content copied
content
Start::
SystemRestore: On
CreateRestorePoint:
CloseProcesses:
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKU\S-1-5-21-2148353114-3667604608-1560723222-1005\...\Run: [SignalRgb] => "C:\Users\Dillon\AppData\Local\VortxEngine\SignalRgbLauncher.exe" --silent (No File)
HKU\S-1-5-21-2148353114-3667604608-1560723222-1005\...\Run: [MyLiveWallpapers] => "C:\Program Files\MyLiveWallpapers\MyLiveWallpapers.exe" --silent (No File)
Task: {F448EEBF-0202-47A1-95CF-74A024F115AF} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe (No File)
Task: {3CEDD5EA-C678-47DC-964B-6540C9FC3B3A} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\TaskSchedulerTool_ArmourySocketServer.exe (No File)
Task: {47A96288-28EE-4C89-9456-2878671596CD} - System32\Tasks\ASUS\NoiseCancelingEngine => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\MBLedSDK\NoiseCancelingEngine.exe (No File)
Task: {7DC5234E-FD11-4987-8496-BDB0D8E5BA05} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
S3 atvi-hrist_msstore; \??\C:\XboxGames\Call of Duty- Modern Warfare 2\Content\Randgrid.sys (No File)
S3 atvi-sigrun_msstore; \??\C:\Program Files\WindowsApps\38985CA0.MWIIIGame_1.0.11.0_x64_ww_5bkah9njm3e9g\Randgrid.sys (No File)
2025-12-09 09:04 - 2025-12-09 09:04 - 000000048 ____R () C:\Users\Dillon\AppData\Local\2002C02F2143521E73D2959E42A0CA58
2026-04-30 11:06 - 2026-04-30 11:06 - 000000000 ____D C:\ProgramData\5qBNO
2026-04-30 11:06 - 2026-04-30 11:06 - 000000000 ____D C:\ProgramData\f3T17
2026-04-30 11:06 - 2026-04-30 11:06 - 000000000 ____D C:\ProgramData\nNf4K
2026-04-30 11:06 - 2026-04-30 11:06 - 000000000 ____D C:\ProgramData\WGpGn
2026-04-30 11:08 - 2026-04-30 11:08 - 000000000 ____D C:\ProgramData\uFHYK
2026-04-30 11:08 - 2026-04-30 11:08 - 000000000 ____D C:\ProgramData\wk5hI
2026-04-30 11:09 - 2026-04-30 11:09 - 000000000 ____D C:\ProgramData\kOFVV
2026-04-30 11:09 - 2026-04-30 11:09 - 000000000 ____D C:\ProgramData\TvjIP
2026-04-30 11:15 - 2026-04-30 11:15 - 000000000 ____D C:\ProgramData\hHDYd
2026-04-30 11:11 - 2026-04-30 11:11 - 000000000 ____D C:\ProgramData\v0LHt
2026-04-30 11:14 - 2026-04-30 11:14 - 000000000 ____D C:\ProgramData\wGWEH
2026-04-30 11:15 - 2026-04-30 11:15 - 000000000 ____D C:\ProgramData\rKa3v
2026-04-30 11:15 - 2026-04-30 11:15 - 000000000 ____D C:\ProgramData\VXRlF
AlternateDataStreams: C:\Users\Dillon\Downloads\Spotify - Music and Podcasts Installer.exe:MBAM.Zone.Identifier [122]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [6808]
FirewallRules: [TCP Query User{7942FA15-F4BD-4017-8BFD-C7D6853E4983}C:\users\dillon\desktop\games\bmx.streets.v1.0.0.137.0\bmx.streets.v1.0.0.137.0\bmx streets.exe] => (Allow) C:\users\dillon\desktop\games\bmx.streets.v1.0.0.137.0\bmx.streets.v1.0.0.137.0\bmx streets.exe => No File
FirewallRules: [UDP Query User{9BF5D2C0-0913-4ABF-BAAA-73CAB2BA7E05}C:\users\dillon\desktop\games\bmx.streets.v1.0.0.137.0\bmx.streets.v1.0.0.137.0\bmx streets.exe] => (Allow) C:\users\dillon\desktop\games\bmx.streets.v1.0.0.137.0\bmx.streets.v1.0.0.137.0\bmx streets.exe => No File
FirewallRules: [TCP Query User{56FE498E-F02E-4DCE-8453-092D155EF6F3}C:\users\dillon\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe] => (Allow) C:\users\dillon\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe => No File
FirewallRules: [UDP Query User{952CB968-56BF-4920-B328-C65AF888A6A3}C:\users\dillon\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe] => (Allow) C:\users\dillon\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe => No File
FirewallRules: [{CCF72A8F-C7E6-4683-B48D-8441AF913077}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark Demo\bin\x64\3DMark.exe => No File
FirewallRules: [{FB69BCE9-D2A8-47C2-9B00-845042983DE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark Demo\bin\x64\3DMark.exe => No File
FirewallRules: [TCP Query User{1AACBA3E-95DE-4DCA-8C13-F0581E523638}C:\users\dillon\desktop\games\bmx.streets.v1.0.0.137.0\bmx.streets.v1.0.0.137.0\bmx.streets.v1.0.0.137.0\bmx streets.exe] => (Allow) C:\users\dillon\desktop\games\bmx.streets.v1.0.0.137.0\bmx.streets.v1.0.0.137.0\bmx.streets.v1.0.0.137.0\bmx streets.exe => No File
FirewallRules: [UDP Query User{1121994D-52F4-4AC6-9ACB-A319822FB159}C:\users\dillon\desktop\games\bmx.streets.v1.0.0.137.0\bmx.streets.v1.0.0.137.0\bmx.streets.v1.0.0.137.0\bmx streets.exe] => (Allow) C:\users\dillon\desktop\games\bmx.streets.v1.0.0.137.0\bmx.streets.v1.0.0.137.0\bmx.streets.v1.0.0.137.0\bmx streets.exe => No File
FirewallRules: [TCP Query User{EEAEB3A2-6744-4A2B-9486-7EBA5EFA2173}C:\xboxgames\void-breaker\content\voidbreaker\binaries\wingdk\voidbreaker-wingdk-shipping.exe] => (Allow) C:\xboxgames\void-breaker\content\voidbreaker\binaries\wingdk\voidbreaker-wingdk-shipping.exe => No File
FirewallRules: [UDP Query User{6E30B1EC-5561-4518-9ED8-41644E1C3CCC}C:\xboxgames\void-breaker\content\voidbreaker\binaries\wingdk\voidbreaker-wingdk-shipping.exe] => (Allow) C:\xboxgames\void-breaker\content\voidbreaker\binaries\wingdk\voidbreaker-wingdk-shipping.exe => No File
FirewallRules: [TCP Query User{529A6489-9CDA-4C73-B1E7-9B7973497B6A}C:\users\dillon\desktop\games\resident-evil-village-steamrip.com\resident evil village biohazard village\re village.exe] => (Block) C:\users\dillon\desktop\games\resident-evil-village-steamrip.com\resident evil village biohazard village\re village.exe => No File
FirewallRules: [UDP Query User{564F25FF-AFFD-463B-9A8B-FE620648E02B}C:\users\dillon\desktop\games\resident-evil-village-steamrip.com\resident evil village biohazard village\re village.exe] => (Block) C:\users\dillon\desktop\games\resident-evil-village-steamrip.com\resident evil village biohazard village\re village.exe => No File
FirewallRules: [TCP Query User{C336229B-C0AF-496E-AEC6-673E379DDB54}C:\users\dillon\downloads\games\resident-evil-village-steamrip.com\resident evil village biohazard village\re village.exe] => (Allow) C:\users\dillon\downloads\games\resident-evil-village-steamrip.com\resident evil village biohazard village\re village.exe => No File
FirewallRules: [UDP Query User{7D5B5E19-300B-4120-A5F5-0013F81AACB3}C:\users\dillon\downloads\games\resident-evil-village-steamrip.com\resident evil village biohazard village\re village.exe] => (Allow) C:\users\dillon\downloads\games\resident-evil-village-steamrip.com\resident evil village biohazard village\re village.exe => No File
FirewallRules: [TCP Query User{E59BBEC5-A02B-49A0-A226-396FE8C0709A}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{143654C3-E8B5-4830-B966-75BFCB9D32DD}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [TCP Query User{B97FF09E-EBC3-4C97-ACBE-AF56D9250CB6}C:\users\dillon\downloads\games\cod-bo-ii-steamrip.com\call of duty black ops ii\t6sp.exe] => (Allow) C:\users\dillon\downloads\games\cod-bo-ii-steamrip.com\call of duty black ops ii\t6sp.exe => No File
FirewallRules: [UDP Query User{05AEFD1D-DC2C-43A3-A892-0D7100CB7CE8}C:\users\dillon\downloads\games\cod-bo-ii-steamrip.com\call of duty black ops ii\t6sp.exe] => (Allow) C:\users\dillon\downloads\games\cod-bo-ii-steamrip.com\call of duty black ops ii\t6sp.exe => No File
FirewallRules: [TCP Query User{84F3141F-BCD8-47AE-8C0B-395FADD968B3}C:\users\dillon\downloads\games\callofduty-blackops2\call of duty - black ops 2\t6sp.exe] => (Allow) C:\users\dillon\downloads\games\callofduty-blackops2\call of duty - black ops 2\t6sp.exe => No File
FirewallRules: [UDP Query User{5403D194-2A7F-49AB-AF27-1CE734BCE6A6}C:\users\dillon\downloads\games\callofduty-blackops2\call of duty - black ops 2\t6sp.exe] => (Allow) C:\users\dillon\downloads\games\callofduty-blackops2\call of duty - black ops 2\t6sp.exe => No File
FirewallRules: [TCP Query User{A0BE40B4-2D46-4270-BFFB-4B5ED5603AC5}C:\xboxgames\fortnite\content\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\xboxgames\fortnite\content\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{1AD6B0E7-C035-4D3C-846F-370F841EBA8C}C:\xboxgames\fortnite\content\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\xboxgames\fortnite\content\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [TCP Query User{1972D5FC-0074-4A2A-8DBA-8A62274E26FB}C:\program files (x86)\steam\steamapps\common\super meat boy 3d demo\smb\binaries\win64\smb-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\super meat boy 3d demo\smb\binaries\win64\smb-win64-shipping.exe => No File
FirewallRules: [UDP Query User{5F885A53-0EB8-4E98-8CAD-C34FD755B92B}C:\program files (x86)\steam\steamapps\common\super meat boy 3d demo\smb\binaries\win64\smb-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\super meat boy 3d demo\smb\binaries\win64\smb-win64-shipping.exe => No File
FirewallRules: [TCP Query User{469293CA-889E-42E4-A300-BF6F7B1AA9B8}C:\xboxgames\clair obscur- expedition 33\content\sandfall\binaries\wingdk\sandfall-wingdk-shipping.exe] => (Allow) C:\xboxgames\clair obscur- expedition 33\content\sandfall\binaries\wingdk\sandfall-wingdk-shipping.exe => No File
FirewallRules: [UDP Query User{1E40A564-5A13-44BF-AEA1-9491D1FCE3D7}C:\xboxgames\clair obscur- expedition 33\content\sandfall\binaries\wingdk\sandfall-wingdk-shipping.exe] => (Allow) C:\xboxgames\clair obscur- expedition 33\content\sandfall\binaries\wingdk\sandfall-wingdk-shipping.exe => No File
FirewallRules: [TCP Query User{74CED51A-9634-40E3-BB64-7085D2A3B07F}C:\xboxgames\vampire survivors\content\vampiresurvivors.exe] => (Allow) C:\xboxgames\vampire survivors\content\vampiresurvivors.exe => No File
FirewallRules: [UDP Query User{4F15672A-8A78-42F1-BD80-039629D1612A}C:\xboxgames\vampire survivors\content\vampiresurvivors.exe] => (Allow) C:\xboxgames\vampire survivors\content\vampiresurvivors.exe => No File
FirewallRules: [TCP Query User{F81C3B3C-72CB-4041-B891-A4FF8F9E9783}C:\xboxgames\neon abyss\content\neonabyss.exe] => (Allow) C:\xboxgames\neon abyss\content\neonabyss.exe => No File
FirewallRules: [UDP Query User{2CB1DA3E-C60E-436F-9F4F-CCD267B2D3BD}C:\xboxgames\neon abyss\content\neonabyss.exe] => (Allow) C:\xboxgames\neon abyss\content\neonabyss.exe => No File
FirewallRules: [{57472241-200E-4954-BDD1-1BD166D8AD74}] => (Allow) C:\Users\Dillon\AppData\Local\Soulframe\Downloaded\Public\Tools\Launcher.exe => No File
FirewallRules: [{CB5F98CB-9457-4A04-83E0-BD9E1AE3AEF5}] => (Allow) C:\Users\Dillon\Downloads\Soulframe\Downloaded\Public\Soulframe.x64.exe => No File
FirewallRules: [{5B626863-4214-4C20-B835-EC0B05EE6DB2}] => (Allow) C:\Users\Dillon\Downloads\Soulframe\Downloaded\Public\Soulframe.x64.exe => No File
FirewallRules: [{72EAB88A-98D4-4C14-A38E-55EC0F13240F}] => (Allow) C:\Users\Dillon\AppData\Local\Soulframe\Downloaded\Public\Tools\RemoteCrashSender.exe => No File
FirewallRules: [{9D4C9491-3418-4618-BBD9-71E9CE728A97}] => (Allow) C:\Users\Dillon\AppData\Local\Soulframe\Downloaded\Public\Tools\Launcher.exe => No File
FirewallRules: [{E44C165B-4266-4442-B17C-1E9F2EB0261B}] => (Allow) C:\Users\Dillon\Downloads\Soulframe\Downloaded\Public\Soulframe.x64.exe => No File
FirewallRules: [{F322F3DC-B290-451C-B520-A2C5DD887318}] => (Allow) C:\Users\Dillon\Downloads\Soulframe\Downloaded\Public\Soulframe.x64.exe => No File
FirewallRules: [{17B1C11F-D7AA-4457-9407-399699010B58}] => (Allow) C:\Users\Dillon\AppData\Local\Soulframe\Downloaded\Public\Tools\RemoteCrashSender.exe => No File
FirewallRules: [{98C06EC0-554B-4321-BBC8-4CC09D1EEE23}] => (Allow) C:\Program Files\GIGABYTE\Control Center\GCC.exe => No File
FirewallRules: [{84E627AA-5EA3-40CB-B9ED-014924EB6441}] => (Allow) C:\Users\Dillon\AppData\Local\Temp\ACFL20251220093847\ACSetup\ACSetup.exe => No File
FirewallRules: [{C7E00746-3171-4071-A513-F1CDEF4B8910}] => (Allow) C:\Users\Dillon\AppData\Local\Temp\ACFL20251220093847\ACSetup\ACSetup.exe => No File
FirewallRules: [{648DC5CF-5404-44A6-B1CD-AB3FB5C922D1}] => (Allow) C:\Users\Dillon\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe => No File
FirewallRules: [{17833CB4-1BA4-4E11-A204-847A9BBE33CB}] => (Allow) C:\Users\Dillon\AppData\Local\Temp\ACFL\ACSetup\ACSetup.exe => No File
FirewallRules: [{B5459BA8-39C1-4CCC-9A74-BF4228D58EC5}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe => No File
FirewallRules: [{7C962786-4E84-408D-95BA-71ACC471480E}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe => No File
FirewallRules: [{74F2F955-55B2-488E-A09E-AAB5B2EDEADC}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe => No File
FirewallRules: [TCP Query User{8C2E71A2-6C32-4CDB-90D8-5F2D25595E31}C:\users\dillon\downloads\games\spider-man-r-steamrip.com\marvels spider-man remastered\spider-man.exe] => (Allow) C:\users\dillon\downloads\games\spider-man-r-steamrip.com\marvels spider-man remastered\spider-man.exe => No File
FirewallRules: [UDP Query User{B13B2768-D4BE-4F6B-97B1-10FA69753344}C:\users\dillon\downloads\games\spider-man-r-steamrip.com\marvels spider-man remastered\spider-man.exe] => (Allow) C:\users\dillon\downloads\games\spider-man-r-steamrip.com\marvels spider-man remastered\spider-man.exe => No File
FirewallRules: [TCP Query User{60A243A3-1249-44BD-BB46-920AB0462E79}C:\xboxgames\mortal kombat- 1\content\mk12\binaries\wingdk\mk12.exe] => (Allow) C:\xboxgames\mortal kombat- 1\content\mk12\binaries\wingdk\mk12.exe => No File
FirewallRules: [UDP Query User{F6A34B04-E67B-472F-9EB9-9CE6BC855EA1}C:\xboxgames\mortal kombat- 1\content\mk12\binaries\wingdk\mk12.exe] => (Allow) C:\xboxgames\mortal kombat- 1\content\mk12\binaries\wingdk\mk12.exe => No File
FirewallRules: [{8e315394-85e5-4b10-acf8-8ef7c9d6edc6}] => (Allow) C:\Program Files\ldplayerbox\LdVBoxHeadless.exe => No File
FirewallRules: [{8e87d62d-13e1-4baa-921e-68f4ecf5e703}] => (Allow) C:\Program Files\ldplayerbox\LdVBoxHeadless.exe => No File
FirewallRules: [{b3618256-f8f8-4934-a75b-83a98fef2686}] => (Allow) C:\Program Files\ldplayerbox\LdVBoxHeadless.exe => No File
FirewallRules: [TCP Query User{849171EE-3AFD-46E4-B157-BA92DC89AC8F}C:\xboxgames\high on life 2\content\highonlife2\binaries\wingdk\highonlife2-wingdk-shipping.exe] => (Allow) C:\xboxgames\high on life 2\content\highonlife2\binaries\wingdk\highonlife2-wingdk-shipping.exe => No File
FirewallRules: [UDP Query User{2A56E549-CC34-4AD3-8489-8ADF8AB537EE}C:\xboxgames\high on life 2\content\highonlife2\binaries\wingdk\highonlife2-wingdk-shipping.exe] => (Allow) C:\xboxgames\high on life 2\content\highonlife2\binaries\wingdk\highonlife2-wingdk-shipping.exe => No File
FirewallRules: [TCP Query User{C804931A-21CC-4C2A-ACFE-C555D24F80A8}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe => No File
FirewallRules: [UDP Query User{289177DF-AE40-400A-8E17-ABEC8A438694}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe => No File
FirewallRules: [TCP Query User{0B7EDD28-49B5-471D-9100-2264F052F690}C:\xboxgames\call of duty- modern warfare 2\content\cod22-cod.exe] => (Allow) C:\xboxgames\call of duty- modern warfare 2\content\cod22-cod.exe => No File
FirewallRules: [UDP Query User{0013EE29-C395-414B-B2A7-1C7469B2A34F}C:\xboxgames\call of duty- modern warfare 2\content\cod22-cod.exe] => (Allow) C:\xboxgames\call of duty- modern warfare 2\content\cod22-cod.exe => No File
FirewallRules: [TCP Query User{79AF332E-F9B8-431E-9CDF-D325F4AA100A}C:\users\dillon\downloads\call of duty black ops ii\t6zm - zombies offline.exe] => (Allow) C:\users\dillon\downloads\call of duty black ops ii\t6zm - zombies offline.exe => No File
FirewallRules: [UDP Query User{1CD3D233-8856-44D9-8B37-29965753A22B}C:\users\dillon\downloads\call of duty black ops ii\t6zm - zombies offline.exe] => (Allow) C:\users\dillon\downloads\call of duty black ops ii\t6zm - zombies offline.exe => No File
FirewallRules: [TCP Query User{6D92C660-C957-448D-B685-F84D1E1CAFAC}C:\users\dillon\downloads\call of duty black ops ii\t6mp - multiplayer offline.exe] => (Allow) C:\users\dillon\downloads\call of duty black ops ii\t6mp - multiplayer offline.exe => No File
FirewallRules: [{3392DE83-0501-4E02-9611-6FA2883D79A1}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => No File
FirewallRules: [TCP Query User{7DD104F6-F193-4DAD-B27C-C5DA123DE029}C:\users\dillon\downloads\games\mwr_game_files\hmw-mod.exe] => (Allow) C:\users\dillon\downloads\games\mwr_game_files\hmw-mod.exe => No File
FirewallRules: [UDP Query User{B99EBEC8-B5FB-4533-8101-319B7FFB38A6}C:\users\dillon\downloads\games\mwr_game_files\hmw-mod.exe] => (Allow) C:\users\dillon\downloads\games\mwr_game_files\hmw-mod.exe => No File
FirewallRules: [TCP Query User{213A5A7F-FEFA-4DDF-9B82-F99BE3D100B5}C:\users\dillon\downloads\games\mw2_game_files\iw4x.exe] => (Allow) C:\users\dillon\downloads\games\mw2_game_files\iw4x.exe => No File
FirewallRules: [UDP Query User{F9E2BA3C-A140-43B5-8211-D103A3223D65}C:\users\dillon\downloads\games\mw2_game_files\iw4x.exe] => (Allow) C:\users\dillon\downloads\games\mw2_game_files\iw4x.exe => No File
FirewallRules: [TCP Query User{863B52C2-AEB4-4AD1-82AE-506FC6223A62}C:\users\dillon\downloads\games\bo3_game_files\boiii.exe] => (Allow) C:\users\dillon\downloads\games\bo3_game_files\boiii.exe => No File
FirewallRules: [UDP Query User{08193855-7476-4D8F-8D09-778DEA232487}C:\users\dillon\downloads\games\bo3_game_files\boiii.exe] => (Allow) C:\users\dillon\downloads\games\bo3_game_files\boiii.exe => No File
FirewallRules: [TCP Query User{A1999D4B-661E-4163-83F2-7BFB640F267D}C:\xboxgames\super meat boy 3d\content\smb\binaries\wingdk\smb-wingdk-shipping.exe] => (Allow) C:\xboxgames\super meat boy 3d\content\smb\binaries\wingdk\smb-wingdk-shipping.exe => No File
FirewallRules: [UDP Query User{80495D89-9903-4222-8AA9-329646DE1835}C:\xboxgames\super meat boy 3d\content\smb\binaries\wingdk\smb-wingdk-shipping.exe] => (Allow) C:\xboxgames\super meat boy 3d\content\smb\binaries\wingdk\smb-wingdk-shipping.exe => No File
FirewallRules: [TCP Query User{2882E304-A4D1-4293-B8D4-0A1B90A9FE84}C:\program files (x86)\steam\steamapps\common\生死狙击2\client\hallclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\生死狙击2\client\hallclient.exe => No File
FirewallRules: [UDP Query User{39746113-341C-4540-9685-CE44E1428DEC}C:\program files (x86)\steam\steamapps\common\生死狙击2\client\hallclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\生死狙击2\client\hallclient.exe => No File
StartPowershell:
Try {
$Paths=(Get-MpPreference).ExclusionPath
$Extensions=(Get-MpPreference).ExclusionExtension
$Processes=(Get-MpPreference).ExclusionProcess
foreach ($Path in $Paths) {
Remove-MpPreference -ExclusionPath $Path -force -ErrorAction Stop
}
foreach ($Extension in $Extensions) {
Remove-MpPreference -ExclusionExtension $Extension -force -ErrorAction Stop
}
foreach ($Process in $Processes) {
Remove-MpPreference -ExclusionProcess $Process -force -ErrorAction Stop
}
}
Catch {
Write-Error "Error occurred while removing Windows Defender exclusions: $_"
}
EndPowershell:
StartPowerShell:
# Downloads newest AdwCleaner version directly from Malwarebytes, performs an update, scans, cleans and writes the log in console
# Does not clean preinstalled objects, only PUP/Adware
# If you would like to delete preinstalled objects, add an argument /preinstalled to the /clean argument
# If you would like to only scan with it, change the argument from /clean to /scan
New-Item -ItemType Directory -Force -Path "$env:SystemDrive\AdwCleaner" | Out-Null
Invoke-WebRequest -Uri "https://adwcleaner.malwarebytes.com/adwcleaner?channel=release" -OutFile "$env:SystemDrive\AdwCleaner\AdwCleanerFRST.exe"
Start-Process -FilePath "$env:SystemDrive\AdwCleaner\AdwCleanerFRST.exe" -ArgumentList "/eula" -Wait -WindowStyle Hidden
$logFile = "$env:SystemDrive\AdwCleaner\AdwCleanerOutputFRST.txt"
Start-Process -FilePath "$env:SystemDrive\AdwCleaner\AdwCleanerFRST.exe" -ArgumentList "/noreboot /clean" -Wait -WindowStyle Hidden -RedirectStandardOutput $logFile
Get-Content $logFile -Encoding Unicode
Remove-Item -Path $logFile -Force -ErrorAction SilentlyContinue
EndPowerShell:
StartPowershell:
# Replace /scanonly with /clean if you also want to delete items -- however, this will activate a trial license on the system, I do not recommend it
$hmpExe = "$env:TEMP\HitmanPro_x64.exe"
$logFile = "$env:TEMP\HitmanPro_ScanLog.txt"
Invoke-WebRequest -Uri "https://dl.surfright.nl/HitmanPro_x64.exe" -OutFile $hmpExe -UseBasicParsing
$proc = Start-Process $hmpExe -ArgumentList "/ews","/scanonly","/noinstall","/log=`"$logFile`"","/logtype=txt" -Wait -PassThru
if (!(Test-Path $logFile)) { Write-Host "Scan failed (exit $($proc.ExitCode))"; exit 1 }
Get-Content $logFile -Encoding Unicode
EndPowershell:
StartPowerShell:
# This snippet downloads Emsisoft Emergency Kit (EEK) from the Emsisoft's official site, updates it, scans with it.
# Do note that the executable is 300MB and may take some time to download.
# ---
# This will scan for malware and PUP's in 1) system memory 2) important folders as documentation says
# It will scan in compressed archives, in mail archives, in NTFS alternate data streams and use cloud requests
# ---
# You can use argument "/delete" to delete found objects including references but this is permanent and irreversible.
# You can remove the "/quick" argument to do a full scan but that may take longer than what FRST can handle.
# You can use argument "/quarantine="[folder]"" to put found malware into quarantine, but I personally prefer first verifying the detections.
$downloadUrl = "https://dl.emsisoft.com/EmsisoftEmergencyKit.exe"
$systemDrive = $env:SystemDrive
$frstPath = "$systemDrive\FRST"
$savePath = "$frstPath\EEK.exe"
$extractPath = "$frstPath\EEK"
if (-not (Test-Path $frstPath)) {
New-Item -Path $frstPath -ItemType Directory -Force | Out-Null
}
if (-not (Test-Path $extractPath)) {
New-Item -Path $extractPath -ItemType Directory -Force | Out-Null
}
Invoke-WebRequest -Uri $downloadUrl -OutFile $savePath -UseBasicParsing
$proc = Start-Process -FilePath $savePath -ArgumentList "-s -d`"$extractPath`"" -PassThru
while (-not (Test-Path "$extractPath\bin64\a2cmd.exe")) { Start-Sleep -Milliseconds 1000 }
Stop-Process -Id $proc.Id -Force -ErrorAction SilentlyContinue
if ([Environment]::Is64BitOperatingSystem) {
$a2cmdPath = Join-Path $extractPath "bin64\a2cmd.exe"
} else {
$a2cmdPath = Join-Path $extractPath "bin32\a2cmd.exe"
}
Start-Process -FilePath $a2cmdPath -ArgumentList "/update" -Wait -NoNewWindow
Start-Process -FilePath $a2cmdPath -ArgumentList "/malware /quick /m /t /pup /a /am /cloud=1 /la=`"$frstPath\EEK_scan.log`"" -Wait -NoNewWindow
Get-Content "$frstPath\EEK_scan.log"
exit
EndPowerShell:
CMD: netsh int ip reset
CMD: netsh int ipv6 reset
CMD: ipconfig /flushDNS
CMD: netsh winsock reset catalog
C:\Users\CurrentUserName\AppData\Local\Temp\*
C:\Windows\Temp\*
cmd: DISM.exe /Online /Cleanup-image /Restorehealth
cmd: sfc /scannow
EmptyTemp:
End::
Warning
Executing a Fixlist on the wrong system may permanently damage it. Continue only if this link was meant for you.
To view the content, acknowledge this warning.