Bruit de Klaxon et voix criante lors de la visualisation de Youtube, etc. – Serveur d’impression
[bzkshopping keyword= »Minecraft » count= »8″ template= »grid »]
Au cours de la dernière semaine ou 2, lorsque j'ai visionné une vidéo sur votre tube, j'ai entendu un bruit de hurlement qui ressemble à un homme disant "Gee Gee", cela se produit toutes les 10 minutes environ, et au cours des derniers jours, il a commencé à inclure un son klaxon fort aussi. Cela se produit également lorsque vous jouez à des jeux PC et je l'ai remarqué en écoutant la radio Internet. J'ai fait des analyses de virus et des analyses de logiciels malveillants, cela n'a pas aidé.
Résultat de l'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
Ran par coxyc (administrateur) sur DESKTOP-IRCN2PL (Micro-Star International Co., Ltd. MS-7A34) (06-03-2021 15:47:44)
Exécution à partir de C: Users coxyc Downloads
Profils chargés: coxyc
Plate-forme: Windows 10 Home Version 20H2 19042.804 (X64) Langue: Anglais (Royaume-Uni)
Navigateur par défaut: FF
Mode de démarrage: normal
==================== Processus (sur liste blanche) ==================
(Si une entrée est incluse dans la liste de correctifs, le processus sera fermé. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Inc.) C: Program Files (x86) Common Files Adobe ARM 1.0 armsvc.exe
(Advanced Micro Devices, Inc. ->) C: Program Files AMD Performance Profile Client RyzenMaster AUEPRyzenMasterAC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C: Program Files AMD CNext CNext amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C: Program Files AMD CNext CNext AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C: Program Files AMD CNext CNext RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C: Program Files AMD Performance Profile Client AUEPLauncher.exe
(Advanced Micro Devices, Inc. -> AMD) C: Program Files AMD Performance Profile Client AUEPMaster.exe
(Advanced Micro Devices, Inc. -> AMD) C: Program Files AMD Performance Profile Client AUEPUF.exe
(Advanced Micro Devices, Inc. -> AMD) C: Windows System32 DriverStore FileRepository c0361132.inf_amd64_1f7832db1fb1721f B361196 atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C: Windows System32 DriverStore FileRepository c0361132.inf_amd64_1f7832db1fb1721f B361196 atiesrxx.exe
(A-Volute ->) C: Program Files Nahimic Nahimic2 UserInterface Nahimic2Svc32.exe
(A-Volute ->) C: Program Files Nahimic Nahimic2 UserInterface Nahimic2UILauncher.exe
(A-Volute ->) C: Program Files Nahimic Nahimic2 UserInterface x64 Nahimic2Svc64.exe
(Bitdefender SRL -> Bitdefender) C: Program Files Bitdefender Agent DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C: Program Files Bitdefender Agent ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C: Program Files Bitdefender Antivirus Free bdagent.exe
(Bitdefender SRL -> Bitdefender) C: Program Files Bitdefender Antivirus Free bdredline.exe
(Bitdefender SRL -> Bitdefender) C: Program Files Bitdefender Antivirus Free updatesrv.exe
(Bitdefender SRL -> Bitdefender) C: Program Files Bitdefender Antivirus Free vsserv.exe
(Bitdefender SRL -> Bitdefender) C: Program Files Bitdefender Antivirus Free vsservppl.exe
(Google LLC -> Google LLC) C: Program Files (x86) Google Update 1.3.36.72 GoogleCrashHandler.exe
(Google LLC -> Google LLC) C: Program Files (x86) Google Update 1.3.36.72 GoogleCrashHandler64.exe
(Malwarebytes Inc -> Malwarebytes) C: Program Files Malwarebytes Anti-Malware MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C: Program Files Malwarebytes Anti-Malware mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C: Program Files Common Files microsoft shared ClickToRun OfficeClickToRun.exe
(Microsoft Corporation) C: Program Files WindowsApps Microsoft.GamingApp_2102.1001.17.0_x64__8wekyb3d8bbwe XboxAppServices.exe
(Microsoft Corporation) C: Program Files WindowsApps Microsoft.GamingServices_2.50.5005.0_x64__8wekyb3d8bbwe GamingServices.exe
(Microsoft Corporation) C: Program Files WindowsApps Microsoft.GamingServices_2.50.5005.0_x64__8wekyb3d8bbwe GamingServicesNet.exe
(Microsoft Corporation) C: Program Files WindowsApps Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe WinStore.App.exe
(Microsoft Corporation) C: Program Files WindowsApps Microsoft.ZuneMusic_10.20122.11121.0_x64__8wekyb3d8bbwe Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows ImmersiveControlPanel SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 oobe UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C: Windows System32 smartscreen.exe
(Éditeur de compatibilité matérielle Microsoft Windows -> Advanced Micro Devices, Inc.) C: Windows System32 amdfendrsr.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C: MSI MSIRegister MSIRegister.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C: MSI MSIRegister MSIRegisterService.exe
(Mozilla Corporation -> Mozilla Corporation) C: Program Files Mozilla Firefox firefox.exe <7>
(Oracle America, Inc. -> Oracle Corporation) C: Program Files (x86) Common Files Java Java Update jusched.exe
(Plex, Inc. ->) C: Program Files (x86) Plex Plex Media Server Plex Tuner Service.exe
(Plex, Inc. -> Plex, Inc.) C: Program Files (x86) Plex Plex Media Server Plex Media Server.exe
(Plex, Inc. -> Plex, Inc.) C: Program Files (x86) Plex Plex Media Server Plex Update Service.exe
(Plex, Inc. -> Python Software Foundation) C: Program Files (x86) Plex Plex Media Server PlexScriptHost.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C: Program Files Realtek Audio HDA RtkNGUI64.exe
(Stichting Blender Foundation -> Blender Foundation) F: Program files Blender blender.exe
==================== Registre (sur liste blanche) ===================
(Si une entrée est incluse dans la liste de correctifs, l'élément de registre sera restauré par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM … Exécuter: [RTHDVCPL] => C: Program Files Realtek Audio HDA RtkNGUI64.exe [9192960 2017-01-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM … Exécuter: [Nahimic2UILauncher] => C: Program Files Nahimic Nahimic2 UserInterface Nahimic2UILauncher.exe [705208 2017-01-13] (A-Volute ->)
HKLM-x32 … Exécuter: [MSIRegister] => C: MSI MSIRegister MSIRegister.exe [1258448 2016-11-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32 … Exécuter: [SunJavaUpdateSched] => C: Program Files (x86) Common Files Java Java Update jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKU S-1-5-21-1329802319-222491363-2786480829-1001 … Exécuter: [Plex Media Server] => C: Program Files (x86) Plex Plex Media Server Plex Media Server.exe [21011440 2020-12-01] (Plex, Inc. -> Plex, Inc.)
HKU S-1-5-21-1329802319-222491363-2786480829-1001 … Exécuter: [Steam] => "C: Program Files (x86) Steam steam.exe" -silent
HKU S-1-5-18 … Exécuter: [] => [X]
HKU S-1-5-18 … Exécuter: [Plex Media Server] => C: Program Files (x86) Plex Plex Media Server Plex Media Server.exe [21011440 2020-12-01] (Plex, Inc. -> Plex, Inc.)
Processeur d'impression HKLM … Windows x64 Print Processors Canon TS8200 series: C: Windows System32 spool prtprocs x64 CNMPDEK.DLL [482816 2018-07-17] (Éditeur de compatibilité matérielle Microsoft Windows -> CANON INC.)
HKLM … Print Monitors Canon BJ Language Monitor TS8200 series: C: WINDOWS system32 CNMLMEK.DLL [904192 2018-07-17] (Éditeur de compatibilité matérielle Microsoft Windows -> CANON INC.)
HKLM … Print Monitors HP E511 Status Monitor: C: WINDOWS system32 hpinkstsE511LM.dll [393352 2017-03-10] (Hewlett Packard -> HP Inc.)
HKLM Software Microsoft Active Setup Composants installés: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> C: Program Files (x86) Google Chrome Application 89.0.4389.82 Installer chrmstp.exe [2021-03-05] (Google LLC -> Google LLC)
Démarrage: C: ProgramData Microsoft Windows Menu Démarrer Programmes Startup Universal Media Server.lnk [2019-07-03]
ShortcutTarget: Universal Media Server.lnk -> C: Program Files (x86) Universal Media Server UMS.exe (Universal Media Server) [File not signed]
Démarrage: C: Users coxyc AppData Roaming Microsoft Windows Menu Démarrer Programmes Startup Folding@home.lnk [2020-03-03]
ShortcutTarget: Folding@home.lnk -> C: Program Files (x86) FAHClient HideConsole.exe () [File not signed]
GroupPolicy: Restriction? <==== ATTENTION
Stratégies: C: ProgramData NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (sur liste blanche) ============
(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)
Tâche: 115BB854-AEE7-4A62-9F9D-4C5C75F81C4D – System32 Tasks Microsoft Office Office Feature Updates => C: Program Files Microsoft Office root Office16 sdxhelper.exe [145760 2021-02-20] (Microsoft Corporation -> Microsoft Corporation)
Tâche: 1971E81C-3FE7-46A7-9F6A-699CFB719F9A – System32 Tasks AMDAutoUpdate => C: Program Files AMD AutoUpdate AMDAutoUpdate.exe [661240 2018-08-02] (Advanced Micro Devices Inc. ->)
Tâche: 205BCB95-A43E-419F-83FF-322797ED601B – System32 Tasks StartDVR => C: Program Files AMD CNext CNext RSServCmd.exe [69304 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Tâche: 21651624-EC35-4C2F-A4EB-DCA8EC1A8AE3 – System32 Tasks HPCustParticipation HP OfficeJet 3830 series => C: Program Files HP HP OfficeJet 3830 series Bin HPCustPartic.exe [6438536 2017-03-27] (Hewlett Packard -> HP Inc.)
Tâche: 233B68AB-6CFC-4FBE-86B1-C0EFF432F9BA – System32 Tasks ModifyLinkUpdate => C: Program Files AMD CIM Bin64 InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Tâche: 284515BB-672F-488D-B1B2-02FB5470F6FD – System32 Tasks Nahimic2UILauncherRun => C: Program Files Nahimic Nahimic2 UserInterface Nahimic2UILauncher.exe [705208 2017-01-13] (A-Volute ->)
Tâche: 3F161D8D-701C-4273-A8EB-0E950B9CCE6F – System32 Tasks Microsoft Office OfficeTelemetryAgentLogOn2016 => C: Program Files Microsoft Office root Office16 msoia.exe [5057968 2021-02-20] (Microsoft Corporation -> Microsoft Corporation)
Tâche: 4987DE47-7E72-4404-9F3B-43FEC01EDFDD – System32 Tasks Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C: Program Files Bitdefender Agent WatchDog.exe [888232 2021-01-29] (Bitdefender SRL -> Bitdefender)
Tâche: 52CC2F8C-1F79-4073-9049-D66DFC96164E – System32 Tasks GoogleUpdateTaskMachineCore => C: Program Files (x86) Google Update GoogleUpdate.exe [153168 2018-11-10] (Google Inc -> Google Inc.)
Tâche: 61B8081E-E722-4DF8-A771-0EB8EC6C5038 – System32 Tasks AMDInstallLauncher => C: Program Files AMD CIM Bin64 InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Tâche: 64AA1026-42B1-4367-AC42-FF13C490217E – System32 Tasks StartCN => C: Program Files AMD CNext CNext cncmd.exe [61624 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Tâche: 6C330FC1-13E4-47BB-9841-F77EA33A2150 – System32 Tasks SamsungMagician => C: Program Files (x86) Samsung Samsung Magician SamsungMagician.exe [1146048 2018-05-28] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Tâche: 74237DF2-4E56-43DA-9CB7-08C95449653E – System32 Tasks StartCNBM => C: Program Files AMD CNext CNext cncmd.exe [61624 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Tâche: 7EB6C728-A91E-4F37-A78A-BF549E7DCCA0 – System32 Tasks AMDLinkUpdate => C: Program Files AMD CIM Bin64 InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Tâche: 7F8B72B9-471C-41CF-9BEB-A7695DE5DA09 – System32 Tasks Microsoft Office Office Feature Updates Logon => C: Program Files Microsoft Office root Office16 sdxhelper.exe [145760 2021-02-20] (Microsoft Corporation -> Microsoft Corporation)
Tâche: 8979C870-C307-419F-9540-E85827935747 – System32 Tasks Nahimic2svc64Run => C: Program Files Nahimic Nahimic2 UserInterface x64 Nahimic2svc64.exe [513208 2017-01-13] (A-Volute ->)
Tâche: CA76EACE-23D9-47D0-9363-B8AD4158EAD3 – System32 Tasks Microsoft Office Office ClickToRun Service Monitor => C: Program Files Common Files Microsoft Shared ClickToRun OfficeC2RClient.exe [22763912 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Tâche: CBC75386-702D-43AE-855F-728544D1DD3E – System32 Tasks GoogleUpdateTaskMachineUA => C: Program Files (x86) Google Update GoogleUpdate.exe [153168 2018-11-10] (Google Inc -> Google Inc.)
Tâche: CC8C2EB4-21F8-4F12-8BE9-1F58E8BFB611 – System32 Tasks Microsoft Office OfficeTelemetryAgentFallBack2016 => C: Program Files Microsoft Office root Office16 msoia.exe [5057968 2021-02-20] (Microsoft Corporation -> Microsoft Corporation)
Tâche: CE9E5C8B-EA5B-48AC-AE12-76B376CFF96C – System32 Tasks Adobe Acrobat Update Task => C: Program Files (x86) Common Files Adobe ARM 1.0 AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Tâche: D613A936-4934-42C4-8F95-56D545B6DB71 – System32 Tasks Nahimic2svc32Run => C: Program Files Nahimic Nahimic2 UserInterface Nahimic2svc32.exe [2054328 2017-01-13] (A-Volute ->)
Tâche: E3F43394-CEFB-448F-96B3-1A896152BEB1 – System32 Tasks Microsoft Office Office Subscription Maintenance => C: Program Files Microsoft Office root vfs ProgramFilesCommonx64 Microsoft Shared Office16 OLicenseHeartbeat.exe [1683344 2021-02-20] (Microsoft Corporation -> Microsoft Corporation)
Tâche: F22E2EC0-8ACC-4D78-9D72-8C5EF69D237E – Agent de navigateur par défaut System32 Tasks Mozilla Firefox 308046B0AF4A39CB => C: Program Files Mozilla Firefox default-browser-agent.exe [694752 2021-02-23] (Mozilla Corporation -> Fondation Mozilla)
Tâche: FF74BE0C-BA25-4897-A905-F45231ECE251 – System32 Tasks Microsoft Office Office Automatic Updates 2.0 => C: Program Files Common Files Microsoft Shared ClickToRun OfficeC2RClient.exe [22763912 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
(Si une entrée est incluse dans la liste de correctifs, le fichier de la tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (sur liste blanche) ====================
(Si un élément est inclus dans la liste de correctifs, s'il s'agit d'un élément de registre, il sera supprimé ou restauré par défaut.)
Hôtes: il existe plusieurs entrées dans les hôtes. Voir la section Hôtes de Addition.txt
Tcpip .. Interfaces 79127cc1-0fef-4e61-b6f7-995b3834b753: [DhcpNameServer] 194.168.4.100 194.168.8.100
Bord:
=======
Profil Edge: C: Users coxyc AppData Local Microsoft Edge User Data Default [2021-02-25]
Edge HKLM-x32 … Edge Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Renard de feu:
========
Profil par défaut FF: 96f7c7pu.default
FF ProfilePath: C: Users coxyc AppData Roaming Mozilla Firefox Profiles 96f7c7pu.default [2021-03-06]
Notifications FF: Mozilla Firefox Profiles 96f7c7pu.default -> hxxps: //www.national-lottery.co.uk; hxxps: //www.wish.com
Extension FF: (Malwarebytes Browser Guard) – C: Users coxyc AppData Roaming Mozilla Firefox Profiles 96f7c7pu.default Extensions 242af0bb-db11-4734-b7a0-61cb8a9b20fb .xpi [2021-03-06]
Extension FF: (YouTube haute définition) – C: Users coxyc AppData Roaming Mozilla Firefox Profiles 96f7c7pu.default Extensions 7b1bf0b6-a1b9-42b0-b75d-252036438bdc .xpi [2021-02-02]
FF SearchPlugin: C: Users coxyc AppData Roaming Mozilla Firefox Profiles 96f7c7pu.default searchplugins bing-lavasoft-ff59.xml [2018-10-20]
Plugin FF: @ java.com / DTPlugin, version = 11.281.2 -> C: Program Files Java jre1.8.0_281 bin dtplugin npDeployJava1.dll [2021-02-16] (Oracle America, Inc. -> Oracle Corporation)
Plugin FF: @ java.com / JavaPlugin, version = 11.281.2 -> C: Program Files Java jre1.8.0_281 bin plugin2 npjp2.dll [2021-02-16] (Oracle America, Inc. -> Oracle Corporation)
Plugin FF: @ microsoft.com / SharePoint, version = 14.0 -> C: Program Files Microsoft Office root Office16 NPSPWRAP.DLL [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @ microsoft.com / Lync, version = 15.0 -> C: Program Files Microsoft Office root VFS ProgramFilesX86 Mozilla Firefox plugins npmeetingjoinpluginoc.dll [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @ microsoft.com / SharePoint, version = 14.0 -> C: Program Files Microsoft Office root VFS ProgramFilesX86 Microsoft Office Office16 NPSPWRAP.DLL [2021-01-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C: Program Files (x86) Adobe Acrobat Reader DC Reader AIR nppdf32.dll [2021-02-24] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C: Program Files mozilla firefox defaults pref bd_js_config.js [2020-04-09] <==== ATTENTION (pointe vers le fichier * .cfg)
FF ExtraCheck: C: Program Files mozilla firefox bd_config.cfg [2020-04-09] <==== ATTENTION
Chrome:
=======
Profil CHR: C: Users coxyc AppData Local Google Chrome User Data Default [2021-03-05]
Extension CHR: (Slides) – C: Users coxyc AppData Local Google Chrome User Data Default Extensions aapocclcgogkmnckokdopfmhonfmgoek [2018-11-10]
Extension CHR: (Docs) – C: Users coxyc AppData Local Google Chrome User Data Default Extensions aohghmighlieiainnegkcijnfilokake [2018-11-10]
Extension CHR: (Google Drive) – C: Users coxyc AppData Local Google Chrome User Data Default Extensions apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
Extension CHR: (YouTube) – C: Users coxyc AppData Local Google Chrome User Data Default Extensions blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-10]
Extension CHR: (Sheets) – C: Users coxyc AppData Local Google Chrome User Data Default Extensions felcaaldnbdncclmgdcncolpebgiejap [2018-11-10]
Extension CHR: (Google Docs hors ligne) – C: Users coxyc AppData Local Google Chrome User Data Default Extensions ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-04]
Extension CHR: (Paiements Chrome Web Store) – C: Users coxyc AppData Local Google Chrome User Data Default Extensions nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
Extension CHR: (Gmail) – C: Users coxyc AppData Local Google Chrome User Data Default Extensions pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
Extension CHR: (Chrome Media Router) – C: Users coxyc AppData Local Google Chrome User Data Default Extensions pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-04]
CHR HKLM-x32 … Chrome Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (sur liste blanche) ===================
(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)
R2 AdobeARMservice; C: Program Files (x86) Common Files Adobe ARM 1.0 armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AUEPLauncher; C: Program Files AMD CIM .. Performance Profile Client AUEPLauncher.exe [61832 2020-11-13] (Advanced Micro Devices, Inc. -> AMD)
R2 bdredline; C: Program Files Bitdefender Antivirus Free bdredline.exe [2500144 2020-04-09] (Bitdefender SRL -> Bitdefender)
R2 ClickToRunSvc; C: Program Files Common Files Microsoft Shared ClickToRun OfficeClickToRun.exe [8854920 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C: Program Files (x86) EasyAntiCheat EasyAntiCheat.exe [803952 2020-11-06] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 MBAMService; C: Program Files Malwarebytes Anti-Malware MBAMService.exe [7456464 2021-03-06] (Malwarebytes Inc -> Malwarebytes)
R2 MSIREGISTER_MR; C: MSI MSIRegister MSIRegisterService.exe [132048 2016-10-07] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 PlexUpdateService; C: Program Files (x86) Plex Plex Media Server Plex Update Service.exe [1425912 2020-12-01] (Plex, Inc. -> Plex, Inc.)
R2 ProductAgentService; C: Program Files Bitdefender Agent ProductAgentService.exe [1358248 2021-01-29] (Bitdefender SRL -> Bitdefender)
R2 updatesrv; C: Program Files Bitdefender Antivirus Free updatesrv.exe [242024 2020-12-08] (Bitdefender SRL -> Bitdefender)
R2 vsserv; C: Program Files Bitdefender Antivirus Free vsserv.exe [570208 2021-01-25] (Bitdefender SRL -> Bitdefender)
R2 vsservppl; C: Program Files Bitdefender Antivirus Free vsservppl.exe [242024 2020-12-08] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C: Program Files Windows Defender NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C: Program Files Windows Defender MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (sur liste blanche) ===================
(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)
R3 AMDXE; C: WINDOWS System32 drivers amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 atc; C: WINDOWS System32 DRIVERS atc.sys [2718744 2021-02-26] (Bitdefender SRL -> Bitdefender S.R.L. Bucarest, ROUMANIE)
R2 BdDci; C: WINDOWS system32 DRIVERS bddci.sys [802976 2020-12-08] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C: WINDOWS System32 drivers bdelam.sys [22960 2019-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
S3 BthA2dp; C: WINDOWS System32 drivers BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 edrsensor; C: WINDOWS System32 DRIVERS edrsensor.sys [309120 2020-02-03] (Bitdefender SRL -> BitDefender S.R.L. Bucarest, ROUMANIE)
S3 epmntdrv; C: WINDOWS system32 epmntdrv.sys [36280 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. ->)
R0 EPMVolFl; C: WINDOWS System32 drivers EPMVolFl.sys [30136 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> Fournisseur Windows ® Nom de code Longhorn DDK)
R1 ESProtectionDriver; C: WINDOWS system32 drivers mbae64.sys [153312 2021-03-06] (Malwarebytes Corporation -> Malwarebytes)
R0 EUDCPEPM; C: WINDOWS System32 drivers EUDCPEPM.sys [85424 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUEDKEPM; C: WINDOWS system32 drivers EUEDKEPM.sys [33712 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
R1 Gemma; C: WINDOWS System32 DRIVERS gemma.sys [488592 2021-02-26] (Bitdefender SRL -> BitDefender S.R.L. Bucarest, ROUMANIE)
R2 MBAMChameleon; C: WINDOWS System32 Drivers MbamChameleon.sys [220616 2021-03-06] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C: WINDOWS System32 DRIVERS MbamElam.sys [19912 2021-03-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C: WINDOWS System32 DRIVERS farflt.sys [198248 2021-03-06] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C: WINDOWS system32 DRIVERS mbam.sys [77496 2021-03-06] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C: WINDOWS System32 Drivers mbamswissarmy.sys [248992 2021-03-06] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C: WINDOWS system32 DRIVERS mwac.sys [142416 2021-03-06] (Malwarebytes Inc -> Malwarebytes)
S3 ssudmdm; C: WINDOWS system32 DRIVERS ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tapprotonvpn; C: WINDOWS System32 drivers tapprotonvpn.sys [44976 2018-09-07] (Éditeur de compatibilité matérielle Microsoft Windows -> Le projet OpenVPN)
R2 trufos; C: WINDOWS System32 drivers trufos.sys [640760 2020-10-02] (Bitdefender SRL -> Bitdefender)
R0 vlflt; C: WINDOWS System32 DRIVERS vlflt.sys [386800 2020-12-08] (Bitdefender SRL -> Bitdefender)
S3 WdBoot; C: WINDOWS system32 drivers WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C: WINDOWS system32 drivers WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C: WINDOWS System32 Drivers WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C: WINDOWS system32 DRIVERS wintun.sys [38176 2021-02-13] (WireGuard LLC -> WireGuard LLC)
S3 EuGdiDrv; SystemRoot system32 EuGdiDrv.sys [X]
==================== NetSvcs (sur liste blanche) ====================
(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)
==================== Un mois (créé) (sur liste blanche) =========
(Si une entrée est incluse dans la liste de correctifs, le fichier / dossier sera déplacé.)
2021-03-06 15:47 – 2021-03-06 15:48 – 000023762 _____ C: Users coxyc Downloads FRST.txt
06/03/2021 15:45 – 06/03/2021 15:48 – 000000000 ____D C: FRST
2021-03-06 15:45 – 2021-03-06 15:45 – 002301440 _____ (Farbar) C: Users coxyc Downloads FRST64.exe
2021-03-06 15:32 – 2021-03-06 15:32 – 000198248 _____ (Malwarebytes) C: WINDOWS system32 Drivers farflt.sys
2021-03-06 15:32 – 2021-03-06 15:32 – 000142416 _____ (Malwarebytes) C: WINDOWS system32 Drivers mwac.sys
2021-03-06 15:32 – 2021-03-06 15:32 – 000077496 _____ (Malwarebytes) C: WINDOWS system32 Drivers mbam.sys
2021-03-06 15:31 – 2021-03-06 15:31 – 000248992 _____ (Malwarebytes) C: WINDOWS system32 Drivers mbamswissarmy.sys
2021-03-06 15:31 – 2021-03-06 15:31 – 000220616 _____ (Malwarebytes) C: WINDOWS system32 Drivers MbamChameleon.sys
2021-03-06 15:31 – 2021-03-06 15:31 – 000153312 _____ (Malwarebytes) C: WINDOWS system32 Drivers mbae64.sys
2021-03-06 15:31 – 2021-03-06 15:31 – 000019912 _____ (Malwarebytes) C: WINDOWS system32 Drivers MbamElam.sys
2021-03-06 15:31 – 2021-03-06 15:31 – 000002033 _____ C: ProgramData Microsoft Windows Menu Démarrer Programmes Malwarebytes.lnk
2021-03-06 15:31 – 2021-03-06 15:31 – 000002021 _____ C: Users Public Desktop Malwarebytes.lnk
2021-03-06 15:31 – 2021-03-06 15:31 – 000002021 _____ C: ProgramData Desktop Malwarebytes.lnk
2021-03-06 15:31 – 2021-03-06 15:31 – 000000000 ____D C: Users coxyc AppData Local mbam
2021-03-06 15:31 – 2021-03-06 15:31 – 000000000 ____D C: ProgramData Malwarebytes
2021-03-06 15:31 – 2021-03-06 15:31 – 000000000 ____D C: Program Files Malwarebytes
2021-03-06 15:30 – 2021-03-06 15:31 – 002084016 _____ (Malwarebytes) C: Users coxyc Downloads MBSetup.exe
2021-03-06 10:29 – 2021-03-06 10:29 – 000534294 _____ C: Users coxyc Downloads xbox001.torrent
04/03/2021 20:00 – 04/03/2021 20:02 – 773404466 _____ C: Users coxyc Downloads TheGreatHuntWheelofTimeBook2_ep6.aax
04/03/2021 20:00 – 04/03/2021 20:01 – 727411626 _____ C: Users coxyc Downloads TheFinalEmpireMistbornBook1_ep6.aax
04/03/2021 20:00 – 04/03/2021 20:01 – 576312898 _____ C: Users coxyc Downloads WeAreLegionWeAreBobBobiverseBook1_ep7.aax
04/03/2021 20:00 – 04/03/2021 20:01 – 481025182 _____ C: Users coxyc Downloads ChildrenofTime_ep6.aax
04/03/2021 20:00 – 04/03/2021 20:01 – 327667581 _____ C: Users coxyc Downloads Ringworld_ep6.aax
04/03/2021 19:59 – 04/03/2021 20:00 – 385777838 _____ C: Users coxyc Downloads UntiltheEndoftheWorld_ep6.aax
04/03/2021 19:31 – 04/03/2021 19:31 – 006879744 _____ C: Users coxyc Downloads yuzu_install.exe
04/03/2021 16:10 – 04/03/2021 16:10 – 000906004 _____ C: Users coxyc OneDrive Documents Architect model3.blend
2021-03-04 13:01 – 2021-03-04 13:01 – 000446175 _____ C: Users coxyc OneDrive Documents Hospital rendez-vous.pdf
2021-03-03 19:29 – 2021-03-03 19:29 – 000884852 _____ C: Users coxyc OneDrive Documents Architect model2.blend
2021-03-03 16:41 – 2021-03-03 16:41 – 000876804 _____ C: Users coxyc OneDrive Documents Architect model1.blend
2021-02-28 20:49 – 2021-02-28 20:55 – 000820812 _____ C: Users coxyc OneDrive Documents Architect model.blend
2021-02-28 20:49 – 2021-02-28 20:49 – 000815788 _____ C: Users coxyc OneDrive Documents Architect model.blend1
2021-02-28 19:17 – 2021-02-28 19:17 – 000000000 ____D C: Users coxyc Downloads plan
2021-02-28 19:16 – 2021-02-28 19:16 – 001740539 _____ C: Users coxyc Downloads plan.rar
2021-02-27 18:14 – 2021-02-27 19:33 – 000801368 _____ C: Users coxyc OneDrive Documents 3D house.blend
2021-02-27 18:14 – 2021-02-27 18:14 – 000791728 _____ C: Users coxyc OneDrive Documents 3D house.blend1
2021-02-27 16:09 – 2021-02-27 16:18 – 000000000 ____D C: Users coxyc Downloads v1ol1vmxrm68-All_files
2021-02-27 16:09 – 2021-02-27 16:09 – 000000000 ____D C: Users coxyc Downloads e9ir8pjelx4w-building
2021-02-27 16:08 – 2021-02-27 16:08 – 007129371 _____ C: Users coxyc Downloads e9ir8pjelx4w-building.rar
2021-02-27 16:07 – 2021-02-27 16:07 – 005575033 _____ C: Users coxyc Downloads v1ol1vmxrm68-All_files.rar
2021-02-27 15:35 – 2021-02-27 15:35 – 000083400 _____ C: Users coxyc Downloads building_tools-v1.0.8.zip
2021-02-27 07:59 – 2021-02-27 07:59 – 000000000 ____D C: Users coxyc AppData Local REDEngine
2021-02-27 07:59 – 2021-02-27 07:59 – 000000000 ____D C: Users coxyc AppData Local GOG.com
2021-02-27 07:59 – 2021-02-27 07:59 – 000000000 ____D C: Users coxyc AppData Local CD Projekt Red
2021-02-24 20:56 – 2021-02-24 20:56 – 012957964 _____ C: Users coxyc OneDrive Documents Sword_Scene_light2.blend
2021-02-24 20:05 – 2021-02-24 20:05 – 000002120 _____ C: WINDOWS system32 Drivers etc hosts.rollback
2021-02-24 20:05 – 2018-04-11 23:36 – 000000824 _____ C: WINDOWS system32 Drivers etc hosts.backup
2021-02-23 20:57 – 2021-02-23 20:57 – 012929780 _____ C: Users coxyc OneDrive Documents Sword_Scene_light.blend
2021-02-23 17:24 – 2021-02-23 17:24 – 000361641 _____ C: Users coxyc OneDrive Documents Car.pdf
2021-02-23 17:24 – 2021-02-23 17:24 – 000000000 ____D C: WINDOWS system32 Tasks Mozilla
2021-02-23 17:02 – 2021-02-27 18:15 – 000000000 ____D C: Program Files Mozilla Firefox
2021-02-22 20:56 – 2021-02-22 20:56 – 012833912 _____ C: Users coxyc OneDrive Documents Sword_Scene.blend
2021-02-22 20:08 – 2021-02-22 20:08 – 001424412 _____ C: Users coxyc OneDrive Documents Sword7.blend
2021-02-21 20:34 – 2021-02-21 20:34 – 001348280 _____ C: Users coxyc OneDrive Documents Sword6.blend
2021-02-21 20:29 – 2021-02-21 20:29 – 000000000 ____D C: Users coxyc Downloads Part + 3 + – + YouTube
2021-02-21 16:40 – 2021-02-21 20:06 – 001262496 _____ C: Users coxyc OneDrive Documents Sword5.blend
2021-02-21 16:40 – 2021-02-21 20:01 – 001242432 _____ C: Users coxyc OneDrive Documents Sword5.blend1
2021-02-21 16:31 – 2021-02-21 16:31 – 001237736 _____ C: Users coxyc OneDrive Documents Sword4.blend
2021-02-21 16:09 – 2021-02-21 16:09 – 001173744 _____ C: Users coxyc OneDrive Documents Sword3.blend
2021-02-21 15:11 – 2021-02-21 15:11 – 000000000 ____D C: Users coxyc Downloads BlenderFastTrack_Sword
2021-02-21 15:08 – 2021-02-21 15:08 – 000958648 _____ C: Users coxyc OneDrive Documents Sword2.blend
2021-02-21 13:04 – 2021-02-21 13:04 – 000945752 _____ C: Users coxyc OneDrive Documents Sword1.blend
2021-02-21 07:54 – 2021-02-21 07:54 – 000775936 _____ C: Users coxyc OneDrive Documents Sword.blend
2021-02-21 06:48 – 2021-03-06 13:56 – 000000000 ____D C: Users coxyc AppData LocalLow uTorrent
2021-02-20 17:16 – 2021-02-20 17:16 – 000000000 ____D C: Users coxyc Downloads lazyviewport-master
2021-02-20 17:11 – 2021-02-20 17:11 – 000001545 _____ C: Users coxyc Downloads lazyviewport-master.zip
2021-02-20 17:07 – 2021-02-20 17:07 – 007059580 _____ C: Users coxyc OneDrive Documents Minecraft pillars.blend
2021-02-20 16:15 – 2021-02-20 16:15 – 000000000 ____D C: Users coxyc Downloads BlenderFastTrack_MineCraft
2021-02-20 16:14 – 2021-02-20 16:15 – 650629077 _____ C: Users coxyc Downloads Part + 3 + – + YouTube.zip
2021-02-20 16:14 – 2021-02-20 16:14 – 005079739 _____ C: Users coxyc Downloads BlenderFastTrack_Sword.zip
2021-02-20 16:13 – 2021-02-20 16:14 – 000794785 _____ C: Users coxyc Downloads BlenderFastTrack_MineCraft.zip
2021-02-20 13:34 – 2021-02-20 13:34 – 000000000 ____D C: Program Files Microsoft Update Health Tools
2021-02-18 17:33 – 2021-02-18 17:33 – 001144656 _____ C: Users coxyc OneDrive Documents Chair complete.blend
2021-02-18 16:06 – 2021-02-18 16:06 – 000000364 _____ C: Users coxyc AppData Roaming PureRef.ini
2021-02-18 12:20 – 2021-02-18 16:23 – 001184456 _____ C: Users coxyc OneDrive Documents Chair uv unwrap2.blend
2021-02-18 12:20 – 2021-02-18 12:20 – 001178048 _____ C: Users coxyc OneDrive Documents Chair uv unwrap2.blend1
2021-02-18 11:30 – 2021-02-18 19:04 – 000000000 ____D C: Users coxyc Downloads WoodQuarteredChiffon001
2021-02-18 11:28 – 2021-02-18 11:29 – 064876984 _____ C: Users coxyc Downloads WoodQuarteredChiffon001.zip
2021-02-18 10:44 – 2021-02-18 10:44 – 001113560 _____ C: Users coxyc OneDrive Documents Chair uv unwrap1.blend
2021-02-16 17:09 – 2021-02-18 10:42 – 001090812 _____ C: Users coxyc OneDrive Documents Chair uv unwrap.blend
2021-02-16 17:09 – 2021-02-18 10:30 – 001078332 _____ C: Users coxyc OneDrive Documents Chair uv unwrap.blend1
2021-02-16 14:41 – 2021-02-16 14:41 – 000929176 _____ C: Users coxyc OneDrive Documents Chair10.blend
2021-02-15 19:12 – 2021-02-20 09:55 – 000000000 ____D C: Users coxyc AppData Roaming playstation-now
2021-02-15 19:12 – 2021-02-15 19:12 – 000001073 _____ C: Users Public Desktop PlayStation ™ Now.lnk
2021-02-15 19:12 – 2021-02-15 19:12 – 000001073 _____ C: ProgramData Desktop PlayStation ™ Now.lnk
2021-02-15 19:12 – 2021-02-15 19:12 – 000000000 ____D C: ProgramData Microsoft Windows Menu Démarrer Programmes PlayStation ™ Now
2021-02-15 15:54 – 2021-02-15 15:54 – 000835624 _____ C:UserscoxycOneDriveDocumentsChair9.blend
2021-02-14 17:14 – 2021-02-15 14:55 – 000823200 _____ C:UserscoxycOneDriveDocumentsChair8.blend
2021-02-14 17:14 – 2021-02-14 17:14 – 000825768 _____ C:UserscoxycOneDriveDocumentsChair8.blend1
2021-02-14 17:04 – 2021-02-14 17:04 – 000823712 _____ C:UserscoxycOneDriveDocumentsChair7.blend
2021-02-14 13:54 – 2021-02-14 13:54 – 000800040 _____ C:UserscoxycOneDriveDocumentsChair6.blend
2021-02-14 12:45 – 2021-02-14 12:45 – 000800040 _____ C:UserscoxycOneDriveDocumentsChair5.blend
2021-02-13 17:22 – 2021-02-13 17:22 – 000784652 _____ C:UserscoxycOneDriveDocumentsChair4.blend
2021-02-13 17:00 – 2021-02-13 17:02 – 000783700 _____ C:UserscoxycOneDriveDocumentsChair3.blend
2021-02-13 17:00 – 2021-02-13 17:00 – 000783668 _____ C:UserscoxycOneDriveDocumentsChair3.blend1
2021-02-13 16:33 – 2021-02-13 16:33 – 000791676 _____ C:UserscoxycOneDriveDocumentsChair2.blend
2021-02-13 14:54 – 2021-03-06 15:29 – 000000000 ____D C:UserscoxycAppDataLocalStrongVPN
2021-02-13 14:54 – 2021-02-13 14:54 – 000000000 ____D C:UserscoxycAppDataLocalStrong_Technology,_LLC
2021-02-13 14:52 – 2021-02-13 14:52 – 000038176 _____ (WireGuard LLC) C:WINDOWSsystem32Driverswintun.sys
2021-02-13 14:52 – 2021-02-13 14:52 – 000000976 _____ C:UsersPublicDesktopStrongVPN.lnk
2021-02-13 14:52 – 2021-02-13 14:52 – 000000976 _____ C:ProgramDataDesktopStrongVPN.lnk
2021-02-13 14:51 – 2021-02-13 14:52 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsStrongVPN
2021-02-13 14:51 – 2021-02-13 14:51 – 032747528 _____ (Strong Technology, LLC) C:UserscoxycDownloadsStrongVPN-latest.exe
2021-02-13 14:51 – 2021-02-13 14:51 – 000000000 ____D C:Program FilesStrongVPN
2021-02-11 19:51 – 2021-02-11 19:51 – 000247295 _____ C:UserscoxycOneDriveDocumentsScan.pdf
2021-02-11 00:17 – 2021-02-11 00:17 – 002755584 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mshtml.tlb
2021-02-11 00:16 – 2021-02-11 00:16 – 002755584 _____ (Microsoft Corporation) C:WINDOWSsystem32mshtml.tlb
2021-02-11 00:16 – 2021-02-11 00:16 – 001314112 _____ (Microsoft Corporation) C:WINDOWSsystem32SecConfig.efi
2021-02-11 00:16 – 2021-02-11 00:16 – 000231232 _____ C:WINDOWSsystem32containerdevicemanagement.dll
2021-02-11 00:16 – 2021-02-11 00:16 – 000010892 _____ C:WINDOWSsystem32DrtmAuthTxt.wim
2021-02-10 20:37 – 2021-02-26 16:02 – 000979416 _____ C:UserscoxycOneDriveDocumentsHouse.blend
2021-02-10 20:37 – 2021-02-12 16:13 – 000976968 _____ C:UserscoxycOneDriveDocumentsHouse.blend1
2021-02-09 16:28 – 2021-02-09 16:28 – 000816616 _____ C:UserscoxycOneDriveDocumentsChair2blend.blend
2021-02-08 13:53 – 2021-02-08 13:53 – 000087748 _____ C:ProgramDataagent.update.1612792407.bdinstall.v2.bin
2021-02-07 20:13 – 2021-02-13 16:17 – 000774844 _____ C:UserscoxycOneDriveDocumentsChair1.blend
2021-02-07 20:13 – 2021-02-07 20:13 – 000834084 _____ C:UserscoxycOneDriveDocumentsChair1.blend1
2021-02-07 19:38 – 2021-02-07 19:45 – 000793572 _____ C:UserscoxycOneDriveDocumentsChair.blend
2021-02-07 19:38 – 2021-02-07 19:38 – 000794932 _____ C:UserscoxycOneDriveDocumentsChair.blend1
2021-02-07 16:21 – 2021-02-07 16:21 – 000791252 _____ C:UserscoxycDownloadsChair.blend
2021-02-07 13:58 – 2021-02-07 13:58 – 000000000 ____D C:UserscoxycAppDataRoamingMicrosoftWindowsStart MenuProgramsPureRef
2021-02-07 13:57 – 2021-02-07 13:57 – 009905456 _____ (Idyllic Pixel) C:UserscoxycDownloadsPureRef-1.11.1_x64.exe
2021-02-07 13:44 – 2021-02-07 13:44 – 000000000 ____D C:UserscoxycDownloadsReferences
2021-02-07 13:43 – 2021-02-07 13:43 – 006698352 _____ C:UserscoxycDownloadsReferences.zip
2021-02-07 13:20 – 2021-02-07 13:20 – 001205928 _____ C:UserscoxycDownloadsCCO_Male_base_mesh_standing.blend
2021-02-07 12:05 – 2021-02-07 12:05 – 003042598 _____ C:UserscoxycDownloadsBricksFlemishRed001.zip
2021-02-07 12:05 – 2021-02-07 12:05 – 000000000 ____D C:UserscoxycDownloadsBricksFlemishRed001
2021-02-07 07:41 – 2021-02-07 07:41 – 040890966 _____ C:UserscoxycDownloadsFabricUpholsteryBrightAnglePattern001.zip
2021-02-07 07:41 – 2021-02-07 07:41 – 000000000 ____D C:UserscoxycDownloadsFabricUpholsteryBrightAnglePattern001
2021-02-06 17:21 – 2021-02-07 07:29 – 000798184 _____ C:UserscoxycOneDriveDocumentsCupcake.blend
2021-02-06 17:21 – 2021-02-06 17:21 – 000790616 _____ C:UserscoxycOneDriveDocumentsCupcake.blend1
2021-02-04 15:50 – 2021-02-04 15:50 – 001576153 _____ C:UserscoxycDownloadsBricksPaintedWhite001.zip
2021-02-04 15:50 – 2021-02-04 15:50 – 000000000 ____D C:UserscoxycDownloadsBricksPaintedWhite001
2021-02-04 15:15 – 2021-02-04 15:15 – 000000000 ____D C:UserscoxycDownloadsStoneMarbleCalacatta004
2021-02-04 15:14 – 2021-02-04 15:14 – 001799039 _____ C:UserscoxycDownloadsStoneMarbleCalacatta004.zip
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-03-06 15:49 – 2020-03-17 18:21 – 000000000 ____D C:Program FilesBitdefender Antivirus Free
2021-03-06 15:37 – 2019-01-29 19:06 – 000000000 ____D C:ProgramDataMozilla
2021-03-06 15:36 – 2018-10-22 05:25 – 000000000 ____D C:ProgramDataAuslogics
2021-03-06 15:36 – 2018-10-22 05:25 – 000000000 ____D C:Program Files (x86)Auslogics
2021-03-06 15:36 – 2018-10-20 16:39 – 000000000 ____D C:UserscoxycAppDataLocalLowMozilla
2021-03-06 15:31 – 2019-12-07 09:14 – 000000000 ___HD C:WINDOWSELAMBKUP
2021-03-06 15:09 – 2019-12-07 09:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft
2021-03-06 14:29 – 2020-06-25 16:49 – 000000000 ____D C:WINDOWSsystem32SleepStudy
2021-03-06 13:57 – 2018-10-20 18:23 – 000000000 ____D C:UserscoxycAppDataRoaminguTorrent
2021-03-06 13:56 – 2019-03-24 20:07 – 000000000 ____D C:UserscoxycAppDataLocalBitTorrentHelper
2021-03-05 22:07 – 2018-11-10 11:01 – 000002301 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk
2021-03-05 22:07 – 2018-11-10 11:01 – 000002260 _____ C:UsersPublicDesktopGoogle Chrome.lnk
2021-03-05 22:07 – 2018-11-10 11:01 – 000002260 _____ C:ProgramDataDesktopGoogle Chrome.lnk
2021-03-05 19:03 – 2018-10-20 19:57 – 000000000 ____D C:UserscoxycAppDataLocalD3DSCache
2021-03-05 17:06 – 2019-12-07 09:14 – 000000000 ___HD C:Program FilesWindowsApps
2021-03-05 17:06 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSAppReadiness
2021-03-05 10:55 – 2020-08-28 02:42 – 000002438 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk
2021-03-05 10:55 – 2020-08-28 02:42 – 000002276 _____ C:UsersPublicDesktopMicrosoft Edge.lnk
2021-03-05 10:55 – 2020-08-28 02:42 – 000002276 _____ C:ProgramDataDesktopMicrosoft Edge.lnk
2021-03-05 00:49 – 2020-08-28 02:42 – 000003480 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineUA
2021-03-05 00:49 – 2020-08-28 02:42 – 000003356 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore
2021-03-04 19:31 – 2020-03-21 20:30 – 000002234 _____ C:UserscoxycAppDataRoamingMicrosoftWindowsStart MenuProgramsyuzu.lnk
2021-03-04 19:31 – 2020-03-21 20:21 – 000000000 ____D C:UserscoxycAppDataLocalyuzu
2021-03-04 09:09 – 2020-06-25 16:56 – 000840598 _____ C:WINDOWSsystem32PerfStringBackup.INI
2021-03-04 09:09 – 2019-12-07 09:13 – 000000000 ____D C:WINDOWSINF
2021-02-27 19:27 – 2019-12-07 09:14 – 000000000 ___RD C:WINDOWSImmersiveControlPanel
2021-02-27 18:28 – 2019-01-06 14:08 – 000002136 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAcrobat Reader DC.lnk
2021-02-27 18:16 – 2020-03-03 23:24 – 000000000 ____D C:UserscoxycAppDataRoamingFAHClient
2021-02-27 18:16 – 2019-07-03 19:35 – 000000000 ____D C:ProgramDataUMS
2021-02-27 18:15 – 2021-01-02 14:17 – 000003110 _____ C:WINDOWSsystem32TasksAMDLinkUpdate
2021-02-27 18:15 – 2020-07-01 18:36 – 000003126 _____ C:WINDOWSsystem32TasksAMDInstallLauncher
2021-02-27 18:15 – 2020-06-25 17:00 – 000000006 ____H C:WINDOWSTasksSA.DAT
2021-02-27 18:15 – 2020-06-25 16:49 – 000008192 ___SH C:DumpStack.log.tmp
2021-02-27 18:15 – 2018-10-20 16:42 – 000000000 ____D C:UserscoxycAppDataLocalPlex Media Server
2021-02-27 18:15 – 2018-10-20 16:38 – 000000000 ____D C:Program Files (x86)Mozilla Maintenance Service
2021-02-27 18:14 – 2019-12-07 09:03 – 000524288 _____ C:WINDOWSsystem32configBBI
2021-02-27 18:14 – 2018-10-20 15:48 – 000065536 _____ C:WINDOWSsystem32spu_storage.bin
2021-02-26 23:38 – 2020-06-25 17:00 – 000003378 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-1329802319-222491363-2786480829-1001
2021-02-26 23:38 – 2020-06-25 16:50 – 000002363 _____ C:UserscoxycAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2021-02-26 23:38 – 2018-10-20 15:55 – 000000000 ___RD C:UserscoxycOneDrive
2021-02-26 13:07 – 2019-12-07 09:03 – 000065536 _____ C:WINDOWSsystem32configELAM
2021-02-26 13:04 – 2020-03-17 18:23 – 002718744 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:WINDOWSsystem32Driversatc.sys
2021-02-26 13:04 – 2020-03-17 18:23 – 000488592 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:WINDOWSsystem32Driversgemma.sys
2021-02-24 20:05 – 2020-09-05 18:06 – 000000000 ____D C:WINDOWSSysWOW64directx
2021-02-23 20:30 – 2020-12-01 20:13 – 000000000 ____D C:UserscoxycAppDataLocalAMD_Common
2021-02-23 17:24 – 2018-10-20 16:38 – 000001005 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsFirefox.lnk
2021-02-20 17:33 – 2019-10-25 09:13 – 000000000 ____D C:Program FilesMicrosoft Office
2021-02-17 13:42 – 2020-06-02 19:37 – 000091136 _____ (Microsoft Corporation) C:WINDOWSsystem32gamingtcuihelpers.dll
2021-02-17 13:42 – 2019-12-12 17:41 – 000198088 _____ (Microsoft Corporation) C:WINDOWSsystem32gameplatformservices.dll
2021-02-17 13:42 – 2019-10-11 19:18 – 000038352 _____ (Microsoft Corporation) C:WINDOWSsystem32gamemodcontrol.exe
2021-02-17 13:42 – 2019-06-10 18:49 – 001615824 _____ (Microsoft Corporation) C:WINDOWSsystem32xgameruntime.dll
2021-02-17 13:42 – 2019-06-10 18:49 – 000167368 _____ (Microsoft Corporation) C:WINDOWSsystem32gamingservicesproxy.dll
2021-02-17 13:42 – 2019-06-10 18:49 – 000159176 _____ (Microsoft Corporation) C:WINDOWSsystem32gameconfighelper.dll
2021-02-16 09:21 – 2019-07-03 19:36 – 000192168 _____ (Oracle Corporation) C:WINDOWSsystem32WindowsAccessBridge-64.dll
2021-02-16 09:21 – 2019-07-03 19:36 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsJava
2021-02-16 09:21 – 2019-07-03 19:36 – 000000000 ____D C:Program FilesJava
2021-02-15 19:13 – 2020-01-26 10:29 – 000000000 ____D C:UserscoxycAppDataRoamingSony Interactive Entertainment Network America LLC
2021-02-15 19:12 – 2020-06-03 18:58 – 000000000 ____D C:Program Files (x86)PlayStationNow
2021-02-13 14:51 – 2018-10-20 15:51 – 000000000 ____D C:ProgramDataPackage Cache
2021-02-13 14:50 – 2020-02-29 11:07 – 000000000 ____D C:UserscoxycAppDataLocalGolden Frog, GmbH
2021-02-13 14:50 – 2020-02-11 20:03 – 000000000 ____D C:Program Files (x86)VyprVPN
2021-02-11 23:14 – 2020-06-25 17:00 – 000004562 _____ C:WINDOWSsystem32TasksAdobe Acrobat Update Task
2021-02-11 20:06 – 2018-10-20 16:08 – 000000000 ____D C:ProgramDataPackages
2021-02-11 20:06 – 2018-10-20 15:53 – 000000000 ____D C:UserscoxycAppDataLocalPlaceholderTileLogoFolder
2021-02-11 20:06 – 2018-10-20 15:50 – 000000000 ____D C:UserscoxycAppDataLocalPackages
2021-02-11 19:29 – 2020-06-25 16:49 – 000484960 _____ C:WINDOWSsystem32FNTCACHE.DAT
2021-02-11 19:28 – 2019-12-07 14:44 – 000000000 ____D C:WINDOWSsystem32Driversen-GB
2021-02-11 19:28 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSSysWOW64Keywords
2021-02-11 19:28 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSSystemResources
2021-02-11 19:28 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSsystem32oobe
2021-02-11 19:28 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSsystem32Keywords
2021-02-11 19:28 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSsystem32es-MX
2021-02-11 19:28 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSPolicyDefinitions
2021-02-11 19:28 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSbcastdvr
2021-02-11 19:28 – 2019-12-07 09:14 – 000000000 ____D C:Program FilesCommon FilesSystem
2021-02-11 19:28 – 2019-12-07 09:03 – 000000000 ____D C:WINDOWSservicing
2021-02-11 00:19 – 2019-12-07 09:03 – 000000000 ____D C:WINDOWSCbsTemp
2021-02-11 00:16 – 2018-10-20 16:14 – 000413690 __RSH C:bootmgr
2021-02-10 18:07 – 2018-10-21 19:25 – 000000000 ____D C:WINDOWSsystem32MRT
2021-02-10 18:05 – 2018-10-21 19:25 – 130141752 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe
2021-02-08 13:53 – 2020-03-17 18:20 – 000000000 ____D C:Program FilesBitdefender Agent
2021-02-05 16:02 – 2020-06-25 17:00 – 000003418 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineUA
2021-02-05 16:02 – 2020-06-25 17:00 – 000003294 _____ C:WINDOWSsystem32TasksGoogleUpdateTaskMachineCore
==================== Files in the root of some directories ========
2021-02-18 16:06 – 2021-02-18 16:06 – 000000364 _____ () C:UserscoxycAppDataRoamingPureRef.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by coxyc (06-03-2021 15:50:18)
Running from C:UserscoxycDownloads
Windows 10 Home Version 20H2 19042.804 (X64) (2020-06-25 17:01:06)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1329802319-222491363-2786480829-500 – Administrator – Disabled)
coxyc (S-1-5-21-1329802319-222491363-2786480829-1001 – Administrator – Enabled) => C:Userscoxyc
DefaultAccount (S-1-5-21-1329802319-222491363-2786480829-503 – Limited – Disabled)
Guest (S-1-5-21-1329802319-222491363-2786480829-501 – Limited – Disabled)
WDAGUtilityAccount (S-1-5-21-1329802319-222491363-2786480829-504 – Limited – Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Antivirus Free Antimalware (Enabled – Up to date) EA21BCE8-A461-99C3-3A0D-4C964E75494E
AV: Windows Defender (Disabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46
AV: Malwarebytes (Enabled – Up to date) 23007AD3-69FE-687C-2629-D584AFFAF72B
AS: Windows Defender (Enabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKUS-1-5-21-1329802319-222491363-2786480829-1001…uTorrent) (Version: 3.5.5.45852 – BitTorrent Inc.)
7-Zip 19.00 (x64) (HKLM…7-Zip) (Version: 19.00 – Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32…AC76BA86-7AD7-1033-7B44-AC0F074E4100) (Version: 21.001.20142 – Adobe Systems Incorporated)
Affinity Designer (HKLM…E79EF1B7-A9E3-476E-87A1-A81FCECC0A89) (Version: 1.8.2.620 – Serif (Europe) Ltd)
AMD Chipset Software (HKLM-x32…AMD_Chipset_IODrivers) (Version: 2.10.13.408 – Advanced Micro Devices, Inc.)
AMD Ryzen Master (HKLM…5A1CE077-7111-4C7D-A5C5-E210D4B68AD8) (Version: 1.4.0.0728 – Advanced Micro Devices, Inc.)
AMD Software (HKLM…AMD Catalyst Install Manager) (Version: 20.11.2 – Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32…4fedae1b-6980-4848-9ba0-229c946a3dac) (Version: 2.10.13.408 – Advanced Micro Devices, Inc.) Hidden
ApoDispatchConfigurator (HKLM…