.CoreAI_1000.26100.4061.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.Client.CoreAI/AIXHost/ClickToDo/AppDisplayName} -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CoreAI_cw5n1h2txyewy [2025-05-30] (Microsoft Windows)
Click to Do (preview) -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CoreAI_cw5n1h2txyewy [2025-05-30] (Microsoft Windows)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_2024.3.211.0_neutral__6rarf9sa4v8jt [2024-10-27] (Disney)
HyperX NGENUITY -> C:\Program Files\WindowsApps\33C30B79.HyperXNGenuity_5.30.1.0_x64__0a78dr3hq0pvt [2025-04-21] (HP Inc.) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_7.0.8.0_neutral__mcm4njqhnhss8 [2024-10-27] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2024-12-24] (NVIDIA Corp.)
Palworld -> C:\Program Files\WindowsApps\PocketpairInc.Palworld_0.0.55495.0_x64__ad4psfrxyesvt [2024-06-29] (Pocketpair, Inc)
Python 3.11 -> C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.11_3.11.2544.0_x64__qbz5n2kfra8p0 [2024-04-03] (Python Software Foundation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.28.255.0_x64__dt26b99r8h8gj [2023-12-01] (Realtek Semiconductor Corp)
Second Screen -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SecondScreen_1.12.3.0_x64__wyx1vj98g3asy [2025-05-17] (Samsung Electronics Co, Ltd.)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.150.3125.0_x64__kzf8qxf38zg5c [2025-05-07] (Skype)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.264.408.0_x64__zpdnekdrzrea0 [2025-05-23] (Spotify AB) [Startup Task]
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe [2025-01-15] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_7000.456.1632.0_x64__8wekyb3d8bbwe [2025-04-09] (Microsoft Corp.)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.54792954.Filons_cw5n1h2txyewy [2025-05-30] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.56978801.Voiess_cw5n1h2txyewy [2025-05-30] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.57058570.Speion_cw5n1h2txyewy [2025-05-30] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.57074914.Livtop_cw5n1h2txyewy [2025-05-30] (Microsoft Windows)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2642253706-1610672585-1098668419-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2642253706-1610672585-1098668419-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2642253706-1610672585-1098668419-1001_Classes\CLSID\{75016ED0-BC26-4629-A75E-656C8F9F8421} -> [Pixel 8a] => C:\Users\splif\CrossDevice\Pixel 8a [2025-02-07 11:25]
CustomCLSID: HKU\S-1-5-21-2642253706-1610672585-1098668419-1001_Classes\CLSID\{9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF}\InprocServer32 -> C:\Program Files\Honeyview\HVShell64.dll (Bandisoft -> Bandisoft.com)
CustomCLSID: HKU\S-1-5-21-2642253706-1610672585-1098668419-1001_Classes\CLSID\{BEA218D2-6950-497B-9434-61683EC065FE}\InprocServer32 -> C:\Users\splif\AppData\Local\Programs\Python\Launcher\pyshellext.amd64.dll (Python Software Foundation -> Python Software Foundation)
CustomCLSID: HKU\S-1-5-21-2642253706-1610672585-1098668419-1001_Classes\CLSID\{df39a82d-a682-9d74-8c38-1701e42f71ae}\localserver32 -> "C:\Program Files\SuperDisplay\SuperDisplay.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [0HVContext] -> {9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF} => C:\Program Files\Honeyview\HVShell64.dll [2022-01-03] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2022-12-24] (Notepad++ -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-05-06] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [0HVContext] -> {9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF} => C:\Program Files\Honeyview\HVShell64.dll [2022-01-03] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2023-06-02] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-05-06] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2023-06-02] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
ContextMenuHandlers1_S-1-5-21-2642253706-1610672585-1098668419-1001: [0HVContext] -> {9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF} => C:\Program Files\Honeyview\HVShell64.dll [2022-01-03] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers4_S-1-5-21-2642253706-1610672585-1098668419-1001: [0HVContext] -> {9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF} => C:\Program Files\Honeyview\HVShell64.dll [2022-01-03] (Bandisoft -> Bandisoft.com)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2023-04-10 08:17 - 2025-04-15 18:33 - 167478784 _____ () [File not signed] C:\Program Files (x86)\Jagex Launcher\libcef.dll
2023-04-10 08:17 - 2025-04-15 18:33 - 000372736 _____ () [File not signed] C:\Program Files (x86)\Jagex Launcher\libegl.dll
2023-04-10 08:17 - 2025-04-15 18:33 - 006593536 _____ () [File not signed] C:\Program Files (x86)\Jagex Launcher\libglesv2.dll
2023-04-10 08:17 - 2025-04-15 18:33 - 004323328 _____ () [File not signed] C:\Program Files (x86)\Jagex Launcher\vk_swiftshader.dll
2022-03-16 22:17 - 2023-07-23 02:06 - 000192512 _____ () [File not signed] C:\Users\splif\AppData\Local\RuneLite\launcher_amd64.dll
2025-05-31 19:15 - 2025-05-31 19:15 - 000140800 _____ () [File not signed] C:\Users\splif\AppData\Local\Temp\16600769233174014522rlawt.dll
2025-05-31 19:15 - 2025-05-31 19:15 - 000012800 ____N () [File not signed] C:\Users\splif\AppData\Local\Temp\flatlaf.temp\flatlaf-windows-x86_64-4523039806000.dll
2025-04-20 08:19 - 2025-04-20 08:19 - 000476672 _____ () [File not signed] C:\Users\splif\AppData\Local\Temp\lwjgl-rl\3.3.2+13\x64\lwjgl.dll
2025-04-20 08:19 - 2025-04-20 08:19 - 000364032 _____ () [File not signed] C:\Users\splif\AppData\Local\Temp\lwjgl-rl\3.3.2+13\x64\lwjgl_opengl.dll
2023-08-04 22:05 - 2023-06-20 09:00 - 000101376 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2025-05-31 19:15 - 2025-05-31 19:15 - 000254464 ____N (Java Native Access (JNA)) [File not signed] C:\Users\splif\AppData\Local\Temp\jna-109648652\jna17112968965553722155.dll
2024-05-11 12:47 - 2024-05-11 12:47 - 000126976 ____N (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\UpdatePolicyScenarioReliabilityAggregator.dll
2023-04-10 08:17 - 2025-04-15 18:33 - 001143296 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Jagex Launcher\chrome_elf.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Product Verification Tool.lnk:122F03124D [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Private Browsing.lnk:C5112377E0 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk:C5D586BE93 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk:159ADC9AA1 [3442]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_441\bin\ssv.dll [2024-12-04] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_441\bin\jp2ssv.dll [2024-12-04] (Oracle America, Inc. -> Oracle Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2025-05-24 16:56 - 000005476 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 checkhost.local
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
127.0.0.1 checkhost.local
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
127.0.0.1 checkhost.local
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
2024-12-19 23:48 - 2024-12-20 14:44 - 000000506 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.8 DIGIHOME-TV.mshome.net # 2024 12 5 27 13 44 56 279
192.168.137.1 Smithy-pc.mshome.net # 2029 12 3 19 13 44 56 279
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Oracle\Java\java8path;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\dotnet\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2642253706-1610672585-1098668419-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-2642253706-1610672585-1098668419-1005\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
OpenVPN Wintun: Wintun Userspace Tunnel -> wintun.sys
Ethernet: Realtek Gaming 2.5GbE Family Controller -> rt25cx21x64.sys
Local Area Connection: TAP-Windows Adapter V9 -> tap0901.sys
Ethernet 2: Xbox Wireless Adapter for Windows -> mt7612US.sys
INSECURE_NPCAP: Npcap Packet Driver (NPCAP)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run: => "Nearby Share"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-2642253706-1610672585-1098668419-1001\...\StartupApproved\StartupFolder: => "Jagex Launcher.lnk"
HKU\S-1-5-21-2642253706-1610672585-1098668419-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2642253706-1610672585-1098668419-1001\...\StartupApproved\Run: => "LGHUB"
HKU\S-1-5-21-2642253706-1610672585-1098668419-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2642253706-1610672585-1098668419-1001\...\StartupApproved\Run: => "OpenVPN-GUI"
HKU\S-1-5-21-2642253706-1610672585-1098668419-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_21474905916422C545D27F93D9647688"
HKU\S-1-5-21-2642253706-1610672585-1098668419-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-2642253706-1610672585-1098668419-1001\...\StartupApproved\Run: => "RiotClient"
HKU\S-1-5-21-2642253706-1610672585-1098668419-1001\...\StartupApproved\Run: => "NGenuity"
HKU\S-1-5-21-2642253706-1610672585-1098668419-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{AD009BCA-0307-4C20-B181-A5F1E6D491E4}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{0C009793-437C-422F-8817-0824E6AD47A6}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{6E45B09C-62AD-4FA2-8B37-2B829BE39A16}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24215.1105.3082.1600_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E1DD3C24-CACD-4CAA-A35F-093B1D1D4BD8}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24215.1105.3082.1600_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A95D3012-3F2B-4D72-A6BF-B0F23C00CDC9}] => (Allow) C:\Program Files\SKYBOX\backend\airscreen-backend.exe (Beijing Zixiong Information Technology Co., Ltd. -> )
FirewallRules: [{3B7901E9-DB6A-4588-A3B4-DA9E0818A991}] => (Allow) C:\Program Files\SKYBOX\backend\airscreen-backend.exe (Beijing Zixiong Information Technology Co., Ltd. -> )
FirewallRules: [{3860F01B-65BA-45AF-9A75-3B93470254A5}] => (Allow) C:\Program Files\SKYBOX\backend\airscreen-backend.exe (Beijing Zixiong Information Technology Co., Ltd. -> )
FirewallRules: [{DC8F8DF1-123C-4C7F-9E86-D9DA2DA301EC}] => (Allow) C:\Program Files\SKYBOX\backend\airscreen-backend.exe (Beijing Zixiong Information Technology Co., Ltd. -> )
FirewallRules: [{2C160525-34BF-44DD-AEC1-7B77757FF413}] => (Allow) C:\Program Files\SKYBOX\backend\airscreen-backend.exe (Beijing Zixiong Information Technology Co., Ltd. -> )
FirewallRules: [{7A186D48-F239-4B83-915C-8D0CD214A91A}] => (Allow) C:\Program Files\SKYBOX\backend\airscreen-backend.exe (Beijing Zixiong Information Technology Co., Ltd. -> )
FirewallRules: [{EA2B805D-B3D3-44F3-8C0E-C1E589093E10}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe => No File
FirewallRules: [{E6F06EAC-45FF-47A6-AB49-97E30DE284CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe => No File
FirewallRules: [{60414B9C-B054-4CB1-917B-DB0659FF319D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command and Conquer 3 - Kane's Wrath\WorldBuilder.exe => No File
FirewallRules: [{44CFE8B8-1C5B-424A-AB8C-45D080F905DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Command and Conquer 3 - Kane's Wrath\WorldBuilder.exe => No File
FirewallRules: [UDP Query User{17950A5F-DA4C-4433-85DF-7D1FAD6B4B04}C:\games\age of empires ii - definitive edition\battleserver\battleserver.exe] => (Block) C:\games\age of empires ii - definitive edition\battleserver\battleserver.exe => No File
FirewallRules: [TCP Query User{4A67C525-CDCD-4354-BB46-0D46C95ED3D0}C:\games\age of empires ii - definitive edition\battleserver\battleserver.exe] => (Block) C:\games\age of empires ii - definitive edition\battleserver\battleserver.exe => No File
FirewallRules: [UDP Query User{BCAD2672-383B-47C0-B82E-A24E7D9C828D}C:\games\age of empires ii - definitive edition\aoe2de_s.exe] => (Block) C:\games\age of empires ii - definitive edition\aoe2de_s.exe => No File
FirewallRules: [TCP Query User{8E3DA30B-0B57-4941-97CF-0F04049246E7}C:\games\age of empires ii - definitive edition\aoe2de_s.exe] => (Block) C:\games\age of empires ii - definitive edition\aoe2de_s.exe => No File
FirewallRules: [UDP Query User{25E7F4A5-A809-4096-96BD-37BF39F9BA97}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{00B12F2D-1BB2-4643-99A8-1F8A01DEE1DF}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{758CA2EB-651B-408D-A382-58C35694A394}D:\games\call of duty - black ops 3\blackops3.exe] => (Block) D:\games\call of duty - black ops 3\blackops3.exe => No File
FirewallRules: [TCP Query User{99B0FD53-DD5C-4527-9514-229D93D1D9AB}D:\games\call of duty - black ops 3\blackops3.exe] => (Block) D:\games\call of duty - black ops 3\blackops3.exe => No File
FirewallRules: [UDP Query User{AFEDF528-FC5C-4B61-A03B-F8880F3F07CB}D:\games\baldur's gate 3\bin\bg3_dx11.exe] => (Block) D:\games\baldur's gate 3\bin\bg3_dx11.exe => No File
FirewallRules: [TCP Query User{8FD51730-1061-467E-820E-194BD932691D}D:\games\baldur's gate 3\bin\bg3_dx11.exe] => (Block) D:\games\baldur's gate 3\bin\bg3_dx11.exe => No File
FirewallRules: [UDP Query User{27BB6DE9-1E93-44A0-9948-0AAA34058AEB}C:\program files (x86)\dodi-repacks\call of duty black ops\bgamert5\bgt5launcher.exe] => (Allow) C:\program files (x86)\dodi-repacks\call of duty black ops\bgamert5\bgt5launcher.exe => No File
FirewallRules: [TCP Query User{31955BC6-A43A-4126-9FF6-862B5EAFE8F8}C:\program files (x86)\dodi-repacks\call of duty black ops\bgamert5\bgt5launcher.exe] => (Allow) C:\program files (x86)\dodi-repacks\call of duty black ops\bgamert5\bgt5launcher.exe => No File
FirewallRules: [{BDF7337B-1D05-45D7-8751-3A4833D5B272}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Settlement Survival\URP\Settlement SurvivalURP.exe => No File
FirewallRules: [{53B908D2-4F2F-48F1-91BE-CA42A08C4ABD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Settlement Survival\URP\Settlement SurvivalURP.exe => No File
FirewallRules: [UDP Query User{3DB204A4-D334-4F20-81BD-10AB74F01C84}C:\game\age of empires iv\reliccardinal.exe] => (Allow) C:\game\age of empires iv\reliccardinal.exe => No File
FirewallRules: [TCP Query User{AC116919-9E1F-4B5F-82A1-1D94DE1E2F12}C:\game\age of empires iv\reliccardinal.exe] => (Allow) C:\game\age of empires iv\reliccardinal.exe => No File
FirewallRules: [UDP Query User{7E4EDB2A-A106-495C-BD73-174C3A114823}D:\games\grounded\maine\binaries\win64\maine-win64-shipping.exe] => (Allow) D:\games\grounded\maine\binaries\win64\maine-win64-shipping.exe => No File
FirewallRules: [TCP Query User{4B2D7F2E-F6AD-4318-AC4A-5B9DF145D1CC}D:\games\grounded\maine\binaries\win64\maine-win64-shipping.exe] => (Allow) D:\games\grounded\maine\binaries\win64\maine-win64-shipping.exe => No File
FirewallRules: [UDP Query User{30491388-4DF4-4242-8C33-D3ADBFA0AE8A}C:\game\prison architect\prison architect64.exe] => (Block) C:\game\prison architect\prison architect64.exe => No File
FirewallRules: [TCP Query User{47BCE95D-FE32-4B8F-9102-91475F2E0112}C:\game\prison architect\prison architect64.exe] => (Block) C:\game\prison architect\prison architect64.exe => No File
FirewallRules: [UDP Query User{181E96B6-C5D2-4002-B7A8-F451E3A64F25}C:\game\high on life\oregon\binaries\win64\oregon-win64-shipping.exe] => (Allow) C:\game\high on life\oregon\binaries\win64\oregon-win64-shipping.exe => No File
FirewallRules: [TCP Query User{34019F9B-04AD-4A55-879A-E874885CE51C}C:\game\high on life\oregon\binaries\win64\oregon-win64-shipping.exe] => (Allow) C:\game\high on life\oregon\binaries\win64\oregon-win64-shipping.exe => No File
FirewallRules: [{FF1915E9-5A92-43EF-A224-49188B38BF10}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{18D4E0AB-9080-4EA1-B862-23589B82C4AC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{48D63BE9-0194-4BE9-850C-887E28A15233}D:\games\jurassic world evolution 2\jwe2.profile.exe] => (Allow) D:\games\jurassic world evolution 2\jwe2.profile.exe => No File
FirewallRules: [TCP Query User{BC7690E4-38B7-484A-8E55-B3E73D64E5E9}D:\games\jurassic world evolution 2\jwe2.profile.exe] => (Allow) D:\games\jurassic world evolution 2\jwe2.profile.exe => No File
FirewallRules: [UDP Query User{7C05AD5A-252F-4CA4-9C56-A7A0D9F99ABE}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{3089A59D-1916-4061-8F49-D0681DB7EFD9}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{149F8BA5-540D-46FC-BC02-F27615C132F5}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe => No File
FirewallRules: [TCP Query User{4DAA143A-854C-41F4-8B49-3B50FF5BF91E}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe => No File
FirewallRules: [UDP Query User{225411F9-101C-4111-A156-E4AFD704FDC2}C:\users\splif\desktop\ranch.simulator.build.24032022-ofme\ranch simulator\ranch_simulator\binaries\win64\ranch_simulator-win64-shipping.exe] => (Allow) C:\users\splif\desktop\ranch.simulator.build.24032022-ofme\ranch simulator\ranch_simulator\binaries\win64\ranch_simulator-win64-shipping.exe => No File
FirewallRules: [TCP Query User{CEAEE5CA-1A9C-41AC-B52C-CA47C4758BFC}C:\users\splif\desktop\ranch.simulator.build.24032022-ofme\ranch simulator\ranch_simulator\binaries\win64\ranch_simulator-win64-shipping.exe] => (Allow) C:\users\splif\desktop\ranch.simulator.build.24032022-ofme\ranch simulator\ranch_simulator\binaries\win64\ranch_simulator-win64-shipping.exe => No File
FirewallRules: [UDP Query User{0169C213-9BDE-4693-BCC8-FF10956BB16A}C:\users\splif\appdata\local\openosrs\openosrs.exe] => (Allow) C:\users\splif\appdata\local\openosrs\openosrs.exe => No File
FirewallRules: [TCP Query User{1E4EB7B1-533C-4B28-84E8-4F6D92567106}C:\users\splif\appdata\local\openosrs\openosrs.exe] => (Allow) C:\users\splif\appdata\local\openosrs\openosrs.exe => No File
FirewallRules: [UDP Query User{B44E3697-FB31-4336-AB58-CA17ADB45C3C}C:\program files\skybox\skybox.exe] => (Allow) C:\program files\skybox\skybox.exe (Beijing Zixiong Information Technology Co., Ltd. -> Beijing Zixiong Information Technology Co., Ltd.)
FirewallRules: [TCP Query User{E8806AD3-B919-4B65-82F6-CCF0E800381A}C:\program files\skybox\skybox.exe] => (Allow) C:\program files\skybox\skybox.exe (Beijing Zixiong Information Technology Co., Ltd. -> Beijing Zixiong Information Technology Co., Ltd.)
FirewallRules: [UDP Query User{E2A4BFE3-A3E1-4657-928F-55B3DB994DEF}C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{7FB972BC-94E6-46D3-81E4-03C1F7B661E0}C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{B4A0709D-AF11-4913-9737-E793D9348015}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6F969E92-59CB-426E-A265-AB8803485D40}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{36A52C31-78B9-4709-A70E-6AD56F035D31}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A26596F1-B54E-471E-8F9E-2D56E2F12120}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{BAFBC15A-1804-4245-A1E5-AEA541D037E9}C:\program files (x86)\cms\cms.exe] => (Allow) C:\program files (x86)\cms\cms.exe () [File not signed]
FirewallRules: [TCP Query User{CDFDD060-3B59-4A3F-9018-27FA7D61B7A9}C:\program files (x86)\cms\cms.exe] => (Allow) C:\program files (x86)\cms\cms.exe () [File not signed]
FirewallRules: [UDP Query User{25FD74A8-9BBE-44D1-938E-498CEEA5D358}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [TCP Query User{A55A3C74-A934-4552-AABA-8D17499425CE}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{CDDF0D0B-A6BF-41D6-9D89-ACC382987CFB}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe => No File
FirewallRules: [{BE0601D2-CAE6-40E3-B1CB-17688AF22EC1}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe => No File
FirewallRules: [TCP Query User{7E1651FE-8DAF-4DFF-B39F-484CBDD8CFEF}C:\gog games\baldurs gate 3\bin\bg3_dx11.exe] => (Block) C:\gog games\baldurs gate 3\bin\bg3_dx11.exe => No File
FirewallRules: [UDP Query User{854C4C67-2134-44ED-BC53-899634AA5F8B}C:\gog games\baldurs gate 3\bin\bg3_dx11.exe] => (Block) C:\gog games\baldurs gate 3\bin\bg3_dx11.exe => No File
FirewallRules: [{4B4A7B3D-A497-4074-BEEA-365461904C77}] => (Allow) C:\Program Files\GIGABYTE\Control Center\GCC.exe => No File
FirewallRules: [{847ED29D-7819-4D48-8BC1-049C72111C26}] => (Allow) C:\Program Files\GIGABYTE\Control Center\GCC.exe => No File
FirewallRules: [{83D246A3-9BEB-4749-8E27-B51D2F09237E}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe => No File
FirewallRules: [{527B5BB0-5598-4ABE-9BB2-77D6BD7EBBA6}] => (Allow) C:\Program Files (x86)\GIGABYTE\AppCenter\gcupd.exe => No File
FirewallRules: [{F224A8AA-AB9B-40A3-A2AB-55DFDA80F396}] => (Allow) C:\Program Files\GIGABYTE\Control Center\GCC.exe => No File
FirewallRules: [TCP Query User{E478C015-E53E-4474-8B84-4C4FA06F9713}C:\program files (x86)\steam\steamapps\common\the finals playtest\discovery\binaries\win64\discovery.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the finals playtest\discovery\binaries\win64\discovery.exe (Embark Studios AB -> Embark Studios AB)
FirewallRules: [UDP Query User{750EF440-44D6-4895-A70B-057A6FE1B825}C:\program files (x86)\steam\steamapps\common\the finals playtest\discovery\binaries\win64\discovery.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the finals playtest\discovery\binaries\win64\discovery.exe (Embark Studios AB -> Embark Studios AB)
FirewallRules: [TCP Query User{4B6D0485-2FA8-4F9E-AE65-C31DD419CBA1}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{8CD52E36-A0F5-4C3C-89DF-DD59BBB5B8A0}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{BF20DF7B-4BB2-4137-BF5C-C6E26429F8DF}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe => No File
FirewallRules: [UDP Query User{9F712133-E83A-46B4-8E08-9E331C3D6D8A}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe => No File
FirewallRules: [{DB7D5D4D-0FD2-442E-9C41-225E699FF1CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HumanitZ\HumanitZ.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{8539F147-2664-4088-A3CC-87B3F485011F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HumanitZ\HumanitZ.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{CA8E4D3C-FB9A-4EA5-AB57-3CAC15108157}C:\xboxgames\palworld\content\pal\binaries\wingdk\palworld-wingdk-shipping.exe] => (Allow) C:\xboxgames\palworld\content\pal\binaries\wingdk\palworld-wingdk-shipping.exe (Access Denied) [File not signed?]
FirewallRules: [UDP Query User{32379426-B5AB-4D48-BD10-49E7AC36DFAB}C:\xboxgames\palworld\content\pal\binaries\wingdk\palworld-wingdk-shipping.exe] => (Allow) C:\xboxgames\palworld\content\pal\binaries\wingdk\palworld-wingdk-shipping.exe (Access Denied) [File not signed?]
FirewallRules: [TCP Query User{4F5A45B0-6575-4322-AD9C-E847E8BE5151}C:\xboxgames\atomic heart\content\atomicheart\binaries\wingdk\atomicheart-wingdk-shipping.exe] => (Allow) C:\xboxgames\atomic heart\content\atomicheart\binaries\wingdk\atomicheart-wingdk-shipping.exe => No File
FirewallRules: [UDP Query User{6510A35D-9724-4AF0-8249-175AD3B06DE3}C:\xboxgames\atomic heart\content\atomicheart\binaries\wingdk\atomicheart-wingdk-shipping.exe] => (Allow) C:\xboxgames\atomic heart\content\atomicheart\binaries\wingdk\atomicheart-wingdk-shipping.exe => No File
FirewallRules: [TCP Query User{869B43CB-FCEA-4320-9E8E-DA574A899879}C:\program files (x86)\steam\steamapps\common\marvelrivals\marvelgame\marvel\binaries\win64\marvel-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\marvelrivals\marvelgame\marvel\binaries\win64\marvel-win64-shipping.exe => No File
FirewallRules: [UDP Query User{EB155C76-3932-48C7-8A1F-207B8BDBCE44}C:\program files (x86)\steam\steamapps\common\marvelrivals\marvelgame\marvel\binaries\win64\marvel-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\marvelrivals\marvelgame\marvel\binaries\win64\marvel-win64-shipping.exe => No File
FirewallRules: [FPS-SpoolWorker-In-TCP] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-V2] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-NoScope] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{FD540D53-16F7-4664-A845-FF03008ACBE3}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25060.205.3499.6849_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A1DD5ABA-A034-49E6-A07B-064A1D24FFBB}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25060.205.3499.6849_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{882E3A62-4F74-44E1-B632-C40E74D4F55A}] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{6F2AF312-5B6B-4E22-A359-43821B5853B8}] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{AB5A7D95-FEE5-4608-8CDD-22D9B5EDC0C7}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SecondScreen_1.12.3.0_x64__wyx1vj98g3asy\SecondScreenDesktop\SecondScreenDesktop.exe (14C847C8-791E-46EB-9C0D-7CADAF31C930 -> )
FirewallRules: [{B85D82D1-026F-4D0E-975F-D061C50A5CB4}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SecondScreen_1.12.3.0_x64__wyx1vj98g3asy\SecondScreenDesktop\SecondScreenDesktop.exe (14C847C8-791E-46EB-9C0D-7CADAF31C930 -> )
FirewallRules: [{A08E3E28-05FF-479F-8E14-1DD6EE076F46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY FFX&FFX-2 HD Remaster\FFX&X-2_LAUNCHER.exe (SQUARE ENIX CO., LTD.) [File not signed]
FirewallRules: [{DA8609BD-6FF0-46E3-BF28-35C482591812}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY FFX&FFX-2 HD Remaster\FFX&X-2_LAUNCHER.exe (SQUARE ENIX CO., LTD.) [File not signed]
FirewallRules: [TCP Query User{C4FF0F96-111F-4759-8AD3-610184A19D51}C:\program files\superdisplay\superdisplay.exe] => (Allow) C:\program files\superdisplay\superdisplay.exe => No File
FirewallRules: [UDP Query User{70F505A5-646C-445C-8C32-80AED642CE1E}C:\program files\superdisplay\superdisplay.exe] => (Allow) C:\program files\superdisplay\superdisplay.exe => No File
FirewallRules: [{1EBF1F74-718D-42D3-BE57-C8C540C6D428}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.264.408.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{297AB355-F6C6-4674-9E03-8590884A2724}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.264.408.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DD1E7BEF-84AD-406B-991E-F1839BA05681}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.264.408.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{50E7B954-7A90-4671-BD2A-D46791891C50}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.264.408.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2BDC61AC-4E4E-4D94-BD04-966BEF627074}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.264.408.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7F068E6A-836A-4ADA-B152-8A0C4F046A3C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.264.408.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{467B381B-3E76-4175-92CA-C4A79A06801D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.264.408.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E553A632-9CAB-48A8-BF23-5BF715F58F63}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.264.408.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EC2C8D7F-7FB9-43E8-B483-9BDFC8FF7330}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.264.408.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C71D4D0B-CA16-4C86-952A-D700C8716467}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.264.408.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1FE327C3-3F98-4AF8-8787-4EFF28F5D802}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\136.0.3240.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AD6E1E43-4602-4B7F-AB7E-D5B0A6BF942B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D90C7594-2EDA-41FD-8709-725894F2BB4A}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{EFC4ED5F-E6F1-4549-B950-D778C1148264}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{1BDE5C1F-1B68-410F-8EE5-EFCA35D70932}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7AED7706-1380-424C-B185-70AD472C9113}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7BC5B6D9-D458-4FA7-B362-E01F359FF7A2}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F84A1607-05BC-4C4E-94E0-DA3F77CCE688}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E9819951-8B1F-47CF-9B40-8913D3163D18}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B2A7AFA2-58E7-471B-9322-000582B56E75}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E2D8FC6E-2832-4AF4-9ABE-2EE67AAB2916}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7EE04C18-2312-4B71-9AFF-55A3F6998DC3}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{34B51682-3B76-43AA-8E48-A6DDD11AA392}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{2A4ECDD3-3114-43A8-A026-54BAE6B5D655}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{53B8CCAB-6061-417E-8842-E12082486042}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{65E976EC-55FB-48DB-B9D0-B63B6D87B063}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{01F963D8-7D25-4C76-B92F-D4F83A44DB13}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{01FF015B-91B0-4505-8500-48F3019C6267}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
==================== Restore Points =========================
30-05-2025 19:05:30 Windows Update
==================== Faulty Device Manager Devices ============
Na
