Serveur minecraft

Adware et clés de registre jouant avec les navigateurs Web – Resoudre les problemes d’un serveur MineCraft

Le 20 mai 2020 - 49 minutes de lecture

Résultat de l'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 11-05-2020

Géré par Eric (administrateur) sur ERIC-PC (Hewlett-Packard p6710f) (11-05-2020 16:50:09)

Exécution à partir de C: Users Eric Downloads

Profils chargés: Eric

Plateforme: Windows 7 Home Premium Service Pack 1 (X64) Langue: anglais (États-Unis)

Internet Explorer version 11 (navigateur par défaut: Chrome)

Mode de démarrage: Normal

==================== Processus (liste blanche) =================

(Si une entrée est incluse dans la liste de correctifs, le processus sera fermé. Le fichier ne sera pas déplacé.)

((HuskyCahya -> LevelInc Ltd) [File not signed]) [File is in use ] C: Program Files (x86) AlphacomAccentpolyN AlphacomAccentpolyN.exe

(Advanced Micro Devices Inc.) [File not signed] C: Program Files (x86) ATI Technologies ATI.ACE Core-Static MOM.exe

(Advanced Micro Devices, Inc.) [File not signed] C: Program Files (x86) ATI Technologies ATI.ACE Core-Static MMLoadDrv.exe

(ATI Technologies Inc.) [File not signed] C: Program Files (x86) ATI Technologies ATI.ACE Core-Static CCC.exe

(Google LLC -> Google LLC) C: Program Files (x86) Google Chrome Application chrome.exe <20>

(Google LLC -> Google LLC) C: Program Files (x86) Google Update 1.3.35.452 GoogleCrashHandler.exe

(Google LLC -> Google LLC) C: Program Files (x86) Google Update 1.3.35.452 GoogleCrashHandler64.exe

(HP Inc. -> HP Inc.) C: Program Files (x86) Hewlett-Packard HP Support Solutions HPSupportSolutionsFrameworkService.exe

(HP Inc. -> HP Inc.) C: Program Files HP HP Touchpoint Analytics Client TouchpointAnalyticsClientService.exe

(Logitech, Inc. -> Logitech Inc.) C: Program Files (x86) Common Files logishrd LVMVFM UMVPFSrv.exe

(Malwarebytes Inc -> Malwarebytes) C: Program Files Malwarebytes Anti-Malware MBAMService.exe

(Malwarebytes Inc -> Malwarebytes) C: Program Files Malwarebytes Anti-Malware mbamtray.exe

(Microsoft Corporation -> Microsoft Corporation) C: Program Files (x86) Microsoft Office Office12 POWERPNT.EXE

(Microsoft Corporation -> Microsoft Corporation) C: Program Files (x86) Microsoft Office Office12 WINWORD.EXE

(Microsoft Corporation -> Microsoft Corporation) C: Program Files Microsoft Security Client MsMpEng.exe

(Microsoft Corporation -> Microsoft Corporation) C: Program Files Microsoft Security Client msseces.exe

(Microsoft Corporation -> Microsoft Corporation) C: Program Files Microsoft Security Client NisSrv.exe

(Microsoft Corporation -> Microsoft Corporation) C: Windows System32 WirelessKB850NotificationService.exe

(Microsoft Windows -> Microsoft Corporation) C: Program Files Windows Media Player wmprph.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows splwow64.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows System32 prevhost.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows System32 SnippingTool.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows System32 wisptis.exe

(Éditeur de compatibilité matérielle Microsoft Windows -> AMD) C: Windows System32 atieclxx.exe

(Éditeur de compatibilité matérielle Microsoft Windows -> AMD) C: Windows System32 atiesrxx.exe

(Oracle America, Inc. -> Oracle Corporation) C: Program Files (x86) Common Files Java Java Update jusched.exe

(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C: Program Files (x86) EPSON Software Event Manager EEventManager.exe

(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C: Program Files (x86) EPSON Software FAX Utility FUFAXRCV.exe

(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C: Program Files (x86) EPSON Software FAX Utility FUFAXSTM.exe

(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C: Program Files Fichiers communs EPSON EPW! 3 SSRP E_S60RPB.EXE

(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C: Program Files EPSON EpsonCustomerResearchParticipation EPCP.exe

(SEIKO EPSON Corporation -> Seiko Epson Corporation) C: Windows System32 escsvc64.exe

(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C: Windows System32 spool drivers x64 3 E_YATIKDE.EXE

(Spotify AB -> Spotify Ltd) C: Users Eric AppData Roaming Spotify SpotifyWebHelper.exe

(Valve -> Valve Corporation) C: Program Files (x86) Common Files Steam SteamService.exe

(Valve -> Valve Corporation) C: Program Files (x86) Steam bin cef cef.win7x64 steamwebhelper.exe <7>

(Valve -> Valve Corporation) C: Program Files (x86) Steam steam.exe

==================== Registre (liste blanche) ===================

(Si une entrée est incluse dans la liste de correctifs, l'élément de registre sera restauré par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM … Run: [MSC] => c: Program Files Microsoft Security Client msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)

HKLM … Run: [Logitech Download Assistant] => C: Windows System32 LogiLDA.dll [1841496 2016-10-14] (Logitech -> Logitech, Inc.)

HKLM-x32 … Exécuter: [StartCCC] => C: Program Files (x86) ATI Technologies ATI.ACE Core-Static CLIStart.exe [336384 2011-06-30] (Advanced Micro Devices, Inc.) [File not signed]

HKLM-x32 … Exécuter: [FUFAXRCV] => C: Program Files (x86) Epson Software FAX Utility FUFAXRCV.exe [669664 2019-10-02] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)

HKLM-x32 … Exécuter: [FUFAXSTM] => C: Program Files (x86) Epson Software FAX Utility FUFAXSTM.exe [894944 2019-10-02] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)

HKLM-x32 … Exécuter: [EEventManager] => C: Program Files (x86) Epson Software Event Manager EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)

HKLM-x32 … Exécuter: [SunJavaUpdateSched] => C: Program Files (x86) Fichiers communs Java Java Update jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)

HKU S-1-5-21-3312487288-1977858865-3294966506-1000 … Run: [Steam] => C: Program Files (x86) Steam steam.exe [3372832 2020-04-27] (Valve -> Valve Corporation)

HKU S-1-5-21-3312487288-1977858865-3294966506-1000 … Run: [Spotify Web Helper] => C: Users Eric AppData Roaming Spotify SpotifyWebHelper.exe [780688 2018-02-03] (Spotify AB -> Spotify Ltd)

HKU S-1-5-21-3312487288-1977858865-3294966506-1000 … Run: [EPLTargetP0000000000000000] => C: Windows system32 spool DRIVERS x64 3 E_YATIKDE.EXE [298560 2013-09-12] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)

HKU S-1-5-21-3312487288-1977858865-3294966506-1000 … MountPoints2: 35585837-01c4-11e8-a9b3-78acc0bd2160 – I: LaunchU3.exe -a

HKLM Software Microsoft Active Setup Installed Components: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> C: Program Files (x86) Google Chrome Application 81.0.4044.138 Installer chrmstp.exe [2020-05-07] (Google LLC -> Google LLC)

HKLM Software Wow6432Node Microsoft Active Setup Installed Components: [73FA19D0-2D75-11D2-995D-00C04F98BBC9] ->

==================== Tâches planifiées (liste blanche) ============

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

Tâche: 04ADAC4D-FD7D-482E-98CB-3D8434C5E02C – System32 Tasks GoogleUpdateTaskMachineCore => C: Program Files (x86) Google Update GoogleUpdate.exe [153168 2017-07-13] (Google Inc -> Google Inc.)

Tâche: 0826AEF9-AF74-4CEE-82B9-4EF5C91AC8E3 – System32 Tasks Hewlett-Packard HP Support Assistant WarrantyChecker_DeviceScan => C: Program Files (x86) Hewlett-Packard HP Support Framework Resources HPWarrantyCheck HPWarrantyChecker.exe [1117048 2020-03-26] (HP Inc. -> HP Inc.)

Tâche: 20F0E2AD-625E-42DB-9ED2-46534EA8A212 – System32 Tasks Hewlett-Packard HP Active Health HP Active Health Scan (HPSA) => C: Program Files (x86) Hewlett-Packard HP Support Framework Resources HPActiveHealth ActiveHealth.exe [25128 2017-11-22] (HP Inc. ->)

Tâche: 2836BDC8-DF82-47B5-8931-BCED9D5B422B – System32 Tasks Hewlett-Packard HP Support Assistant WarrantyChecker => C: Program Files (x86) Hewlett-Packard HP Support Framework Resources HPWarrantyCheck HPWarrantyChecker.exe [1117048 2020-03-26] (HP Inc. -> HP Inc.)

Tâche: 30CA388E-AE58-4F84-A0CF-36CA3D229C60 – System32 Tasks Hewlett-Packard HP Support Assistant HP Support Solutions Framework Updater – Resources => C: Program Files (x86) Hewlett-Packard HP Support Solutions Modules HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)

Tâche: 373989EF-24AB-497B-8A66-0215090362A0 – System32 Tasks EPSON WF-3640 Series Invitation 75D026B1-B84D-4A20-97E9-26D07F4ABDD5 => C: Windows system32 spool DRIVERS x64 3 E_YTSKDE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)

Tâche: 3E544D74-2EBD-462C-834C-218F3B1EDF8C – System32 Tasks Adobe Flash Player PPAPI Notifier => C: Windows SysWOW64 Macromed Flash FlashUtil32_32_0_0_363_pepper.exe [1454136 2020-04-19] (Adobe Inc. -> Adobe)

Tâche: 3E826E79-292A-45A7-B26A-7EE4A55546B5 – System32 Tasks HPCeeScheduleForEric => C: Program Files (x86) Hewlett-Packard HP Ceement HPCEE.exe [99208 2016-06-24] (Hewlett-Packard Company -> HP Inc.)

Tâche: 5EE35B28-5C9A-4072-B372-DA6114A8FCC3 – System32 Tasks Microsoft Microsoft Antimalware Microsoft Antimalware Scheduled Scan => c: Program Files Microsoft Security Client \ MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)

Tâche: 6E0B010D-59C6-4BE2-83A5-FE7F0E829FD1 – System32 Tasks Hewlett-Packard HP Support Assistant HP Support Assistant Quick Start => C: Program Files (x86) Hewlett-Packard HP Support Framework HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)

Tâche: 8076B937-F816-4ADA-B868-A67EE92D2D17 – System32 Tasks Hewlett-Packard HP Support Assistant HP Support Solutions Framework Updater => C: Program Files (x86) Hewlett-Packard HP Support Solutions Modules HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)

Tâche: 82A89C05-9A94-4DCE-80A9-1FA41A20ED6D – System32 Tasks Hewlett-Packard HP Support Assistant HP Support Solutions Framework Report => C: Program Files (x86) Hewlett-Packard HP Support Solutions Modules HPSFReport.exe [134008 2020-03-25] (HP Inc. -> HP Inc.)

Tâche: 8E62185D-1405-4F38-8764-ECB0929F5DD0 – System32 Tasks Hewlett-Packard HP Support Assistant Product Configurator => C: Program Files (x86) Hewlett-Packard HP Support Framework Resources ProductConfig .EXE [320856 2020-04-23] (HP Inc. -> HP Inc.)

Tâche: 9B896994-6A2A-4EBA-8885-C06853239A9F – Mise à jour de la série System32 Tasks EPSON WF-3640 75D026B1-B84D-4A20-97E9-26D07F4ABDD5 => C: Windows system32 spool DRIVERS 3 E_YTSKDE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)

Tâche: AAF9D068-144C-4B6C-A436-61E400CF1CD2 – System32 Tasks Adobe Flash Player Updater => C: Windows SysWOW64 Macromed Flash FlashPlayerUpdateService.exe [335416 2020-04-19] (Adobe Inc. -> Adobe)

Tâche: C059C297-977E-430E-9402-85D9D9F758C6 – System32 Tasks GoogleUpdateTaskMachineUA => C: Program Files (x86) Google Update GoogleUpdate.exe [153168 2017-07-13] (Google Inc -> Google Inc.)

Tâche: C1E84BF3-5507-43AF-946A-EB68AEC9546F – System32 Tasks Hewlett-Packard HP Support Assistant PC Health Analysis => C: Program Files (x86) Hewlett-Packard HP Support Framework HPSF. EXE [1506680 2019-06-14] (HP Inc. -> HP Inc.)

Tâche: FDF66B07-3C2E-4BB6-B79A-6A7DE2F842C8 – System32 Tasks Mozilla Firefox Default Browser Agent E7CF176E110C211B => C: Program Files (x86) Mozilla Firefox default-browser-agent.exe [126152 2020-04-23] (Mozilla Corporation -> Fondation Mozilla)

(Si une entrée est incluse dans la liste de correctifs, le fichier de tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Tâche: C: Windows Tasks EPSON WF-3640 Series Invitation 75D026B1-B84D-4A20-97E9-26D07F4ABDD5 .job => C: Windows system32 spool DRIVERS x64 3 E_YTSKDE.EXE

Tâche: C: Windows Tasks EPSON WF-3640 Series Update 75D026B1-B84D-4A20-97E9-26D07F4ABDD5 .job => C: Windows system32 spool DRIVERS x64 3 E_YTSKDE.EXE: / EXE: 75D026B1-B84D-4A20-97E9-26D07F4ABDD5 / F: UpdateSYSTEMĊRecherche les mises à jour du logiciel EPSON et vous avertit lorsque des mises à jour sont disponibles.Si cette tâche est désactivée ou arrêtée, votre logiciel EPSON ne sera pas automatiquement mis à jour. Thi

Tâche: C: Windows Tasks HPCeeScheduleForEric.job => C: Program Files (x86) Hewlett-Packard HP Ceement HPCEE.exe

==================== Internet (liste blanche) ====================

(Si un élément est inclus dans la liste de correctifs, s'il s'agit d'un élément du registre, il sera supprimé ou restauré par défaut.)

Tcpip Paramètres: [DhcpNameServer] 75,75,75,75 75,75,76,76

Tcpip .. Interfaces 6C3A6ED6-459B-45F6-AACF-451FA97646B7: [DhcpNameServer] 75,75,75,75 75,75,76,76

Tcpip .. Interfaces 9FB95EF1-6FAC-490A-814F-F993017A7EA6: [DhcpNameServer] 192.168.1.252

Internet Explorer:

==================

SearchScopes: HKLM -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =

SearchScopes: HKLM-x32 -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =

SearchScopes: HKU S-1-5-21-3312487288-1977858865-3294966506-1000 -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =

BHO: Java ™ Plug-In SSV Helper -> 761497BB-D6F0-462C-B6EB-D4DAF1D92D43 -> C: Program Files Java jre1.8.0_251 bin ssv.dll [2020-04-14] (Oracle America, Inc. -> Oracle Corporation)

BHO: Java ™ Plug-In 2 SSV Helper -> DBC80044-A445-435b-BC74-9C25C1C588A9 -> C: Program Files Java jre1.8.0_251 bin jp2ssv.dll [2020-04-14] (Oracle America, Inc. -> Oracle Corporation)

BHO: HP Network Check Helper -> E76FD755-C1BA-4DCB-9F13-99BD91223ADE -> C: Program Files (x86) Hewlett-Packard HP Support Framework Resources HPNetworkCheck HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)

BHO-x32: HP Network Check Helper -> E76FD755-C1BA-4DCB-9F13-99BD91223ADE -> C: Program Files (x86) Hewlett-Packard HP Support Framework Resources HPNetworkCheck HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)

FireFox:

========

FF DefaultProfile: dnln6rwd.default

FF ProfilePath: C: Users Eric AppData Roaming Mozilla Firefox Profiles dnln6rwd.default [2020-05-11]

FF Page d'accueil: Mozilla Firefox Profiles dnln6rwd.default -> hxxps: //links.malwarebytes.com/link/restorebrowser lic = essai & product = MBAM-Cparam1 = y6bdVFVIsvuYsgEClQfz8KTL4HLBF1wBOkVfCJhNXY7GpZ9gA4TzjU20% 2B6Ll2pqWrRu5OXo1IhGWbkvP9Yv7ezBHXh% 2FBmaPh81bgd% 2Bd0HAN0N7% 2B7Ahh844DyIYjY1j4Vfy4piK5029QWh9WyAwA4qgf% 2By1h2HjT% 2FzwE4IpieTsNJKbAenpaE2GeEKEcjRDpG87QsAwuCvuyN%? 2FIt1seE7NClIzNz5% 2Fpx34ZHv3FAX17aRighSlYXPOiHV% 2B8M80IPHlpJCUQRwcvbICA4Cvr9zOQPosnTzdyCW7ag96lQqETU% 3D

FF SearchPlugin: C: Users Eric AppData Roaming Mozilla Firefox Profiles dnln6rwd.default searchplugins Yahoo powered search.xml [2020-05-11]

Plugin FF: @ java.com / DTPlugin, version = 11.251.2 -> C: Program Files Java jre1.8.0_251 bin dtplugin npDeployJava1.dll [2020-04-14] (Oracle America, Inc. -> Oracle Corporation)

Plugin FF: @ java.com / JavaPlugin, version = 11.251.2 -> C: Program Files Java jre1.8.0_251 bin plugin2 npjp2.dll [2020-04-14] (Oracle America, Inc. -> Oracle Corporation)

Plugin FF: @ microsoft.com / GENUINE -> désactivé [No File]

FF Plugin-x32: @ microsoft.com / GENUINE -> désactivé [No File]

Chrome:

=======

Profil CHR: C: Users Eric AppData Local Google Chrome User Data Default [2020-05-11]

Notifications CHR: Par défaut -> hxxps: //play.pokemonshowdown.com; hxxps: //www.facebook.com; hxxps: //www.rabb.it; hxxps: //www.twitch.tv; hxxps: //www.youtube.com

CHR HomePage: Par défaut -> hxxps: //us.search.yahoo.com/yhs/web hspart = & OMR hsimp = YHS-001 & type = 863152190 & param1 = y6bdVFVIsvuYsgEClQfz8KTL4HLBF1wBOkVfCJhNXY7GpZ9gA4TzjU20% 2B6Ll2pqWQ1FYFWZKveC% 2BqGgReLPKLsj% 2BcbF1vkG% 2BkY7oy5hfv3m8cwR32utrecEBuV3aT3Xzih80AoH0LbPgEsVazXoyUkK1% 2BFzLfjImFUq5IT3gwlBd5bQCrIkZh0FhqY617yDwjN4JCOnh4DcKIeWbO8b58loVWTt3YLdVMLNdy4ueARDmAgMsuCP8aFP4iGYfMVk6moqwrsSqQXFVUxBLIqg% 2F2% 2BnjKcUltJDa7HcC1yaNw88% 3D

CHR StartupUrls: Par défaut ->? "Hxxps: //www.google.com/", "hxxps: //us.search.yahoo.com/yhs/web hspart = & OMR hsimp = YHS-001 & type = 863152190 & param1 = y6bdVFVIsvuYsgEClQfz8KTL4HLBF1wBOkVfCJhNXY7GpZ9gA4TzjU20% 2B6Ll2pqWNPCfuIXzPSGzwGX% 2B5vJi% 2B% 2Fb4EFpoTu% 2BaR22PaorcQojc3D2r2yNIAzqSH% 2BGqzeT% 2B% 2BMPORGKwmkOLHWkAPVs6oOJe5RnNHgXbd99% 2FcuKC% 2FPXcRFRW8bU% 2FxKPQO7cOgdXzJs8bQCMUaXJA4oubmyh3E3SI4eLjEdcST9YdFJt2PrPKNwnQM% 2B1EipVYA17LdeUbAVU1u5Pp6Q% 2BLxlNQN0z% 2BEs2x5hLDfAlBI2XbehFngHs% 3D »

CHR DefaultSearchURL: Default -> hxxps: //www.bing.com/search? Q = searchTerms & PC = U316 & FORM = CHROMN

CHR DefaultSearchKeyword: Par défaut -> bing.com

CHR DefaultNewTabURL: Par défaut -> hxxps: //www.bing.com/chrome/newtab

CHR DefaultSuggestURL: Par défaut -> hxxps: //www.bing.com/osjson.aspx? Query = searchTerms & language = language & PC = U316

Extension CHR: (diapositives) – C: Users Eric AppData Local Google Chrome User Data Default Extensions aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]

Extension CHR: (Docs) – C: Users Eric AppData Local Google Chrome User Data Default Extensions aohghmighlieiainnegkcijnfilokake [2017-10-12]

Extension CHR: (Google Drive) – C: Users Eric AppData Local Google Chrome User Data Default Extensions apdfllckaahabafndbhieahigkjlhalf [2017-07-13]

Extension CHR: (YouTube) – C: Users Eric AppData Local Google Chrome User Data Default Extensions blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-13]

Extension CHR: (Watch2Gether) – C: Users Eric AppData Local Google Chrome User Data Default Extensions cimpffimgeipdhnhjohpbehjkcdpjolg [2020-04-24]

Extension CHR: (Sheets) – C: Users Eric AppData Local Google Chrome User Data Default Extensions felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]

Extension CHR: (Google Docs hors ligne) – C: Users Eric AppData Local Google Chrome User Data Default Extensions ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-21]

Extension CHR: (partage d'écran Discord) – C: Users Eric AppData Local Google Chrome User Data Default Extensions lcbhdgefieegnkbopmgklhlpjjdgmbog [2017-11-14]

Extension CHR: (Paiements Chrome Web Store) – C: Users Eric AppData Local Google Chrome User Data Default Extensions nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]

Extension CHR: (Gmail) – C: Users Eric AppData Local Google Chrome User Data Default Extensions pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24]

Extension CHR: (Chrome Media Router) – C: Users Eric AppData Local Google Chrome User Data Default Extensions pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-23]

==================== Services (liste blanche) ===================

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

R2 AlphacomAccentpolyN; C: Program Files (x86) AlphacomAccentpolyN AlphacomAccentpolyN.exe [2026088 2020-05-02] ((HuskyCahya -> LevelInc Ltd) [File not signed]) [File is in use ]

R2 AMD External Events Utility; C: Windows system32 atiesrxx.exe [236544 2012-06-07] (Éditeur de compatibilité matérielle Microsoft Windows -> AMD)

R2 EpsonCustomerResearchParticipation; C: Program Files EPSON EpsonCustomerResearchParticipation EPCP.exe [677880 2017-04-25] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)

R2 EpsonScanSvc; C: Windows system32 EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)

R2 EPSON_PM_RPCV4_06; C: Program Files Fichiers communs EPSON EPW! 3 SSRP E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)

S3 hpqcaslwmiex; C: Program Files (x86) HP Shared hpqwmiex.exe [1031704 2016-06-03] (Société Hewlett-Packard -> HP)

R2 HPSupportSolutionsFrameworkService; C: Program Files (x86) Hewlett-Packard HP Support Solutions HPSupportSolutionsFrameworkService.exe [378744 2020-03-31] (HP Inc. -> HP Inc.)

R2 HPTouchpointAnalyticsService; C: Program Files HP HP Touchpoint Analytics Client TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)

R2 MBAMService; C: Program Files Malwarebytes Anti-Malware MBAMService.exe [6933272 2020-03-11] (Malwarebytes Inc -> Malwarebytes)

R2 MsMpSvc; c: Program Files Microsoft Security Client MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)

R3 NisSrv; c: Program Files Microsoft Security Client NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)

S3 WinDefend; C: Program Files Windows Defender mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

R2 WirelessKB850NotificationService; C: Windows system32 WirelessKB850NotificationService.exe [174256 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)

===================== Pilotes (sur liste blanche) ===================

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

R3 amdkmdag; C: Windows System32 DRIVERS atikmdag.sys [11172864 2012-06-07] (Éditeur de compatibilité matérielle Microsoft Windows -> Advanced Micro Devices, Inc.)

R3 amdkmdap; C: Windows System32 DRIVERS atikmpag.sys [339456 2012-06-07] (Éditeur de compatibilité matérielle Microsoft Windows -> Advanced Micro Devices, Inc.)

R0 AtiPcie; C: Windows System32 DRIVERS AtiPcie.sys [16440 2009-05-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.)

R1 ESProtectionDriver; C: Windows system32 drivers mbae64.sys [153312 2020-04-17] (Malwarebytes Corporation -> Malwarebytes)

R2 MBAMChameleon; C: Windows System32 Drivers MbamChameleon.sys [214496 2020-05-10] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMFarflt; C: Windows System32 DRIVERS farflt.sys [195432 2020-05-11] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMProtection; C: Windows system32 DRIVERS mbam.sys [73368 2020-05-11] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMSwissArmy; C: Windows System32 Drivers mbamswissarmy.sys [248968 2020-05-11] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMWebProtection; C: Windows System32 DRIVERS mwac.sys [112752 2020-05-11] (Malwarebytes Inc -> Malwarebytes)

R0 MpFilter; C: Windows System32 DRIVERS MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)

R3 netr28x; C: Windows System32 DRIVERS netr28x.sys [2473616 2014-12-10] (MEDIATEK INC. -> MediaTek Inc.)

R3 NisDrv; C: Windows System32 DRIVERS NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)

R3 usbfilter; C: Windows System32 DRIVERS usbfilter.sys [34872 2009-04-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)

==================== NetSvcs (liste blanche) ====================

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

==================== Un mois (créé) ===================

(Si une entrée est incluse dans la liste de correctifs, le fichier / dossier sera déplacé.)

2020-05-11 16:50 – 2020-05-11 16:51 – 000022444 _____ C: Users Eric Downloads FRST.txt

2020-05-11 16:49 – 2020-05-11 16:50 – 000000000 ____D C: FRST

2020-05-11 16:46 – 2020-05-11 16:47 – 002285568 _____ (Farbar) C: Users Eric Downloads FRST64.exe

2020-05-11 15:17 – 2020-05-11 15:18 – 297211380 _____ C: Users Eric Documents Registry Backup.reg

2020-05-11 14:24 – 2020-05-11 14:24 – 000195432 _____ (Malwarebytes) C: Windows system32 Drivers farflt.sys

2020-05-11 14:24 – 2020-05-11 14:24 – 000112752 _____ (Malwarebytes) C: Windows system32 Drivers mwac.sys

2020-05-11 14:24 – 2020-05-11 14:24 – 000073368 _____ (Malwarebytes) C: Windows system32 Drivers mbam.sys

2020-05-11 14:24 – 2020-05-11 14:24 – 000000000 ____D C: Users Eric AppData LocalLow IGDump

2020-05-11 14:23 – 2020-05-11 14:23 – 000005835 _____ C: Users Eric Documents MBAM 5th log.txt

2020-05-11 11:34 – 2020-05-11 11:34 – 000248968 _____ (Malwarebytes) C: Windows system32 Drivers mbamswissarmy.sys

2020-05-11 02:57 – 2020-05-11 02:57 – 000005672 _____ C: Users Eric Documents MBAM 4th log.txt

2020-05-10 21:08 – 2020-05-10 21:08 – 000005346 _____ C: Users Eric Documents MBAM 3rd log.txt

2020-05-10 21:08 – 2020-05-10 21:08 – 000005346 _____ C: Users Eric Documents MBAM 2nd log.txt

2020-05-10 21:07 – 2020-05-10 21:07 – 000006945 _____ C: Users Eric Documents MBAM 1st log.txt

2020-05-10 20:35 – 2020-05-10 20:35 – 000005516 _____ C: Users Eric Documents MBAM réessayez 1 5102020.txt

2020-05-10 12:42 – 2020-05-10 12:42 – 000251947 _____ C: Users Eric Downloads DanycardMomin.pdf

2020-05-10 12:27 – 2020-05-10 12:27 – 000214496 _____ (Malwarebytes) C: Windows system32 Drivers MbamChameleon.sys

2020-05-10 02:54 – 2020-05-10 02:54 – 001801666 _____ C: Users Eric Downloads DanycardMom.pdf

2020-05-10 02:52 – 2020-05-10 02:52 – 000001054 _____ C: Users Eric Downloads MothersDayCardInstructions.txt

2020-05-09 17:47 – 2020-05-09 17:47 – 003048387 _____ C: Users Eric Downloads Wynntils-1.5.1_638-MC1.12.2.jar

2020-05-09 17:36 – 2020-05-09 17:36 – 004953534 _____ C: Users Eric Downloads forge-1.12.2-14.23.5.2768-installer-win (1) .exe

2020-05-09 17:35 – 2020-05-09 17:35 – 004953534 _____ C: Users Eric Downloads forge-1.12.2-14.23.5.2768-installer-win.exe

2020-05-09 17:35 – 2020-05-09 17:35 – 000000000 ____D C: Program Files (x86) OneMellifluousUpdater

2020-05-09 17:34 – 2020-05-09 17:34 – 000286604 _____ C: Users Eric AppData Roaming tb7_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt

2020-05-09 17:34 – 2020-05-09 17:34 – 000000000 ____D C: Windows SysWOW64 vd7v

2020-05-09 17:33 – 2020-05-09 17:33 – 000000000 ____D C: ProgramData SProvide

2020-05-09 17:33 – 2020-05-09 17:33 – 000000000 ____D C: Program Files (x86) AlphacomAccentpolyN

2020-05-09 17:32 – 2020-05-09 17:35 – 000000000 ____D C: Program Files (x86) GemingaDirectory

2020-05-09 17:32 – 2020-05-09 17:33 – 000000000 ____D C: Users Eric AppData Roaming SetupReconcile

2020-05-09 17:32 – 2020-05-09 17:32 – 001794048 _____ C: Users Eric Downloads SetupMY.msi

2020-04-25 17:35 – 2020-04-25 17:35 – 000000000 ____D C: Windows system32 Tasks Mozilla

2020-04-23 15:45 – 2020-04-26 12:07 – 000000000 ____D C: Program Files (x86) Mozilla Firefox

2020-04-15 15:46 – 2020-04-15 18:20 – 000157413 _____ C: Users Eric .babel.7.8.4.production.json

==================== Un mois (modifié) ==================

(Si une entrée est incluse dans la liste de correctifs, le fichier / dossier sera déplacé.)

2020-05-11 16:42 – 2017-07-01 20:42 – 000000000 ____D C: Users Eric Documents MCC_Stuff

2020-05-11 16:33 – 2018-10-07 14:33 – 000000911 _____ C: Windows Tasks EPSON WF-3640 Series Update 75D026B1-B84D-4A20-97E9-26D07F4ABDD5 .job

2020-05-11 16:33 – 2018-10-07 14:33 – 000000725 _____ C: Windows Tasks EPSON WF-3640 Series Invitation 75D026B1-B84D-4A20-97E9-26D07F4ABDD5 .job

2020-05-11 16:27 – 01-07-2017 23:24 – 000000000 ____D C: Users Eric Documents Minecraft Stuff

2020-05-11 15:47 – 2009-07-14 01:13 – 000781790 _____ C: Windows system32 PerfStringBackup.INI

2020-05-11 15:47 – 2009-07-13 23:20 – 000000000 ____D C: Windows inf

2020-05-11 14:49 – 2009-07-14 00:45 – 000022064 ____H C: Windows system32 7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2020-05-11 14:49 – 2009-07-14 00:45 – 000022064 ____H C: Windows system32 7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2020-05-11 14:24 – 2017-07-14 20:56 – 000000000 ____D C: Program Files (x86) Steam

2020-05-11 14:23 – 2009-07-14 01:08 – 000000006 ____H C: Windows Tasks SA.DAT

2020-05-11 14:00 – 2017-07-03 17:22 – 000000000 ____D C: Users Eric AppData Roaming .minecraft

2020-05-10 16:05 – 2017-06-27 17:19 – 000000000 ____D C: Users Eric AppData LocalLow Mozilla

2020-05-07 22:48 – 2017-07-13 01:26 – 000002224 _____ C: ProgramData Microsoft Windows Menu Démarrer Programmes Google Chrome.lnk

2020-05-07 22:48 – 2017-07-13 01:26 – 000002183 _____ C: Users Public Desktop Google Chrome.lnk

2020-05-07 22:48 – 2017-07-13 01:26 – 000002183 _____ C: ProgramData Desktop Google Chrome.lnk

2020-05-07 17:30 – 2017-06-27 17:46 – 000003180 _____ C: Windows system32 Tasks HPCeeScheduleForEric

2020-05-07 17:30 – 2017-06-27 17:46 – 000000328 _____ C: Windows Tasks HPCeeScheduleForEric.job

2020-05-05 13:24 – 2018-08-17 16:24 – 000000000 ____D C: Users Eric Documents SNHU stuff

2020-04-30 23:16 – 01-07-2017 20:48 – 000000000 ____D C: Users Eric Documents Only_Poetry

2020-04-28 03:16 – 2019-05-01 00:39 – 000000000 ____D C: Users Eric Documents Alpha

2020-04-26 12:07 – 2017-06-27 17:18 – 000000000 ____D C: Program Files (x86) Mozilla Maintenance Service

2020-04-23 13:06 – 2019-12-20 17:18 – 000000000 ____D C: Users Eric Documents Terrariastuff

2020-04-19 10:54 – 2017-11-10 17:53 – 000000000 ____D C: Users Eric AppData Local Adobe

2020-04-19 10:53 – 2017-11-10 17:54 – 000842296 _____ (Adobe) C: Windows SysWOW64 FlashPlayerApp.exe

2020-04-19 10:53 – 2017-11-10 17:54 – 000175160 _____ (Adobe) C: Windows SysWOW64 FlashPlayerCPLApp.cpl

2020-04-19 10:53 – 2017-11-10 17:54 – 000004470 _____ C: Windows system32 Tasks Adobe Flash Player PPAPI Notifier

2020-04-19 10:53 – 2017-11-10 17:54 – 000004324 _____ C: Windows system32 Tasks Adobe Flash Player Updater

2020-04-19 10:53 – 2017-11-10 17:54 – 000000000 ____D C: Windows SysWOW64 Macromed

2020-04-19 10:53 – 2017-11-10 17:54 – 000000000 ____D C: Windows system32 Macromed

2020-04-17 20:18 – 2019-07-03 13:14 – 000153312 _____ (Malwarebytes) C: Windows system32 Drivers mbae64.sys

2020-04-15 18:20 – 2019-08-05 23:17 – 000000000 ____D C: Users Eric AppData Roaming Kast

2020-04-15 15:46 – 2019-08-05 23:17 – 000002241 _____ C: Users Eric Desktop Kast.lnk

2020-04-15 15:46 – 2017-06-27 15:46 – 000000000 ____D C: Users Eric

2020-04-14 16:53 – 2017-07-03 01:01 – 000000000 ____D C: ProgramData Microsoft Windows Start Menu Programs Java

2020-04-14 16:53 – 2017-07-03 01:00 – 000000000 ____D C: Program Files Java

2020-04-14 16:52 – 2017-07-03 01:01 – 000129192 _____ (Oracle Corporation) C: Windows system32 WindowsAccessBridge-64.dll

==================== Fichiers à la racine de certains répertoires ========

2020-05-09 17:34 – 2020-05-09 17:34 – 000286604 _____ () C: Users Eric AppData Roaming tb7_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt

2018-05-10 22:22 – 2018-05-10 22:22 – 000013312 _____ () C: Users Eric AppData Local DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2017-07-02 00:41 – 2017-07-02 00:41 – 000007597 _____ () C: Users Eric AppData Local Resmon.ResmonCfg

==================== SigCheck ============================

(Il n'y a pas de correctif automatique pour les fichiers qui ne passent pas la vérification.)

LastRegBack: 2020-05-07 03:27

==================== Fin de FRST.txt =========================

Résultat d'analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 11-05-2020

Ran par Eric (11-05-2020 16:52:06)

Exécution à partir de C: Users Eric Downloads

Windows 7 Home Premium Service Pack 1 (X64) (2017-06-27 19:46:56)

Mode de démarrage: Normal

================================================== ========

==================== Comptes: ============================ =

Administrateur (S-1-5-21-3312487288-1977858865-3294966506-500 – Administrateur – désactivé)

Eric (S-1-5-21-3312487288-1977858865-3294966506-1000 – Administrateur – Activé) => C: Users Eric

Invité (S-1-5-21-3312487288-1977858865-3294966506-501 – limité – désactivé)

Groupe résidentielUtilisateur $ (S-1-5-21-3312487288-1977858865-3294966506-1002 – limité – activé)

==================== Security Center ========================

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée.)

AV: Microsoft Security Essentials (activé – à jour) 71A27EC9-3DA6-45FC-60A7-004F623C6189

AS: Microsoft Security Essentials (activé – à jour) CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34

AS: Windows Defender (désactivé – à jour) D68DDC3A-831F-4fae-9E44-DA132C1ACF46

==================== Programmes installés ======================

(Seuls les programmes publicitaires avec le drapeau "Caché" peuvent être ajoutés à la liste de correctifs pour les afficher. Les programmes publicitaires doivent être désinstallés manuellement.)

Adobe Flash Player 32 PPAPI (HKLM-x32 … Adobe Flash Player PPAPI) (Version: 32.0.0.363 – Adobe)

Gestionnaire d'installation ATI Catalyst (HKLM … BCC01139-903A-6FC7-3358-85B0AE332601) (Version: 3.0.829.0 – ATI Technologies, Inc.)

Discord (HKU S-1-5-21-3312487288-1977858865-3294966506-1000 … Discord) (Version: 0.0.306 – Discord Inc.)

EPSON Connect version 1.0 (HKLM-x32 … EPSON Connect_is1) (Version: 1.0 – Epson America Inc.)

Participation à la recherche client Epson (HKLM … B26449A6-6007-4460-B4FE-C4776115BCEA) (Version: 1.82.0000 – Seiko Epson Corporation)

Epson Event Manager (HKLM-x32 … 9F205E94-9E42-4486-A92A-DF3F6CB85444) (Version: 3.10.0061 – Seiko Epson Corporation)

Utilitaire Epson FAX (HKLM-x32 … 0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A) (Version: 3.02.00 – Seiko Epson Corporation)

Pilote Epson PC-FAX (Pilote HKLM-x32 … EPSON PC-FAX 2) (Version: – Seiko Epson Corporation)

EPSON Scan (HKLM-x32 … EPSON Scanner) (Version: – Seiko Epson Corporation)

Programme de mise à jour du logiciel Epson (HKLM-x32 … 0854CD22-DF5E-4587-B977-6FC9DB57B63D) (Version: 4.5.0 – Seiko Epson Corporation)

Désinstallation de l'imprimante EPSON WF-3640 Series (HKLM … EPSON WF-3640 Series) (Version: – SEIKO EPSON Corporation)

EpsonNet Print (HKLM-x32 … 3E31400D-274E-4647-916C-2CACC3741799) (Version: 2.6.0 – SEIKO EPSON CORPORATION)

Google Chrome (HKLM-x32 … Google Chrome) (Version: 81.0.4044.138 – Google LLC)

Aide à la mise à jour Google (HKLM-x32 … 60EC980A-BDA2-4CB6-A427-B07A5498B4CA) (Version: 1.3.35.451 – Google LLC) Masqué

Assistant de support HP (HKLM-x32 … 05F81C27-62A5-4A0C-8519-60CB66CF87C6) (Version: 8.8.24.33 – HP Inc.)

HP Support Solutions Framework (HKLM-x32…183BD477-774B-4700-B40B-EE43886E74D2) (Version: 12.15.14.3 – HP Inc.)

HP Touchpoint Analytics Client (HKLM…E5FB98E0-0784-44F0-8CEC-95CD4690C43F) (Version: 4.0.2.1439 – HP Inc.)

Java 8 Update 251 (64-bit) (HKLM…26A24AE4-039D-4CA4-87B4-2F64180251F0) (Version: 8.0.2510.8 – Oracle Corporation)

Kast 2.8.1 (HKUS-1-5-21-3312487288-1977858865-3294966506-1000…d06bcc57-f338-548b-9321-2ecf1ddd47ff) (Version: 2.8.1 – Evasyst, Inc.)

Malwarebytes version 4.1.0.56 (HKLM…35065F43-4BB2-439A-BFF7-0F1014F2E0CD_is1) (Version: 4.1.0.56 – Malwarebytes)

Microsoft .NET Framework 4.8 (HKLM…92FB6C44-E685-45AD-9B20-CADF4CABA132 – 1033) (Version: 4.8.03761 – Microsoft Corporation)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32…91120000-00CA-0000-0000-0000000FF1CE_SMALLBUSINESSR_6E107EB7-8B55-48BF-ACCB-199F86A2CD93) (Version:  – Microsoft)

Microsoft Office Small Business 2007 (HKLM-x32…SMALLBUSINESSR) (Version: 12.0.6612.1000 – Microsoft Corporation)

Microsoft Security Essentials (HKLM…Microsoft Security Client) (Version: 4.10.209.0 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…71c9b48-7c32-4621-a0ac-3f809523288f) (Version: 8.0.56336 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…ad8a2fa1-06e7-4b0d-927d-6e54b3d31028) (Version: 8.0.61000 – Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…1D8E6291-B0D5-35EC-8441-6616F567A0F7) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…F0C3E5D1-1ADE-321E-8167-68EF0DE699A5) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…50d4fc8-5d48-4b8f-8972-47c82c46020f) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…f65db027-aff3-4070-886a-0d87064aabb1) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x64) – 14.0.24215 (HKLM-x32…d992c12e-cab2-426f-bde3-fb8c53950b0d) (Version: 14.0.24215.1 – Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 (HKLM-x32…2BFC7AA0-544C-4E3A-8796-67F3BE655BE9) (Version: 4.0.20823.0 – Microsoft Corporation)

Minecraft (HKLM-x32…1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872) (Version: 1.0.3.0 – Mojang)

Mozilla Firefox 75.0 (x64 en-US) (HKLM…Mozilla Firefox 75.0 (x64 en-US)) (Version: 75.0 – Mozilla)

Mozilla Maintenance Service (HKLM…MozillaMaintenanceService) (Version: 54.0 – Mozilla)

Realtek High Definition Audio Driver (HKLM-x32…F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC) (Version: 6.0.1.6196 – Realtek Semiconductor Corp.)

Spotify (HKUS-1-5-21-3312487288-1977858865-3294966506-1000…Spotify) (Version: 1.0.73.345.g6c9971ef – Spotify AB)

Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)

TeamSpeak 3 Client (HKLM…TeamSpeak 3 Client) (Version: 3.1.8 – TeamSpeak Systems GmbH)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32…91120000-00CA-0000-0000-0000000FF1CE_SMALLBUSINESSR_C444285D-5E4F-48A4-91DD-47AAAA68E92D) (Version:  – Microsoft)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [EPP] -> 09A47860-11B0-4DA5-AFA5-26D86198A780 => c:Program FilesMicrosoft Security Clientshellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers2: [EPP] -> 09A47860-11B0-4DA5-AFA5-26D86198A780 => c:Program FilesMicrosoft Security Clientshellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers3: [MBAMShlExt] -> 57CE581A-0CB6-4266-9CA0-19364C90A0B3 => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers4: [EPP] -> 09A47860-11B0-4DA5-AFA5-26D86198A780 => c:Program FilesMicrosoft Security Clientshellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers5: [ACE] -> 5E2121EE-0300-11D4-8D3B-444553540000 => C:Program Files (x86)ATI TechnologiesATI.ACECore-Staticatiacm64.dll [2011-06-30] (Advanced Micro Devices, Inc.) [File not signed]

ContextMenuHandlers6: [MBAMShlExt] -> 57CE581A-0CB6-4266-9CA0-19364C90A0B3 => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…Drivers32: [vidc.i420] => C:Windowssystem32lvcod64.dll [176416 2012-01-18] (Logitech, Inc. -> Logitech Inc.)

HKLM…Drivers32: [vidc.i420] => C:WindowsSysWOW64lvcodec2.dll [307488 2012-01-18] (Logitech, Inc. -> Logitech Inc.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription__FilterToConsumerBinding->CommandLineEventConsumer.Name="BVTConsumer"",Filter="__EventFilter.Name="BVTFilter"::

WMI:subscription__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA « Win32_Processor » AND TargetInstance.LoadPercentage > 99]

WMI:subscriptionCommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\tools\kernrate]

==================== Loaded Modules (Whitelisted) =============

2011-06-30 00:11 – 2011-06-30 00:11 – 000008704 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticAEM.Actions.CCAA.Shared.dll

2011-06-30 00:12 – 2011-06-30 00:12 – 000006656 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticAEM.Plugin.DPPE.Shared.dll

2011-06-30 00:11 – 2011-06-30 00:11 – 000005632 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticAEM.Plugin.GD.Shared.dll

2011-06-30 00:11 – 2011-06-30 00:11 – 000007168 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticAEM.Plugin.Hotkeys.Shared.dll

2011-06-30 00:13 – 2011-06-30 00:13 – 000005632 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticAEM.Plugin.REG.Shared.dll

2011-06-30 00:13 – 2011-06-30 00:13 – 000042496 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticAEM.Plugin.Source.Kit.Server.dll

2011-06-30 00:11 – 2011-06-30 00:11 – 000006656 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticAEM.Plugin.WinMessages.Shared.dll

2011-06-30 00:11 – 2011-06-30 00:11 – 000034816 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticAEM.Server.dll

2011-06-30 00:11 – 2011-06-30 00:11 – 000006144 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticAEM.Server.Shared.dll

2011-06-30 00:11 – 2011-06-30 00:11 – 000032768 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticATICCCom.dll

2011-06-30 00:12 – 2011-06-30 00:12 – 000022016 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCCC.Implementation.dll

2011-06-30 00:13 – 2011-06-30 00:13 – 000019968 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLI.Caste.Fuel.Runtime.dll

2011-06-30 00:13 – 2011-06-30 00:13 – 000010752 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLI.Caste.Fuel.Shared.dll

2011-06-30 00:13 – 2011-06-30 00:13 – 000011776 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLI.Caste.HydraVision.Runtime.dll

2011-06-30 00:13 – 2011-06-30 00:13 – 000008704 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLI.Caste.HydraVision.Shared.dll

2011-06-30 00:11 – 2011-06-30 00:11 – 000007680 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLI.Component.Client.Shared.dll

2011-06-30 00:11 – 2011-06-30 00:11 – 000032768 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLI.Component.Dashboard.Shared.dll

2011-06-30 00:12 – 2011-06-30 00:12 – 001200640 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLI.Component.Dashboard.Shared.Private.dll

2011-06-30 00:11 – 2011-06-30 00:11 – 000005632 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLI.Component.Runtime.Shared.dll

2011-06-30 00:11 – 2011-06-30 00:11 – 000037376 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLI.Component.Runtime.Shared.Private.dll

2011-06-30 00:11 – 2011-06-30 00:11 – 000061440 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLI.Foundation.dll

2011-06-30 00:11 – 2011-06-30 00:11 – 000029184 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLI.Foundation.Private.dll

2011-06-30 00:12 – 2011-06-30 00:12 – 000018432 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLI.Foundation.XManifest.dll

2011-06-30 00:11 – 2011-06-30 00:11 – 000006144 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticDEM.Graphics.dll

2011-06-30 00:13 – 2011-06-30 00:13 – 000012800 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticFuel.Foundation.dll

2011-06-30 00:11 – 2011-06-30 00:11 – 000021504 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticLOG.Foundation.dll

2011-06-30 00:12 – 2011-06-30 00:12 – 000055296 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticLOG.Foundation.Implementation.dll

2011-06-30 00:11 – 2011-06-30 00:11 – 000020480 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticLOG.Foundation.Implementation.Private.dll

2011-06-30 00:11 – 2011-06-30 00:11 – 000024576 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticLOG.Foundation.Private.dll

2011-06-30 00:11 – 2011-06-30 00:11 – 000005632 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticMOM.Foundation.dll

2011-06-30 00:12 – 2011-06-30 00:12 – 000095744 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticMOM.Implementation.dll

2011-06-30 00:11 – 2011-06-30 00:11 – 000015360 _____ ( (Advanced Micro Devices Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticNEWAEM.Foundation.dll

2011-04-21 16:40 – 2011-04-21 16:40 – 000080896 _____ ( (Advanced Micro Devices, Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticADL.Foundation.dll

2011-06-30 00:12 – 2011-06-30 00:12 – 000036352 _____ ( (Advanced Micro Devices, Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLI.Component.Client.Shared.Private.dll

2011-06-30 00:12 – 2011-06-30 00:12 – 000389120 _____ ( (Advanced Micro Devices, Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLI.Component.Dashboard.dll

2011-06-30 00:11 – 2011-06-30 00:11 – 000057344 _____ ( (Advanced Micro Devices, Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLI.Component.Runtime.dll

2009-06-17 05:27 – 2009-06-17 05:27 – 000016384 _____ ( (Advanced Micro Devices, Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticDEM.Graphics.I0709.dll

2011-06-30 00:11 – 2011-06-30 00:11 – 000290816 _____ ( (Advanced Mirco Devices, Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLI.Caste.Graphics.Runtime.dll

2011-06-30 00:11 – 2011-06-30 00:11 – 000167936 _____ ( (Advanced Mirco Devices, Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticCLI.Caste.Graphics.Shared.dll

2010-03-04 00:27 – 2010-03-04 00:27 – 000016384 _____ ( (ATI Technologies Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticDEM.Foundation.dll

2009-04-22 12:13 – 2009-04-22 12:13 – 000045056 _____ ( (ATI Technologies Inc.) [File not signed]) [File is in use ] C:Program Files (x86)ATI TechnologiesATI.ACECore-StaticDEM.Graphics.I0601.dll

2011-06-30 00:11 – 2011-06-30 00:11 – 000838144 _____ (Advanced Micro Devices, Inc.) [File not signed] C:Program Files (x86)ATI TechnologiesATI.ACECore-Staticatiacm64.dll

2011-06-30 00:10 – 2011-06-30 00:10 – 000004608 _____ (Advanced Micro Devices, Inc.) [File not signed] C:Program Files (x86)ATI TechnologiesATI.ACECore-Staticatiamenu.dll

2015-12-17 11:11 – 2015-12-17 11:11 – 000132096 _____ (Seiko Epson Corporation) [File not signed] C:Program Files (x86)EPSON SoftwareEvent Managerepnsm.dll

2009-10-21 17:39 – 2009-10-21 17:39 – 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)EPSON SoftwareEvent ManagerLcMgr.dll

2017-06-29 17:30 – 2019-10-02 02:00 – 000096768 _____ (Seiko Epson Corporation) [File not signed] C:Program Files (x86)EPSON SoftwareFAX UtilityEbpD4Fax.dll

2017-06-29 17:30 – 2019-10-02 02:00 – 000212992 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)EPSON SoftwareFAX UtilityFUADRFIL.dll

2017-06-29 17:30 – 2019-10-02 02:00 – 000286720 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)EPSON SoftwareFAX UtilityFUFAXCFG.dll

2017-06-29 17:30 – 2019-10-02 02:00 – 000446464 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)EPSON SoftwareFAX UtilityFUFAXCSR.DLL

2017-06-29 17:30 – 2019-10-02 02:00 – 000393216 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)EPSON SoftwareFAX UtilityFUFAXLDB.dll

2017-06-29 17:30 – 2019-10-02 02:00 – 000651264 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)EPSON SoftwareFAX UtilityFUFAXTIF.dll

2017-06-29 17:30 – 2019-10-02 02:00 – 000421888 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)EPSON SoftwareFAX UtilityFUIMGCDC.dll

2017-06-29 17:30 – 2019-10-02 02:00 – 000278528 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)EPSON SoftwareFAX UtilityFULEPP.dll

2017-06-29 17:30 – 2019-10-02 02:00 – 000077824 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)EPSON SoftwareFAX UtilityFUSTMMSG.dll

2017-06-29 17:30 – 2019-10-02 02:00 – 000356352 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)EPSON SoftwareFAX UtilityFUSVCCLT.dll

2017-06-29 17:30 – 2019-10-02 02:00 – 000065536 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)EPSON SoftwareFAX UtilityFUUSBHLP.dll

2017-06-29 17:30 – 2019-10-02 02:00 – 000258048 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)EPSON SoftwareFAX UtilityFUVERDLG.dll

2017-06-29 17:30 – 2019-10-02 02:00 – 000073728 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)EPSON SoftwareFAX UtilityLibraryFUDEVCOM.dll

2017-06-29 17:30 – 2019-10-02 02:00 – 000135168 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)EPSON SoftwareFAX UtilityLibraryFUDRVUTL.dll

2017-06-29 17:30 – 2019-10-02 02:00 – 000339968 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)EPSON SoftwareFAX UtilityLibraryFUPRBDEV.dll

2017-06-29 17:30 – 2019-10-02 02:00 – 000286720 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)EPSON SoftwareFAX UtilityLibraryFUSNMPUT.dll

2017-06-29 17:30 – 2019-10-01 12:00 – 000086016 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)Epson SoftwareFAX UtilityResourceFUCMNMSG.dll

2017-06-29 17:30 – 2019-10-01 12:00 – 000090112 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)Epson SoftwareFAX UtilityResourceFUFAXCFGRes.dll

2017-06-29 17:30 – 2019-10-01 12:00 – 000241664 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)Epson SoftwareFAX UtilityResourceFUFAXRCV.dll

2017-06-29 17:30 – 2019-10-01 12:00 – 000110592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)Epson SoftwareFAX UtilityResourceFUFAXSTM.dll

2017-06-29 17:30 – 2019-10-01 12:00 – 000077824 _____ (SEIKO EPSON CORPORATION) [File not signed] C:Program Files (x86)Epson SoftwareFAX UtilityResourceFUPRBDEVRes.dll

2017-06-29 17:28 – 2012-11-12 15:15 – 000558592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:WindowsSystem32enppmon.dll

2017-06-29 17:28 – 2012-10-22 17:19 – 000219648 _____ (SEIKO EPSON CORPORATION) [File not signed] C:WindowsSystem32enpres.dll

2017-06-29 17:30 – 2019-10-02 02:00 – 000786432 _____ (SEIKO EPSON) [File not signed] C:Program Files (x86)EPSON SoftwareFAX UtilityLibraryENCM.dll

2017-06-29 17:30 – 2019-10-02 02:00 – 000278528 _____ (SEIKO EPSON) [File not signed] C:Program Files (x86)EPSON SoftwareFAX UtilityLibraryENNW.dll

2017-06-29 17:30 – 2019-10-02 02:00 – 000299008 _____ (SEIKO EPSON) [File not signed] C:Program Files (x86)EPSON SoftwareFAX UtilityLibraryENUTIL.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => ""="Service"

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 – 2009-06-10 17:00 – 000000824 _____ C:Windowssystem32driversetchosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLMSystemCurrentControlSetControlSession ManagerEnvironment\Path -> C:Program Files (x86)Common FilesOracleJavajavapath;C:ProgramDataOracleJavajavapath;C:Program Files (x86)AMD APPbinx86_64;C:Program Files (x86)AMD APPbinx86;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;%SYSTEMROOT%System32WindowsPowerShellv1.0;C:Program Files (x86)ATI TechnologiesATI.ACECore-Static

HKUS-1-5-21-3312487288-1977858865-3294966506-1000Control PanelDesktop\Wallpaper -> C:UsersEricAppDataRoamingMicrosoftWindowsThemesTranscodedWallpaper.jpg

DNS Servers: 75.75.75.75 – 75.75.76.76

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [F57271F5-6E64-436A-9DDC-1FF5D62B7837] => (Allow) C:Program Files (x86)Mozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [49D6E689-0BDF-48E1-818B-2F54A29E3B2A] => (Allow) C:Program Files (x86)Mozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [FE195C8D-83B5-42E2-AF39-5F598CD92633] => (Allow) C:Program Files (x86)EPSON SoftwareEvent ManagerEEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)

FirewallRules: [29E16CF8-9496-41FD-9C7C-ECBAF04E4E97] => (Allow) C:Program Files (x86)EPSON SoftwareEvent ManagerEEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)

FirewallRules: [39ADE3BA-F527-449C-B24A-C5782E2ABC18] => (Allow) D:CommonEpsonNet SetupENEasyApp.exe => No File

FirewallRules: [F6F02359-46C4-4B1A-966E-B575B74DD9A1] => (Allow) D:CommonEpsonNet SetupENEasyApp.exe => No File

FirewallRules: [TCP Query User4FCC4BC2-9B40-405B-9401-8B70B264A30FC:program files (x86)epson softwareevent managereeventmanager.exe] => (Allow) C:program files (x86)epson softwareevent managereeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)

FirewallRules: [UDP Query User5C116C42-738E-4F1F-97E2-9F9EF69B82A2C:program files (x86)epson softwareevent managereeventmanager.exe] => (Allow) C:program files (x86)epson softwareevent managereeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)

FirewallRules: [TCP Query UserA2B1163D-D654-4B40-9CE1-747167BE26BCC:program files (x86)minecraftruntimejre-x641.8.0_25binjavaw.exe] => (Allow) C:program files (x86)minecraftruntimejre-x641.8.0_25binjavaw.exe => No File

FirewallRules: [UDP Query UserA2AECB7A-B8A9-49AB-8F5B-E4F7614D82C4C:program files (x86)minecraftruntimejre-x641.8.0_25binjavaw.exe] => (Allow) C:program files (x86)minecraftruntimejre-x641.8.0_25binjavaw.exe => No File

FirewallRules: [TCP Query UserFCDFE73D-B269-4BC4-A5E7-E04E5986E16CC:program files (x86)minecraftruntimejre-x641.8.0_25binjavaw.exe] => (Allow) C:program files (x86)minecraftruntimejre-x641.8.0_25binjavaw.exe => No File

FirewallRules: [UDP Query User51A1D336-FE9F-4D3F-8968-7422D7B46788C:program files (x86)minecraftruntimejre-x641.8.0_25binjavaw.exe] => (Allow) C:program files (x86)minecraftruntimejre-x641.8.0_25binjavaw.exe => No File

FirewallRules: [4B878145-E326-4BB4-8C0D-CA84E51037B6] => (Allow) C:Program Files (x86)Epson SoftwareEvent ManagerEEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)

FirewallRules: [769B53A1-A41B-4A27-994A-FF3E06A53A02] => (Allow) C:Program Files (x86)Epson SoftwareEvent ManagerEEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)

FirewallRules: [69150D6F-229A-4316-A4AA-F827CBF1A778] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)

FirewallRules: [5E3442AC-8A2D-4D64-BE64-F632D50A9B8F] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)

FirewallRules: [9FE2765C-353A-47FD-85B9-88414F80EE03] => (Allow) C:Program Files (x86)Steambincefcef.win7steamwebhelper.exe => No File

FirewallRules: [C9ED5E2F-4D67-4E2C-93A0-E60F0133CFD2] => (Allow) C:Program Files (x86)Steambincefcef.win7steamwebhelper.exe => No File

FirewallRules: [E78BE10C-0EF8-4B3D-B41E-ADC1A3CEBBC3] => (Allow) C:Program Files (x86)SteamsteamappscommonGeometry DashGeometryDash.exe () [File not signed]

FirewallRules: [41FE16CA-6A29-47D8-99D3-E2CC8DF81237] => (Allow) C:Program Files (x86)SteamsteamappscommonGeometry DashGeometryDash.exe () [File not signed]

FirewallRules: [32621084-BD70-4C53-B810-C01B99ABC2DA] => (Allow) C:Program Files (x86)SteamsteamappscommonWest of LoathingWest of Loathing.exe () [File not signed]

FirewallRules: [246178CD-BD55-4B45-BAE1-12E74E9CA9AD] => (Allow) C:Program Files (x86)SteamsteamappscommonWest of LoathingWest of Loathing.exe () [File not signed]

FirewallRules: [TCP Query User2F69BA55-0E9F-49D3-8296-1CCB7E779B1FC:usersericappdataroamingspotifyspotify.exe] => (Allow) C:usersericappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [UDP Query User63543BFA-6B88-4A03-A69B-65DFA415F221C:usersericappdataroamingspotifyspotify.exe] => (Allow) C:usersericappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [TCP Query User7EF26635-5C62-4D8A-BF71-18D13738EC92C:usersericdownloadsjopebotjopebot-win32-ia32jopebot.exe] => (Allow) C:usersericdownloadsjopebotjopebot-win32-ia32jopebot.exe (Jordan Porter) [File not signed]

FirewallRules: [UDP Query UserB9DCBC24-8805-4579-8C7E-ADF06868B329C:usersericdownloadsjopebotjopebot-win32-ia32jopebot.exe] => (Allow) C:usersericdownloadsjopebotjopebot-win32-ia32jopebot.exe (Jordan Porter) [File not signed]

FirewallRules: [TCP Query User6184C7D4-253D-45D6-95E2-25670EDFCF65C:program files (x86)minecraftruntimejre-x641.8.0_51binjavaw.exe] => (Allow) C:program files (x86)minecraftruntimejre-x641.8.0_51binjavaw.exe => No File

FirewallRules: [UDP Query UserEB73724F-7745-4C12-9AE5-F3DEA4C3627DC:program files (x86)minecraftruntimejre-x641.8.0_51binjavaw.exe] => (Allow) C:program files (x86)minecraftruntimejre-x641.8.0_51binjavaw.exe => No File

FirewallRules: [TCP Query UserBDDC416C-16FC-4803-8A86-7098F8BE3226C:program files (x86)minecraftruntimejre-x641.8.0_51binjavaw.exe] => (Allow) C:program files (x86)minecraftruntimejre-x641.8.0_51binjavaw.exe => No File

FirewallRules: [UDP Query User06183A7D-EDF3-4A19-95EC-F8CB628AF23BC:program files (x86)minecraftruntimejre-x641.8.0_51binjavaw.exe] => (Allow) C:program files (x86)minecraftruntimejre-x641.8.0_51binjavaw.exe => No File

FirewallRules: [38C40A30-96BF-46EC-85F5-D6B0E3996EA6] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [D4C2638C-0C27-4E87-859A-FD1C639479C2] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [TCP Query UserE9422BD8-33CD-4868-8A57-4D2534347969C:program files (x86)minecraftruntimejre-x64binjavaw.exe] => (Allow) C:program files (x86)minecraftruntimejre-x64binjavaw.exe

FirewallRules: [UDP Query User07C2669F-7151-441B-AC24-9D57950AE354C:program files (x86)minecraftruntimejre-x64binjavaw.exe] => (Allow) C:program files (x86)minecraftruntimejre-x64binjavaw.exe

FirewallRules: [TCP Query UserF72684D1-4122-437B-9805-63B41E6E68E4C:program files (x86)minecraftruntimejre-x64binjavaw.exe] => (Allow) C:program files (x86)minecraftruntimejre-x64binjavaw.exe

FirewallRules: [UDP Query User2F253E3A-0ADB-4681-9504-497A3B6BF3F4C:program files (x86)minecraftruntimejre-x64binjavaw.exe] => (Allow) C:program files (x86)minecraftruntimejre-x64binjavaw.exe

FirewallRules: [F68A9AB6-6C74-43B8-814D-142BB99E1DA9] => (Allow) C:Program Files (x86)SteamsteamappscommonRagnarok Online 2WPLauncher.exe (Gravity Interactive, Inc.) [File not signed]

FirewallRules: [EE5A948A-5D85-4ADB-9A1B-9355DB322BB6] => (Allow) C:Program Files (x86)SteamsteamappscommonRagnarok Online 2WPLauncher.exe (Gravity Interactive, Inc.) [File not signed]

FirewallRules: [BB78E8F5-1560-4976-96F9-053776B5FD7B] => (Allow) C:Program Files (x86)SteamsteamappscommonTerrariaTerraria.exe (Re-Logic) [File not signed]

FirewallRules: [BDA02D4E-7231-443B-B420-40733950A471] => (Allow) C:Program Files (x86)SteamsteamappscommonTerrariaTerraria.exe (Re-Logic) [File not signed]

FirewallRules: [TCP Query UserE0E55BA4-EA34-4918-AED8-C5513561FA77C:program files (x86)steamsteamappscommonterrariaterrariaserver.exe] => (Allow) C:program files (x86)steamsteamappscommonterrariaterrariaserver.exe (Re-Logic) [File not signed]

FirewallRules: [UDP Query User58082C5F-E51E-49E0-ACE1-364B5D4EE47BC:program files (x86)steamsteamappscommonterrariaterrariaserver.exe] => (Allow) C:program files (x86)steamsteamappscommonterrariaterrariaserver.exe (Re-Logic) [File not signed]

FirewallRules: [TCP Query User31788A46-8458-40FF-8678-93F0B7191B99C:program files (x86)steamsteamappscommonterrariatmodloaderserver.exe] => (Allow) C:program files (x86)steamsteamappscommonterrariatmodloaderserver.exe (Re-Logic) [File not signed]

FirewallRules: [UDP Query User481E77C6-534E-4C84-93E6-369AB4D11C92C:program files (x86)steamsteamappscommonterrariatmodloaderserver.exe] => (Allow) C:program files (x86)steamsteamappscommonterrariatmodloaderserver.exe (Re-Logic) [File not signed]

FirewallRules: [TCP Query UserB2F7E2BD-9E20-4716-A211-2CB1E2ECC08BC:usersericappdatalocalprogramskast-appkast.exe] => (Allow) C:usersericappdatalocalprogramskast-appkast.exe (Evasyst, Inc. -> Evasyst, Inc.)

FirewallRules: [UDP Query UserA3573CDC-11EC-4784-890A-10E8A58EC0E7C:usersericappdatalocalprogramskast-appkast.exe] => (Allow) C:usersericappdatalocalprogramskast-appkast.exe (Evasyst, Inc. -> Evasyst, Inc.)

FirewallRules: [104EACAA-A09F-46DD-B076-84A5694EA313] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

24-04-2020 11:55:53 Windows Update

27-04-2020 13:05:12 Windows Update

01-05-2020 11:42:29 Windows Update

05-05-2020 11:14:16 Windows Update

08-05-2020 11:22:48 Windows Update

11-05-2020 11:39:21 Windows Update

==================== Faulty Device Manager Devices ============

Name: Teredo Tunneling Pseudo-Interface

Description: Microsoft Teredo Tunneling Adapter

Class Guid: 4d36e972-e325-11ce-bfc1-08002be10318

Manufacturer: Microsoft

Service: tunnel

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: ========================

Application errors:

==================

Error: (05/11/2020 02:40:29 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Explorer.EXE, version: 6.1.7601.23537, time stamp: 0x57c44efe

Faulting module name: ntdll.dll, version: 6.1.7601.24545, time stamp: 0x5e0eb67f

Exception code: 0xc0000005

Fault offset: 0x000000000001c52c

Faulting process id: 0x66c

Faulting application start time: 0x01d627c153cc1806

Faulting application path: C:WindowsExplorer.EXE

Faulting module path: C:WindowsSYSTEM32ntdll.dll

Report Id: e2cc09a8-93b6-11ea-bb3d-78acc0bd2160

Error: (05/11/2020 02:25:45 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/11/2020 02:23:56 PM) (Source: SideBySide) (EventID: 33) (User: )

Description: Activation context generation failed for "C:Program Files (x86)Epson SoftwareFAX UtilityResourceFULEPPRes.dll".

Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.

Please use sxstrace.exe for detailed diagnosis.

Error: (05/11/2020 11:36:00 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/11/2020 11:34:12 AM) (Source: SideBySide) (EventID: 33) (User: )

Description: Activation context generation failed for "C:Program Files (x86)Epson SoftwareFAX UtilityResourceFULEPPRes.dll".

Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.

Please use sxstrace.exe for detailed diagnosis.

Error: (05/11/2020 02:58:17 AM) (Source: SideBySide) (EventID: 33) (User: )

Description: Activation context generation failed for "C:Program Files (x86)Epson SoftwareFAX UtilityResourceFULEPPRes.dll".

Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.

Please use sxstrace.exe for detailed diagnosis.

Error: (05/10/2020 08:56:02 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (05/10/2020 08:54:14 PM) (Source: SideBySide) (EventID: 33) (User: )

Description: Activation context generation failed for "C:Program Files (x86)Epson SoftwareFAX UtilityResourceFULEPPRes.dll".

Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.

Please use sxstrace.exe for detailed diagnosis.

System errors:

=============

Error: (05/06/2020 05:39:15 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

Description: The following fatal alert was received: 80.

Error: (05/06/2020 05:39:14 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

Description: The following fatal alert was received: 80.

Error: (05/06/2020 05:39:14 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

Description: The following fatal alert was received: 70.

Error: (05/03/2020 07:24:44 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

Description: The following fatal alert was received: 80.

Error: (05/03/2020 07:24:44 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

Description: The following fatal alert was received: 70.

Error: (04/29/2020 11:24:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Steam Client Service service failed to start due to the following error:

The service did not respond to the start or control request in a timely fashion.

Error: (04/29/2020 11:24:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (04/29/2020 05:15:35 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

Description: The following fatal alert was received: 80.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 6.06 03/22/2011

Motherboard: FOXCONN 2AB1

Processor: AMD Athlon™ II X4 640 Processor

Percentage of memory in use: 70%

Total physical RAM: 6143.29 MB

Available physical RAM: 1784.56 MB

Total Virtual: 12284.71 MB

Available Virtual: 7686.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:238.37 GB) (Free:121.61 GB) NTFS

\?Volume85b2accc-5b89-11e7-beef-806e6f6e6963 (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: EB977B7E)

Partition 1: (Active) – (Size=100 MB) – (Type=07 NTFS)

Partition 2: (Not Active) – (Size=238.4 GB) – (Type=07 NTFS)

==================== End of Addition.txt =======================

Commentaires

Laisser un commentaire

Votre commentaire sera révisé par les administrateurs si besoin.