Serveur d'impression

Bruit de Klaxon et voix criante lors de la visualisation de Youtube, etc. – Serveur d’impression

Le 6 mars 2021 - 79 minutes de lecture

[bzkshopping keyword= »Minecraft » count= »8″ template= »grid »]

Au cours de la dernière semaine ou 2, lorsque j'ai visionné une vidéo sur votre tube, j'ai entendu un bruit de hurlement qui ressemble à un homme disant "Gee Gee", cela se produit toutes les 10 minutes environ, et au cours des derniers jours, il a commencé à inclure un son klaxon fort aussi. Cela se produit également lorsque vous jouez à des jeux PC et je l'ai remarqué en écoutant la radio Internet. J'ai fait des analyses de virus et des analyses de logiciels malveillants, cela n'a pas aidé.

Résultat de l'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
Ran par coxyc (administrateur) sur DESKTOP-IRCN2PL (Micro-Star International Co., Ltd. MS-7A34) (06-03-2021 15:47:44)
Exécution à partir de C: Users coxyc Downloads
Profils chargés: coxyc
Plate-forme: Windows 10 Home Version 20H2 19042.804 (X64) Langue: Anglais (Royaume-Uni)
Navigateur par défaut: FF
Mode de démarrage: normal

==================== Processus (sur liste blanche) ==================

(Si une entrée est incluse dans la liste de correctifs, le processus sera fermé. Le fichier ne sera pas déplacé.)

(Adobe Inc. -> Adobe Inc.) C: Program Files (x86) Common Files Adobe ARM 1.0 armsvc.exe
(Advanced Micro Devices, Inc. ->) C: Program Files AMD Performance Profile Client RyzenMaster AUEPRyzenMasterAC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C: Program Files AMD CNext CNext amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C: Program Files AMD CNext CNext AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C: Program Files AMD CNext CNext RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C: Program Files AMD Performance Profile Client AUEPLauncher.exe
(Advanced Micro Devices, Inc. -> AMD) C: Program Files AMD Performance Profile Client AUEPMaster.exe
(Advanced Micro Devices, Inc. -> AMD) C: Program Files AMD Performance Profile Client AUEPUF.exe
(Advanced Micro Devices, Inc. -> AMD) C: Windows System32 DriverStore FileRepository c0361132.inf_amd64_1f7832db1fb1721f B361196 atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C: Windows System32 DriverStore FileRepository c0361132.inf_amd64_1f7832db1fb1721f B361196 atiesrxx.exe
(A-Volute ->) C: Program Files Nahimic Nahimic2 UserInterface Nahimic2Svc32.exe
(A-Volute ->) C: Program Files Nahimic Nahimic2 UserInterface Nahimic2UILauncher.exe
(A-Volute ->) C: Program Files Nahimic Nahimic2 UserInterface x64 Nahimic2Svc64.exe
(Bitdefender SRL -> Bitdefender) C: Program Files Bitdefender Agent DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C: Program Files Bitdefender Agent ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C: Program Files Bitdefender Antivirus Free bdagent.exe
(Bitdefender SRL -> Bitdefender) C: Program Files Bitdefender Antivirus Free bdredline.exe
(Bitdefender SRL -> Bitdefender) C: Program Files Bitdefender Antivirus Free updatesrv.exe
(Bitdefender SRL -> Bitdefender) C: Program Files Bitdefender Antivirus Free vsserv.exe
(Bitdefender SRL -> Bitdefender) C: Program Files Bitdefender Antivirus Free vsservppl.exe
(Google LLC -> Google LLC) C: Program Files (x86) Google Update 1.3.36.72 GoogleCrashHandler.exe
(Google LLC -> Google LLC) C: Program Files (x86) Google Update 1.3.36.72 GoogleCrashHandler64.exe
(Malwarebytes Inc -> Malwarebytes) C: Program Files Malwarebytes Anti-Malware MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C: Program Files Malwarebytes Anti-Malware mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C: Program Files Common Files microsoft shared ClickToRun OfficeClickToRun.exe
(Microsoft Corporation) C: Program Files WindowsApps Microsoft.GamingApp_2102.1001.17.0_x64__8wekyb3d8bbwe XboxAppServices.exe
(Microsoft Corporation) C: Program Files WindowsApps Microsoft.GamingServices_2.50.5005.0_x64__8wekyb3d8bbwe GamingServices.exe
(Microsoft Corporation) C: Program Files WindowsApps Microsoft.GamingServices_2.50.5005.0_x64__8wekyb3d8bbwe GamingServicesNet.exe
(Microsoft Corporation) C: Program Files WindowsApps Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe WinStore.App.exe
(Microsoft Corporation) C: Program Files WindowsApps Microsoft.ZuneMusic_10.20122.11121.0_x64__8wekyb3d8bbwe Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows ImmersiveControlPanel SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 oobe UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 smartscreen.exe
(Éditeur de compatibilité matérielle Microsoft Windows -> Advanced Micro Devices, Inc.) C: Windows System32 amdfendrsr.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C: MSI MSIRegister MSIRegister.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C: MSI MSIRegister MSIRegisterService.exe
(Mozilla Corporation -> Mozilla Corporation) C: Program Files Mozilla Firefox firefox.exe <7>
(Oracle America, Inc. -> Oracle Corporation) C: Program Files (x86) Common Files Java Java Update jusched.exe
(Plex, Inc. ->) C: Program Files (x86) Plex Plex Media Server Plex Tuner Service.exe
(Plex, Inc. -> Plex, Inc.) C: Program Files (x86) Plex Plex Media Server Plex Media Server.exe
(Plex, Inc. -> Plex, Inc.) C: Program Files (x86) Plex Plex Media Server Plex Update Service.exe
(Plex, Inc. -> Python Software Foundation) C: Program Files (x86) Plex Plex Media Server PlexScriptHost.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C: Program Files Realtek Audio HDA RtkNGUI64.exe
(Stichting Blender Foundation -> Blender Foundation) F: Program files Blender blender.exe

==================== Registre (sur liste blanche) ===================

(Si une entrée est incluse dans la liste de correctifs, l'élément de registre sera restauré par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM … Exécuter: [RTHDVCPL] => C: Program Files Realtek Audio HDA RtkNGUI64.exe [9192960 2017-01-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM … Exécuter: [Nahimic2UILauncher] => C: Program Files Nahimic Nahimic2 UserInterface Nahimic2UILauncher.exe [705208 2017-01-13] (A-Volute ->)
HKLM-x32 … Exécuter: [MSIRegister] => C: MSI MSIRegister MSIRegister.exe [1258448 2016-11-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32 … Exécuter: [SunJavaUpdateSched] => C: Program Files (x86) Common Files Java Java Update jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKU S-1-5-21-1329802319-222491363-2786480829-1001 … Exécuter: [Plex Media Server] => C: Program Files (x86) Plex Plex Media Server Plex Media Server.exe [21011440 2020-12-01] (Plex, Inc. -> Plex, Inc.)
HKU S-1-5-21-1329802319-222491363-2786480829-1001 … Exécuter: [Steam] => "C: Program Files (x86) Steam steam.exe" -silent
HKU S-1-5-18 … Exécuter: [] => [X]
HKU S-1-5-18 … Exécuter: [Plex Media Server] => C: Program Files (x86) Plex Plex Media Server Plex Media Server.exe [21011440 2020-12-01] (Plex, Inc. -> Plex, Inc.)
Processeur d'impression HKLM … Windows x64 Print Processors Canon TS8200 series: C: Windows System32 spool prtprocs x64 CNMPDEK.DLL [482816 2018-07-17] (Éditeur de compatibilité matérielle Microsoft Windows -> CANON INC.)
HKLM … Print Monitors Canon BJ Language Monitor TS8200 series: C: WINDOWS system32 CNMLMEK.DLL [904192 2018-07-17] (Éditeur de compatibilité matérielle Microsoft Windows -> CANON INC.)
HKLM … Print Monitors HP E511 Status Monitor: C: WINDOWS system32 hpinkstsE511LM.dll [393352 2017-03-10] (Hewlett Packard -> HP Inc.)
HKLM Software Microsoft Active Setup Composants installés: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> C: Program Files (x86) Google Chrome Application 89.0.4389.82 Installer chrmstp.exe [2021-03-05] (Google LLC -> Google LLC)
Démarrage: C: ProgramData Microsoft Windows Menu Démarrer Programmes Startup Universal Media Server.lnk [2019-07-03]
ShortcutTarget: Universal Media Server.lnk -> C: Program Files (x86) Universal Media Server UMS.exe (Universal Media Server) [File not signed]
Démarrage: C: Users coxyc AppData Roaming Microsoft Windows Menu Démarrer Programmes Startup [email protected] [2020-03-03]
ShortcutTarget: [email protected] -> C: Program Files (x86) FAHClient HideConsole.exe () [File not signed]
GroupPolicy: Restriction? <==== ATTENTION
Stratégies: C: ProgramData NTUSER.pol: Restriction <==== ATTENTION

==================== Tâches planifiées (sur liste blanche) ============

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

Tâche: 115BB854-AEE7-4A62-9F9D-4C5C75F81C4D – System32 Tasks Microsoft Office Office Feature Updates => C: Program Files Microsoft Office root Office16 sdxhelper.exe [145760 2021-02-20] (Microsoft Corporation -> Microsoft Corporation)
Tâche: 1971E81C-3FE7-46A7-9F6A-699CFB719F9A – System32 Tasks AMDAutoUpdate => C: Program Files AMD AutoUpdate AMDAutoUpdate.exe [661240 2018-08-02] (Advanced Micro Devices Inc. ->)
Tâche: 205BCB95-A43E-419F-83FF-322797ED601B – System32 Tasks StartDVR => C: Program Files AMD CNext CNext RSServCmd.exe [69304 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Tâche: 21651624-EC35-4C2F-A4EB-DCA8EC1A8AE3 – System32 Tasks HPCustParticipation HP OfficeJet 3830 series => C: Program Files HP HP OfficeJet 3830 series Bin HPCustPartic.exe [6438536 2017-03-27] (Hewlett Packard -> HP Inc.)
Tâche: 233B68AB-6CFC-4FBE-86B1-C0EFF432F9BA – System32 Tasks ModifyLinkUpdate => C: Program Files AMD CIM Bin64 InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Tâche: 284515BB-672F-488D-B1B2-02FB5470F6FD – System32 Tasks Nahimic2UILauncherRun => C: Program Files Nahimic Nahimic2 UserInterface Nahimic2UILauncher.exe [705208 2017-01-13] (A-Volute ->)
Tâche: 3F161D8D-701C-4273-A8EB-0E950B9CCE6F – System32 Tasks Microsoft Office OfficeTelemetryAgentLogOn2016 => C: Program Files Microsoft Office root Office16 msoia.exe [5057968 2021-02-20] (Microsoft Corporation -> Microsoft Corporation)
Tâche: 4987DE47-7E72-4404-9F3B-43FEC01EDFDD – System32 Tasks Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C: Program Files Bitdefender Agent WatchDog.exe [888232 2021-01-29] (Bitdefender SRL -> Bitdefender)
Tâche: 52CC2F8C-1F79-4073-9049-D66DFC96164E – System32 Tasks GoogleUpdateTaskMachineCore => C: Program Files (x86) Google Update GoogleUpdate.exe [153168 2018-11-10] (Google Inc -> Google Inc.)
Tâche: 61B8081E-E722-4DF8-A771-0EB8EC6C5038 – System32 Tasks AMDInstallLauncher => C: Program Files AMD CIM Bin64 InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Tâche: 64AA1026-42B1-4367-AC42-FF13C490217E – System32 Tasks StartCN => C: Program Files AMD CNext CNext cncmd.exe [61624 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Tâche: 6C330FC1-13E4-47BB-9841-F77EA33A2150 – System32 Tasks SamsungMagician => C: Program Files (x86) Samsung Samsung Magician SamsungMagician.exe [1146048 2018-05-28] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Tâche: 74237DF2-4E56-43DA-9CB7-08C95449653E – System32 Tasks StartCNBM => C: Program Files AMD CNext CNext cncmd.exe [61624 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Tâche: 7EB6C728-A91E-4F37-A78A-BF549E7DCCA0 – System32 Tasks AMDLinkUpdate => C: Program Files AMD CIM Bin64 InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Tâche: 7F8B72B9-471C-41CF-9BEB-A7695DE5DA09 – System32 Tasks Microsoft Office Office Feature Updates Logon => C: Program Files Microsoft Office root Office16 sdxhelper.exe [145760 2021-02-20] (Microsoft Corporation -> Microsoft Corporation)
Tâche: 8979C870-C307-419F-9540-E85827935747 – System32 Tasks Nahimic2svc64Run => C: Program Files Nahimic Nahimic2 UserInterface x64 Nahimic2svc64.exe [513208 2017-01-13] (A-Volute ->)
Tâche: CA76EACE-23D9-47D0-9363-B8AD4158EAD3 – System32 Tasks Microsoft Office Office ClickToRun Service Monitor => C: Program Files Common Files Microsoft Shared ClickToRun OfficeC2RClient.exe [22763912 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Tâche: CBC75386-702D-43AE-855F-728544D1DD3E – System32 Tasks GoogleUpdateTaskMachineUA => C: Program Files (x86) Google Update GoogleUpdate.exe [153168 2018-11-10] (Google Inc -> Google Inc.)
Tâche: CC8C2EB4-21F8-4F12-8BE9-1F58E8BFB611 – System32 Tasks Microsoft Office OfficeTelemetryAgentFallBack2016 => C: Program Files Microsoft Office root Office16 msoia.exe [5057968 2021-02-20] (Microsoft Corporation -> Microsoft Corporation)
Tâche: CE9E5C8B-EA5B-48AC-AE12-76B376CFF96C – System32 Tasks Adobe Acrobat Update Task => C: Program Files (x86) Common Files Adobe ARM 1.0 AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Tâche: D613A936-4934-42C4-8F95-56D545B6DB71 – System32 Tasks Nahimic2svc32Run => C: Program Files Nahimic Nahimic2 UserInterface Nahimic2svc32.exe [2054328 2017-01-13] (A-Volute ->)
Tâche: E3F43394-CEFB-448F-96B3-1A896152BEB1 – System32 Tasks Microsoft Office Office Subscription Maintenance => C: Program Files Microsoft Office root vfs ProgramFilesCommonx64 Microsoft Shared Office16 OLicenseHeartbeat.exe [1683344 2021-02-20] (Microsoft Corporation -> Microsoft Corporation)
Tâche: F22E2EC0-8ACC-4D78-9D72-8C5EF69D237E – Agent de navigateur par défaut System32 Tasks Mozilla Firefox 308046B0AF4A39CB => C: Program Files Mozilla Firefox default-browser-agent.exe [694752 2021-02-23] (Mozilla Corporation -> Fondation Mozilla)
Tâche: FF74BE0C-BA25-4897-A905-F45231ECE251 – System32 Tasks Microsoft Office Office Automatic Updates 2.0 => C: Program Files Common Files Microsoft Shared ClickToRun OfficeC2RClient.exe [22763912 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)

(Si une entrée est incluse dans la liste de correctifs, le fichier de la tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

==================== Internet (sur liste blanche) ====================

(Si un élément est inclus dans la liste de correctifs, s'il s'agit d'un élément de registre, il sera supprimé ou restauré par défaut.)

Hôtes: il existe plusieurs entrées dans les hôtes. Voir la section Hôtes de Addition.txt
Tcpip .. Interfaces 79127cc1-0fef-4e61-b6f7-995b3834b753: [DhcpNameServer] 194.168.4.100 194.168.8.100

Bord:
=======
Profil Edge: C: Users coxyc AppData Local Microsoft Edge User Data Default [2021-02-25]
Edge HKLM-x32 … Edge Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Renard de feu:
========
Profil par défaut FF: 96f7c7pu.default
FF ProfilePath: C: Users coxyc AppData Roaming Mozilla Firefox Profiles 96f7c7pu.default [2021-03-06]
Notifications FF: Mozilla Firefox Profiles 96f7c7pu.default -> hxxps: //www.national-lottery.co.uk; hxxps: //www.wish.com
Extension FF: (Malwarebytes Browser Guard) – C: Users coxyc AppData Roaming Mozilla Firefox Profiles 96f7c7pu.default Extensions 242af0bb-db11-4734-b7a0-61cb8a9b20fb .xpi [2021-03-06]
Extension FF: (YouTube haute définition) – C: Users coxyc AppData Roaming Mozilla Firefox Profiles 96f7c7pu.default Extensions 7b1bf0b6-a1b9-42b0-b75d-252036438bdc .xpi [2021-02-02]
FF SearchPlugin: C: Users coxyc AppData Roaming Mozilla Firefox Profiles 96f7c7pu.default searchplugins bing-lavasoft-ff59.xml [2018-10-20]
Plugin FF: @ java.com / DTPlugin, version = 11.281.2 -> C: Program Files Java jre1.8.0_281 bin dtplugin npDeployJava1.dll [2021-02-16] (Oracle America, Inc. -> Oracle Corporation)
Plugin FF: @ java.com / JavaPlugin, version = 11.281.2 -> C: Program Files Java jre1.8.0_281 bin plugin2 npjp2.dll [2021-02-16] (Oracle America, Inc. -> Oracle Corporation)
Plugin FF: @ microsoft.com / SharePoint, version = 14.0 -> C: Program Files Microsoft Office root Office16 NPSPWRAP.DLL [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @ microsoft.com / Lync, version = 15.0 -> C: Program Files Microsoft Office root VFS ProgramFilesX86 Mozilla Firefox plugins npmeetingjoinpluginoc.dll [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @ microsoft.com / SharePoint, version = 14.0 -> C: Program Files Microsoft Office root VFS ProgramFilesX86 Microsoft Office Office16 NPSPWRAP.DLL [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C: Program Files (x86) Adobe Acrobat Reader DC Reader AIR nppdf32.dll [2021-02-24] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C: Program Files mozilla firefox defaults pref bd_js_config.js [2020-04-09] <==== ATTENTION (pointe vers le fichier * .cfg)
FF ExtraCheck: C: Program Files mozilla firefox bd_config.cfg [2020-04-09] <==== ATTENTION

Chrome:
=======
Profil CHR: C: Users coxyc AppData Local Google Chrome User Data Default [2021-03-05]
Extension CHR: (Slides) – C: Users coxyc AppData Local Google Chrome User Data Default Extensions aapocclcgogkmnckokdopfmhonfmgoek [2018-11-10]
Extension CHR: (Docs) – C: Users coxyc AppData Local Google Chrome User Data Default Extensions aohghmighlieiainnegkcijnfilokake [2018-11-10]
Extension CHR: (Google Drive) – C: Users coxyc AppData Local Google Chrome User Data Default Extensions apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
Extension CHR: (YouTube) – C: Users coxyc AppData Local Google Chrome User Data Default Extensions blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-10]
Extension CHR: (Sheets) – C: Users coxyc AppData Local Google Chrome User Data Default Extensions felcaaldnbdncclmgdcncolpebgiejap [2018-11-10]
Extension CHR: (Google Docs hors ligne) – C: Users coxyc AppData Local Google Chrome User Data Default Extensions ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-04]
Extension CHR: (Paiements Chrome Web Store) – C: Users coxyc AppData Local Google Chrome User Data Default Extensions nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
Extension CHR: (Gmail) – C: Users coxyc AppData Local Google Chrome User Data Default Extensions pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
Extension CHR: (Chrome Media Router) – C: Users coxyc AppData Local Google Chrome User Data Default Extensions pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-04]
CHR HKLM-x32 … Chrome Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (sur liste blanche) ===================

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

R2 AdobeARMservice; C: Program Files (x86) Common Files Adobe ARM 1.0 armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AUEPLauncher; C: Program Files AMD CIM .. Performance Profile Client AUEPLauncher.exe [61832 2020-11-13] (Advanced Micro Devices, Inc. -> AMD)
R2 bdredline; C: Program Files Bitdefender Antivirus Free bdredline.exe [2500144 2020-04-09] (Bitdefender SRL -> Bitdefender)
R2 ClickToRunSvc; C: Program Files Common Files Microsoft Shared ClickToRun OfficeClickToRun.exe [8854920 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C: Program Files (x86) EasyAntiCheat EasyAntiCheat.exe [803952 2020-11-06] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 MBAMService; C: Program Files Malwarebytes Anti-Malware MBAMService.exe [7456464 2021-03-06] (Malwarebytes Inc -> Malwarebytes)
R2 MSIREGISTER_MR; C: MSI MSIRegister MSIRegisterService.exe [132048 2016-10-07] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 PlexUpdateService; C: Program Files (x86) Plex Plex Media Server Plex Update Service.exe [1425912 2020-12-01] (Plex, Inc. -> Plex, Inc.)
R2 ProductAgentService; C: Program Files Bitdefender Agent ProductAgentService.exe [1358248 2021-01-29] (Bitdefender SRL -> Bitdefender)
R2 updatesrv; C: Program Files Bitdefender Antivirus Free updatesrv.exe [242024 2020-12-08] (Bitdefender SRL -> Bitdefender)
R2 vsserv; C: Program Files Bitdefender Antivirus Free vsserv.exe [570208 2021-01-25] (Bitdefender SRL -> Bitdefender)
R2 vsservppl; C: Program Files Bitdefender Antivirus Free vsservppl.exe [242024 2020-12-08] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C: Program Files Windows Defender NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C: Program Files Windows Defender MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Pilotes (sur liste blanche) ===================

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

R3 AMDXE; C: WINDOWS System32 drivers amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 atc; C: WINDOWS System32 DRIVERS atc.sys [2718744 2021-02-26] (Bitdefender SRL -> Bitdefender S.R.L. Bucarest, ROUMANIE)
R2 BdDci; C: WINDOWS system32 DRIVERS bddci.sys [802976 2020-12-08] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C: WINDOWS System32 drivers bdelam.sys [22960 2019-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
S3 BthA2dp; C: WINDOWS System32 drivers BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 edrsensor; C: WINDOWS System32 DRIVERS edrsensor.sys [309120 2020-02-03] (Bitdefender SRL -> BitDefender S.R.L. Bucarest, ROUMANIE)
S3 epmntdrv; C: WINDOWS system32 epmntdrv.sys [36280 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. ->)
R0 EPMVolFl; C: WINDOWS System32 drivers EPMVolFl.sys [30136 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> Fournisseur Windows ® Nom de code Longhorn DDK)
R1 ESProtectionDriver; C: WINDOWS system32 drivers mbae64.sys [153312 2021-03-06] (Malwarebytes Corporation -> Malwarebytes)
R0 EUDCPEPM; C: WINDOWS System32 drivers EUDCPEPM.sys [85424 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUEDKEPM; C: WINDOWS system32 drivers EUEDKEPM.sys [33712 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
R1 Gemma; C: WINDOWS System32 DRIVERS gemma.sys [488592 2021-02-26] (Bitdefender SRL -> BitDefender S.R.L. Bucarest, ROUMANIE)
R2 MBAMChameleon; C: WINDOWS System32 Drivers MbamChameleon.sys [220616 2021-03-06] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C: WINDOWS System32 DRIVERS MbamElam.sys [19912 2021-03-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C: WINDOWS System32 DRIVERS farflt.sys [198248 2021-03-06] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C: WINDOWS system32 DRIVERS mbam.sys [77496 2021-03-06] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C: WINDOWS System32 Drivers mbamswissarmy.sys [248992 2021-03-06] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C: WINDOWS system32 DRIVERS mwac.sys [142416 2021-03-06] (Malwarebytes Inc -> Malwarebytes)
S3 ssudmdm; C: WINDOWS system32 DRIVERS ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tapprotonvpn; C: WINDOWS System32 drivers tapprotonvpn.sys [44976 2018-09-07] (Éditeur de compatibilité matérielle Microsoft Windows -> Le projet OpenVPN)
R2 trufos; C: WINDOWS System32 drivers trufos.sys [640760 2020-10-02] (Bitdefender SRL -> Bitdefender)
R0 vlflt; C: WINDOWS System32 DRIVERS vlflt.sys [386800 2020-12-08] (Bitdefender SRL -> Bitdefender)
S3 WdBoot; C: WINDOWS system32 drivers WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C: WINDOWS system32 drivers WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C: WINDOWS System32 Drivers WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C: WINDOWS system32 DRIVERS wintun.sys [38176 2021-02-13] (WireGuard LLC -> WireGuard LLC)
S3 EuGdiDrv; SystemRoot system32 EuGdiDrv.sys [X]

==================== NetSvcs (sur liste blanche) ====================

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

==================== Un mois (créé) (sur liste blanche) =========

(Si une entrée est incluse dans la liste de correctifs, le fichier / dossier sera déplacé.)

2021-03-06 15:47 – 2021-03-06 15:48 – 000023762 _____ C: Users coxyc Downloads FRST.txt
06/03/2021 15:45 – 06/03/2021 15:48 – 000000000 ____D C: FRST
2021-03-06 15:45 – 2021-03-06 15:45 – 002301440 _____ (Farbar) C: Users coxyc Downloads FRST64.exe
2021-03-06 15:32 – 2021-03-06 15:32 – 000198248 _____ (Malwarebytes) C: WINDOWS system32 Drivers farflt.sys
2021-03-06 15:32 – 2021-03-06 15:32 – 000142416 _____ (Malwarebytes) C: WINDOWS system32 Drivers mwac.sys
2021-03-06 15:32 – 2021-03-06 15:32 – 000077496 _____ (Malwarebytes) C: WINDOWS system32 Drivers mbam.sys
2021-03-06 15:31 – 2021-03-06 15:31 – 000248992 _____ (Malwarebytes) C: WINDOWS system32 Drivers mbamswissarmy.sys
2021-03-06 15:31 – 2021-03-06 15:31 – 000220616 _____ (Malwarebytes) C: WINDOWS system32 Drivers MbamChameleon.sys
2021-03-06 15:31 – 2021-03-06 15:31 – 000153312 _____ (Malwarebytes) C: WINDOWS system32 Drivers mbae64.sys
2021-03-06 15:31 – 2021-03-06 15:31 – 000019912 _____ (Malwarebytes) C: WINDOWS system32 Drivers MbamElam.sys
2021-03-06 15:31 – 2021-03-06 15:31 – 000002033 _____ C: ProgramData Microsoft Windows Menu Démarrer Programmes Malwarebytes.lnk
2021-03-06 15:31 – 2021-03-06 15:31 – 000002021 _____ C: Users Public Desktop Malwarebytes.lnk
2021-03-06 15:31 – 2021-03-06 15:31 – 000002021 _____ C: ProgramData Desktop Malwarebytes.lnk
2021-03-06 15:31 – 2021-03-06 15:31 – 000000000 ____D C: Users coxyc AppData Local mbam
2021-03-06 15:31 – 2021-03-06 15:31 – 000000000 ____D C: ProgramData Malwarebytes
2021-03-06 15:31 – 2021-03-06 15:31 – 000000000 ____D C: Program Files Malwarebytes
2021-03-06 15:30 – 2021-03-06 15:31 – 002084016 _____ (Malwarebytes) C: Users coxyc Downloads MBSetup.exe
2021-03-06 10:29 – 2021-03-06 10:29 – 000534294 _____ C: Users coxyc Downloads xbox001.torrent
04/03/2021 20:00 – 04/03/2021 20:02 – 773404466 _____ C: Users coxyc Downloads TheGreatHuntWheelofTimeBook2_ep6.aax
04/03/2021 20:00 – 04/03/2021 20:01 – 727411626 _____ C: Users coxyc Downloads TheFinalEmpireMistbornBook1_ep6.aax
04/03/2021 20:00 – 04/03/2021 20:01 – 576312898 _____ C: Users coxyc Downloads WeAreLegionWeAreBobBobiverseBook1_ep7.aax
04/03/2021 20:00 – 04/03/2021 20:01 – 481025182 _____ C: Users coxyc Downloads ChildrenofTime_ep6.aax
04/03/2021 20:00 – 04/03/2021 20:01 – 327667581 _____ C: Users coxyc Downloads Ringworld_ep6.aax
04/03/2021 19:59 – 04/03/2021 20:00 – 385777838 _____ C: Users coxyc Downloads UntiltheEndoftheWorld_ep6.aax
04/03/2021 19:31 – 04/03/2021 19:31 – 006879744 _____ C: Users coxyc Downloads yuzu_install.exe
04/03/2021 16:10 – 04/03/2021 16:10 – 000906004 _____ C: Users coxyc OneDrive Documents Architect model3.blend
2021-03-04 13:01 – 2021-03-04 13:01 – 000446175 _____ C: Users coxyc OneDrive Documents Hospital rendez-vous.pdf
2021-03-03 19:29 – 2021-03-03 19:29 – 000884852 _____ C: Users coxyc OneDrive Documents Architect model2.blend
2021-03-03 16:41 – 2021-03-03 16:41 – 000876804 _____ C: Users coxyc OneDrive Documents Architect model1.blend
2021-02-28 20:49 – 2021-02-28 20:55 – 000820812 _____ C: Users coxyc OneDrive Documents Architect model.blend
2021-02-28 20:49 – 2021-02-28 20:49 – 000815788 _____ C: Users coxyc OneDrive Documents Architect model.blend1
2021-02-28 19:17 – 2021-02-28 19:17 – 000000000 ____D C: Users coxyc Downloads plan
2021-02-28 19:16 – 2021-02-28 19:16 – 001740539 _____ C: Users coxyc Downloads plan.rar
2021-02-27 18:14 – 2021-02-27 19:33 – 000801368 _____ C: Users coxyc OneDrive Documents 3D house.blend
2021-02-27 18:14 – 2021-02-27 18:14 – 000791728 _____ C: Users coxyc OneDrive Documents 3D house.blend1
2021-02-27 16:09 – 2021-02-27 16:18 – 000000000 ____D C: Users coxyc Downloads v1ol1vmxrm68-All_files
2021-02-27 16:09 – 2021-02-27 16:09 – 000000000 ____D C: Users coxyc Downloads e9ir8pjelx4w-building
2021-02-27 16:08 – 2021-02-27 16:08 – 007129371 _____ C: Users coxyc Downloads e9ir8pjelx4w-building.rar
2021-02-27 16:07 – 2021-02-27 16:07 – 005575033 _____ C: Users coxyc Downloads v1ol1vmxrm68-All_files.rar
2021-02-27 15:35 – 2021-02-27 15:35 – 000083400 _____ C: Users coxyc Downloads building_tools-v1.0.8.zip
2021-02-27 07:59 – 2021-02-27 07:59 – 000000000 ____D C: Users coxyc AppData Local REDEngine
2021-02-27 07:59 – 2021-02-27 07:59 – 000000000 ____D C: Users coxyc AppData Local GOG.com
2021-02-27 07:59 – 2021-02-27 07:59 – 000000000 ____D C: Users coxyc AppData Local CD Projekt Red
2021-02-24 20:56 – 2021-02-24 20:56 – 012957964 _____ C: Users coxyc OneDrive Documents Sword_Scene_light2.blend
2021-02-24 20:05 – 2021-02-24 20:05 – 000002120 _____ C: WINDOWS system32 Drivers etc hosts.rollback
2021-02-24 20:05 – 2018-04-11 23:36 – 000000824 _____ C: WINDOWS system32 Drivers etc hosts.backup
2021-02-23 20:57 – 2021-02-23 20:57 – 012929780 _____ C: Users coxyc OneDrive Documents Sword_Scene_light.blend
2021-02-23 17:24 – 2021-02-23 17:24 – 000361641 _____ C: Users coxyc OneDrive Documents Car.pdf
2021-02-23 17:24 – 2021-02-23 17:24 – 000000000 ____D C: WINDOWS system32 Tasks Mozilla
2021-02-23 17:02 – 2021-02-27 18:15 – 000000000 ____D C: Program Files Mozilla Firefox
2021-02-22 20:56 – 2021-02-22 20:56 – 012833912 _____ C: Users coxyc OneDrive Documents Sword_Scene.blend
2021-02-22 20:08 – 2021-02-22 20:08 – 001424412 _____ C: Users coxyc OneDrive Documents Sword7.blend
2021-02-21 20:34 – 2021-02-21 20:34 – 001348280 _____ C: Users coxyc OneDrive Documents Sword6.blend
2021-02-21 20:29 – 2021-02-21 20:29 – 000000000 ____D C: Users coxyc Downloads Part + 3 + – + YouTube
2021-02-21 16:40 – 2021-02-21 20:06 – 001262496 _____ C: Users coxyc OneDrive Documents Sword5.blend
2021-02-21 16:40 – 2021-02-21 20:01 – 001242432 _____ C: Users coxyc OneDrive Documents Sword5.blend1
2021-02-21 16:31 – 2021-02-21 16:31 – 001237736 _____ C: Users coxyc OneDrive Documents Sword4.blend
2021-02-21 16:09 – 2021-02-21 16:09 – 001173744 _____ C: Users coxyc OneDrive Documents Sword3.blend
2021-02-21 15:11 – 2021-02-21 15:11 – 000000000 ____D C: Users coxyc Downloads BlenderFastTrack_Sword
2021-02-21 15:08 – 2021-02-21 15:08 – 000958648 _____ C: Users coxyc OneDrive Documents Sword2.blend
2021-02-21 13:04 – 2021-02-21 13:04 – 000945752 _____ C: Users coxyc OneDrive Documents Sword1.blend
2021-02-21 07:54 – 2021-02-21 07:54 – 000775936 _____ C: Users coxyc OneDrive Documents Sword.blend
2021-02-21 06:48 – 2021-03-06 13:56 – 000000000 ____D C: Users coxyc AppData LocalLow uTorrent
2021-02-20 17:16 – 2021-02-20 17:16 – 000000000 ____D C: Users coxyc Downloads lazyviewport-master
2021-02-20 17:11 – 2021-02-20 17:11 – 000001545 _____ C: Users coxyc Downloads lazyviewport-master.zip
2021-02-20 17:07 – 2021-02-20 17:07 – 007059580 _____ C: Users coxyc OneDrive Documents Minecraft pillars.blend
2021-02-20 16:15 – 2021-02-20 16:15 – 000000000 ____D C: Users coxyc Downloads BlenderFastTrack_MineCraft
2021-02-20 16:14 – 2021-02-20 16:15 – 650629077 _____ C: Users coxyc Downloads Part + 3 + – + YouTube.zip
2021-02-20 16:14 – 2021-02-20 16:14 – 005079739 _____ C: Users coxyc Downloads BlenderFastTrack_Sword.zip
2021-02-20 16:13 – 2021-02-20 16:14 – 000794785 _____ C: Users coxyc Downloads BlenderFastTrack_MineCraft.zip
2021-02-20 13:34 – 2021-02-20 13:34 – 000000000 ____D C: Program Files Microsoft Update Health Tools
2021-02-18 17:33 – 2021-02-18 17:33 – 001144656 _____ C: Users coxyc OneDrive Documents Chair complete.blend
2021-02-18 16:06 – 2021-02-18 16:06 – 000000364 _____ C: Users coxyc AppData Roaming PureRef.ini
2021-02-18 12:20 – 2021-02-18 16:23 – 001184456 _____ C: Users coxyc OneDrive Documents Chair uv unwrap2.blend
2021-02-18 12:20 – 2021-02-18 12:20 – 001178048 _____ C: Users coxyc OneDrive Documents Chair uv unwrap2.blend1
2021-02-18 11:30 – 2021-02-18 19:04 – 000000000 ____D C: Users coxyc Downloads WoodQuarteredChiffon001
2021-02-18 11:28 – 2021-02-18 11:29 – 064876984 _____ C: Users coxyc Downloads WoodQuarteredChiffon001.zip
2021-02-18 10:44 – 2021-02-18 10:44 – 001113560 _____ C: Users coxyc OneDrive Documents Chair uv unwrap1.blend
2021-02-16 17:09 – 2021-02-18 10:42 – 001090812 _____ C: Users coxyc OneDrive Documents Chair uv unwrap.blend
2021-02-16 17:09 – 2021-02-18 10:30 – 001078332 _____ C: Users coxyc OneDrive Documents Chair uv unwrap.blend1
2021-02-16 14:41 – 2021-02-16 14:41 – 000929176 _____ C: Users coxyc OneDrive Documents Chair10.blend
2021-02-15 19:12 – 2021-02-20 09:55 – 000000000 ____D C: Users coxyc AppData Roaming playstation-now
2021-02-15 19:12 – 2021-02-15 19:12 – 000001073 _____ C: Users Public Desktop PlayStation ™ Now.lnk
2021-02-15 19:12 – 2021-02-15 19:12 – 000001073 _____ C: ProgramData Desktop PlayStation ™ Now.lnk
2021-02-15 19:12 – 2021-02-15 19:12 – 000000000 ____D C: ProgramData Microsoft Windows Menu Démarrer Programmes PlayStation ™ Now
2021-02-15 15:54 – 2021-02-15 15:54 – 000835624 _____ C:UserscoxycOneDriveDocumentsChair9.blend
2021-02-14 17:14 – 2021-02-15 14:55 – 000823200 _____ C:UserscoxycOneDriveDocumentsChair8.blend
2021-02-14 17:14 – 2021-02-14 17:14 – 000825768 _____ C:UserscoxycOneDriveDocumentsChair8.blend1
2021-02-14 17:04 – 2021-02-14 17:04 – 000823712 _____ C:UserscoxycOneDriveDocumentsChair7.blend
2021-02-14 13:54 – 2021-02-14 13:54 – 000800040 _____ C:UserscoxycOneDriveDocumentsChair6.blend
2021-02-14 12:45 – 2021-02-14 12:45 – 000800040 _____ C:UserscoxycOneDriveDocumentsChair5.blend
2021-02-13 17:22 – 2021-02-13 17:22 – 000784652 _____ C:UserscoxycOneDriveDocumentsChair4.blend
2021-02-13 17:00 – 2021-02-13 17:02 – 000783700 _____ C:UserscoxycOneDriveDocumentsChair3.blend
2021-02-13 17:00 – 2021-02-13 17:00 – 000783668 _____ C:UserscoxycOneDriveDocumentsChair3.blend1
2021-02-13 16:33 – 2021-02-13 16:33 – 000791676 _____ C:UserscoxycOneDriveDocumentsChair2.blend
2021-02-13 14:54 – 2021-03-06 15:29 – 000000000 ____D C:UserscoxycAppDataLocalStrongVPN
2021-02-13 14:54 – 2021-02-13 14:54 – 000000000 ____D C:UserscoxycAppDataLocalStrong_Technology,_LLC
2021-02-13 14:52 – 2021-02-13 14:52 – 000038176 _____ (WireGuard LLC) C:WINDOWSsystem32Driverswintun.sys
2021-02-13 14:52 – 2021-02-13 14:52 – 000000976 _____ C:UsersPublicDesktopStrongVPN.lnk
2021-02-13 14:52 – 2021-02-13 14:52 – 000000976 _____ C:ProgramDataDesktopStrongVPN.lnk
2021-02-13 14:51 – 2021-02-13 14:52 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsStrongVPN
2021-02-13 14:51 – 2021-02-13 14:51 – 032747528 _____ (Strong Technology, LLC) C:UserscoxycDownloadsStrongVPN-latest.exe
2021-02-13 14:51 – 2021-02-13 14:51 – 000000000 ____D C:Program FilesStrongVPN
2021-02-11 19:51 – 2021-02-11 19:51 – 000247295 _____ C:UserscoxycOneDriveDocumentsScan.pdf
2021-02-11 00:17 – 2021-02-11 00:17 – 002755584 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mshtml.tlb
2021-02-11 00:16 – 2021-02-11 00:16 – 002755584 _____ (Microsoft Corporation) C:WINDOWSsystem32mshtml.tlb
2021-02-11 00:16 – 2021-02-11 00:16 – 001314112 _____ (Microsoft Corporation) C:WINDOWSsystem32SecConfig.efi
2021-02-11 00:16 – 2021-02-11 00:16 – 000231232 _____ C:WINDOWSsystem32containerdevicemanagement.dll
2021-02-11 00:16 – 2021-02-11 00:16 – 000010892 _____ C:WINDOWSsystem32DrtmAuthTxt.wim
2021-02-10 20:37 – 2021-02-26 16:02 – 000979416 _____ C:UserscoxycOneDriveDocumentsHouse.blend
2021-02-10 20:37 – 2021-02-12 16:13 – 000976968 _____ C:UserscoxycOneDriveDocumentsHouse.blend1
2021-02-09 16:28 – 2021-02-09 16:28 – 000816616 _____ C:UserscoxycOneDriveDocumentsChair2blend.blend
2021-02-08 13:53 – 2021-02-08 13:53 – 000087748 _____ C:ProgramDataagent.update.1612792407.bdinstall.v2.bin
2021-02-07 20:13 – 2021-02-13 16:17 – 000774844 _____ C:UserscoxycOneDriveDocumentsChair1.blend
2021-02-07 20:13 – 2021-02-07 20:13 – 000834084 _____ C:UserscoxycOneDriveDocumentsChair1.blend1
2021-02-07 19:38 – 2021-02-07 19:45 – 000793572 _____ C:UserscoxycOneDriveDocumentsChair.blend
2021-02-07 19:38 – 2021-02-07 19:38 – 000794932 _____ C:UserscoxycOneDriveDocumentsChair.blend1
2021-02-07 16:21 – 2021-02-07 16:21 – 000791252 _____ C:UserscoxycDownloadsChair.blend
2021-02-07 13:58 – 2021-02-07 13:58 – 000000000 ____D C:UserscoxycAppDataRoamingMicrosoftWindowsStart MenuProgramsPureRef
2021-02-07 13:57 – 2021-02-07 13:57 – 009905456 _____ (Idyllic Pixel) C:UserscoxycDownloadsPureRef-1.11.1_x64.exe
2021-02-07 13:44 – 2021-02-07 13:44 – 000000000 ____D C:UserscoxycDownloadsReferences
2021-02-07 13:43 – 2021-02-07 13:43 – 006698352 _____ C:UserscoxycDownloadsReferences.zip
2021-02-07 13:20 – 2021-02-07 13:20 – 001205928 _____ C:UserscoxycDownloadsCCO_Male_base_mesh_standing.blend
2021-02-07 12:05 – 2021-02-07 12:05 – 003042598 _____ C:UserscoxycDownloadsBricksFlemishRed001.zip
2021-02-07 12:05 – 2021-02-07 12:05 – 000000000 ____D C:UserscoxycDownloadsBricksFlemishRed001
2021-02-07 07:41 – 2021-02-07 07:41 – 040890966 _____ C:UserscoxycDownloadsFabricUpholsteryBrightAnglePattern001.zip
2021-02-07 07:41 – 2021-02-07 07:41 – 000000000 ____D C:UserscoxycDownloadsFabricUpholsteryBrightAnglePattern001
2021-02-06 17:21 – 2021-02-07 07:29 – 000798184 _____ C:UserscoxycOneDriveDocumentsCupcake.blend
2021-02-06 17:21 – 2021-02-06 17:21 – 000790616 _____ C:UserscoxycOneDriveDocumentsCupcake.blend1
2021-02-04 15:50 – 2021-02-04 15:50 – 001576153 _____ C:UserscoxycDownloadsBricksPaintedWhite001.zip
2021-02-04 15:50 – 2021-02-04 15:50 – 000000000 ____D C:UserscoxycDownloadsBricksPaintedWhite001
2021-02-04 15:15 – 2021-02-04 15:15 – 000000000 ____D C:UserscoxycDownloadsStoneMarbleCalacatta004
2021-02-04 15:14 – 2021-02-04 15:14 – 001799039 _____ C:UserscoxycDownloadsStoneMarbleCalacatta004.zip

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-06 15:49 – 2020-03-17 18:21 – 000000000 ____D C:Program FilesBitdefender Antivirus Free
2021-03-06 15:37 – 2019-01-29 19:06 – 000000000 ____D C:ProgramDataMozilla
2021-03-06 15:36 – 2018-10-22 05:25 – 000000000 ____D C:ProgramDataAuslogics
2021-03-06 15:36 – 2018-10-22 05:25 – 000000000 ____D C:Program Files (x86)Auslogics
2021-03-06 15:36 – 2018-10-20 16:39 – 000000000 ____D C:UserscoxycAppDataLocalLowMozilla
2021-03-06 15:31 – 2019-12-07 09:14 – 000000000 ___HD C:WINDOWSELAMBKUP
2021-03-06 15:09 – 2019-12-07 09:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft
2021-03-06 14:29 – 2020-06-25 16:49 – 000000000 ____D C:WINDOWSsystem32SleepStudy
2021-03-06 13:57 – 2018-10-20 18:23 – 000000000 ____D C:UserscoxycAppDataRoaminguTorrent
2021-03-06 13:56 – 2019-03-24 20:07 – 000000000 ____D C:UserscoxycAppDataLocalBitTorrentHelper
2021-03-05 22:07 – 2018-11-10 11:01 – 000002301 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk
2021-03-05 22:07 – 2018-11-10 11:01 – 000002260 _____ C:UsersPublicDesktopGoogle Chrome.lnk
2021-03-05 22:07 – 2018-11-10 11:01 – 000002260 _____ C:ProgramDataDesktopGoogle Chrome.lnk
2021-03-05 19:03 – 2018-10-20 19:57 – 000000000 ____D C:UserscoxycAppDataLocalD3DSCache
2021-03-05 17:06 – 2019-12-07 09:14 – 000000000 ___HD C:Program FilesWindowsApps
2021-03-05 17:06 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSAppReadiness
2021-03-05 10:55 – 2020-08-28 02:42 – 000002438 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk
2021-03-05 10:55 – 2020-08-28 02:42 – 000002276 _____ C:UsersPublicDesktopMicrosoft Edge.lnk
2021-03-05 10:55 – 2020-08-28 02:42 – 000002276 _____ C:ProgramDataDesktopMicrosoft Edge.lnk
2021-03-05 00:49 – 2020-08-28 02:42 – 000003480 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineUA
2021-03-05 00:49 – 2020-08-28 02:42 – 000003356 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore
2021-03-04 19:31 – 2020-03-21 20:30 – 000002234 _____ C:UserscoxycAppDataRoamingMicrosoftWindowsStart MenuProgramsyuzu.lnk
2021-03-04 19:31 – 2020-03-21 20:21 – 000000000 ____D C:UserscoxycAppDataLocalyuzu
2021-03-04 09:09 – 2020-06-25 16:56 – 000840598 _____ C:WINDOWSsystem32PerfStringBackup.INI
2021-03-04 09:09 – 2019-12-07 09:13 – 000000000 ____D C:WINDOWSINF
2021-02-27 19:27 – 2019-12-07 09:14 – 000000000 ___RD C:WINDOWSImmersiveControlPanel
2021-02-27 18:28 – 2019-01-06 14:08 – 000002136 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAcrobat Reader DC.lnk
2021-02-27 18:16 – 2020-03-03 23:24 – 000000000 ____D C:UserscoxycAppDataRoamingFAHClient
2021-02-27 18:16 – 2019-07-03 19:35 – 000000000 ____D C:ProgramDataUMS
2021-02-27 18:15 – 2021-01-02 14:17 – 000003110 _____ C:WINDOWSsystem32TasksAMDLinkUpdate
2021-02-27 18:15 – 2020-07-01 18:36 – 000003126 _____ C:WINDOWSsystem32TasksAMDInstallLauncher
2021-02-27 18:15 – 2020-06-25 17:00 – 000000006 ____H C:WINDOWSTasksSA.DAT
2021-02-27 18:15 – 2020-06-25 16:49 – 000008192 ___SH C:DumpStack.log.tmp
2021-02-27 18:15 – 2018-10-20 16:42 – 000000000 ____D C:UserscoxycAppDataLocalPlex Media Server
2021-02-27 18:15 – 2018-10-20 16:38 – 000000000 ____D C:Program Files (x86)Mozilla Maintenance Service
2021-02-27 18:14 – 2019-12-07 09:03 – 000524288 _____ C:WINDOWSsystem32configBBI
2021-02-27 18:14 – 2018-10-20 15:48 – 000065536 _____ C:WINDOWSsystem32spu_storage.bin
2021-02-26 23:38 – 2020-06-25 17:00 – 000003378 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-1329802319-222491363-2786480829-1001
2021-02-26 23:38 – 2020-06-25 16:50 – 000002363 _____ C:UserscoxycAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2021-02-26 23:38 – 2018-10-20 15:55 – 000000000 ___RD C:UserscoxycOneDrive
2021-02-26 13:07 – 2019-12-07 09:03 – 000065536 _____ C:WINDOWSsystem32configELAM
2021-02-26 13:04 – 2020-03-17 18:23 – 002718744 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:WINDOWSsystem32Driversatc.sys
2021-02-26 13:04 – 2020-03-17 18:23 – 000488592 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:WINDOWSsystem32Driversgemma.sys
2021-02-24 20:05 – 2020-09-05 18:06 – 000000000 ____D C:WINDOWSSysWOW64directx
2021-02-23 20:30 – 2020-12-01 20:13 – 000000000 ____D C:UserscoxycAppDataLocalAMD_Common
2021-02-23 17:24 – 2018-10-20 16:38 – 000001005 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsFirefox.lnk
2021-02-20 17:33 – 2019-10-25 09:13 – 000000000 ____D C:Program FilesMicrosoft Office
2021-02-17 13:42 – 2020-06-02 19:37 – 000091136 _____ (Microsoft Corporation) C:WINDOWSsystem32gamingtcuihelpers.dll
2021-02-17 13:42 – 2019-12-12 17:41 – 000198088 _____ (Microsoft Corporation) C:WINDOWSsystem32gameplatformservices.dll
2021-02-17 13:42 – 2019-10-11 19:18 – 000038352 _____ (Microsoft Corporation) C:WINDOWSsystem32gamemodcontrol.exe
2021-02-17 13:42 – 2019-06-10 18:49 – 001615824 _____ (Microsoft Corporation) C:WINDOWSsystem32xgameruntime.dll
2021-02-17 13:42 – 2019-06-10 18:49 – 000167368 _____ (Microsoft Corporation) C:WINDOWSsystem32gamingservicesproxy.dll
2021-02-17 13:42 – 2019-06-10 18:49 – 000159176 _____ (Microsoft Corporation) C:WINDOWSsystem32gameconfighelper.dll
2021-02-16 09:21 – 2019-07-03 19:36 – 000192168 _____ (Oracle Corporation) C:WINDOWSsystem32WindowsAccessBridge-64.dll
2021-02-16 09:21 – 2019-07-03 19:36 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsJava
2021-02-16 09:21 – 2019-07-03 19:36 – 000000000 ____D C:Program FilesJava
2021-02-15 19:13 – 2020-01-26 10:29 – 000000000 ____D C:UserscoxycAppDataRoamingSony Interactive Entertainment Network America LLC
2021-02-15 19:12 – 2020-06-03 18:58 – 000000000 ____D C:Program Files (x86)PlayStationNow
2021-02-13 14:51 – 2018-10-20 15:51 – 000000000 ____D C:ProgramDataPackage Cache
2021-02-13 14:50 – 2020-02-29 11:07 – 000000000 ____D C:UserscoxycAppDataLocalGolden Frog, GmbH
2021-02-13 14:50 – 2020-02-11 20:03 – 000000000 ____D C:Program Files (x86)VyprVPN
2021-02-11 23:14 – 2020-06-25 17:00 – 000004562 _____ C:WINDOWSsystem32TasksAdobe Acrobat Update Task
2021-02-11 20:06 – 2018-10-20 16:08 – 000000000 ____D C:ProgramDataPackages
2021-02-11 20:06 – 2018-10-20 15:53 – 000000000 ____D C:UserscoxycAppDataLocalPlaceholderTileLogoFolder
2021-02-11 20:06 – 2018-10-20 15:50 – 000000000 ____D C:UserscoxycAppDataLocalPackages
2021-02-11 19:29 – 2020-06-25 16:49 – 000484960 _____ C:WINDOWSsystem32FNTCACHE.DAT
2021-02-11 19:28 – 2019-12-07 14:44 – 000000000 ____D C:WINDOWSsystem32Driversen-GB
2021-02-11 19:28 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSSysWOW64Keywords
2021-02-11 19:28 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSSystemResources
2021-02-11 19:28 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSsystem32oobe
2021-02-11 19:28 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSsystem32Keywords
2021-02-11 19:28 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSsystem32es-MX
2021-02-11 19:28 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSPolicyDefinitions
2021-02-11 19:28 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSbcastdvr
2021-02-11 19:28 – 2019-12-07 09:14 – 000000000 ____D C:Program FilesCommon FilesSystem
2021-02-11 19:28 – 2019-12-07 09:03 – 000000000 ____D C:WINDOWSservicing
2021-02-11 00:19 – 2019-12-07 09:03 – 000000000 ____D C:WINDOWSCbsTemp
2021-02-11 00:16 – 2018-10-20 16:14 – 000413690 __RSH C:bootmgr
2021-02-10 18:07 – 2018-10-21 19:25 – 000000000 ____D C:WINDOWSsystem32MRT
2021-02-10 18:05 – 2018-10-21 19:25 – 130141752 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe
2021-02-08 13:53 – 2020-03-17 18:20 – 000000000 ____D C:Program FilesBitdefender Agent
2021-02-05 16:02 – 2020-06-25 17:00 – 000003418 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineUA
2021-02-05 16:02 – 2020-06-25 17:00 – 000003294 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineCore

==================== Files in the root of some directories ========

2021-02-18 16:06 – 2021-02-18 16:06 – 000000364 _____ () C:UserscoxycAppDataRoamingPureRef.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by coxyc (06-03-2021 15:50:18)
Running from C:UserscoxycDownloads
Windows 10 Home Version 20H2 19042.804 (X64) (2020-06-25 17:01:06)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1329802319-222491363-2786480829-500 – Administrator – Disabled)
coxyc (S-1-5-21-1329802319-222491363-2786480829-1001 – Administrator – Enabled) => C:Userscoxyc
DefaultAccount (S-1-5-21-1329802319-222491363-2786480829-503 – Limited – Disabled)
Guest (S-1-5-21-1329802319-222491363-2786480829-501 – Limited – Disabled)
WDAGUtilityAccount (S-1-5-21-1329802319-222491363-2786480829-504 – Limited – Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Bitdefender Antivirus Free Antimalware (Enabled – Up to date) EA21BCE8-A461-99C3-3A0D-4C964E75494E
AV: Windows Defender (Disabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46
AV: Malwarebytes (Enabled – Up to date) 23007AD3-69FE-687C-2629-D584AFFAF72B
AS: Windows Defender (Enabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKUS-1-5-21-1329802319-222491363-2786480829-1001…uTorrent) (Version: 3.5.5.45852 – BitTorrent Inc.)
7-Zip 19.00 (x64) (HKLM…7-Zip) (Version: 19.00 – Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32…AC76BA86-7AD7-1033-7B44-AC0F074E4100) (Version: 21.001.20142 – Adobe Systems Incorporated)
Affinity Designer (HKLM…E79EF1B7-A9E3-476E-87A1-A81FCECC0A89) (Version: 1.8.2.620 – Serif (Europe) Ltd)
AMD Chipset Software (HKLM-x32…AMD_Chipset_IODrivers) (Version: 2.10.13.408 – Advanced Micro Devices, Inc.)
AMD Ryzen Master (HKLM…5A1CE077-7111-4C7D-A5C5-E210D4B68AD8) (Version: 1.4.0.0728 – Advanced Micro Devices, Inc.)
AMD Software (HKLM…AMD Catalyst Install Manager) (Version: 20.11.2 – Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32…4fedae1b-6980-4848-9ba0-229c946a3dac) (Version: 2.10.13.408 – Advanced Micro Devices, Inc.) Hidden
ApoDispatchConfigurator (HKLM…64FCD7F-935D-4A3C-BDA5-8B272AA5A698) (Version: 2.3.1401 – Nahimic) Hidden
AudioLaunchpadConfigurator (HKLM…E49685B2-DE80-4609-9B01-A993282D563B) (Version: 2.3.1401 – Nahimic) Hidden
AviSynth (HKLM-x32…AviSynth) (Version: 2.6.0 MT – )
Bitdefender Agent (HKLM…Bitdefender Agent) (Version: 1.0.1 – Bitdefender)
Bitdefender Antivirus Free (HKLM…1FCCF41D-5F00-4FE2-9653-162D0486C8B4) (Version: 1.0.16.157 – Bitdefender)
Blender (HKLM…64FCD268-AF5F-403D-B51B-00BC2D47DD0B) (Version: 2.91.0 – Blender Foundation)
Branding64 (HKLM…856DA29A-EA4A-468B-BBC2-B5F60DD75BFE) (Version: 1.00.0002 – Advanced Micro Devices, Inc.) Hidden
calibre 64bit (HKLM…89CAD294-1D0A-4D76-A90E-9AC6699022B7) (Version: 5.4.2 – Kovid Goyal)
Catalyst Control Center Next Localization BR (HKLM…E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74) (Version: 2017.0424.2119.36535 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM…EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9) (Version: 2017.0424.2119.36535 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM…B26D75B8-FAB7-6F8B-767F-BAF975383D91) (Version: 2017.0424.2119.36535 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM…36EDC500-E4C0-371C-9865-08450415C1E9) (Version: 2017.0424.2119.36535 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM…4C2FB7FD-89FD-BA5C-585A-3811F326AD34) (Version: 2017.0424.2119.36535 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM…D74218A3-C503-57EF-AC9F-2220082E7ADE) (Version: 2017.0424.2119.36535 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM…DA433FCF-90A1-19A5-65A7-FDF82DE4826D) (Version: 2017.0424.2119.36535 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM…949F125B-A6CC-5A5E-EEE7-4AC50305C1FA) (Version: 2017.0424.2119.36535 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM…20D46801-147B-30AD-7C5A-AC4560A79096) (Version: 2017.0424.2119.36535 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM…22C39711-2747-D264-319A-1550BEEAAEC6) (Version: 2017.0424.2119.36535 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM…1DBACFDB-5E43-7882-36BD-53526D34BD22) (Version: 2017.0424.2119.36535 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM…A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60) (Version: 2017.0424.2119.36535 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM…ED75A775-03A7-F214-868D-497748707968) (Version: 2017.0424.2119.36535 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM…7BFBD5C-2F63-6828-1B61-B41A44113F3B) (Version: 2017.0424.2119.36535 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM…E6038D3E-5D87-8DF7-6D05-BE7532C3E73E) (Version: 2017.0424.2119.36535 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM…DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA) (Version: 2017.0424.2119.36535 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM…FFBFBD1F-B160-A119-7C43-8584FA2E5665) (Version: 2017.0424.2119.36535 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM…4D1D5407-9B69-6422-629C-8518A26004A4) (Version: 2017.0424.2119.36535 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM…A8379BAB-59A9-C0A3-8BCC-4852EA403692) (Version: 2017.0424.2119.36535 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM…24DF617A-CD23-6E6A-126B-23630D2781CE) (Version: 2017.0424.2119.36535 – Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM…83DDDFD8-AD42-72F9-E4F1-5456FDB304C9) (Version: 2017.0424.2119.36535 – Advanced Micro Devices, Inc.) Hidden
CheckDevicesConfigurator (HKLM…F17C92A4-9E41-43A2-B0C1-6BFAFD4B0354) (Version: 2.3.1401 – Nahimic) Hidden
EaseUS Partition Master 15.0 (HKLM-x32…EaseUS Partition Master_is1) (Version:  – EaseUS)
Epic Games Launcher (HKLM-x32…E63B233-DC24-442C-BD38-0B91D90FEC5B) (Version: 1.1.167.0 – Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM…66C5838F-B854-4A55-89E6-A6138747A4DF) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32…AC76BA86-7AD7-2530-0000-AC13154E5A00) (Version: 19.021.20058 – Adobe Systems Incorporated)
FAHClient (HKLM-x32…FAHClient) (Version: 7.5.1 – [email protected])
GameInput Redistributable (HKLM-x32…AD78C5EF-EAAF-12E7-83A3-B335A79A3DB1) (Version: 10.1.19041.1870 – Microsoft Corporation)
Google Chrome (HKLM-x32…Google Chrome) (Version: 89.0.4389.82 – Google LLC)
HP Dropbox Plugin (HKLM-x32…D12BC084-97D6-438A-AA7C-5962608D17A0) (Version: 36.0.41.58587 – HP)
HP Google Drive Plugin (HKLM-x32…BFA42100-DB54-467A-BB87-CF70732B4065) (Version: 36.0.41.58587 – HP)
HP OfficeJet 3830 series Basic Device Software (HKLM…165CDB14-4CD3-4D4D-A38A-3FF93FAAFD5C) (Version: 40.11.1119.1786 – HP Inc.)
HP OfficeJet 3830 series Help (HKLM-x32…1FCCD112-2F27-463D-8C36-1D5C29A3BB3E) (Version: 35.0.0 – Hewlett Packard)
HP Photo Creations (HKLM-x32…HP Photo Creations) (Version: 1.0.0.9572 – HP)
Java 8 Update 281 (64-bit) (HKLM…26A24AE4-039D-4CA4-87B4-2F64180281F0) (Version: 8.0.2810.9 – Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32…c6c5a357-c7ca-4a5f-9789-3bb1af579253) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden
LauncherSetup (HKLM…EAF34292-88ED-4E8A-8DD2-39F9E0DD4DC7) (Version: 2.3.1401 – Nahimic) Hidden
Malwarebytes version 4.3.0.98 (HKLM…35065F43-4BB2-439A-BFF7-0F1014F2E0CD_is1) (Version: 4.3.0.98 – Malwarebytes)
Microsoft 365 Apps for enterprise – en-us (HKLM…O365ProPlusRetail – en-us) (Version: 16.0.13127.21216 – Microsoft Corporation)
Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 89.0.774.45 – Microsoft Corporation)
Microsoft Edge Update (HKLM-x32…Microsoft Edge Update) (Version: 1.3.141.63 – )
Microsoft OneDrive (HKUS-1-5-21-1329802319-222491363-2786480829-1001…OneDriveSetup.exe) (Version: 21.016.0124.0003 – Microsoft Corporation)
Microsoft Teams (HKUS-1-5-21-1329802319-222491363-2786480829-1001…Teams) (Version: 1.3.00.362 – Microsoft Corporation)
Microsoft Update Health Tools (HKLM…99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A) (Version: 2.75.0.0 – Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…ad8a2fa1-06e7-4b0d-927d-6e54b3d31028) (Version: 8.0.61000 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4) (Version: 9.0.30729.6161 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…9BE518E6-ECC6-35A9-88E4-87755C07200F) (Version: 9.0.30729.6161 – Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…1D8E6291-B0D5-35EC-8441-6616F567A0F7) (Version: 10.0.40219 – Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…F0C3E5D1-1ADE-321E-8167-68EF0DE699A5) (Version: 10.0.40219 – Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…ca67548a-5ebe-413a-b50c-4b9ceb6d66c6) (Version: 11.0.61030.0 – Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…33d1fd90-4274-48a1-9bc1-97e33d9c2d6f) (Version: 11.0.61030.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…50d4fc8-5d48-4b8f-8972-47c82c46020f) (Version: 12.0.30501.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…f65db027-aff3-4070-886a-0d87064aabb1) (Version: 12.0.30501.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.40660 (HKLM-x32…61087a79-ac85-455c-934d-1fa22cc64f36) (Version: 12.0.40660.0 – Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.25.28508 (HKLM-x32…6913e92a-b64e-41c9-a5e6-cef39207fe89) (Version: 14.25.28508.3 – Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.24.28127 (HKLM-x32…e31cb1a4-76b5-46a5-a084-3fa419e82201) (Version: 14.24.28127.4 – Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM…6F320B93-EE3C-4826-85E0-ADF79F8D4C61) (Version: 2.5.2061.411 – Microsoft Corporation)
Mozilla Firefox 86.0 (x64 en-GB) (HKLM…Mozilla Firefox 86.0 (x64 en-GB)) (Version: 86.0 – Mozilla)
Mozilla Maintenance Service (HKLM…MozillaMaintenanceService) (Version: 62.0.3 – Mozilla)
MSIRegister (HKLM-x32…80B995A4-3A86-4690-98A6-563F1A788835_is1) (Version: 2.0.0.05 – MSI)
Nahimic 2 (HKLM-x32…5c7b70a-5d25-419a-9b71-76900393b641) (Version: 2.3.14 – Nahimic)
Nahimic2UISetup (HKLM…FD585866-680F-4FE0-8082-731D715F90CE) (Version: 2.3.1401 – Nahimic) Hidden
OEM Application Profile (HKLM-x32…7F5DCD33-1039-C3B2-9538-B645B65BBA63) (Version: 1.00.0000 – Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM…90160000-008C-0000-1000-0000000FF1CE) (Version: 16.0.13127.21064 – Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM…90160000-007E-0000-1000-0000000FF1CE) (Version: 16.0.13127.21216 – Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM…90160000-008C-0409-1000-0000000FF1CE) (Version: 16.0.13127.21064 – Microsoft Corporation) Hidden
OpenOffice 4.1.5 (HKLM-x32…708F0253-F566-48F3-9B88-06F48F16548B) (Version: 4.15.9789 – Apache Software Foundation)
Paradox Launcher v2 (HKLM…986898D9-7C26-4E7F-814C-9B5472FA3209) (Version: 2.0.0.0 – Paradox Interactive)
Pepakura Designer 4 (HKLM-x32…pepakura_designer4en) (Version:  – TamaSoftware)
PlayStation™Now (HKLM-x32…47911673-F1F9-425A-BB8C-45871F5A6C7C) (Version: 11.4.0 – Sony Interactive Entertainment Network America LLC)
Plex Media Player (HKLM…711571E-9BA5-4294-82BA-371C331F8792) (Version: 2.20.0 – Plex) Hidden
Plex Media Player (HKLM-x32…7f81f739-10be-40f7-8ad7-0a2b8c32d6fc) (Version: 2.20.0 – Plex)
Plex Media Server (HKLM-x32…40c376bf-c3a0-439b-8353-f69a3bac10d6) (Version: 1.21.0.3711 – Plex, Inc.)
Plex Media Server (HKLM-x32…8DE31A48-E744-4526-AE09-B9A4002CE770) (Version: 1.21.711 – Plex, Inc.) Hidden
Product Improvement Study for HP OfficeJet 3830 series (HKLM…F1E13468-92EB-4AB7-8F1C-CC09A286C9B9) (Version: 40.11.1119.1786 – HP Inc.)
ProductDaemonSetup (HKLM…E5C605BF-FEF0-460C-9927-BC86E0647AD3) (Version: 2.3.1401 – Nahimic) Hidden
ProductNSConfigurator (HKLM…1B4DB619-21BD-4006-A8BA-394B70C2F761) (Version: 2.3.1401 – Nahimic) Hidden
Promontory_GPIO Driver (HKLM-x32…B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9) (Version: 2.0.1.0 – Advanced Micro Devices, Inc.) Hidden
ProtonVPNTap (HKLM-x32…C23BCE3A-FD25-48BA-948E-2CE94576F983) (Version: 1.0.1 – ProtonVPN AG)
PureRef (HKLM-x32…PureRef) (Version: 1.11.1 – Idyllic Pixel)
Realtek Ethernet Controller Driver (HKLM-x32…8833FFB6-5B0C-4764-81AA-06DFEED9A476) (Version: 10.10.714.2016 – Realtek)
Realtek High Definition Audio Driver (HKLM-x32…F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC) (Version: 6.0.1.8034 – Realtek Semiconductor Corp.)
RivaTuner Statistics Server 7.2.3 (HKLM-x32…RTSS) (Version: 7.2.3 – Unwinder)
Samsung Magician (HKLM-x32…29AE3F9F-7158-4ca7-B1ED-28A73ECDB215_is1) (Version: 5.2.1.1780 – Samsung Electronics)
SonicMapperConfigurator (HKLM…BC0A78EE-7CA5-4262-9F8C-2B6F7AF6EA63) (Version: 2.3.1401 – Nahimic) Hidden
Speccy (HKLM…Speccy) (Version: 1.32 – Piriform)
Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)
Stopping Plex (HKLM-x32…94530A73-5D44-431B-B1F0-FEBA96C90390) (Version: 1.21.711 – Plex, Inc.) Hidden
StrongVPN (HKLM…1F0FB659-502A-4BF3-AB40-D25BB14FE36C) (Version: 2.6.2.0 – Strong Technology, LLC) Hidden
StrongVPN (HKLM-x32…9d65bde1-0048-4fe8-bf48-02b946435252) (Version: 2.6.2.0 – Strong Technology, LLC)
Teams Machine-Wide Installer (HKLM-x32…731F6BAA-A986-45A4-8936-7C3AAAAA760B) (Version: 1.2.0.24753 – Microsoft Corporation)
TomTom MyDrive Connect 4.2.10.4148 (HKLM-x32…MyDriveConnect) (Version: 4.2.10.4148 – TomTom)
Ubisoft Connect (HKLM-x32…Uplay) (Version: 72.0 – Ubisoft)
UIInstallUpgrade (HKLM…34755904-0831-4F83-BDDB-4395A581930D) (Version: 2.3.1401 – Nahimic) Hidden
Universal Media Server (HKLM-x32…Universal Media Server) (Version: 8.2.0 – Universal Media Server)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM…C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2) (Version: 2.58.0.0 – Microsoft Corporation)
USBHelperLauncher (HKUS-1-5-21-1329802319-222491363-2786480829-1001…USBHelperLauncher) (Version: 0.15b – FailedShack)
Windows 10 Update Assistant (HKLM-x32…D5C69738-B486-402E-85AC-2456D98A64E4) (Version: 1.4.9200.22749 – Microsoft Corporation)
Windows Driver Package – Sony Computer Entertainment Inc. Wireless controller for PLAYSTATION®3 Driver Package (01/20/2012 1.4.0.0) (HKLM…D5410AE5FA467EF0F19558D5F60C991A79E11B51) (Version: 01/20/2012 1.4.0.0 – Sony Computer Entertainment Inc.)
Windows Subsystem for Linux Update (HKLM…8D646799-DB00-4000-AE7A-756A05A4F1D8) (Version: 5.4.72 – Microsoft Corporation)
WinRAR 5.80 beta 2 (64-bit) (HKLM…WinRAR archiver) (Version: 5.80.2 – win.rar GmbH)

Packages:
=========
Canon Inkjet Print Utility -> C:Program FilesWindowsApps34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-18] (Canon Inc.)
Dolby Access -> C:Program FilesWindowsAppsDolbyLaboratories.DolbyAccess_3.7.2016.0_x64__rz1tebttyb220 [2021-03-02] (Dolby Laboratories)
HP Smart -> C:Program FilesWindowsAppsAD2F1837.HPPrinterControl_122.3.838.0_x64__v10z8vjag6ke6 [2021-03-02] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Photos Media Engine Add-on -> C:Program FilesWindowsAppsMicrosoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-31] (Microsoft Corporation)
Proportion Grid Maker -> C:Program FilesWindowsApps29634VavatchSoftware.ProportionGridMaker_1.2.4.0_x64__3xhfm117tv8xr [2019-07-11] (Vavatch Software) [MS Ad]
RAR Opener -> C:Program FilesWindowsAppsDeviceDoctor.RAROpener_1.3.48.0_x64__mkdtfchztkfbm [2019-10-06] (Tiny Opener)
The Medium -> C:Program FilesWindowsApps3951BlooberTeamS.A.TheMedium_1.3.10.0_x64__myqva651hxz16 [2021-02-14] (Bloober Team S.A.)
Virgin TV Go -> C:Program FilesWindowsAppsVirginMedia.VirginTVGo_2.15.5.0_x64__ddmzabkybwrqj [2020-09-19] (Virgin Media)
Xbox One SmartGlass -> C:Program FilesWindowsAppsMicrosoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2018-10-21] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKUS-1-5-21-1329802319-222491363-2786480829-1001_ClassesCLSID19A6E644-14E6-4A60-B8D7-DD20610A871DInprocServer32 -> C:UserscoxycAppDataLocalMicrosoftTeamsMeetingAddin1.0.19317.2x64Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKUS-1-5-21-1329802319-222491363-2786480829-1001_ClassesCLSIDCB965DF1-B8EA-49C7-BDAD-5457FDC1BF92InprocServer32 -> C:UserscoxycAppDataLocalMicrosoftTeamsMeetingAddin1.0.19317.2x64Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> 23170F69-40C1-278A-1000-000100020000 => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AIMP] -> 1F77B17B-F531-44DB-ACA4-76ABB5010A28 => C:Program Files (x86)AIMPSystemaimp_menu64.dll -> No File
ContextMenuHandlers1: [WinRAR] -> B41DB860-64E4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext.dll [2019-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> B41DB860-8EE4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext32.dll [2019-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> 57CE581A-0CB6-4266-9CA0-19364C90A0B3 => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2021-03-06] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> 23170F69-40C1-278A-1000-000100020000 => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [AIMP] -> 1F77B17B-F531-44DB-ACA4-76ABB5010A28 => C:Program Files (x86)AIMPSystemaimp_menu64.dll -> No File
ContextMenuHandlers5: [ACE] -> 5E2121EE-0300-11D4-8D3B-444553540000 => C:WINDOWSSystem32atiacm64.dll [2020-11-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> 23170F69-40C1-278A-1000-000100020000 => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> 57CE581A-0CB6-4266-9CA0-19364C90A0B3 => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2021-03-06] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> B41DB860-64E4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext.dll [2019-10-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> B41DB860-8EE4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext32.dll [2019-10-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…Drivers32: [VIDC.RTV1] => C:WINDOWSsystem32rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM…Drivers32: [VIDC.RTV1] => C:WindowsSysWOW64rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-12-11 19:09 – 2020-12-11 19:09 – 000629760 _____ () [File not signed] \?C:UserscoxycAppDataLocalPlex Media ServerCodecs7c50c14-3596-windows-x86aac_decoder.dll
2020-12-11 19:09 – 2020-12-11 19:09 – 001559040 _____ () [File not signed] \?C:UserscoxycAppDataLocalPlex Media ServerCodecs7c50c14-3596-windows-x86h264_decoder.dll
2020-12-11 19:09 – 2020-12-11 19:09 – 000818688 _____ () [File not signed] \?C:UserscoxycAppDataLocalPlex Media ServerCodecs7c50c14-3596-windows-x86hevc_decoder.dll
2020-12-11 19:09 – 2020-12-11 19:09 – 001800704 _____ () [File not signed] \?C:UserscoxycAppDataLocalPlex Media ServerCodecs7c50c14-3596-windows-x86libx264_encoder.dll
2020-12-11 19:09 – 2020-12-11 19:09 – 000579072 _____ () [File not signed] \?C:UserscoxycAppDataLocalPlex Media ServerCodecs7c50c14-3596-windows-x86mp3_decoder.dll
2020-12-11 19:09 – 2020-12-11 19:09 – 001268224 _____ () [File not signed] \?C:UserscoxycAppDataLocalPlex Media ServerCodecs7c50c14-3596-windows-x86mpeg4_decoder.dll
2020-07-27 14:14 – 2020-07-27 14:14 – 000017920 _____ () [File not signed] C:Program FilesAMDCNextCNextlibEGL.dll
2020-07-27 14:14 – 2020-07-27 14:14 – 003567616 _____ () [File not signed] C:Program FilesAMDCNextCNextlibGLESv2.dll
2020-03-19 05:40 – 2020-03-19 05:40 – 000912896 _____ () [File not signed] C:Program FilesAMDPerformance Profile Clientaws-cpp-sdk-core.dll
2020-03-19 05:40 – 2020-03-19 05:40 – 003109888 _____ () [File not signed] C:Program FilesAMDPerformance Profile Clientaws-cpp-sdk-s3.dll
2015-02-19 00:13 – 2015-02-19 00:13 – 000817152 _____ () [File not signed] C:Program FilesAMDPerformance Profile ClientDevice.dll
2015-02-19 00:13 – 2015-02-19 00:13 – 003650560 _____ () [File not signed] C:Program FilesAMDPerformance Profile ClientPlatform.dll
2019-08-23 13:22 – 2019-02-21 16:00 – 000078336 _____ (Igor Pavlov) [File not signed] C:Program Files7-Zip7-zip.dll
2020-07-27 14:15 – 2020-07-27 14:15 – 000031744 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqgif.dll
2020-07-27 14:15 – 2020-07-27 14:15 – 000039424 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqicns.dll
2020-07-27 14:15 – 2020-07-27 14:15 – 000031744 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqico.dll
2020-07-27 14:15 – 2020-07-27 14:15 – 000414720 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqjpeg.dll
2020-07-27 14:15 – 2020-07-27 14:15 – 000025088 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqsvg.dll
2020-07-27 14:15 – 2020-07-27 14:15 – 000024576 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqtga.dll
2020-07-27 14:15 – 2020-07-27 14:15 – 000023552 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqwbmp.dll
2020-07-27 14:15 – 2020-07-27 14:15 – 000532992 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqwebp.dll
2020-07-27 14:15 – 2020-07-27 14:15 – 001441792 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsplatformsqwindows.dll
2020-07-27 14:15 – 2020-07-27 14:15 – 001189888 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginssqldriversqsqlite.dll
2020-07-27 14:15 – 2020-07-27 14:15 – 000134656 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsstylesqwindowsvistastyle.dll
2020-07-27 14:14 – 2020-07-27 14:14 – 006184448 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Core.dll
2020-07-27 14:14 – 2020-07-27 14:14 – 006867456 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Gui.dll
2020-07-27 14:14 – 2020-07-27 14:14 – 001104896 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Network.dll
2020-07-27 14:14 – 2020-07-27 14:14 – 000325120 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Positioning.dll
2020-07-27 14:14 – 2020-07-27 14:14 – 003668480 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Qml.dll
2020-07-27 14:14 – 2020-07-27 14:14 – 000517120 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5QmlModels.dll
2020-07-27 14:14 – 2020-07-27 14:14 – 000051712 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5QmlWorkerScript.dll
2020-07-27 14:14 – 2020-07-27 14:14 – 004228608 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Quick.dll
2020-07-27 14:14 – 2020-07-27 14:14 – 000171008 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5QuickControls2.dll
2020-07-27 14:14 – 2020-07-27 14:14 – 001085440 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5QuickTemplates2.dll
2020-07-27 14:14 – 2020-07-27 14:14 – 000205824 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Sql.dll
2020-07-27 14:14 – 2020-07-27 14:14 – 000329728 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Svg.dll
2020-07-27 14:14 – 2020-07-27 14:14 – 000127488 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5WebChannel.dll
2020-07-27 14:14 – 2020-07-27 14:14 – 000390656 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5WebEngine.dll
2020-07-27 14:14 – 2020-07-27 14:14 – 095598080 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5WebEngineCore.dll
2020-07-27 14:14 – 2020-07-27 14:14 – 005587968 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Widgets.dll
2020-07-27 14:14 – 2020-07-27 14:14 – 000462848 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5WinExtras.dll
2020-07-27 14:14 – 2020-07-27 14:14 – 000188928 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Xml.dll
2020-07-27 14:14 – 2020-07-27 14:14 – 002878464 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5XmlPatterns.dll
2020-07-27 14:15 – 2020-07-27 14:15 – 000055808 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtGraphicalEffectsprivateqtgraphicaleffectsprivate.dll
2020-07-27 14:15 – 2020-07-27 14:15 – 000059392 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtGraphicalEffectsqtgraphicaleffectsplugin.dll
2020-07-27 14:15 – 2020-07-27 14:15 – 000017920 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQmlqmlplugin.dll
2020-07-27 14:15 – 2020-07-27 14:15 – 000017920 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuick.2qtquick2plugin.dll
2020-07-27 14:15 – 2020-07-27 14:15 – 000284160 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuickControls.2qtquickcontrols2plugin.dll
2020-07-27 14:15 – 2020-07-27 14:15 – 000333824 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuickControlsqtquickcontrolsplugin.dll
2020-07-27 14:15 – 2020-07-27 14:15 – 000136704 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuickDialogsdialogplugin.dll
2020-07-27 14:15 – 2020-07-27 14:15 – 000090112 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuickLayoutsqquicklayoutsplugin.dll
2020-07-27 14:15 – 2020-07-27 14:15 – 000313856 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuickTemplates.2qtquicktemplates2plugin.dll
2020-07-27 14:15 – 2020-07-27 14:15 – 000017920 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuickWindow.2windowplugin.dll
2020-11-13 15:00 – 2020-11-13 15:00 – 000091648 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtWebEngineqtwebengineplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => ""="Service"
HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank
HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Start Page = about:blank
HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Default_Page_URL =
HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =
SearchScopes: HKLM-x32 -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =
SearchScopes: HKUS-1-5-21-1329802319-222491363-2786480829-1001 -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =
BHO: Skype for Business Browser Helper -> 31D09BA0-12F5-4CCE-BE8A-2923E76605DA -> C:Program FilesMicrosoft OfficerootOffice16OCHelper.dll [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> 761497BB-D6F0-462C-B6EB-D4DAF1D92D43 -> C:Program FilesJavajre1.8.0_281binssv.dll [2021-02-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> DBC80044-A445-435b-BC74-9C25C1C588A9 -> C:Program FilesJavajre1.8.0_281binjp2ssv.dll [2021-02-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> 31D09BA0-12F5-4CCE-BE8A-2923E76605DA -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16OCHelper.dll [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 – 83C25742-A9F7-49FB-9138-434302C88D07 – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 – 83C25742-A9F7-49FB-9138-434302C88D07 – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 – 5504BE45-A83B-4808-900A-3A5C36E7F77A – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 – 5504BE45-A83B-4808-900A-3A5C36E7F77A – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKUS-1-5-21-1329802319-222491363-2786480829-1001…localhost -> localhost
IE trusted site: HKUS-1-5-21-1329802319-222491363-2786480829-1001…webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-11 23:38 – 2021-02-24 20:05 – 000002192 _____ C:WINDOWSsystem32driversetchosts
109.94.209.70      fitgirlrepacks.co               # Fake FitGirl site
109.94.209.70      fitgirl-repacks.cc              # Fake FitGirl site
109.94.209.70      fitgirl-repacks.to              # Fake FitGirl site
109.94.209.70      fitgirl-repack.com              # Fake FitGirl site
109.94.209.70      fitgirl-repacks.website         # Fake FitGirl site
109.94.209.70      fitgirlrepack.games             # Fake FitGirl site
109.94.209.70      www.fitgirlrepacks.co           # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.cc          # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.to          # Fake FitGirl site
109.94.209.70      www.fitgirl-repack.com          # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.website     # Fake FitGirl site
109.94.209.70      ww9.fitgirl-repacks.xyz         # Fake FitGirl site
109.94.209.70      www.fitgirlrepack.games         # Fake FitGirl site
109.94.209.70      *.fitgirl-repacks.xyz           # Fake FitGirl site
109.94.209.70      fitgirl-repacks.xyz             # Fake FitGirl site
109.94.209.70      fitgirl-repack.net              # Fake FitGirl site
109.94.209.70      www.fitgirl-repack.net          # Fake FitGirl site
109.94.209.70      fitgirlpack.site                # Fake FitGirl site
109.94.209.70      www.fitgirlpack.site            # Fake FitGirl site

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLMSystemCurrentControlSetControlSession ManagerEnvironment\Path -> C:Program Files (x86)Common FilesOracleJavajavapath;C:ProgramDataOracleJavajavapath;%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;%SYSTEMROOT%System32WindowsPowerShellv1.0;%SYSTEMROOT%System32OpenSSH;C:Program Files (x86)AOMEI Backupper;C:Program FilesCalibre2
HKUS-1-5-21-1329802319-222491363-2786480829-1001Control PanelDesktop\Wallpaper -> C:UserscoxycAppDataRoamingMozillaFirefoxDesktop Background.bmp
DNS Servers: 194.168.4.100 – 194.168.8.100
HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM…StartupApprovedStartupFolder: => "Universal Media Server.lnk"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [1625C790-1E90-4A8D-A64E-01FF4A976107] => (Allow) C:Program Files (x86)MyDrive ConnectTomTom MyDrive Connect.exe (TomTom International B.V. -> TomTom)
FirewallRules: [59A226C4-6407-4917-8462-A3B2C972951F] => (Block) C:program filesjavajre1.8.0_251binjavaw.exe => No File
FirewallRules: [FD843C0B-97D8-49DE-B46F-C0F1DD3BFCC1] => (Block) C:program filesjavajre1.8.0_251binjavaw.exe => No File
FirewallRules: [UDP Query User11726E83-0BF1-4CC3-BF56-9D0312270CB3C:program files (x86)fahclientfahclient.exe] => (Allow) C:program files (x86)fahclientfahclient.exe () [File not signed]
FirewallRules: [TCP Query User227B2414-594C-446D-A18B-0FEFD0362298C:program files (x86)fahclientfahclient.exe] => (Allow) C:program files (x86)fahclientfahclient.exe () [File not signed]
FirewallRules: [UDP Query UserE1478F42-101D-429D-A5B5-37DADC3D38FFC:program filesjavajre1.8.0_251binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_251binjavaw.exe => No File
FirewallRules: [TCP Query User38DF88A7-2D19-4641-B265-7BC7F38637CAC:program filesjavajre1.8.0_251binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_251binjavaw.exe => No File
FirewallRules: [UDP Query User8E86B90B-5C60-4E0F-88AC-53B023E0D8B0C:38ts2prototypebinarieswin64ts2prototype-win64-shipping.exe] => (Allow) C:38ts2prototypebinarieswin64ts2prototype-win64-shipping.exe => No File
FirewallRules: [TCP Query UserCAA8A6DD-F054-49EA-8EE5-EEA6183915D0C:38ts2prototypebinarieswin64ts2prototype-win64-shipping.exe] => (Allow) C:38ts2prototypebinarieswin64ts2prototype-win64-shipping.exe => No File
FirewallRules: [86620C53-4E50-43C6-84C1-BB2BDF081C0E] => (Allow) C:Program Files (x86)SteamsteamappscommonCities_Skylinesdowser.exe => No File
FirewallRules: [1025A0C9-B2DF-4B09-85E2-4878C6173872] => (Allow) C:Program Files (x86)SteamsteamappscommonCities_Skylinesdowser.exe => No File
FirewallRules: [UDP Query UserEB3A90F0-47D2-4751-B8AA-0250E39B8730C:program files (x86)fahclientfahclient.exe] => (Allow) C:program files (x86)fahclientfahclient.exe () [File not signed]
FirewallRules: [TCP Query User9DE0F47C-A24A-474C-A305-E008EB573D8AC:program files (x86)fahclientfahclient.exe] => (Allow) C:program files (x86)fahclientfahclient.exe () [File not signed]
FirewallRules: [UDP Query User81B7FD43-C44A-49AC-87CB-8C85B7EC8565C:program filesjavajre1.8.0_241binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_241binjavaw.exe => No File
FirewallRules: [TCP Query User13448BA3-C344-4367-9943-B283057599B4C:program filesjavajre1.8.0_241binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_241binjavaw.exe => No File
FirewallRules: [16DE3C08-7553-45C0-AC6C-7159EE192CB9] => (Allow) C:Program FilesMicrosoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [8E7B1173-A2E6-47AB-826B-CC0474B01145] => (Allow) C:Program FilesMicrosoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User764E0ACD-9EB8-46B1-B8DC-BA28CEA3346AD:wii u gamesdataemulatorscemubincemu.exe] => (Allow) D:wii u gamesdataemulatorscemubincemu.exe => No File
FirewallRules: [TCP Query User10301525-0714-457E-8A0F-00E8441536A3D:wii u gamesdataemulatorscemubincemu.exe] => (Allow) D:wii u gamesdataemulatorscemubincemu.exe => No File
FirewallRules: [D0739BE4-DAFF-40AE-AC8C-FED28BE49D97] => (Allow) C:Program Files (x86)SteamsteamappscommonCities_SkylinesCities.exe => No File
FirewallRules: [EA7280B0-480A-4A97-B97A-53DD81387B40] => (Allow) C:Program Files (x86)SteamsteamappscommonCities_SkylinesCities.exe => No File
FirewallRules: [CBF2EF16-0A3F-4E14-A577-24FE6921CB35] => (Allow) C:Program FilesMicrosoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [624D7868-8114-491B-A0D9-B35203ACF84E] => (Allow) C:Program FilesMicrosoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query UserEE823BD9-AF04-44B3-9D9B-E249F4AD8336C:program filesjavajre1.8.0_231binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_231binjavaw.exe => No File
FirewallRules: [TCP Query UserAFADF3EF-FEEB-478A-B337-78116AD651E0C:program filesjavajre1.8.0_231binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_231binjavaw.exe => No File
FirewallRules: [UDP Query UserA21156C4-A050-4E12-8C1D-4294709B7D2AC:userscoxyconedrivedesktopwii u gamesdataemulatorscemubincemu.exe] => (Allow) C:userscoxyconedrivedesktopwii u gamesdataemulatorscemubincemu.exe => No File
FirewallRules: [TCP Query User0217C8CD-BE86-4515-85BD-09B689254155C:userscoxyconedrivedesktopwii u gamesdataemulatorscemubincemu.exe] => (Allow) C:userscoxyconedrivedesktopwii u gamesdataemulatorscemubincemu.exe => No File
FirewallRules: [TCP Query User434E5EB3-3C1C-4266-94CA-D6EEA142D503C:program files (x86)ubisoftubisoft game launchergamesanno 1800binwin64anno1800_plus.exe] => (Allow) C:program files (x86)ubisoftubisoft game launchergamesanno 1800binwin64anno1800_plus.exe => No File
FirewallRules: [2CDFDD8D-888A-4941-84A6-F88944143D3B] => (Allow) C:Program Files (x86)UbisoftUbisoft Game LaunchergamesAnno 1800BinWin64Anno1800.exe => No File
FirewallRules: [79DDEA09-6FA6-49AD-B999-19AD51909F0C] => (Block) C:userscoxycappdataroamingusbhelperlauncherpatched.exe (Hikari06) [File not signed]
FirewallRules: [B8721BEE-FADD-4AF2-B145-E2832FF9B768] => (Block) C:userscoxycappdataroamingusbhelperlauncherpatched.exe (Hikari06) [File not signed]
FirewallRules: [UDP Query User89CFAFE2-0AAA-4892-A326-61BC12FC72D7C:userscoxycappdataroamingusbhelperlauncherpatched.exe] => (Allow) C:userscoxycappdataroamingusbhelperlauncherpatched.exe (Hikari06) [File not signed]
FirewallRules: [TCP Query UserC5132854-4BBD-47ED-8279-DF56DC8AD9BDC:userscoxycappdataroamingusbhelperlauncherpatched.exe] => (Allow) C:userscoxycappdataroamingusbhelperlauncherpatched.exe (Hikari06) [File not signed]
FirewallRules: [UDP Query UserEDB47832-EC09-4FA3-9C4A-D9E9D42C529EC:userscoxycappdataroamingusbhelperlauncherusbhelperlauncher.exe] => (Allow) C:userscoxycappdataroamingusbhelperlauncherusbhelperlauncher.exe () [File not signed]
FirewallRules: [TCP Query User15EC741C-B2E7-4716-94AC-281EB5935F0AC:userscoxycappdataroamingusbhelperlauncherusbhelperlauncher.exe] => (Allow) C:userscoxycappdataroamingusbhelperlauncherusbhelperlauncher.exe () [File not signed]
FirewallRules: [UDP Query User61C4F228-1EC2-4613-A598-F603384EC6F2C:userscoxycappdataroamingspotifyspotify.exe] => (Allow) C:userscoxycappdataroamingspotifyspotify.exe => No File
FirewallRules: [TCP Query User165049AD-BB00-4F12-9C47-5ED6F91AC560C:userscoxycappdataroamingspotifyspotify.exe] => (Allow) C:userscoxycappdataroamingspotifyspotify.exe => No File
FirewallRules: [UDP Query UserEA731E6C-6D25-4C61-9E1F-37F929535073C:program filesjavajre1.8.0_221binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_221binjavaw.exe => No File
FirewallRules: [TCP Query User9025C450-A0DF-46F6-95E0-217786A14ED2C:program filesjavajre1.8.0_221binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_221binjavaw.exe => No File
FirewallRules: [UDP Query User6CBFD3B3-88E6-4B58-B349-D52A40FB7B1BC:program filesjavajre1.8.0_221binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_221binjavaw.exe => No File
FirewallRules: [TCP Query User4F16A9C7-F5C0-4828-8D5E-05E4CE0868D8C:program filesjavajre1.8.0_221binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_221binjavaw.exe => No File
FirewallRules: [UDP Query UserADF3DE03-BCF2-40CD-9184-129B25EFB9E4C:program filesjavajre1.8.0_211binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_211binjavaw.exe => No File
FirewallRules: [TCP Query UserC6757DB9-A9C4-493A-BF88-81E1AFE0E639C:program filesjavajre1.8.0_211binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_211binjavaw.exe => No File
FirewallRules: [UDP Query User86BDCEA4-CDAD-4D5E-A9A7-FA3CE7D52FF6C:program filesjavajre1.8.0_211binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_211binjavaw.exe => No File
FirewallRules: [TCP Query User1AC2E07E-2F2C-4215-A8A4-2D06E16AF8A0C:program filesjavajre1.8.0_211binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_211binjavaw.exe => No File
FirewallRules: [UDP Query UserBBE8F1E8-77FB-4BAC-8E9A-91C15510EBCCC:program filesjavajre1.8.0_151binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_151binjavaw.exe => No File
FirewallRules: [TCP Query User0C931C38-DC12-4DF8-A1D8-E4E63C17656DC:program filesjavajre1.8.0_151binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_151binjavaw.exe => No File
FirewallRules: [DADD0A84-C719-4CBE-9DCB-C9D5D1DD9C07] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [42CF0AC1-71D7-4207-9D14-12EE2CB2C2C5] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [3B9DCFDE-2524-45B9-9DB2-A82147A5314D] => (Allow) C:Program FilesPlexPlex Media PlayerPlexMediaPlayer.exe (Plex, Inc -> )
FirewallRules: [DA294C5C-0EE7-43DB-85F6-7E98DBD73F18] => (Allow) C:Program FilesPlexPlex Media PlayerPMPHelper.exe () [File not signed]
FirewallRules: [6B9B0FC5-DCDD-44D0-A6D6-6C1DB4D231B0] => (Allow) C:UserscoxycAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [6EF46743-650F-460A-9409-2BDAAE0DB0B2] => (Allow) C:UserscoxycAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [524C7DE8-65FC-4BE8-BBF9-C69365B3F879] => (Allow) C:Program Files (x86)SteamSteam.exe => No File
FirewallRules: [FA2C917C-14C4-43B4-A050-D15524E6F80C] => (Allow) C:Program Files (x86)SteamSteam.exe => No File
FirewallRules: [32A4260C-23FE-4324-8C35-F54BE5CB7A82] => (Allow) C:Program Files (x86)Steambincefcef.win7steamwebhelper.exe => No File
FirewallRules: [D62143ED-1355-4388-A1A1-FB44EAB346E8] => (Allow) C:Program Files (x86)Steambincefcef.win7steamwebhelper.exe => No File
FirewallRules: [C6703A30-F9CE-41C8-93DF-AE75C61FFEE7] => (Allow) C:Program Files (x86)AOMEI BackupperABService.exe => No File
FirewallRules: [5B06913B-EA22-4B4E-8AE9-3C95CCAC7502] => (Allow) C:Program Files (x86)AOMEI BackupperABService.exe => No File
FirewallRules: [0F999C30-7E30-4FC1-AE77-F5D11A078F6F] => (Allow) C:Program Files (x86)EaseUSTodo BackupbinTbService.exe => No File
FirewallRules: [4E708044-0BB1-4A16-95D8-6799BB051896] => (Allow) C:Program Files (x86)EaseUSTodo BackupbinTbService.exe => No File
FirewallRules: [89D51ABA-D95F-41DA-887B-89016DC909A5] => (Allow) C:Program Files (x86)EaseUSTodo BackupbinTBConsoleUI.exe => No File
FirewallRules: [3449D0F5-75D1-4D4C-9ABF-A06C0C19E540] => (Allow) C:Program Files (x86)EaseUSTodo BackupbinTBConsoleUI.exe => No File
FirewallRules: [AE0CDF9E-B5E9-494D-8F49-5082C513051E] => (Allow) C:Program Files (x86)EaseUSTodo BackupbinTodoBackupService.exe => No File
FirewallRules: [BD645535-E54D-4F24-BD42-A5510AF33F77] => (Allow) C:Program Files (x86)EaseUSTodo BackupbinTodoBackupService.exe => No File
FirewallRules: [523430D7-85BF-4444-9156-6C4EFA962541] => (Allow) C:Program Files (x86)SteamsteamappscommonPlanet CoasterPlanetCoaster.exe => No File
FirewallRules: [4707B446-3802-4968-A848-571578639CCD] => (Allow) C:Program Files (x86)SteamsteamappscommonPlanet CoasterPlanetCoaster.exe => No File
FirewallRules: [TCP Query User7CB583B7-9C57-443A-BABB-AA7203601521C:program filessmith microposer 11poser.exe] => (Block) C:program filessmith microposer 11poser.exe => No File
FirewallRules: [UDP Query UserA0FDE446-6EF3-4566-9BE3-868DB3480B31C:program filessmith microposer 11poser.exe] => (Block) C:program filessmith microposer 11poser.exe => No File
FirewallRules: [F1671BC2-EB01-4D02-8B2D-074C2ABAD2F2] => (Allow) C:Program FilesDAZ 3DDAZStudio4DAZStudio.exe (DAZ PRODUCTIONS, INC. -> Daz 3D, Inc) [File not signed]
FirewallRules: [B74F7B64-B6C1-4AFF-8B51-9C4CC8B9298F] => (Allow) C:Program FilesDAZ 3DDAZStudio4DAZStudio.exe (DAZ PRODUCTIONS, INC. -> Daz 3D, Inc) [File not signed]
FirewallRules: [2FB54D30-70C7-40C5-B2B0-E1C54AD175F0] => (Allow) C:Program FilesDAZ 3DDAZStudio4DAZStudio.exe (DAZ PRODUCTIONS, INC. -> Daz 3D, Inc) [File not signed]
FirewallRules: [26360CEC-FAB4-4BBB-B3C0-D43B2E0EE83D] => (Allow) C:Program FilesDAZ 3DDAZStudio4DAZStudio.exe (DAZ PRODUCTIONS, INC. -> Daz 3D, Inc) [File not signed]
FirewallRules: [BE45A2C8-5A1B-4B1E-A47F-5E3A33194DAD] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe => No File
FirewallRules: [B6931526-ACAC-4BD1-AF49-92AB9E41993C] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe => No File
FirewallRules: [TCP Query User628CCFAD-DFB3-4BFE-B53B-4B45C15C218EC:program files (x86)epic gameslauncherportalbinarieswin64epicgameslauncher.exe] => (Allow) C:program files (x86)epic gameslauncherportalbinarieswin64epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User39C5EAFE-6FE2-4846-BC42-B9E6C263BF33C:program files (x86)epic gameslauncherportalbinarieswin64epicgameslauncher.exe] => (Allow) C:program files (x86)epic gameslauncherportalbinarieswin64epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [40602964-BA2A-4541-AC5E-AD363C571F4F] => (Allow) C:UserscoxycAppDataLocalTemp7zS69F2HPDiagnosticCoreUI.exe => No File
FirewallRules: [732FFDF3-AAC9-4E05-9654-E85F7DAEE8DB] => (Allow) C:UserscoxycAppDataLocalTemp7zS69F2HPDiagnosticCoreUI.exe => No File
FirewallRules: [91F1F014-5443-4083-963F-94FE0E7E3AF6] => (Allow) C:UserscoxycAppDataLocalTemp7zS7622HPDiagnosticCoreUI.exe => No File
FirewallRules: [D428D623-D4F0-4DF1-B913-9145F83A7BCE] => (Allow) C:UserscoxycAppDataLocalTemp7zS7622HPDiagnosticCoreUI.exe => No File
FirewallRules: [38D5481D-6A59-4527-B6E1-101BA1FD5CB7] => (Allow) C:UserscoxycAppDataLocalTemp7zS7B74HPDiagnosticCoreUI.exe => No File
FirewallRules: [F58A6318-1FC5-4A3E-99EF-D6D166C36059] => (Allow) C:UserscoxycAppDataLocalTemp7zS7B74HPDiagnosticCoreUI.exe => No File
FirewallRules: [F437719A-BD4D-4AD5-9068-26588C70EC04] => (Allow) C:UserscoxycAppDataLocalTemp7zS0A05HPDiagnosticCoreUI.exe => No File
FirewallRules: [2CE80FF0-79BD-4F7A-968C-4DA256123F4C] => (Allow) C:UserscoxycAppDataLocalTemp7zS0A05HPDiagnosticCoreUI.exe => No File
FirewallRules: [E3D377B0-00F2-43CF-AC9F-04DE928A54A1] => (Allow) C:Program FilesHPHP OfficeJet 3830 seriesbinFaxApplications.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [5439CD9A-60F8-43D3-A9B2-754E90420BB0] => (Allow) C:Program FilesHPHP OfficeJet 3830 seriesbinDigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [37147B55-9025-41F0-9DEA-55743263DAF8] => (Allow) C:Program FilesHPHP OfficeJet 3830 seriesbinSendAFax.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [72024B9C-E39C-458F-B62A-D6F27918FD24] => (Allow) C:Program FilesHPHP OfficeJet 3830 seriesbinFaxPrinterUtility.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [F4751896-BE4B-4B64-80C6-963E12937661] => (Allow) C:Program FilesHPHP OfficeJet 3830 seriesBinDeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [578E649B-9AA1-4CC3-8608-2E54DF5F6994] => (Allow) LPort=5357
FirewallRules: [E79D7342-713B-4B9A-B954-E1562490FC84] => (Allow) C:Program FilesHPHP OfficeJet 3830 seriesBinHPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [66DAE937-05CF-42FA-BE04-1528FCF3BCAF] => (Allow) C:Program Files (x86)SteamsteamappscommonGame Dev Studiogame_dev_studio.exe => No File
FirewallRules: [A1880910-858D-407B-AE80-F78FF03221CA] => (Allow) C:Program Files (x86)SteamsteamappscommonGame Dev Studiogame_dev_studio.exe => No File
FirewallRules: [326F603F-8881-40EB-9A2B-C403E19F2DF3] => (Allow) C:Program Files (x86)SteamsteamappscommonTotal War WARHAMMERlauncherlauncher.exe => No File
FirewallRules: [E9DE7E85-16FC-4A75-916C-4B931ED70B31] => (Allow) C:Program Files (x86)SteamsteamappscommonTotal War WARHAMMERlauncherlauncher.exe => No File
FirewallRules: [9D1FEDC1-8E2D-48D4-B8E0-76D63D1F226E] => (Allow) C:Program Files (x86)SteamsteamappscommonAmerican Truck Simulatorbinwin_x64amtrucks.exe => No File
FirewallRules: [79769D97-6D04-450F-A660-ED8E161B3AD9] => (Allow) C:Program Files (x86)SteamsteamappscommonAmerican Truck Simulatorbinwin_x64amtrucks.exe => No File
FirewallRules: [TCP Query User4E46DF3E-2344-48DA-B28C-AC24A3AD53F6C:program files (x86)steamsteamappscommontest drive unlimited 2_uplauncher.exe] => (Allow) C:program files (x86)steamsteamappscommontest drive unlimited 2_uplauncher.exe => No File
FirewallRules: [UDP Query User285FFF2B-DCFA-4D4C-8696-7260392429CDC:program files (x86)steamsteamappscommontest drive unlimited 2_uplauncher.exe] => (Allow) C:program files (x86)steamsteamappscommontest drive unlimited 2_uplauncher.exe => No File
FirewallRules: [TCP Query User167E2096-F7F6-4F81-8AFA-B9F7F1E256E8C:program files (x86)steamsteamappscommontest drive unlimited 2testdrive2.exe] => (Allow) C:program files (x86)steamsteamappscommontest drive unlimited 2testdrive2.exe => No File
FirewallRules: [UDP Query User7E43CBF9-B63D-4FCE-B1E4-373B20277559C:program files (x86)steamsteamappscommontest drive unlimited 2testdrive2.exe] => (Allow) C:program files (x86)steamsteamappscommontest drive unlimited 2testdrive2.exe => No File
FirewallRules: [C689A094-A357-44D3-84F0-45945A24FAC5] => (Allow) C:Program Files (x86)SteamsteamappscommonShadowOfMordorx64ShadowOfMordor.exe => No File
FirewallRules: [357C22F4-821F-4595-88DA-B5D6A6633D5D] => (Allow) C:Program Files (x86)SteamsteamappscommonShadowOfMordorx64ShadowOfMordor.exe => No File
FirewallRules: [TCP Query UserEF481FB2-F02F-41EF-A65B-EBEAEAE78BCBC:program filesjavajre1.8.0_261binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_261binjavaw.exe => No File
FirewallRules: [UDP Query User9BB7EE3C-E17D-4711-9B58-F19BBC780617C:program filesjavajre1.8.0_261binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_261binjavaw.exe => No File
FirewallRules: [F99126AF-6156-4CF8-9E11-4F7F6A373330] => (Allow) C:Program Files (x86)SteamsteamappscommonEuro Truck Simulator 2binwin_x64eurotrucks2.exe => No File
FirewallRules: [3DF42D39-6275-4B2E-B682-3C8A98425D0D] => (Allow) C:Program Files (x86)SteamsteamappscommonEuro Truck Simulator 2binwin_x64eurotrucks2.exe => No File
FirewallRules: [8AFFEA7D-6119-41D5-A75D-DFE4553EB7C0] => (Allow) C:Program Files (x86)SteamsteamappscommonEuro Truck Simulator 2binwin_x86eurotrucks2.exe => No File
FirewallRules: [05AD028B-8B1C-484D-A7F6-15FDC079BC73] => (Allow) C:Program Files (x86)SteamsteamappscommonEuro Truck Simulator 2binwin_x86eurotrucks2.exe => No File
FirewallRules: [TCP Query User053B3D5B-2D16-4886-9188-DA9B59E11B0AC:7flightsimulator.exe] => (Allow) C:7flightsimulator.exe => No File
FirewallRules: [UDP Query User56E002E6-E93F-4F05-A9A2-DE94B3575C4CC:7flightsimulator.exe] => (Allow) C:7flightsimulator.exe => No File
FirewallRules: [TCP Query UserEF02541E-C175-458A-879C-2266A0408BD6C:program filesmodifiablewindowsappshalomccmccbinarieswin64mcc-win64-shipping-winstore.exe] => (Allow) C:program filesmodifiablewindowsappshalomccmccbinarieswin64mcc-win64-shipping-winstore.exe => No File
FirewallRules: [UDP Query UserB706D72D-D0F9-46E9-977B-8AC339D227C6C:program filesmodifiablewindowsappshalomccmccbinarieswin64mcc-win64-shipping-winstore.exe] => (Allow) C:program filesmodifiablewindowsappshalomccmccbinarieswin64mcc-win64-shipping-winstore.exe => No File
FirewallRules: [TCP Query UserC67AD134-52A6-462E-890E-E96EF9C9AEB3C:program filesjavajre1.8.0_261binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_261binjavaw.exe => No File
FirewallRules: [UDP Query User2ABD2ABD-3EA0-4002-8391-43AD96B1C53DC:program filesjavajre1.8.0_261binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_261binjavaw.exe => No File
FirewallRules: [FA726B60-E0D9-414F-8D62-F088477644FA] => (Allow) C:Program Files (x86)PlexPlex Media ServerPlex Media Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [F121570D-D243-4146-8D9E-BA3BD0B3D032] => (Allow) C:Program Files (x86)PlexPlex Media ServerPlexScriptHost.exe (Plex, Inc. -> Python Software Foundation)
FirewallRules: [9F60E071-4BD9-45C9-8A8C-3FBD7E4EA43F] => (Allow) C:Program Files (x86)PlexPlex Media ServerPlex DLNA Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [9B0B6BDC-CC83-42D8-99D6-4337199CDB5F] => (Allow) C:Program Files (x86)PlexPlex Media ServerPlex Tuner Service.exe (Plex, Inc. -> )
FirewallRules: [012037A3-089F-4836-B50E-A1845BBCAED0] => (Allow) C:Program Files (x86)Steamsteamappscommonwallpaper_enginelauncher.exe => No File
FirewallRules: [2AB64ED5-0ED1-4DB7-8830-CB6BD98602EF] => (Allow) C:Program Files (x86)Steamsteamappscommonwallpaper_enginelauncher.exe => No File
FirewallRules: [TCP Query User9E90783E-C9E3-46E5-9035-A6A0D0D92BA9C:5tetriseffectbinarieswingdktetriseffect-wingdk-shipping.exe] => (Allow) C:5tetriseffectbinarieswingdktetriseffect-wingdk-shipping.exe => No File
FirewallRules: [UDP Query UserE8C8F1EE-E8F3-46B2-8108-803C2FEF1674C:5tetriseffectbinarieswingdktetriseffect-wingdk-shipping.exe] => (Allow) C:5tetriseffectbinarieswingdktetriseffect-wingdk-shipping.exe => No File
FirewallRules: [397CED50-E0A1-46A8-BCF5-721ACCAEC413] => (Allow) C:Program Files (x86)SteamsteamappscommonHouse FlipperHouseFlipper.exe => No File
FirewallRules: [F93EF4E1-2424-4CA9-A31B-A495A30B0033] => (Allow) C:Program Files (x86)SteamsteamappscommonHouse FlipperHouseFlipper.exe => No File
FirewallRules: [8B25AE3F-9903-41CD-9B2E-53A1147505F5] => (Allow) C:UserscoxycAppDataLocalTemp7zS7EEFHPDiagnosticCoreUI.exe => No File
FirewallRules: [B77A15F8-AF96-473A-A257-178085820BC5] => (Allow) C:UserscoxycAppDataLocalTemp7zS7EEFHPDiagnosticCoreUI.exe => No File
FirewallRules: [F6E3FB6D-8604-4A0A-B4EF-46ADD3EA1770] => (Allow) C:Program Files (x86)HPDiagnosticsPSDRSoftPaqBinariesHPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [EC211E76-E437-4B4F-A2EE-325578841687] => (Allow) C:Program Files (x86)HPDiagnosticsPSDRSoftPaqBinariesHPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [TCP Query User6A012527-FE3D-4C2C-BAA2-A20CDAD2487BC:program filesjavajre1.8.0_271binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_271binjavaw.exe => No File
FirewallRules: [UDP Query User25FD606C-E6F1-472D-AC52-18BEEDD3DAACC:program filesjavajre1.8.0_271binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_271binjavaw.exe => No File
FirewallRules: [1C97DA69-C382-4337-9147-D54E4C8DE5E2] => (Allow) C:Program Files (x86)Steamsteamappscommonwallpaper_enginebindiagnostics32.exe => No File
FirewallRules: [4993864D-9F6D-45ED-8273-3CE2BB48FED6] => (Allow) C:Program Files (x86)Steamsteamappscommonwallpaper_enginebindiagnostics32.exe => No File
FirewallRules: [39F7CD8C-FE2A-44D7-B3B5-69E0AA3EE990] => (Allow) C:Program FilesMicrosoft OfficerootOffice16outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query UserC02133C2-D83A-4AFD-AF80-117CE5BF1310C:program filesjavajre1.8.0_271binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_271binjavaw.exe => No File
FirewallRules: [UDP Query User9AD80FE6-EEE4-4431-8F18-9635214049DFC:program filesjavajre1.8.0_271binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_271binjavaw.exe => No File
FirewallRules: [TCP Query User7106AC79-7B48-4100-B69F-767EE070B6A7F:steamlibrarysteam.exe] => (Allow) F:steamlibrarysteam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query UserF3F6265D-69DF-43D0-9027-8E5A42107F97F:steamlibrarysteam.exe] => (Allow) F:steamlibrarysteam.exe (Valve -> Valve Corporation)
FirewallRules: [D35A2F4B-6627-47C8-9D1B-900E6DB93FFF] => (Allow) F:SteamLibrarybincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [C6AC80CD-7580-4E40-AFB7-87270FF6BDA7] => (Allow) F:SteamLibrarybincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [7166C67E-1DE1-456A-AD97-042117584D01] => (Allow) F:SteamLibrarysteamappscommonHouse FlipperHouseFlipper.exe () [File not signed]
FirewallRules: [D8C2D543-B199-40F3-8109-A1BB8B26D2F2] => (Allow) F:SteamLibrarysteamappscommonHouse FlipperHouseFlipper.exe () [File not signed]
FirewallRules: [6E8320F1-1F18-4083-804E-9DC702260BC1] => (Allow) C:Program Files (x86)PlayStationNowpsnowlauncher.exe (Sony Interactive Entertainment LLC -> Sony Interactive Entertainment Network America LLC)
FirewallRules: [40BC0723-39FF-491A-8C29-0FF440AF71BA] => (Allow) C:UserscoxycAppDataLocalGaikaiCrashReportsdumpupload.exe (Sony Interactive Entertainment LLC -> )
FirewallRules: [58B6ED66-6F5B-4445-9FB5-EC77E6DEB149] => (Allow) C:Program Files (x86)PlayStationNowunidater.exe (Sony Interactive Entertainment LLC -> Sony Interactive Entertainment)
FirewallRules: [TCP Query UserDBFC604A-58AA-4C9E-8F00-7BAF5112D095F:0mediumbinarieswingdkmedium-wingdk-shipping.exe] => (Allow) F:0mediumbinarieswingdkmedium-wingdk-shipping.exe => No File
FirewallRules: [UDP Query UserAB4448B1-1240-4C29-A97B-B3209B24A7FAF:0mediumbinarieswingdkmedium-wingdk-shipping.exe] => (Allow) F:0mediumbinarieswingdkmedium-wingdk-shipping.exe => No File
FirewallRules: [27655FED-6367-46F6-AE25-23A963BEDC6C] => (Allow) F:SteamLibrarysteamappscommonwallpaper_enginelauncher.exe (Skutta, Kristjan -> )
FirewallRules: [E2933323-B62B-4D7A-B4AE-ACF3C784DB6A] => (Allow) F:SteamLibrarysteamappscommonwallpaper_enginelauncher.exe (Skutta, Kristjan -> )
FirewallRules: [61FE237D-E310-48E0-9EEE-BCAAAB5BD307] => (Allow) F:SteamLibrarysteamappscommonwallpaper_enginebindiagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [B2E36919-48BD-4B25-8FDA-C3007140B861] => (Allow) F:SteamLibrarysteamappscommonwallpaper_enginebindiagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [TCP Query UserBAAB659B-1D65-4E6A-B53D-3366A48054E4F:cyberpunk 2077binx64cyberpunk2077.exe] => (Block) F:cyberpunk 2077binx64cyberpunk2077.exe => No File
FirewallRules: [UDP Query User76D8AC3E-3AFF-4444-8CAC-4E2F06CDBA68F:cyberpunk 2077binx64cyberpunk2077.exe] => (Block) F:cyberpunk 2077binx64cyberpunk2077.exe => No File
FirewallRules: [TCP Query UserA8E58895-DDD5-458C-8DDF-9DF07BE65DAAC:program filesjavajre1.8.0_281binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_281binjavaw.exe
FirewallRules: [UDP Query User4BBC91EA-42DC-42B2-896D-9AB1A606F083C:program filesjavajre1.8.0_281binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_281binjavaw.exe
FirewallRules: [F696E3CB-F61A-4072-996F-E2E79B99BAB6] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

15-02-2021 19:12:01 Installed PlayStation™Now
24-02-2021 17:15:49 Scheduled Checkpoint
05-03-2021 17:06:30 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: ========================

Application errors:
==================
Error: (03/05/2021 11:24:26 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/03/2021 09:15:54 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimiser couldn't complete re-trim on New Volume (D:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/25/2021 06:42:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 11.0.19041.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: ef18

Start Time: 01d70ba5f8b2cbf6

Termination Time: 10

Application Path: C:Program FilesInternet Exploreriexplore.exe

Report Id: 397bb17c-ff48-4361-8a5a-12f0b62397b7

Faulting package full name:

Faulting package-relative application ID:

Hang type: Cross-process

Error: (02/24/2021 05:39:46 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimiser couldn't complete re-trim on New Volume (D:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/18/2021 07:11:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program XboxAppServices.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2728

Start Time: 01d700ac8262a9a5

Termination Time: 4294967295

Application Path: C:Program FilesWindowsAppsMicrosoft.GamingApp_2101.1002.1.0_x64__8wekyb3d8bbweXboxAppServices.exe

Report Id: ad6bbd7f-be54-4eaa-83a5-e2e8de4af32a

Faulting package full name: Microsoft.GamingApp_2101.1002.1.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: Microsoft.Xbox.App

Hang type: Quiesce

Error: (02/17/2021 05:31:04 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimiser couldn't complete re-trim on New Volume (D:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (02/12/2021 06:17:28 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId=08AB8EA1-BE00-444C-9922-3EFAD633F07D: The user SYSTEM dialed a connection named VyprVPN which has failed. The error code returned on failure is -2143157998.

Error: (02/12/2021 06:17:19 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path validation failed. Error: typeId=55, authorId=311, vendorId=0, vendorType=0

System errors:
=============
Error: (02/26/2021 01:06:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Bitdefender Security Service service terminated unexpectedly. It has done this 1 time(s).

Error: (02/24/2021 08:05:49 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (02/20/2021 11:43:09 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9MWPM2CQNLHN-Microsoft.GamingServices.

Error: (02/20/2021 05:20:22 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Initialization failed because the driver device could not be created.
Use the string "%2" to identify the interface for which initialization
failed. It represents the MAC address of the failed interface or the
Globally Unique Interface Identifier (GUID) if NetBT was unable to
map from GUID to MAC address. If neither the MAC address nor the GUID were
available, the string represents a cluster device name.

Error: (02/20/2021 05:20:22 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Initialization failed because the driver device could not be created.
Use the string "%2" to identify the interface for which initialization
failed. It represents the MAC address of the failed interface or the
Globally Unique Interface Identifier (GUID) if NetBT was unable to
map from GUID to MAC address. If neither the MAC address nor the GUID were
available, the string represents a cluster device name.

Error: (02/20/2021 04:04:06 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9MWPM2CQNLHN-Microsoft.GamingServices.

Error: (02/19/2021 06:48:22 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Initialization failed because the driver device could not be created.
Use the string "%2" to identify the interface for which initialization
failed. It represents the MAC address of the failed interface or the
Globally Unique Interface Identifier (GUID) if NetBT was unable to
map from GUID to MAC address. If neither the MAC address nor the GUID were
available, the string represents a cluster device name.

Error: (02/19/2021 06:48:22 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Initialization failed because the driver device could not be created.
Use the string "%2" to identify the interface for which initialization
failed. It represents the MAC address of the failed interface or the
Globally Unique Interface Identifier (GUID) if NetBT was unable to
map from GUID to MAC address. If neither the MAC address nor the GUID were
available, the string represents a cluster device name.

CodeIntegrity:
===============
Date: 2021-03-06 15:33:28
Description:
Windows blocked file DeviceHarddiskVolume2WindowsSystem32scrobj.dll which has been disallowed for protected processes.

Date: 2021-03-06 15:32:27
Description:
Code Integrity determined that a process (DeviceHarddiskVolume2WindowsSystem32svchost.exe) attempted to load DeviceHarddiskVolume2Program FilesBitdefender Antivirus Freebdamsi265176361138740904antimalware_provider64.dll that did not meet the Windows signing level requirements.

Date: 2021-03-06 15:32:18
Description:
Code Integrity determined that a process (DeviceHarddiskVolume2Program FilesMozilla Firefoxfirefox.exe) attempted to load DeviceHarddiskVolume2Program FilesMalwarebytesAnti-Malwarembae64.dll that did not meet the Microsoft signing level requirements.

Date: 2021-03-06 12:16:08
Description:
Code Integrity determined that a process (DeviceHarddiskVolume2WindowsSystem32SIHClient.exe) attempted to load DeviceHarddiskVolume2Program FilesBitdefender Antivirus Freebdamsi265176361138740904antimalware_provider64.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.80 09/13/2017
Motherboard: Micro-Star International Co., Ltd. B350 TOMAHAWK (MS-7A34)
Processor: AMD Ryzen 5 1600 Six-Core Processor
Percentage of memory in use: 50%
Total physical RAM: 12240.29 MB
Available physical RAM: 6055.76 MB
Total Virtual: 22240.29 MB
Available Virtual: 12964.22 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.28 GB) (Free:283.22 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (New Volume) (Fixed) (Total:931.5 GB) (Free:664.55 GB) NTFS
Drive e: () (Fixed) (Total:59.63 GB) (Free:4.73 GB) NTFS
Drive f: (NVMe hard drive) (Fixed) (Total:238.47 GB) (Free:169.44 GB) NTFS

\?Volume42ab6810-5fd7-02c9-9aed-4b1456ff1141 () (Fixed) (Total:24.32 GB) (Free:0 GB) NTFS
\?Volume5bcf7ac5-0000-0000-0000-e05174000000 () (Fixed) (Total:0.48 GB) (Free:0.05 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 5BCF7AC5)
Partition 1: (Active) – (Size=465.3 GB) – (Type=07 NTFS)
Partition 2: (Not Active) – (Size=491 MB) – (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 59.6 GB) (Disk ID: 9969732A)
Partition 1: (Not Active) – (Size=59.6 GB) – (Type=07 NTFS)

==========================================================
Disk: 2 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 6B2E3936)
Partition 1: (Not Active) – (Size=238.5 GB) – (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 4.

==================== End of Addition.txt =======================

Please help.

Thanks,

Steve

Commentaires

Laisser un commentaire

Votre commentaire sera révisé par les administrateurs si besoin.