Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Generic User Avatar

Compromised Tomcat 9, Malewarebytes notification keeps popping up.


  • Please log in to reply
19 replies to this topic

#1 Alban1806

Alban1806

  •  Avatar image
  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 07 April 2024 - 01:11 PM

This has been happening for the past few months but Malewarebytes will notify me that tomcat9 has been blocked and is being compromised. I'll get like 20 pop-ups before it stops and it happens randomly I think. Now I'm ready to fix this issue.
 
I tried copying and pasting the frst and addition files but it says the post is too long. I'll go ahead and attach the .txt in this post.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.04.2024 01
Ran by Alan Bangura (administrator) on DESKTOP-1P5IGHH (Micro-Star International Co., Ltd. MS-7D09) (07-04-2024 13:40:32)
Running from C:\Users\Alan Bangura\Downloads\FRST64.exe
Loaded Profiles: Alan Bangura & SQLTELEMETRY$SQLEXPRESS & MSSQL$SQLEXPRESS
Platform: Microsoft Windows 10 Home Version 22H2 19045.4170 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\UA Connect\UA Connect.exe ->) (Universal Audio, Inc. -> Universal Audio) C:\Program Files\UA Connect\resources\native\windows\x64\uacloudhelper.exe
(C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\110\LocalDB\Binn\sqlservr.exe
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <18>
(explorer.exe ->) (JetBrains s.r.o. -> JetBrains) C:\Users\Alan Bangura\AppData\Local\JetBrains\Toolbox\bin\jetbrains-toolbox.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(explorer.exe ->) (Universal Audio, Inc. -> Universal Audio, Inc.) C:\Program Files\UA Connect\UA Connect.exe <4>
(explorer.exe ->) (Veeam Software Group GmbH -> Veeam Software Group GmbH) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Tray.exe
(Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(services.exe ->) (Focusrite Audio Engineering Ltd.) [File not signed] C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS\MSSQL\Binn\sqlceip.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe
(services.exe ->) (Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(services.exe ->) (Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Oracle America, Inc. -> ) C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe <2>
(services.exe ->) (PACE Anti-Piracy, Inc. -> PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_550508a90a3c9a47\RtkAudUService64.exe <2>
(services.exe ->) (The Apache Software Foundation -> Apache Software Foundation) C:\Program Files\Apache Software Foundation\Tomcat 9.0\bin\Tomcat9.exe
(services.exe ->) (Veeam Software Group GmbH -> Veeam Software Group GmbH) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe
(Slack Technologies, LLC -> Slack Technologies Inc.) C:\Users\Alan Bangura\AppData\Local\slack\app-4.37.98\slack.exe <6>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_7.124.3191.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_7.124.3191.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_550508a90a3c9a47\RtkAudUService64.exe [1618320 2022-11-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Focusrite Notifier] => C:\Program Files\Focusriteusb\Focusrite Notifier.exe [5029376 2020-06-02] (Focusrite Audio Engineering, Ltd.) [File not signed]
HKLM\...\Run: [Veeam.EndPoint.Tray.exe] => C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Tray.exe [854040 2022-02-20] (Veeam Software Group GmbH -> Veeam Software Group GmbH)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [126403424 2022-03-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3424905159-186380387-932770916-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [3306504 2024-03-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3424905159-186380387-932770916-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4384104 2024-03-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3424905159-186380387-932770916-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [152025856 2023-02-25] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-3424905159-186380387-932770916-1001\...\Run: [FACEIT] => C:\Users\Alan Bangura\AppData\Local\FACEIT\update.exe [2277496 2021-11-02] (FACE IT LIMITED -> )
HKU\S-1-5-21-3424905159-186380387-932770916-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32681424 2022-09-09] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3424905159-186380387-932770916-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Alan Bangura\AppData\Local\Microsoft\Teams\Update.exe [2508480 2022-07-15] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3424905159-186380387-932770916-1001\...\Run: [JetBrains Toolbox] => C:\Users\Alan Bangura\AppData\Local\JetBrains\Toolbox\bin\jetbrains-toolbox.exe [936720 2023-04-28] (JetBrains s.r.o. -> JetBrains)
HKU\S-1-5-21-3424905159-186380387-932770916-1001\...\Run: [ApacheTomcatMonitor9.0_Tomcat9] => C:\Program Files\Apache Software Foundation\Tomcat 9.0\bin\Tomcat9w.exe [126600 2022-07-14] (The Apache Software Foundation -> Apache Software Foundation)
HKU\S-1-5-21-3424905159-186380387-932770916-1001\...\Run: [MicrosoftEdgeAutoLaunch_84E6F9F953478AB4917EC3429F6E2442] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [4063784 2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3424905159-186380387-932770916-1001\...\Run: [electron.app.UA Connect] => C:\Program Files\UA Connect\UA Connect.exe [163592464 2024-03-21] (Universal Audio, Inc. -> Universal Audio, Inc.)
HKU\S-1-5-21-3424905159-186380387-932770916-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\Alan Bangura\AppData\Local\slack\slack.exe [310576 2024-03-25] (Slack Technologies, LLC -> Slack Technologies Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\123.0.6312.106\Installer\chrmstp.exe [2024-04-05] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NIHardwareAccessibilityHelper.exe.lnk [2021-10-25]
ShortcutTarget: NIHardwareAccessibilityHelper.exe.lnk -> C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareAccessibilityHelper.exe (Native Instruments GmbH -> Native Instruments GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NTKDaemon.lnk [2021-10-25]
ShortcutTarget: NTKDaemon.lnk -> C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe (Native Instruments GmbH -> Native Instruments GmbH)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {6C260770-C7CB-4549-A89D-09FDF3C0B706} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-25] (Google LLC -> Google LLC)
Task: {BA7EC218-A9C8-487B-AB8A-D56B3E01559A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-25] (Google LLC -> Google LLC)
Task: {DCF3CB55-8935-4F3E-8201-5F431CD45688} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel® Corporation)
Task: {95BB6E29-9793-46B5-9156-E33A016D5F04} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28452976 2024-03-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {5236F36B-B4A7-4A90-B156-28027EA6E76C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28452976 2024-03-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {69F0A469-ECC3-4448-972F-DE2B05C719B5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309696 2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {78ADC681-D002-4EDF-B6FA-BCDFD54354FA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309696 2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {17B23DE2-B7B8-4052-85DB-B217571AF273} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [168488 2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {35EBCD10-E5EB-4472-B00C-1D4AADB939C8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {791B3AE7-527E-4104-91D3-07F6480048F2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E996ED8F-7C25-4A22-AAE7-6B0CC06FF880} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6C9EE23B-9A2B-48E7-B2A3-E3825DCF7859} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5FFAD18C-8EFB-4ED2-B51B-4DA0CBA520B3} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-10-31] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {10DEAD65-0A26-4789-BFAF-4B6BEF0AAAF1} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [718240 2023-10-31] (Mozilla Corporation -> Mozilla Foundation)
Task: {6B2E0F11-C99A-4127-AEE6-A89C32B7BD7A} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206096 2024-03-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {0332D4B5-0C4D-4883-9DA0-190EC709960D} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3424905159-186380387-932770916-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4206096 2024-03-29] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{15c28eeb-3b50-404a-a992-69b50749ceb7}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{19d74956-4de7-4eec-8883-473269650001}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{19d74956-4de7-4eec-8883-473269650001}: [DhcpDomain] hsd1.md.comcast.net.
Tcpip\..\Interfaces\{3750b1bf-ad5f-413a-a92d-0610d12d0c0e}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Profile: C:\Users\Alan Bangura\AppData\Local\Microsoft\Edge\User Data\Default [2024-04-07]
Edge Extension: (Google Docs Offline) - C:\Users\Alan Bangura\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-02]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\Alan Bangura\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2024-04-02]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Alan Bangura\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-03-22]
Edge Extension: (Edge relevant text changes) - C:\Users\Alan Bangura\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-25]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: ossifr81.default
FF ProfilePath: C:\Users\Alan Bangura\AppData\Roaming\Mozilla\Firefox\Profiles\ossifr81.default [2023-04-25]
FF ProfilePath: C:\Users\Alan Bangura\AppData\Roaming\Mozilla\Firefox\Profiles\56vugla3.default-release [2023-04-25]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-09-05]
CHR Profile: C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-04-07]
CHR Notifications: Profile 1 -> hxxps://cymatics.fm; hxxps://www.facebook.com; hxxps://www.faceit.com; hxxps://www.instagram.com; hxxps://www.reddit.com; hxxps://www.youtube.com
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-04-03]
CHR Extension: (Google Docs Offline) - C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-23]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-03-22]
CHR Extension: (Capital One Shopping: Save Now) - C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2024-04-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-25]
CHR Extension: (Distance) - C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\npmffciocclemfekmkbgnccjfabmlnod [2022-03-24]
CHR Profile: C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-03-20]
CHR Notifications: Profile 2 -> hxxps://www.youtube.com
CHR Extension: (Google Docs Offline) - C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-19]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-03-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-27]
CHR Profile: C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\Profile 3 [2024-01-16]
CHR HomePage: Profile 3 -> hxxp://www.pgcc.edu/default.aspx
CHR Extension: (Google Docs Offline) - C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-22]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-01-15]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-01-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-28]
CHR Profile: C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\Profile 4 [2023-07-27]
CHR Extension: (Google Docs Offline) - C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-26]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-07-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-13]
CHR Profile: C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\Profile 5 [2024-04-05]
CHR Extension: (Clever Plus) - C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\dikiaagfielfbnbbopidjjagldjopbpa [2023-08-07] [UpdateUrl:hxxps://crx.clever.com/updates] <==== ATTENTION
CHR Extension: (Learning Ally Audiobooks) - C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\gdicnpbaekbefjanokchpfhnaphfnphl [2023-08-07]
CHR Extension: (Google Docs Offline) - C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-22]
CHR Extension: (Read Aloud: A Text to Speech Voice Reader) - C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\hdhinadidafjejdhmfkjgnolgimiaplp [2024-03-24]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-03-22]
CHR Extension: (Read&Write for Google Chrome™) - C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\inoeonmfapjbbkmdafoankkfajkcphgd [2024-03-31]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2023-08-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-08-07]
CHR Profile: C:\Users\Alan Bangura\AppData\Local\Google\Chrome\User Data\System Profile [2023-08-07]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AzureAttestService; C:\Program Files\Microsoft\AzureAttestService\AzureAttestService.dll [151288 2019-07-24] (Microsoft Windows -> Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14221312 2024-03-29] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [813032 2022-04-25] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-10-01] (Epic Games Inc. -> Epic Games, Inc.)
S3 FACEITService; C:\Program Files\FACEIT AC\faceitservice.exe [21823944 2022-03-30] (FACE IT LIMITED -> )
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncHelper.exe [3511312 2024-03-29] (Microsoft Corporation -> Microsoft Corporation)
R2 Focusrite Control Server; C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe [1554432 2020-06-02] (Focusrite Audio Engineering Ltd.) [File not signed]
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10209536 2023-02-25] (Logitech Inc -> Logitech, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8884840 2024-04-07] (Malwarebytes Inc. -> Malwarebytes)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [626280 2019-09-24] (Microsoft Corporation -> Microsoft Corporation)
R2 MySQL80; C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe [52037776 2022-07-06] (Oracle America, Inc. -> )
R2 NIHostIntegrationAgent; C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe [18849168 2021-07-26] (Native Instruments GmbH -> Native Instruments GmbH)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.050.0310.0001\OneDriveUpdaterService.exe [3851296 2024-03-29] (Microsoft Corporation -> Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [695912 2019-09-24] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS\MSSQL\Binn\sqlceip.exe [290648 2019-09-24] (Microsoft Corporation -> Microsoft Corporation)
R2 Tomcat9; C:\Program Files\Apache Software Foundation\Tomcat 9.0\bin\Tomcat9.exe [142984 2022-07-14] (The Apache Software Foundation -> Apache Software Foundation)
S3 UAHelperService; C:\Program Files\UA Connect\resources\native\windows\x64\uahelperservice.exe [6917392 2024-03-21] (Universal Audio, Inc. -> Universal Audio)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [749136 2022-09-01] (Oracle Corporation -> Oracle Corporation)
R2 VeeamEndpointBackupSvc; C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe [130072 2022-02-20] (Veeam Software Group GmbH -> Veeam Software Group GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe [3191272 2024-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe [133688 2024-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u hxxps://activation.paceap.com/InitiateActivation

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [55608 2023-06-27] (Apple Inc. -> Apple Inc.)
R3 bomebus; C:\Windows\System32\drivers\bomebus.sys [56376 2018-05-16] (Bome Software GmbH & Co.KG -> Bome Software GmbH & Co. KG)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2022-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 FACEIT; C:\Windows\System32\Drivers\FACEIT.sys [15900192 2022-03-30] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 FocusritePCIeSwRoot; C:\Windows\System32\drivers\FocusritePCIeSwRoot.sys [97480 2016-11-16] (Focusrite Audio Engineering Ltd. -> Focusrite Audio Engineering Ltd.)
R3 Focusriteusb; C:\Windows\System32\drivers\Focusriteusb.sys [123456 2020-06-02] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
R3 FocusriteusbSwRoot; C:\Windows\System32\drivers\FocusriteusbSwRoot.sys [92568 2020-06-02] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
R3 Focusriteusb_AUDIO; C:\Windows\system32\drivers\FocusriteusbAudio.sys [87912 2020-06-02] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
R3 Focusriteusb_MIDI; C:\Windows\system32\drivers\FocusriteusbMidi.sys [49808 2020-06-02] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
R3 iaLPSS2_GPIO2_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_cb8dd04b85ac9a58\iaLPSS2_GPIO2_TGL.sys [128680 2020-12-23] (Intel Corporation -> Intel Corporation)
R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [44880 2022-12-09] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [32080 2022-12-09] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [73040 2022-12-09] (Logitech Inc -> Logitech)
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223296 2024-04-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-04-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [201280 2024-04-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [78400 2024-04-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239576 2024-02-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [188784 2024-04-07] (Malwarebytes Inc. -> Malwarebytes)
R3 MpKsl5f384142; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{20FAA82C-751E-4865-ABA2-3F70100DC2C6}\MpKslDrv.sys [301336 2024-04-07] (Microsoft Windows -> Microsoft Corporation)
S3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39240 2014-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
S4 RsFx0600; C:\Windows\System32\DRIVERS\RsFx0600.sys [286976 2019-09-24] (Microsoft Corporation -> Microsoft Corporation)
S3 UsbNcm; C:\Windows\System32\drivers\UsbNcm.sys [114176 2019-12-07] (Microsoft Windows -> )
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [242624 2022-09-01] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [252528 2022-09-01] (Oracle Corporation -> Oracle Corporation)
R1 VBoxSup; C:\Windows\system32\DRIVERS\VBoxSup.sys [1081560 2022-09-01] (Oracle Corporation -> Oracle Corporation)
R0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [20928 2024-03-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [603416 2024-03-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105752 2024-03-14] (Microsoft Windows -> Microsoft Corporation)
S3 ysusb_w10_64; C:\Windows\system32\drivers\ysusb_w10_64.sys [181784 2023-02-10] (Microsoft Windows Hardware Compatibility Publisher -> Yamaha Corporation)
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-04-07 13:40 - 2024-04-07 13:40 - 000031810 _____ C:\Users\Alan Bangura\Downloads\FRST.txt
2024-04-07 13:39 - 2024-04-07 13:40 - 000000000 ____D C:\FRST
2024-04-07 13:39 - 2024-04-07 13:39 - 002393600 _____ (Farbar) C:\Users\Alan Bangura\Downloads\FRST64.exe
2024-04-07 13:00 - 2024-04-07 13:00 - 000188784 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2024-04-06 12:06 - 2024-04-06 12:06 - 000001442 _____ C:\Users\Alan Bangura\Downloads\Numa X Piano GT.mfxp
2024-04-04 18:34 - 2024-04-04 18:34 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-03-30 03:40 - 2024-03-30 03:40 - 000000000 ____D C:\Users\Alan Bangura\AppData\Local\Backup
2024-03-29 08:41 - 2024-03-29 08:43 - 309469184 _____ C:\Users\Alan Bangura\Downloads\Bitwig Studio 5.1.7.msi
2024-03-22 21:27 - 2024-03-22 21:27 - 000000000 ____D C:\Program Files\LHI Audio
2024-03-22 21:26 - 2024-03-22 21:26 - 000842664 _____ C:\Users\Alan Bangura\Downloads\st4b-1.0.3-demo.exe
2024-03-18 21:34 - 2024-03-18 21:34 - 003705718 _____ C:\Users\Alan Bangura\Downloads\sor4-reignited-v141.zip
2024-03-14 19:12 - 2024-03-14 19:12 - 000019530 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-14 19:12 - 2024-03-14 19:12 - 000019530 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-03-14 19:08 - 2024-03-14 19:08 - 000000000 ___HD C:\$WinREAgent
2024-03-10 20:58 - 2024-03-10 20:58 - 309547008 _____ C:\Users\Alan Bangura\Downloads\Bitwig Studio 5.1.5.msi

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-04-07 13:39 - 2021-11-04 05:21 - 000000000 ____D C:\Users\Alan Bangura\AppData\Local\Bitwig Studio
2024-04-07 13:34 - 2021-12-17 11:24 - 000000000 ____D C:\Windows\SystemTemp
2024-04-07 13:34 - 2021-10-25 19:37 - 000000000 ____D C:\Program Files (x86)\Google
2024-04-07 13:33 - 2023-05-10 08:13 - 000000000 ____D C:\Users\Alan Bangura\AppData\Local\Malwarebytes
2024-04-07 13:30 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-04-07 13:22 - 2021-10-27 23:32 - 000000000 ____D C:\Users\Alan Bangura\Documents\XLN Cloud Sync Logs
2024-04-07 13:21 - 2023-11-19 12:42 - 000000000 ____D C:\ProgramData\ValhallaVintageVerb
2024-04-07 13:21 - 2022-05-08 14:39 - 000000000 ____D C:\ProgramData\ValhallaVintageVerbPreferences
2024-04-07 13:15 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\AppReadiness
2024-04-07 13:07 - 2021-10-25 18:16 - 000963954 _____ C:\Windows\system32\PerfStringBackup.INI
2024-04-07 13:07 - 2019-12-07 05:13 - 000000000 ____D C:\Windows\INF
2024-04-07 13:03 - 2022-09-23 13:12 - 000000000 ____D C:\Users\Alan Bangura\AppData\Roaming\Slack
2024-04-07 13:02 - 2021-10-26 10:15 - 000000000 ____D C:\ProgramData\NVIDIA
2024-04-07 13:00 - 2021-10-25 23:37 - 000000000 ____D C:\ProgramData\PACE
2024-04-07 13:00 - 2021-10-25 18:11 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-04-07 13:00 - 2021-10-25 18:10 - 000008192 ___SH C:\DumpStack.log.tmp
2024-04-07 13:00 - 2019-12-07 05:03 - 000786432 _____ C:\Windows\system32\config\BBI
2024-04-07 12:50 - 2021-10-25 18:10 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-04-07 11:53 - 2022-08-03 21:52 - 000004178 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{811C78F4-E413-4088-AB8B-EE80383516A1}
2024-04-06 23:32 - 2021-10-26 15:57 - 000000000 ____D C:\Users\Alan Bangura\AppData\Local\CrashDumps
2024-04-05 23:09 - 2021-10-26 09:42 - 000000000 ____D C:\Program Files (x86)\Steam
2024-04-05 22:12 - 2024-01-19 20:05 - 000000000 ____D C:\Users\Alan Bangura\Documents\Streets of Rage 4 Save and Config
2024-04-05 18:26 - 2021-10-25 19:37 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-04-05 18:26 - 2021-10-25 19:37 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-04-05 18:26 - 2021-10-25 18:11 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-04-05 18:26 - 2021-10-25 18:11 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-04-05 18:26 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-04-04 20:28 - 2021-10-25 19:23 - 000000000 ____D C:\Users\Alan Bangura\AppData\Local\D3DSCache
2024-04-04 18:35 - 2022-07-14 13:27 - 000000000 ____D C:\Program Files\Microsoft Office
2024-04-04 18:35 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-04-04 18:25 - 2021-10-25 18:11 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-04-04 18:25 - 2021-10-25 18:11 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-04-01 21:18 - 2022-04-28 16:29 - 000000000 ____D C:\Users\Alan Bangura\AppData\Roaming\Tokyo Dawn Labs
2024-03-31 21:13 - 2021-10-26 00:42 - 000000000 ____D C:\ProgramData\boost_interprocess
2024-03-30 23:06 - 2021-10-26 12:29 - 000000000 ____D C:\Users\Alan Bangura\Documents\Sample & Drum Packs
2024-03-30 13:03 - 2022-07-16 14:21 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-03-30 13:03 - 2021-10-25 22:32 - 000000000 ____D C:\Users\Alan Bangura\AppData\Roaming\discord
2024-03-30 12:48 - 2021-10-25 22:32 - 000000000 ____D C:\Users\Alan Bangura\AppData\Local\Discord
2024-03-29 19:27 - 2022-07-14 13:29 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-03-29 19:27 - 2022-07-14 13:29 - 000002132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-29 19:27 - 2021-12-13 01:12 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3424905159-186380387-932770916-1001
2024-03-29 08:48 - 2021-10-25 22:32 - 000002262 _____ C:\Users\Alan Bangura\Desktop\Discord.lnk
2024-03-29 08:44 - 2021-11-04 05:19 - 000002557 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitwig Studio.lnk
2024-03-29 08:44 - 2021-11-04 05:19 - 000000000 ____D C:\Program Files\Bitwig Studio
2024-03-28 07:57 - 2021-10-26 00:42 - 000000000 ____D C:\Users\Alan Bangura\Documents\XLN Online Installer
2024-03-28 06:52 - 2021-10-25 19:23 - 000000000 ____D C:\Users\Alan Bangura\AppData\Local\Packages
2024-03-25 17:55 - 2022-09-23 13:13 - 000000000 ____D C:\Users\Alan Bangura\AppData\Local\slack
2024-03-25 17:55 - 2022-09-23 13:12 - 000002236 _____ C:\Users\Alan Bangura\Desktop\Slack.lnk
2024-03-25 17:55 - 2022-09-23 13:12 - 000000000 ____D C:\Users\Alan Bangura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc
2024-03-23 08:20 - 2023-12-08 18:58 - 000000000 ____D C:\Program Files\UA Connect
2024-03-22 21:27 - 2022-06-29 10:21 - 000000000 ____D C:\Program Files\Common Files\CLAP
2024-03-22 21:27 - 2021-10-25 21:18 - 000000000 ____D C:\Program Files\Common Files\VST3
2024-03-17 00:56 - 2021-10-25 18:10 - 000472048 _____ C:\Windows\system32\FNTCACHE.DAT
2024-03-17 00:55 - 2019-12-07 05:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-03-17 00:55 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-03-17 00:55 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SystemResources
2024-03-17 00:55 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\oobe
2024-03-17 00:55 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\Dism
2024-03-17 00:55 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\ShellExperiences
2024-03-17 00:55 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\bcastdvr
2024-03-17 00:55 - 2019-12-07 05:03 - 000000000 ____D C:\Windows\servicing
2024-03-14 19:14 - 2019-12-07 05:03 - 000000000 ____D C:\Windows\CbsTemp
2024-03-14 19:12 - 2021-10-25 18:14 - 003017216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-03-14 17:47 - 2021-10-25 18:11 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-03-13 18:03 - 2023-05-17 19:57 - 000000000 ____D C:\Program Files\RUXIM
2024-03-12 18:19 - 2021-10-25 19:25 - 000000000 ____D C:\Windows\system32\MRT
2024-03-12 18:17 - 2021-10-25 19:25 - 190470136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories ========

2022-06-12 06:54 - 2022-06-12 06:54 - 000001273 _____ () C:\Program Files\Common Files\unins001.dat
2022-06-12 06:54 - 2022-06-12 06:53 - 003038269 _____ ( ) C:\Program Files\Common Files\unins001.exe
2021-10-25 21:27 - 2021-11-09 20:57 - 000007602 _____ () C:\Users\Alan Bangura\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Attached Files


Edited by Oh My!, 07 April 2024 - 04:54 PM.


BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware


  •  Avatar image
  • Malware Response Instructor
  • 57,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:30 PM

Posted 07 April 2024 - 04:50 PM

Greetings and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

===================================================

Ground Rules:
  • First, please keep in mind most of us at BleepingComputer volunteer our assistance for your benefit in your time of need. Please try to match our commitment to you with your patience toward us.
  • It is important to not run any tools or take any steps other than those I will provide for you.
  • Please perform all steps in the order they are listed. If things are not clear or you experience problems be sure to stop and let me know.
  • Please copy and paste all logs into your post unless otherwise requested.
  • When your computer is clean I will let you know, provide instructions to remove tools and reports, and offer you information about how you can combat future infections.
  • If you do not reply to your topic after 5 days I will assume it has been abandoned and I will close it.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and let me know.

Please allow me some time to review what you have posted.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06.04.2024 01
Ran by Alan Bangura (07-04-2024 13:41:55)
Running from C:\Users\Alan Bangura\Downloads
Microsoft Windows 10 Home Version 22H2 19045.4170 (X64) (2021-10-25 22:12:31)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3424905159-186380387-932770916-500 - Administrator - Disabled)
Alan Bangura (S-1-5-21-3424905159-186380387-932770916-1001 - Administrator - Enabled) => C:\Users\Alan Bangura
DefaultAccount (S-1-5-21-3424905159-186380387-932770916-503 - Limited - Disabled)
Guest (S-1-5-21-3424905159-186380387-932770916-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3424905159-186380387-932770916-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K YouTube to MP3 (HKLM\...\{C9883972-0E9A-436B-99FA-85CA0A0D0CE0}) (Version: 5.1.1.0057 - Open Media LLC) Hidden
4K YouTube to MP3 (HKLM-x32\...\{6dce0895-4bff-4bbe-b3e9-c655e18ce57a}) (Version: 4.3.2.4560 - Open Media LLC)
7-Zip 21.05 (x64) (HKLM\...\7-Zip) (Version: 21.05 - Igor Pavlov)
Amethyst 1.0.0 (HKLM-x32\...\Amethyst_is1) (Version: 1.0.0 - Arturia)
Analog Generation 1.0.0 (HKLM-x32\...\Analog Generation_is1) (Version: 1.0.0 - Arturia)
Analog Lab V 5.9.1 (HKLM-x32\...\Analog Lab V_is1) (Version: 5.9.1 - Arturia)
Apache Tomcat 9.0 Tomcat9 (remove only) (HKLM\...\Apache Tomcat 9.0 Tomcat9) (Version: 9.0.65 - The Apache Software Foundation)
Aquarius (HKLM-x32\...\Aquarius) (Version: - )
ARP 2600 V3 3.13.0 (HKLM-x32\...\ARP 2600 V3_is1) (Version: 3.13.0 - Arturia)
Arturia Software Center 2.7.1 (HKLM-x32\...\Arturia Software Center_is1) (Version: 2.7.1 - Arturia)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Augmented STRINGS 1.0.0 (HKLM-x32\...\Augmented STRINGS_is1) (Version: 1.0.0 - Arturia)
Azure Data Studio (HKLM\...\{6591F69E-6588-4980-81ED-C8FCBD7EC4B8}_is1) (Version: 1.36.2 - Microsoft Corporation)
B-3 V2 2.9.1 (HKLM-x32\...\B-3 V2_is1) (Version: 2.9.1 - Arturia)
Bandicam (HKLM-x32\...\Bandicam) (Version: 5.4.3.1923 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bitwig Studio 4.0.8 (HKLM\...\{D26E0FFA-BC05-4663-9AFC-D752554B0CDF}) (Version: 4.0.8.109758 - Bitwig GmbH)
Bitwig Studio 4.1 (HKLM\...\{2F726621-1DBD-467A-AA21-FD6F84A24A87}) (Version: 4.1.0.109768 - Bitwig GmbH)
Bitwig Studio 4.1.1 (HKLM\...\{FBA544EB-AA97-414B-945D-3D300AD7FA13}) (Version: 4.1.1.110286 - Bitwig GmbH)
Bitwig Studio 4.1.2 (HKLM\...\{6472C58D-CF8A-444B-ABD1-DA2EDCE2D709}) (Version: 4.1.2.110873 - Bitwig GmbH)
Bitwig Studio 4.2 (HKLM\...\{B3E2EF94-1998-4334-99E6-2C097DE1C311}) (Version: 4.2.0.114163 - Bitwig GmbH)
Bitwig Studio 4.2.2 (HKLM\...\{366038E1-078C-43F8-80DB-C156E4007E76}) (Version: 4.2.2.114924 - Bitwig GmbH)
Bitwig Studio 4.2.3 (HKLM\...\{94D742EF-CF10-424D-AF76-DA8F973DFC4B}) (Version: 4.2.3.115367 - Bitwig GmbH)
Bitwig Studio 4.2.5 (HKLM\...\{20F662EF-1198-4E32-9D17-EFCF25E754FD}) (Version: 4.2.5.117102 - Bitwig GmbH)
Bitwig Studio 4.3 (HKLM\...\{42BBED67-B117-43AE-8202-1375C34A264F}) (Version: 4.3.0.118508 - Bitwig GmbH)
Bitwig Studio 4.3 Beta 1 (HKLM\...\{DB0F5A3C-622C-4CAF-916F-DAF64D391A6A}) (Version: 4.3.0.116447 - Bitwig GmbH)
Bitwig Studio 4.3 Beta 3 (HKLM\...\{993475FA-4F1D-4561-8ECD-679654D9C5BB}) (Version: 4.3.0.116972 - Bitwig GmbH)
Bitwig Studio 4.3 Beta 4 (HKLM\...\{A06BFE8E-8876-406F-9A25-BDE4CA9F2067}) (Version: 4.3.0.117123 - Bitwig GmbH)
Bitwig Studio 4.3.10 (HKLM\...\{EFB4AD7E-6B9F-487D-B649-7035A4A48EFD}) (Version: 4.3.10.121641 - Bitwig GmbH)
Bitwig Studio 4.3.2 (HKLM\...\{C3121D35-67FE-4D63-BBA5-DED0A740D2EC}) (Version: 4.3.2.119082 - Bitwig GmbH)
Bitwig Studio 4.3.3 (HKLM\...\{F9BEA188-1136-4A14-B171-0FC5E44EFAC8}) (Version: 4.3.3.119554 - Bitwig GmbH)
Bitwig Studio 4.3.4 (HKLM\...\{84E41C89-750F-49D4-9E66-462FB368F392}) (Version: 4.3.4.119686 - Bitwig GmbH)
Bitwig Studio 4.3.5 (HKLM\...\{C1EC9D65-7916-408D-A93F-02E080B6207A}) (Version: 4.3.5.120523 - Bitwig GmbH)
Bitwig Studio 4.3.7 (HKLM\...\{00CB641D-65BD-4FF4-AEA2-1D2C21E23748}) (Version: 4.3.7.120673 - Bitwig GmbH)
Bitwig Studio 4.3.8 (HKLM\...\{51F095CA-F6B2-447F-98CA-1A8CC6DB72A9}) (Version: 4.3.8.120892 - Bitwig GmbH)
Bitwig Studio 4.4 (HKLM\...\{5FA322F0-6FD1-4091-9692-BDBFA969E12A}) (Version: 4.4.0.121701 - Bitwig GmbH)
Bitwig Studio 4.4.1 (HKLM\...\{DE3EB614-549D-4D78-86B5-82F824270745}) (Version: 4.4.1.122056 - Bitwig GmbH)
Bitwig Studio 4.4.2 (HKLM\...\{AC2F08AF-092C-46E2-A3D0-E3BC1E47A616}) (Version: 4.4.2.122294 - Bitwig GmbH)
Bitwig Studio 4.4.3 (HKLM\...\{AB2A7807-1153-4E21-BB2F-B214E534FBF2}) (Version: 4.4.3.122503 - Bitwig GmbH)
Bitwig Studio 4.4.4 (HKLM\...\{0AB468CB-82A2-44B8-8897-1CCD955CD264}) (Version: 4.4.4.123549 - Bitwig GmbH)
Bitwig Studio 4.4.5 (HKLM\...\{B054D23B-B404-400F-A1FC-C15E594A4B46}) (Version: 4.4.5.123806 - Bitwig GmbH)
Bitwig Studio 4.4.6 (HKLM\...\{74C21703-3E53-443B-B7D5-DDCF370FDDC9}) (Version: 4.4.6.124057 - Bitwig GmbH)
Bitwig Studio 4.4.8 (HKLM\...\{3CB262D5-8813-46EC-B61E-BF68AB946D4A}) (Version: 4.4.8.125972 - Bitwig GmbH)
Bitwig Studio 4.4.9 (HKLM\...\{B1BA3936-5C50-4300-A9BF-EA0FA2AD6D51}) (Version: 4.4.9.128972 - Bitwig GmbH)
Bitwig Studio 5.0 (HKLM\...\{98BBA995-4A43-4ADA-85BC-9BDAAFCD715D}) (Version: 5.0.0.132929 - Bitwig GmbH)
Bitwig Studio 5.0 Beta 10 (HKLM\...\{FEFFBF91-192E-4B0F-9B8E-945E57AA9735}) (Version: 5.0.0.132110 - Bitwig GmbH)
Bitwig Studio 5.0 Beta 11 (HKLM\...\{DD77B5C3-8CA8-410C-9647-C2F8B4B9D2B6}) (Version: 5.0.0.132400 - Bitwig GmbH)
Bitwig Studio 5.0 Beta 13 (HKLM\...\{FA3C040E-6591-4031-A3B7-2575046D7576}) (Version: 5.0.0.132776 - Bitwig GmbH)
Bitwig Studio 5.0 Beta 2 (HKLM\...\{AB7CBC6F-20DD-45F4-979F-C8D145297624}) (Version: 5.0.0.129793 - Bitwig GmbH)
Bitwig Studio 5.0 Beta 3 (HKLM\...\{3ED34B0D-082E-4726-A59B-DD595FC71CE0}) (Version: 5.0.0.129903 - Bitwig GmbH)
Bitwig Studio 5.0 Beta 4 (HKLM\...\{786F0EAB-D025-4AD1-ACC4-DF413559980B}) (Version: 5.0.0.130296 - Bitwig GmbH)
Bitwig Studio 5.0 Beta 6 (HKLM\...\{748A0C9F-C950-43EB-85DF-4023A46B4674}) (Version: 5.0.0.130761 - Bitwig GmbH)
Bitwig Studio 5.0 Beta 7 (HKLM\...\{CCC3EC73-7089-487F-86A3-90A801ED8D16}) (Version: 5.0.0.131436 - Bitwig GmbH)
Bitwig Studio 5.0 Beta 8 (HKLM\...\{23897DC9-2C5D-482E-BDE2-9B9B1246CF03}) (Version: 5.0.0.131497 - Bitwig GmbH)
Bitwig Studio 5.0 Beta 9 (HKLM\...\{B560B194-D2AC-4044-B8D9-350E99E9795E}) (Version: 5.0.0.131857 - Bitwig GmbH)
Bitwig Studio 5.0.1 (HKLM\...\{72958573-38BB-4A74-9F68-973E35B178EC}) (Version: 5.0.1.133305 - Bitwig GmbH)
Bitwig Studio 5.0.10 (HKLM\...\{39A12E59-BABF-4E00-AE36-70E444DFDBE7}) (Version: 5.0.10.135706 - Bitwig GmbH)
Bitwig Studio 5.0.11 (HKLM\...\{87510AD5-410F-423E-BF74-E63DD2FC1565}) (Version: 5.0.11.136360 - Bitwig GmbH)
Bitwig Studio 5.0.4 (HKLM\...\{E389E84B-2453-4434-828A-FAEC18E19A4C}) (Version: 5.0.4.133673 - Bitwig GmbH)
Bitwig Studio 5.0.6 (HKLM\...\{6A136D42-F503-497F-AB8A-B2C1B357D02E}) (Version: 5.0.6.134101 - Bitwig GmbH)
Bitwig Studio 5.0.7 (HKLM\...\{9884D290-4404-4810-A22F-E852ECD6BB4B}) (Version: 5.0.7.134794 - Bitwig GmbH)
Bitwig Studio 5.0.8 (HKLM\...\{C8A6C8C5-4234-4A72-8ECE-8CB32068EC39}) (Version: 5.0.8.135449 - Bitwig GmbH)
Bitwig Studio 5.1 (HKLM\...\{5D6DD275-1B7F-4716-959E-C36BC4590016}) (Version: 5.1.0.139097 - Bitwig GmbH)
Bitwig Studio 5.1 Beta 6 (HKLM\...\{4FE48507-0295-4DBE-933C-473FE3306549}) (Version: 5.1.0.138148 - Bitwig GmbH)
Bitwig Studio 5.1 Beta 7 (HKLM\...\{95B0778B-5ED9-401B-A826-27406B37E69B}) (Version: 5.1.0.138566 - Bitwig GmbH)
Bitwig Studio 5.1.1 (HKLM\...\{91C0E6B4-AF7A-40E1-A85E-8B9764C0AA86}) (Version: 5.1.1.139663 - Bitwig GmbH)
Bitwig Studio 5.1.2 (HKLM\...\{6489E216-EDC2-4AA4-9A8A-58F99507711E}) (Version: 5.1.2.139712 - Bitwig GmbH)
Bitwig Studio 5.1.3 (HKLM\...\{09D41C09-A0EB-4B74-AFE2-0F7A22C5D559}) (Version: 5.1.3.141104 - Bitwig GmbH)
Bitwig Studio 5.1.5 (HKLM\...\{5A95BCA6-A30F-4255-B56C-409FD731F8BE}) (Version: 5.1.5.142260 - Bitwig GmbH)
Bitwig Studio 5.1.7 (HKLM\...\{3FA3380C-DCC1-41FA-BE97-A6C2F4F255E9}) (Version: 5.1.7.143754 - Bitwig GmbH)
Bome Virtual MIDI 2.1.0.44 (HKLM\...\BMIDI_Driver1.0.0.11_is1) (Version: - Bome Software GmbH & Co. KG)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Browser for SQL Server 2019 (HKLM-x32\...\{5E366957-8D78-4BB5-A790-96F97A9766BD}) (Version: 15.0.2000.5 - Microsoft Corporation)
Buchla Easel V 1.13.0 (HKLM-x32\...\Buchla Easel V_is1) (Version: 1.13.0 - Arturia)
Bus FORCE 1.3.0 (HKLM-x32\...\Bus FORCE_is1) (Version: 1.3.0 - Arturia)
Cableguys HalfTime 1.1.4 (HKLM\...\HalfTime_is1) (Version: 1.1.4 - Cableguys)
Cableguys ShaperBox 2.4.1 (HKLM\...\ShaperBox 2_is1) (Version: 2.4.1 - Cableguys)
Chorus DIMENSION-D 1.4.0 (HKLM-x32\...\Chorus DIMENSION-D_is1) (Version: 1.4.0 - Arturia)
Chorus JUN-6 1.4.0 (HKLM-x32\...\Chorus JUN-6_is1) (Version: 1.4.0 - Arturia)
Clavinet V 1.13.0 (HKLM-x32\...\Clavinet V_is1) (Version: 1.13.0 - Arturia)
CMI V 1.13.0 (HKLM-x32\...\CMI V_is1) (Version: 1.13.0 - Arturia)
Comp DIODE-609 1.3.0 (HKLM-x32\...\Comp DIODE-609_is1) (Version: 1.3.0 - Arturia)
Comp FET-76 1.6.0 (HKLM-x32\...\Comp FET-76_is1) (Version: 1.6.0 - Arturia)
Comp TUBE-STA 1.6.0 (HKLM-x32\...\Comp TUBE-STA_is1) (Version: 1.6.0 - Arturia)
Comp VCA-65 1.6.0 (HKLM-x32\...\Comp VCA-65_is1) (Version: 1.6.0 - Arturia)
CPUID CPU-Z 1.98 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.98 - CPUID, Inc.)
Crimson 1.0.0 (HKLM-x32\...\Crimson_is1) (Version: 1.0.0 - Arturia)
CS-80 V3 3.10.1 (HKLM-x32\...\CS-80 V3_is1) (Version: 3.10.1 - Arturia)
CUBE Samples version 0.8.4 (HKLM-x32\...\{1EEDD54E-4EDB-410C-A1CA-CFE47614065F}_is1) (Version: 0.8.4 - Lunacy Audio)
CUBE version 1.4.0 (HKLM-x32\...\{635DF184-EE52-4C09-99E6-6739D711F19F}_is1) (Version: 1.4.0 - Lunacy Audio)
CZ V 1.9.0 (HKLM-x32\...\CZ V_is1) (Version: 1.9.0 - Arturia)
Delay BRIGADE 1.6.0 (HKLM-x32\...\Delay BRIGADE_is1) (Version: 1.6.0 - Arturia)
Delay ETERNITY 1.6.0 (HKLM-x32\...\Delay ETERNITY_is1) (Version: 1.6.0 - Arturia)
Delay MEMORY-BRIGADE 1.3.1 (HKLM-x32\...\Delay MEMORY-BRIGADE_is1) (Version: 1.3.1 - Arturia)
Delay TAPE-201 1.6.0 (HKLM-x32\...\Delay TAPE-201_is1) (Version: 1.6.0 - Arturia)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Diablo IV (HKLM-x32\...\Diablo IV) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-3424905159-186380387-932770916-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
Dust Materials 1.0.0 (HKLM-x32\...\Dust Materials_is1) (Version: 1.0.0 - Arturia)
DX7 V 1.13.0 (HKLM-x32\...\DX7 V_is1) (Version: 1.13.0 - Arturia)
Efx FRAGMENTS 1.2.0 (HKLM-x32\...\Efx FRAGMENTS_is1) (Version: 1.2.0 - Arturia)
Electra2 full (HKLM\...\Tone2 Electra2 full_is1) (Version: 2.8.5 - Tone2)
Emulator II V 1.6.0 (HKLM-x32\...\Emulator II V_is1) (Version: 1.6.0 - Arturia)
Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
EQ SITRAL-295 1.3.0 (HKLM-x32\...\EQ SITRAL-295_is1) (Version: 1.3.0 - Arturia)
FabFilter Total Bundle (64-bit) (HKLM-x32\...\FabFilter Total Bundle (64-bit)) (Version: - )
FACEIT Anti-Cheat (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 2.0 - FACEIT LTD)
Farfisa V 1.13.0 (HKLM-x32\...\Farfisa V_is1) (Version: 1.13.0 - Arturia)
Filter M12 1.7.0 (HKLM-x32\...\Filter M12_is1) (Version: 1.7.0 - Arturia)
Filter MINI 1.8.0 (HKLM-x32\...\Filter MINI_is1) (Version: 1.8.0 - Arturia)
Filter MS-20 1.1.0 (HKLM-x32\...\Filter MS-20_is1) (Version: 1.1.0 - Arturia)
Filter SEM 1.7.0 (HKLM-x32\...\Filter SEM_is1) (Version: 1.7.0 - Arturia)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio 21 (HKLM-x32\...\FL Studio 21) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Flanger BL-20 1.4.0 (HKLM-x32\...\Flanger BL-20_is1) (Version: 1.4.0 - Arturia)
Focusrite Control 3.6.0.1822 (HKLM\...\Focusrite Control_is1) (Version: 3.6.0.1822 - Focusrite Audio Engineering Ltd.)
Focusrite Thunderbolt 4.25.0.335 (HKLM\...\Focusrite Thunderbolt_is1) (Version: 4.25.0.335 - Focusrite Audio Engineering Ltd.)
Focusrite Usb 4.65.5.658 (HKLM\...\Focusrite Usb_is1) (Version: 4.65.5.658 - Focusrite Audio Engineering, Ltd.)
Future Electronica 1.0.0 (HKLM-x32\...\Future Electronica_is1) (Version: 1.0.0 - Arturia)
Generation Electric 1.0.2 (HKLM-x32\...\Generation Electric_is1) (Version: 1.0.2 - Arturia)
Git (HKLM\...\Git_is1) (Version: 2.37.2.2 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 123.0.6312.106 - Google LLC)
Hansen's House 1.0.0 (HKLM-x32\...\Hansen's House_is1) (Version: 1.0.0 - Arturia)
House Chords 1.0.0 (HKLM-x32\...\House Chords_is1) (Version: 1.0.0 - Arturia)
Integration Services (HKLM-x32\...\{95D3D528-8F5B-436E-ADC6-6F184B13F1B0}) (Version: 15.0.2000.229 - Microsoft Corporation) Hidden
Ivory Simulacra 1.0.0 (HKLM-x32\...\Ivory Simulacra_is1) (Version: 1.0.0 - Arturia)
Java™ SE Development Kit 17.0.1 (64-bit) (HKLM\...\{7ECAAC8F-FBBE-5265-BBF4-0AC48139FB26}) (Version: 17.0.1.0 - Oracle Corporation)
JetBrains Toolbox (HKU\S-1-5-21-3424905159-186380387-932770916-1001\...\Toolbox) (Version: 1.28.1.15219 - JetBrains)
Jun-6 V 1.6.0 (HKLM-x32\...\Jun-6 V_is1) (Version: 1.6.0 - Arturia)
Jup-8 V3 3.6.2 (HKLM-x32\...\Jup-8 V3_is1) (Version: 3.6.2 - Arturia)
Jup-8 V4 4.6.0 (HKLM-x32\...\Jup-8 V4_is1) (Version: 4.6.0 - Arturia)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lo-fi Nightlight 1.0.0 (HKLM-x32\...\Lo-fi Nightlight_is1) (Version: 1.0.0 - Arturia)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2023.2.376231 - Logitech)
Lyli's Signature 1.0.0 (HKLM-x32\...\Lyli's Signature_is1) (Version: 1.0.0 - Arturia)
Malachite 1.0.0 (HKLM-x32\...\Malachite_is1) (Version: 1.0.0 - Arturia)
Malwarebytes version 4.6.12.323 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.12.323 - Malwarebytes)
Matrix-12 V2 2.13.0 (HKLM-x32\...\Matrix-12 V2_is1) (Version: 2.13.0 - Arturia)
Mellotron V 1.9.1 (HKLM-x32\...\Mellotron V_is1) (Version: 1.9.1 - Arturia)
Microsoft Analysis Services OLE DB Provider (HKLM\...\{7EA2A3F7-A6D2-4D28-B3C4-4C32BCF4A0A2}) (Version: 15.0.2000.832 - Microsoft Corporation) Hidden
Microsoft Analysis Services OLE DB Provider (HKLM-x32\...\{8CE89D3D-FBC5-4964-B6AD-2F52060304C3}) (Version: 15.0.2000.832 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 123.0.2420.81 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 123.0.2420.65 - Microsoft Corporation)
Microsoft Help Viewer 2.3 (HKLM-x32\...\{99DC6816-30B2-32EB-9E12-AF8944C4FA4E}) (Version: 2.3.28307 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.3 (HKLM-x32\...\Microsoft Help Viewer 2.3) (Version: 2.3.28307 - Microsoft Corporation)
Microsoft ODBC Driver 17 for SQL Server (HKLM\...\{853997DA-6FCB-4FB9-918E-E0FF881FAF65}) (Version: 17.7.2.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2021 - en-us (HKLM\...\ProPlus2021Retail - en-us) (Version: 16.0.17425.20146 - Microsoft Corporation)
Microsoft OLE DB Driver for SQL Server (HKLM\...\{9D6F8754-28E9-4940-B319-3FC8588CF18F}) (Version: 18.5.0.0 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.050.0310.0001 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{C18B132E-4032-4425-826A-24B1CA9DFF0C}) (Version: 11.4.7001.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{7ED2561C-FBC2-421E-A2B5-C7BEFD623145}) (Version: 11.4.7001.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{9D93D367-A2CC-4378-BD63-79EF3FE76C78}) (Version: 11.4.7462.6 - Microsoft Corporation)
Microsoft SQL Server 2019 (64-bit) (HKLM\...\Microsoft SQL Server SQL2019) (Version: - Microsoft Corporation)
Microsoft SQL Server 2019 RsFx Driver (HKLM\...\{5825CDC4-4E99-4CF9-91FE-DB60C0E2F5EA}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
Microsoft SQL Server 2019 Setup (English) (HKLM\...\{17DCED0E-5B27-453A-B2B4-E487B869B28A}) (Version: 15.0.4013.40 - Microsoft Corporation)
Microsoft SQL Server 2019 T-SQL Language Service (HKLM\...\{31D27B41-A051-49D8-907A-62E0F4A2188C}) (Version: 15.0.2000.5 - Microsoft Corporation)
Microsoft SQL Server Management Studio - 18.12 (HKLM-x32\...\{3a2f0f67-2761-49c7-8eed-06f87895ecb8}) (Version: 15.0.18420.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{CECCBAE9-1880-411E-9D28-8E562F6DAAE2}) (Version: 11.4.7001.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3424905159-186380387-932770916-1001\...\Teams) (Version: 1.5.00.17656 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (HKLM\...\{3C28BFD4-90C7-3138-87EF-418DC16E9598}) (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (HKLM\...\{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}) (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (HKLM-x32\...\{6C772996-BFF3-3C8C-860B-B3D48FF05D65}) (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (HKLM-x32\...\{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}) (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40649 (HKLM\...\{20C1086D-C843-36B1-B678-990089D1BD44}) (Version: 12.0.40649 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40649 (HKLM\...\{ABB19BB4-838D-3082-BDA4-87C6604181A2}) (Version: 12.0.40649 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30139 (HKLM-x32\...\{2c673fb6-3e65-4751-965d-33d30b68a8a6}) (Version: 14.29.30139.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33130 (HKLM-x32\...\{2cfeba4a-21f8-4ea7-9927-c5a5c6f13cc9}) (Version: 14.38.33130.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30139 (HKLM\...\{7F4A9F52-173F-4B0D-B1EA-269C32EDA827}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30139 (HKLM\...\{A6D3F752-BF11-4D7C-B19C-F6F96A35CF50}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33130 (HKLM-x32\...\{5CA9AE7B-2EFC-4F02-81CD-32ABE173C755}) (Version: 14.38.33130 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33130 (HKLM-x32\...\{DF1B52DF-C88E-4DDF-956B-6E7A03327F46}) (Version: 14.38.33130 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-3424905159-186380387-932770916-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.72.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{f895a2f1-ae3f-4212-8af1-7fa1f8c212ea}) (Version: 15.0.27520 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 x64 Hosting Support (HKLM\...\{AFFB9D8D-6E58-38A0-A7DD-F6F1F4247B36}) (Version: 15.0.27520 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2017 x86 Hosting Support (HKLM-x32\...\{9594C97E-6A20-38B3-81BB-2778C4780BE1}) (Version: 15.0.27520 - Microsoft Corporation) Hidden
Microsoft VSS Writer for SQL Server 2019 (HKLM\...\{2C33F4D4-E9A5-4DE1-ACFE-3A13464E6703}) (Version: 15.0.2000.5 - Microsoft Corporation)
Mini V3 3.12.0 (HKLM-x32\...\Mini V3_is1) (Version: 3.12.0 - Arturia)
Modular V3 3.13.0 (HKLM-x32\...\Modular V3_is1) (Version: 3.13.0 - Arturia)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 112.0.2 (x64 en-US)) (Version: 112.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 112.0.1 - Mozilla)
Mp3tag v3.10 (HKLM-x32\...\Mp3tag) (Version: 3.10 - Florian Heidenreich)
MySQL Connector C++ 8.0 (HKLM\...\{A1E54191-B9E1-4158-A542-C4EE988A042F}) (Version: 8.0.30 - Oracle Corporation)
MySQL Connector J (HKLM-x32\...\{0F825DE0-A8C8-493A-ACFA-FF56140D123B}) (Version: 8.0.30 - Oracle Corporation)
MySQL Connector Net 8.0.30 (HKLM-x32\...\{E9DD761C-E0F3-487F-8481-D58674F95E7B}) (Version: 8.0.30 - Oracle)
MySQL Connector/ODBC 8.0 (HKLM\...\{A02F5AD7-2744-4911-A102-8253913CA59C}) (Version: 8.0.30 - Oracle Corporation)
MySQL Documents 8.0 (HKLM-x32\...\{E5987E40-E1B8-4860-A0D6-517C41129617}) (Version: 8.0.30 - Oracle Corporation)
MySQL Examples and Samples 8.0 (HKLM-x32\...\{C2996514-26FA-4006-8F43-91DE5C2320DC}) (Version: 8.0.30 - Oracle Corporation)
MySQL Installer - Community (HKLM-x32\...\{62C1F379-51CB-4A25-9796-B50ADC6D8AA2}) (Version: 1.6.3.0 - Oracle Corporation)
MySQL Router 8.0 (HKLM\...\{95CA9F7A-6FB8-4E19-95B1-1B2E0867B920}) (Version: 8.0.30 - Oracle Corporation)
MySQL Server 8.0 (HKLM\...\{3E2EADC8-1B8E-4960-B21E-875199962D53}) (Version: 8.0.30 - Oracle Corporation)
MySQL Shell 8.0.30 (HKLM\...\{581BE6D8-FA87-4C3F-BAD8-253680BEE5A3}) (Version: 8.0.30 - Oracle and/or its affiliates)
MySQL Workbench 8.0 CE (HKLM\...\{C13035ED-BCB9-4824-A12D-269A7F8D182D}) (Version: 8.0.30 - Oracle Corporation)
Native Instruments Abbey Road 60s Drummer (HKLM-x32\...\Native Instruments Abbey Road 60s Drummer) (Version: 1.3.0.12 - Native Instruments)
Native Instruments Absynth 5 (HKLM-x32\...\Native Instruments Absynth 5) (Version: 5.3.4.59 - Native Instruments)
Native Instruments Analog Dreams (HKLM-x32\...\Native Instruments Analog Dreams) (Version: 2.0.3.4 - Native Instruments)
Native Instruments Battery 4 (HKLM-x32\...\Native Instruments Battery 4) (Version: 4.1.6.27 - Native Instruments)
Native Instruments Battery 4 Factory Library (HKLM-x32\...\Native Instruments Battery 4 Factory Library) (Version: 1.1.0.2 - Native Instruments)
Native Instruments Bite (HKLM-x32\...\Native Instruments Bite) (Version: 1.1.0.47 - Native Instruments)
Native Instruments Blocks Base (HKLM-x32\...\Native Instruments Blocks Base) (Version: 1.0.1.1 - Native Instruments)
Native Instruments Blocks Primes (HKLM-x32\...\Native Instruments Blocks Primes) (Version: 1.0.1.1 - Native Instruments)
Native Instruments Butch Vig Drums (HKLM-x32\...\Native Instruments Butch Vig Drums) (Version: 1.0.0.16 - Native Instruments)
Native Instruments Choral (HKLM-x32\...\Native Instruments Choral) (Version: 1.1.0.47 - Native Instruments)
Native Instruments Cloud Supply (HKLM-x32\...\Native Instruments Cloud Supply) (Version: 1.0.0.11 - Native Instruments)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 2.6.2.547 - Native Instruments)
Native Instruments Creator Tools (HKLM-x32\...\Native Instruments Creator Tools) (Version: 1.4.0.0 - Native Instruments)
Native Instruments Cuba (HKLM-x32\...\Native Instruments Cuba) (Version: 1.2.2.2 - Native Instruments)
Native Instruments Decoded Forms (HKLM-x32\...\Native Instruments Decoded Forms) (Version: 2.0.2.2 - Native Instruments)
Native Instruments Deep Matter (HKLM-x32\...\Native Instruments Deep Matter) (Version: 2.0.1.1 - Native Instruments)
Native Instruments Dirt (HKLM-x32\...\Native Instruments Dirt) (Version: 1.1.0.47 - Native Instruments)
Native Instruments Drive (HKLM-x32\...\Native Instruments Drive) (Version: 1.0.0.2 - Native Instruments)
Native Instruments Driver (HKLM-x32\...\Native Instruments Driver) (Version: 1.4.1.81 - Native Instruments)
Native Instruments Drum Lab (HKLM-x32\...\Native Instruments Drum Lab) (Version: 1.2.0.6 - Native Instruments)
Native Instruments Elastic Thump (HKLM-x32\...\Native Instruments Elastic Thump) (Version: 2.0.1.4 - Native Instruments)
Native Instruments Ethereal Earth (HKLM-x32\...\Native Instruments Ethereal Earth) (Version: 2.0.2.1 - Native Instruments)
Native Instruments Expansions Selection (HKLM-x32\...\Native Instruments Expansions Selection) (Version: 1.0.0.10 - Native Instruments)
Native Instruments Flair (HKLM-x32\...\Native Instruments Flair) (Version: 1.1.0.47 - Native Instruments)
Native Instruments FM8 (HKLM-x32\...\Native Instruments FM8) (Version: 1.4.4.104 - Native Instruments)
Native Instruments Form (HKLM-x32\...\Native Instruments Form) (Version: 1.1.2.1 - Native Instruments)
Native Instruments Freak (HKLM-x32\...\Native Instruments Freak) (Version: 1.1.0.47 - Native Instruments)
Native Instruments Guitar Rig 6 (HKLM-x32\...\Native Instruments Guitar Rig 6) (Version: 6.2.2.137 - Native Instruments)
Native Instruments Halcyon Sky (HKLM-x32\...\Native Instruments Halcyon Sky) (Version: 2.0.2.1 - Native Instruments)
Native Instruments Hybrid Keys (HKLM-x32\...\Native Instruments Hybrid Keys) (Version: 2.0.2.1 - Native Instruments)
Native Instruments India (HKLM-x32\...\Native Instruments India) (Version: 1.1.1.1 - Native Instruments)
Native Instruments Indigo Dust (HKLM-x32\...\Native Instruments Indigo Dust) (Version: 1.0.1.2 - Native Instruments)
Native Instruments Kinetic Metal (HKLM-x32\...\Native Instruments Kinetic Metal) (Version: 1.1.0.2 - Native Instruments)
Native Instruments Kinetic Treats (HKLM-x32\...\Native Instruments Kinetic Treats) (Version: 1.1.0.4 - Native Instruments)
Native Instruments Komplete Kontrol (HKLM-x32\...\Native Instruments Komplete Kontrol) (Version: 2.6.5.212 - Native Instruments)
Native Instruments Komplete Kontrol Driver (HKLM-x32\...\Native Instruments Komplete Kontrol Driver) (Version: - Native Instruments)
Native Instruments Komplete Kontrol MK2 Driver (HKLM-x32\...\Native Instruments Komplete Kontrol MK2 Driver) (Version: - Native Instruments)
Native Instruments Kontakt (HKLM-x32\...\Native Instruments Kontakt) (Version: 6.6.1.139 - Native Instruments)
Native Instruments Kontakt Factory Library (HKLM-x32\...\Native Instruments Kontakt Factory Library) (Version: 1.3.0.2 - Native Instruments)
Native Instruments Kontakt Factory Selection (HKLM-x32\...\Native Instruments Kontakt Factory Selection) (Version: 1.4.2.1 - Native Instruments)
Native Instruments Kontour (HKLM-x32\...\Native Instruments Kontour) (Version: 1.0.0.6 - Native Instruments)
Native Instruments Lilac Glare (HKLM-x32\...\Native Instruments Lilac Glare) (Version: 2.0.2.1 - Native Instruments)
Native Instruments Lo-Fi Glow (HKLM-x32\...\Native Instruments Lo-Fi Glow) (Version: 1.1.1.1 - Native Instruments)
Native Instruments London Grit (HKLM-x32\...\Native Instruments London Grit) (Version: 2.0.1.1 - Native Instruments)
Native Instruments Lucid Mission (HKLM-x32\...\Native Instruments Lucid Mission) (Version: 2.0.1.1 - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: 1.5.8.64 - Native Instruments)
Native Instruments Massive X (HKLM-x32\...\Native Instruments Massive X) (Version: 1.3.4.229 - Native Instruments)
Native Instruments Massive X Factory Library (HKLM-x32\...\Native Instruments Massive X Factory Library) (Version: 1.3.0.1 - Native Instruments)
Native Instruments Mechanix (HKLM-x32\...\Native Instruments Mechanix) (Version: 1.0.0.2 - Native Instruments)
Native Instruments Middle East (HKLM-x32\...\Native Instruments Middle East) (Version: 1.1.1.1 - Native Instruments)
Native Instruments Mikro Prism (HKLM-x32\...\Native Instruments Mikro Prism) (Version: 1.1.0.14 - Native Instruments)
Native Instruments Modular Icons (HKLM-x32\...\Native Instruments Modular Icons) (Version: 1.2.2.3 - Native Instruments)
Native Instruments Moebius (HKLM-x32\...\Native Instruments Moebius) (Version: 1.0.0.6 - Native Instruments)
Native Instruments Molten Veil (HKLM-x32\...\Native Instruments Molten Veil) (Version: 2.0.2.1 - Native Instruments)
Native Instruments Monark (HKLM-x32\...\Native Instruments Monark) (Version: 1.3.1.4 - Native Instruments)
Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.13.5.139 - Native Instruments)
Native Instruments Native Browser Preview Library (HKLM-x32\...\Native Instruments Native Browser Preview Library) (Version: 1.1.0.28 - Native Instruments)
Native Instruments Neon Drive (HKLM-x32\...\Native Instruments Neon Drive) (Version: 2.0.1.4 - Native Instruments)
Native Instruments NIHostIntegrationAgent (HKLM-x32\...\Native Instruments NIHostIntegrationAgent) (Version: 1.10.5.223 - Native Instruments)
Native Instruments Nocturnal State (HKLM-x32\...\Native Instruments Nocturnal State) (Version: 1.0.1.1 - Native Instruments)
Native Instruments Noire (HKLM-x32\...\Native Instruments Noire) (Version: 1.1.0.1 - Native Instruments)
Native Instruments NTKDaemon (HKLM-x32\...\Native Instruments NTKDaemon) (Version: 1.1.0.96 - Native Instruments)
Native Instruments Phasis (HKLM-x32\...\Native Instruments Phasis) (Version: 1.1.0.47 - Native Instruments)
Native Instruments Play Series Selection (HKLM-x32\...\Native Instruments Play Series Selection) (Version: 1.0.0.6 - Native Instruments)
Native Instruments Polyplex (HKLM-x32\...\Native Instruments Polyplex) (Version: 1.1.0.3 - Native Instruments)
Native Instruments Pulse (HKLM-x32\...\Native Instruments Pulse) (Version: 1.0.0.4 - Native Instruments)
Native Instruments Queensbridge Story (HKLM-x32\...\Native Instruments Queensbridge Story) (Version: 2.0.1.1 - Native Instruments)
Native Instruments Raum (HKLM-x32\...\Native Instruments Raum) (Version: 1.0.0.29 - Native Instruments)
Native Instruments Reaktor 6 (HKLM-x32\...\Native Instruments Reaktor 6) (Version: 6.4.3.0 - Native Instruments)
Native Instruments Reaktor Factory Library (HKLM-x32\...\Native Instruments Reaktor Factory Library) (Version: 1.1.0.3 - Native Instruments)
Native Instruments Reaktor Factory Selection R2 (HKLM-x32\...\Native Instruments Reaktor Factory Selection R2) (Version: 1.0.1.7 - Native Instruments)
Native Instruments Reaktor Prism (HKLM-x32\...\Native Instruments Reaktor Prism) (Version: 1.6.1.1 - Native Instruments)
Native Instruments Reaktor Spark R2 (HKLM-x32\...\Native Instruments Reaktor Spark R2) (Version: 1.4.0.4 - Native Instruments)
Native Instruments Replika (HKLM-x32\...\Native Instruments Replika) (Version: 1.4.0.47 - Native Instruments)
Native Instruments Retro Machines Mk2 (HKLM-x32\...\Native Instruments Retro Machines Mk2) (Version: 1.3.0.6 - Native Instruments)
Native Instruments Rising Crescent (HKLM-x32\...\Native Instruments Rising Crescent) (Version: 2.0.1.1 - Native Instruments)
Native Instruments Rounds (HKLM-x32\...\Native Instruments Rounds) (Version: 1.2.0.3 - Native Instruments)
Native Instruments Rush (HKLM-x32\...\Native Instruments Rush) (Version: 1.0.0.7 - Native Instruments)
Native Instruments Scarbee A-200 (HKLM-x32\...\Native Instruments Scarbee A-200) (Version: 1.3.1.1 - Native Instruments)
Native Instruments Scarbee Clavinet Pianet (HKLM-x32\...\Native Instruments Scarbee Clavinet Pianet) (Version: 1.3.1.1 - Native Instruments)
Native Instruments Scarbee Mark I (HKLM-x32\...\Native Instruments Scarbee Mark I) (Version: 1.4.0.15 - Native Instruments)
Native Instruments Scarbee MM-Bass (HKLM-x32\...\Native Instruments Scarbee MM-Bass) (Version: 1.2.0.2 - Native Instruments)
Native Instruments Scarbee Rickenbacker Bass (HKLM-x32\...\Native Instruments Scarbee Rickenbacker Bass) (Version: 1.2.0.3 - Native Instruments)
Native Instruments Scene (HKLM-x32\...\Native Instruments Scene) (Version: 1.0.0.6 - Native Instruments)
Native Instruments Session Guitarist - Electric Sunburst (HKLM-x32\...\Native Instruments Session Guitarist - Electric Sunburst) (Version: 1.0.0.11 - Native Instruments)
Native Instruments Session Guitarist - Strummed Acoustic (HKLM-x32\...\Native Instruments Session Guitarist - Strummed Acoustic) (Version: 1.1.0.1 - Native Instruments)
Native Instruments Session Horns (HKLM-x32\...\Native Instruments Session Horns) (Version: 1.1.0.3 - Native Instruments)
Native Instruments Session Strings 2 (HKLM-x32\...\Native Instruments Session Strings 2) (Version: 1.0.0.8 - Native Instruments)
Native Instruments Solar Breeze (HKLM-x32\...\Native Instruments Solar Breeze) (Version: 2.0.3.1 - Native Instruments)
Native Instruments Solid Bus Comp FX (HKLM-x32\...\Native Instruments Solid Bus Comp FX) (Version: 1.4.1.81 - Native Instruments)
Native Instruments Solid Dynamics FX (HKLM-x32\...\Native Instruments Solid Dynamics FX) (Version: 1.4.1.81 - Native Instruments)
Native Instruments Solid EQ FX (HKLM-x32\...\Native Instruments Solid EQ FX) (Version: 1.4.1.81 - Native Instruments)
Native Instruments Spectrum Quake (HKLM-x32\...\Native Instruments Spectrum Quake) (Version: 1.0.1.1 - Native Instruments)
Native Instruments Stadium Flex (HKLM-x32\...\Native Instruments Stadium Flex) (Version: 1.0.1.1 - Native Instruments)
Native Instruments Studio Drummer (HKLM-x32\...\Native Instruments Studio Drummer) (Version: 1.4.0.13 - Native Instruments)
Native Instruments Super 8 R2 (HKLM-x32\...\Native Instruments Super 8 R2) (Version: 2.1.0.26 - Native Instruments)
Native Instruments Supercharger (HKLM-x32\...\Native Instruments Supercharger) (Version: 1.4.1.81 - Native Instruments)
Native Instruments The Finger R2 (HKLM-x32\...\Native Instruments The Finger R2) (Version: 1.3.0.3 - Native Instruments)
Native Instruments The Gentleman (HKLM-x32\...\Native Instruments The Gentleman) (Version: 1.2.0.3 - Native Instruments)
Native Instruments The Giant (HKLM-x32\...\Native Instruments The Giant) (Version: 1.2.0.8 - Native Instruments)
Native Instruments The Grandeur (HKLM-x32\...\Native Instruments The Grandeur) (Version: 1.2.0.3 - Native Instruments)
Native Instruments The Maverick (HKLM-x32\...\Native Instruments The Maverick) (Version: 1.2.0.5 - Native Instruments)
Native Instruments Traktor DJ 2 (HKLM-x32\...\Native Instruments Traktor DJ 2) (Version: 2.4.1.478 - Native Instruments)
Native Instruments Transient Master FX (HKLM-x32\...\Native Instruments Transient Master FX) (Version: 1.4.1.81 - Native Instruments)
Native Instruments TRK-01 (HKLM-x32\...\Native Instruments TRK-01) (Version: 1.1.1.1 - Native Instruments)
Native Instruments TRK-01 Bass (HKLM-x32\...\Native Instruments TRK-01 Bass) (Version: 1.0.0.10 - Native Instruments)
Native Instruments TRK-01 Kick (HKLM-x32\...\Native Instruments TRK-01 Kick) (Version: 1.0.1.8 - Native Instruments)
Native Instruments True School (HKLM-x32\...\Native Instruments True School) (Version: 2.0.0.6 - Native Instruments)
Native Instruments Una Corda (HKLM-x32\...\Native Instruments Una Corda) (Version: 1.0.0.13 - Native Instruments)
Native Instruments Velvet Lounge (HKLM-x32\...\Native Instruments Velvet Lounge) (Version: 2.0.1.2 - Native Instruments)
Native Instruments Vintage Organs (HKLM-x32\...\Native Instruments Vintage Organs) (Version: 1.5.0.3 - Native Instruments)
Native Instruments West Africa (HKLM-x32\...\Native Instruments West Africa) (Version: 1.4.1.1 - Native Instruments)
Neo Soul Hip Hop 1.0.0 (HKLM-x32\...\Neo Soul Hip Hop_is1) (Version: 1.0.0 - Arturia)
Neutone version 1.4.0 (HKLM\...\{B4654C58-9B7F-409C-A3A3-BD08BF3D8128}_is1) (Version: 1.4.0 - Qosmo, Inc.)
Numa Manager version 1.5.1 (HKLM-x32\...\{1336A222-0780-40FB-9DCB-20F3B197E981}_is1) (Version: 1.5.1 - Studiologic)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA Graphics Driver 536.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 536.23 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 344.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 344.16 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OB-Xa V 1.3.1 (HKLM-x32\...\OB-Xa V_is1) (Version: 1.3.1 - Arturia)
Ochre 1.0.0 (HKLM-x32\...\Ochre_is1) (Version: 1.0.0 - Arturia)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17425.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17425.20146 - Microsoft Corporation) Hidden
Onyx 1.0.0 (HKLM-x32\...\Onyx_is1) (Version: 1.0.0 - Arturia)
OpenOffice 4.1.11 (HKLM-x32\...\{D2F124FC-5373-4A4A-8C5A-61052A3D34CA}) (Version: 4.111.9808 - Apache Software Foundation)
OP-Xa V 1.7.0 (HKLM-x32\...\OP-Xa V_is1) (Version: 1.7.0 - Arturia)
Oracle VM VirtualBox 6.1.38 (HKLM\...\{62A30AE6-8596-4C61-A5B8-1C3B45C25C72}) (Version: 6.1.38 - Oracle Corporation)
OverdriveEssentials version 0.01 (HKLM\...\OverdriveEssentials_is1) (Version: 0.01 - )
Oxygen Pro 49 Preset Editor 1.0.4 (HKLM\...\{7694335C-B58F-47BC-8A07-DE594E7584FC}) (Version: 1.0.4 - M-Audio)
PACE License Support Win64 (HKLM\...\{AE2ED717-4D24-4abd-8357-B7E86353113E}) (Version: 5.9.0.4455 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{AE2ED717-4D24-4abd-8357-B7E86353113E}) (Version: 5.9.0.4455 - PACE Anti-Piracy, Inc.)
PatchWorks 1.0.2 (HKLM-x32\...\PatchWorks_is1) (Version: 1.0.2 - Arturia)
Phaser BI-TRON 1.4.0 (HKLM-x32\...\Phaser BI-TRON_is1) (Version: 1.4.0 - Arturia)
Piano V2 2.9.1 (HKLM-x32\...\Piano V2_is1) (Version: 2.9.1 - Arturia)
Pigments 5.0.1 (HKLM-x32\...\Pigments_is1) (Version: 5.0.1 - Arturia)
Plugin Alliance Installation Manager 1.2.4 (HKLM-x32\...\Plugin Alliance Installation Manager_is1) (Version: - Plugin Alliance)
Pre 1973 1.7.0 (HKLM-x32\...\Pre 1973_is1) (Version: 1.7.0 - Arturia)
Pre TridA 1.7.0 (HKLM-x32\...\Pre TridA_is1) (Version: 1.7.0 - Arturia)
Pre V76 1.7.0 (HKLM-x32\...\Pre V76_is1) (Version: 1.7.0 - Arturia)
Prophet V3 3.9.1 (HKLM-x32\...\Prophet V3_is1) (Version: 3.9.1 - Arturia)
psqlODBC_x64 (HKLM\...\{3F8971B0-061B-4163-9D3F-EA94151B2FCF}) (Version: 09.06.0504 - PostgreSQL Global Development Group)
Radio version 1.2.0 (HKLM\...\Radio_is1) (Version: 1.2.0 - )
Raw Machinery 1.0.0 (HKLM-x32\...\Raw Machinery_is1) (Version: 1.0.0 - Arturia)
Rev INTENSITY 1.5.0 (HKLM-x32\...\Rev INTENSITY_is1) (Version: 1.5.0 - Arturia)
Rev PLATE-140 1.6.0 (HKLM-x32\...\Rev PLATE-140_is1) (Version: 1.6.0 - Arturia)
Rev SPRING-636 1.5.0 (HKLM-x32\...\Rev SPRING-636_is1) (Version: 1.5.0 - Arturia)
Revo Uninstaller 2.3.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.5 - VS Revo Group, Ltd.)
SEM V2 2.13.0 (HKLM-x32\...\SEM V2_is1) (Version: 2.13.0 - Arturia)
Slack (HKU\S-1-5-21-3424905159-186380387-932770916-1001\...\slack) (Version: 4.37.98 - Slack Technologies Inc.)
Slammer version 1.1.1 (HKLM\...\Slammer_is1) (Version: 1.1.1 - Klevgrand)
Slippi Launcher 2.1.15 (HKLM\...\6864321e-78ac-5f45-8ec5-314da299c62f) (Version: 2.1.15 - Jas Laferriere)
Solina V2 2.13.0 (HKLM-x32\...\Solina V2_is1) (Version: 2.13.0 - Arturia)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SQ80 V 1.6.0 (HKLM-x32\...\SQ80 V_is1) (Version: 1.6.0 - Arturia)
SQL Server 2019 Batch Parser (HKLM\...\{D459615B-83B0-408F-8F39-6CC07C277BA6}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Common Files (HKLM\...\{0FB552DD-543E-48E7-A6F4-2F8D82723C6A}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Common Files (HKLM\...\{5E4344C9-8B97-4ED9-8760-57E221C240F4}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Connection Info (HKLM\...\{99B940D5-1A49-4B6C-B26C-6A88B2C061CA}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Connection Info (HKLM\...\{FD730873-33D1-4D1F-9AE0-E259586F8827}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Database Engine Services (HKLM\...\{A60B3D8E-5311-4BF1-AF7A-D1AC15F9152E}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Database Engine Services (HKLM\...\{E3E84B2C-FCF6-469F-9FE7-5E8934DB69AD}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Database Engine Shared (HKLM\...\{619F0B6C-C802-422A-B4E5-294E61F68473}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Database Engine Shared (HKLM\...\{DE5B7937-D5B5-4157-BC30-BB87F021CFF0}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 DMF (HKLM\...\{814D5077-C93F-42E2-B875-717007C186B9}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 DMF (HKLM\...\{FC8DC283-4A85-467F-8D0E-2FE4606DCCA1}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Shared Management Objects (HKLM\...\{6213D6CB-D258-47A3-B1A0-EE1E5C080DCF}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Shared Management Objects (HKLM\...\{A8581199-F913-443B-B058-8E8BF317E71C}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Shared Management Objects Extensions (HKLM\...\{8DDAEBCA-4267-4E16-9FE0-D87F21D36891}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Shared Management Objects Extensions (HKLM\...\{C7E6D4B7-CB10-4239-BA04-D9339B39D0BD}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 SQL Diagnostics (HKLM\...\{28ED6838-D8E5-454C-A813-12C5EB447CAB}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 XEvent (HKLM\...\{2129312E-5204-4F3A-9039-B6D34DBB00FB}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 XEvent (HKLM\...\{228C3DC2-695E-4FC7-87E4-6A9CE905DA9B}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server Management Studio (HKLM\...\{971E22C3-0BB5-417A-B5FA-3E88F9F02486}) (Version: 15.0.18420.0 - Microsoft Corporation) Hidden
SQL Server Management Studio (HKLM\...\{990516C3-F457-4E25-B13E-B1599B2F4156}) (Version: 15.0.18420.0 - Microsoft Corporation) Hidden
SQL Server Management Studio for Analysis Services (HKLM\...\{2194F4D7-83BE-4E18-8F23-10C3ADE81A50}) (Version: 15.0.18420.0 - Microsoft Corporation) Hidden
SQL Server Management Studio for Reporting Services (HKLM\...\{42BF63FC-EE90-4352-BF16-5FB549B3C5C0}) (Version: 15.0.18420.0 - Microsoft Corporation) Hidden
SSMS Post Install Tasks (HKLM\...\{AF52B951-949F-4A72-950C-E1531E79B29E}) (Version: 15.0.18420.0 - Microsoft Corporation) Hidden
ST4b (HKLM\...\ST4b) (Version: 1.0.3 - LHI Audio)
Stage-73 V2 2.6.1 (HKLM-x32\...\Stage-73 V2_is1) (Version: 2.6.1 - Arturia)
Starcadian's Signature 1.0.0 (HKLM-x32\...\Starcadian's Signature_is1) (Version: 1.0.0 - Arturia)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synclavier V 2.13.0 (HKLM-x32\...\Synclavier V_is1) (Version: 2.13.0 - Arturia)
Synthi V 1.9.0 (HKLM-x32\...\Synthi V_is1) (Version: 1.9.0 - Arturia)
Synthopedia 2.2.0 (HKLM-x32\...\Synthopedia_is1) (Version: 2.2.0 - Arturia)
Tableau 2022.2 (20222.22.0624.2136) (HKLM\...\{AAE49A80-D0DD-466F-B7AC-EE3ABA41926C}) (Version: 22.2.1196 - Tableau Software) Hidden
Tableau 2022.2 (20222.22.0624.2136) (HKLM-x32\...\{60ff6466-9545-48e9-bfc0-9105603bd356}) (Version: 22.2.1196 - Tableau Software)
Tableau Prep Builder 2022.2 (22.21.22.0628.1001) (HKLM\...\{F6FDC92D-0D46-4B7E-8272-A9A44EDDA346}) (Version: 22.2.20915 - Tableau Software, LLC) Hidden
Tableau Prep Builder 2022.2 (22.21.22.0628.1001) (HKLM-x32\...\{040a3485-8aef-45ac-87b8-721bfcdaae26}) (Version: 22.2.20915 - Tableau Software, LLC)
Tape MELLO-FI 1.3.0 (HKLM-x32\...\Tape MELLO-FI_is1) (Version: 1.3.0 - Arturia)
TDR Limiter 6 GE Demo version 1.6.4 (HKLM\...\TDR Limiter 6 GE Demo_is1) (Version: 1.6.4 - Tokyo Dawn Labs)
TDR Limiter 6 GE version 1.2.5 (HKLM\...\TDR Limiter 6 GE_is1) (Version: 1.2.5 - Tokyo Dawn Labs)
TDR Molot GE Demo version 1.0.5 (HKLM\...\TDR Molot GE Demo_is1) (Version: 1.0.5 - Tokyo Dawn Labs)
TDR Nova version 2.1.6 (HKLM\...\TDR Nova_is1) (Version: 2.1.6 - Tokyo Dawn Labs)
TDR VOS SlickEQ GE Demo version 1.3.7 (HKLM\...\TDR VOS SlickEQ GE Demo_is1) (Version: 1.3.7 - Tokyo Dawn Labs)
TDR VOS SlickEQ GE version 1.3.7 (HKLM\...\TDR VOS SlickEQ GE_is1) (Version: 1.3.7 - Tokyo Dawn Labs)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.5.0.8070 - Microsoft Corporation)
ToneBoosters Software (HKLM\...\{D73B708F-0D29-4E54-A1C8-F67E52F363E5}) (Version: 1.6.2.0 - ToneBoosters)
Transcribe! 9.10.0 (HKLM\...\com.seventhstring.Transcribe_is1) (Version: 9.10 - Seventh String Software)
TreeSize Free V4.5.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.5.2 - JAM Software)
UA Connect 1.4.12 (HKLM\...\c62e79ae-2230-5c20-9316-dd448d27d77b) (Version: 1.4.12 - Universal Audio, Inc.)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation)
ValhallaDelay version 2.5.2 (HKLM-x32\...\{6DD384B7-7D92-4DBE-A0DE-5B0022532744}_is1) (Version: 2.5.2 - Valhalla DSP, LLC)
ValhallaDelayDemo version 2.1.0 (HKLM-x32\...\{304F49B4-AE16-41FA-883B-AF8E9E8F1E63}_is1) (Version: 2.1.0 - Valhalla DSP, LLC)
ValhallaRoomDemo version 1.6.2v2 (HKLM-x32\...\{BF75751B-9A1B-44B7-8EB5-B518FC96EB51}_is1) (Version: 1.6.2v2 - Valhalla DSP, LLC)
ValhallaSupermassive version 2.0.0 (HKLM-x32\...\{15CEF066-B68E-45E2-83D0-5704E2978D36}_is1) (Version: 2.0.0 - Valhalla DSP, LLC)
ValhallaVintageVerb version 3.0.0 (HKLM-x32\...\{808DFAA1-CF25-46F2-B675-FAB98BB6A9E3}_is1) (Version: 3.0.0 - Valhalla DSP, LLC)
ValhallaVintageVerbDemo version 2.2.0 (HKLM-x32\...\{1253FB7B-4A87-4C90-B290-9B0C7E82D257}_is1) (Version: 2.2.0 - Valhalla DSP, LLC)
Valves version 1.0.3 (HKLM\...\Valves_is1) (Version: 1.0.3 - AudioThing)
Vangelis Tribute II 1.0.1 (HKLM-x32\...\Vangelis Tribute II_is1) (Version: 1.0.1 - Arturia)
Veeam Agent for Microsoft Windows (HKLM\...\{7796202E-3320-41ED-9A2C-14613AEED3D3}) (Version: 5.0.3.4708 - Veeam Software Group GmbH)
VHS Dreams 1.0.0 (HKLM-x32\...\VHS Dreams_is1) (Version: 1.0.0 - Arturia)
Virtual Guitarist AMBER version 1.0.1 (HKLM-x32\...\9EA83D4D-671C-4BEC-9A66-D3CBC0796FCA_is1) (Version: 1.0.1 - NXTGN Music Technology GmbH)
Visual Studio 2017 Isolated Shell for SSMS (HKLM-x32\...\{AAA9F15B-AF45-4562-9991-93A848D3A902}) (Version: 15.0.28307.421 - Microsoft Corporation) Hidden
Vital version 1.0.7 (HKLM\...\Vital_is1) (Version: 1.0.7 - )
Vocoder V 1.6.0 (HKLM-x32\...\Vocoder V_is1) (Version: 1.6.0 - Arturia)
VOX Continental V2 2.13.0 (HKLM-x32\...\VOX Continental V2_is1) (Version: 2.13.0 - Arturia)
White Dragon 1.0.0 (HKLM-x32\...\White Dragon_is1) (Version: 1.0.0 - Arturia)
Windows PC Health Check (HKLM\...\{77ACFAF7-E5AB-410D-BA14-BBEBF89422DE}) (Version: 3.1.2109.29003 - Microsoft Corporation)
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Wires version 1.2 (HKLM\...\Wires_is1) (Version: 1.2 - AudioThing)
Wurli V2 2.12.0 (HKLM-x32\...\Wurli V2_is1) (Version: 2.12.0 - Arturia)
XLN Online Installer (HKLM\...\XLN Online Installer Inno Setup ID_is1) (Version: - )
Xpand!2 (HKLM-x32\...\{7f3e0a50-0ff6-467b-a12a-80e91a434116}) (Version: 2.2.7.21000 - AIR Music Tech GmbH)
Xpand!2 Content (HKLM-x32\...\{AEB475C2-FC86-4082-87D7-352DFB075B2C}) (Version: 2.2.7.21000 - AIR Music Tech GmbH) Hidden
Xpand!2 Factory Content (HKLM-x32\...\{C1149DC5-F5B9-455E-B6B3-B81D9B5C80A0}) (Version: 2.2.7.19000 - AIR Music Tech GmbH) Hidden
Xpand!2 VST64 (HKLM\...\{B9802F00-659C-4C21-9BA5-0958BAC6EFEF}) (Version: 2.2.7.21000 - AIR Music Tech GmbH) Hidden
Yamaha Steinberg USB Driver (HKLM\...\{E2AEA639-BFC7-4A6E-A9F3-EB11B60C2F33}) (Version: 2.1.5 - Yamaha Corporation) Hidden
Yamaha Steinberg USB Driver (HKLM-x32\...\yUninstall_{2938B185-2D57-47B0-9FC8-C90A67BA9277}) (Version: 2.1.5 - Yamaha Corporation)

Packages:
=========

Microsoft Copilot -> C:\Program Files\WindowsApps\Microsoft.Windows.Ai.Copilot.Provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-03-28] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.965.0_x64__56jybvy8sckqj [2024-03-26] (NVIDIA Corp.)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-01-25] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-27] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.38.277.0_x64__dt26b99r8h8gj [2023-03-29] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-02-08] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.234.783.0_x64__zpdnekdrzrea0 [2024-04-02] (Spotify AB) [Startup Task]
Web Search from Microsoft Bing -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-02-15] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3424905159-186380387-932770916-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Alan Bangura\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22147.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3424905159-186380387-932770916-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Alan Bangura\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-11-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2021-09-25] (Florian Heidenreich) [File not signed]
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2021-09-25] (Florian Heidenreich) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-02] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-11-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2021-09-25] (Florian Heidenreich) [File not signed]
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.050.0310.0001\FileSyncShell64.dll [2024-03-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_7e5fd280efaa5445\nvshext.dll [2023-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-11-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-02] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Alan Bangura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Tomcat 9.0 Tomcat9\Tomcat Host Manager.lnk -> hxxp://127.0.0.1:8080/host-manager/htm
Shortcut: C:\Users\Alan Bangura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Tomcat 9.0 Tomcat9\Tomcat Manager.lnk -> hxxp://127.0.0.1:8080/manager/htm
Shortcut: C:\Users\Alan Bangura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Tomcat 9.0 Tomcat9\Welcome.lnk -> hxxp://127.0.0.1:8080
ShortcutWithArgument: C:\Users\Alan Bangura\Desktop\Zoom.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 5" --app-id=beniodlbadggmlibnmpachefnnfnblpj
ShortcutWithArgument: C:\Users\Alan Bangura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Learning Ally Audiobooks.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 5" --app-id=gdicnpbaekbefjanokchpfhnaphfnphl
ShortcutWithArgument: C:\Users\Alan Bangura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Zoom.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 5" --app-id=beniodlbadggmlibnmpachefnnfnblpj
ShortcutWithArgument: C:\Users\Alan Bangura\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\FunkBoy - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\Alan Bangura\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Alan Bangura\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Alan (Alan Business) - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"

==================== Loaded Modules (Whitelisted) =============

2024-04-07 13:03 - 2024-04-07 13:03 - 000208384 _____ () [File not signed] \\?\C:\Users\Alan Bangura\AppData\Local\Temp\32c3e555-9e67-44e4-8bb1-d1fadb08d283.tmp.node
2024-04-07 13:03 - 2024-04-07 13:03 - 000249856 _____ () [File not signed] \\?\C:\Users\Alan Bangura\AppData\Local\Temp\f39c8680-8378-4d0b-93ed-2e682cff9154.tmp.node
2024-04-07 13:03 - 2024-04-07 13:03 - 000172032 _____ () [File not signed] \\?\C:\Users\Alan Bangura\AppData\Local\Temp\f65444c1-36bf-483b-b98e-307643106291.tmp.node
2021-12-08 12:30 - 2021-12-08 12:30 - 000269312 _____ () [File not signed] C:\Program Files\MySQL\MySQL Server 8.0\bin\jemalloc.dll
2022-07-06 22:31 - 2022-07-06 22:31 - 000045568 _____ () [File not signed] C:\Program Files\MySQL\MySQL Server 8.0\lib\plugin\component_reference_cache.dll
2023-12-08 18:58 - 2024-03-21 16:00 - 002880000 _____ () [File not signed] C:\Program Files\UA Connect\ffmpeg.dll
2023-12-08 18:58 - 2024-03-21 16:00 - 000480256 _____ () [File not signed] C:\Program Files\UA Connect\libegl.dll
2023-12-08 18:58 - 2024-03-21 16:00 - 007418880 _____ () [File not signed] C:\Program Files\UA Connect\libglesv2.dll
2023-12-08 18:58 - 2024-03-21 16:00 - 005251072 _____ () [File not signed] C:\Program Files\UA Connect\vk_swiftshader.dll
2022-07-14 08:28 - 2022-07-14 08:28 - 002613248 _____ (Apache Software Foundation) [File not signed] C:\Program Files\Apache Software Foundation\Tomcat 9.0\bin\tcnative-1.dll
2022-07-06 22:27 - 2022-07-06 22:27 - 000598528 _____ (Google Inc.) [File not signed] C:\Program Files\MySQL\MySQL Server 8.0\bin\libprotobuf-lite.dll
2021-11-24 21:47 - 2021-11-20 06:00 - 000093696 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2022-07-14 13:28 - 2022-07-14 13:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2022-07-14 13:28 - 2022-07-14 13:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2022-05-04 12:17 - 2022-05-04 12:17 - 003441664 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\MySQL\MySQL Server 8.0\bin\libcrypto-1_1-x64.dll
2022-05-04 12:17 - 2022-05-04 12:17 - 000688128 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\MySQL\MySQL Server 8.0\bin\libssl-1_1-x64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Alan Bangura\Downloads\535.98-desktop-win10-win11-64bit-international-dch-whql.exe:MBAM.Zone.Identifier [178]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\Battle.net-Setup.exe:MBAM.Zone.Identifier [117]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\Bitwig Studio 5.0 Beta 10.msi:MBAM.Zone.Identifier [155]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\Bitwig Studio 5.0 Beta 11.msi:MBAM.Zone.Identifier [118]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\Bitwig Studio 5.0 Beta 13.msi:MBAM.Zone.Identifier [155]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\Bitwig Studio 5.0 Beta 2.msi:MBAM.Zone.Identifier [153]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\Bitwig Studio 5.0 Beta 3.msi:MBAM.Zone.Identifier [116]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\Bitwig Studio 5.0 Beta 4.msi:MBAM.Zone.Identifier [153]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\Bitwig Studio 5.0 Beta 6.msi:MBAM.Zone.Identifier [116]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\Bitwig Studio 5.0 Beta 7.msi:MBAM.Zone.Identifier [116]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\Bitwig Studio 5.0 Beta 8.msi:MBAM.Zone.Identifier [153]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\Bitwig Studio 5.0 Beta 9.msi:MBAM.Zone.Identifier [153]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\Bitwig Studio 5.0.1.msi:MBAM.Zone.Identifier [98]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\Bitwig Studio 5.0.10.msi:MBAM.Zone.Identifier [100]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\Bitwig Studio 5.0.11.msi:MBAM.Zone.Identifier [100]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\Bitwig Studio 5.0.4.msi:MBAM.Zone.Identifier [98]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\Bitwig Studio 5.0.6.msi:MBAM.Zone.Identifier [98]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\Bitwig Studio 5.0.7.msi:MBAM.Zone.Identifier [98]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\Bitwig Studio 5.0.8.msi:MBAM.Zone.Identifier [98]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\Bitwig Studio 5.0.msi:MBAM.Zone.Identifier [131]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\Bitwig Studio 5.1 Beta 6.msi:MBAM.Zone.Identifier [116]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\Bitwig Studio 5.1 Beta 7.msi:MBAM.Zone.Identifier [153]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\Bitwig Studio 5.1.1.msi:MBAM.Zone.Identifier [98]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\Bitwig Studio 5.1.2.msi:MBAM.Zone.Identifier [98]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\Bitwig Studio 5.1.3.msi:MBAM.Zone.Identifier [98]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\Bitwig Studio 5.1.5.msi:MBAM.Zone.Identifier [98]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\Bitwig Studio 5.1.7.msi:MBAM.Zone.Identifier [98]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\Bitwig Studio 5.1.msi:MBAM.Zone.Identifier [94]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\Firefox Installer.exe:MBAM.Zone.Identifier [240]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\FRST64.exe:MBAM.Zone.Identifier [240]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\Kilohearts Installer.exe:MBAM.Zone.Identifier [121]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\Morph EQ.exe:MBAM.Zone.Identifier [197]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\neutone-windows-1.4.0.exe:MBAM.Zone.Identifier [135]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\NumaManager_1.5.1_setup.exe:MBAM.Zone.Identifier [205]
AlternateDataStreams: C:\Users\Alan Bangura\Downloads\st4b-1.0.3-demo.exe:MBAM.Zone.Identifier [126]
AlternateDataStreams: C:\ProgramData\PACE:142F12EBBC1C30E4 [217]
AlternateDataStreams: C:\ProgramData\PACE:EE02DF598D5BA0E5 [217]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [10206]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 05:14 - 2019-12-07 05:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Java\jdk-17.0.1\bin;C:\Program Files (x86)\Microsoft SQL Server\150\DTS\Binn\;C:\Program Files\Azure Data Studio\bin;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\150\Tools\Binn\;C:\Program Files\Microsoft SQL Server\150\Tools\Binn\;C:\Program Files\Microsoft SQL Server\150\DTS\Binn\;C:\Program Files\Git\cmd;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;c:\Program Files (x86)\Acustica\Framework\;c:\Program Files\Acustica\Framework\
HKU\S-1-5-21-3424905159-186380387-932770916-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Alan Bangura\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Wi-Fi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Wi-Fi 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "NIHardwareAccessibilityHelper.exe.lnk"
HKLM\...\StartupApproved\StartupFolder: => "NTKDaemon.lnk"
HKLM\...\StartupApproved\Run: => "Focusrite Notifier"
HKU\S-1-5-21-3424905159-186380387-932770916-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3424905159-186380387-932770916-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3424905159-186380387-932770916-1001\...\StartupApproved\Run: => "LGHUB"
HKU\S-1-5-21-3424905159-186380387-932770916-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3424905159-186380387-932770916-1001\...\StartupApproved\Run: => "FACEIT"
HKU\S-1-5-21-3424905159-186380387-932770916-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3424905159-186380387-932770916-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{ABC02F50-2855-419B-9315-B803DEF276D8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7302257D-54B7-40CF-A085-7220C4F11AAF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3AE83DFA-5B38-4E87-B1C6-8513108D074C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9A3ED6DB-FACB-4B79-8C79-4404F99621D7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{6C205A6C-898E-4FFF-9AED-7A106E68FABC}C:\program files\native instruments\creator tools\creator tools.exe] => (Block) C:\program files\native instruments\creator tools\creator tools.exe (Native Instruments GmbH -> Native Instruments GmbH)
FirewallRules: [UDP Query User{9193D20E-783D-48BA-B4AC-345B3A1B3C22}C:\program files\native instruments\creator tools\creator tools.exe] => (Block) C:\program files\native instruments\creator tools\creator tools.exe (Native Instruments GmbH -> Native Instruments GmbH)
FirewallRules: [{4AA93830-C948-4F49-8862-2C0182A28F75}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{16ACBABD-B5D4-420F-A720-0B26BF8B7BA2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{441FDA66-5151-4F59-98EC-329A4CDF6D89}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4A05EFFA-94ED-42A5-80DD-9A37A74FAE65}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{6362B5F5-F181-4BE2-BF1D-FD89461C6A98}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{2C0AF372-29B0-45CE-A590-9F5F1EF2965C}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{F836EE05-2447-4589-B5D6-72B54AF471D6}] => (Block) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{5077703C-F33D-4CEF-BF6D-F8A0F2BB781F}] => (Block) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{36570B01-FAC6-43F6-8974-48E503E9DD9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{4BB64019-9653-4A0A-987B-0E1BDF70B22C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{92547168-71C0-4D3E-BC09-33528595F533}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RESIDENT EVIL 2 BIOHAZARD RE2\re2.exe (CAPCOM CO., LTD. -> )
FirewallRules: [{E2E59E82-A62C-4A23-B02C-FAAA08CB354D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RESIDENT EVIL 2 BIOHAZARD RE2\re2.exe (CAPCOM CO., LTD. -> )
FirewallRules: [TCP Query User{F8A8A6BB-CA8C-42D6-8761-598D29BA3503}C:\users\alan bangura\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\alan bangura\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [UDP Query User{E4C9D8CC-7F2E-45E3-8770-A5DE93F325EB}C:\users\alan bangura\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\alan bangura\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [{70334A95-F4E6-46E6-B906-2C4F595D9FBE}] => (Block) C:\users\alan bangura\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [{62AB4991-2408-4E1B-BEF3-6B7995D8038C}] => (Block) C:\users\alan bangura\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [TCP Query User{3F962B55-EAA3-40EE-BFF8-6B69066A48F9}C:\program files\jetbrains\intellij idea community edition 2021.2.3\bin\idea64.exe] => (Block) C:\program files\jetbrains\intellij idea community edition 2021.2.3\bin\idea64.exe => No File
FirewallRules: [UDP Query User{28E594CE-CCA5-4171-8C64-75EE17B8B5B5}C:\program files\jetbrains\intellij idea community edition 2021.2.3\bin\idea64.exe] => (Block) C:\program files\jetbrains\intellij idea community edition 2021.2.3\bin\idea64.exe => No File
FirewallRules: [TCP Query User{01466E29-9EE3-4777-887D-457350ADB126}C:\program files\bitwig studio\4.0.7\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.0.7\bitwig studio.exe => No File
FirewallRules: [UDP Query User{375EC8F4-3534-485B-AD50-C22812410C6C}C:\program files\bitwig studio\4.0.7\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.0.7\bitwig studio.exe => No File
FirewallRules: [{1764229C-21BE-4713-8007-BEF991D61CD8}] => (Block) C:\program files\bitwig studio\4.0.7\bitwig studio.exe => No File
FirewallRules: [{03C47A3C-92D5-448E-977B-8B722D1C39AD}] => (Block) C:\program files\bitwig studio\4.0.7\bitwig studio.exe => No File
FirewallRules: [{CC4DD001-A38A-4C98-A053-E057B6FD803B}] => (Allow) C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe (Focusrite Audio Engineering Ltd.) [File not signed]
FirewallRules: [TCP Query User{DAEB0179-80C8-4B60-9965-7FC23A8C4827}C:\program files\bitwig studio\4.1\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.1\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{882AAE69-CD13-4C05-B300-139237902794}C:\program files\bitwig studio\4.1\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.1\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{5AE7C603-E2F8-4127-9033-C7179D00A248}] => (Block) C:\program files\bitwig studio\4.1\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{458CE775-CFD3-4785-B405-E17922FECF5C}] => (Block) C:\program files\bitwig studio\4.1\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{6EF07D76-838F-40D0-8007-E790F42BF13C}C:\program files\bitwig studio\4.1.1\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.1.1\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{05F36AD8-9700-4E9A-B8E4-0E9801D9F770}C:\program files\bitwig studio\4.1.1\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.1.1\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{2D522478-B40F-4F4C-ACD8-8C004782ABA7}C:\program files\bitwig studio\4.1.2\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.1.2\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{075C475E-E5D6-48FD-95E8-CC5482DB1D66}C:\program files\bitwig studio\4.1.2\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.1.2\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{984F21FA-967F-4418-9E57-13FC8624E2DB}C:\program files\bitwig studio\4.2\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.2\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{E67E2C87-166F-469F-BABB-14B7D74338B7}C:\program files\bitwig studio\4.2\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.2\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{3EC293BD-E7F3-405C-A705-1429D4AF1DD5}C:\program files\bitwig studio\4.2\bitwig studio.exe] => (Block) C:\program files\bitwig studio\4.2\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{CC29B9CD-7A75-4C10-8E81-A98383A4792B}C:\program files\bitwig studio\4.2\bitwig studio.exe] => (Block) C:\program files\bitwig studio\4.2\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{93AA1352-6C23-4AA4-8623-349953CD2FF6}C:\program files\bitwig studio\4.2.2\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.2.2\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{4F3C1A08-F864-4B18-B4B9-50F541823086}C:\program files\bitwig studio\4.2.2\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.2.2\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{C54F16A8-F940-4C0B-AAD7-4738925BF453}] => (Block) C:\program files\bitwig studio\4.2.2\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{DA3B7E52-7128-4C79-856A-781901DC1008}] => (Block) C:\program files\bitwig studio\4.2.2\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{C48F8E19-1576-40BD-93FC-D7659ED1009C}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{6CC5F2CB-9B4F-46DE-B7A2-300543DC9417}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{33E00A37-1E34-43F5-9203-5F8913EE0222}] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{144EC869-0EE3-4A89-834D-E025999A1B26}] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{6AB1F7F0-572E-4D7A-946C-BBA6CE1B35FD}C:\users\alan bangura\appdata\roaming\slippi launcher\netplay\slippi dolphin.exe] => (Block) C:\users\alan bangura\appdata\roaming\slippi launcher\netplay\slippi dolphin.exe (Slippi LLC -> )
FirewallRules: [UDP Query User{DD88477B-2251-4463-B8D2-85672C738D13}C:\users\alan bangura\appdata\roaming\slippi launcher\netplay\slippi dolphin.exe] => (Block) C:\users\alan bangura\appdata\roaming\slippi launcher\netplay\slippi dolphin.exe (Slippi LLC -> )
FirewallRules: [TCP Query User{A43BEDE3-7305-42D2-A650-A6BE72BC7EBE}C:\program files\bitwig studio\4.2.3\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.2.3\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{6061EAF8-996B-41B4-8B8C-F7A992C0ADE6}C:\program files\bitwig studio\4.2.3\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.2.3\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{A78793B2-E305-4417-88F5-A5726A51C354}] => (Block) C:\program files\bitwig studio\4.2.3\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{37AD4216-B674-418C-BD87-91E64645407D}] => (Block) C:\program files\bitwig studio\4.2.3\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{B809E4C6-7093-4B8B-A7EB-1E35896F4CB8}C:\program files\bitwig studio\4.3 beta 1\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.3 beta 1\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{C973EFB0-8C01-409B-8B37-CDF42D8645AE}C:\program files\bitwig studio\4.3 beta 1\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.3 beta 1\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{545B6FE5-259D-4622-A4C3-D5E4D16306E0}] => (Block) C:\program files\bitwig studio\4.3 beta 1\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{B751724A-1755-4860-BDCB-565EDD04EC50}] => (Block) C:\program files\bitwig studio\4.3 beta 1\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{5A6E1002-3EBD-4746-A3E6-23A6DF6DC2B7}C:\program files\bitwig studio\4.3 beta 3\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.3 beta 3\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{1345823B-9B11-46CC-9C92-3529F85A3554}C:\program files\bitwig studio\4.3 beta 3\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.3 beta 3\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{1807BBA6-6DDC-4C10-9EB3-8E3E21F613CD}] => (Block) C:\program files\bitwig studio\4.3 beta 3\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{A034D40B-3DB9-4B05-91BB-F5AE5032E0DE}] => (Block) C:\program files\bitwig studio\4.3 beta 3\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{7C8EA0B5-0080-490A-A84D-437A4BC98093}C:\program files\bitwig studio\4.3 beta 4\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.3 beta 4\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{8F4EB608-C9C1-463A-9AD1-50FB6964A29B}C:\program files\bitwig studio\4.3 beta 4\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.3 beta 4\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{78AFBC2A-D4BA-4D29-9810-66D7A8EFAE29}] => (Block) C:\program files\bitwig studio\4.3 beta 4\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{3DD78F82-95C2-4036-843A-6253ECB4560D}] => (Block) C:\program files\bitwig studio\4.3 beta 4\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{A2019182-493C-4659-A14C-DF4CC65FC335}C:\program files\bitwig studio\4.2.5\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.2.5\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{DD1EC353-24A3-423A-BB41-441032BAC067}C:\program files\bitwig studio\4.2.5\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.2.5\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{FB499379-CF2D-4A20-90E4-66CFBDFD36C3}] => (Block) C:\program files\bitwig studio\4.2.5\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{00A0F5F1-5EB2-465B-B632-9A4480FED949}] => (Block) C:\program files\bitwig studio\4.2.5\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{A78C7366-B1A8-4F48-BDCB-ADE573C66BB8}C:\program files\bitwig studio\4.3\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.3\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{68763F78-5EB7-4F52-88BC-4792DC597EF0}C:\program files\bitwig studio\4.3\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.3\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{BA8657AE-602D-4120-9E0E-34C05A8EB0BD}] => (Block) C:\program files\bitwig studio\4.3\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{C6B2138B-6933-49A5-A204-E98C786C84E3}] => (Block) C:\program files\bitwig studio\4.3\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{61548A72-0B10-4E6C-A1C1-0101CC4E2B03}C:\program files\bitwig studio\4.3.2\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.3.2\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{3BDD7757-F389-471F-B5D5-4C0226445E6C}C:\program files\bitwig studio\4.3.2\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.3.2\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{69AAB8B5-F854-4B1A-BDE3-F93695510F12}] => (Block) C:\program files\bitwig studio\4.3.2\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{AF85CD22-5534-443A-9762-4642F260E94A}] => (Block) C:\program files\bitwig studio\4.3.2\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{7AF951E2-B555-4A93-8E25-7ACCA2B20342}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3345.118\bin\idea64.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3345.118\bin\idea64.exe => No File
FirewallRules: [UDP Query User{E9E8F44F-175C-4694-9C60-3B1D82AAEDD0}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3345.118\bin\idea64.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3345.118\bin\idea64.exe => No File
FirewallRules: [{42AC05CA-9338-439C-A41D-22F4AE4F58B9}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3345.118\bin\idea64.exe => No File
FirewallRules: [{793F8A7A-3A7B-4B52-860B-1F11E3684E58}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3345.118\bin\idea64.exe => No File
FirewallRules: [TCP Query User{B3439A51-A872-43DD-B302-39D375BB149F}C:\program files\bitwig studio\4.3.3\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.3.3\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{1A8418E2-CAC1-464B-A72C-E2424D226C77}C:\program files\bitwig studio\4.3.3\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.3.3\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{27603D4D-561A-4829-8CFE-5349B81A3530}] => (Block) C:\program files\bitwig studio\4.3.3\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{85ECCA58-1C6B-42D0-9A15-1AA756C24F3B}] => (Block) C:\program files\bitwig studio\4.3.3\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{0CB91F58-C304-4629-9BE2-3CDB9FE8B333}C:\program files\bitwig studio\4.3.4\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.3.4\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{DF825DB8-06BA-40FA-9BC7-E78769F62C10}C:\program files\bitwig studio\4.3.4\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.3.4\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{7A875887-7D74-4747-B11F-D158E82CDC67}] => (Block) C:\program files\bitwig studio\4.3.4\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{0D19164A-99C3-4BB0-B198-620DA4A1991F}] => (Block) C:\program files\bitwig studio\4.3.4\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{86B2BAA9-B709-4609-9B06-AA81FEBFCDD2}C:\program files\java\jdk-17.0.1\bin\java.exe] => (Allow) C:\program files\java\jdk-17.0.1\bin\java.exe
FirewallRules: [UDP Query User{8CA9E588-DFDE-461F-A2F0-48F3307F1367}C:\program files\java\jdk-17.0.1\bin\java.exe] => (Allow) C:\program files\java\jdk-17.0.1\bin\java.exe
FirewallRules: [{C2F5916B-F0D0-4204-AAB9-841B4DEDC9C4}] => (Block) C:\program files\java\jdk-17.0.1\bin\java.exe
FirewallRules: [{79D9C9D5-80EF-46BC-999B-491CF28FE6F1}] => (Block) C:\program files\java\jdk-17.0.1\bin\java.exe
FirewallRules: [TCP Query User{04F9E7C9-89C4-4BCF-B14A-0AD1DF22BD20}C:\users\alan bangura\eclipse-jee-2022-06-r-win32-x86_64\eclipse\eclipse.exe] => (Allow) C:\users\alan bangura\eclipse-jee-2022-06-r-win32-x86_64\eclipse\eclipse.exe (Eclipse.org Foundation, Inc. -> )
FirewallRules: [UDP Query User{507467F0-94EC-4972-8CB7-E0C885CA8290}C:\users\alan bangura\eclipse-jee-2022-06-r-win32-x86_64\eclipse\eclipse.exe] => (Allow) C:\users\alan bangura\eclipse-jee-2022-06-r-win32-x86_64\eclipse\eclipse.exe (Eclipse.org Foundation, Inc. -> )
FirewallRules: [{C8C20E80-65D1-4C38-8F7B-0D7B25BB0C59}] => (Block) C:\users\alan bangura\eclipse-jee-2022-06-r-win32-x86_64\eclipse\eclipse.exe (Eclipse.org Foundation, Inc. -> )
FirewallRules: [{C0A78E55-92C3-4E85-88BC-93680B0272C1}] => (Block) C:\users\alan bangura\eclipse-jee-2022-06-r-win32-x86_64\eclipse\eclipse.exe (Eclipse.org Foundation, Inc. -> )
FirewallRules: [TCP Query User{9C2190F7-4FAE-4B38-B298-4CBA1D7EB86E}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3739.54\bin\idea64.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3739.54\bin\idea64.exe => No File
FirewallRules: [UDP Query User{A3122C81-0592-470B-A272-67530DF422F8}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3739.54\bin\idea64.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3739.54\bin\idea64.exe => No File
FirewallRules: [{F9E1CCC5-BC68-4CE4-BD4D-2396ED5B0488}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3739.54\bin\idea64.exe => No File
FirewallRules: [{DBCA2F0A-BFB0-4CAD-9906-966D0C02B056}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3739.54\bin\idea64.exe => No File
FirewallRules: [TCP Query User{AD3A7747-771B-4CC9-9090-60B21B2E7CE0}C:\users\alan bangura\eclipse-jee-2022-06-r-win32-x86_64\eclipse\plugins\org.eclipse.justj.openjdk.hotspot.jre.full.win32.x86_64_17.0.3.v20220515-1416\jre\bin\javaw.exe] => (Allow) C:\users\alan bangura\eclipse-jee-2022-06-r-win32-x86_64\eclipse\plugins\org.eclipse.justj.openjdk.hotspot.jre.full.win32.x86_64_17.0.3.v20220515-1416\jre\bin\javaw.exe
FirewallRules: [UDP Query User{FC307A4A-11F5-40AA-8500-5C6F35A68D5F}C:\users\alan bangura\eclipse-jee-2022-06-r-win32-x86_64\eclipse\plugins\org.eclipse.justj.openjdk.hotspot.jre.full.win32.x86_64_17.0.3.v20220515-1416\jre\bin\javaw.exe] => (Allow) C:\users\alan bangura\eclipse-jee-2022-06-r-win32-x86_64\eclipse\plugins\org.eclipse.justj.openjdk.hotspot.jre.full.win32.x86_64_17.0.3.v20220515-1416\jre\bin\javaw.exe
FirewallRules: [{78D34E6D-20AF-43A6-9EFB-5AD577AB44A6}] => (Block) C:\users\alan bangura\eclipse-jee-2022-06-r-win32-x86_64\eclipse\plugins\org.eclipse.justj.openjdk.hotspot.jre.full.win32.x86_64_17.0.3.v20220515-1416\jre\bin\javaw.exe
FirewallRules: [{5E75428D-3B90-4DD6-8140-0B8C18D02250}] => (Block) C:\users\alan bangura\eclipse-jee-2022-06-r-win32-x86_64\eclipse\plugins\org.eclipse.justj.openjdk.hotspot.jre.full.win32.x86_64_17.0.3.v20220515-1416\jre\bin\javaw.exe
FirewallRules: [{2422F9CB-1BFD-47B9-9989-D599830A5CE2}] => (Allow) LPort=3306
FirewallRules: [{44D07CA6-AC7E-4E54-853D-E638CBEE0B7E}] => (Allow) LPort=33060
FirewallRules: [{FC290880-C2FF-48BD-884D-5BF30F305034}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{2C14CB8F-5BF0-4D45-8DEE-2FD5310680D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{12C29D97-DBCD-4802-B7F4-32CD49E2EDB9}C:\program files\bitwig studio\4.3.5\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.3.5\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{1EE36EB3-D29F-44AF-B2DC-1023412204DC}C:\program files\bitwig studio\4.3.5\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.3.5\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{E0892C68-8C9E-4E42-B5A9-FDFE3553DE8C}] => (Block) C:\program files\bitwig studio\4.3.5\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{C82058A3-D91D-4279-AECB-D7029F4360D3}] => (Block) C:\program files\bitwig studio\4.3.5\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{CF8B5506-2A45-4608-82E9-40E42E847FC7}C:\users\alan bangura\appdata\local\discord\app-1.0.9006\discord.exe] => (Allow) C:\users\alan bangura\appdata\local\discord\app-1.0.9006\discord.exe => No File
FirewallRules: [UDP Query User{55B17CAE-2FEB-4496-B36D-02B0E951D1E7}C:\users\alan bangura\appdata\local\discord\app-1.0.9006\discord.exe] => (Allow) C:\users\alan bangura\appdata\local\discord\app-1.0.9006\discord.exe => No File
FirewallRules: [{89DC72E9-E8AA-4A5A-8A86-67F2FF109DF2}] => (Block) C:\users\alan bangura\appdata\local\discord\app-1.0.9006\discord.exe => No File
FirewallRules: [{3F05DBF2-8425-4CFA-A0F0-EC667520B33E}] => (Block) C:\users\alan bangura\appdata\local\discord\app-1.0.9006\discord.exe => No File
FirewallRules: [{8FBC87A5-46BC-49A5-9B9E-4065220DB5D9}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Recovery.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{B56B91FB-C5F5-461E-AA77-822B9D1547BC}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{9359C74C-5066-4C1C-A063-47BAAC3EDC41}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{DED47A23-ED5A-4F02-B3F1-077F5E9398AC}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x64\VeeamAgent.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{D0CAF7A1-6F77-4527-B931-D4F22F880C44}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x64\VeeamAgent.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{398B393B-D59B-4D72-96EA-E7837F151597}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x86\VeeamAgent.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{88E7C2A9-C62F-4C12-9891-33B8DCF18A82}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x86\VeeamAgent.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{C7C81818-5D52-46C4-AE24-4A9D3DC2C2B2}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\VeeamDeploymentSvc.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [{4EC88017-1A5C-4BD5-86A8-F810549292F4}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\VeeamDeploymentSvc.exe (Veeam Software Group GmbH -> Veeam Software Group GmbH)
FirewallRules: [TCP Query User{8CFC361E-1581-4237-97E5-CC57263A5C3F}C:\program files\bitwig studio\4.3.7\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.3.7\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{F5B1653D-2743-49E8-B9D2-17EBEA92727C}C:\program files\bitwig studio\4.3.7\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.3.7\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{CB89324D-E687-4B22-AC9A-93E426EB9840}] => (Block) C:\program files\bitwig studio\4.3.7\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{B66BA460-3D2E-4EE5-9819-B1AF88FF0FFF}] => (Block) C:\program files\bitwig studio\4.3.7\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{95C577B6-E3A0-470E-882F-87DD7D0EEADF}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4167.29\bin\idea64.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4167.29\bin\idea64.exe => No File
FirewallRules: [UDP Query User{864D3DBB-08B1-4302-8527-00C3C3B9BF16}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4167.29\bin\idea64.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4167.29\bin\idea64.exe => No File
FirewallRules: [{9C8D3B8F-31BC-4C01-AD3F-E21B8E76D0E8}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4167.29\bin\idea64.exe => No File
FirewallRules: [{E64ADC00-14BF-4F17-A09F-459429BEADD9}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4167.29\bin\idea64.exe => No File
FirewallRules: [TCP Query User{7C5DD87C-75E8-4F50-ACC8-7EFE70E6CC0B}C:\program files\bitwig studio\4.3.8\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.3.8\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{F1A45CE4-520F-4F60-B8E0-1A11285B8074}C:\program files\bitwig studio\4.3.8\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.3.8\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{0BDD6E16-ECE5-4B78-BD58-78F253614910}] => (Block) C:\program files\bitwig studio\4.3.8\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{4CE972FF-F6F2-4667-A637-1B04DC2D68E6}] => (Block) C:\program files\bitwig studio\4.3.8\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{00CF1093-6DE4-4C0B-8F6C-45E36CC8F110}C:\program files\bitwig studio\4.3.10\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.3.10\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{36ACEE5B-B700-4A2C-AC4D-F4F6AB8D7371}C:\program files\bitwig studio\4.3.10\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.3.10\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{18D90320-28FC-4B30-B2A7-E179BA901322}] => (Block) C:\program files\bitwig studio\4.3.10\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{C9D0AB65-BB58-439A-88C1-1B45652FDB7C}] => (Block) C:\program files\bitwig studio\4.3.10\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{C698907B-29C7-412E-8E45-2FCE7E58345C}C:\program files\bitwig studio\4.4\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.4\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{C33A434A-2FC5-439C-83E7-AFE9A2DC0273}C:\program files\bitwig studio\4.4\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.4\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{498BCF6A-2DC9-482B-B4B5-9E5B5947C195}] => (Block) C:\program files\bitwig studio\4.4\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{A7546E56-A329-4C9D-94B8-EB462FE3BE86}] => (Block) C:\program files\bitwig studio\4.4\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{0C2550B7-F47C-4011-8185-72D6CD190FD0}C:\users\alan bangura\appdata\local\jetbrains\toolbox\bin\jetbrains-toolbox.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\bin\jetbrains-toolbox.exe (JetBrains s.r.o. -> JetBrains)
FirewallRules: [UDP Query User{A01C4991-700D-42DE-B433-2ED401AB7171}C:\users\alan bangura\appdata\local\jetbrains\toolbox\bin\jetbrains-toolbox.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\bin\jetbrains-toolbox.exe (JetBrains s.r.o. -> JetBrains)
FirewallRules: [{932031B6-9DC6-49B3-BFAF-6F6F4C98080B}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\bin\jetbrains-toolbox.exe (JetBrains s.r.o. -> JetBrains)
FirewallRules: [{23F451E0-43F5-4ECF-994A-156D57BF2BFC}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\bin\jetbrains-toolbox.exe (JetBrains s.r.o. -> JetBrains)
FirewallRules: [TCP Query User{C94BEBAB-B84E-4338-8003-0BB33C7BE5D6}C:\users\alan bangura\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\alan bangura\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{CCE09E76-0FBE-43DA-92BF-ED8F3071F9EF}C:\users\alan bangura\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\alan bangura\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A5117197-FCEB-4E10-B4F0-8E01315E896A}] => (Block) C:\users\alan bangura\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{01DE14C9-EAC4-4B43-BF8C-34A0EB54E1C1}] => (Block) C:\users\alan bangura\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{C433417A-EF47-4D87-8A68-9EEFB8702572}C:\program files\bitwig studio\4.4.1\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.4.1\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{6BEBA113-352D-40D3-9D63-0A78C0B74F39}C:\program files\bitwig studio\4.4.1\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.4.1\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{DCD1429C-3D11-48FE-A8F6-B2412CEF6597}] => (Block) C:\program files\bitwig studio\4.4.1\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{8B7C7239-C280-42D4-A4F5-7CD9D1523590}] => (Block) C:\program files\bitwig studio\4.4.1\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{00E2589D-604A-44A8-81B3-2BD4E4D99002}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4345.14\bin\idea64.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4345.14\bin\idea64.exe => No File
FirewallRules: [UDP Query User{E79A18FE-738A-48E5-B3A8-661D40F79010}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4345.14\bin\idea64.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4345.14\bin\idea64.exe => No File
FirewallRules: [{CDA97E7D-A631-40F6-A7C5-AF554693B461}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4345.14\bin\idea64.exe => No File
FirewallRules: [{8D89CCDD-0D7D-4896-899E-596C4883A396}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4345.14\bin\idea64.exe => No File
FirewallRules: [TCP Query User{C2CE93A2-7F6F-4271-A52B-0FDD950D4DAB}C:\program files\bitwig studio\4.4.2\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.4.2\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{368DEC93-E014-4428-9580-10CE104D3DCB}C:\program files\bitwig studio\4.4.2\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.4.2\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{C22A82E5-50FC-4CD4-9CED-DEDB694E0DCC}] => (Block) C:\program files\bitwig studio\4.4.2\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{26FE7EE0-3B7A-490F-8354-66305BF934D9}] => (Block) C:\program files\bitwig studio\4.4.2\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{D3A90C94-2081-4855-AF5F-AD6902DC6031}C:\program files\bitwig studio\4.4.3\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.4.3\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{54337837-0EDB-4F3D-A887-FB2FD335D07F}C:\program files\bitwig studio\4.4.3\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.4.3\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{CF23A8C8-6D9C-41F9-B76C-A7DF4A4073A4}] => (Block) C:\program files\bitwig studio\4.4.3\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{C03DCE4B-6855-4130-8598-5E03FA4D9FC6}] => (Block) C:\program files\bitwig studio\4.4.3\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{358116EE-10E5-498C-B856-80460A863005}C:\program files\bitwig studio\4.4.4\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.4.4\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{A19BB555-B5A8-491F-AD2F-CC62B56CB1FD}C:\program files\bitwig studio\4.4.4\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.4.4\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{B77FE1E4-CAEE-41D6-8221-C7052D4078B3}] => (Block) C:\program files\bitwig studio\4.4.4\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{66C56C2D-4BCD-45F4-945A-376EE5427638}] => (Block) C:\program files\bitwig studio\4.4.4\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{054308E4-6427-4501-A099-11E2FCCD9D55}C:\program files\bitwig studio\4.4.5\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.4.5\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{9F3F13B4-1FC7-4DEA-BA56-CF6162A7FB3D}C:\program files\bitwig studio\4.4.5\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.4.5\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{34334D97-6110-413C-9408-7D69E0EC998C}] => (Block) C:\program files\bitwig studio\4.4.5\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{1CBCFF07-416A-4D74-B234-BB4364525384}] => (Block) C:\program files\bitwig studio\4.4.5\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{AD92E8FF-3863-4A39-B06D-4E78DE006DA2}C:\program files\bitwig studio\4.4.6\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.4.6\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{9E4131FF-CA5D-4B88-89A9-6A63D198137A}C:\program files\bitwig studio\4.4.6\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.4.6\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{81081907-D3F7-47C9-BE3C-0170E5081139}] => (Block) C:\program files\bitwig studio\4.4.6\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{697C0CA8-BD33-4F9F-9FFC-F23047BE4C36}] => (Block) C:\program files\bitwig studio\4.4.6\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{59C755E6-097B-43F7-84F5-C0AFE5DF5158}C:\program files\bitwig studio\4.4.8\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.4.8\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{0EB6EED9-4655-4D65-81F2-D2C40B7109FE}C:\program files\bitwig studio\4.4.8\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.4.8\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{C6423491-9D9B-48CA-8B9F-026042B772CE}] => (Block) C:\program files\bitwig studio\4.4.8\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{A352E127-AEC9-44D5-A827-628F3E72BE41}] => (Block) C:\program files\bitwig studio\4.4.8\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{FBAED232-74FA-44A7-BAF4-03A7A672699B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RESIDENT EVIL 4 BIOHAZARD RE4\re4.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [{1DB2E15A-CA84-46C8-841F-16E485718FA2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RESIDENT EVIL 4 BIOHAZARD RE4\re4.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [TCP Query User{F39E1A52-8D7F-495E-9CFB-73986C1D615F}C:\program files\bitwig studio\4.4.9\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.4.9\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{A8148F56-57EC-44E0-8C9E-DA94CAB99A57}C:\program files\bitwig studio\4.4.9\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.4.9\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{AC49A4EA-8A56-4BA7-A278-1F3366170793}] => (Block) C:\program files\bitwig studio\4.4.9\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{0219CB28-94EE-458D-A8CB-5FA7DC35DF2E}] => (Block) C:\program files\bitwig studio\4.4.9\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{615D307E-473A-42B3-9835-7E313A4046A2}C:\program files\bitwig studio\5.0 beta 2\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0 beta 2\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{35FD3634-494D-42BF-A65B-8A0A6DFF2EBA}C:\program files\bitwig studio\5.0 beta 2\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0 beta 2\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{9C3E1E61-0321-4861-AE10-D9C59D47E461}] => (Block) C:\program files\bitwig studio\5.0 beta 2\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{C2CB035B-9CD4-45C1-AD17-393592ED3586}] => (Block) C:\program files\bitwig studio\5.0 beta 2\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{A0982C44-ED51-46A3-9933-B13BBD297BC1}C:\program files\bitwig studio\5.0 beta 3\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0 beta 3\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{FD7DA6DC-E414-4BB2-9ED0-36B896849E69}C:\program files\bitwig studio\5.0 beta 3\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0 beta 3\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{0CD7643B-E4E8-4D92-8537-CB8A7ED801B8}] => (Block) C:\program files\bitwig studio\5.0 beta 3\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{5DAE302E-C30A-4CFE-A14E-3B262792A6FC}] => (Block) C:\program files\bitwig studio\5.0 beta 3\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{CB5AEBEB-4C72-457F-A80B-B61DB8EA28C7}C:\program files\bitwig studio\5.0 beta 4\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0 beta 4\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{1A19CE19-9A05-4A5A-8330-56E2F38AC04F}C:\program files\bitwig studio\5.0 beta 4\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0 beta 4\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{DCC7437D-C3C6-4321-A919-F2ADFB6A8359}] => (Block) C:\program files\bitwig studio\5.0 beta 4\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{DCA340D9-6496-4944-B44A-3656DFBCB358}] => (Block) C:\program files\bitwig studio\5.0 beta 4\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{4C0C29E9-4DF8-45AF-B5C1-F2F1A31E5CAF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8F1CAA82-1437-4DD4-801D-69A15AD730AE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{97B549E9-8DE7-4D6F-A750-A917047AA2EE}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\231.8109.175\bin\idea64.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\231.8109.175\bin\idea64.exe => No File
FirewallRules: [UDP Query User{F401EBCD-5273-44BD-A202-052A483F3B21}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\231.8109.175\bin\idea64.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\231.8109.175\bin\idea64.exe => No File
FirewallRules: [{D42D9644-CF3E-4452-9290-B009B8145E43}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\231.8109.175\bin\idea64.exe => No File
FirewallRules: [{F9150D4D-44D3-415C-B354-491F12511DBF}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\231.8109.175\bin\idea64.exe => No File
FirewallRules: [{4766F9BC-AD48-443E-AFF5-43A05E18DE38}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{B4705332-846B-4B51-B01B-B7D212B94E70}C:\program files\bitwig studio\5.0 beta 6\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0 beta 6\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{C9E787F4-3F23-4697-86EF-00FE08C3FC57}C:\program files\bitwig studio\5.0 beta 6\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0 beta 6\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{C28637E8-2719-471E-8FAF-7D0CB5E31382}] => (Block) C:\program files\bitwig studio\5.0 beta 6\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{47027649-D74D-42FE-8E2B-06724DD101D6}] => (Block) C:\program files\bitwig studio\5.0 beta 6\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{195F080B-0336-4FA4-89D5-5EE9B4FACE87}C:\program files\bitwig studio\5.0 beta 7\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0 beta 7\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{E8151EFF-2EAB-49EC-9AA0-7CB1AD6A21D1}C:\program files\bitwig studio\5.0 beta 7\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0 beta 7\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{DFB2C88E-25B1-4A72-9C82-6A3F51F8EF89}] => (Block) C:\program files\bitwig studio\5.0 beta 7\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{373F8357-23CE-442F-A07E-DAE09E1F28CB}] => (Block) C:\program files\bitwig studio\5.0 beta 7\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{516C8F75-8EA9-4A8D-8216-B298E53F7C67}C:\program files\bitwig studio\5.0 beta 8\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0 beta 8\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{DC468A1C-C2F7-4A23-B470-F4E5A7EE90F5}C:\program files\bitwig studio\5.0 beta 8\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0 beta 8\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{AA3C4D3D-FD85-4553-8E8F-7853CB5B47E5}] => (Block) C:\program files\bitwig studio\5.0 beta 8\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{05A3A5FA-F453-4387-9DBC-71B20A2DBE07}] => (Block) C:\program files\bitwig studio\5.0 beta 8\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{03F55358-F52D-4713-A0D0-97BCC8572511}C:\program files\bitwig studio\5.0 beta 9\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0 beta 9\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{816AA313-1D05-476E-B9AB-319CA3A95653}C:\program files\bitwig studio\5.0 beta 9\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0 beta 9\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{B68A0F14-BF51-4CAE-97D2-985EF42A3221}] => (Block) C:\program files\bitwig studio\5.0 beta 9\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{B3A89F7A-3018-47C4-AAE3-9B4E8E58440A}] => (Block) C:\program files\bitwig studio\5.0 beta 9\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{3C1F596E-275D-4ED0-AEF2-5DCCE3FBCC44}C:\program files (x86)\diablo iv\diablo iv.exe] => (Allow) C:\program files (x86)\diablo iv\diablo iv.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{2A769F3F-AEC0-4664-8966-2186AFFD374D}C:\program files (x86)\diablo iv\diablo iv.exe] => (Allow) C:\program files (x86)\diablo iv\diablo iv.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{A01B4809-2E70-446A-A341-F4EE6EB7CEBE}C:\program files\bitwig studio\5.0 beta 10\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0 beta 10\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{855C0DC0-51CD-4A26-8E77-71E3968E72C9}C:\program files\bitwig studio\5.0 beta 10\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0 beta 10\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{6D003833-E615-4F18-9464-85E9B5D1CA44}] => (Block) C:\program files\bitwig studio\5.0 beta 10\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{6674DFBE-00B5-4A68-9C3C-29C20B360A5B}] => (Block) C:\program files\bitwig studio\5.0 beta 10\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{78DC1362-870C-4F84-9010-650827AD16FB}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{B1EEB42C-5E48-4EB2-86B0-F3C9B579BC4E}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{4DE9639F-367A-47BE-85F4-B8D9FE230278}] => (Block) C:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{60870C98-8216-42D4-9046-6CD46CF7F76F}] => (Block) C:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{5BA1AEE1-8CC4-4F7B-A7E1-12FBEEADE4CE}C:\program files\bitwig studio\5.0 beta 11\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0 beta 11\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{DAB1E6A0-1FF2-4F84-8721-B468C77A70B6}C:\program files\bitwig studio\5.0 beta 11\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0 beta 11\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{B4BD8800-7677-44C3-B223-498F083055F3}] => (Block) C:\program files\bitwig studio\5.0 beta 11\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{AC4D6114-56C1-4F35-949D-DD778FE29333}] => (Block) C:\program files\bitwig studio\5.0 beta 11\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{7A89BD4F-EF5A-4ED7-8465-10E3E3480DF9}C:\program files\bitwig studio\5.0 beta 13\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0 beta 13\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{F5C0113E-D780-4FF3-B2A6-14D5F2B0F8AF}C:\program files\bitwig studio\5.0 beta 13\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0 beta 13\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{ACF7E3FB-5E72-43E5-887D-79ADC2929ED6}] => (Block) C:\program files\bitwig studio\5.0 beta 13\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{5E410D87-A781-40B4-84F6-DBC845EDDB53}] => (Block) C:\program files\bitwig studio\5.0 beta 13\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{988BE5F3-5D47-463A-82CC-E53364927CEC}C:\program files\bitwig studio\5.0\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{54ADAD97-5F7B-4786-B7ED-5F77F23E2347}C:\program files\bitwig studio\5.0\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{53797B9B-72BC-46DE-858E-091093F1D998}] => (Block) C:\program files\bitwig studio\5.0\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{2473C457-F167-4566-9998-48716B4B3C02}] => (Block) C:\program files\bitwig studio\5.0\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{31F6A9CD-8F13-4941-9417-DB4680803406}C:\program files\bitwig studio\5.0.1\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0.1\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{25A0F250-A9D5-46D4-9412-47F596A7C413}C:\program files\bitwig studio\5.0.1\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0.1\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{49E47623-AB8C-4919-B8D4-0A132E4497B3}] => (Block) C:\program files\bitwig studio\5.0.1\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{69044CB3-5D17-40F0-A335-4BBE179ED0F1}] => (Block) C:\program files\bitwig studio\5.0.1\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{76D54144-61C5-415D-B5DC-7A93E142E560}C:\program files\bitwig studio\5.0.4\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0.4\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{1C2242AD-0E33-480C-99E2-590CDFD07963}C:\program files\bitwig studio\5.0.4\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0.4\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{2EABF016-6340-4C6D-89BC-D0FD7CEE6C78}] => (Block) C:\program files\bitwig studio\5.0.4\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{2B4F15D2-FC2F-4584-8550-DF13A4A28B0C}] => (Block) C:\program files\bitwig studio\5.0.4\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{32EC48CF-5936-427C-B4D4-6D82E150BCFB}C:\program files\bitwig studio\5.0.6\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0.6\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{6E63B58D-259C-4100-87F2-F955F74498E7}C:\program files\bitwig studio\5.0.6\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0.6\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{3920AEE2-C022-41C4-9438-40994962AEF6}] => (Block) C:\program files\bitwig studio\5.0.6\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{A3E34625-619E-48CD-A5D4-B0E73BA5DCE0}] => (Block) C:\program files\bitwig studio\5.0.6\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{888761C7-E3AC-4DDA-AB10-05F166157CF0}C:\program files\bitwig studio\5.0.7\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0.7\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{A0D13BFE-675D-4273-9C53-1317A7CA2F26}C:\program files\bitwig studio\5.0.7\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0.7\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{CB30A630-9D7B-4B5A-8DC6-4A60F8CFEB13}] => (Block) C:\program files\bitwig studio\5.0.7\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{EE9B2231-2E8F-4BA5-ABA5-85A5CB819F90}] => (Block) C:\program files\bitwig studio\5.0.7\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{4408E0E4-68E5-4D9D-B2C7-ECB80110502F}C:\program files\bitwig studio\5.0.8\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0.8\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{DB3DC5F0-BCF3-4EF9-890D-914721182B3A}C:\program files\bitwig studio\5.0.8\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0.8\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{0F62668C-1319-440F-A1BE-23B3312D9EBD}] => (Block) C:\program files\bitwig studio\5.0.8\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{5DA5EE4E-C2BB-4676-94D5-311D13CCDF22}] => (Block) C:\program files\bitwig studio\5.0.8\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{CFB4CB91-6D01-4164-8FCF-C923F373BBDD}C:\program files\bitwig studio\5.0.10\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0.10\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{BDC73E5C-31B3-4AF0-AC85-DB14F4CABCBE}C:\program files\bitwig studio\5.0.10\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0.10\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{6FC1CBD5-1EC3-400E-B5BE-84729AC6DF9A}] => (Block) C:\program files\bitwig studio\5.0.10\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{59DBAA5F-8A3C-44D4-B687-0F46FA7BAFD1}] => (Block) C:\program files\bitwig studio\5.0.10\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{69916394-39BB-4B1C-A9EC-B09B1BA62BB6}C:\program files\bitwig studio\5.0.11\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0.11\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{29A5EBFF-253C-42F6-BC0C-A57891A38EA4}C:\program files\bitwig studio\5.0.11\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\5.0.11\bitwig studio.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{E96D5CA2-D4DE-417D-80E2-DBF1BC5A331C}C:\program files\ua connect\resources\native\windows\x64\uacloudhelper.exe] => (Allow) C:\program files\ua connect\resources\native\windows\x64\uacloudhelper.exe (Universal Audio, Inc. -> Universal Audio)
FirewallRules: [UDP Query User{9A7CB408-A875-4763-9E51-9F761C9A0B51}C:\program files\ua connect\resources\native\windows\x64\uacloudhelper.exe] => (Allow) C:\program files\ua connect\resources\native\windows\x64\uacloudhelper.exe (Universal Audio, Inc. -> Universal Audio)
FirewallRules: [TCP Query User{6A4F3212-D944-435C-8493-D29CE98260A5}C:\program files\bitwig studio\5.1\bin\bitwigpluginhost-x64-sse41.exe] => (Allow) C:\program files\bitwig studio\5.1\bin\bitwigpluginhost-x64-sse41.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{ED621A42-58C5-467A-971F-B364E3CFCB40}C:\program files\bitwig studio\5.1\bin\bitwigpluginhost-x64-sse41.exe] => (Allow) C:\program files\bitwig studio\5.1\bin\bitwigpluginhost-x64-sse41.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [TCP Query User{4C5E10D9-8348-49D8-8B33-DA30B6F45A6B}C:\program files\bitwig studio\5.1.1\bin\bitwigpluginhost-x64-sse41.exe] => (Allow) C:\program files\bitwig studio\5.1.1\bin\bitwigpluginhost-x64-sse41.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [UDP Query User{37B4DA49-98F0-4426-A58B-44FDFC6F7B7F}C:\program files\bitwig studio\5.1.1\bin\bitwigpluginhost-x64-sse41.exe] => (Allow) C:\program files\bitwig studio\5.1.1\bin\bitwigpluginhost-x64-sse41.exe (Bitwig GmbH -> Bitwig GmbH)
FirewallRules: [{DFDB2FF3-8CB2-491D-9424-6F4F23C47A50}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Streets of Rage 4\x64\SOR4.exe (SOR4) [File not signed]
FirewallRules: [{72DEB9A6-54AE-43D8-9457-1CA356B84AFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Streets of Rage 4\x64\SOR4.exe (SOR4) [File not signed]
FirewallRules: [{8B71DF0C-9E95-4816-819A-2E4C07A0B84B}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.65\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{C74FB269-D96B-46FE-B0E4-AC2689971354}C:\program files\bitwig studio\5.1.7\bin\bitwigpluginhost-x64-sse41.exe] => (Allow) C:\program files\bitwig studio\5.1.7\bin\bitwigpluginhost-x64-sse41.exe (Bitwig GmbH) [File not signed]
FirewallRules: [UDP Query User{5E960283-B632-43B8-97E0-DC6E83BB9383}C:\program files\bitwig studio\5.1.7\bin\bitwigpluginhost-x64-sse41.exe] => (Allow) C:\program files\bitwig studio\5.1.7\bin\bitwigpluginhost-x64-sse41.exe (Bitwig GmbH) [File not signed]
FirewallRules: [{83C236F3-C687-41B9-9EA9-93B92DF3C1EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.234.783.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0A62B3B5-9478-4130-883E-89838FCECEF5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.234.783.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4787583C-267E-4389-B774-A0D63D0D55FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.234.783.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C99CF66D-DA30-49AD-8111-7863C77D47C2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.234.783.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AEFC7B4C-0227-40AA-8C5A-B00613242484}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.234.783.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{80709DCC-7EF9-48F2-86D5-53364713CDCC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.234.783.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DC4641A8-230E-4A6E-9E1B-43E36D0C337C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.234.783.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{54305B17-88BC-4239-A9D3-936DA911B39A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.234.783.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8176301D-1A99-476D-8898-684086CFD63A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.234.783.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0C3A5A76-2029-48FA-A849-90E8580D89F5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.234.783.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DA368962-944B-4454-BF6F-25B2423E72ED}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.116.3213.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D472D720-7AC5-49A4-9F17-98A21E65E95C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.116.3213.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{17076254-C3C9-4154-88FE-CA1319287D9F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.116.3213.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C5E8374A-FBE9-4C03-A8FF-87D521D42A9A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.116.3213.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F4D64449-4878-4706-9774-067597F8DDE9}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

27-03-2024 22:26:18 Scheduled Checkpoint
29-03-2024 08:44:03 Installed Bitwig Studio 5.1.7
06-04-2024 19:04:56 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/07/2024 12:59:57 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.]

Error: (04/07/2024 12:57:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program StartMenuExperienceHost.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: ef04

Start Time: 01da890c7cfb3e57

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe

Report Id: c93f8513-e92e-4b1f-9e3a-7c7d41cd70c2

Faulting package full name: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.3636_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: App

Hang type: Cross-thread

Error: (04/07/2024 12:54:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program StartMenuExperienceHost.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 5ecc

Start Time: 01da890c204c126a

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe

Report Id: 0d25417c-7dd0-44d0-9d06-6bbad1739214

Faulting package full name: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.3636_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: App

Hang type: Cross-thread

Error: (04/07/2024 12:52:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program StartMenuExperienceHost.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: a100

Start Time: 01da890bdda3f5a1

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe

Report Id: 6cb7a67e-4028-4da1-b590-bae2b94d92cb

Faulting package full name: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.3636_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: App

Hang type: Cross-thread

Error: (04/07/2024 05:52:27 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program HxOutlook.exe version 16.0.14326.21852 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: bb84

Start Time: 01da88d127d8b94a

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21854.0_x64__8wekyb3d8bbwe\HxOutlook.exe

Report Id: 765f983a-160a-44a4-bdf0-c8e4c3c1fa09

Faulting package full name: microsoft.windowscommunicationsapps_16005.14326.21854.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: microsoft.windowslive.mail

Hang type: Cross-process

Error: (04/07/2024 04:52:15 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchApp.exe version 10.0.19041.4170 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: c5c0

Start Time: 01da88c8d6519306

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

Report Id: 6f543328-446d-476b-9cef-477d21017ec7

Faulting package full name: Microsoft.Windows.Search_1.14.13.19041_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: CortanaUI

Hang type: Quiesce

Error: (04/07/2024 04:51:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchApp.exe version 10.0.19041.4170 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: da88

Start Time: 01da88c8c7f673c5

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

Report Id: 59c4aeac-9aac-4e89-a01d-c2da4729a60c

Faulting package full name: Microsoft.Windows.Search_1.14.13.19041_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: CortanaUI

Hang type: Quiesce

Error: (04/07/2024 04:51:27 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchApp.exe version 10.0.19041.4170 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: bcb4

Start Time: 01da88c8b9ad5c0e

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

Report Id: 5c914a28-9045-4e61-abb5-66be2e062cdf

Faulting package full name: Microsoft.Windows.Search_1.14.13.19041_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: CortanaUI

Hang type: Quiesce


System errors:
=============
Error: (04/07/2024 01:02:26 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: The driver detected an internal driver error on \Device\VBoxNetLwf.

Error: (04/07/2024 01:00:40 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: The driver detected an internal driver error on \Device\VBoxNetLwf.

Error: (04/07/2024 01:00:40 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: The driver detected an internal driver error on \Device\VBoxNetLwf.

Error: (04/07/2024 12:51:01 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1P5IGHH)
Description: The server microsoft.windowscommunicationsapps_16005.14326.21854.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.

Error: (04/07/2024 12:23:04 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1P5IGHH)
Description: The server microsoft.windowscommunicationsapps_16005.14326.21854.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.

Error: (04/07/2024 11:02:03 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1P5IGHH)
Description: The server microsoft.windowscommunicationsapps_16005.14326.21854.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.

Error: (04/07/2024 09:23:02 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1P5IGHH)
Description: The server microsoft.windowscommunicationsapps_16005.14326.21854.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.

Error: (04/07/2024 06:57:52 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1P5IGHH)
Description: The server microsoft.windowscommunicationsapps_16005.14326.21854.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.


Windows Defender:
================
Date: 2024-04-06 19:03:54
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2024-04-05 19:11:44
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2024-04-04 20:15:45
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2024-04-03 18:18:36
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2024-04-02 18:10:35
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:

Date: 2023-11-06 10:44:12
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.397.1880.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23080.2005
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2023-11-06 10:44:12
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.397.1880.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23080.2005
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2023-11-06 10:44:12
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.397.1880.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23080.2005
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2023-11-06 10:44:12
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.397.1880.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23080.2005
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2023-11-06 10:44:12
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.397.1880.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23080.2005
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

CodeIntegrity:
===============
Date: 2024-04-07 13:43:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2024-04-07 13:40:37
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends International, LLC. 1.20 06/18/2021
Motherboard: Micro-Star International Co., Ltd. Z590 PRO WIFI (MS-7D09)
Processor: 11th Gen Intel® Core™ i5-11600K @ 3.90GHz
Percentage of memory in use: 52%
Total physical RAM: 16265.61 MB
Available physical RAM: 7701.99 MB
Total Virtual: 19337.61 MB
Available Virtual: 7697.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1907.61 GB) (Free:395.36 GB) (Model: ADATA SX8200PNP) NTFS
Drive d: (Samsung 850 Evo SSD) (Fixed) (Total:232.87 GB) (Free:70.61 GB) (Model: Samsung SSD 850 EVO 250GB) NTFS

\\?\Volume{e4914454-4af0-461d-b41f-7267faf9b777}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 1907.7 GB) (Disk ID: 99C63EF8)

Partition: GPT.

==================== End of Addition.txt =======================

Edited by Oh My!, 07 April 2024 - 04:53 PM.
Posted Addition.txt

Gary 

Lord, to whom shall we go? You have the words of eternal life. We have come to believe and to know that you are the Holy One of God.

John 6:68-69

#3 Oh My!

Oh My!

    Adware and Spyware and Malware


  •  Avatar image
  • Malware Response Instructor
  • 57,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:30 PM

Posted 07 April 2024 - 05:24 PM

Greetings.

I suspect it is a false positive detection but let's do some follow-up.

Please do this.

===================================================

Farbar Recovery Scan Tool Fix

--------------------
  • Right click on the FRST64 icon and select Run as administrator
  • Highlight the below information then hit the Ctrl + C keys at the same time and the text will be copied
  • There is no need to paste the information anywhere, FRST64 will do it for you
Start::
SystemRestore: On
CreateRestorePoint:
CloseProcesses:
Zip: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections
File: C:\Program Files\Apache Software Foundation\Tomcat 9.0\bin\Tomcat9.exe
C:\Program Files\Apache Software Foundation\Tomcat 9.0\bin\Tomcat9w.exe
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X] 
AlternateDataStreams: C:\ProgramData\PACE:142F12EBBC1C30E4 [217] 
AlternateDataStreams: C:\ProgramData\PACE:EE02DF598D5BA0E5 [217] 
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [10206] 
2024-04-07 13:03 - 2024-04-07 13:03 - 000208384 _____ () [File not signed] \\?\C:\Users\Alan Bangura\AppData\Local\Temp\32c3e555-9e67-44e4-8bb1-d1fadb08d283.tmp.node 
2024-04-07 13:03 - 2024-04-07 13:03 - 000249856 _____ () [File not signed] \\?\C:\Users\Alan Bangura\AppData\Local\Temp\f39c8680-8378-4d0b-93ed-2e682cff9154.tmp.node 
2024-04-07 13:03 - 2024-04-07 13:03 - 000172032 _____ () [File not signed] \\?\C:\Users\Alan Bangura\AppData\Local\Temp\f65444c1-36bf-483b-b98e-307643106291.tmp.node 
FirewallRules: [{36570B01-FAC6-43F6-8974-48E503E9DD9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File 
FirewallRules: [{4BB64019-9653-4A0A-987B-0E1BDF70B22C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File 
FirewallRules: [TCP Query User{F8A8A6BB-CA8C-42D6-8761-598D29BA3503}C:\users\alan bangura\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\alan bangura\appdata\roaming\spotify\spotify.exe => No File 
FirewallRules: [UDP Query User{E4C9D8CC-7F2E-45E3-8770-A5DE93F325EB}C:\users\alan bangura\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\alan bangura\appdata\roaming\spotify\spotify.exe => No File 
FirewallRules: [{70334A95-F4E6-46E6-B906-2C4F595D9FBE}] => (Block) C:\users\alan bangura\appdata\roaming\spotify\spotify.exe => No File 
FirewallRules: [{62AB4991-2408-4E1B-BEF3-6B7995D8038C}] => (Block) C:\users\alan bangura\appdata\roaming\spotify\spotify.exe => No File 
FirewallRules: [TCP Query User{3F962B55-EAA3-40EE-BFF8-6B69066A48F9}C:\program files\jetbrains\intellij idea community edition 2021.2.3\bin\idea64.exe] => (Block) C:\program files\jetbrains\intellij idea community edition 2021.2.3\bin\idea64.exe => No File 
FirewallRules: [UDP Query User{28E594CE-CCA5-4171-8C64-75EE17B8B5B5}C:\program files\jetbrains\intellij idea community edition 2021.2.3\bin\idea64.exe] => (Block) C:\program files\jetbrains\intellij idea community edition 2021.2.3\bin\idea64.exe => No File 
FirewallRules: [TCP Query User{01466E29-9EE3-4777-887D-457350ADB126}C:\program files\bitwig studio\4.0.7\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.0.7\bitwig studio.exe => No File 
FirewallRules: [UDP Query User{375EC8F4-3534-485B-AD50-C22812410C6C}C:\program files\bitwig studio\4.0.7\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.0.7\bitwig studio.exe => No File 
FirewallRules: [{1764229C-21BE-4713-8007-BEF991D61CD8}] => (Block) C:\program files\bitwig studio\4.0.7\bitwig studio.exe => No File 
FirewallRules: [{03C47A3C-92D5-448E-977B-8B722D1C39AD}] => (Block) C:\program files\bitwig studio\4.0.7\bitwig studio.exe => No File 
FirewallRules: [TCP Query User{7AF951E2-B555-4A93-8E25-7ACCA2B20342}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3345.118\bin\idea64.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3345.118\bin\idea64.exe => No File 
FirewallRules: [UDP Query User{E9E8F44F-175C-4694-9C60-3B1D82AAEDD0}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3345.118\bin\idea64.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3345.118\bin\idea64.exe => No File 
FirewallRules: [{42AC05CA-9338-439C-A41D-22F4AE4F58B9}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3345.118\bin\idea64.exe => No File 
FirewallRules: [{793F8A7A-3A7B-4B52-860B-1F11E3684E58}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3345.118\bin\idea64.exe => No File 
FirewallRules: [TCP Query User{9C2190F7-4FAE-4B38-B298-4CBA1D7EB86E}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3739.54\bin\idea64.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3739.54\bin\idea64.exe => No File 
FirewallRules: [UDP Query User{A3122C81-0592-470B-A272-67530DF422F8}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3739.54\bin\idea64.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3739.54\bin\idea64.exe => No File 
FirewallRules: [{F9E1CCC5-BC68-4CE4-BD4D-2396ED5B0488}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3739.54\bin\idea64.exe => No File 
FirewallRules: [{DBCA2F0A-BFB0-4CAD-9906-966D0C02B056}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3739.54\bin\idea64.exe => No File 
FirewallRules: [TCP Query User{CF8B5506-2A45-4608-82E9-40E42E847FC7}C:\users\alan bangura\appdata\local\discord\app-1.0.9006\discord.exe] => (Allow) C:\users\alan bangura\appdata\local\discord\app-1.0.9006\discord.exe => No File 
FirewallRules: [UDP Query User{55B17CAE-2FEB-4496-B36D-02B0E951D1E7}C:\users\alan bangura\appdata\local\discord\app-1.0.9006\discord.exe] => (Allow) C:\users\alan bangura\appdata\local\discord\app-1.0.9006\discord.exe => No File 
FirewallRules: [{89DC72E9-E8AA-4A5A-8A86-67F2FF109DF2}] => (Block) C:\users\alan bangura\appdata\local\discord\app-1.0.9006\discord.exe => No File 
FirewallRules: [{3F05DBF2-8425-4CFA-A0F0-EC667520B33E}] => (Block) C:\users\alan bangura\appdata\local\discord\app-1.0.9006\discord.exe => No File 
FirewallRules: [TCP Query User{95C577B6-E3A0-470E-882F-87DD7D0EEADF}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4167.29\bin\idea64.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4167.29\bin\idea64.exe => No File 
FirewallRules: [UDP Query User{864D3DBB-08B1-4302-8527-00C3C3B9BF16}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4167.29\bin\idea64.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4167.29\bin\idea64.exe => No File 
FirewallRules: [{9C8D3B8F-31BC-4C01-AD3F-E21B8E76D0E8}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4167.29\bin\idea64.exe => No File 
FirewallRules: [{E64ADC00-14BF-4F17-A09F-459429BEADD9}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4167.29\bin\idea64.exe => No File 
FirewallRules: [TCP Query User{00E2589D-604A-44A8-81B3-2BD4E4D99002}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4345.14\bin\idea64.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4345.14\bin\idea64.exe => No File 
FirewallRules: [UDP Query User{E79A18FE-738A-48E5-B3A8-661D40F79010}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4345.14\bin\idea64.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4345.14\bin\idea64.exe => No File 
FirewallRules: [{CDA97E7D-A631-40F6-A7C5-AF554693B461}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4345.14\bin\idea64.exe => No File 
FirewallRules: [{8D89CCDD-0D7D-4896-899E-596C4883A396}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4345.14\bin\idea64.exe => No File 
FirewallRules: [TCP Query User{97B549E9-8DE7-4D6F-A750-A917047AA2EE}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\231.8109.175\bin\idea64.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\231.8109.175\bin\idea64.exe => No File 
FirewallRules: [UDP Query User{F401EBCD-5273-44BD-A202-052A483F3B21}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\231.8109.175\bin\idea64.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\231.8109.175\bin\idea64.exe => No File 
FirewallRules: [{D42D9644-CF3E-4452-9290-B009B8145E43}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\231.8109.175\bin\idea64.exe => No File 
FirewallRules: [{F9150D4D-44D3-415C-B354-491F12511DBF}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\231.8109.175\bin\idea64.exe => No File 
cmd: sfc /scannow
cmd: DISM /Online /Cleanup-Image /CheckHealth
End::
  • Click Fix
  • When completed the tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
  • The tool will create a zipped folder in the same location from where FRST was run with today's date, example: 06.11.2016_13.24.50.zip. Upload the file to GoFile or the file hosting site of your choice and send me a Personal Message with the download link
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.
  • Fixlog
  • Download link via Personal Message

Gary 

Lord, to whom shall we go? You have the words of eternal life. We have come to believe and to know that you are the Holy One of God.

John 6:68-69

#4 Alban1806

Alban1806
  • Topic Starter

  •  Avatar image
  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 10 April 2024 - 06:18 AM

Sorry for the late reply, I was expecting you to reply later. I didn't expect a so soon reply so I apologize.

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 10.04.2024
Ran by Alan Bangura (10-04-2024 07:12:42) Run:1
Running from C:\Users\Alan Bangura\Downloads
Loaded Profiles: Alan Bangura & SQLTELEMETRY$SQLEXPRESS & MSSQL$SQLEXPRESS
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Start::
SystemRestore: On
CreateRestorePoint:
CloseProcesses:
Zip: C:\ProgramData\Malwarebytes\MBAMService\MwacDetections
File: C:\Program Files\Apache Software Foundation\Tomcat 9.0\bin\Tomcat9.exe
C:\Program Files\Apache Software Foundation\Tomcat 9.0\bin\Tomcat9w.exe
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X] 
AlternateDataStreams: C:\ProgramData\PACE:142F12EBBC1C30E4 [217] 
AlternateDataStreams: C:\ProgramData\PACE:EE02DF598D5BA0E5 [217] 
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [10206] 
2024-04-07 13:03 - 2024-04-07 13:03 - 000208384 _____ () [File not signed] \\?\C:\Users\Alan Bangura\AppData\Local\Temp\32c3e555-9e67-44e4-8bb1-d1fadb08d283.tmp.node 
2024-04-07 13:03 - 2024-04-07 13:03 - 000249856 _____ () [File not signed] \\?\C:\Users\Alan Bangura\AppData\Local\Temp\f39c8680-8378-4d0b-93ed-2e682cff9154.tmp.node 
2024-04-07 13:03 - 2024-04-07 13:03 - 000172032 _____ () [File not signed] \\?\C:\Users\Alan Bangura\AppData\Local\Temp\f65444c1-36bf-483b-b98e-307643106291.tmp.node 
FirewallRules: [{36570B01-FAC6-43F6-8974-48E503E9DD9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File 
FirewallRules: [{4BB64019-9653-4A0A-987B-0E1BDF70B22C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File 
FirewallRules: [TCP Query User{F8A8A6BB-CA8C-42D6-8761-598D29BA3503}C:\users\alan bangura\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\alan bangura\appdata\roaming\spotify\spotify.exe => No File 
FirewallRules: [UDP Query User{E4C9D8CC-7F2E-45E3-8770-A5DE93F325EB}C:\users\alan bangura\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\alan bangura\appdata\roaming\spotify\spotify.exe => No File 
FirewallRules: [{70334A95-F4E6-46E6-B906-2C4F595D9FBE}] => (Block) C:\users\alan bangura\appdata\roaming\spotify\spotify.exe => No File 
FirewallRules: [{62AB4991-2408-4E1B-BEF3-6B7995D8038C}] => (Block) C:\users\alan bangura\appdata\roaming\spotify\spotify.exe => No File 
FirewallRules: [TCP Query User{3F962B55-EAA3-40EE-BFF8-6B69066A48F9}C:\program files\jetbrains\intellij idea community edition 2021.2.3\bin\idea64.exe] => (Block) C:\program files\jetbrains\intellij idea community edition 2021.2.3\bin\idea64.exe => No File 
FirewallRules: [UDP Query User{28E594CE-CCA5-4171-8C64-75EE17B8B5B5}C:\program files\jetbrains\intellij idea community edition 2021.2.3\bin\idea64.exe] => (Block) C:\program files\jetbrains\intellij idea community edition 2021.2.3\bin\idea64.exe => No File 
FirewallRules: [TCP Query User{01466E29-9EE3-4777-887D-457350ADB126}C:\program files\bitwig studio\4.0.7\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.0.7\bitwig studio.exe => No File 
FirewallRules: [UDP Query User{375EC8F4-3534-485B-AD50-C22812410C6C}C:\program files\bitwig studio\4.0.7\bitwig studio.exe] => (Allow) C:\program files\bitwig studio\4.0.7\bitwig studio.exe => No File 
FirewallRules: [{1764229C-21BE-4713-8007-BEF991D61CD8}] => (Block) C:\program files\bitwig studio\4.0.7\bitwig studio.exe => No File 
FirewallRules: [{03C47A3C-92D5-448E-977B-8B722D1C39AD}] => (Block) C:\program files\bitwig studio\4.0.7\bitwig studio.exe => No File 
FirewallRules: [TCP Query User{7AF951E2-B555-4A93-8E25-7ACCA2B20342}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3345.118\bin\idea64.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3345.118\bin\idea64.exe => No File 
FirewallRules: [UDP Query User{E9E8F44F-175C-4694-9C60-3B1D82AAEDD0}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3345.118\bin\idea64.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3345.118\bin\idea64.exe => No File 
FirewallRules: [{42AC05CA-9338-439C-A41D-22F4AE4F58B9}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3345.118\bin\idea64.exe => No File 
FirewallRules: [{793F8A7A-3A7B-4B52-860B-1F11E3684E58}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3345.118\bin\idea64.exe => No File 
FirewallRules: [TCP Query User{9C2190F7-4FAE-4B38-B298-4CBA1D7EB86E}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3739.54\bin\idea64.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3739.54\bin\idea64.exe => No File 
FirewallRules: [UDP Query User{A3122C81-0592-470B-A272-67530DF422F8}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3739.54\bin\idea64.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3739.54\bin\idea64.exe => No File 
FirewallRules: [{F9E1CCC5-BC68-4CE4-BD4D-2396ED5B0488}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3739.54\bin\idea64.exe => No File 
FirewallRules: [{DBCA2F0A-BFB0-4CAD-9906-966D0C02B056}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3739.54\bin\idea64.exe => No File 
FirewallRules: [TCP Query User{CF8B5506-2A45-4608-82E9-40E42E847FC7}C:\users\alan bangura\appdata\local\discord\app-1.0.9006\discord.exe] => (Allow) C:\users\alan bangura\appdata\local\discord\app-1.0.9006\discord.exe => No File 
FirewallRules: [UDP Query User{55B17CAE-2FEB-4496-B36D-02B0E951D1E7}C:\users\alan bangura\appdata\local\discord\app-1.0.9006\discord.exe] => (Allow) C:\users\alan bangura\appdata\local\discord\app-1.0.9006\discord.exe => No File 
FirewallRules: [{89DC72E9-E8AA-4A5A-8A86-67F2FF109DF2}] => (Block) C:\users\alan bangura\appdata\local\discord\app-1.0.9006\discord.exe => No File 
FirewallRules: [{3F05DBF2-8425-4CFA-A0F0-EC667520B33E}] => (Block) C:\users\alan bangura\appdata\local\discord\app-1.0.9006\discord.exe => No File 
FirewallRules: [TCP Query User{95C577B6-E3A0-470E-882F-87DD7D0EEADF}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4167.29\bin\idea64.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4167.29\bin\idea64.exe => No File 
FirewallRules: [UDP Query User{864D3DBB-08B1-4302-8527-00C3C3B9BF16}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4167.29\bin\idea64.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4167.29\bin\idea64.exe => No File 
FirewallRules: [{9C8D3B8F-31BC-4C01-AD3F-E21B8E76D0E8}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4167.29\bin\idea64.exe => No File 
FirewallRules: [{E64ADC00-14BF-4F17-A09F-459429BEADD9}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4167.29\bin\idea64.exe => No File 
FirewallRules: [TCP Query User{00E2589D-604A-44A8-81B3-2BD4E4D99002}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4345.14\bin\idea64.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4345.14\bin\idea64.exe => No File 
FirewallRules: [UDP Query User{E79A18FE-738A-48E5-B3A8-661D40F79010}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4345.14\bin\idea64.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4345.14\bin\idea64.exe => No File 
FirewallRules: [{CDA97E7D-A631-40F6-A7C5-AF554693B461}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4345.14\bin\idea64.exe => No File 
FirewallRules: [{8D89CCDD-0D7D-4896-899E-596C4883A396}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4345.14\bin\idea64.exe => No File 
FirewallRules: [TCP Query User{97B549E9-8DE7-4D6F-A750-A917047AA2EE}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\231.8109.175\bin\idea64.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\231.8109.175\bin\idea64.exe => No File 
FirewallRules: [UDP Query User{F401EBCD-5273-44BD-A202-052A483F3B21}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\231.8109.175\bin\idea64.exe] => (Allow) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\231.8109.175\bin\idea64.exe => No File 
FirewallRules: [{D42D9644-CF3E-4452-9290-B009B8145E43}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\231.8109.175\bin\idea64.exe => No File 
FirewallRules: [{F9150D4D-44D3-415C-B354-491F12511DBF}] => (Block) C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\231.8109.175\bin\idea64.exe => No File 
cmd: sfc /scannow
cmd: DISM /Online /Cleanup-Image /CheckHealth
End::
*****************
 
SystemRestore: On => completed
Restore point was successfully created.
Processes closed successfully.
================== Zip: ===================
C:\ProgramData\Malwarebytes\MBAMService\MwacDetections -> copied successfully to C:\Users\Alan Bangura\Desktop\10.04.2024_07.12.52.zip
=========== Zip: End ===========
 
========================= File: C:\Program Files\Apache Software Foundation\Tomcat 9.0\bin\Tomcat9.exe ========================
 
C:\Program Files\Apache Software Foundation\Tomcat 9.0\bin\Tomcat9.exe
File is digitally signed
MD5: 1789B4DF0A8AA7AF10981664C26DA137
Creation and modification date: 2022-07-14 08:28 - 2022-07-14 08:28
Size: 000142984
Attributes: ----A
Company Name: The Apache Software Foundation -> Apache Software Foundation
Internal Name: Apache Commons Daemon Service Runner
Original Name: prunsrv.exe
Product: Apache Commons Daemon Service Runner
Description: Apache Commons Daemon Service Runner
File Version: 1.3.1.0
Product Version: 1.3.1.0
Copyright: Copyright © 2000-2022 The Apache Software Foundation.
 
====== End of File: ======
 
C:\Program Files\Apache Software Foundation\Tomcat 9.0\bin\Tomcat9w.exe => moved successfully
HKLM\System\CurrentControlSet\Services\nvvad_WaveExtensible => removed successfully
nvvad_WaveExtensible => service removed successfully
C:\ProgramData\PACE => ":142F12EBBC1C30E4" ADS removed successfully
C:\ProgramData\PACE => ":EE02DF598D5BA0E5" ADS removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
C:\Users\Alan Bangura\AppData\Local\Temp\32c3e555-9e67-44e4-8bb1-d1fadb08d283.tmp.node => moved successfully
C:\Users\Alan Bangura\AppData\Local\Temp\f39c8680-8378-4d0b-93ed-2e682cff9154.tmp.node => moved successfully
C:\Users\Alan Bangura\AppData\Local\Temp\f65444c1-36bf-483b-b98e-307643106291.tmp.node => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{36570B01-FAC6-43F6-8974-48E503E9DD9F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4BB64019-9653-4A0A-987B-0E1BDF70B22C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F8A8A6BB-CA8C-42D6-8761-598D29BA3503}C:\users\alan bangura\appdata\roaming\spotify\spotify.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E4C9D8CC-7F2E-45E3-8770-A5DE93F325EB}C:\users\alan bangura\appdata\roaming\spotify\spotify.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{70334A95-F4E6-46E6-B906-2C4F595D9FBE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{62AB4991-2408-4E1B-BEF3-6B7995D8038C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3F962B55-EAA3-40EE-BFF8-6B69066A48F9}C:\program files\jetbrains\intellij idea community edition 2021.2.3\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{28E594CE-CCA5-4171-8C64-75EE17B8B5B5}C:\program files\jetbrains\intellij idea community edition 2021.2.3\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{01466E29-9EE3-4777-887D-457350ADB126}C:\program files\bitwig studio\4.0.7\bitwig studio.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{375EC8F4-3534-485B-AD50-C22812410C6C}C:\program files\bitwig studio\4.0.7\bitwig studio.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1764229C-21BE-4713-8007-BEF991D61CD8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{03C47A3C-92D5-448E-977B-8B722D1C39AD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7AF951E2-B555-4A93-8E25-7ACCA2B20342}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3345.118\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E9E8F44F-175C-4694-9C60-3B1D82AAEDD0}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3345.118\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{42AC05CA-9338-439C-A41D-22F4AE4F58B9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{793F8A7A-3A7B-4B52-860B-1F11E3684E58}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9C2190F7-4FAE-4B38-B298-4CBA1D7EB86E}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3739.54\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A3122C81-0592-470B-A272-67530DF422F8}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.3739.54\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F9E1CCC5-BC68-4CE4-BD4D-2396ED5B0488}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DBCA2F0A-BFB0-4CAD-9906-966D0C02B056}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CF8B5506-2A45-4608-82E9-40E42E847FC7}C:\users\alan bangura\appdata\local\discord\app-1.0.9006\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{55B17CAE-2FEB-4496-B36D-02B0E951D1E7}C:\users\alan bangura\appdata\local\discord\app-1.0.9006\discord.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{89DC72E9-E8AA-4A5A-8A86-67F2FF109DF2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3F05DBF2-8425-4CFA-A0F0-EC667520B33E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{95C577B6-E3A0-470E-882F-87DD7D0EEADF}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4167.29\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{864D3DBB-08B1-4302-8527-00C3C3B9BF16}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4167.29\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9C8D3B8F-31BC-4C01-AD3F-E21B8E76D0E8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E64ADC00-14BF-4F17-A09F-459429BEADD9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{00E2589D-604A-44A8-81B3-2BD4E4D99002}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4345.14\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E79A18FE-738A-48E5-B3A8-661D40F79010}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\222.4345.14\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CDA97E7D-A631-40F6-A7C5-AF554693B461}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8D89CCDD-0D7D-4896-899E-596C4883A396}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{97B549E9-8DE7-4D6F-A750-A917047AA2EE}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\231.8109.175\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F401EBCD-5273-44BD-A202-052A483F3B21}C:\users\alan bangura\appdata\local\jetbrains\toolbox\apps\idea-c\ch-0\231.8109.175\bin\idea64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D42D9644-CF3E-4452-9290-B009B8145E43}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F9150D4D-44D3-415C-B354-491F12511DBF}" => removed successfully
 
========= sfc /scannow =========
 
 
 
Beginning system scan.  This process will take some time.
 
 
 
Beginning verification phase of system scan.
 
 
Verification 0% complete.
Verification 1% complete.
Verification 1% complete.
Verification 2% complete.
Verification 3% complete.
Verification 3% complete.
Verification 4% complete.
Verification 5% complete.
Verification 5% complete.
Verification 6% complete.
Verification 7% complete.
Verification 7% complete.
Verification 8% complete.
Verification 8% complete.
Verification 9% complete.
Verification 10% complete.
Verification 10% complete.
Verification 11% complete.
Verification 12% complete.
Verification 12% complete.
Verification 13% complete.
Verification 14% complete.
Verification 14% complete.
Verification 15% complete.
Verification 16% complete.
Verification 16% complete.
Verification 17% complete.
Verification 17% complete.
Verification 18% complete.
Verification 19% complete.
Verification 19% complete.
Verification 20% complete.
Verification 21% complete.
Verification 21% complete.
Verification 22% complete.
Verification 23% complete.
Verification 23% complete.
Verification 24% complete.
Verification 25% complete.
Verification 25% complete.
Verification 26% complete.
Verification 26% complete.
Verification 27% complete.
Verification 28% complete.
Verification 28% complete.
Verification 29% complete.
Verification 30% complete.
Verification 30% complete.
Verification 31% complete.
Verification 32% complete.
Verification 32% complete.
Verification 33% complete.
Verification 34% complete.
Verification 34% complete.
Verification 35% complete.
Verification 35% complete.
Verification 36% complete.
Verification 37% complete.
Verification 37% complete.
Verification 38% complete.
Verification 39% complete.
Verification 39% complete.
Verification 40% complete.
Verification 41% complete.
Verification 41% complete.
Verification 42% complete.
Verification 43% complete.
Verification 43% complete.
Verification 44% complete.
Verification 44% complete.
Verification 45% complete.
Verification 46% complete.
Verification 46% complete.
Verification 47% complete.
Verification 48% complete.
Verification 48% complete.
Verification 49% complete.
Verification 50% complete.
Verification 50% complete.
Verification 51% complete.
Verification 52% complete.
Verification 52% complete.
Verification 53% complete.
Verification 53% complete.
Verification 54% complete.
Verification 55% complete.
Verification 55% complete.
Verification 56% complete.
Verification 57% complete.
Verification 57% complete.
Verification 58% complete.
Verification 59% complete.
Verification 59% complete.
Verification 60% complete.
Verification 61% complete.
Verification 61% complete.
Verification 62% complete.
Verification 62% complete.
Verification 63% complete.
Verification 64% complete.
Verification 64% complete.
Verification 65% complete.
Verification 66% complete.
Verification 66% complete.
Verification 67% complete.
Verification 68% complete.
Verification 68% complete.
Verification 69% complete.
Verification 70% complete.
Verification 70% complete.
Verification 71% complete.
Verification 71% complete.
Verification 72% complete.
Verification 73% complete.
Verification 73% complete.
Verification 74% complete.
Verification 75% complete.
Verification 75% complete.
Verification 76% complete.
Verification 77% complete.
Verification 77% complete.
Verification 78% complete.
Verification 78% complete.
Verification 79% complete.
Verification 80% complete.
Verification 80% complete.
Verification 81% complete.
Verification 82% complete.
Verification 82% complete.
Verification 83% complete.
Verification 84% complete.
Verification 84% complete.
Verification 85% complete.
Verification 86% complete.
Verification 86% complete.
Verification 87% complete.
Verification 87% complete.
Verification 88% complete.
Verification 89% complete.
Verification 89% complete.
Verification 90% complete.
Verification 91% complete.
Verification 91% complete.
Verification 92% complete.
Verification 93% complete.
Verification 93% complete.
Verification 94% complete.
Verification 95% complete.
Verification 95% complete.
Verification 96% complete.
Verification 96% complete.
Verification 97% complete.
Verification 98% complete.
Verification 98% complete.
Verification 99% complete.
Verification 100% complete.
 
 
Windows Resource Protection found corrupt files and successfully repaired them.
 
For online repairs, details are included in the CBS log file located at
 
windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log. For offline
 
repairs, details are included in the log file provided by the /OFFLOGFILE flag.
 
 
 
========= End of CMD: =========
 
 
========= DISM /Online /Cleanup-Image /CheckHealth =========
 
 
Deployment Image Servicing and Management tool
Version: 10.0.19041.3636
 
Image Version: 10.0.19045.4291
 
No component store corruption detected.
The operation completed successfully.
 
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 07:15:11 ====


#5 Oh My!

Oh My!

    Adware and Spyware and Malware


  •  Avatar image
  • Malware Response Instructor
  • 57,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:30 PM

Posted 10 April 2024 - 05:30 PM

Thank you for the upload.
 

========================= File: C:\Program Files\Apache Software Foundation\Tomcat 9.0\bin\Tomcat9.exe ========================

C:\Program Files\Apache Software Foundation\Tomcat 9.0\bin\Tomcat9.exe
File is digitally signed
MD5: 1789B4DF0A8AA7AF10981664C26DA137
Creation and modification date: 2022-07-14 08:28 - 2022-07-14 08:28
Size: 000142984
Attributes: ----A
Company Name: The Apache Software Foundation -> Apache Software Foundation
Internal Name: Apache Commons Daemon Service Runner
Original Name: prunsrv.exe
Product: Apache Commons Daemon Service Runner
Description: Apache Commons Daemon Service Runner
File Version: 1.3.1.0
Product Version: 1.3.1.0
Copyright: Copyright © 2000-2022 The Apache Software Foundation.
Virusscan: https://virusscan.jotti.org/filescanjob/1pshk03ia5


The Tomcat9 "detection" is a false positive. The file is legitimate and digitally signed. You can add the file to the Malwarebytes Allow List.

Please do this.

===================================================

Farbar Recovery Scan Tool Fix

--------------------
  • Right click on the FRST64 icon and select Run as administrator
  • Highlight the below information then hit the Ctrl + C keys at the same time and the text will be copied
  • There is no need to paste the information anywhere, FRST64 will do it for you
Start::
CloseProcesses:
RestoreQuarantine: C:\FRST\Quarantine\C\Program Files\Apache Software Foundation\Tomcat 9.0\bin\Tomcat9w.exe.xBAD
End::
  • Click Fix
  • When completed the tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.
  • File included in Allow List?
  • Fixlog

Gary 

Lord, to whom shall we go? You have the words of eternal life. We have come to believe and to know that you are the Holy One of God.

John 6:68-69

#6 Alban1806

Alban1806
  • Topic Starter

  •  Avatar image
  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 10 April 2024 - 09:43 PM

Yes, I added it to the allow list. I don't know if this makes a difference but I added it to the allow list after I did the frst fix.
 
Fix result of Farbar Recovery Scan Tool (x64) Version: 10.04.2024
Ran by Alan Bangura (10-04-2024 22:39:02) Run:2
Running from C:\Users\Alan Bangura\Downloads
Loaded Profiles: Alan Bangura & SQLTELEMETRY$SQLEXPRESS & MSSQL$SQLEXPRESS
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Start::
CloseProcesses:
RestoreQuarantine: C:\FRST\Quarantine\C\Program Files\Apache Software Foundation\Tomcat 9.0\bin\Tomcat9w.exe.xBAD
End::
*****************
 
Processes closed successfully.
RestoreQuarantine: C:\FRST\Quarantine\C\Program Files\Apache Software Foundation\Tomcat 9.0\bin\Tomcat9w.exe.xBAD=> Restoring from Quarantine completed.
 
 
The system needed a reboot.
 
==== End of Fixlog 22:39:03 ====

Edited by Alban1806, 10 April 2024 - 09:44 PM.


#7 Oh My!

Oh My!

    Adware and Spyware and Malware


  •  Avatar image
  • Malware Response Instructor
  • 57,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:30 PM

Posted 11 April 2024 - 07:48 AM

Are you continuing to get notifications regarding Tomcat 9? Are you receiving other notifications other than Tomcat 9?
Gary 

Lord, to whom shall we go? You have the words of eternal life. We have come to believe and to know that you are the Holy One of God.

John 6:68-69

#8 Alban1806

Alban1806
  • Topic Starter

  •  Avatar image
  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 11 April 2024 - 11:47 PM

Yeah, I'm not getting Tomcat 9 anymore but I am getting a block from mysqid.exe

 

Nevermind, I'm still getting the Tomcat 9 warning as well.


Edited by Alban1806, 12 April 2024 - 12:15 AM.


#9 Oh My!

Oh My!

    Adware and Spyware and Malware


  •  Avatar image
  • Malware Response Instructor
  • 57,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:30 PM

Posted 12 April 2024 - 01:29 PM

I think those are False Positives as well.

Please do this.

===================================================

Farbar Recovery Scan Tool Fix

--------------------
  • Right click on the FRST64 icon and select Run as administrator
  • Highlight the below information then hit the Ctrl + C keys at the same time and the text will be copied
  • There is no need to paste the information anywhere, FRST64 will do it for you
Start::
File: C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe
File: C:\Program Files\Apache Software Foundation\Tomcat 9.0\bin\Tomcat9w.exe
End::
  • Click Fix
  • When completed the tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.
  • Fixlog

Gary 

Lord, to whom shall we go? You have the words of eternal life. We have come to believe and to know that you are the Holy One of God.

John 6:68-69

#10 Alban1806

Alban1806
  • Topic Starter

  •  Avatar image
  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:30 AM

Posted 13 April 2024 - 09:40 AM

Fix result of Farbar Recovery Scan Tool (x64) Version: 10.04.2024
Ran by Alan Bangura (13-04-2024 10:39:14) Run:3
Running from C:\Users\Alan Bangura\Downloads
Loaded Profiles: Alan Bangura & SQLTELEMETRY$SQLEXPRESS & MSSQL$SQLEXPRESS
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Start::
File: C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe
File: C:\Program Files\Apache Software Foundation\Tomcat 9.0\bin\Tomcat9w.exe
End::
*****************
 
 
========================= File: C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe ========================
 
C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe
File is digitally signed
MD5: D1E06491942F0CC4017E484D3A7DC18E
Creation and modification date: 2022-07-06 15:58 - 2022-07-06 15:58
Size: 052037776
Attributes: ----A
Company Name: Oracle America, Inc. -> 
Internal Name: 
Original Name: 
Product: 
Description: 
File Version: 8.0.30.0
Product Version: 8.0.30.0
Copyright: 
 
====== End of File: ======
 
 
========================= File: C:\Program Files\Apache Software Foundation\Tomcat 9.0\bin\Tomcat9w.exe ========================
 
C:\Program Files\Apache Software Foundation\Tomcat 9.0\bin\Tomcat9w.exe
File is digitally signed
MD5: C2CA74618B0C12E705EE915E39EDF434
Creation and modification date: 2022-07-14 08:28 - 2022-07-14 08:28
Size: 000126600
Attributes: ----A
Company Name: The Apache Software Foundation -> Apache Software Foundation
Internal Name: Apache Commons Daemon Service Manager
Original Name: prunmgr.exe
Product: Apache Commons Daemon Service Manager
Description: Apache Commons Daemon Service Manager
File Version: 1.3.1.0
Product Version: 1.3.1.0
Copyright: Copyright © 2000-2022 The Apache Software Foundation.
 
====== End of File: ======
 
 
==== End of Fixlog 10:39:39 ====


#11 Oh My!

Oh My!

    Adware and Spyware and Malware


  •  Avatar image
  • Malware Response Instructor
  • 57,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:30 PM

Posted 13 April 2024 - 06:51 PM

As I suspected, False Positive detections. You can add both to the Allow list.


Gary 

Lord, to whom shall we go? You have the words of eternal life. We have come to believe and to know that you are the Holy One of God.

John 6:68-69

#12 Oh My!

Oh My!

    Adware and Spyware and Malware


  •  Avatar image
  • Malware Response Instructor
  • 57,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:30 PM

Posted 17 April 2024 - 09:06 AM

Are you still with me?
Gary 

Lord, to whom shall we go? You have the words of eternal life. We have come to believe and to know that you are the Holy One of God.

John 6:68-69

#13 Oh My!

Oh My!

    Adware and Spyware and Malware


  •  Avatar image
  • Malware Response Instructor
  • 57,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:30 PM

Posted 18 April 2024 - 08:45 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Gary 

Lord, to whom shall we go? You have the words of eternal life. We have come to believe and to know that you are the Holy One of God.

John 6:68-69

#14 Oh My!

Oh My!

    Adware and Spyware and Malware


  •  Avatar image
  • Malware Response Instructor
  • 57,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:30 PM

Posted 18 April 2024 - 07:16 PM

This topic has been re-opened at the request of the person who originally posted.
Gary 

Lord, to whom shall we go? You have the words of eternal life. We have come to believe and to know that you are the Holy One of God.

John 6:68-69

#15 Oh My!

Oh My!

    Adware and Spyware and Malware


  •  Avatar image
  • Malware Response Instructor
  • 57,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:30 PM

Posted 21 April 2024 - 08:17 AM

Though you requested the topic be re-opened you have not replied for 3 days. If you are unable to reply within 24 hours the topic will be permanently closed and you will need to start a new topic when you are available to respond in a more timely fashion.
Gary 

Lord, to whom shall we go? You have the words of eternal life. We have come to believe and to know that you are the Holy One of God.

John 6:68-69




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users