L'ordinateur portable ne démarre pas en mode normal/sans échec avec la mise en réseau, bloqué dans la boucle de démarrage – Resoudre les problemes d’un serveur MineCraft
[bzkshopping keyword= »Minecraft » count= »8″ template= »grid »]
Salut les gars,
Je pense que j'ai exécuté un programme sommaire sur mon ordinateur portable, et maintenant il ne démarre pas dans des fenêtres normales. Que dois-je faire? J'ai une clé USB pour réinitialiser Windows, mais je préférerais garder mes fichiers.
Merci d'avance Steph <3
Résultat de l'analyse de l'outil d'analyse de récupération Farbar (FRST) (x64) Version : 22-09-2021 02
Exécuté par steph (administrateur) sur DESKTOP-21721 (ASUSTeK COMPUTER INC. TUF GAMING FX504GD_FX80GD) (26-09-2021 21:29:06)
Exécuté depuis E:
Profils chargés : steph
Plate-forme : Windows 10 Home Version 20H2 19042.1165 (X64) Langue : Anglais (États-Unis)
Navigateur par défaut : FF
Mode de démarrage : mode sans échec (minimal)
==================== Processus (liste blanche) ==================
(Si une entrée est incluse dans la fixlist, le processus sera fermé. Le fichier ne sera pas déplacé.)
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:Program FilesAVGAntivirusAVGUI.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:WindowsHelpPane.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsImmersiveControlPanelSystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe <2>
(Contributeurs MultiMC) [File not signed] C:UsersstephDocumentsMultiMCminecraft.exe
==================== Registre (liste blanche) ====================
(Si une entrée est incluse dans la liste de correctifs, l'élément de registre sera restauré par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM…Exécuter : [AVGUI.exe] => C:Program FilesAVGAntivirusAvLaunch.exe [171832 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM…Exécuter : [XMouseButtonControl] => C:Program FilesHighresolution EnterprisesX-Mouse Button ControlXMouseButtonControl.exe [1676064 2020-02-23] (Développeur Open Source, Phillip Gibbons -> Entreprises haute résolution)
HKLM…Exécuter : [UrbanVPN] => C:Program FilesUrbanVPNbinurbanvpn-gui.exe [24197696 2020-10-01] (Cyber Sécurité Urbaine Inc. -> )
HKLM…Exécuter : [Riot Vanguard] => C:Program FilesRiot Vanguardvgtray.exe [3180256 2021-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32…Exécuter : [Lightshot] => C:Program Files (x86)SkillbrainslightshotLightshot.exe [226728 2019-07-21] (Kilonova SARL -> )
HKLM-x32…Exécuter : [SunJavaUpdateSched] => C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [587288 2016-09-22] (Oracle America, Inc. -> Oracle Corporation)
HKLM…RunOnce : [WinRERecovery] => cmd /c "%windir%System32MusNotificationUx.exe Toast_SrtBootRecovered"
HKLMSOFTWAREPoliciesMicrosoftWindows Defender : Restriction <==== ATTENTION
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Exécuter : [EpicGamesLauncher] => D:Epic GamesEpic GamesLauncherPortalBinariesWin64EpicGamesLauncher.exe [33337824 2021-09-26] (Epic Games Inc. -> Epic Games, Inc.)
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Exécuter : [Discord] => C:UsersstephAppDataLocalDiscordUpdate.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Exécuter : [CCleaner Smart Cleaning] => C:Program FilesCCleanerCCleaner64.exe [32726088 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Exécuter : [Spotify] => C:UsersstephAppDataRoamingSpotifySpotify.exe [24743552 2021-09-23] (Spotify AB -> Spotify Ltd)
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Exécuter : [uTorrent] => C:UsersstephAppDataRoaminguTorrentuTorrent.exe [2133032 2021-04-04] (BitTorrent Inc -> BitTorrent Inc.)
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Exécuter : [Lync] => C:Program FilesMicrosoft OfficerootOffice16lync.exe [26403672 2021-09-17] (Microsoft Corporation -> Microsoft Corporation)
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Exécuter : [Overwolf] => D:GamesCurseForgeOverwolfOverwolfLauncher.exe [1806680 2021-08-12] (Overwolf Ltd -> Overwolf Ltd.)
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Exécuter : [Steam] => D:Program FilesSteamsteam.exe [4282600 2021-09-17] (Valve -> Valve Corporation)
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Exécuter : [Docker Desktop] => C:Program FilesDockerDockerDocker Desktop.exe [2554816 2021-03-27] (Docker Inc -> Docker Inc.)
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Exécuter : [GoogleChromeAutoLaunch_F93EFB3DD44213C0D4E7C2DEA6F95C5C] => "C:Program Files (x86)GoogleChromeApplicationchrome.exe" –no-startup-window /prefetch:5
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Exécuter : [Skype for Desktop] => C:Program Files (x86)MicrosoftSkype pour DesktopSkype.exe [114012032 2021-07-20] (Skype Software Sarl -> Skype Technologies S.A.)
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Exécuter : [Battle.net] => D:Program FilesBattle.netBattle.net.exe [1079184 2021-08-12] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Exécuter : [D:Program Filesremoteitremoteit.exe] => D:Program Filesremoteitremoteit.exe [131182696 2021-08-20] (remot3.it, Inc. -> remote.it)
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…PolitiquesExplorateur : [NoLowDiskSpaceChecks] 1
HKLMSoftwareMicrosoftActive SetupComposants installés : [8A69D345-D564-463c-AFF1-A69D9E530F96] -> C:Program Files (x86)GoogleChromeApplication93.0.4577.82Installerchrmstp.exe [2021-09-16] (Google LLC -> Google LLC)
Démarrage : C:UsersstephAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupSend to OneNote.lnk [2021-09-02]
ShortcutTarget : Envoyer à OneNote.lnk -> C:Program FilesMicrosoft OfficerootOffice16ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
HKLMSOFTWAREPoliciesMozillaFirefox : Restriction <==== ATTENTION
==================== Tâches planifiées (liste blanche) ============
(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé à moins qu'il ne soit répertorié séparément.)
Tâche : 06934157-805B-484F-8E02-5FB14070F368 – System32TasksMicrosoftOfficeOfficeTelemetryAgentFallBack2016 => C:Program FilesMicrosoft OfficerootOffice16msoia.exe [7053768 2021-09-17] (Microsoft Corporation -> Microsoft Corporation)
Tâche : 12DB6F77-9F19-4E38-94AF-B7412750FA21 – System32TasksMicrosoftWindowsEnterpriseMgmt126F8BE2-3C93-487C-B3C1-8115ABA84E14OS Edition Mise à niveau de l'écouteur d'événement créé par le client d'inscription => C:WINDOWS system32deviceenroller.exe [470016 2021-08-11] (Microsoft Windows -> Microsoft Corporation)
Tâche : 1D2574F9-2059-4144-A1E1-438550631012 – System32TasksAVAST SoftwareGaming mode Task Scheduler recovery => Command(1) : schtasks.exe -> /Change /TN "Antivirus Emergency Update" /ENABLE
Tâche : 1D2574F9-2059-4144-A1E1-438550631012 – System32TasksAVAST SoftwareGaming mode Task Scheduler recovery => Command(2) : schtasks.exe -> /Change /TN "MicrosoftEdgeUpdateTaskMachineCore1d71fd4cd670452" /ENABLE
Tâche : 1D2574F9-2059-4144-A1E1-438550631012 – System32TasksAVAST SoftwareGaming mode Task Scheduler recovery => Command(3) : schtasks.exe -> /Change /TN "MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Tâche : 1D2574F9-2059-4144-A1E1-438550631012 – System32TasksAVAST SoftwareGaming mode Task Scheduler recovery => Command(4) : schtasks.exe -> /Change /TN "AVAST SoftwareGaming mode Task Planificateur de récupération" / DISABLE
Tâche : 2526B9A3-95F6-43BE-8D6C-CC897539C0AA – System32TasksCCleaner Update => C:Program FilesCCleanerCCUpdate.exe [684976 2021-03-05] (Piriform Software Ltd -> Piriform)
Tâche : 257DBB5B-8DB1-4FED-B9BC-03AB1EB38D29 – System32TasksCCleanerSkipUAC => C:Program FilesCCleanerCCleaner.exe [27168840 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
Tâche : 2B4509DE-5FE6-4DBD-A444-4982C6C68BFC – System32TasksMicrosoftWindowsEnterpriseMgmt126F8BE2-3C93-487C-B3C1-8115ABA84E14Schedule #2 créé par le client d'inscription => C:WINDOWSsystem32 Deviceenroller.exe [470016 2021-08-11] (Microsoft Windows -> Microsoft Corporation)
Tâche : 2ED7BD02-C84D-425E-ABAD-BB12789BD229 – System32TasksATK Package 36D18D69AFC3 => C:WindowsSystem32DriverStoreFileRepositoryatkwmiacpiio.inf_amd64_30ffacb41f78f352As64HotkeyExec [176064 2019-03-03] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Tâche : 31F0B4C3-676E-4D79-85AB-E637538D63DE – System32TasksMicrosoftOfficeOffice Feature Updates => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [139096 2021-09-17] (Microsoft Corporation -> Microsoft Corporation)
Tâche : 32625D14-9BB5-463E-9896-C463A4A0ADEB – System32TasksNvTmRep_CrashReport3_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationNvBackendNvTmRep [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Tâche : 33BBEC5A-560E-4F68-92A1-A9607E40DD4F – System32TasksMozillaFirefox Default Browser Agent 308046B0AF4A39CB => C:Program FilesMozilla Firefoxdefault-browser-agent.exe [680888 2021-09-24] (Mozilla Corporation -> Fondation Mozilla)
Tâche : 3C40E6BF-6047-4C53-A872-1172230B3234 – System32TasksMicrosoftOfficeOfficeTelemetryAgentLogOn2016 => C:Program FilesMicrosoft OfficerootOffice16msoia.exe [7053768 2021-09-17] (Microsoft Corporation -> Microsoft Corporation)
Tâche : 3D8E21DE-6F7E-473C-B621-A8C2FA9AE8FB – System32TasksMicrosoftWindowsEnterpriseMgmt126F8BE2-3C93-487C-B3C1-8115ABA84E14Schedule #1 créé par le client d'inscription => C:WINDOWSsystem32 Deviceenroller.exe [470016 2021-08-11] (Microsoft Windows -> Microsoft Corporation)
Tâche : 4172E3D6-F919-4E65-AD34-48EE2A7AE1C7 – System32TasksNvProfileUpdaterOnLogon_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUp [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Tâche : 43896F29-090B-4377-A689-5640BDB5FC89 – System32TasksBlueStacksHelper_nxt => C:Program FilesBlueStacks_nxtBlueStacksHelper.exe [275136 2021-07-19] (Systèmes Bluestack, Inc -> Systèmes BlueStack, Inc.)
Tâche : 47AB1F0D-12F1-4FF0-9933-4B5A3944396F – System32Tasksupdate-sys => C:Program Files (x86)SkillbrainsUpdaterUpdater.exe [414872 2017-04-12] (OOO Lightshot -> À FAIRE :
Tâche : 51682B73-69BD-45F9-9742-724EB7DF5FE0 – System32TasksAntivirus Emergency Update => C:Program FilesAVGAntivirusAvEmUpdate.exe [4966200 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Tâche : 55865164-609A-4E5B-B29A-66AD4C6C2A03 – System32TasksNvTmRep_CrashReport1_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationNvRepend.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Tâche : 58F819E5-C6C3-404D-BCB0-CD1EB4B55F64 – System32TasksMicrosoftOfficeOffice Connexion aux mises à jour des fonctionnalités => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [139096 2021-09-17] (Microsoft Corporation -> Microsoft Corporation)
Tâche : 5E6F0BA1-6EDA-46BB-BDB7-1A5DC17FBEB1 – System32TasksMicrosoftWindowsEnterpriseMgmt126F8BE2-3C93-487C-B3C1-8115ABA84E14Provisioning session initiée => C:WINDOWSsystem32deviceenroller.exe [470016 2021-08-11] (Microsoft Windows -> Microsoft Corporation)
Tâche : 60319DC2-5085-4990-BCB7-49B4DB8CCBC1 – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156104 2020-05-07] (Google LLC -> Google LLC)
Tâche : 61D879AF-BF52-43C9-901E-0CF67E108B18 – System32TasksNvProfileUpdaterDaily_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Tâche : 63380B6D-A70C-43AE-AA73-4DE4588552EA – System32TasksProtonVPN Update => D:Program FilesprotonProtonVPN.UpdateService.exe [61736 2020-11-04] (ProtonVPN AG -> )
Tâche : 6C4B3D7F-479A-4B2C-81A1-368A89F5BB7D – System32TasksNvTmRep_CrashReport4_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationNvMRependN [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Tâche : 85434D43-F566-443D-83CC-8D2E16498C46 – System32TasksNvNodeLauncher_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program Files (x86)NVIDIA CorporationNvNodenvchernodejsexe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Tâche : 89BFD764-F6A4-4E53-AAF7-8AA4B4C77F74 – System32TasksRtHDVBg_ListenToDevice => C:Program FilesRealtekAudioHDARAVBg64.exe [1506384 2019-03-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Tâche : 8DFB1029-2247-43AD-BB9D-E81286DEB56A – System32TasksNVIDIA GeForce Experience SelfUpdate_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Tâche : 8FFB8BC7-A462-4203-9D36-9D6A21B4566C – System32TasksMicrosoftWindowsEnterpriseMgmt126F8BE2-3C93-487C-B3C1-8115ABA84E14Schedule créé par le client d'inscription pour le renouvellement de l'avertissement de certificat => C:WINDOWS system32deviceenroller.exe [470016 2021-08-11] (Microsoft Windows -> Microsoft Corporation)
Tâche : 9D4C1DD2-8349-4D4A-836E-A665B738C3AE – System32TasksMicrosoftWindowsEnterpriseMgmt126F8BE2-3C93-487C-B3C1-8115ABA84E14PushRenewal => C:WINDOWSsystem32deviceenrollen [470016 2021-08-11] (Microsoft Windows -> Microsoft Corporation)
Tâche : 9F5A8501-4118-44E0-8521-C851A1BB8635 – System32TasksRTKCPL => C:Program FilesRealtekAudioHDARAVBg64.exe [1506384 2019-03-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Tâche : A1B05A3B-19C4-4F6C-8FFF-955AA72CCE04 – System32TasksMicrosoftWindowsEnterpriseMgmt126F8BE2-3C93-487C-B3C1-8115ABA84E14Passport for Work alerte créée par le client d'inscription => C:WINDOWSsystem32 deviceenroller.exe [470016 2021-08-11] (Microsoft Windows -> Microsoft Corporation)
Tâche : A24C2E87-202A-47D8-A45B-45AD990F042A – System32TasksMicrosoftWindowsEnterpriseMgmt126F8BE2-3C93-487C-B3C1-8115ABA84E14Schedule pour exécuter OMADMClient par serveur => C:WINDOWSsystem .EXE [435712 2021-08-11] (Microsoft Windows -> Microsoft Corporation)
Tâche : A2CB51BA-F944-4B57-BBA5-F679FEDE928A – System32TasksNvBatteryBoostCheckOnLogon_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationNvContainer.exenvcon [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:Program FilesNVIDIA CorporationNvBackendNvBatteryBoostCheck" -l 3 -f C:ProgramDataNVIDIANvContainerBatteryBoostCheck.log
Tâche : AEA52801-12D8-4251-9F0B-D8DFCDF57859 – Tâche System32TasksOverwolf Updater => D:GamesCurseForgeOverwolfOverwolfUpdater.exe [2483032 2021-08-12] (Overwolf Ltd -> Overwolf LTD)
Tâche : AF85C3E8-2E3C-480E-8AD6-D81C2474595E – System32Tasksupdate-S-1-5-21-1107240043-3454394700-2548055146-001 => C:Program Files (x86)SkillbrainsUpdater Updater.exe [414872 2017-04-12] (OOO Lightshot -> À FAIRE :
Tâche : B271617C-0A7F-43AE-AA40-5FC0A3751A8A – System32TasksMicrosoftWindowsEnterpriseMgmt126F8BE2-3C93-487C-B3C1-8115ABA84E14Win10 S Mode écouteur créé par le client d'inscription => C:WINDOWS system32deviceenroller.exe [470016 2021-08-11] (Microsoft Windows -> Microsoft Corporation)
Tâche : B731964F-DDE7-490A-813F-06015008E52B – System32TasksMicrosoftWindowsEnterpriseMgmt126F8BE2-3C93-487C-B3C1-8115ABA84E14Schedule to run OMADMClient by client => C:WINDOWSsystem32omad .EXE [435712 2021-08-11] (Microsoft Windows -> Microsoft Corporation)
Tâche : BA348972-E5E5-43E4-8979-DF79218C4730 – System32TasksOneDrive Standalone Update Task-S-1-5-21-1107240043-3454394700-2548055146-500 => C:UsersstephAppDataLocal MicrosoftOneDriveOneDriveStandaloneUpdater.exe
Tâche : BB786CA6-1A11-4AE9-B5F6-56797AEF6863 – System32TasksMicrosoftOfficeOffice Automatic Updates 2.0 => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
Tâche : BC290BEA-2734-4326-9F40-E8E7E50D3A55 – System32TasksAVGOverseer => C:Program FilesCommon FilesAVGOverseerovereer.exe [1821968 2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies)
Tâche : BECF97E0-17ED-433F-A56C-C9EB5765751A – System32TasksNvDriverUpdateCheckDaily_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:Program FilesNVIDIA CorporationNvDriverUpdateCheck" -l 3 -f C:ProgramDataNVIDIANvContainerDriverUpdateCheck.log
Tâche : C7CA9E05-8249-450D-B6B5-489B8EBA96DC – System32TasksIUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:Program Files (x86)IntelIntel® Update Managerbiniumsvc .EXE
Tâche : C94B21C3-AEC9-496A-947F-2056DC0ADFF9 – System32TasksMicrosoftWindowsMemDiag => C:WINDOWSsystem32mdres.exe [87040 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Tâche : CD246C32-6CD5-4C79-A1E4-7E12345A6AC5 – System32TasksMicrosoftWindowsEnterpriseMgmt126F8BE2-3C93-487C-B3C1-8115ABA84E14Schedule #3 créé par le client d'inscription => C:WINDOWSsystem32 Deviceenroller.exe [470016 2021-08-11] (Microsoft Windows -> Microsoft Corporation)
Tâche : D6F5EB84-775A-4FC9-BDBF-F5F7CDFDA842 – System32TasksNvTmRep_CrashReport2_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationTvmRep.N.N [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Tâche : DAD302A2-C76D-41ED-B39A-975768EEBECF – System32TasksMicrosoftOfficeOffice ClickToRun Service Monitor => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
Tâche : ECD35DD5-E970-4A1C-82BA-2D59B9B260D5 – System32TasksMicrosoftWindowsEnterpriseMgmt126F8BE2-3C93-487C-B3C1-8115ABA84E14PushLaunch => C:WINDOWSsystem32deviceenroller.exe [470016 2021-08-11] (Microsoft Windows -> Microsoft Corporation)
Tâche : EEB86BF3-4274-46B0-B64E-36F2968C4EED – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156104 2020-05-07] (Google LLC -> Google LLC)
(Si une entrée est incluse dans la liste de correctifs, le fichier de tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Tâche : C:WINDOWSTasksCreateExplorerShellUnelevatedTask.job => C:WINDOWSexplorer.exe
Tâche : C:WINDOWSTasksupdate-S-1-5-21-1107240043-3454394700-2548055146-1001.job => C:Program Files (x86)SkillbrainsUpdaterUpdater.exe
Tâche : C:WINDOWSTasksupdate-sys.job => C:Program Files (x86)SkillbrainsUpdaterUpdater.exe
==================== Internet (liste blanche) ====================
(Si un élément est inclus dans la liste de correctifs, s'il s'agit d'un élément de registre, il sera supprimé ou restauré par défaut.)
Hôtes : il y a plus d'une entrée dans Hôtes. Voir la section Hôtes de Addition.txt
TcpipParamètres : [DhcpNameServer] 192.168.100.1
Tcpip..Interfaces�c87c9e6-c692-4109-90f4-3bd0c9f8eb8f : [DhcpNameServer] 192.168.100.1
Tcpip..Interfacesa609fc41-8fc3-42c2-acbe-a0317fb86253 : [DhcpNameServer] 192.168.100.1
Tcpip..Interfacesa9f032f5-7350-4825-aad6-683fda25556c : [DhcpNameServer] 8.8.8.8
Tcpip..Interfacesbd3ec1e7-9a20-4054-91d4-c7d93547e9ab : [DhcpNameServer] 192.168.100.1
HKLMSOFTWAREPoliciesMicrosoftInternet Explorer : Restriction <==== ATTENTION
Bord:
=======
Extension Edge : (sans nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsAutoFormFill [not found]
Extension Edge : (sans nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsBookViewer [not found]
Extension Edge : (sans nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsLearningTools [not found]
Extension Edge : (sans nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsPinJSAPI [not found]
Profil Edge : C:UsersstephAppDataLocalMicrosoftEdgeUser DataDefault [2021-09-26]
FireFox :
========
Profil par défaut FF : bgdskgse.default
Chemin du profil FF : C:UsersstephAppDataRoamingMozillaFirefoxProfilesbgdskgse.default [2021-05-23]
Chemin de profil FF : C:UsersstephAppDataRoamingMozillaFirefoxProfilesez2qftam.default-release [2021-09-26]
Page d'accueil FF : MozillaFirefoxProfilesez2qftam.default-release -> google.com
Notifications FF : MozillaFirefoxProfilesez2qftam.default-release -> hxxps://aternos.org ; hxxps://www.talabat.com
Extension FF : (Enhancer for YouTube™) – C:UsersstephAppDataRoamingMozillaFire[email protected]maximerf.addons.mozilla.org.xpi [2021-09-21]
Extension FF : (Chérie) – C:UsersstephAppDataRoamingMozillaFiref[email protected]jetpack.xpi [2021-06-24]
Extension FF : (AdBlock – meilleur bloqueur de publicités) – C:UsersstephAppDataRoamingMozillaFiref[email protected]jetpack.xpi [2021-09-09]
Plugin FF : @java.com/DTPlugin, version=11.111.2 -> C:Program FilesJavajre1.8.0_111bindtpluginnpDeployJava1.dll [2021-08-22] (Oracle America, Inc. -> Oracle Corporation)
Plugin FF : @java.com/JavaPlugin, version=11.111.2 -> C:Program FilesJavajre1.8.0_111binplugin2npjp2.dll [2021-08-22] (Oracle America, Inc. -> Oracle Corporation)
Plugin FF : @microsoft.com/SharePoint, version=14.0 -> C:Program FilesMicrosoft OfficerootOffice16NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Plugin FF-x32 : @gametree.co.kr/GTL -> C:ProgramDataGametreeGTLnpGTL.dll [2013-06-13] (NtreevSoft Co., Ltd -> NtreevSoft)
Plugin FF-x32 : @microsoft.com/Lync,version=15.0 -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Mozilla Firefoxpluginsnpmeetingjoinpluginoc.dll [2021-08-15] (Microsoft Corporation -> Microsoft Corporation)
Plugin FF-x32 : @microsoft.com/SharePoint, version=14.0 -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
Profil CHR : C:UsersstephAppDataLocalGoogleChromeUser DataDefault [2021-09-22]
CHR DownloadDir: C:UsersstephDownloads
Notifications CHR : Par défaut -> hxxps://aternos.org ; hxxps://mail.google.com
Page d'accueil CHR : Par défaut -> mysearch.avg.com
CHR StartupUrls : Par défaut -> "hxxp://www.google.com"
URL de recherche par défaut CHR : par défaut -> hxxps://www.gstatic.com/youtube/img/branding/favicon/favicon_144x144.png
CHR DefaultSearchKeyword : Par défaut -> hxxps://mysearch.avg.com
Extension CHR : (diapositives) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2020-05-07]
Extension CHR : (YouTube) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionsagimnkijcaahngcdmfeangaknmldooml [2021-03-26]
Extension CHR : (Docs) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2020-05-07]
Extension CHR : (Google Drive) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2020-10-24]
Extension CHR : (YouTube) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2020-05-07]
Extension CHR : (Chérie) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionsbmnlcjabgnpnenekpadlanbbkooimhnj [2021-09-22]
Extension CHR : (Social Blade) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionscfidkbgamfhdgmedldkagjopnbobdmdn [2021-09-22] [UpdateUrl:hxxps://addon.socialblade.com/updates.json] <==== ATTENTION
Extension CHR : (AVG Secure Search) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionschfdnecihphmhljaaejmgoiahnihplgn [2020-05-09]
Extension CHR : (Rocks Network CORS Fix) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionscnfpafcflghhnmcdmomglkcofdgalljf [2021-09-22]
Extension CHR : (Feuilles) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2020-05-07]
Extension CHR : (Google Docs Offline) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-18]
Extension CHR : (AdBlock – meilleur bloqueur de publicités) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionsgighmmpiobklfepjocnamgkkbiglidom [2021-09-22]
Extension CHR : (CENTURY) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionsgpokpjenobimicjbebndjofblfhhggpd [2020-05-10]
Extension CHR : (ROBLOX : Téléchargeur rapide d'actifs) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionsmeljceogbjjmgjhhbnmjjgepchpjkklc [2020-05-09]
Extension CHR : (TubeBuddy) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionsmhkhmbddkmdggbhaaaodilponhnccicb [2021-09-22]
Extension CHR : (Chrome Web Store Payments) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
Extension CHR : (MediaMod) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionsoeocpffgjbagninjebpgopolopdegogb [2021-04-05]
Extension CHR : (Netflix Party est maintenant Teleparty) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionsoocalimimngaihdkbihfgmpkcpnmlaoa [2021-09-22]
Extension CHR : (Speedtest par Ookla) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionspgjjikdiikihdfpoppgaidccahalehjh [2021-04-15]
Extension CHR : (Gmail) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
==================== Services (liste blanche) ====================
(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé à moins qu'il ne soit répertorié séparément.)
Service d'appareils mobiles Apple S2 ; D:Program Filesi-Funbox DevTeamMobile Device SupportAppleMobileDeviceService.exe [96056 2020-12-24] (Apple Inc. -> Apple Inc.)
S2 asComSvc ; C:Program Files (x86)ASUSAXSP4.00.38atkexComSvc.exe [440368 2019-04-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 AsHidService ; C:WINDOWSSystem32DriverStoreFileRepositoryatkwmiacpiio.inf_amd64_30ffacb41f78f352AsHidSrv64.exe [173504 2019-03-03] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Service ASLDR S2 ; C:WINDOWSSystem32DriverStoreFileRepositoryatkwmiacpiio.inf_amd64_30ffacb41f78f352AsLdrSrv64.exe [227776 2019-03-03] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Antivirus S2 AVG ; C:Program FilesAVGAntivirusAVGSvc.exe [630584 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Outils AVG S2 ; C:Program FilesAVGAntivirusavgToolsSvc.exe [378168 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgbIDSAgent ; C:Program FilesAVGAntivirusaswidsagent.exe [8360560 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S2 AvgWscReporter; C:Program FilesAVGAntiviruswsc_proxy.exe [109480 2021-06-01] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [9179528 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
S2 com.docker.service ; C:Program FilesDockerDockercom.docker.service [16352 2021-03-27] (Docker Inc -> Docker Inc.)
S3 EasyAntiCheat; C:Program Files (x86)EasyAntiCheatEasyAntiCheat.exe [803440 2020-04-16] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EpicOnlineServices ; C:Program Files (x86)Epic GamesEpic Online ServicesserviceEpicOnlineServicesHost.exe [926176 2021-03-16] (Epic Games Inc. -> Epic Games, Inc.)
S3 EQUI8_36 ; C:ProgramDataEQU8Splitgatebinanticheat.x64.equ8.exe [6161552 2021-08-23] (Logiciel Int3 AB -> Logiciel Int3 AB)
S2 hshld_10.9.12 ; C:Program Files (x86)Hotspot Shield10.9.12bincmw_srv.exe [224248 2020-11-16] (Pango Inc. -> Pango Inc.)
S2 it.remote.cli; D:Program Filesremoteitresourcesx64remoteit.exe [9552488 2021-08-20] (remot3.it, Inc. -> )
S3 mracsvc; C:WindowsSystem32mracsvc.exe [20417696 2020-07-22] (Mail.Ru LLC -> LLC Mail.Ru)
S3 OverwolfUpdater; D:GamesCurseForgeOverwolfOverwolfUpdater.exe [2483032 2021-08-12] (Overwolf Ltd -> Overwolf LTD)
S3 ImprimerNotifier ; C:WINDOWSsystem32spooldriversx643PrintConfig.dll [3595776 2021-09-16] (Microsoft Corporation) [File not signed]
Service S3 ProtonVPN ; D:Program FilesprotonProtonVPNService.exe [99624 2020-11-04] (ProtonVPN AG -> )
Service de mise à jour S3 ProtonVPN ; D:Program FilesprotonProtonVPN.UpdateService.exe [61736 2020-11-04] (ProtonVPN AG -> )
Service Rockstar S3 ; D:GamesRockstar GamesLauncherRockstarService.exe [1856816 2021-08-05] (Rockstar Games, Inc. -> Rockstar Games)
Visionneuse d'équipe S2 ; C:Program Files (x86)TeamViewerTeamViewer_Service.exe [13271336 2021-09-02] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S2 UrbanVPNServiceInteractif ; C:Program FilesUrbanVPNbinurbanvpnserv.exe [217848 2020-08-28] (Cyber Sécurité Urbaine Inc. -> )
S3 UrbanVPNUpdater ; C:Program FilesUrbanVPNUrbanVPNUpdater.exe [1010752 2020-10-01] (Cyber Sécurité Urbaine Inc. -> Sécurité Urbaine)
S3 vgc; C:Program FilesRiot Vanguardvgc.exe [10202040 2021-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:ProgramDataMicrosoftWindows Defenderplatform4.18.2006.10-0NisSrv.exe [2496144 2020-07-02] (Éditeur Microsoft Windows -> Microsoft Corporation)
S3 WinDefend ; C:ProgramDataMicrosoftWindows Defenderplatform4.18.2006.10-0MsMpEng.exe [104192 2020-07-02] (Éditeur Microsoft Windows -> Microsoft Corporation)
S2 NVDisplay.ContainerLocalSystem; C:WINDOWSSystem32DriverStoreFileRepositorynvami.inf_amd64_72035dd8d03aeceeDisplay.NvContainerNVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%NVIDIANVDisplay.Container3-LocalSystem.log:l WINDOWSSystem32DriverStoreFileRepositorynvami.inf_amd64_72035dd8d03aeceeDisplay.NvContainerpluginsLocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystemLocalSystem
===================== Pilotes (liste blanche) ===================
(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé à moins qu'il ne soit répertorié séparément.)
S1 AsIO; C:WindowsSysWow64driversAsIO.sys [15232 2017-12-26] (ASUSTeK Computer Inc. -> )
S1 Asusgio2; C:Windowssystem32driversAsIO2.sys [33832 2019-04-09] (ASUSTeK Computer Inc. -> )
R3 AsusPTPDrv; C:WINDOWSSystem32driversAsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
S1 ATKWMIACPIIO; C:WINDOWSSystem32DriverStoreFileRepositoryatkwmiacpiio.inf_amd64_30ffacb41f78f352atkwmiacpi64.sys [36368 2019-03-03] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
R0 avgArDisk; C:WINDOWSSystem32driversavgArDisk.sys [35848 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Potmoy S1 ; C:WINDOWSSystem32driversavgArPot.sys [221728 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S1 avgbidsdriver; C:WINDOWSSystem32driversavgbidsdriver.sys [369232 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S0 avgbidsh; C:WINDOWSSystem32driversavgbidsh.sys [250480 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S0 avgbuniv; C:WINDOWSSystem32driversavgbuniv.sys [99440 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S0 moyElam; C:WINDOWSSystem32driversavgElam.sys [21960 2021-09-22] (Microsoft Windows Early Launch Anti-Malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 MoyKbd; C:WINDOWSSystem32driversavgKbd.sys [41504 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S1 moyMonFlt; C:WINDOWSSystem32driversavgMonFlt.sys [184776 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S1 avgNetHub ; C:WINDOWSSystem32driversavgNetHub.sys [538632 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S1 Rdr moy; C:WINDOWSSystem32driversavgRdr2.sys [108000 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S0 moyRvrt; C:WINDOWSSystem32driversavgRvrt.sys [83064 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S1 moySnx; C:WINDOWSSystem32driversavgSnx.sys [851864 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
SP moy S1 ; C:WINDOWSSystem32driversavgSP.sys [557288 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S2 avgStm; C:WINDOWSSystem32driversavgStm.sys [215536 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S0 Vmm moy; C:WINDOWSSystem32driversavgVmm.sys [328712 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S2 BlueStacksDrv_nxt; C:Program FilesBlueStacks_nxtBstkDrv_nxt.sys [320728 2021-07-19] (Systèmes Bluestack, Inc -> Système Bluestack Inc.)
S3 EQU8_HELPER_36 ; C:WINDOWSsystem32DRIVERSEQU8_HELPER_36.sys [38032 2021-09-15] (Logiciel Int3 AB -> )
S3 Hamachi ; C:WINDOWSSystem32driversHamdrv.sys [45680 2019-04-02] (Éditeur de compatibilité matérielle Microsoft Windows -> LogMeIn Inc.)
R3 HIDSwitch ; C:WINDOWSSystem32driversAsRadioControl.sys [32696 2020-11-18] (ASUSTek Computer Inc. -> ASUS)
S3 ManyCam ; C:WINDOWSsystem32DRIVERSmcvidrv.sys [66952 2018-07-29] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.)
S3 mcaudrv_simple; C:WINDOWSsystem32driversmcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
S3 mracdrv; C:WINDOWSSystem32driversmracdrv1.sys [19647520 2020-07-22] (Mail.Ru LLC -> LLC Mail.Ru)
S1 pango_netfilter2; C:WINDOWSSystem32driverspango_netfilter2.sys [94080 2020-11-16] (Pango Inc. -> Pango Inc)
S3 ProtonVPNSplitTunnel; D:Program Filesprotonx64Win10ProtonVPN.SplitTunnelDriver.sys [31584 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
S3 RTCore64; D:Program FilesMSI AfterburnerRTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 ScpVBus; C:WINDOWSSystem32driversScpVBus.sys [39168 2013-05-18] (Bruce James -> Scarlet.Crush Productions)
S3 SnapCameraVirtualDevice; C:WINDOWSSystem32driversSnapCameraVirtualDevice.sys [2800232 2020-10-12] (Snap Inc. -> Windows ® Win 7 DDK provider)
S3 tap0901; C:WINDOWSSystem32driverstap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapnordvpn; C:WINDOWSSystem32driverstapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
S3 tapprotonvpn; C:WINDOWSSystem32driverstapprotonvpn.sys [49008 2020-04-06] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 VBAudioVACMME; C:WINDOWSSystem32driversvbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows ® Win 7 DDK provider)
S3 VBAudioVMVAIOMME; C:WINDOWSSystem32driversvbaudio_vmvaio64_win10.sys [71712 2020-05-09] (Vincent Burel -> Windows ® Win 7 DDK provider)
S3 VCamSDK; C:WINDOWSsystem32DRIVERSVCamSDK.sys [1090904 2019-12-22] (Shanghai Yitu Information Technology Co.,Ltd. -> e2eSoft)
S1 vgk; C:Program FilesRiot Vanguardvgk.sys [8234240 2021-08-30] (Riot Games, Inc. -> Riot Games, Inc.)
S3 voxaldriver; C:WINDOWSsystem32DRIVERSvoxaldriverx64.sys [55976 2020-06-14] (NCH Software, Inc. -> )
U5 vsock; C:WindowsSystem32Driversvsock.sys [105912 2020-08-10] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:WINDOWSsystem32driverswdWdBoot.sys [45976 2020-07-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:WINDOWSsystem32driverswdWdFilter.sys [408816 2020-07-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [64224 2020-07-02] (Microsoft Windows -> Microsoft Corporation)
S3 AppleKmdfFilter; SystemRootSystem32driversAppleKmdfFilter.sys [X]
S3 AppleLowerFilter; SystemRootSystem32driversAppleLowerFilter.sys [X]
S3 semav6msr64; ??C:WINDOWSsystem32driverssemav6msr64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-09-26 21:28 – 2021-09-26 21:29 – 000000000 ____D C:FRST
2021-09-26 21:17 – 2021-09-26 21:17 – 000000000 ___HD C:$SysReset
2021-09-26 21:17 – 2021-09-26 21:17 – 000000000 ____D C:WINDOWSPanther
2021-09-26 21:09 – 2021-09-26 21:09 – 000008192 ___SH C:DumpStack.log.tmp
2021-09-26 21:09 – 2021-09-26 21:09 – 000000214 _____ C:WINDOWSTasksCreateExplorerShellUnelevatedTask.job
2021-09-26 21:06 – 2021-09-26 21:06 – 000983868 _____ C:WINDOWSMinidump�92621-9921-01.dmp
2021-09-26 20:52 – 2021-09-26 21:29 – 001191108 _____ C:WINDOWSntbtlog.txt
2021-09-26 20:52 – 2021-09-26 20:52 – 000000020 ___SH C:Usersstephntuser.ini
2021-09-26 18:22 – 2021-09-26 21:17 – 000000000 ____D C:WINDOWSMinidump
2021-09-26 15:13 – 2021-09-26 15:13 – 000234280 _____ (AVAST Software) C:UsersstephDownloadsavast_free_antivirus_setup_online.exe
2021-09-26 15:13 – 2021-09-26 15:13 – 000234280 _____ (AVAST Software) C:UsersstephDesktopavast_free_antivirus_setup_online.exe
2021-09-26 15:13 – 2021-09-26 15:13 – 000000000 ____D C:ProgramDataAvast Software
2021-09-26 15:05 – 2021-09-26 15:12 – 000000000 ____D C:UsersstephAppDataLocalCrashDumps
2021-09-26 15:04 – 2021-09-26 15:04 – 000224072 _____ (AVG Technologies CZ, s.r.o.) C:UsersstephDownloadsavg_antivirus_free_setup.exe
2021-09-26 15:04 – 2021-09-26 15:04 – 000224072 _____ (AVG Technologies CZ, s.r.o.) C:UsersstephDesktopavg_antivirus_free_setup.exe
2021-09-26 14:50 – 2021-09-26 15:06 – 000000000 ____D C:UsersstephAppDataLocalD3DSCache
2021-09-26 14:50 – 2021-09-26 14:50 – 000000000 ____D C:UsersstephAppDataLocalCEF
2021-09-26 14:49 – 2021-09-26 14:49 – 000000907 _____ C:UsersPublicDesktopEpic Games Launcher.lnk
2021-09-26 14:49 – 2021-09-26 14:49 – 000000907 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsEpic Games Launcher.lnk
2021-09-26 14:49 – 2021-09-26 14:49 – 000000000 ____D C:UsersstephAppDataLocalUnrealEngineLauncher
2021-09-26 14:49 – 2021-09-26 14:49 – 000000000 ____D C:UsersstephAppDataLocalUnrealEngine
2021-09-26 14:49 – 2021-09-26 14:49 – 000000000 ____D C:UsersstephAppDataLocalEpicGamesLauncher
2021-09-26 14:46 – 2021-09-26 14:47 – 056901632 _____ C:UsersstephDownloadsEpicInstaller-12.2.17.msi
2021-09-26 14:45 – 2021-09-26 14:45 – 000124416 _____ C:Program Files8hyKnYgs.exe
2021-09-26 14:45 – 2021-09-26 14:45 – 000013312 _____ C:Program FilesuLLYvMz4ZUeq.sys
2021-09-26 14:45 – 2021-09-26 14:45 – 000006144 _____ C:Program FilesMzt5fU.sys
2021-09-26 14:45 – 2021-09-26 14:45 – 000000820 _____ C:Program Filesmap.bat
2021-09-26 14:45 – 2021-09-26 14:45 – 000000686 _____ C:Program FilesSerial_checker.bat
2021-09-26 14:44 – 2021-09-26 14:44 – 000224256 _____ C:Program FilesFree-Clean1.exe
2021-09-26 14:42 – 2021-09-26 14:42 – 003407872 _____ C:Program FilesJx2wbx6UZ.exe
2021-09-26 14:41 – 2021-09-26 14:41 – 000178462 _____ C:Program FilesFortniteTracerCleaner1803-21H1.bat
2021-09-26 14:41 – 2021-09-26 14:41 – 000032177 _____ C:Program FilesFortnite.bat
2021-09-26 14:41 – 2021-09-26 14:41 – 000032106 _____ C:Program FilesFN.bat
2021-09-26 14:40 – 2021-09-26 14:40 – 000170829 _____ C:UsersstephDownloadsCinX BETA 1.2.rar
2021-09-26 14:19 – 2021-09-26 14:19 – 000000000 ___HD C:$WinREAgent
2021-09-25 16:54 – 2021-09-25 16:54 – 000000000 ____D C:WINDOWSsystem32TasksMozilla
2021-09-24 22:44 – 2021-09-26 10:37 – 000000000 ____D C:Program FilesMozilla Firefox
2021-09-23 18:57 – 2021-09-23 18:57 – 000036299 _____ C:UsersstephDownloadsautotools1.17.1-1.0.2.jar
2021-09-23 18:28 – 2021-09-23 18:28 – 000213767 _____ C:UsersstephDownloadsToolSwap-1.17.1-2.2.0.jar
2021-09-22 15:16 – 2021-09-26 14:06 – 000003310 _____ C:WINDOWSsystem32TasksAntivirus Emergency Update
2021-09-22 15:15 – 2021-09-22 15:15 – 000851864 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgSnx.sys
2021-09-22 15:15 – 2021-09-22 15:15 – 000557288 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgSP.sys
2021-09-22 15:15 – 2021-09-22 15:15 – 000538632 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgNetHub.sys
2021-09-22 15:15 – 2021-09-22 15:15 – 000369232 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32Driversavgbidsdriver.sys
2021-09-22 15:15 – 2021-09-22 15:15 – 000340792 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32avgBoot.exe
2021-09-22 15:15 – 2021-09-22 15:15 – 000328712 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgVmm.sys
2021-09-22 15:15 – 2021-09-22 15:15 – 000250480 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32Driversavgbidsh.sys
2021-09-22 15:15 – 2021-09-22 15:15 – 000221728 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgArPot.sys
2021-09-22 15:15 – 2021-09-22 15:15 – 000215536 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgStm.sys
2021-09-22 15:15 – 2021-09-22 15:15 – 000184776 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgMonFlt.sys
2021-09-22 15:15 – 2021-09-22 15:15 – 000108000 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgRdr2.sys
2021-09-22 15:15 – 2021-09-22 15:15 – 000099440 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32Driversavgbuniv.sys
2021-09-22 15:15 – 2021-09-22 15:15 – 000083064 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgRvrt.sys
2021-09-22 15:15 – 2021-09-22 15:15 – 000041504 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgKbd.sys
2021-09-22 15:15 – 2021-09-22 15:15 – 000035848 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgArDisk.sys
2021-09-22 15:15 – 2021-09-22 15:15 – 000021960 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgElam.sys
2021-09-18 16:58 – 2021-09-18 16:58 – 000037790 _____ C:UsersstephDownloadsSplitgatelogo.webp
2021-09-07 15:25 – 2021-09-08 19:23 – 000000000 ____D C:UsersstephAppDataRoamingremoteit
2021-09-07 15:25 – 2021-09-07 15:27 – 000000000 ____D C:UsersstephAppDataLocalremoteit
2021-09-07 15:25 – 2021-09-07 15:25 – 000000000 ____D C:Program Filesremoteit-bin
2021-09-07 15:24 – 2021-09-08 08:24 – 000000000 ____D C:ProgramDataremoteit
2021-09-07 15:24 – 2021-09-07 15:24 – 000001050 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsremote.it.lnk
2021-09-07 15:24 – 2021-09-07 15:24 – 000000000 ____D C:UsersstephAppDataLocalremoteit-updater
2021-09-07 15:24 – 2021-09-07 15:24 – 000000000 ____D C:UsersstephAppDataLocalremoteit-backup
2021-09-07 15:19 – 2021-09-07 15:20 – 161230160 _____ (remote.it) C:UsersstephDownloadsremoteit-installer.exe
2021-09-07 14:59 – 2021-09-07 14:59 – 006046996 _____ C:UsersstephDownloadsOptiFine_1.16.5_HD_U_G8.jar
2021-09-07 14:54 – 2021-09-07 14:55 – 000190100 _____ C:UsersstephDownloadsOptiForge-MC1.16.5-0.5.7.jar
2021-09-02 19:28 – 2021-09-02 19:28 – 000000000 ____D C:UsersstephAppDataLocalstarstableonline-updater
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-09-27 05:08 – 2019-12-07 09:03 – 000000000 ____D C:WINDOWSCbsTemp
2021-09-27 04:59 – 2019-12-07 09:14 – 000000000 ___RD C:WINDOWSImmersiveControlPanel
2021-09-27 04:59 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSSysWOW64WinMetadata
2021-09-27 04:59 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSSysWOW64oobe
2021-09-27 04:59 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSSysWOW64Dism
2021-09-27 04:59 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSSystemResources
2021-09-27 04:59 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSsystem32WinMetadata
2021-09-27 04:59 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSsystem32WinBioPlugIns
2021-09-27 04:59 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSsystem32oobe
2021-09-27 04:59 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSsystem32migwiz
2021-09-27 04:59 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSsystem32Dism
2021-09-27 04:59 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSsystem32DDFs
2021-09-27 04:59 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSsystem32appraiser
2021-09-27 04:59 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSShellComponents
2021-09-27 04:59 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSProvisioning
2021-09-27 04:59 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSbcastdvr
2021-09-27 04:59 – 2019-12-07 09:03 – 000000000 ____D C:WINDOWSservicing
2021-09-26 21:23 – 2020-05-09 15:26 – 000000000 ____D C:Program FilesCCleaner
2021-09-26 21:19 – 2020-05-21 20:23 – 000000000 ____D C:UsersstephDocumentsMultiMC
2021-09-26 21:17 – 2019-12-07 09:13 – 000000000 ____D C:WINDOWSINF
2021-09-26 21:13 – 2021-03-23 11:13 – 000840666 _____ C:WINDOWSsystem32PerfStringBackup.INI
2021-09-26 21:09 – 2020-11-19 07:30 – 000000000 ____D C:WINDOWSsystem32SleepStudy
2021-09-26 21:06 – 2020-11-19 07:30 – 000442104 _____ C:WINDOWSsystem32FNTCACHE.DAT
2021-09-26 21:06 – 2019-12-07 09:03 – 000786432 _____ C:WINDOWSsystem32configBBI
2021-09-26 20:52 – 2021-03-23 11:04 – 000000000 ____D C:Userssteph
2021-09-26 20:52 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSServiceState
2021-09-26 18:17 – 2020-06-03 20:49 – 000000001 _____ C:WINDOWSvgkbootstatus.dat
2021-09-26 15:17 – 2020-11-19 07:30 – 000000006 ____H C:WINDOWSTasksSA.DAT
2021-09-26 15:17 – 2020-06-01 09:55 – 000000000 ____D C:UsersstephAppDataRoamingdiscord
2021-09-26 15:17 – 2020-05-07 20:10 – 000000000 ____D C:ProgramDataNVIDIA
2021-09-26 15:16 – 2020-06-17 19:48 – 000000000 ____D C:UsersstephAppDataLocalLowMozilla
2021-09-26 15:06 – 2020-06-01 09:55 – 000000000 ____D C:UsersstephAppDataLocalDiscord
2021-09-26 15:00 – 2020-05-07 20:07 – 000000000 ____D C:UsersstephAppDataLocalConnectedDevicesPlatform
2021-09-26 15:00 – 2019-12-07 09:14 – 000000000 ____D C:ProgramDataUSOShared
2021-09-26 14:52 – 2020-05-07 20:18 – 000000000 ____D C:UsersstephAppDataLocalNVIDIA
2021-09-26 14:50 – 2020-05-07 20:18 – 000000000 ____D C:UsersstephAppDataLocalNVIDIA Corporation
2021-09-26 14:49 – 2020-05-07 20:12 – 000000000 ____D C:ProgramDataEpic
2021-09-26 14:45 – 2019-12-07 09:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft
2021-09-26 14:43 – 2020-05-07 20:07 – 000000000 ___RD C:Userssteph3D Objects
2021-09-26 14:43 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSIME
2021-09-26 14:41 – 2020-11-19 07:33 – 000000000 ___HD C:UsersPublicAccountPictures
2021-09-26 14:41 – 2020-05-07 20:09 – 000000000 ____D C:UsersstephAppDataLocalComms
2021-09-26 14:20 – 2020-05-07 20:27 – 000000000 ____D C:Program Files (x86)Google
2021-09-26 14:07 – 2021-05-23 05:23 – 000000000 ____D C:ProgramDataMozilla
2021-09-26 14:06 – 2021-04-13 10:23 – 000003274 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore1d71fd4cd670452
2021-09-26 14:06 – 2021-03-23 11:09 – 000000000 ____D C:WINDOWSsystem32TasksAVAST Software
2021-09-26 14:06 – 2020-11-19 07:32 – 000003468 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineUA
2021-09-26 14:05 – 2020-12-09 17:05 – 000000000 ____D C:ProgramDataDockerDesktop
2021-09-26 14:05 – 2020-10-31 01:12 – 000000000 ____D C:Program Files (x86)TeamViewer
2021-09-26 14:05 – 2020-05-07 20:07 – 000000000 __SHD C:UsersstephIntelGraphicsProfiles
2021-09-26 13:36 – 2020-05-13 11:26 – 000000000 ____D C:UsersstephAppDataRoamingSpotify
2021-09-26 12:06 – 2020-05-13 11:27 – 000000000 ____D C:UsersstephAppDataLocalSpotify
2021-09-26 11:59 – 2020-05-08 08:16 – 000001178 ____H C:UsersstephAppDataRoaming.ias
2021-09-26 11:00 – 2020-06-03 12:15 – 000000000 ____D C:ProgramDataRiot Games
2021-09-26 10:41 – 2020-11-19 07:32 – 000002438 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk
2021-09-26 10:41 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSAppReadiness
2021-09-26 10:37 – 2021-05-23 05:23 – 000000000 ____D C:Program Files (x86)Mozilla Maintenance Service
2021-09-25 16:57 – 2019-12-07 09:14 – 000000000 ___HD C:Program FilesWindowsApps
2021-09-25 16:54 – 2021-05-23 05:23 – 000001011 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsFirefox.lnk
2021-09-23 15:28 – 2020-05-08 08:05 – 000000000 ____D C:UsersstephAppDataRoaming.minecraft
2021-09-23 15:27 – 2021-01-12 15:01 – 000000000 ____D C:UsersstephAppDataRoaminglunarclient
2021-09-22 15:15 – 2019-12-07 09:14 – 000000000 ___HD C:WINDOWSELAMBKUP
2021-09-22 15:14 – 2020-08-02 18:19 – 000000000 ____D C:ProgramDataAVG
2021-09-19 14:54 – 2020-05-24 12:51 – 000000000 ____D C:UsersstephAppDataRoamingMicrosoftWindowsStart MenuProgramsRoblox
2021-09-17 11:09 – 2020-05-17 20:14 – 000000000 ____D C:Program FilesMicrosoft Office
2021-09-16 14:39 – 2020-05-07 20:28 – 000002301 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk
2021-09-16 14:33 – 2020-05-08 07:48 – 000000000 ____D C:WINDOWSsystem32MRT
2021-09-16 14:31 – 2020-05-08 07:48 – 135637312 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe
2021-09-15 14:40 – 2021-08-10 18:01 – 000038032 _____ C:WINDOWSsystem32DriversEQU8_HELPER_36.sys
2021-09-12 09:04 – 2021-01-05 18:40 – 000000000 ____D C:Program FilesRiot Vanguard
2021-09-10 08:31 – 2020-09-30 12:34 – 000000000 ____D C:Program FilesMicrosoft Update Health Tools
2021-09-08 08:30 – 2020-11-22 16:14 – 000000000 ____D C:UsersstephAppDataLocalOverwolf
2021-09-07 14:03 – 2020-10-31 01:14 – 000000000 ____D C:UsersstephAppDataLocalTeamViewer
2021-09-04 03:00 – 2021-03-22 22:17 – 000000000 ____D C:UsersstephDocumentsNew folder
2021-09-02 19:50 – 2020-10-27 12:08 – 000000000 ____D C:UsersstephAppDataRoamingStar Stable Online
2021-09-01 12:21 – 2020-09-12 17:22 – 000000000 ____D C:UsersstephAppDataLocalBattle.net
==================== Files in the root of some directories ========
2021-09-26 14:45 – 2021-09-26 14:45 – 000124416 _____ () C:Program Files8hyKnYgs.exe
2021-09-26 14:41 – 2021-09-26 14:41 – 000032106 _____ () C:Program FilesFN.bat
2021-09-26 14:41 – 2021-09-26 14:41 – 000032177 _____ () C:Program FilesFortnite.bat
2021-09-26 14:41 – 2021-09-26 14:41 – 000178462 _____ () C:Program FilesFortniteTracerCleaner1803-21H1.bat
2021-09-26 14:44 – 2021-09-26 14:44 – 000224256 _____ () C:Program FilesFree-Clean1.exe
2021-09-26 14:42 – 2021-09-26 14:42 – 003407872 _____ () C:Program FilesJx2wbx6UZ.exe
2021-09-26 14:45 – 2021-09-26 14:45 – 000000820 _____ () C:Program Filesmap.bat
2021-09-26 14:45 – 2021-09-26 14:45 – 000006144 _____ () C:Program FilesMzt5fU.sys
2021-09-26 14:45 – 2021-09-26 14:45 – 000000686 _____ () C:Program FilesSerial_checker.bat
2021-09-26 14:45 – 2021-09-26 14:45 – 000013312 _____ () C:Program FilesuLLYvMz4ZUeq.sys
2020-05-08 08:16 – 2021-09-26 11:59 – 000001178 ____H () C:UsersstephAppDataRoaming.ias
2021-05-11 18:55 – 2021-05-19 16:45 – 000000016 _____ () C:UsersstephAppDataRoamingobs-virtualcam.txt
2020-07-18 12:30 – 2020-07-18 12:59 – 000034859 _____ () C:UsersstephAppDataRoamingVoiceMeeterBananaDefault.xml
2020-05-09 12:13 – 2020-07-18 12:23 – 000004659 _____ () C:UsersstephAppDataRoamingVoiceMeeterDefault.xml
2021-01-28 17:56 – 2021-01-28 18:40 – 000060428 _____ () C:UsersstephAppDataRoamingVoiceMeeterPotatoDefault.xml
2021-08-11 15:25 – 2021-08-11 17:15 – 001065984 _____ () C:UsersstephAppDataLocalfile__0.localstorage
2020-05-12 14:58 – 2020-05-12 14:58 – 000000120 _____ () C:UsersstephAppDataLocalinjk.conf
2020-05-09 15:39 – 2021-08-11 17:23 – 000007605 _____ () C:UsersstephAppDataLocalresmon.resmoncfg
2020-08-02 18:40 – 2020-08-02 18:42 – 002931720 _____ (DT001) C:UsersstephAppDataLocalsetup64087.exe
2020-08-02 18:43 – 2020-08-02 18:43 – 002931720 _____ (DT001) C:UsersstephAppDataLocalsetup65743.exe
2021-02-01 09:36 – 2021-02-01 09:36 – 000000424 _____ () C:UsersstephAppDataLocalUserProducts.xml
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-09-2021 02
Ran by steph (26-09-2021 21:30:20)
Running from E:
Windows 10 Home Version 20H2 19042.1165 (X64) (1705968-03-28 03:21:14)
Boot Mode: Safe Mode (minimal)
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1107240043-3454394700-2548055146-500 – Administrator – Disabled)
DefaultAccount (S-1-5-21-1107240043-3454394700-2548055146-503 – Limited – Disabled)
Guest (S-1-5-21-1107240043-3454394700-2548055146-501 – Limited – Disabled)
steph (S-1-5-21-1107240043-3454394700-2548055146-1001 – Administrator – Enabled) => C:Userssteph
WDAGUtilityAccount (S-1-5-21-1107240043-3454394700-2548055146-504 – Limited – Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46
AV: AVG Antivirus (Disabled – Up to date) 18A975F9-A60C-37D8-E30B-4BEF31AD3411
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKUS-1-5-21-1107240043-3454394700-2548055146-1001…uTorrent) (Version: 3.5.5.45966 – BitTorrent Inc.)
3D Aim Trainer Launcher version 1.01 (HKLM-x32…DEBD852F-7476-4715-B6AC-8A3C560EAAAA_is1) (Version: 1.01 – 3D Aim Trainer)
AdoptOpenJDK JDK with Hotspot 16.0.1+9 (x64) (HKLM…2A8E503E-8CAC-4A66-97C3-5186A003681A) (Version: 16.0.1.9 – AdoptOpenJDK)
Alicia (HKLM-x32…Alicia) (Version: 1.0.0.0 – NtreevSoft)
Audacity 2.4.2 (HKLM-x32…Audacity_is1) (Version: 2.4.2 – Audacity Team)
Auto Keyboard v6.3 (HKLM-x32…71E16EE4-BBED-44A8-8724-9E68D05EE945_is1) (Version: 6.3 – MurGee.com)
Auto Mouse Click by MurGee.com v99.1 (HKLM-x32…F5E3859D-0720-41F0-BAF5-4CBCDFD8F406_is1) (Version: – MurGee.com)
AutoHotkey 1.1.32.00 (HKLM…AutoHotkey) (Version: 1.1.32.00 – Lexikos)
AVG AntiVirus FREE (HKLM…AVG Antivirus) (Version: 21.8.3202 – AVG Technologies)
Battle.net (HKLM-x32…Battle.net) (Version: – Blizzard Entertainment)
Betternet for Windows 5.7.1.470 (HKLM-x32…2E77104D-96E1-4A9C-86F2-C7CF9CE04A70) (Version: 5.7.1.470 – Betternet Technologies Inc.)
BlueStacks 5 (HKLM…BlueStacks_nxt) (Version: 5.1.110.2001 – BlueStack Systems, Inc.)
Call of Duty Black Ops Cold War (HKLM-x32…Call of Duty Black Ops Cold War) (Version: – Blizzard Entertainment)
CCleaner (HKLM…CCleaner) (Version: 5.77 – Piriform)
Clownfish Voice Changer (HKLM…ClownfishVoiceChanger) (Version: – )
CurseForge (HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.181.1.15 – Overwolf app)
Discord (HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Discord) (Version: 0.0.309 – Discord Inc.)
Docker Desktop (HKLM…Docker Desktop) (Version: 3.2.2 – Docker Inc.)
Epic Games Launcher (HKLM-x32…7733DDD0-3513-4A99-BFFE-A6D73BE49B50) (Version: 1.2.35.0 – Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM…66C5838F-B854-4A55-89E6-A6138747A4DF) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32…�B736177-814A-4ADE-81D1-66A0FDD55BB4) (Version: 1.1.11.0 – Epic Games, Inc.)
FiveM (HKUS-1-5-21-1107240043-3454394700-2548055146-1001…CitizenFX_FiveM) (Version: – The CitizenFX Collective)
Fraps (HKLM-x32…Fraps) (Version: – )
Gametree Launcher (HKLM-x32…GTL) (Version: 3.0.26.0 – NtreevSoft)
Glorious Model D Software (HKLM-x32…4D18F84D-F67A-47B8-B7BB-C2832B1D6C92_is1) (Version: 1.0.3 – Glorious PC Gaming Race LLC.)
Google Chrome (HKLM-x32…Google Chrome) (Version: 93.0.4577.82 – Google LLC)
Heaven Benchmark version 4.0 (HKLM-x32…Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 – Unigine Corp.)
Hotspot Shield 10.9.12 (HKLM-x32…859921d9-c7f6-48b4-b818-9cd304a3b0fd) (Version: 10.9.12.11809 – Pango Inc.)
Hotspot Shield 10.9.12 (HKLM-x32…AF599C42-A2E5-4251-B7EE-4925F1B77144) (Version: 10.9.12.11809 – Pango Inc.) Hidden
Hotspot Shield 10.9.12 (HKLM-x32…HotspotShield) (Version: 10.9.12 – Pango Inc.) Hidden
Java 8 Update 111 (64-bit) (HKLM…26A24AE4-039D-4CA4-87B4-2F64180111F0) (Version: 8.0.1110.14 – Oracle Corporation)
Java™ SE Development Kit 16.0.1 (64-bit) (HKLM…75CDB88B-F917-5456-AB2D-5504DE7F43DE) (Version: 16.0.1.0 – Oracle Corporation)
Java™ SE Development Kit 16.0.2 (64-bit) (HKLM…84539E3B-68B6-54F1-9CA3-EA920673C714) (Version: 16.0.2.0 – Oracle Corporation)
Kodi (HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Kodi) (Version: – XBMC Foundation)
Launcher Prerequisites (x64) (HKLM-x32…c6c5a357-c7ca-4a5f-9789-3bb1af579253) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden
League of Legends (HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Riot Game league_of_legends.live) (Version: – Riot Games, Inc)
Lightshot-5.5.0.7 (HKLM-x32…30A5B3C9-2084-4063-A32A-628A98DE512B_is1) (Version: 5.5.0.7 – Skillbrains)
Lunar Client (HKUS-1-5-21-1107240043-3454394700-2548055146-1001…1fcec38f-e773-5444-8669-32b8eb41524b) (Version: 2.8.0 – Moonsworth, LLC)
Microsoft 365 Apps for enterprise – en-us (HKLM…O365ProPlusRetail – en-us) (Version: 16.0.14326.20404 – Microsoft Corporation)
Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 94.0.992.31 – Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32…Microsoft EdgeWebView) (Version: 94.0.992.31 – Microsoft Corporation)
Microsoft OneNote – en-us (HKLM…OneNoteFreeRetail – en-us) (Version: 16.0.14326.20404 – Microsoft Corporation)
Microsoft Update Health Tools (HKLM…7B981965-2FBC-433C-B4B3-E183EE97CD29) (Version: 2.83.0.0 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4) (Version: 9.0.30729.6161 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…9BE518E6-ECC6-35A9-88E4-87755C07200F) (Version: 9.0.30729.6161 – Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable – 10.0.40219 (HKLM…1D8E6291-B0D5-35EC-8441-6616F567A0F7) (Version: 10.0.40219 – Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable – 10.0.40219 (HKLM-x32…F0C3E5D1-1ADE-321E-8167-68EF0DE699A5) (Version: 10.0.40219 – Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…ca67548a-5ebe-413a-b50c-4b9ceb6d66c6) (Version: 11.0.61030.0 – Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…33d1fd90-4274-48a1-9bc1-97e33d9c2d6f) (Version: 11.0.61030.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…�50d4fc8-5d48-4b8f-8972-47c82c46020f) (Version: 12.0.30501.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.40660 (HKLM-x32…ef6b00ec-13e1-4c25-9064-b2f383cb8412) (Version: 12.0.40660.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…f65db027-aff3-4070-886a-0d87064aabb1) (Version: 12.0.30501.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.40660 (HKLM-x32…61087a79-ac85-455c-934d-1fa22cc64f36) (Version: 12.0.40660.0 – Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.28.29334 (HKLM-x32…a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4) (Version: 14.28.29334.0 – Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.28.29334 (HKLM-x32…b2d0f752-adc5-496e-8f70-8669de01f746) (Version: 14.28.29334.0 – Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32…2BFC7AA0-544C-4E3A-8796-67F3BE655BE9) (Version: 4.0.20823.0 – Microsoft Corporation)
Minecraft Launcher (HKLM-x32…E15F69FA-660D-45CC-B28F-6CBC4CAD2091) (Version: 1.0.0.0 – Mojang)
Mozilla Firefox (x64 en-US) (HKLM…Mozilla Firefox 92.0.1 (x64 en-US)) (Version: 92.0.1 – Mozilla)
Mozilla Maintenance Service (HKLM…MozillaMaintenanceService) (Version: 88.0.1 – Mozilla)
MPC-HC 1.7.9 (HKLM-x32…2624B969-7135-4EB1-B0F6-2D8C397B45F7_is1) (Version: 1.7.9 – MPC-HC Team)
MSI Afterburner 4.6.4 Beta 3 (HKLM-x32…Afterburner) (Version: 4.6.4 Beta 3 – MSI Co., LTD)
Mumble 1.3.4 (HKLM…F01AE994-B03B-46EC-87BD-65682C2968F4) (Version: 1.3.4 – The Mumble Developers)
NBTExplorer (HKLM-x32…DC1E9E1A-86BE-491B-8DF9-A86045902F48) (Version: 2.8.0.0 – Justin Aquadro)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_FrameViewSdk) (Version: 1.1.4923.29968894 – NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.GFExperience) (Version: 3.23.0.74 – NVIDIA Corporation)
NVIDIA Graphics Driver 471.68 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.Driver) (Version: 471.68 – NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.PhysX) (Version: 9.19.0218 – NVIDIA Corporation)
OBS Studio (HKLM-x32…OBS Studio) (Version: 25.0.8 – OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM…90160000-008C-0000-1000-0000000FF1CE) (Version: 16.0.14326.20404 – Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM…90160000-007E-0000-1000-0000000FF1CE) (Version: 16.0.14326.20404 – Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM…90160000-008C-0409-1000-0000000FF1CE) (Version: 16.0.14131.20278 – Microsoft Corporation) Hidden
OpenAL (HKLM-x32…OpenAL) (Version: – )
Overwolf (HKLM-x32…Overwolf) (Version: 0.178.0.16 – Overwolf Ltd.)
ProtonVPN (HKLM-x32…FD5DFEEE-C563-4D04-B3F4-E5C7D5F5B1E9) (Version: 1.17.6 – Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32…ProtonVPN 1.17.6) (Version: 1.17.6 – Proton Technologies AG)
ProtonVPNTap (HKLM-x32…526B21BC-E7BE-4CC9-AF49-20F7F11B9113) (Version: 1.1.1 – Proton Technologies AG)
Realtek High Definition Audio Driver (HKLM-x32…F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC) (Version: 6.0.1.8656 – Realtek Semiconductor Corp.)
remoteit 3.1.5 (HKLM…bdfdcbf7-1da1-52db-84e6-157a6dedb945) (Version: 3.1.5 – remote.it)
Resanance (HKLM…�7BB6181-E1D0-4283-87D0-BE4819535A3C) (Version: 2.1.3 – WasntAFairFight)
Riot Vanguard (HKLM…Riot Vanguard) (Version: – Riot Games, Inc.)
RivaTuner Statistics Server 7.3.2 Beta 2 (HKLM-x32…RTSS) (Version: 7.3.2 Beta 2 – Unwinder)
Roblox Player for steph (HKUS-1-5-21-1107240043-3454394700-2548055146-1001…roblox-player) (Version: – Roblox Corporation)
Rockstar Games Launcher (HKLM-x32…Rockstar Games Launcher) (Version: 1.0.45.416 – Rockstar Games)
Rockstar Games Social Club (HKLM-x32…Rockstar Games Social Club) (Version: 2.0.8.5 – Rockstar Games)
Skype version 8.74 (HKLM-x32…Skype_is1) (Version: 8.74 – Skype Technologies S.A.)
Spotify (HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Spotify) (Version: 1.1.68.632.g2b11de83 – Spotify AB)
Star Stable Online 2.9.4 (HKLM-x32…8c663ade-0de5-52b6-812d-f5cd25f943ac) (Version: 2.9.4 – Star Stable Entertainment AB)
Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)
TAP-Windows 9.24.2 (HKLM…TAP-Windows) (Version: 9.24.2 – OpenVPN Technologies, Inc.)
TeamViewer (HKLM-x32…TeamViewer) (Version: 15.21.8 – TeamViewer)
Tidabie Tidal Music Converter 1.1.1 (HKLM-x32…Tidabie Tidal Music Converter) (Version: 1.1.1 – Tidabie)
Ubisoft Connect (HKLM-x32…Uplay) (Version: 73.0 – Ubisoft)
Universal Minecraft Editor version 1.7.1 (HKLM-x32…86633C3D-27BE-425D-993B-8917FE5EAD7E_is1) (Version: 1.7.1 – oPryzeLP)
UrbanVPN (HKLM…F1CC3454-8EE9-4479-A109-AC1670ADEBC7) (Version: 2.2.3 – Urban Security) Hidden
UrbanVPN (HKLM…UrbanVPN 2.2.3) (Version: 2.2.3 – Urban Security)
VALORANT (HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Riot Game valorant.live) (Version: – Riot Games, Inc)
VBCABLE, The Virtual Audio Cable (HKLM…VB:VBCABLE 87459874-1236-4469) (Version: – VB-Audio Software)
Voxal Voice Changer (HKLM-x32…Voxal) (Version: 5.04 – NCH Software)
Windows Subsystem for Linux Update (HKLM…18E72D39-392C-419D-9B86-C4C633B4CED9) (Version: 4.19.128 – Microsoft Corporation)
WinRAR 5.90 (64-bit) (HKLM…WinRAR archiver) (Version: 5.90.0 – win.rar GmbH)
X-Mouse Button Control 2.19.1 (HKLM-x32…X-Mouse Button Control) (Version: 2.19.1 – Highresolution Enterprises)
Zoom (HKUS-1-5-21-1107240043-3454394700-2548055146-1001…ZoomUMX) (Version: 5.4.9 (59931.0110) – Zoom Video Communications, Inc.)
Packages:
=========
Intel® Graphics Command Center -> C:Program FilesWindowsAppsAppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-08-27] (INTEL CORP) [Startup Task]
iTunes -> C:Program FilesWindowsAppsAppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqa [2021-09-25] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-23] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-23] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-27] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:Program FilesWindowsAppsMicrosoft.MinecraftUWP_1.17.3004.0_x64__8wekyb3d8bbwe [2021-09-22] (Microsoft Studios)
MyASUS -> C:Program FilesWindowsAppsB9ECED6F.ASUSPCAssistant_3.0.20.0_x64__qmba6cd70vzyy [2021-09-18] (ASUSTeK COMPUTER INC.)
Netflix -> C:Program FilesWindowsApps4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-16] (Netflix, Inc.)
NVIDIA Control Panel -> C:Program FilesWindowsAppsNVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-08-10] (NVIDIA Corp.)
Photos Media Engine Add-on -> C:Program FilesWindowsAppsMicrosoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-10-11] (Microsoft Corporation)
TranslucentTB -> C:Program FilesWindowsApps28017CharlesMilette.TranslucentTB_2021.4.0.0_x64__v826wp6bftszj [2021-09-06] (Charles Milette) [Startup Task]
XboxInsiderHub -> C:Program FilesWindowsAppsMicrosoft.XboxInsider_1.2109.1001.0_x64__8wekyb3d8bbwe [2021-09-22] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…ChromeHTML: -> <==== ATTENTION
ShellIconOverlayIdentifiers: [ OneDrive1] -> BBACC218-34EA-4666-9D7A-C78F2274A524 => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> 5AB7172C-9C11-405C-8DD5-AF20F3606282 => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> A78ED123-AB77-406B-9962-2A5D9D2F7F30 => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> F241C880-6982-4CE5-8CF7-7085BA96DA5A => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> 9AA2F32D-362A-42D9-9328-24A483E2CCC3 => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> C5FF006E-2AE9-408C-B85B-2DFDD5449D9C => -> No File
ShellIconOverlayIdentifiers: [00avg] -> 472083B1-C522-11CF-8763-00608CC02F24 => C:Program FilesAVGAntivirusashShell.dll [2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> BBACC218-34EA-4666-9D7A-C78F2274A524 => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> 5AB7172C-9C11-405C-8DD5-AF20F3606282 => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> A78ED123-AB77-406B-9962-2A5D9D2F7F30 => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> F241C880-6982-4CE5-8CF7-7085BA96DA5A => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> 9AA2F32D-362A-42D9-9328-24A483E2CCC3 => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> C5FF006E-2AE9-408C-B85B-2DFDD5449D9C => -> No File
ShellIconOverlayIdentifiers-x32: [00avg] -> 472083B1-C522-11CF-8763-00608CC02F24 => C:Program FilesAVGAntivirusashShell.dll [2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AVG] -> 472083B1-C522-11CF-8763-00608CC02F24 => C:Program FilesAVGAntivirusashShell.dll [2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [WinRAR] -> B41DB860-64E4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> B41DB860-8EE4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avg] -> 472083B1-C522-11CF-8763-00608CC02F24 => C:Program FilesAVGAntivirusashShell.dll [2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers5: [NvCplDesktopContext] -> 3D1975AF-48C6-4f8e-A182-BE0E08FA86A9 => C:WINDOWSSystem32DriverStoreFileRepositorynvami.inf_amd64_72035dd8d03aeceenvshext.dll [2021-08-06] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AVG] -> 472083B1-C522-11CF-8763-00608CC02F24 => C:Program FilesAVGAntivirusashShell.dll [2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [WinRAR] -> B41DB860-64E4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> B41DB860-8EE4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM…Drivers32: [VIDC.FPS1] => C:Windowssystem32frapsv64.dll [105984 2019-08-30] (Beepa P/L) [File not signed]
HKLM…Drivers32: [VIDC.RTV1] => C:Windowssystem32rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM…Drivers32: [VIDC.FPS1] => C:WindowsSysWOW64frapsvid.dll [94208 2019-08-30] (Beepa P/L) [File not signed]
HKLM…Drivers32: [VIDC.RTV1] => C:WindowsSysWOW64rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:UsersstephAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome AppsCENTURY.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome_proxy.exe (Google LLC) -> –profile-directory=Default –app-id=gpokpjenobimicjbebndjofblfhhggpd
ShortcutWithArgument: C:UsersstephAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome AppsYouTube.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome_proxy.exe (Google LLC) -> –profile-directory=Default –app-id=agimnkijcaahngcdmfeangaknmldooml
==================== Loaded Modules (Whitelisted) =============
2020-05-21 20:23 – 2020-03-29 01:29 – 000119822 _____ () [File not signed] C:UsersstephDocumentsMultiMClibgcc_s_dw2-1.dll
2021-09-10 13:06 – 2021-09-10 13:06 – 000130224 _____ () [File not signed] C:UsersstephDocumentsMultiMClibMultiMC_iconfix.dll
2021-09-10 13:06 – 2021-09-10 13:06 – 000350217 _____ () [File not signed] C:UsersstephDocumentsMultiMClibMultiMC_nbt++.dll
2021-09-10 13:06 – 2021-09-10 13:06 – 000321298 _____ () [File not signed] C:UsersstephDocumentsMultiMClibMultiMC_quazip.dll
2021-09-10 13:06 – 2021-09-10 13:06 – 000069171 _____ () [File not signed] C:UsersstephDocumentsMultiMClibMultiMC_rainbow.dll
2020-05-21 20:23 – 2020-03-29 01:29 – 000018958 _____ () [File not signed] C:UsersstephDocumentsMultiMClibssp-0.dll
2020-05-21 20:23 – 2020-03-29 01:29 – 001026062 _____ () [File not signed] C:UsersstephDocumentsMultiMClibstdc++-6.dll
2020-05-21 20:23 – 2020-03-29 01:29 – 000049152 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:UsersstephDocumentsMultiMClibwinpthread-1.dll
2020-05-21 20:23 – 2017-12-08 22:10 – 002130958 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:UsersstephDocumentsMultiMCLIBEAY32.dll
2020-05-21 20:23 – 2017-12-08 22:10 – 000445966 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:UsersstephDocumentsMultiMCssleay32.dll
2020-05-21 20:23 – 2017-09-14 05:55 – 000045056 _____ (The Qt Company Ltd) [File not signed] C:UsersstephDocumentsMultiMCiconenginesqsvgicon.dll
2020-05-21 20:23 – 2017-09-14 05:45 – 000033280 _____ (The Qt Company Ltd) [File not signed] C:UsersstephDocumentsMultiMCimageformatsqgif.dll
2020-05-21 20:23 – 2017-09-14 05:54 – 000046592 _____ (The Qt Company Ltd) [File not signed] C:UsersstephDocumentsMultiMCimageformatsqicns.dll
2020-05-21 20:23 – 2017-09-14 05:45 – 000035840 _____ (The Qt Company Ltd) [File not signed] C:UsersstephDocumentsMultiMCimageformatsqico.dll
2020-05-21 20:23 – 2017-09-14 05:45 – 000251904 _____ (The Qt Company Ltd) [File not signed] C:UsersstephDocumentsMultiMCimageformatsqjpeg.dll
2020-05-21 20:23 – 2017-09-14 05:55 – 000028672 _____ (The Qt Company Ltd) [File not signed] C:UsersstephDocumentsMultiMCimageformatsqsvg.dll
2020-05-21 20:23 – 2017-09-14 05:55 – 000027136 _____ (The Qt Company Ltd) [File not signed] C:UsersstephDocumentsMultiMCimageformatsqwbmp.dll
2020-05-21 20:23 – 2017-09-14 05:46 – 001489408 _____ (The Qt Company Ltd) [File not signed] C:UsersstephDocumentsMultiMCplatformsqwindows.dll
2020-05-21 20:23 – 2020-03-29 01:29 – 005393408 _____ (The Qt Company Ltd) [File not signed] C:UsersstephDocumentsMultiMCQt5Core.dll
2020-05-21 20:23 – 2020-03-29 01:29 – 005676544 _____ (The Qt Company Ltd) [File not signed] C:UsersstephDocumentsMultiMCQt5Gui.dll
2020-05-21 20:23 – 2020-03-29 01:29 – 001614848 _____ (The Qt Company Ltd) [File not signed] C:UsersstephDocumentsMultiMCQt5Network.dll
2020-05-21 20:23 – 2020-03-29 01:29 – 000357888 _____ (The Qt Company Ltd) [File not signed] C:UsersstephDocumentsMultiMCQt5Svg.dll
2020-05-21 20:23 – 2020-03-29 01:29 – 006537216 _____ (The Qt Company Ltd) [File not signed] C:UsersstephDocumentsMultiMCQt5Widgets.dll
2020-05-21 20:23 – 2020-03-29 01:29 – 000226304 _____ (The Qt Company Ltd) [File not signed] C:UsersstephDocumentsMultiMCQt5Xml.dll
2020-05-21 20:23 – 2020-03-29 01:29 – 000075264 _____ (Zlib) [File not signed] C:UsersstephDocumentsMultiMCzlib1.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLMSYSTEMCurrentControlSetControlSafeBootMinimalavgSP.sys => ""="Driver"
HKLMSYSTEMCurrentControlSetControlSafeBootNetworkavgSP.sys => ""="Driver"
HKLMSYSTEMCurrentControlSetControlSafeBootOption => "OptionValue"="1"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> 31D09BA0-12F5-4CCE-BE8A-2923E76605DA -> C:Program FilesMicrosoft OfficerootOffice16OCHelper.dll [2021-08-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> 761497BB-D6F0-462C-B6EB-D4DAF1D92D43 -> C:Program FilesJavajre1.8.0_111binssv.dll [2021-08-22] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> DBC80044-A445-435b-BC74-9C25C1C588A9 -> C:Program FilesJavajre1.8.0_111binjp2ssv.dll [2021-08-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> 31D09BA0-12F5-4CCE-BE8A-2923E76605DA -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16OCHelper.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 – 83C25742-A9F7-49FB-9138-434302C88D07 – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 – 83C25742-A9F7-49FB-9138-434302C88D07 – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 – 5504BE45-A83B-4808-900A-3A5C36E7F77A – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 – 5504BE45-A83B-4808-900A-3A5C36E7F77A – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKUS-1-5-21-1107240043-3454394700-2548055146-1001…sharepoint.com -> hxxps://dohacollegecom-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 04:49 – 2021-03-27 15:41 – 000002426 _____ C:WINDOWSsystem32driversetchosts
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 fitgirlrepack.games # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
109.94.209.70 fitgirlpack.site # Fake FitGirl site
109.94.209.70 www.fitgirlpack.site # Fake FitGirl site
192.168.100.6 host.docker.internal
192.168.100.6 gateway.docker.internal
127.0.0.1 kubernetes.docker.internal
2020-10-25 22:00 – 2021-04-13 10:22 – 000000507 _____ C:WINDOWSsystem32driversetchosts.ics
172.30.208.1 DESKTOP-7OPKCNR.mshome.net # 2026 4 0 12 10 22 47 425
168.137.176 Steph.mshome.net # 2020 12 6 5 20 52 18 202
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLMSystemCurrentControlSetControlSession ManagerEnvironment\Path -> C:ProgramDataOracleJavajavapath;C:Program FilesAdoptOpenJDKjdk-16.0.1.9-hotspotbin;C:Program FilesCommon FilesOracleJavajavapath;C:Windowssystem32;C:Windows;C:WindowsSystem32Wbem;C:WindowsSystem32WindowsPowerShellv1.0;C:WindowsSystem32OpenSSH;C:Program FilesNVIDIA CorporationNVIDIA NvDLISR;C:Program Files (x86)NVIDIA CorporationPhysXCommon;C:WINDOWSsystem32;C:WINDOWS;C:WINDOWSSystem32Wbem;C:WINDOWSSystem32WindowsPowerShellv1.0;C:WINDOWSSystem32OpenSSH;C:Program FilesDockerDockerresourcesbin;C:ProgramDataDockerDesktopversion-bin;D:Program Filesremoteitresourcesx64
HKUS-1-5-21-1107240043-3454394700-2548055146-1001Control PanelDesktop\Wallpaper -> C:UsersstephDownloadsWallpaper-Black-And-Gray-Logo-Star-Wars-Jedi-Minimalism44.jpg
DNS Servers: Media is not connected to internet.
HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: Off)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM…StartupApprovedRun: => "UrbanVPN"
HKLM…StartupApprovedRun: => "SecurityHealth"
HKLM…StartupApprovedRun: => "XMouseButtonControl"
HKLM…StartupApprovedRun: => "Riot Vanguard"
HKLM…StartupApprovedRun32: => "Lightshot"
HKLM…StartupApprovedRun32: => "vmware-tray.exe"
HKLM…StartupApprovedRun32: => "SunJavaUpdateSched"
HKLM…StartupApprovedRun32: => "TeamsMachineInstaller"
HKLM…StartupApprovedRun32: => "LogMeIn Hamachi Ui"
HKLM…StartupApprovedRun32: => "TeamsMachineUninstallerLocalAppData"
HKLM…StartupApprovedRun32: => "TeamsMachineUninstallerProgramData"
HKLM…StartupApprovedRun32: => "RazerCortex"
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedStartupFolder: => "Twitch.lnk"
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedStartupFolder: => "Send to OneNote.lnk"
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "Overwolf"
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "ManyCam"
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "AudialsNotifier"
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "Battle.net"
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "CCleaner Smart Cleaning"
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "Discord"
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "EpicGamesLauncher"
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "GoogleChromeAutoLaunch_F93EFB3DD44213C0D4E7C2DEA6F95C5C"
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "OneDrive"
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "Spotify"
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "Steam"
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "uTorrent"
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "Skype for Desktop"
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "Lync"
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "Docker Desktop"
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "iFunBox"
HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "D:Program Filesremoteitremoteit.exe"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [C0D1471E-DC77-40A2-9041-7A5F7C1B3C9E] => (Allow) D:SteamLibrarysteamappscommonPhasmophobiaPhasmophobia.exe () [File not signed]
FirewallRules: [E566FFFC-E5BA-412C-8CA6-F47F1AF0735A] => (Allow) D:SteamLibrarysteamappscommonPhasmophobiaPhasmophobia.exe () [File not signed]
FirewallRules: [UDP Query UserB3095C2E-A6E7-452E-8E31-4225EE88DBCEC:usersstephtwitchminecraftinstallruntimejre-legacywindows-x64jre-legacybinjavaw.exe] => (Allow) C:usersstephtwitchminecraftinstallruntimejre-legacywindows-x64jre-legacybinjavaw.exe
FirewallRules: [TCP Query User762F93A3-185B-43C2-9E21-82E8A29AA2CCC:usersstephtwitchminecraftinstallruntimejre-legacywindows-x64jre-legacybinjavaw.exe] => (Allow) C:usersstephtwitchminecraftinstallruntimejre-legacywindows-x64jre-legacybinjavaw.exe
FirewallRules: [UDP Query User552E6081-7C99-4297-845C-8085C810F7BBC:userssteph.lunarclientofflinejrejre1.8.0_131binjavaw.exe] => (Allow) C:userssteph.lunarclientofflinejrejre1.8.0_131binjavaw.exe
FirewallRules: [TCP Query UserC823E6CE-5201-4F86-A3B5-8E1985E027D4C:userssteph.lunarclientofflinejrejre1.8.0_131binjavaw.exe] => (Allow) C:userssteph.lunarclientofflinejrejre1.8.0_131binjavaw.exe
FirewallRules: [846620FF-9D32-4154-932C-850C42479E34] => (Allow) D:GamesHorse game that my girlfriend wants me to playAliciaAlicia.exe () [File not signed]
FirewallRules: [3A75DC9B-8B06-467D-ABE5-4871B536091E] => (Allow) D:GamesHorse game that my girlfriend wants me to playAliciaAlicia.exe () [File not signed]
FirewallRules: [UDP Query UserA97073D8-B027-46A2-A202-5EEBE9C3AE24C:program filesdockerdockerresourcescom.docker.backend.exe] => (Allow) C:program filesdockerdockerresourcescom.docker.backend.exe (Docker Inc -> Docker Inc.)
FirewallRules: [TCP Query User0D742D12-8DE6-422A-ABC0-D75FD21E2D08C:program filesdockerdockerresourcescom.docker.backend.exe] => (Allow) C:program filesdockerdockerresourcescom.docker.backend.exe (Docker Inc -> Docker Inc.)
FirewallRules: [3DC54B1D-39E9-464D-808B-C6E74DE3EC01] => (Allow) D:SteamLibrarysteamappscommonARKShooterGameBinariesWin64ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [321B5B76-EA8C-43B0-B852-0095E63632B6] => (Allow) D:SteamLibrarysteamappscommonARKShooterGameBinariesWin64ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.)
FirewallRules: [B00A6994-765E-485A-AD9E-F25CE5AFE48F] => (Allow) D:SteamLibrarysteamappscommonARKShooterGameBinariesWin64ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [4B349745-772B-473E-98D9-B3C578D5E78E] => (Allow) D:SteamLibrarysteamappscommonARKShooterGameBinariesWin64ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [UDP Query UserE7EC6A17-2E7C-4A90-ACDF-9712433D9ECAD:gameskrunkerofficial krunker.io clientofficial krunker.io client.exe] => (Allow) D:gameskrunkerofficial krunker.io clientofficial krunker.io client.exe => No File
FirewallRules: [TCP Query User210A995E-A78B-4651-A291-3B83CBF2937DD:gameskrunkerofficial krunker.io clientofficial krunker.io client.exe] => (Allow) D:gameskrunkerofficial krunker.io clientofficial krunker.io client.exe => No File
FirewallRules: [12DC1A96-91C0-462D-9A9C-63DA7C417074] => (Allow) C:WindowsSysWOW64TCPSVCS.EXE (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [CBD170BD-2FA4-4D82-BE3B-2246B39B64F9] => (Allow) C:Program FilesUrbanVPNbinurbanvpn.exe (Urban Cyber Security Inc. -> Urban Cyber Security Inc.)
FirewallRules: [7B2AEB84-B0BD-4AB0-8300-F1C0281C1B98] => (Allow) D:SteamLibrarysteamappscommonAmong UsAmong Us.exe () [File not signed]
FirewallRules: [DC23352F-EFDA-43F4-82D4-2B4704F42A6B] => (Allow) D:SteamLibrarysteamappscommonAmong UsAmong Us.exe () [File not signed]
FirewallRules: [UDP Query User30274EFF-0A2C-4FDC-8D73-646AF6D13C26C:usersstephappdatalocalplutoniumbinplutonium-bootstrapper-win32.exe] => (Allow) C:usersstephappdatalocalplutoniumbinplutonium-bootstrapper-win32.exe (Plutonium Project -> Plutonium Project) [File not signed]
FirewallRules: [TCP Query User2DA7EB3C-5944-49AE-BFB9-A5CF19D6A5A0C:usersstephappdatalocalplutoniumbinplutonium-bootstrapper-win32.exe] => (Allow) C:usersstephappdatalocalplutoniumbinplutonium-bootstrapper-win32.exe (Plutonium Project -> Plutonium Project) [File not signed]
FirewallRules: [55C54DD1-E0AA-43D1-B1A0-B7B613D6A949] => (Allow) D:SteamLibrarysteamappscommonFall GuysFallGuys_client_game.exe () [File not signed]
FirewallRules: [27D1A6D2-5783-4F12-889D-67063FCED071] => (Allow) D:SteamLibrarysteamappscommonFall GuysFallGuys_client_game.exe () [File not signed]
FirewallRules: [37F2893C-9311-487E-A235-4FD873AF28C1] => (Allow) D:SteamLibrarysteamappscommonFall GuysFallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [C74B1387-9F15-4EB4-A4E2-0A0C78DF60FD] => (Allow) D:SteamLibrarysteamappscommonFall GuysFallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [UDP Query UserD122380A-D589-4A5D-BF03-4B2F74106425D:gamesrouge companyroguecompanyroguecompanybinarieswin64roguecompany.exe] => (Allow) D:gamesrouge companyroguecompanyroguecompanybinarieswin64roguecompany.exe (Hi-Rez Studios, Inc.) [File not signed]
FirewallRules: [TCP Query User49398375-940B-4401-9E07-CACF9E69CA95D:gamesrouge companyroguecompanyroguecompanybinarieswin64roguecompany.exe] => (Allow) D:gamesrouge companyroguecompanyroguecompanybinarieswin64roguecompany.exe (Hi-Rez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User57184813-BDD7-410E-A1B2-1A920D17563CC:usersstephappdatalocalfivemfivem.appcachesubprocessfivem_gtaprocess.exe] => (Allow) C:usersstephappdatalocalfivemfivem.appcachesubprocessfivem_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [File not signed]
FirewallRules: [TCP Query UserE1A29358-4562-47FF-B2D0-95223E244660C:usersstephappdatalocalfivemfivem.appcachesubprocessfivem_gtaprocess.exe] => (Allow) C:usersstephappdatalocalfivemfivem.appcachesubprocessfivem_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [File not signed]
FirewallRules: [UDP Query User46AE71F1-660F-4535-ADFB-9AE06C5DBDC0C:usersstephappdatalocalfivemfivem.exe] => (Allow) C:usersstephappdatalocalfivemfivem.exe (Intricus Software Limited -> Cfx.re)
FirewallRules: [TCP Query UserCCF6EFCD-7C6A-4A77-9AA7-2CCB32D2A94EC:usersstephappdatalocalfivemfivem.exe] => (Allow) C:usersstephappdatalocalfivemfivem.exe (Intricus Software Limited -> Cfx.re)
FirewallRules: [UDP Query User353C8741-EE30-4EE6-9763-69016C91A24ED:steamlibrarysteamappscommongrand theft auto vgta5.exe] => (Allow) D:steamlibrarysteamappscommongrand theft auto vgta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User9ECCED3B-7BCB-4830-A8B1-489F2070B33ED:steamlibrarysteamappscommongrand theft auto vgta5.exe] => (Allow) D:steamlibrarysteamappscommongrand theft auto vgta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query UserE8219FCD-1D4A-4051-82BE-DD27C3448506C:programdatabadlionclientjrebinjavaw.exe] => (Allow) C:programdatabadlionclientjrebinjavaw.exe
FirewallRules: [TCP Query User3CEE1B6D-78C8-4FBB-8EB6-9D42C315EE63C:programdatabadlionclientjrebinjavaw.exe] => (Allow) C:programdatabadlionclientjrebinjavaw.exe
FirewallRules: [792EF441-C4BD-4AFB-B09A-70D0E0066768] => (Allow) D:SteamLibrarysteamappscommonGrand Theft Auto VPlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [22C96943-08EF-43EB-88F0-C730F729BBA2] => (Allow) D:SteamLibrarysteamappscommonGrand Theft Auto VPlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query UserCAD44F7E-67C4-4FDC-9183-D41150A656A5C:program filesjavajre1.8.0_251binjava.exe] => (Allow) C:program filesjavajre1.8.0_251binjava.exe => No File
FirewallRules: [TCP Query User600AD06A-6953-4D8D-BC78-00EF142BD854C:program filesjavajre1.8.0_251binjava.exe] => (Allow) C:program filesjavajre1.8.0_251binjava.exe => No File
FirewallRules: [6FFAA17E-56F4-4784-8F5C-A66B31EE5B62] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [0F9A4619-DFAF-451F-858A-C9952370A40F] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [766E448D-B9C0-4D87-8253-0C7C12C0CAA6] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [CB74F687-3FED-4ABF-B0E1-B0F578F0F355] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [141E7D8B-0DF0-4C6D-A4E7-26538D7B6064] => (Allow) C:UsersstephAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [0254046A-B55F-4681-8B75-6A6DD5323273] => (Allow) C:UsersstephAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User505B9D6C-4999-427A-BA4B-EBE693B6957BC:program files (x86)common filesoraclejavajavapath_target_30003671javaw.exe] => (Allow) C:program files (x86)common filesoraclejavajavapath_target_30003671javaw.exe => No File
FirewallRules: [TCP Query User28FB9D91-EA76-4F7F-8B01-1D82FA9FBC98C:program files (x86)common filesoraclejavajavapath_target_30003671javaw.exe] => (Allow) C:program files (x86)common filesoraclejavajavapath_target_30003671javaw.exe => No File
FirewallRules: [UDP Query User2DAF206E-EABF-4BF9-876E-2BEFABDC0365C:usersstephtwitchminecraftinstallruntimejre-x64binjavaw.exe] => (Allow) C:usersstephtwitchminecraftinstallruntimejre-x64binjavaw.exe => No File
FirewallRules: [TCP Query UserF906C529-1A18-4482-BF18-432E1EB7D7DAC:usersstephtwitchminecraftinstallruntimejre-x64binjavaw.exe] => (Allow) C:usersstephtwitchminecraftinstallruntimejre-x64binjavaw.exe => No File
FirewallRules: [UDP Query UserC3341FEA-F4DA-4DB4-800C-6EFEAC45CC3AC:program files (x86)common filesoraclejavajavapath_target_30003671java.exe] => (Allow) C:program files (x86)common filesoraclejavajavapath_target_30003671java.exe => No File
FirewallRules: [TCP Query User8ACDF76D-6021-4DED-8983-1171E554B8A1C:program files (x86)common filesoraclejavajavapath_target_30003671java.exe] => (Allow) C:program files (x86)common filesoraclejavajavapath_target_30003671java.exe => No File
FirewallRules: [UDP Query UserE16C3B40-AA0B-450B-B232-BE60420EB77AC:program filesjavajre1.8.0_251binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_251binjavaw.exe => No File
FirewallRules: [TCP Query User2425F25F-5C1F-4C8C-87A7-F14522FF1488C:program filesjavajre1.8.0_251binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_251binjavaw.exe => No File
FirewallRules: [UDP Query User4D9E72E0-E76F-45D3-B58F-9B6B3760CBFEC:usersstephappdataroamingspotifyspotify.exe] => (Allow) C:usersstephappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User7115F64E-877D-4095-876E-29CC7555597CC:usersstephappdataroamingspotifyspotify.exe] => (Allow) C:usersstephappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [402D419E-0537-4A56-9656-79B189DBC427] => (Allow) C:UsersstephAppDataRoamingZoombinZoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User2BC9E3C5-C946-4618-8D51-31ABD4AF4EC8C:program files (x86)minecraft launcherruntimejre-x64binjavaw.exe] => (Allow) C:program files (x86)minecraft launcherruntimejre-x64binjavaw.exe
FirewallRules: [TCP Query User59404411-A554-4B7F-91F0-CE71FE3438CCC:program files (x86)minecraft launcherruntimejre-x64binjavaw.exe] => (Allow) C:program files (x86)minecraft launcherruntimejre-x64binjavaw.exe
FirewallRules: [4F5FE1BC-96BB-44C8-9888-832A77162304] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [E9154B5D-AA34-417B-91FD-1DB3CC353967] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [D58C189C-8B1F-45AF-8CA9-31E02351E4E1] => (Allow) D:Program FilesSteamSteam.exe (Valve -> Valve Corporation)
FirewallRules: [43C1411D-7B71-4088-8DDC-D9C85020ECA0] => (Allow) D:Program FilesSteamSteam.exe (Valve -> Valve Corporation)
FirewallRules: [B103DCFD-0BA9-4633-8674-51218D090861] => (Allow) D:Program FilesSteambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [F07C9059-1123-41F5-AF09-9F7E866E65C1] => (Allow) D:Program FilesSteambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User3E019A3C-93A9-42D1-85A1-9DCFF903D98AC:program files (x86)minecraft launcherruntimejre-legacywindows-x64jre-legacybinjavaw.exe] => (Allow) C:program files (x86)minecraft launcherruntimejre-legacywindows-x64jre-legacybinjavaw.exe
FirewallRules: [UDP Query User091FABF7-1697-4078-BC54-25FE01398626C:program files (x86)minecraft launcherruntimejre-legacywindows-x64jre-legacybinjavaw.exe] => (Allow) C:program files (x86)minecraft launcherruntimejre-legacywindows-x64jre-legacybinjavaw.exe
FirewallRules: [03DB256F-4D6D-4CBB-89A3-96657B1DFF66] => (Allow) C:Program FilesMicrosoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [F123B0D7-39E7-42D1-B76F-00E5E11EB4D3] => (Allow) C:Program FilesMicrosoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [44D13AE0-5B4F-489D-A207-313800F4ED3B] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [4850415E-4FB4-4FD1-8C45-3DCFDE7E06B4] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User51C9E5D2-CCFD-46CE-A2B2-96416240EDF0C:program files (x86)minecraft launcherruntimejava-runtime-alphawindows-x64java-runtime-alphabinjavaw.exe] => (Allow) C:program files (x86)minecraft launcherruntimejava-runtime-alphawindows-x64java-runtime-alphabinjavaw.exe
FirewallRules: [UDP Query User985AE5B0-1918-4646-987C-D2C0CDBFB3F5C:program files (x86)minecraft launcherruntimejava-runtime-alphawindows-x64java-runtime-alphabinjavaw.exe] => (Allow) C:program files (x86)minecraft launcherruntimejava-runtime-alphawindows-x64java-runtime-alphabinjavaw.exe
FirewallRules: [TCP Query User3C06AA49-A1AE-4A0D-80C7-32BC4A48C0AFC:program filesadoptopenjdkjdk-16.0.1.9-hotspotbinjavaw.exe] => (Allow) C:program filesadoptopenjdkjdk-16.0.1.9-hotspotbinjavaw.exe
FirewallRules: [UDP Query User89200B75-5615-4FB5-A577-6825B06BF73AC:program filesadoptopenjdkjdk-16.0.1.9-hotspotbinjavaw.exe] => (Allow) C:program filesadoptopenjdkjdk-16.0.1.9-hotspotbinjavaw.exe
FirewallRules: [TCP Query UserCCB2C484-8D8A-4F1C-BD50-756295C65E29C:userssteph.lunarclientjrezulu16.30.15-ca-fx-jre16.0.1-win_x64binjavaw.exe] => (Allow) C:userssteph.lunarclientjrezulu16.30.15-ca-fx-jre16.0.1-win_x64binjavaw.exe
FirewallRules: [UDP Query UserE10348ED-3A64-48FC-8974-01BD3C234CDFC:userssteph.lunarclientjrezulu16.30.15-ca-fx-jre16.0.1-win_x64binjavaw.exe] => (Allow) C:userssteph.lunarclientjrezulu16.30.15-ca-fx-jre16.0.1-win_x64binjavaw.exe
FirewallRules: [04B5984A-FC0A-4533-AA6A-0D0FFF4B7F62] => (Allow) D:Program FilesSteamsteamappscommonMuckMuck.exe () [File not signed]
FirewallRules: [6E39672D-EABE-4CA0-98D4-90168B110168] => (Allow) D:Program FilesSteamsteamappscommonMuckMuck.exe () [File not signed]
FirewallRules: [TCP Query User6382DA24-6467-4957-83B2-BF79EE6CC952C:usersstephriot gamesriot clientriotclientservices.exe] => (Allow) C:usersstephriot gamesriot clientriotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query UserA6F98CBE-1AAF-497D-943E-F5F1B71BB68EC:usersstephriot gamesriot clientriotclientservices.exe] => (Allow) C:usersstephriot gamesriot clientriotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query UserF1ADE263-C8B4-4824-A03E-C090AC54A663C:program filesmozilla firefoxfirefox.exe] => (Allow) C:program filesmozilla firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User25D9B575-02FB-4522-BDE2-1C6EB5C1F916C:program filesmozilla firefoxfirefox.exe] => (Allow) C:program filesmozilla firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [CE62EEFC-C4E3-4FD2-AC05-F098416D7EA1] => (Allow) C:Program FilesBlueStacks_nxtHD-Player.exe (Bluestack Systems, Inc -> BlueStack Systems)
FirewallRules: [61047A6D-24AD-4E51-A47C-B34378761CA6] => (Allow) C:Program Files (x86)MicrosoftSkype for DesktopSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [A3D85E78-D1EF-43A0-8C24-929668855FA9] => (Allow) C:Program Files (x86)MicrosoftSkype for DesktopSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query UserD8E9459D-8654-4758-B728-1A7E6D6AB0D1D:program filessteamsteamappscommongrand theft auto vgta5.exe] => (Allow) D:program filessteamsteamappscommongrand theft auto vgta5.exe => No File
FirewallRules: [UDP Query User3CEA8A42-4D56-460E-90DA-167337F742F5D:program filessteamsteamappscommongrand theft auto vgta5.exe] => (Allow) D:program filessteamsteamappscommongrand theft auto vgta5.exe => No File
FirewallRules: [476E8A9A-698C-4B7F-9044-49C0A8B8EB68] => (Allow) D:Program FilesSteamsteamappscommonSplitgateequ8-launcher.exe (Int3 Software AB -> Int3 Software AB)
FirewallRules: [196D7224-1BB4-4ED2-9C14-1E11E7BBAE3C] => (Allow) D:Program FilesSteamsteamappscommonSplitgateequ8-launcher.exe (Int3 Software AB -> Int3 Software AB)
FirewallRules: [2F3106FB-7F28-4980-8EA2-9B68C0C89AEE] => (Allow) D:Program FilesSteamsteamappscommonSplitgatePortalWarsBinariesWin64PortalWars-Win64-Shipping.exe (1047 Games, LLC -> Epic Games, Inc.)
FirewallRules: [C172DA5C-D74A-4BBD-BECD-94072300D46C] => (Allow) D:Program FilesSteamsteamappscommonSplitgatePortalWarsBinariesWin64PortalWars-Win64-Shipping.exe (1047 Games, LLC -> Epic Games, Inc.)
FirewallRules: [55208925-AAB2-4314-818D-559682FB9515] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [6D597250-FAB0-4F3C-B9AB-BBA175E9B6C9] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [366E0814-F67D-4FFA-93EC-4F5C5DFBEFC5] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [A1BBC4DE-A6E9-4D79-8D75-0129D7CBA9FB] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User391D94C6-B594-42E0-A2BD-BC12891F7F7CD:gamescall of duty black ops cold warblackopscoldwar.exe] => (Allow) D:gamescall of duty black ops cold warblackopscoldwar.exe (Activision Publishing Inc -> Activision Publishing, Inc.)
FirewallRules: [UDP Query User802C7711-340F-4CC5-A6BF-F02B543A7FDDD:gamescall of duty black ops cold warblackopscoldwar.exe] => (Allow) D:gamescall of duty black ops cold warblackopscoldwar.exe (Activision Publishing Inc -> Activision Publishing, Inc.)
FirewallRules: [BC90EF4C-1473-4C05-A044-DC13885A2528] => (Allow) D:Program FilesSteamsteamappscommonPhasmophobiaPhasmophobia.exe () [File not signed]
FirewallRules: [6022EE5A-2E30-4F6F-8C9F-D4C53B0E73B3] => (Allow) D:Program FilesSteamsteamappscommonPhasmophobiaPhasmophobia.exe () [File not signed]
FirewallRules: [31DBA337-77E5-4FD9-A7E6-753F1E06B2C3] => (Allow) C:Program FilesMicrosoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [06977EA0-9022-4D27-93A5-A2644A170D7C] => (Allow) C:Program FilesMicrosoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User98149B2F-8157-4B36-A08B-77AFE1B2DD2EC:program filesjavajre1.8.0_111binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_111binjavaw.exe
FirewallRules: [UDP Query User296B5D9E-872C-4626-B454-417275D556C2C:program filesjavajre1.8.0_111binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_111binjavaw.exe
FirewallRules: [TCP Query User92D5755C-06F0-4623-AC6F-B24F3D2BEFC2D:program filesjavabinjavaw.exe] => (Allow) D:program filesjavabinjavaw.exe
FirewallRules: [UDP Query User81E466DA-0624-44A2-A8B2-DE5F185FEE8CD:program filesjavabinjavaw.exe] => (Allow) D:program filesjavabinjavaw.exe
FirewallRules: [5074A29F-3911-4AD7-B1D8-E8937C8D4FD3] => (Allow) C:Program FilesMicrosoft OfficerootOffice16outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [A351A112-E64A-4604-B5D4-B2BAB5FFACA5] => (Block) C:Program FilesAVGAntivirusAVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [71151704-A70E-48F3-B602-42A62F90C98F] => (Block) C:Program FilesAVGAntivirusAVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [CD764171-A816-4C67-86AE-3FE660BDF003] => (Allow) D:GamesCurseForgeOverwolf�.174.0.10OverwolfBrowser.exe => No File
FirewallRules: [ADAA0EA3-D743-4CC4-B5B5-899228E0C7AA] => (Allow) D:GamesCurseForgeOverwolf�.174.0.10OverwolfBrowser.exe => No File
FirewallRules: [5196C56E-5386-4BCF-B0F0-D63EFBB768FC] => (Block) D:GamesCurseForgeOverwolf�.174.0.10OverwolfBrowser.exe => No File
FirewallRules: [A2D3606B-0F32-4057-ACF6-F4709A0825EC] => (Block) D:GamesCurseForgeOverwolf�.174.0.10OverwolfBrowser.exe => No File
FirewallRules: [104C872D-427B-4EA1-B29E-079C46246774] => (Allow) D:GamesCurseForgeOverwolf�.178.0.16OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [916DA170-1FD1-4314-B9F3-E9D18CC150E1] => (Allow) D:GamesCurseForgeOverwolf�.178.0.16OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [B10C492F-82C4-49C0-91F1-4E71CA10AFB5] => (Block) D:GamesCurseForgeOverwolf�.178.0.16OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [F2020FDC-5B2A-46DE-8585-AE52B8E0799D] => (Block) D:GamesCurseForgeOverwolf�.178.0.16OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [9D487F6D-DA32-4BD0-A90B-710B3E82C4BD] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [0FC6A1E9-8B65-4754-A81A-F63FAB2346D0] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [8725ADEA-2FF9-4BF6-A9AF-9B3AD26E3036] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [55963F98-4514-4B84-8338-3E22591C3A28] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query UserDDE20F01-3CD7-45C4-A4A8-0E9B97C9E81FD:program filesremoteitremoteit.exe] => (Allow) D:program filesremoteitremoteit.exe (remot3.it, Inc. -> remote.it)
FirewallRules: [UDP Query User24E26D5E-D79C-43A0-AC03-9789F3E216BFD:program filesremoteitremoteit.exe] => (Allow) D:program filesremoteitremoteit.exe (remot3.it, Inc. -> remote.it)
FirewallRules: [5A91B6C3-D5EA-43DF-9600-A39D403D92C2] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)
FirewallRules: [32860D49-F4DA-4D98-A78B-F4DD6E4DF51A] => (Block) C:Program FilesAVGAntivirusAVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [0D432ECC-11E5-485F-B819-CB909CE51F37] => (Block) C:Program FilesAVGAntivirusAVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [6A34D3B4-65D3-4460-8DCD-2742F6F9BBED] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqaiTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [7613B586-39D0-4053-BC11-BD2D087106A1] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqaiTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [93EB4B6F-6F41-4178-B423-2D6603BF9533] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqaiTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [0939542B-B930-4889-ADE0-33FEB8171665] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqaiTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [612B6226-4012-4B0A-9EBB-53CD56300BFD] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqaAMDS64AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [5FE0C43C-E466-4297-812B-F28B4E0DFDAB] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqaAMDS64AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [6DE9EA84-0839-4CF5-8642-BB94192E54CD] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqaAMDS64AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [F1BC382B-A68D-4429-9250-83870EAB8CEB] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqaAMDS64AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [F199342F-7FF2-4120-A494-A3EB2291CBE9] => (Allow) C:Program Files (x86)MicrosoftEdgeWebViewApplication94.0.992.31msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:118.11 GB) (Free:8.49 GB) (7%)
Check "VSS" service
==================== Faulty Device Manager Devices ============
Name: Microsoft Hyper-V Virtual Machine Bus Provider
Description: Microsoft Hyper-V Virtual Machine Bus Provider
Class Guid: 4d36e97d-e325-11ce-bfc1-08002be10318
Manufacturer: Microsoft
Service: vmbusr
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft Hyper-V Virtualization Infrastructure Driver
Description: Microsoft Hyper-V Virtualization Infrastructure Driver
Class Guid: 4d36e97d-e325-11ce-bfc1-08002be10318
Manufacturer: Microsoft
Service: Vid
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: 4d36e96c-e325-11ce-bfc1-08002be10318
Manufacturer: Realtek
Service: IntcAzAudAddService
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Intel® Display Audio
Description: Intel® Display Audio
Class Guid: 4d36e96c-e325-11ce-bfc1-08002be10318
Manufacturer: Intel® Corporation
Service: IntcDAud
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft Hyper-V Virtual Disk Server
Description: Microsoft Hyper-V Virtual Disk Server
Class Guid: 4d36e97d-e325-11ce-bfc1-08002be10318
Manufacturer: Microsoft
Service: storvsp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Description: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Class Guid: 4d36e96c-e325-11ce-bfc1-08002be10318
Manufacturer: Microsoft
Service: nvvad_WaveExtensible
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: VB-Audio Virtual Cable
Description: VB-Audio Virtual Cable
Class Guid: 4d36e96c-e325-11ce-bfc1-08002be10318
Manufacturer: VB-Audio Software
Service: VBAudioVACMME
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: ========================
Application errors:
==================
Error: (09/26/2021 03:17:27 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID 4e14fba2-2e22-11d1-9964-00c04fbbb345 and name CEventSystem cannot be started.[0x8007045bAsystemshutdownisinprogress[0x8007045bAsystemshutdownisinprogress[0x8007045bAsystemshutdownisinprogress[0x8007045bAsystemshutdownisinprogress
]
Error: (09/26/2021 03:17:27 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (09/26/2021 03:17:27 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID 4e14fba2-2e22-11d1-9964-00c04fbbb345 and name CEventSystem cannot be started.[0x8007045bAsystemshutdownisinprogress[0x8007045bAsystemshutdownisinprogress[0x8007045bAsystemshutdownisinprogress[0x8007045bAsystemshutdownisinprogress
]
Error: (09/26/2021 03:17:23 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volume Shadow Copy Service error: Unexpected error FindFirstVolumeW( [Ȅ], MAX_PATH). hr = 0x80070012, There are no more files.
.
Operation:
Removing auto-release shadow copies
Loading provider
Context:
Execution Context: System Provider
Error: (09/26/2021 03:16:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Instup.exe, version: 21.8.6586.0, time stamp: 0x613f5f48
Faulting module name: Instup.exe, version: 21.8.6586.0, time stamp: 0x613f5f48
Exception code: 0xc0000409
Fault offset: 0x00000000001ad1e5
Faulting process id: 0x2af4
Faulting application start time: 0x01d7b2e96f96c643
Faulting application path: C:Program FilesAVGAntivirusSetupInstup.exe
Faulting module path: C:Program FilesAVGAntivirusSetupInstup.exe
Report Id: 4a774aa8-5361-4899-8578-16433241d129
Faulting package full name:
Faulting package-relative application ID:
Error: (09/26/2021 03:12:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Instup.exe, version: 21.8.6586.0, time stamp: 0x613f5f48
Faulting module name: Instup.exe, version: 21.8.6586.0, time stamp: 0x613f5f48
Exception code: 0xc0000409
Fault offset: 0x00000000001ad1e5
Faulting process id: 0x2ba8
Faulting application start time: 0x01d7b2e8db55a624
Faulting application path: C:Program FilesAVGAntivirussetupInstup.exe
Faulting module path: C:Program FilesAVGAntivirussetupInstup.exe
Report Id: 1a981e5c-69f6-4d65-8fba-e4c665d71d0a
Faulting package full name:
Faulting package-relative application ID:
Error: (09/26/2021 03:07:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mousocoreworker.exe, version: 10.0.19041.1202, time stamp: 0x6ae17470
Faulting module name: ucrtbase.dll, version: 10.0.19041.789, time stamp: 0x2bd748bf
Exception code: 0xc0000409
Fault offset: 0x000000000007286e
Faulting process id: 0x336c
Faulting application start time: 0x01d7b2e17828ef0b
Faulting application path: C:WindowsSystem32mousocoreworker.exe
Faulting module path: C:WINDOWSSystem32ucrtbase.dll
Report Id: c852ffb8-7c70-4484-98b4-be0b8c55a618
Faulting package full name:
Faulting package-relative application ID:
Error: (09/26/2021 03:07:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 92.0.1.7935 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 4fc
Start Time: 01d7b2dfbc46281f
Termination Time: 4294967295
Application Path: C:Program FilesMozilla Firefoxfirefox.exe
Report Id: 1e679526-9b5f-4936-ba0e-a7a1438c9fdb
Faulting package full name:
Faulting package-relative application ID:
Hang type: Top level window is idle
System errors:
=============
Error: (09/26/2021 09:30:19 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-21721)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
DD522ACC-F821-461A-A407-50B198B896DC
Error: (09/26/2021 09:29:49 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-21721)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
DD522ACC-F821-461A-A407-50B198B896DC
Error: (09/26/2021 09:29:29 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-21721)
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server:
9E175B6D-F52A-11D8-B9A5-505054503030
Error: (09/26/2021 09:29:29 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-21721)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
DD522ACC-F821-461A-A407-50B198B896DC
Error: (09/26/2021 09:29:29 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-21721)
Description: DCOM got error "1084" attempting to start the service VSS with arguments "Unavailable" in order to run the server:
E579AB5F-1CC4-44B4-BED9-DE0991FF0623
Error: (09/26/2021 09:29:29 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-21721)
Description: DCOM got error "1084" attempting to start the service VSS with arguments "Unavailable" in order to run the server:
E579AB5F-1CC4-44B4-BED9-DE0991FF0623
Error: (09/26/2021 09:29:29 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-21721)
Description: DCOM got error "1084" attempting to start the service VSS with arguments "Unavailable" in order to run the server:
E579AB5F-1CC4-44B4-BED9-DE0991FF0623
Error: (09/26/2021 09:29:20 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-21721)
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server:
DD522ACC-F821-461A-A407-50B198B896DC
CodeIntegrity:
===============
Date: 2021-09-26 15:03:36
Description:
Code Integrity determined that a process (DeviceHarddiskVolume7WindowsSystem32SecurityHealthService.exe) attempted to load DeviceHarddiskVolume7Program FilesAVGAntivirusaswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. FX504GD.322 08/23/2021
Motherboard: ASUSTeK COMPUTER INC. FX504GD
Processor: Intel® Core™ i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 13%
Total physical RAM: 16238.95 MB
Available physical RAM: 14007.01 MB
Total Virtual: 21102.95 MB
Available Virtual: 19185.11 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:118.11 GB) (Free:8.49 GB) NTFS
Drive d: () (Fixed) (Total:930.95 GB) (Free:246.58 GB) NTFS
Drive e: () (Removable) (Total:14.59 GB) (Free:14.58 GB) FAT32
\?Volume9131c828-5e4a-450f-9833-1be65199d827 () (Fixed) (Total:0.54 GB) (Free:0.08 GB) NTFS
\?Volume8187546c-15c0-42af-a097-124f9493a221 (Recuperación) (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
\?Volumec139f2f7-80b9-4672-9e81-3a87175bdb72 () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS
\?Volume01cf6d03-5bdc-4624-b7e0-29120e82972e () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 119.2 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 2 (Size: 14.6 GB) (Disk ID: 225FF615)
Partition 1: (Not Active) – (Size=14.6 GB) – (Type=0C)
==================== End of Addition.txt =======================
Edited by hamluis, 26 September 2021 – 01:51 PM.
Commentaires
Laisser un commentaire