Fix result of Farbar Recovery Scan Tool (x64) Version: 24-07-2023 Ran by nickj (25-07-2023 17:40:51) Run:3 Running from C:\Users\nickj\Downloads Loaded Profiles: nickj Boot Mode: Normal ============================================== fixlist content: ***************** Start:: CreateRestorePoint: CloseProcesses: Avast Update Helper KMSauto.net AlternateDataStreams: C:\Users\nickj\Downloads\FRST64.exe:MBAM.Zone.Identifier [240] AlternateDataStreams: C:\Users\nickj\Downloads\qbittorrent_4.5.4_x64_setup.exe:MBAM.Zone.Identifier [345] SearchScopes: HKU\S-1-5-21-3323940460-2476448031-453550397-1001 -> DefaultScope {14ECC650-FB7D-4468-9C7B-EFDF1604F122} URL = SearchScopes: HKU\S-1-5-21-3323940460-2476448031-453550397-1001 -> {14ECC650-FB7D-4468-9C7B-EFDF1604F122} URL = FirewallRules: [TCP Query User{FEEB2D5F-DC2C-4609-B06B-356E7F980498}C:\program files\crash bandicoot 4\lava\binaries\win64\lava-win64-shipping.exe] => (Block) C:\program files\crash bandicoot 4\lava\binaries\win64\lava-win64-shipping.exe => No File FirewallRules: [UDP Query User{3287EF43-A6A0-45C9-83D8-AD2928A1647D}C:\program files\crash bandicoot 4\lava\binaries\win64\lava-win64-shipping.exe] => (Block) C:\program files\crash bandicoot 4\lava\binaries\win64\lava-win64-shipping.exe => No File FirewallRules: [TCP Query User{8076FD9E-B2EF-401B-ADAF-1D6039B7B9BF}C:\games\forza horizon 5\forzahorizon5.exe] => (Block) C:\games\forza horizon 5\forzahorizon5.exe => No File FirewallRules: [UDP Query User{E7A843F2-FA24-4182-9D3D-EC6F420A8E85}C:\games\forza horizon 5\forzahorizon5.exe] => (Block) C:\games\forza horizon 5\forzahorizon5.exe => No File FirewallRules: [TCP Query User{4B4B6A38-938A-4625-A48C-E8C32AA3974F}C:\games\high on life\oregon\binaries\win64\oregon-win64-shipping.exe] => (Block) C:\games\high on life\oregon\binaries\win64\oregon-win64-shipping.exe => No File FirewallRules: [UDP Query User{86A0F6DB-BCDD-4D89-AC4C-6638E4799974}C:\games\high on life\oregon\binaries\win64\oregon-win64-shipping.exe] => (Block) C:\games\high on life\oregon\binaries\win64\oregon-win64-shipping.exe => No File FirewallRules: [TCP Query User{04190364-BA01-4627-9A0F-DB287FE3B6AB}C:\games\uncharted legacy of thieves collection\u4.exe] => (Block) C:\games\uncharted legacy of thieves collection\u4.exe => No File FirewallRules: [UDP Query User{78EBC815-FF6F-4CE9-A610-D0DF26C4DC03}C:\games\uncharted legacy of thieves collection\u4.exe] => (Block) C:\games\uncharted legacy of thieves collection\u4.exe => No File FirewallRules: [TCP Query User{62B8AFE6-F87B-411D-BFEE-F7860EB71BC4}C:\games\uncharted legacy of thieves collection\tll.exe] => (Block) C:\games\uncharted legacy of thieves collection\tll.exe => No File FirewallRules: [UDP Query User{BBB87BF5-80A2-4BDB-8C60-8680125625F5}C:\games\uncharted legacy of thieves collection\tll.exe] => (Block) C:\games\uncharted legacy of thieves collection\tll.exe => No File FirewallRules: [{DAD69663-5FA3-4383-97A8-DB6E2245BB22}] => (Allow) C:\Users\nickj\AppData\Local\Temp\bittorrent\bittorrent.exe => No File FirewallRules: [{56E8915E-022F-4CA8-AD75-73020FBAAC2F}] => (Allow) C:\Users\nickj\AppData\Local\Temp\bittorrent\bittorrent.exe => No File FirewallRules: [TCP Query User{99471572-42C8-490B-8054-D35AFB32B455}C:\program files\epic games\dishonoredde\binaries\win64\dishonored.exe] => (Block) C:\program files\epic games\dishonoredde\binaries\win64\dishonored.exe => No File FirewallRules: [UDP Query User{00770ABA-2F8D-4F37-B9DB-EA87E6587563}C:\program files\epic games\dishonoredde\binaries\win64\dishonored.exe] => (Block) C:\program files\epic games\dishonoredde\binaries\win64\dishonored.exe => No File FirewallRules: [TCP Query User{337EEB91-4751-4516-AD9A-81DC53015B97}C:\program files (x86)\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Block) C:\program files (x86)\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File FirewallRules: [UDP Query User{962F4A5E-8BA6-474A-980B-E42E542CE970}C:\program files (x86)\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Block) C:\program files (x86)\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File FirewallRules: [TCP Query User{3764C577-0754-456B-AF55-9A16C80AD207}C:\games\uncharted legacy of thieves collection\u4.exe] => (Block) C:\games\uncharted legacy of thieves collection\u4.exe => No File FirewallRules: [UDP Query User{7D7B4A52-2F62-4809-A7D0-3F0D40A17226}C:\games\uncharted legacy of thieves collection\u4.exe] => (Block) C:\games\uncharted legacy of thieves collection\u4.exe => No File FirewallRules: [TCP Query User{0A8FEF57-5531-4274-A7C2-EAFA218ACCAD}C:\program files (x86)\resident evil village\re8.exe] => (Block) C:\program files (x86)\resident evil village\re8.exe => No File FirewallRules: [UDP Query User{80AB1596-23F8-4620-97D6-22B564E844B7}C:\program files (x86)\resident evil village\re8.exe] => (Block) C:\program files (x86)\resident evil village\re8.exe => No File FirewallRules: [TCP Query User{AFEB39A1-1B45-4CD1-9568-536E3A4ADE81}C:\program files (x86)\dodi-repacks\gears of war\binaries\wargame-g4wlive.exe] => (Allow) C:\program files (x86)\dodi-repacks\gears of war\binaries\wargame-g4wlive.exe => No File FirewallRules: [UDP Query User{E65BFA3D-EC0D-491D-B6F9-A156EB5325E7}C:\program files (x86)\dodi-repacks\gears of war\binaries\wargame-g4wlive.exe] => (Allow) C:\program files (x86)\dodi-repacks\gears of war\binaries\wargame-g4wlive.exe => No File FirewallRules: [TCP Query User{56FD0082-4D99-4E2B-BFE8-3E91719D7E44}C:\program files\epic games\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) C:\program files\epic games\borderlands3\oakgame\binaries\win64\borderlands3.exe => No File FirewallRules: [UDP Query User{C569A908-A55F-465D-8D1B-887CBC41ABF3}C:\program files\epic games\borderlands3\oakgame\binaries\win64\borderlands3.exe] => (Allow) C:\program files\epic games\borderlands3\oakgame\binaries\win64\borderlands3.exe => No File FirewallRules: [{05E8E406-1518-411C-9301-5811937EEBFD}] => (Block) C:\program files\epic games\borderlands3\oakgame\binaries\win64\borderlands3.exe => No File FirewallRules: [{C31903D8-C842-4C48-B987-65CA4433823F}] => (Block) C:\program files\epic games\borderlands3\oakgame\binaries\win64\borderlands3.exe => No File FirewallRules: [TCP Query User{54DD189E-7520-4549-B6A8-CA7155C34905}C:\program files (x86)\dodi-repacks\just cause 4\justcause4.exe] => (Block) C:\program files (x86)\dodi-repacks\just cause 4\justcause4.exe => No File FirewallRules: [UDP Query User{F7A80BFE-D9E4-4F5A-89FD-42DBBE02C43D}C:\program files (x86)\dodi-repacks\just cause 4\justcause4.exe] => (Block) C:\program files (x86)\dodi-repacks\just cause 4\justcause4.exe => No File HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION EmptyTemp: Reboot: End:: ***************** Restore point was successfully created. Processes closed successfully. Avast Update Helper => Error: No automatic fix found for this entry. KMSauto.net => Error: No automatic fix found for this entry. "C:\Users\nickj\Downloads\FRST64.exe" => ":MBAM.Zone.Identifier" ADS not found. C:\Users\nickj\Downloads\qbittorrent_4.5.4_x64_setup.exe => ":MBAM.Zone.Identifier" ADS removed successfully "HKU\S-1-5-21-3323940460-2476448031-453550397-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully HKU\S-1-5-21-3323940460-2476448031-453550397-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{14ECC650-FB7D-4468-9C7B-EFDF1604F122} => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FEEB2D5F-DC2C-4609-B06B-356E7F980498}C:\program files\crash bandicoot 4\lava\binaries\win64\lava-win64-shipping.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3287EF43-A6A0-45C9-83D8-AD2928A1647D}C:\program files\crash bandicoot 4\lava\binaries\win64\lava-win64-shipping.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8076FD9E-B2EF-401B-ADAF-1D6039B7B9BF}C:\games\forza horizon 5\forzahorizon5.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E7A843F2-FA24-4182-9D3D-EC6F420A8E85}C:\games\forza horizon 5\forzahorizon5.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4B4B6A38-938A-4625-A48C-E8C32AA3974F}C:\games\high on life\oregon\binaries\win64\oregon-win64-shipping.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{86A0F6DB-BCDD-4D89-AC4C-6638E4799974}C:\games\high on life\oregon\binaries\win64\oregon-win64-shipping.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{04190364-BA01-4627-9A0F-DB287FE3B6AB}C:\games\uncharted legacy of thieves collection\u4.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{78EBC815-FF6F-4CE9-A610-D0DF26C4DC03}C:\games\uncharted legacy of thieves collection\u4.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{62B8AFE6-F87B-411D-BFEE-F7860EB71BC4}C:\games\uncharted legacy of thieves collection\tll.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BBB87BF5-80A2-4BDB-8C60-8680125625F5}C:\games\uncharted legacy of thieves collection\tll.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DAD69663-5FA3-4383-97A8-DB6E2245BB22}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{56E8915E-022F-4CA8-AD75-73020FBAAC2F}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{99471572-42C8-490B-8054-D35AFB32B455}C:\program files\epic games\dishonoredde\binaries\win64\dishonored.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{00770ABA-2F8D-4F37-B9DB-EA87E6587563}C:\program files\epic games\dishonoredde\binaries\win64\dishonored.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{337EEB91-4751-4516-AD9A-81DC53015B97}C:\program files (x86)\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{962F4A5E-8BA6-474A-980B-E42E542CE970}C:\program files (x86)\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3764C577-0754-456B-AF55-9A16C80AD207}C:\games\uncharted legacy of thieves collection\u4.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7D7B4A52-2F62-4809-A7D0-3F0D40A17226}C:\games\uncharted legacy of thieves collection\u4.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0A8FEF57-5531-4274-A7C2-EAFA218ACCAD}C:\program files (x86)\resident evil village\re8.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{80AB1596-23F8-4620-97D6-22B564E844B7}C:\program files (x86)\resident evil village\re8.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AFEB39A1-1B45-4CD1-9568-536E3A4ADE81}C:\program files (x86)\dodi-repacks\gears of war\binaries\wargame-g4wlive.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E65BFA3D-EC0D-491D-B6F9-A156EB5325E7}C:\program files (x86)\dodi-repacks\gears of war\binaries\wargame-g4wlive.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{56FD0082-4D99-4E2B-BFE8-3E91719D7E44}C:\program files\epic games\borderlands3\oakgame\binaries\win64\borderlands3.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C569A908-A55F-465D-8D1B-887CBC41ABF3}C:\program files\epic games\borderlands3\oakgame\binaries\win64\borderlands3.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{05E8E406-1518-411C-9301-5811937EEBFD}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C31903D8-C842-4C48-B987-65CA4433823F}" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{54DD189E-7520-4549-B6A8-CA7155C34905}C:\program files (x86)\dodi-repacks\just cause 4\justcause4.exe" => removed successfully "HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F7A80BFE-D9E4-4F5A-89FD-42DBBE02C43D}C:\program files (x86)\dodi-repacks\just cause 4\justcause4.exe" => removed successfully HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully =========== EmptyTemp: ========== FlushDNS => completed BITS transfer queue => 0 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 34955913 B Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 79362701 B Windows/system/drivers => 184481552 B Edge => 0 B Chrome => 744783770 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 61122320 B systemprofile32 => 61123409 B LocalService => 61697293 B NetworkService => 61708741 B nickj => 268710762 B RecycleBin => 47851592669 B EmptyTemp: => 46 GB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 17:42:57 ====