Similar problem to prinzarthur my NebulaFractica extension wont go away

Status
Not open for further replies.

JohnRambo

New Member
Thread author
Jul 16, 2024
2
So theres an extension running on my google chrome that is sending me to random websites when i search if not it sends me to yahoo or bing it says it is being run by my organization but i dont have one I downloaded the Download the Farbar Recovery Scan Tool (FRST). and I got this print out for you. please help me remove this malware thank you.
 

Attachments

  • Fixlist.txt
    7.1 KB · Views: 7
  • Addition.txt
    110.2 KB · Views: 4

nasdaq

Super Moderator
Verified
Staff Member
Nov 5, 2019
1,595
Hello, Welcome to MalwareTips.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Not having seen the FRST log I cannot say if you have identified all of the malware entries.

The Fixlist.txt you have submitted has identified all of the entries that I would normally suggest you delete.

Before you execute the fix I suggest you add the following items listed in the quote/unquote below in the Fixlist.txt you provided.

When added SAVE the file and run the fix. DO NOT INCLUDE THE "QUOTE" "UNQUOTE" NOTES.

QUOTE

Comment: Items from the Addition.txt log that will be removed.

AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk:09A0A90EF3 [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\H1Emu Launcher.lnk:6066E9464C [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk:4E42ED6D31 [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk:5465085A2F [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [3434]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk:104946E0EA [3434]
AlternateDataStreams: C:\Users\CKevi\Downloads\ChromeSetup (4).exe:MBAM.Zone.Identifier [384]
AlternateDataStreams: C:\Users\CKevi\Downloads\FRST64 (1).exe:MBAM.Zone.Identifier [193]
AlternateDataStreams: C:\Users\CKevi\Downloads\FRST64.exe:MBAM.Zone.Identifier [193]
AlternateDataStreams: C:\Users\CKevi\AppData\Local\Microsoft:ISBD1 [68]
AlternateDataStreams: C:\Users\CKevi\AppData\Local\Microsoft:ISBD2 [68]
FirewallRules: [{87EF0EC3-2F3B-4739-AC26-24A058C5C0FA}] => (Allow) D:\STEAM\steam.exe => No File
FirewallRules: [{F8C1FBF8-89FB-435E-8681-7C89DC0AED58}] => (Allow) D:\STEAM\steam.exe => No File
FirewallRules: [{1B650D60-D1BF-4FC7-A8F0-E56C605EB2EE}] => (Allow) D:\STEAM\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{D6230B59-8E62-4262-A9B3-D4DDE8E1325B}] => (Allow) D:\STEAM\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{263ADF3A-836D-4FF1-AA40-386CC2AC8747}] => (Allow) D:\STEAM\steamapps\common\GUNDAM EVOLUTION\EvoLauncher.exe => No File
FirewallRules: [{81FEC287-E743-44FC-972C-41AC78F93473}] => (Allow) D:\STEAM\steamapps\common\GUNDAM EVOLUTION\EvoLauncher.exe => No File
FirewallRules: [{4C0FA2EA-3C3D-4358-BA19-2B696C75916D}] => (Allow) D:\STEAM\steamapps\common\Apex Legends\EasyAntiCheat_launcher.exe => No File
FirewallRules: [{E96BCCAC-78FE-4EE0-B898-F135D154361F}] => (Allow) D:\STEAM\steamapps\common\Apex Legends\EasyAntiCheat_launcher.exe => No File
FirewallRules: [{0B0E2EDD-C058-4082-BEBD-958A9F4EBDA2}] => (Allow) D:\STEAM\steamapps\common\Holdfast Nations At War\Holdfast NaW.exe => No File
FirewallRules: [{D9BE9D1F-A01C-4444-B03E-7D590156EE4E}] => (Allow) D:\STEAM\steamapps\common\Holdfast Nations At War\Holdfast NaW.exe => No File
FirewallRules: [TCP Query User{4B508A79-F161-4B9F-99DE-53D30626F268}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [UDP Query User{F05AEF45-FC55-4CEE-A036-58642A49E329}C:\program files (x86)\overwatch\_retail_\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\_retail_\overwatch.exe => No File
FirewallRules: [{5B6F15BD-3B7B-4CBB-BC52-69CED40DAA59}] => (Allow) C:\SteamLibrary\steamapps\common\Risk of Rain 2\Risk of Rain 2.exe => No File
FirewallRules: [{06FAD767-C3B9-49F6-AC65-B0DF79026D88}] => (Allow) C:\SteamLibrary\steamapps\common\Risk of Rain 2\Risk of Rain 2.exe => No File
FirewallRules: [TCP Query User{2ADD9126-99C6-4333-B49D-A3506DE1AA21}C:\program files (x86)\call of duty\_retail_\cod.exe] => (Allow) C:\program files (x86)\call of duty\_retail_\cod.exe => No File
FirewallRules: [UDP Query User{04F34C36-3097-4501-A570-C7B1D67ECC36}C:\program files (x86)\call of duty\_retail_\cod.exe] => (Allow) C:\program files (x86)\call of duty\_retail_\cod.exe => No File
FirewallRules: [{B3521F93-D21F-4E04-A0F0-257231991174}] => (Allow) D:\STEAM\steamapps\common\Downfall - A Slay the Spire Fan Expansion\jre\bin\javaw.exe => No File
FirewallRules: [{C93098F1-6F84-4492-B828-42C9195AC040}] => (Allow) D:\STEAM\steamapps\common\Downfall - A Slay the Spire Fan Expansion\jre\bin\javaw.exe => No File
FirewallRules: [TCP Query User{D311EEAB-2371-4250-80B4-2E00E51ECBB7}D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [UDP Query User{AEE6F054-CC18-4240-81B2-E034F7EB98C5}D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\steam\steamapps\common\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{6DFF2B73-BF6B-4359-ACB8-FF585704B598}] => (Allow) D:\STEAM\steamapps\common\Among Us\Among Us.exe => No File
FirewallRules: [{E7A21E76-B9F8-4677-81AA-2A33EF8DA6C6}] => (Allow) D:\STEAM\steamapps\common\Among Us\Among Us.exe => No File
FirewallRules: [TCP Query User{0A54538B-EDCB-401B-B0FC-2F9E9A820DEA}D:\steam\steamapps\common\dragon age inquisition\dragonageinquisition.exe] => (Allow) D:\steam\steamapps\common\dragon age inquisition\dragonageinquisition.exe => No File
FirewallRules: [UDP Query User{1915A4D9-F94C-4129-870C-5F059B44D1AD}D:\steam\steamapps\common\dragon age inquisition\dragonageinquisition.exe] => (Allow) D:\steam\steamapps\common\dragon age inquisition\dragonageinquisition.exe => No File
FirewallRules: [{C712A42E-FDB5-464B-92CC-2DC25087DCD2}] => (Allow) D:\STEAM\steamapps\common\Valheim\valheim.exe => No File
FirewallRules: [{8367002D-AEC4-44C9-A2A4-32CBB65A4C13}] => (Allow) D:\STEAM\steamapps\common\Valheim\valheim.exe => No File
FirewallRules: [TCP Query User{BAA01E28-86AD-4C4C-8D76-9955E771E9B9}D:\epicgames\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\epicgames\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [UDP Query User{172B802B-8EA6-4405-AB2E-A430413E9D16}D:\epicgames\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\epicgames\epic games\launcher\engine\binaries\win64\epicwebhelper.exe => No File
FirewallRules: [{7656F1ED-4DD3-4C75-B302-8AE657FF9327}] => (Allow) C:\SteamLibrary\steamapps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe => No File
FirewallRules: [{924F3B2E-8842-48D3-8BD7-BC9A76249A9E}] => (Allow) C:\SteamLibrary\steamapps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe => No File
FirewallRules: [{D7AB9DCF-B6CD-40C6-BDD4-E09618E82C21}] => (Allow) C:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe => No File
FirewallRules: [{002CCFB8-985C-4339-8B3A-54B71ADACE54}] => (Allow) C:\SteamLibrary\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe => No File
FirewallRules: [{85C5E417-2A93-4EA2-8EF7-61A2114D8391}] => (Allow) C:\SteamLibrary\steamapps\common\Super Auto Pets\Super Auto Pets.exe => No File
FirewallRules: [{C35A9D79-7D43-40AF-962F-ECC23381337E}] => (Allow) C:\SteamLibrary\steamapps\common\Super Auto Pets\Super Auto Pets.exe => No File
FirewallRules: [TCP Query User{9CE44BBE-0E38-46B0-9609-E79AE129DE2C}D:\riotgames\riot games\riot client\riotclientservices.exe] => (Block) D:\riotgames\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [UDP Query User{3B5044BD-C872-42AF-8FC8-E840462C29F9}D:\riotgames\riot games\riot client\riotclientservices.exe] => (Block) D:\riotgames\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [{9233E108-74EA-4162-9C8F-44B78DA5B926}] => (Allow) D:\STEAM\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe => No File
FirewallRules: [{1733A2F2-47B0-42D6-B38A-9963F6F9DEEE}] => (Allow) D:\STEAM\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe => No File
FirewallRules: [{0F0A2402-86FB-4C1C-A673-2F0A12842405}] => (Allow) D:\STEAM\steamapps\common\SlayTheSpire\jre\bin\javaw.exe => No File
FirewallRules: [{912CD27F-1051-4544-82E1-54681E1B8417}] => (Allow) D:\STEAM\steamapps\common\SlayTheSpire\jre\bin\javaw.exe => No File
FirewallRules: [{09B4E9A3-33A3-4F04-9A72-A3650C69D12B}] => (Allow) C:\SteamLibrary\steamapps\common\Terraria\Terraria.exe => No File
FirewallRules: [{46FA4F04-3746-41EF-B20C-18109C5D4202}] => (Allow) C:\SteamLibrary\steamapps\common\Terraria\Terraria.exe => No File
FirewallRules: [TCP Query User{EDD1769C-48C8-4AA3-A784-6DF9276BFA89}D:\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) D:\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
FirewallRules: [UDP Query User{A1173FA0-DC0C-43E0-8648-CA7D2B99612A}D:\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) D:\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe => No File
FirewallRules: [TCP Query User{4E987E80-012E-4D09-B4FF-33D4257B7B1B}D:\qbit\qbittorrent\qbittorrent.exe] => (Allow) D:\qbit\qbittorrent\qbittorrent.exe => No File
FirewallRules: [UDP Query User{ED781757-1A7C-44C6-9A4B-F4D0870B8C6C}D:\qbit\qbittorrent\qbittorrent.exe] => (Allow) D:\qbit\qbittorrent\qbittorrent.exe => No File
FirewallRules: [{F84BCF26-415C-4EBB-BFEB-9BC9B8F55477}] => (Allow) D:\STEAM\steamapps\common\AoE2DE\AoE2DE_s.exe => No File
FirewallRules: [{457A8D10-528E-4CB7-B9EF-55F324A26EDF}] => (Allow) D:\STEAM\steamapps\common\AoE2DE\AoE2DE_s.exe => No File
FirewallRules: [{71AD32E7-6258-4276-9FE5-ACA67871C546}] => (Allow) D:\STEAM\steamapps\common\AoE2DE\BattleServer\BattleServer.exe => No File
FirewallRules: [{59D53C5A-C37F-4767-B8E5-2D0CB0888316}] => (Allow) D:\STEAM\steamapps\common\The Last Spell\The Last Spell.exe => No File
FirewallRules: [{C000EFDB-2802-45FC-B042-AFFF77177CD1}] => (Allow) D:\STEAM\steamapps\common\The Last Spell\The Last Spell.exe => No File
FirewallRules: [{7CFA9D46-97D0-418E-A23E-621716C79014}] => (Allow) D:\STEAM\steamapps\common\DB Xenoverse 2\START.exe => No File
FirewallRules: [{2CE1446F-9AB7-492C-8479-DABE3F7D563A}] => (Allow) D:\STEAM\steamapps\common\DB Xenoverse 2\START.exe => No File
FirewallRules: [{FD7A6771-7D2A-448B-B6A6-3EFB1A54BB32}] => (Allow) D:\STEAM\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{0399313F-BC69-47F6-8E21-014A6F8600C0}] => (Allow) D:\STEAM\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe => No File
FirewallRules: [{FC3418DF-81D1-4006-B2AB-C4582D7FC4F8}] => (Allow) D:\STEAM\steamapps\common\Assassin's Creed Valhalla\ACValhalla.exe => No File
FirewallRules: [{CB035C42-9E21-4ECB-BE1E-83FEF478C4F0}] => (Allow) D:\STEAM\steamapps\common\Assassin's Creed Valhalla\ACValhalla.exe => No File
FirewallRules: [TCP Query User{14E4DE43-02A7-4582-8228-0A7EDBFC5C7F}D:\warcraft iii\_retail_\x86_64\warcraft iii.exe] => (Allow) D:\warcraft iii\_retail_\x86_64\warcraft iii.exe => No File
FirewallRules: [UDP Query User{E1430CB7-2D03-45B5-BB4A-860A7E32A23E}D:\warcraft iii\_retail_\x86_64\warcraft iii.exe] => (Allow) D:\warcraft iii\_retail_\x86_64\warcraft iii.exe => No File
FirewallRules: [TCP Query User{19D2A0AA-AE53-4B91-B741-1DAA91EC4CB4}C:\steamlibrary\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\steamlibrary\steamapps\common\terraria\terrariaserver.exe => No File
FirewallRules: [UDP Query User{65F8D5BC-7D32-4F9B-A57A-23D8E50B32F8}C:\steamlibrary\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\steamlibrary\steamapps\common\terraria\terrariaserver.exe => No File
FirewallRules: [TCP Query User{CF65E353-A9F8-4864-9F02-80BB8CA5C07B}D:\diablo iv - beta\diablo iv.exe] => (Allow) D:\diablo iv - beta\diablo iv.exe => No File
FirewallRules: [UDP Query User{5E7D75A6-D4F2-422F-8639-098A7DAF8D7C}D:\diablo iv - beta\diablo iv.exe] => (Allow) D:\diablo iv - beta\diablo iv.exe => No File
FirewallRules: [TCP Query User{F48FA81B-848C-4618-9941-8E3920E2CE4E}C:\riot games\league of legends\leagueclientuxrender.exe] => (Allow) C:\riot games\league of legends\leagueclientuxrender.exe => No File
FirewallRules: [UDP Query User{F4221066-D37C-4B9A-86E5-4014052DE9CB}C:\riot games\league of legends\leagueclientuxrender.exe] => (Allow) C:\riot games\league of legends\leagueclientuxrender.exe => No File
FirewallRules: [{338CA163-93D5-481C-A6C2-ACEDDE39B35B}] => (Allow) C:\Users\CKevi\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{1D41D5CA-1AE5-468D-8FAC-5455CA386613}] => (Allow) C:\Users\CKevi\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{DC3D57E3-7E00-4027-8817-5B3A03F0093E}] => (Allow) D:\STEAM\steamapps\common\Path of Exile\PathOfExileSteam.exe => No File
FirewallRules: [{F885BAA9-9928-4C74-97E2-7BA6EC4D03E4}] => (Allow) D:\STEAM\steamapps\common\Path of Exile\PathOfExileSteam.exe => No File
FirewallRules: [{DB57BC75-9E7F-49C9-A5BD-C3DAAB96642C}] => (Allow) E:\Autorun.exe => No File
FirewallRules: [{799D8D91-E923-40E2-B26B-8A582F9409D3}] => (Allow) E:\Autorun.exe => No File
FirewallRules: [{4A6A9534-2018-423B-B2BB-28A2B512CAB7}] => (Allow) D:\Program Files (x86)\Ubisoft\Might & Magic Heroes VI\Might & Magic Heroes VI.exe => No File
FirewallRules: [{DAA1790D-C0DD-4D73-A9B7-C7BEA7988EB0}] => (Allow) D:\Program Files (x86)\Ubisoft\Might & Magic Heroes VI\Might & Magic Heroes VI.exe => No File
FirewallRules: [TCP Query User{43928C27-6186-42DC-ABBE-142482FE3CFD}D:\battlenet\starcraft\starcraft ii\versions\base89720\sc2_x64.exe] => (Allow) D:\battlenet\starcraft\starcraft ii\versions\base89720\sc2_x64.exe => No File
FirewallRules: [UDP Query User{382876C6-62C9-4FA9-993F-759276931017}D:\battlenet\starcraft\starcraft ii\versions\base89720\sc2_x64.exe] => (Allow) D:\battlenet\starcraft\starcraft ii\versions\base89720\sc2_x64.exe => No File
FirewallRules: [TCP Query User{48BE210C-05E4-4F5F-BBB2-87B7D58A4900}D:\battlenet\starcraft\starcraft ii\versions\base90136\sc2_x64.exe] => (Allow) D:\battlenet\starcraft\starcraft ii\versions\base90136\sc2_x64.exe => No File
FirewallRules: [UDP Query User{CDABA0F5-29EF-46D9-B217-9BCF440F9B96}D:\battlenet\starcraft\starcraft ii\versions\base90136\sc2_x64.exe] => (Allow) D:\battlenet\starcraft\starcraft ii\versions\base90136\sc2_x64.exe => No File
FirewallRules: [{64E6F177-9213-4D8E-8D75-15F09F0614C5}] => (Allow) D:\STEAM\steamapps\common\Conan Exiles\Launcher\FuncomLauncher.exe => No File
FirewallRules: [{3FBF3846-F789-4502-89D7-9F0D3FB3D2FD}] => (Allow) D:\STEAM\steamapps\common\Conan Exiles\Launcher\FuncomLauncher.exe => No File
FirewallRules: [{BAB23681-6E86-4E09-9A2D-C118ADD77147}] => (Allow) D:\STEAM\steamapps\common\OmegaStrikers\OmegaStrikers.exe => No File
FirewallRules: [{4809C4EE-C208-40F5-BA4E-320376E5A8AE}] => (Allow) D:\STEAM\steamapps\common\OmegaStrikers\OmegaStrikers.exe => No File
FirewallRules: [TCP Query User{3D970E73-4809-4622-AB89-303A7E03B829}D:\steam\steamapps\common\conan exiles\conansandbox\binaries\win64\conansandbox.exe] => (Allow) D:\steam\steamapps\common\conan exiles\conansandbox\binaries\win64\conansandbox.exe => No File
FirewallRules: [UDP Query User{0DDBC6E0-D795-4D2B-A2A0-FD730A72CCBB}D:\steam\steamapps\common\conan exiles\conansandbox\binaries\win64\conansandbox.exe] => (Allow) D:\steam\steamapps\common\conan exiles\conansandbox\binaries\win64\conansandbox.exe => No File
FirewallRules: [{56A2A504-10D8-45DF-859F-971A74EC81E9}] => (Allow) D:\STEAM\steamapps\common\Age of Wonders 4\launcher-se\Paradox Launcher.exe => No File
FirewallRules: [{7FAA9200-E428-495F-BE23-402F8BDC5159}] => (Allow) D:\STEAM\steamapps\common\Age of Wonders 4\launcher-se\Paradox Launcher.exe => No File
FirewallRules: [{70F71575-E157-49CD-B9FB-8BD42A9CC8DA}] => (Allow) D:\STEAM\steamapps\common\Age of Wonders 4\AOW4.exe => No File
FirewallRules: [{AE57F405-6A69-4482-ACF0-BCF25347A808}] => (Allow) D:\STEAM\steamapps\common\Age of Wonders 4\AOW4.exe => No File
FirewallRules: [{5693B6B3-0A49-45F3-9687-B0AADDA4795A}] => (Allow) D:\STEAM\steamapps\common\Ravenswatch\Ravenswatch.exe => No File
FirewallRules: [{EA30035D-FFCB-428B-ABFA-30BA70B700F0}] => (Allow) D:\STEAM\steamapps\common\Ravenswatch\Ravenswatch.exe => No File
FirewallRules: [TCP Query User{1E5BF965-04AE-4A71-B21F-D9E6224A116B}D:\steam\steamapps\common\madden nfl 23\madden23.exe] => (Allow) D:\steam\steamapps\common\madden nfl 23\madden23.exe => No File
FirewallRules: [UDP Query User{1CCD9052-FDAA-43A3-A39E-328188BD1071}D:\steam\steamapps\common\madden nfl 23\madden23.exe] => (Allow) D:\steam\steamapps\common\madden nfl 23\madden23.exe => No File
FirewallRules: [{95EB87DA-0CE8-4878-87C0-A9016C10F500}] => (Allow) D:\STEAM\steamapps\common\WormsWMD\Worms W.M.D.exe => No File
FirewallRules: [{95EAE2D5-0C18-4316-A604-C5D532D28C7C}] => (Allow) D:\STEAM\steamapps\common\WormsWMD\Worms W.M.D.exe => No File
FirewallRules: [{5663913D-7A02-4009-860C-897B72D87508}] => (Allow) D:\STEAM\steamapps\common\DRAGON BALL Z KAKAROT\AT.exe => No File
FirewallRules: [{DF84E3E1-5CD7-4DDF-9F3D-3FBE48804667}] => (Allow) D:\STEAM\steamapps\common\DRAGON BALL Z KAKAROT\AT.exe => No File
FirewallRules: [TCP Query User{C640325C-09B0-49F1-9523-7DDB132B9FDD}D:\steam\steamapps\common\dragon ball z kakarot\at\binaries\win64\at-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\dragon ball z kakarot\at\binaries\win64\at-win64-shipping.exe => No File
FirewallRules: [UDP Query User{8CC06394-9912-4C50-BDE3-6A3974D89C13}D:\steam\steamapps\common\dragon ball z kakarot\at\binaries\win64\at-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\dragon ball z kakarot\at\binaries\win64\at-win64-shipping.exe => No File
FirewallRules: [TCP Query User{100D7973-0F74-4D98-A53A-57D398B416FD}F:\call of duty modern warfare\modernwarfare.exe] => (Allow) F:\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{1150B376-0AE5-4089-8727-F6727E45F5D9}F:\call of duty modern warfare\modernwarfare.exe] => (Allow) F:\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{D12200D3-EAC5-46FF-BF08-C0420C03E8F2}D:\steamlibrary\steamapps\common\conan exiles\conansandbox\binaries\win64\conansandbox.exe] => (Allow) D:\steamlibrary\steamapps\common\conan exiles\conansandbox\binaries\win64\conansandbox.exe => No File
FirewallRules: [UDP Query User{AD9B5331-652F-4CC2-9456-96EBEB2F0AD2}D:\steamlibrary\steamapps\common\conan exiles\conansandbox\binaries\win64\conansandbox.exe] => (Allow) D:\steamlibrary\steamapps\common\conan exiles\conansandbox\binaries\win64\conansandbox.exe => No File
FirewallRules: [TCP Query User{E5B6886C-5C17-43F1-9BFC-BA9747B66555}F:\call of duty\_retail_\cod.exe] => (Allow) F:\call of duty\_retail_\cod.exe => No File
FirewallRules: [UDP Query User{3184F187-FBBF-4A67-A265-FFBA178A4913}F:\call of duty\_retail_\cod.exe] => (Allow) F:\call of duty\_retail_\cod.exe => No File
FirewallRules: [TCP Query User{4329F37B-C985-4F24-84A2-C62D55B8E7C6}C:\users\ckevi\downloads\hexguardian-goldberg\hexguardian-goldberg\rtstest\binaries\win64\rtstest-win64-shipping.exe] => (Allow) C:\users\ckevi\downloads\hexguardian-goldberg\hexguardian-goldberg\rtstest\binaries\win64\rtstest-win64-shipping.exe => No File
FirewallRules: [UDP Query User{F819FA95-8BF6-47D0-9485-17CC5BD57BD3}C:\users\ckevi\downloads\hexguardian-goldberg\hexguardian-goldberg\rtstest\binaries\win64\rtstest-win64-shipping.exe] => (Allow) C:\users\ckevi\downloads\hexguardian-goldberg\hexguardian-goldberg\rtstest\binaries\win64\rtstest-win64-shipping.exe => No File
FirewallRules: [TCP Query User{BA216677-82BD-4F39-801B-A01CDA6F99F4}C:\users\ckevi\downloads\dream.engines.nomad.cities.v1.0.539a\dream.engines.nomad.cities.v1.0.539a\dream engines.exe] => (Allow) C:\users\ckevi\downloads\dream.engines.nomad.cities.v1.0.539a\dream.engines.nomad.cities.v1.0.539a\dream engines.exe => No File
FirewallRules: [UDP Query User{293F6057-6233-4904-B82C-9766263D27DC}C:\users\ckevi\downloads\dream.engines.nomad.cities.v1.0.539a\dream.engines.nomad.cities.v1.0.539a\dream engines.exe] => (Allow) C:\users\ckevi\downloads\dream.engines.nomad.cities.v1.0.539a\dream.engines.nomad.cities.v1.0.539a\dream engines.exe => No File
FirewallRules: [TCP Query User{C20C0776-A3F6-41B3-99D9-B21DC3F45C34}F:\starcraft ii\versions\base92174\sc2_x64.exe] => (Allow) F:\starcraft ii\versions\base92174\sc2_x64.exe => No File
FirewallRules: [UDP Query User{A983F47F-057C-4F84-9999-BD113905378D}F:\starcraft ii\versions\base92174\sc2_x64.exe] => (Allow) F:\starcraft ii\versions\base92174\sc2_x64.exe => No File
FirewallRules: [TCP Query User{A3C85744-677C-4544-9AB5-9A288EF9CA9B}C:\users\ckevi\downloads\esports.godfather.v1.2.4-p2p\esport godfather.exe] => (Allow) C:\users\ckevi\downloads\esports.godfather.v1.2.4-p2p\esport godfather.exe => No File
FirewallRules: [UDP Query User{B736B9D6-CE70-47A1-B544-DF66BFA4E0BC}C:\users\ckevi\downloads\esports.godfather.v1.2.4-p2p\esport godfather.exe] => (Allow) C:\users\ckevi\downloads\esports.godfather.v1.2.4-p2p\esport godfather.exe => No File
FirewallRules: [TCP Query User{E56A48BD-FCF8-4756-A993-00166DB116DB}C:\users\ckevi\downloads\esports.godfather.build.14706489\esport godfather.exe] => (Allow) C:\users\ckevi\downloads\esports.godfather.build.14706489\esport godfather.exe => No File
FirewallRules: [UDP Query User{44895FEC-8160-49C1-BB55-0925C89BCCD5}C:\users\ckevi\downloads\esports.godfather.build.14706489\esport godfather.exe] => (Allow) C:\users\ckevi\downloads\esports.godfather.build.14706489\esport godfather.exe => No File
FirewallRules: [{6CC11B9D-E707-416F-96FD-277E8C50903C}] => (Allow) C:\Program Files (x86)\Overwolf\0.254.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{5BD34601-3797-4414-808E-428E6D256216}] => (Allow) C:\Program Files (x86)\Overwolf\0.254.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{D4C6E7F5-0C85-480C-AFC9-C35BF70D2908}] => (Block) C:\Program Files (x86)\Overwolf\0.254.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{EA5ED6B5-4D13-4832-9249-4A14DE7B7236}] => (Block) C:\Program Files (x86)\Overwolf\0.254.0.12\OverwolfBrowser.exe => No File

UNQUOTE.

Post the fixlog.txt for my review. If the problem persists please run a Farbar scan and post thel logs for my review.

p.s.

How did you learn how to created a fixlixt?
 

JohnRambo

New Member
Thread author
Jul 16, 2024
2
fixlog.txt is here seems to have worked thank you
 

Attachments

  • Fixlog.txt
    21.7 KB · Views: 3
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top