L'ordinateur portable ne démarre pas en mode normal/sans échec avec la mise en réseau, bloqué dans la boucle de démarrage – Resoudre les problemes d’un serveur MineCraft

[bzkshopping keyword= »Minecraft » count= »8″ template= »grid »]

Salut les gars, Je pense que j'ai exécuté un programme sommaire sur mon ordinateur portable, et maintenant il ne démarre pas dans des fenêtres normales. Que dois-je faire? J'ai une clé USB pour réinitialiser Windows, mais je préférerais garder mes fichiers.

Merci d'avance Steph <3

Résultat de l'analyse de l'outil d'analyse de récupération Farbar (FRST) (x64) Version : 22-09-2021 02 Exécuté par steph (administrateur) sur DESKTOP-21721 (ASUSTeK COMPUTER INC. TUF GAMING FX504GD_FX80GD) (26-09-2021 21:29:06) Exécuté depuis E: Profils chargés : steph Plate-forme : Windows 10 Home Version 20H2 19042.1165 (X64) Langue : Anglais (États-Unis) Navigateur par défaut : FF Mode de démarrage : mode sans échec (minimal)

==================== Processus (liste blanche) ==================

(Si une entrée est incluse dans la fixlist, le processus sera fermé. Le fichier ne sera pas déplacé.)

(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:Program FilesAVGAntivirusAVGUI.exe (Microsoft Windows -> Microsoft Corporation) C:WindowsHelpPane.exe (Microsoft Windows -> Microsoft Corporation) C:WindowsImmersiveControlPanelSystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe (Contributeurs MultiMC) [File not signed] C:UsersstephDocumentsMultiMCminecraft.exe

==================== Registre (liste blanche) ====================

(Si une entrée est incluse dans la liste de correctifs, l'élément de registre sera restauré par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM…Exécuter : [AVGUI.exe] => C:Program FilesAVGAntivirusAvLaunch.exe [171832 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) HKLM…Exécuter : [XMouseButtonControl] => C:Program FilesHighresolution EnterprisesX-Mouse Button ControlXMouseButtonControl.exe [1676064 2020-02-23] (Développeur Open Source, Phillip Gibbons -> Entreprises haute résolution) HKLM…Exécuter : [UrbanVPN] => C:Program FilesUrbanVPNbinurbanvpn-gui.exe [24197696 2020-10-01] (Cyber ​​Sécurité Urbaine Inc. -> ) HKLM…Exécuter : [Riot Vanguard] => C:Program FilesRiot Vanguardvgtray.exe [3180256 2021-08-30] (Riot Games, Inc. -> Riot Games, Inc.) HKLM-x32…Exécuter : [Lightshot] => C:Program Files (x86)SkillbrainslightshotLightshot.exe [226728 2019-07-21] (Kilonova SARL -> ) HKLM-x32…Exécuter : [SunJavaUpdateSched] => C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [587288 2016-09-22] (Oracle America, Inc. -> Oracle Corporation) HKLM…RunOnce : [WinRERecovery] => cmd /c "%windir%System32MusNotificationUx.exe Toast_SrtBootRecovered" HKLMSOFTWAREPoliciesMicrosoftWindows Defender : Restriction <==== ATTENTION HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Exécuter : [EpicGamesLauncher] => D:Epic GamesEpic GamesLauncherPortalBinariesWin64EpicGamesLauncher.exe [33337824 2021-09-26] (Epic Games Inc. -> Epic Games, Inc.) HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Exécuter : [Discord] => C:UsersstephAppDataLocalDiscordUpdate.exe [1512760 2020-12-03] (Discord Inc. -> GitHub) HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Exécuter : [CCleaner Smart Cleaning] => C:Program FilesCCleanerCCleaner64.exe [32726088 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd) HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Exécuter : [Spotify] => C:UsersstephAppDataRoamingSpotifySpotify.exe [24743552 2021-09-23] (Spotify AB -> Spotify Ltd) HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Exécuter : [uTorrent] => C:UsersstephAppDataRoaminguTorrentuTorrent.exe [2133032 2021-04-04] (BitTorrent Inc -> BitTorrent Inc.) HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Exécuter : [Lync] => C:Program FilesMicrosoft OfficerootOffice16lync.exe [26403672 2021-09-17] (Microsoft Corporation -> Microsoft Corporation) HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Exécuter : [Overwolf] => D:GamesCurseForgeOverwolfOverwolfLauncher.exe [1806680 2021-08-12] (Overwolf Ltd -> Overwolf Ltd.) HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Exécuter : [Steam] => D:Program FilesSteamsteam.exe [4282600 2021-09-17] (Valve -> Valve Corporation) HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Exécuter : [Docker Desktop] => C:Program FilesDockerDockerDocker Desktop.exe [2554816 2021-03-27] (Docker Inc -> Docker Inc.) HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Exécuter : [GoogleChromeAutoLaunch_F93EFB3DD44213C0D4E7C2DEA6F95C5C] => "C:Program Files (x86)GoogleChromeApplicationchrome.exe" –no-startup-window /prefetch:5 HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Exécuter : [Skype for Desktop] => C:Program Files (x86)MicrosoftSkype pour DesktopSkype.exe [114012032 2021-07-20] (Skype Software Sarl -> Skype Technologies S.A.) HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Exécuter : [Battle.net] => D:Program FilesBattle.netBattle.net.exe [1079184 2021-08-12] (Blizzard Entertainment, Inc. -> Blizzard Entertainment) HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Exécuter : [D:Program Filesremoteitremoteit.exe] => D:Program Filesremoteitremoteit.exe [131182696 2021-08-20] (remot3.it, Inc. -> remote.it) HKUS-1-5-21-1107240043-3454394700-2548055146-1001…PolitiquesExplorateur : [NoLowDiskSpaceChecks] 1 HKLMSoftwareMicrosoftActive SetupComposants installés : [8A69D345-D564-463c-AFF1-A69D9E530F96] -> C:Program Files (x86)GoogleChromeApplication93.0.4577.82Installerchrmstp.exe [2021-09-16] (Google LLC -> Google LLC) Démarrage : C:UsersstephAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupSend to OneNote.lnk [2021-09-02] ShortcutTarget : Envoyer à OneNote.lnk -> C:Program FilesMicrosoft OfficerootOffice16ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) HKLMSOFTWAREPoliciesMozillaFirefox : Restriction <==== ATTENTION

==================== Tâches planifiées (liste blanche) ============

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé à moins qu'il ne soit répertorié séparément.)

Tâche : 06934157-805B-484F-8E02-5FB14070F368 – System32TasksMicrosoftOfficeOfficeTelemetryAgentFallBack2016 => C:Program FilesMicrosoft OfficerootOffice16msoia.exe [7053768 2021-09-17] (Microsoft Corporation -> Microsoft Corporation) Tâche : 12DB6F77-9F19-4E38-94AF-B7412750FA21 – System32TasksMicrosoftWindowsEnterpriseMgmt126F8BE2-3C93-487C-B3C1-8115ABA84E14OS Edition Mise à niveau de l'écouteur d'événement créé par le client d'inscription => C:WINDOWS system32deviceenroller.exe [470016 2021-08-11] (Microsoft Windows -> Microsoft Corporation) Tâche : 1D2574F9-2059-4144-A1E1-438550631012 – System32TasksAVAST SoftwareGaming mode Task Scheduler recovery => Command(1) : schtasks.exe -> /Change /TN "Antivirus Emergency Update" /ENABLE Tâche : 1D2574F9-2059-4144-A1E1-438550631012 – System32TasksAVAST SoftwareGaming mode Task Scheduler recovery => Command(2) : schtasks.exe -> /Change /TN "MicrosoftEdgeUpdateTaskMachineCore1d71fd4cd670452" /ENABLE Tâche : 1D2574F9-2059-4144-A1E1-438550631012 – System32TasksAVAST SoftwareGaming mode Task Scheduler recovery => Command(3) : schtasks.exe -> /Change /TN "MicrosoftEdgeUpdateTaskMachineUA" /ENABLE Tâche : 1D2574F9-2059-4144-A1E1-438550631012 – System32TasksAVAST SoftwareGaming mode Task Scheduler recovery => Command(4) : schtasks.exe -> /Change /TN "AVAST SoftwareGaming mode Task Planificateur de récupération" / DISABLE Tâche : 2526B9A3-95F6-43BE-8D6C-CC897539C0AA – System32TasksCCleaner Update => C:Program FilesCCleanerCCUpdate.exe [684976 2021-03-05] (Piriform Software Ltd -> Piriform) Tâche : 257DBB5B-8DB1-4FED-B9BC-03AB1EB38D29 – System32TasksCCleanerSkipUAC => C:Program FilesCCleanerCCleaner.exe [27168840 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd) Tâche : 2B4509DE-5FE6-4DBD-A444-4982C6C68BFC – System32TasksMicrosoftWindowsEnterpriseMgmt126F8BE2-3C93-487C-B3C1-8115ABA84E14Schedule #2 créé par le client d'inscription => C:WINDOWSsystem32 Deviceenroller.exe [470016 2021-08-11] (Microsoft Windows -> Microsoft Corporation) Tâche : 2ED7BD02-C84D-425E-ABAD-BB12789BD229 – System32TasksATK Package 36D18D69AFC3 => C:WindowsSystem32DriverStoreFileRepositoryatkwmiacpiio.inf_amd64_30ffacb41f78f352As64HotkeyExec [176064 2019-03-03] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) Tâche : 31F0B4C3-676E-4D79-85AB-E637538D63DE – System32TasksMicrosoftOfficeOffice Feature Updates => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [139096 2021-09-17] (Microsoft Corporation -> Microsoft Corporation) Tâche : 32625D14-9BB5-463E-9896-C463A4A0ADEB – System32TasksNvTmRep_CrashReport3_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationNvBackendNvTmRep [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Tâche : 33BBEC5A-560E-4F68-92A1-A9607E40DD4F – System32TasksMozillaFirefox Default Browser Agent 308046B0AF4A39CB => C:Program FilesMozilla Firefoxdefault-browser-agent.exe [680888 2021-09-24] (Mozilla Corporation -> Fondation Mozilla) Tâche : 3C40E6BF-6047-4C53-A872-1172230B3234 – System32TasksMicrosoftOfficeOfficeTelemetryAgentLogOn2016 => C:Program FilesMicrosoft OfficerootOffice16msoia.exe [7053768 2021-09-17] (Microsoft Corporation -> Microsoft Corporation) Tâche : 3D8E21DE-6F7E-473C-B621-A8C2FA9AE8FB – System32TasksMicrosoftWindowsEnterpriseMgmt126F8BE2-3C93-487C-B3C1-8115ABA84E14Schedule #1 créé par le client d'inscription => C:WINDOWSsystem32 Deviceenroller.exe [470016 2021-08-11] (Microsoft Windows -> Microsoft Corporation) Tâche : 4172E3D6-F919-4E65-AD34-48EE2A7AE1C7 – System32TasksNvProfileUpdaterOnLogon_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUp [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Tâche : 43896F29-090B-4377-A689-5640BDB5FC89 – System32TasksBlueStacksHelper_nxt => C:Program FilesBlueStacks_nxtBlueStacksHelper.exe [275136 2021-07-19] (Systèmes Bluestack, Inc -> Systèmes BlueStack, Inc.) Tâche : 47AB1F0D-12F1-4FF0-9933-4B5A3944396F – System32Tasksupdate-sys => C:Program Files (x86)SkillbrainsUpdaterUpdater.exe [414872 2017-04-12] (OOO Lightshot -> À FAIRE : ) Tâche : 51682B73-69BD-45F9-9742-724EB7DF5FE0 – System32TasksAntivirus Emergency Update => C:Program FilesAVGAntivirusAvEmUpdate.exe [4966200 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) Tâche : 55865164-609A-4E5B-B29A-66AD4C6C2A03 – System32TasksNvTmRep_CrashReport1_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationNvRepend.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Tâche : 58F819E5-C6C3-404D-BCB0-CD1EB4B55F64 – System32TasksMicrosoftOfficeOffice Connexion aux mises à jour des fonctionnalités => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [139096 2021-09-17] (Microsoft Corporation -> Microsoft Corporation) Tâche : 5E6F0BA1-6EDA-46BB-BDB7-1A5DC17FBEB1 – System32TasksMicrosoftWindowsEnterpriseMgmt126F8BE2-3C93-487C-B3C1-8115ABA84E14Provisioning session initiée => C:WINDOWSsystem32deviceenroller.exe [470016 2021-08-11] (Microsoft Windows -> Microsoft Corporation) Tâche : 60319DC2-5085-4990-BCB7-49B4DB8CCBC1 – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156104 2020-05-07] (Google LLC -> Google LLC) Tâche : 61D879AF-BF52-43C9-901E-0CF67E108B18 – System32TasksNvProfileUpdaterDaily_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Tâche : 63380B6D-A70C-43AE-AA73-4DE4588552EA – System32TasksProtonVPN Update => D:Program FilesprotonProtonVPN.UpdateService.exe [61736 2020-11-04] (ProtonVPN AG -> ) Tâche : 6C4B3D7F-479A-4B2C-81A1-368A89F5BB7D – System32TasksNvTmRep_CrashReport4_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationNvMRependN [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Tâche : 85434D43-F566-443D-83CC-8D2E16498C46 – System32TasksNvNodeLauncher_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program Files (x86)NVIDIA CorporationNvNodenvchernodejsexe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Tâche : 89BFD764-F6A4-4E53-AAF7-8AA4B4C77F74 – System32TasksRtHDVBg_ListenToDevice => C:Program FilesRealtekAudioHDARAVBg64.exe [1506384 2019-03-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Tâche : 8DFB1029-2247-43AD-BB9D-E81286DEB56A – System32TasksNVIDIA GeForce Experience SelfUpdate_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation) Tâche : 8FFB8BC7-A462-4203-9D36-9D6A21B4566C – System32TasksMicrosoftWindowsEnterpriseMgmt126F8BE2-3C93-487C-B3C1-8115ABA84E14Schedule créé par le client d'inscription pour le renouvellement de l'avertissement de certificat => C:WINDOWS system32deviceenroller.exe [470016 2021-08-11] (Microsoft Windows -> Microsoft Corporation) Tâche : 9D4C1DD2-8349-4D4A-836E-A665B738C3AE – System32TasksMicrosoftWindowsEnterpriseMgmt126F8BE2-3C93-487C-B3C1-8115ABA84E14PushRenewal => C:WINDOWSsystem32deviceenrollen [470016 2021-08-11] (Microsoft Windows -> Microsoft Corporation) Tâche : 9F5A8501-4118-44E0-8521-C851A1BB8635 – System32TasksRTKCPL => C:Program FilesRealtekAudioHDARAVBg64.exe [1506384 2019-03-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Tâche : A1B05A3B-19C4-4F6C-8FFF-955AA72CCE04 – System32TasksMicrosoftWindowsEnterpriseMgmt126F8BE2-3C93-487C-B3C1-8115ABA84E14Passport for Work alerte créée par le client d'inscription => C:WINDOWSsystem32 deviceenroller.exe [470016 2021-08-11] (Microsoft Windows -> Microsoft Corporation) Tâche : A24C2E87-202A-47D8-A45B-45AD990F042A – System32TasksMicrosoftWindowsEnterpriseMgmt126F8BE2-3C93-487C-B3C1-8115ABA84E14Schedule pour exécuter OMADMClient par serveur => C:WINDOWSsystem .EXE [435712 2021-08-11] (Microsoft Windows -> Microsoft Corporation) Tâche : A2CB51BA-F944-4B57-BBA5-F679FEDE928A – System32TasksNvBatteryBoostCheckOnLogon_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationNvContainer.exenvcon [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:Program FilesNVIDIA CorporationNvBackendNvBatteryBoostCheck" -l 3 -f C:ProgramDataNVIDIANvContainerBatteryBoostCheck.log Tâche : AEA52801-12D8-4251-9F0B-D8DFCDF57859 – Tâche System32TasksOverwolf Updater => D:GamesCurseForgeOverwolfOverwolfUpdater.exe [2483032 2021-08-12] (Overwolf Ltd -> Overwolf LTD) Tâche : AF85C3E8-2E3C-480E-8AD6-D81C2474595E – System32Tasksupdate-S-1-5-21-1107240043-3454394700-2548055146-001 => C:Program Files (x86)SkillbrainsUpdater Updater.exe [414872 2017-04-12] (OOO Lightshot -> À FAIRE : ) Tâche : B271617C-0A7F-43AE-AA40-5FC0A3751A8A – System32TasksMicrosoftWindowsEnterpriseMgmt126F8BE2-3C93-487C-B3C1-8115ABA84E14Win10 S Mode écouteur créé par le client d'inscription => C:WINDOWS system32deviceenroller.exe [470016 2021-08-11] (Microsoft Windows -> Microsoft Corporation) Tâche : B731964F-DDE7-490A-813F-06015008E52B – System32TasksMicrosoftWindowsEnterpriseMgmt126F8BE2-3C93-487C-B3C1-8115ABA84E14Schedule to run OMADMClient by client => C:WINDOWSsystem32omad .EXE [435712 2021-08-11] (Microsoft Windows -> Microsoft Corporation) Tâche : BA348972-E5E5-43E4-8979-DF79218C4730 – System32TasksOneDrive Standalone Update Task-S-1-5-21-1107240043-3454394700-2548055146-500 => C:UsersstephAppDataLocal MicrosoftOneDriveOneDriveStandaloneUpdater.exe Tâche : BB786CA6-1A11-4AE9-B5F6-56797AEF6863 – System32TasksMicrosoftOfficeOffice Automatic Updates 2.0 => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation) Tâche : BC290BEA-2734-4326-9F40-E8E7E50D3A55 – System32TasksAVGOverseer => C:Program FilesCommon FilesAVGOverseerovereer.exe [1821968 2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies) Tâche : BECF97E0-17ED-433F-A56C-C9EB5765751A – System32TasksNvDriverUpdateCheckDaily_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:Program FilesNVIDIA CorporationNvDriverUpdateCheck" -l 3 -f C:ProgramDataNVIDIANvContainerDriverUpdateCheck.log Tâche : C7CA9E05-8249-450D-B6B5-489B8EBA96DC – System32TasksIUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:Program Files (x86)IntelIntel® Update Managerbiniumsvc .EXE Tâche : C94B21C3-AEC9-496A-947F-2056DC0ADFF9 – System32TasksMicrosoftWindowsMemDiag => C:WINDOWSsystem32mdres.exe [87040 2019-12-07] (Microsoft Windows -> Microsoft Corporation) Tâche : CD246C32-6CD5-4C79-A1E4-7E12345A6AC5 – System32TasksMicrosoftWindowsEnterpriseMgmt126F8BE2-3C93-487C-B3C1-8115ABA84E14Schedule #3 créé par le client d'inscription => C:WINDOWSsystem32 Deviceenroller.exe [470016 2021-08-11] (Microsoft Windows -> Microsoft Corporation) Tâche : D6F5EB84-775A-4FC9-BDBF-F5F7CDFDA842 – System32TasksNvTmRep_CrashReport2_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationTvmRep.N.N [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) Tâche : DAD302A2-C76D-41ED-B39A-975768EEBECF – System32TasksMicrosoftOfficeOffice ClickToRun Service Monitor => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation) Tâche : ECD35DD5-E970-4A1C-82BA-2D59B9B260D5 – System32TasksMicrosoftWindowsEnterpriseMgmt126F8BE2-3C93-487C-B3C1-8115ABA84E14PushLaunch => C:WINDOWSsystem32deviceenroller.exe [470016 2021-08-11] (Microsoft Windows -> Microsoft Corporation) Tâche : EEB86BF3-4274-46B0-B64E-36F2968C4EED – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156104 2020-05-07] (Google LLC -> Google LLC)

(Si une entrée est incluse dans la liste de correctifs, le fichier de tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Tâche : C:WINDOWSTasksCreateExplorerShellUnelevatedTask.job => C:WINDOWSexplorer.exe Tâche : C:WINDOWSTasksupdate-S-1-5-21-1107240043-3454394700-2548055146-1001.job => C:Program Files (x86)SkillbrainsUpdaterUpdater.exe Tâche : C:WINDOWSTasksupdate-sys.job => C:Program Files (x86)SkillbrainsUpdaterUpdater.exe

==================== Internet (liste blanche) ====================

(Si un élément est inclus dans la liste de correctifs, s'il s'agit d'un élément de registre, il sera supprimé ou restauré par défaut.)

Hôtes : il y a plus d'une entrée dans Hôtes. Voir la section Hôtes de Addition.txt TcpipParamètres : [DhcpNameServer] 192.168.100.1 Tcpip..Interfacesc87c9e6-c692-4109-90f4-3bd0c9f8eb8f : [DhcpNameServer] 192.168.100.1 Tcpip..Interfacesa609fc41-8fc3-42c2-acbe-a0317fb86253 : [DhcpNameServer] 192.168.100.1 Tcpip..Interfacesa9f032f5-7350-4825-aad6-683fda25556c : [DhcpNameServer] 8.8.8.8 Tcpip..Interfacesbd3ec1e7-9a20-4054-91d4-c7d93547e9ab : [DhcpNameServer] 192.168.100.1 HKLMSOFTWAREPoliciesMicrosoftInternet Explorer : Restriction <==== ATTENTION

Bord: ======= Extension Edge : (sans nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsAutoFormFill [not found] Extension Edge : (sans nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsBookViewer [not found] Extension Edge : (sans nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsLearningTools [not found] Extension Edge : (sans nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsPinJSAPI [not found] Profil Edge : C:UsersstephAppDataLocalMicrosoftEdgeUser DataDefault [2021-09-26]

FireFox : ======== Profil par défaut FF : bgdskgse.default Chemin du profil FF : C:UsersstephAppDataRoamingMozillaFirefoxProfilesbgdskgse.default [2021-05-23] Chemin de profil FF : C:UsersstephAppDataRoamingMozillaFirefoxProfilesez2qftam.default-release [2021-09-26] Page d'accueil FF : MozillaFirefoxProfilesez2qftam.default-release -> google.com Notifications FF : MozillaFirefoxProfilesez2qftam.default-release -> hxxps://aternos.org ; hxxps://www.talabat.com Extension FF : (Enhancer for YouTube™) – C:UsersstephAppDataRoamingMozillaFirefoxProfilesez2qftam.default-releaseExtensionsenhancerforyoutube@maximerf.addons.mozilla.org.xpi [2021-09-21] Extension FF : (Chérie) – C:UsersstephAppDataRoamingMozillaFirefoxProfilesez2qftam.default-releaseExtensionsjid1-93CWPmRbVPjRQA@jetpack.xpi [2021-06-24] Extension FF : (AdBlock – meilleur bloqueur de publicités) – C:UsersstephAppDataRoamingMozillaFirefoxProfilesez2qftam.default-releaseExtensionsjid1-NIfFY2CA8fy1tg@jetpack.xpi [2021-09-09] Plugin FF : @java.com/DTPlugin, version=11.111.2 -> C:Program FilesJavajre1.8.0_111bindtpluginnpDeployJava1.dll [2021-08-22] (Oracle America, Inc. -> Oracle Corporation) Plugin FF : @java.com/JavaPlugin, version=11.111.2 -> C:Program FilesJavajre1.8.0_111binplugin2npjp2.dll [2021-08-22] (Oracle America, Inc. -> Oracle Corporation) Plugin FF : @microsoft.com/SharePoint, version=14.0 -> C:Program FilesMicrosoft OfficerootOffice16NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation) Plugin FF-x32 : @gametree.co.kr/GTL -> C:ProgramDataGametreeGTLnpGTL.dll [2013-06-13] (NtreevSoft Co., Ltd -> NtreevSoft) Plugin FF-x32 : @microsoft.com/Lync,version=15.0 -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Mozilla Firefoxpluginsnpmeetingjoinpluginoc.dll [2021-08-15] (Microsoft Corporation -> Microsoft Corporation) Plugin FF-x32 : @microsoft.com/SharePoint, version=14.0 -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)

Chrome: ======= Profil CHR : C:UsersstephAppDataLocalGoogleChromeUser DataDefault [2021-09-22] CHR DownloadDir: C:UsersstephDownloads Notifications CHR : Par défaut -> hxxps://aternos.org ; hxxps://mail.google.com Page d'accueil CHR : Par défaut -> mysearch.avg.com CHR StartupUrls : Par défaut -> "hxxp://www.google.com" URL de recherche par défaut CHR : par défaut -> hxxps://www.gstatic.com/youtube/img/branding/favicon/favicon_144x144.png CHR DefaultSearchKeyword : Par défaut -> hxxps://mysearch.avg.com Extension CHR : (diapositives) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2020-05-07] Extension CHR : (YouTube) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionsagimnkijcaahngcdmfeangaknmldooml [2021-03-26] Extension CHR : (Docs) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2020-05-07] Extension CHR : (Google Drive) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2020-10-24] Extension CHR : (YouTube) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2020-05-07] Extension CHR : (Chérie) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionsbmnlcjabgnpnenekpadlanbbkooimhnj [2021-09-22] Extension CHR : (Social Blade) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionscfidkbgamfhdgmedldkagjopnbobdmdn [2021-09-22] [UpdateUrl:hxxps://addon.socialblade.com/updates.json] <==== ATTENTION Extension CHR : (AVG Secure Search) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionschfdnecihphmhljaaejmgoiahnihplgn [2020-05-09] Extension CHR : (Rocks Network CORS Fix) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionscnfpafcflghhnmcdmomglkcofdgalljf [2021-09-22] Extension CHR : (Feuilles) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2020-05-07] Extension CHR : (Google Docs Offline) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-18] Extension CHR : (AdBlock – meilleur bloqueur de publicités) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionsgighmmpiobklfepjocnamgkkbiglidom [2021-09-22] Extension CHR : (CENTURY) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionsgpokpjenobimicjbebndjofblfhhggpd [2020-05-10] Extension CHR : (ROBLOX : Téléchargeur rapide d'actifs) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionsmeljceogbjjmgjhhbnmjjgepchpjkklc [2020-05-09] Extension CHR : (TubeBuddy) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionsmhkhmbddkmdggbhaaaodilponhnccicb [2021-09-22] Extension CHR : (Chrome Web Store Payments) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] Extension CHR : (MediaMod) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionsoeocpffgjbagninjebpgopolopdegogb [2021-04-05] Extension CHR : (Netflix Party est maintenant Teleparty) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionsoocalimimngaihdkbihfgmpkcpnmlaoa [2021-09-22] Extension CHR : (Speedtest par Ookla) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionspgjjikdiikihdfpoppgaidccahalehjh [2021-04-15] Extension CHR : (Gmail) – C:UsersstephAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]

==================== Services (liste blanche) ====================

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé à moins qu'il ne soit répertorié séparément.)

Service d'appareils mobiles Apple S2 ; D:Program Filesi-Funbox DevTeamMobile Device SupportAppleMobileDeviceService.exe [96056 2020-12-24] (Apple Inc. -> Apple Inc.) S2 asComSvc ; C:Program Files (x86)ASUSAXSP4.00.38atkexComSvc.exe [440368 2019-04-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) S2 AsHidService ; C:WINDOWSSystem32DriverStoreFileRepositoryatkwmiacpiio.inf_amd64_30ffacb41f78f352AsHidSrv64.exe [173504 2019-03-03] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) Service ASLDR S2 ; C:WINDOWSSystem32DriverStoreFileRepositoryatkwmiacpiio.inf_amd64_30ffacb41f78f352AsLdrSrv64.exe [227776 2019-03-03] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) Antivirus S2 AVG ; C:Program FilesAVGAntivirusAVGSvc.exe [630584 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) Outils AVG S2 ; C:Program FilesAVGAntivirusavgToolsSvc.exe [378168 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S3 avgbIDSAgent ; C:Program FilesAVGAntivirusaswidsagent.exe [8360560 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S2 AvgWscReporter; C:Program FilesAVGAntiviruswsc_proxy.exe [109480 2021-06-01] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [9179528 2021-09-10] (Microsoft Corporation -> Microsoft Corporation) S2 com.docker.service ; C:Program FilesDockerDockercom.docker.service [16352 2021-03-27] (Docker Inc -> Docker Inc.) S3 EasyAntiCheat; C:Program Files (x86)EasyAntiCheatEasyAntiCheat.exe [803440 2020-04-16] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S3 EpicOnlineServices ; C:Program Files (x86)Epic GamesEpic Online ServicesserviceEpicOnlineServicesHost.exe [926176 2021-03-16] (Epic Games Inc. -> Epic Games, Inc.) S3 EQUI8_36 ; C:ProgramDataEQU8Splitgatebinanticheat.x64.equ8.exe [6161552 2021-08-23] (Logiciel Int3 AB -> Logiciel Int3 AB) S2 hshld_10.9.12 ; C:Program Files (x86)Hotspot Shield10.9.12bincmw_srv.exe [224248 2020-11-16] (Pango Inc. -> Pango Inc.) S2 it.remote.cli; D:Program Filesremoteitresourcesx64remoteit.exe [9552488 2021-08-20] (remot3.it, Inc. -> ) S3 mracsvc; C:WindowsSystem32mracsvc.exe [20417696 2020-07-22] (Mail.Ru LLC -> LLC Mail.Ru) S3 OverwolfUpdater; D:GamesCurseForgeOverwolfOverwolfUpdater.exe [2483032 2021-08-12] (Overwolf Ltd -> Overwolf LTD) S3 ImprimerNotifier ; C:WINDOWSsystem32spooldriversx643PrintConfig.dll [3595776 2021-09-16] (Microsoft Corporation) [File not signed] Service S3 ProtonVPN ; D:Program FilesprotonProtonVPNService.exe [99624 2020-11-04] (ProtonVPN AG -> ) Service de mise à jour S3 ProtonVPN ; D:Program FilesprotonProtonVPN.UpdateService.exe [61736 2020-11-04] (ProtonVPN AG -> ) Service Rockstar S3 ; D:GamesRockstar GamesLauncherRockstarService.exe [1856816 2021-08-05] (Rockstar Games, Inc. -> Rockstar Games) Visionneuse d'équipe S2 ; C:Program Files (x86)TeamViewerTeamViewer_Service.exe [13271336 2021-09-02] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S2 UrbanVPNServiceInteractif ; C:Program FilesUrbanVPNbinurbanvpnserv.exe [217848 2020-08-28] (Cyber ​​Sécurité Urbaine Inc. -> ) S3 UrbanVPNUpdater ; C:Program FilesUrbanVPNUrbanVPNUpdater.exe [1010752 2020-10-01] (Cyber ​​Sécurité Urbaine Inc. -> Sécurité Urbaine) S3 vgc; C:Program FilesRiot Vanguardvgc.exe [10202040 2021-08-30] (Riot Games, Inc. -> Riot Games, Inc.) S3 WdNisSvc; C:ProgramDataMicrosoftWindows Defenderplatform4.18.2006.10-0NisSrv.exe [2496144 2020-07-02] (Éditeur Microsoft Windows -> Microsoft Corporation) S3 WinDefend ; C:ProgramDataMicrosoftWindows Defenderplatform4.18.2006.10-0MsMpEng.exe [104192 2020-07-02] (Éditeur Microsoft Windows -> Microsoft Corporation) S2 NVDisplay.ContainerLocalSystem; C:WINDOWSSystem32DriverStoreFileRepositorynvami.inf_amd64_72035dd8d03aeceeDisplay.NvContainerNVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%NVIDIANVDisplay.Container3-LocalSystem.log:l WINDOWSSystem32DriverStoreFileRepositorynvami.inf_amd64_72035dd8d03aeceeDisplay.NvContainerpluginsLocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystemLocalSystem

===================== Pilotes (liste blanche) ===================

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé à moins qu'il ne soit répertorié séparément.)

S1 AsIO; C:WindowsSysWow64driversAsIO.sys [15232 2017-12-26] (ASUSTeK Computer Inc. -> ) S1 Asusgio2; C:Windowssystem32driversAsIO2.sys [33832 2019-04-09] (ASUSTeK Computer Inc. -> ) R3 AsusPTPDrv; C:WINDOWSSystem32driversAsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.) S1 ATKWMIACPIIO; C:WINDOWSSystem32DriverStoreFileRepositoryatkwmiacpiio.inf_amd64_30ffacb41f78f352atkwmiacpi64.sys [36368 2019-03-03] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.) R0 avgArDisk; C:WINDOWSSystem32driversavgArDisk.sys [35848 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) Potmoy S1 ; C:WINDOWSSystem32driversavgArPot.sys [221728 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S1 avgbidsdriver; C:WINDOWSSystem32driversavgbidsdriver.sys [369232 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S0 avgbidsh; C:WINDOWSSystem32driversavgbidsh.sys [250480 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S0 avgbuniv; C:WINDOWSSystem32driversavgbuniv.sys [99440 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S0 moyElam; C:WINDOWSSystem32driversavgElam.sys [21960 2021-09-22] (Microsoft Windows Early Launch Anti-Malware Publisher -> AVG Technologies CZ, s.r.o.) R1 MoyKbd; C:WINDOWSSystem32driversavgKbd.sys [41504 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S1 moyMonFlt; C:WINDOWSSystem32driversavgMonFlt.sys [184776 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S1 avgNetHub ; C:WINDOWSSystem32driversavgNetHub.sys [538632 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S1 Rdr moy; C:WINDOWSSystem32driversavgRdr2.sys [108000 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S0 moyRvrt; C:WINDOWSSystem32driversavgRvrt.sys [83064 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S1 moySnx; C:WINDOWSSystem32driversavgSnx.sys [851864 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) SP moy S1 ; C:WINDOWSSystem32driversavgSP.sys [557288 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S2 avgStm; C:WINDOWSSystem32driversavgStm.sys [215536 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S0 Vmm moy; C:WINDOWSSystem32driversavgVmm.sys [328712 2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) S2 BlueStacksDrv_nxt; C:Program FilesBlueStacks_nxtBstkDrv_nxt.sys [320728 2021-07-19] (Systèmes Bluestack, Inc -> Système Bluestack Inc.) S3 EQU8_HELPER_36 ; C:WINDOWSsystem32DRIVERSEQU8_HELPER_36.sys [38032 2021-09-15] (Logiciel Int3 AB -> ) S3 Hamachi ; C:WINDOWSSystem32driversHamdrv.sys [45680 2019-04-02] (Éditeur de compatibilité matérielle Microsoft Windows -> LogMeIn Inc.) R3 HIDSwitch ; C:WINDOWSSystem32driversAsRadioControl.sys [32696 2020-11-18] (ASUSTek Computer Inc. -> ASUS) S3 ManyCam ; C:WINDOWSsystem32DRIVERSmcvidrv.sys [66952 2018-07-29] (ManyCam (VISICOM MÉDIA INC.) -> Visicom Media Inc.) S3 mcaudrv_simple; C:WINDOWSsystem32driversmcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.) S3 mracdrv; C:WINDOWSSystem32driversmracdrv1.sys [19647520 2020-07-22] (Mail.Ru LLC -> LLC Mail.Ru) S1 pango_netfilter2; C:WINDOWSSystem32driverspango_netfilter2.sys [94080 2020-11-16] (Pango Inc. -> Pango Inc) S3 ProtonVPNSplitTunnel; D:Program Filesprotonx64Win10ProtonVPN.SplitTunnelDriver.sys [31584 2020-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG) S3 RTCore64; D:Program FilesMSI AfterburnerRTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> ) R3 ScpVBus; C:WINDOWSSystem32driversScpVBus.sys [39168 2013-05-18] (Bruce James -> Scarlet.Crush Productions) S3 SnapCameraVirtualDevice; C:WINDOWSSystem32driversSnapCameraVirtualDevice.sys [2800232 2020-10-12] (Snap Inc. -> Windows ® Win 7 DDK provider) S3 tap0901; C:WINDOWSSystem32driverstap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) S3 tapnordvpn; C:WINDOWSSystem32driverstapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project) S3 tapprotonvpn; C:WINDOWSSystem32driverstapprotonvpn.sys [49008 2020-04-06] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) S3 VBAudioVACMME; C:WINDOWSSystem32driversvbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows ® Win 7 DDK provider) S3 VBAudioVMVAIOMME; C:WINDOWSSystem32driversvbaudio_vmvaio64_win10.sys [71712 2020-05-09] (Vincent Burel -> Windows ® Win 7 DDK provider) S3 VCamSDK; C:WINDOWSsystem32DRIVERSVCamSDK.sys [1090904 2019-12-22] (Shanghai Yitu Information Technology Co.,Ltd. -> e2eSoft) S1 vgk; C:Program FilesRiot Vanguardvgk.sys [8234240 2021-08-30] (Riot Games, Inc. -> Riot Games, Inc.) S3 voxaldriver; C:WINDOWSsystem32DRIVERSvoxaldriverx64.sys [55976 2020-06-14] (NCH Software, Inc. -> ) U5 vsock; C:WindowsSystem32Driversvsock.sys [105912 2020-08-10] (VMware, Inc. -> VMware, Inc.) S3 WdBoot; C:WINDOWSsystem32driverswdWdBoot.sys [45976 2020-07-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:WINDOWSsystem32driverswdWdFilter.sys [408816 2020-07-02] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [64224 2020-07-02] (Microsoft Windows -> Microsoft Corporation) S3 AppleKmdfFilter; SystemRootSystem32driversAppleKmdfFilter.sys [X] S3 AppleLowerFilter; SystemRootSystem32driversAppleLowerFilter.sys [X] S3 semav6msr64; ??C:WINDOWSsystem32driverssemav6msr64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-26 21:28 – 2021-09-26 21:29 – 000000000 ____D C:FRST 2021-09-26 21:17 – 2021-09-26 21:17 – 000000000 ___HD C:$SysReset 2021-09-26 21:17 – 2021-09-26 21:17 – 000000000 ____D C:WINDOWSPanther 2021-09-26 21:09 – 2021-09-26 21:09 – 000008192 ___SH C:DumpStack.log.tmp 2021-09-26 21:09 – 2021-09-26 21:09 – 000000214 _____ C:WINDOWSTasksCreateExplorerShellUnelevatedTask.job 2021-09-26 21:06 – 2021-09-26 21:06 – 000983868 _____ C:WINDOWSMinidump92621-9921-01.dmp 2021-09-26 20:52 – 2021-09-26 21:29 – 001191108 _____ C:WINDOWSntbtlog.txt 2021-09-26 20:52 – 2021-09-26 20:52 – 000000020 ___SH C:Usersstephntuser.ini 2021-09-26 18:22 – 2021-09-26 21:17 – 000000000 ____D C:WINDOWSMinidump 2021-09-26 15:13 – 2021-09-26 15:13 – 000234280 _____ (AVAST Software) C:UsersstephDownloadsavast_free_antivirus_setup_online.exe 2021-09-26 15:13 – 2021-09-26 15:13 – 000234280 _____ (AVAST Software) C:UsersstephDesktopavast_free_antivirus_setup_online.exe 2021-09-26 15:13 – 2021-09-26 15:13 – 000000000 ____D C:ProgramDataAvast Software 2021-09-26 15:05 – 2021-09-26 15:12 – 000000000 ____D C:UsersstephAppDataLocalCrashDumps 2021-09-26 15:04 – 2021-09-26 15:04 – 000224072 _____ (AVG Technologies CZ, s.r.o.) C:UsersstephDownloadsavg_antivirus_free_setup.exe 2021-09-26 15:04 – 2021-09-26 15:04 – 000224072 _____ (AVG Technologies CZ, s.r.o.) C:UsersstephDesktopavg_antivirus_free_setup.exe 2021-09-26 14:50 – 2021-09-26 15:06 – 000000000 ____D C:UsersstephAppDataLocalD3DSCache 2021-09-26 14:50 – 2021-09-26 14:50 – 000000000 ____D C:UsersstephAppDataLocalCEF 2021-09-26 14:49 – 2021-09-26 14:49 – 000000907 _____ C:UsersPublicDesktopEpic Games Launcher.lnk 2021-09-26 14:49 – 2021-09-26 14:49 – 000000907 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsEpic Games Launcher.lnk 2021-09-26 14:49 – 2021-09-26 14:49 – 000000000 ____D C:UsersstephAppDataLocalUnrealEngineLauncher 2021-09-26 14:49 – 2021-09-26 14:49 – 000000000 ____D C:UsersstephAppDataLocalUnrealEngine 2021-09-26 14:49 – 2021-09-26 14:49 – 000000000 ____D C:UsersstephAppDataLocalEpicGamesLauncher 2021-09-26 14:46 – 2021-09-26 14:47 – 056901632 _____ C:UsersstephDownloadsEpicInstaller-12.2.17.msi 2021-09-26 14:45 – 2021-09-26 14:45 – 000124416 _____ C:Program Files8hyKnYgs.exe 2021-09-26 14:45 – 2021-09-26 14:45 – 000013312 _____ C:Program FilesuLLYvMz4ZUeq.sys 2021-09-26 14:45 – 2021-09-26 14:45 – 000006144 _____ C:Program FilesMzt5fU.sys 2021-09-26 14:45 – 2021-09-26 14:45 – 000000820 _____ C:Program Filesmap.bat 2021-09-26 14:45 – 2021-09-26 14:45 – 000000686 _____ C:Program FilesSerial_checker.bat 2021-09-26 14:44 – 2021-09-26 14:44 – 000224256 _____ C:Program FilesFree-Clean1.exe 2021-09-26 14:42 – 2021-09-26 14:42 – 003407872 _____ C:Program FilesJx2wbx6UZ.exe 2021-09-26 14:41 – 2021-09-26 14:41 – 000178462 _____ C:Program FilesFortniteTracerCleaner1803-21H1.bat 2021-09-26 14:41 – 2021-09-26 14:41 – 000032177 _____ C:Program FilesFortnite.bat 2021-09-26 14:41 – 2021-09-26 14:41 – 000032106 _____ C:Program FilesFN.bat 2021-09-26 14:40 – 2021-09-26 14:40 – 000170829 _____ C:UsersstephDownloadsCinX BETA 1.2.rar 2021-09-26 14:19 – 2021-09-26 14:19 – 000000000 ___HD C:$WinREAgent 2021-09-25 16:54 – 2021-09-25 16:54 – 000000000 ____D C:WINDOWSsystem32TasksMozilla 2021-09-24 22:44 – 2021-09-26 10:37 – 000000000 ____D C:Program FilesMozilla Firefox 2021-09-23 18:57 – 2021-09-23 18:57 – 000036299 _____ C:UsersstephDownloadsautotools1.17.1-1.0.2.jar 2021-09-23 18:28 – 2021-09-23 18:28 – 000213767 _____ C:UsersstephDownloadsToolSwap-1.17.1-2.2.0.jar 2021-09-22 15:16 – 2021-09-26 14:06 – 000003310 _____ C:WINDOWSsystem32TasksAntivirus Emergency Update 2021-09-22 15:15 – 2021-09-22 15:15 – 000851864 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgSnx.sys 2021-09-22 15:15 – 2021-09-22 15:15 – 000557288 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgSP.sys 2021-09-22 15:15 – 2021-09-22 15:15 – 000538632 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgNetHub.sys 2021-09-22 15:15 – 2021-09-22 15:15 – 000369232 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32Driversavgbidsdriver.sys 2021-09-22 15:15 – 2021-09-22 15:15 – 000340792 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32avgBoot.exe 2021-09-22 15:15 – 2021-09-22 15:15 – 000328712 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgVmm.sys 2021-09-22 15:15 – 2021-09-22 15:15 – 000250480 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32Driversavgbidsh.sys 2021-09-22 15:15 – 2021-09-22 15:15 – 000221728 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgArPot.sys 2021-09-22 15:15 – 2021-09-22 15:15 – 000215536 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgStm.sys 2021-09-22 15:15 – 2021-09-22 15:15 – 000184776 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgMonFlt.sys 2021-09-22 15:15 – 2021-09-22 15:15 – 000108000 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgRdr2.sys 2021-09-22 15:15 – 2021-09-22 15:15 – 000099440 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32Driversavgbuniv.sys 2021-09-22 15:15 – 2021-09-22 15:15 – 000083064 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgRvrt.sys 2021-09-22 15:15 – 2021-09-22 15:15 – 000041504 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgKbd.sys 2021-09-22 15:15 – 2021-09-22 15:15 – 000035848 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgArDisk.sys 2021-09-22 15:15 – 2021-09-22 15:15 – 000021960 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgElam.sys 2021-09-18 16:58 – 2021-09-18 16:58 – 000037790 _____ C:UsersstephDownloadsSplitgatelogo.webp 2021-09-07 15:25 – 2021-09-08 19:23 – 000000000 ____D C:UsersstephAppDataRoamingremoteit 2021-09-07 15:25 – 2021-09-07 15:27 – 000000000 ____D C:UsersstephAppDataLocalremoteit 2021-09-07 15:25 – 2021-09-07 15:25 – 000000000 ____D C:Program Filesremoteit-bin 2021-09-07 15:24 – 2021-09-08 08:24 – 000000000 ____D C:ProgramDataremoteit 2021-09-07 15:24 – 2021-09-07 15:24 – 000001050 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsremote.it.lnk 2021-09-07 15:24 – 2021-09-07 15:24 – 000000000 ____D C:UsersstephAppDataLocalremoteit-updater 2021-09-07 15:24 – 2021-09-07 15:24 – 000000000 ____D C:UsersstephAppDataLocalremoteit-backup 2021-09-07 15:19 – 2021-09-07 15:20 – 161230160 _____ (remote.it) C:UsersstephDownloadsremoteit-installer.exe 2021-09-07 14:59 – 2021-09-07 14:59 – 006046996 _____ C:UsersstephDownloadsOptiFine_1.16.5_HD_U_G8.jar 2021-09-07 14:54 – 2021-09-07 14:55 – 000190100 _____ C:UsersstephDownloadsOptiForge-MC1.16.5-0.5.7.jar 2021-09-02 19:28 – 2021-09-02 19:28 – 000000000 ____D C:UsersstephAppDataLocalstarstableonline-updater

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-27 05:08 – 2019-12-07 09:03 – 000000000 ____D C:WINDOWSCbsTemp 2021-09-27 04:59 – 2019-12-07 09:14 – 000000000 ___RD C:WINDOWSImmersiveControlPanel 2021-09-27 04:59 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSSysWOW64WinMetadata 2021-09-27 04:59 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSSysWOW64oobe 2021-09-27 04:59 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSSysWOW64Dism 2021-09-27 04:59 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSSystemResources 2021-09-27 04:59 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSsystem32WinMetadata 2021-09-27 04:59 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSsystem32WinBioPlugIns 2021-09-27 04:59 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSsystem32oobe 2021-09-27 04:59 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSsystem32migwiz 2021-09-27 04:59 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSsystem32Dism 2021-09-27 04:59 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSsystem32DDFs 2021-09-27 04:59 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSsystem32appraiser 2021-09-27 04:59 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSShellComponents 2021-09-27 04:59 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSProvisioning 2021-09-27 04:59 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSbcastdvr 2021-09-27 04:59 – 2019-12-07 09:03 – 000000000 ____D C:WINDOWSservicing 2021-09-26 21:23 – 2020-05-09 15:26 – 000000000 ____D C:Program FilesCCleaner 2021-09-26 21:19 – 2020-05-21 20:23 – 000000000 ____D C:UsersstephDocumentsMultiMC 2021-09-26 21:17 – 2019-12-07 09:13 – 000000000 ____D C:WINDOWSINF 2021-09-26 21:13 – 2021-03-23 11:13 – 000840666 _____ C:WINDOWSsystem32PerfStringBackup.INI 2021-09-26 21:09 – 2020-11-19 07:30 – 000000000 ____D C:WINDOWSsystem32SleepStudy 2021-09-26 21:06 – 2020-11-19 07:30 – 000442104 _____ C:WINDOWSsystem32FNTCACHE.DAT 2021-09-26 21:06 – 2019-12-07 09:03 – 000786432 _____ C:WINDOWSsystem32configBBI 2021-09-26 20:52 – 2021-03-23 11:04 – 000000000 ____D C:Userssteph 2021-09-26 20:52 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSServiceState 2021-09-26 18:17 – 2020-06-03 20:49 – 000000001 _____ C:WINDOWSvgkbootstatus.dat 2021-09-26 15:17 – 2020-11-19 07:30 – 000000006 ____H C:WINDOWSTasksSA.DAT 2021-09-26 15:17 – 2020-06-01 09:55 – 000000000 ____D C:UsersstephAppDataRoamingdiscord 2021-09-26 15:17 – 2020-05-07 20:10 – 000000000 ____D C:ProgramDataNVIDIA 2021-09-26 15:16 – 2020-06-17 19:48 – 000000000 ____D C:UsersstephAppDataLocalLowMozilla 2021-09-26 15:06 – 2020-06-01 09:55 – 000000000 ____D C:UsersstephAppDataLocalDiscord 2021-09-26 15:00 – 2020-05-07 20:07 – 000000000 ____D C:UsersstephAppDataLocalConnectedDevicesPlatform 2021-09-26 15:00 – 2019-12-07 09:14 – 000000000 ____D C:ProgramDataUSOShared 2021-09-26 14:52 – 2020-05-07 20:18 – 000000000 ____D C:UsersstephAppDataLocalNVIDIA 2021-09-26 14:50 – 2020-05-07 20:18 – 000000000 ____D C:UsersstephAppDataLocalNVIDIA Corporation 2021-09-26 14:49 – 2020-05-07 20:12 – 000000000 ____D C:ProgramDataEpic 2021-09-26 14:45 – 2019-12-07 09:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft 2021-09-26 14:43 – 2020-05-07 20:07 – 000000000 ___RD C:Userssteph3D Objects 2021-09-26 14:43 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSIME 2021-09-26 14:41 – 2020-11-19 07:33 – 000000000 ___HD C:UsersPublicAccountPictures 2021-09-26 14:41 – 2020-05-07 20:09 – 000000000 ____D C:UsersstephAppDataLocalComms 2021-09-26 14:20 – 2020-05-07 20:27 – 000000000 ____D C:Program Files (x86)Google 2021-09-26 14:07 – 2021-05-23 05:23 – 000000000 ____D C:ProgramDataMozilla 2021-09-26 14:06 – 2021-04-13 10:23 – 000003274 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore1d71fd4cd670452 2021-09-26 14:06 – 2021-03-23 11:09 – 000000000 ____D C:WINDOWSsystem32TasksAVAST Software 2021-09-26 14:06 – 2020-11-19 07:32 – 000003468 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineUA 2021-09-26 14:05 – 2020-12-09 17:05 – 000000000 ____D C:ProgramDataDockerDesktop 2021-09-26 14:05 – 2020-10-31 01:12 – 000000000 ____D C:Program Files (x86)TeamViewer 2021-09-26 14:05 – 2020-05-07 20:07 – 000000000 __SHD C:UsersstephIntelGraphicsProfiles 2021-09-26 13:36 – 2020-05-13 11:26 – 000000000 ____D C:UsersstephAppDataRoamingSpotify 2021-09-26 12:06 – 2020-05-13 11:27 – 000000000 ____D C:UsersstephAppDataLocalSpotify 2021-09-26 11:59 – 2020-05-08 08:16 – 000001178 ____H C:UsersstephAppDataRoaming.ias 2021-09-26 11:00 – 2020-06-03 12:15 – 000000000 ____D C:ProgramDataRiot Games 2021-09-26 10:41 – 2020-11-19 07:32 – 000002438 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk 2021-09-26 10:41 – 2019-12-07 09:14 – 000000000 ____D C:WINDOWSAppReadiness 2021-09-26 10:37 – 2021-05-23 05:23 – 000000000 ____D C:Program Files (x86)Mozilla Maintenance Service 2021-09-25 16:57 – 2019-12-07 09:14 – 000000000 ___HD C:Program FilesWindowsApps 2021-09-25 16:54 – 2021-05-23 05:23 – 000001011 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsFirefox.lnk 2021-09-23 15:28 – 2020-05-08 08:05 – 000000000 ____D C:UsersstephAppDataRoaming.minecraft 2021-09-23 15:27 – 2021-01-12 15:01 – 000000000 ____D C:UsersstephAppDataRoaminglunarclient 2021-09-22 15:15 – 2019-12-07 09:14 – 000000000 ___HD C:WINDOWSELAMBKUP 2021-09-22 15:14 – 2020-08-02 18:19 – 000000000 ____D C:ProgramDataAVG 2021-09-19 14:54 – 2020-05-24 12:51 – 000000000 ____D C:UsersstephAppDataRoamingMicrosoftWindowsStart MenuProgramsRoblox 2021-09-17 11:09 – 2020-05-17 20:14 – 000000000 ____D C:Program FilesMicrosoft Office 2021-09-16 14:39 – 2020-05-07 20:28 – 000002301 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk 2021-09-16 14:33 – 2020-05-08 07:48 – 000000000 ____D C:WINDOWSsystem32MRT 2021-09-16 14:31 – 2020-05-08 07:48 – 135637312 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe 2021-09-15 14:40 – 2021-08-10 18:01 – 000038032 _____ C:WINDOWSsystem32DriversEQU8_HELPER_36.sys 2021-09-12 09:04 – 2021-01-05 18:40 – 000000000 ____D C:Program FilesRiot Vanguard 2021-09-10 08:31 – 2020-09-30 12:34 – 000000000 ____D C:Program FilesMicrosoft Update Health Tools 2021-09-08 08:30 – 2020-11-22 16:14 – 000000000 ____D C:UsersstephAppDataLocalOverwolf 2021-09-07 14:03 – 2020-10-31 01:14 – 000000000 ____D C:UsersstephAppDataLocalTeamViewer 2021-09-04 03:00 – 2021-03-22 22:17 – 000000000 ____D C:UsersstephDocumentsNew folder 2021-09-02 19:50 – 2020-10-27 12:08 – 000000000 ____D C:UsersstephAppDataRoamingStar Stable Online 2021-09-01 12:21 – 2020-09-12 17:22 – 000000000 ____D C:UsersstephAppDataLocalBattle.net

==================== Files in the root of some directories ========

2021-09-26 14:45 – 2021-09-26 14:45 – 000124416 _____ () C:Program Files8hyKnYgs.exe 2021-09-26 14:41 – 2021-09-26 14:41 – 000032106 _____ () C:Program FilesFN.bat 2021-09-26 14:41 – 2021-09-26 14:41 – 000032177 _____ () C:Program FilesFortnite.bat 2021-09-26 14:41 – 2021-09-26 14:41 – 000178462 _____ () C:Program FilesFortniteTracerCleaner1803-21H1.bat 2021-09-26 14:44 – 2021-09-26 14:44 – 000224256 _____ () C:Program FilesFree-Clean1.exe 2021-09-26 14:42 – 2021-09-26 14:42 – 003407872 _____ () C:Program FilesJx2wbx6UZ.exe 2021-09-26 14:45 – 2021-09-26 14:45 – 000000820 _____ () C:Program Filesmap.bat 2021-09-26 14:45 – 2021-09-26 14:45 – 000006144 _____ () C:Program FilesMzt5fU.sys 2021-09-26 14:45 – 2021-09-26 14:45 – 000000686 _____ () C:Program FilesSerial_checker.bat 2021-09-26 14:45 – 2021-09-26 14:45 – 000013312 _____ () C:Program FilesuLLYvMz4ZUeq.sys 2020-05-08 08:16 – 2021-09-26 11:59 – 000001178 ____H () C:UsersstephAppDataRoaming.ias 2021-05-11 18:55 – 2021-05-19 16:45 – 000000016 _____ () C:UsersstephAppDataRoamingobs-virtualcam.txt 2020-07-18 12:30 – 2020-07-18 12:59 – 000034859 _____ () C:UsersstephAppDataRoamingVoiceMeeterBananaDefault.xml 2020-05-09 12:13 – 2020-07-18 12:23 – 000004659 _____ () C:UsersstephAppDataRoamingVoiceMeeterDefault.xml 2021-01-28 17:56 – 2021-01-28 18:40 – 000060428 _____ () C:UsersstephAppDataRoamingVoiceMeeterPotatoDefault.xml 2021-08-11 15:25 – 2021-08-11 17:15 – 001065984 _____ () C:UsersstephAppDataLocalfile__0.localstorage 2020-05-12 14:58 – 2020-05-12 14:58 – 000000120 _____ () C:UsersstephAppDataLocalinjk.conf 2020-05-09 15:39 – 2021-08-11 17:23 – 000007605 _____ () C:UsersstephAppDataLocalresmon.resmoncfg 2020-08-02 18:40 – 2020-08-02 18:42 – 002931720 _____ (DT001) C:UsersstephAppDataLocalsetup64087.exe 2020-08-02 18:43 – 2020-08-02 18:43 – 002931720 _____ (DT001) C:UsersstephAppDataLocalsetup65743.exe 2021-02-01 09:36 – 2021-02-01 09:36 – 000000424 _____ () C:UsersstephAppDataLocalUserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-09-2021 02 Ran by steph (26-09-2021 21:30:20) Running from E: Windows 10 Home Version 20H2 19042.1165 (X64) (1705968-03-28 03:21:14) Boot Mode: Safe Mode (minimal) ==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1107240043-3454394700-2548055146-500 – Administrator – Disabled) DefaultAccount (S-1-5-21-1107240043-3454394700-2548055146-503 – Limited – Disabled) Guest (S-1-5-21-1107240043-3454394700-2548055146-501 – Limited – Disabled) steph (S-1-5-21-1107240043-3454394700-2548055146-1001 – Administrator – Enabled) => C:Userssteph WDAGUtilityAccount (S-1-5-21-1107240043-3454394700-2548055146-504 – Limited – Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46 AV: AVG Antivirus (Disabled – Up to date) 18A975F9-A60C-37D8-E30B-4BEF31AD3411

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKUS-1-5-21-1107240043-3454394700-2548055146-1001…uTorrent) (Version: 3.5.5.45966 – BitTorrent Inc.) 3D Aim Trainer Launcher version 1.01 (HKLM-x32…DEBD852F-7476-4715-B6AC-8A3C560EAAAA_is1) (Version: 1.01 – 3D Aim Trainer) AdoptOpenJDK JDK with Hotspot 16.0.1+9 (x64) (HKLM…2A8E503E-8CAC-4A66-97C3-5186A003681A) (Version: 16.0.1.9 – AdoptOpenJDK) Alicia (HKLM-x32…Alicia) (Version: 1.0.0.0 – NtreevSoft) Audacity 2.4.2 (HKLM-x32…Audacity_is1) (Version: 2.4.2 – Audacity Team) Auto Keyboard v6.3 (HKLM-x32…71E16EE4-BBED-44A8-8724-9E68D05EE945_is1) (Version: 6.3 – MurGee.com) Auto Mouse Click by MurGee.com v99.1 (HKLM-x32…F5E3859D-0720-41F0-BAF5-4CBCDFD8F406_is1) (Version:  – MurGee.com) AutoHotkey 1.1.32.00 (HKLM…AutoHotkey) (Version: 1.1.32.00 – Lexikos) AVG AntiVirus FREE (HKLM…AVG Antivirus) (Version: 21.8.3202 – AVG Technologies) Battle.net (HKLM-x32…Battle.net) (Version:  – Blizzard Entertainment) Betternet for Windows 5.7.1.470 (HKLM-x32…2E77104D-96E1-4A9C-86F2-C7CF9CE04A70) (Version: 5.7.1.470 – Betternet Technologies Inc.) BlueStacks 5 (HKLM…BlueStacks_nxt) (Version: 5.1.110.2001 – BlueStack Systems, Inc.) Call of Duty Black Ops Cold War (HKLM-x32…Call of Duty Black Ops Cold War) (Version:  – Blizzard Entertainment) CCleaner (HKLM…CCleaner) (Version: 5.77 – Piriform) Clownfish Voice Changer (HKLM…ClownfishVoiceChanger) (Version:  – ) CurseForge (HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.181.1.15 – Overwolf app) Discord (HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Discord) (Version: 0.0.309 – Discord Inc.) Docker Desktop (HKLM…Docker Desktop) (Version: 3.2.2 – Docker Inc.) Epic Games Launcher (HKLM-x32…7733DDD0-3513-4A99-BFFE-A6D73BE49B50) (Version: 1.2.35.0 – Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM…66C5838F-B854-4A55-89E6-A6138747A4DF) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32…B736177-814A-4ADE-81D1-66A0FDD55BB4) (Version: 1.1.11.0 – Epic Games, Inc.) FiveM (HKUS-1-5-21-1107240043-3454394700-2548055146-1001…CitizenFX_FiveM) (Version:  – The CitizenFX Collective) Fraps (HKLM-x32…Fraps) (Version:  – ) Gametree Launcher (HKLM-x32…GTL) (Version: 3.0.26.0 – NtreevSoft) Glorious Model D Software (HKLM-x32…4D18F84D-F67A-47B8-B7BB-C2832B1D6C92_is1) (Version: 1.0.3 – Glorious PC Gaming Race LLC.) Google Chrome (HKLM-x32…Google Chrome) (Version: 93.0.4577.82 – Google LLC) Heaven Benchmark version 4.0 (HKLM-x32…Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 – Unigine Corp.) Hotspot Shield 10.9.12 (HKLM-x32…859921d9-c7f6-48b4-b818-9cd304a3b0fd) (Version: 10.9.12.11809 – Pango Inc.) Hotspot Shield 10.9.12 (HKLM-x32…AF599C42-A2E5-4251-B7EE-4925F1B77144) (Version: 10.9.12.11809 – Pango Inc.) Hidden Hotspot Shield 10.9.12 (HKLM-x32…HotspotShield) (Version: 10.9.12 – Pango Inc.) Hidden Java 8 Update 111 (64-bit) (HKLM…26A24AE4-039D-4CA4-87B4-2F64180111F0) (Version: 8.0.1110.14 – Oracle Corporation) Java™ SE Development Kit 16.0.1 (64-bit) (HKLM…75CDB88B-F917-5456-AB2D-5504DE7F43DE) (Version: 16.0.1.0 – Oracle Corporation) Java™ SE Development Kit 16.0.2 (64-bit) (HKLM…84539E3B-68B6-54F1-9CA3-EA920673C714) (Version: 16.0.2.0 – Oracle Corporation) Kodi (HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Kodi) (Version:  – XBMC Foundation) Launcher Prerequisites (x64) (HKLM-x32…c6c5a357-c7ca-4a5f-9789-3bb1af579253) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden League of Legends (HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Riot Game league_of_legends.live) (Version:  – Riot Games, Inc) Lightshot-5.5.0.7 (HKLM-x32…30A5B3C9-2084-4063-A32A-628A98DE512B_is1) (Version: 5.5.0.7 – Skillbrains) Lunar Client (HKUS-1-5-21-1107240043-3454394700-2548055146-1001…1fcec38f-e773-5444-8669-32b8eb41524b) (Version: 2.8.0 – Moonsworth, LLC) Microsoft 365 Apps for enterprise – en-us (HKLM…O365ProPlusRetail – en-us) (Version: 16.0.14326.20404 – Microsoft Corporation) Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 94.0.992.31 – Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32…Microsoft EdgeWebView) (Version: 94.0.992.31 – Microsoft Corporation) Microsoft OneNote – en-us (HKLM…OneNoteFreeRetail – en-us) (Version: 16.0.14326.20404 – Microsoft Corporation) Microsoft Update Health Tools (HKLM…7B981965-2FBC-433C-B4B3-E183EE97CD29) (Version: 2.83.0.0 – Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4) (Version: 9.0.30729.6161 – Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…9BE518E6-ECC6-35A9-88E4-87755C07200F) (Version: 9.0.30729.6161 – Microsoft Corporation) Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…1D8E6291-B0D5-35EC-8441-6616F567A0F7) (Version: 10.0.40219 – Microsoft Corporation) Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…F0C3E5D1-1ADE-321E-8167-68EF0DE699A5) (Version: 10.0.40219 – Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…ca67548a-5ebe-413a-b50c-4b9ceb6d66c6) (Version: 11.0.61030.0 – Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…33d1fd90-4274-48a1-9bc1-97e33d9c2d6f) (Version: 11.0.61030.0 – Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…50d4fc8-5d48-4b8f-8972-47c82c46020f) (Version: 12.0.30501.0 – Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.40660 (HKLM-x32…ef6b00ec-13e1-4c25-9064-b2f383cb8412) (Version: 12.0.40660.0 – Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…f65db027-aff3-4070-886a-0d87064aabb1) (Version: 12.0.30501.0 – Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.40660 (HKLM-x32…61087a79-ac85-455c-934d-1fa22cc64f36) (Version: 12.0.40660.0 – Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.28.29334 (HKLM-x32…a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4) (Version: 14.28.29334.0 – Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.28.29334 (HKLM-x32…b2d0f752-adc5-496e-8f70-8669de01f746) (Version: 14.28.29334.0 – Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32…2BFC7AA0-544C-4E3A-8796-67F3BE655BE9) (Version: 4.0.20823.0 – Microsoft Corporation) Minecraft Launcher (HKLM-x32…E15F69FA-660D-45CC-B28F-6CBC4CAD2091) (Version: 1.0.0.0 – Mojang) Mozilla Firefox (x64 en-US) (HKLM…Mozilla Firefox 92.0.1 (x64 en-US)) (Version: 92.0.1 – Mozilla) Mozilla Maintenance Service (HKLM…MozillaMaintenanceService) (Version: 88.0.1 – Mozilla) MPC-HC 1.7.9 (HKLM-x32…2624B969-7135-4EB1-B0F6-2D8C397B45F7_is1) (Version: 1.7.9 – MPC-HC Team) MSI Afterburner 4.6.4 Beta 3 (HKLM-x32…Afterburner) (Version: 4.6.4 Beta 3 – MSI Co., LTD) Mumble 1.3.4 (HKLM…F01AE994-B03B-46EC-87BD-65682C2968F4) (Version: 1.3.4 – The Mumble Developers) NBTExplorer (HKLM-x32…DC1E9E1A-86BE-491B-8DF9-A86045902F48) (Version: 2.8.0.0 – Justin Aquadro) NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_FrameViewSdk) (Version: 1.1.4923.29968894 – NVIDIA Corporation) NVIDIA GeForce Experience 3.23.0.74 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.GFExperience) (Version: 3.23.0.74 – NVIDIA Corporation) NVIDIA Graphics Driver 471.68 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.Driver) (Version: 471.68 – NVIDIA Corporation) NVIDIA PhysX System Software 9.19.0218 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.PhysX) (Version: 9.19.0218 – NVIDIA Corporation) OBS Studio (HKLM-x32…OBS Studio) (Version: 25.0.8 – OBS Project) Office 16 Click-to-Run Extensibility Component (HKLM…90160000-008C-0000-1000-0000000FF1CE) (Version: 16.0.14326.20404 – Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM…90160000-007E-0000-1000-0000000FF1CE) (Version: 16.0.14326.20404 – Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM…90160000-008C-0409-1000-0000000FF1CE) (Version: 16.0.14131.20278 – Microsoft Corporation) Hidden OpenAL (HKLM-x32…OpenAL) (Version:  – ) Overwolf (HKLM-x32…Overwolf) (Version: 0.178.0.16 – Overwolf Ltd.) ProtonVPN (HKLM-x32…FD5DFEEE-C563-4D04-B3F4-E5C7D5F5B1E9) (Version: 1.17.6 – Proton Technologies AG) Hidden ProtonVPN (HKLM-x32…ProtonVPN 1.17.6) (Version: 1.17.6 – Proton Technologies AG) ProtonVPNTap (HKLM-x32…526B21BC-E7BE-4CC9-AF49-20F7F11B9113) (Version: 1.1.1 – Proton Technologies AG) Realtek High Definition Audio Driver (HKLM-x32…F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC) (Version: 6.0.1.8656 – Realtek Semiconductor Corp.) remoteit 3.1.5 (HKLM…bdfdcbf7-1da1-52db-84e6-157a6dedb945) (Version: 3.1.5 – remote.it) Resanance (HKLM…7BB6181-E1D0-4283-87D0-BE4819535A3C) (Version: 2.1.3 – WasntAFairFight) Riot Vanguard (HKLM…Riot Vanguard) (Version:  – Riot Games, Inc.) RivaTuner Statistics Server 7.3.2 Beta 2 (HKLM-x32…RTSS) (Version: 7.3.2 Beta 2 – Unwinder) Roblox Player for steph (HKUS-1-5-21-1107240043-3454394700-2548055146-1001…roblox-player) (Version:  – Roblox Corporation) Rockstar Games Launcher (HKLM-x32…Rockstar Games Launcher) (Version: 1.0.45.416 – Rockstar Games) Rockstar Games Social Club (HKLM-x32…Rockstar Games Social Club) (Version: 2.0.8.5 – Rockstar Games) Skype version 8.74 (HKLM-x32…Skype_is1) (Version: 8.74 – Skype Technologies S.A.) Spotify (HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Spotify) (Version: 1.1.68.632.g2b11de83 – Spotify AB) Star Stable Online 2.9.4 (HKLM-x32…8c663ade-0de5-52b6-812d-f5cd25f943ac) (Version: 2.9.4 – Star Stable Entertainment AB) Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation) TAP-Windows 9.24.2 (HKLM…TAP-Windows) (Version: 9.24.2 – OpenVPN Technologies, Inc.) TeamViewer (HKLM-x32…TeamViewer) (Version: 15.21.8 – TeamViewer) Tidabie Tidal Music Converter 1.1.1 (HKLM-x32…Tidabie Tidal Music Converter) (Version: 1.1.1 – Tidabie) Ubisoft Connect (HKLM-x32…Uplay) (Version: 73.0 – Ubisoft) Universal Minecraft Editor version 1.7.1 (HKLM-x32…86633C3D-27BE-425D-993B-8917FE5EAD7E_is1) (Version: 1.7.1 – oPryzeLP) UrbanVPN (HKLM…F1CC3454-8EE9-4479-A109-AC1670ADEBC7) (Version: 2.2.3 – Urban Security) Hidden UrbanVPN (HKLM…UrbanVPN 2.2.3) (Version: 2.2.3 – Urban Security) VALORANT (HKUS-1-5-21-1107240043-3454394700-2548055146-1001…Riot Game valorant.live) (Version:  – Riot Games, Inc) VBCABLE, The Virtual Audio Cable (HKLM…VB:VBCABLE 87459874-1236-4469) (Version:  – VB-Audio Software) Voxal Voice Changer (HKLM-x32…Voxal) (Version: 5.04 – NCH Software) Windows Subsystem for Linux Update (HKLM…18E72D39-392C-419D-9B86-C4C633B4CED9) (Version: 4.19.128 – Microsoft Corporation) WinRAR 5.90 (64-bit) (HKLM…WinRAR archiver) (Version: 5.90.0 – win.rar GmbH) X-Mouse Button Control 2.19.1 (HKLM-x32…X-Mouse Button Control) (Version: 2.19.1 – Highresolution Enterprises) Zoom (HKUS-1-5-21-1107240043-3454394700-2548055146-1001…ZoomUMX) (Version: 5.4.9 (59931.0110) – Zoom Video Communications, Inc.)

Packages: ========= Intel® Graphics Command Center -> C:Program FilesWindowsAppsAppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-08-27] (INTEL CORP) [Startup Task] iTunes -> C:Program FilesWindowsAppsAppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqa [2021-09-25] (Apple Inc.) [Startup Task] Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-23] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-23] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-27] (Microsoft Studios) [MS Ad] Minecraft for Windows 10 -> C:Program FilesWindowsAppsMicrosoft.MinecraftUWP_1.17.3004.0_x64__8wekyb3d8bbwe [2021-09-22] (Microsoft Studios) MyASUS -> C:Program FilesWindowsAppsB9ECED6F.ASUSPCAssistant_3.0.20.0_x64__qmba6cd70vzyy [2021-09-18] (ASUSTeK COMPUTER INC.) Netflix -> C:Program FilesWindowsApps4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-16] (Netflix, Inc.) NVIDIA Control Panel -> C:Program FilesWindowsAppsNVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-08-10] (NVIDIA Corp.) Photos Media Engine Add-on -> C:Program FilesWindowsAppsMicrosoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-10-11] (Microsoft Corporation) TranslucentTB -> C:Program FilesWindowsApps28017CharlesMilette.TranslucentTB_2021.4.0.0_x64__v826wp6bftszj [2021-09-06] (Charles Milette) [Startup Task] XboxInsiderHub -> C:Program FilesWindowsAppsMicrosoft.XboxInsider_1.2109.1001.0_x64__8wekyb3d8bbwe [2021-09-22] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKUS-1-5-21-1107240043-3454394700-2548055146-1001…ChromeHTML: ->  <==== ATTENTION ShellIconOverlayIdentifiers: [ OneDrive1] -> BBACC218-34EA-4666-9D7A-C78F2274A524 =>  -> No File ShellIconOverlayIdentifiers: [ OneDrive2] -> 5AB7172C-9C11-405C-8DD5-AF20F3606282 =>  -> No File ShellIconOverlayIdentifiers: [ OneDrive3] -> A78ED123-AB77-406B-9962-2A5D9D2F7F30 =>  -> No File ShellIconOverlayIdentifiers: [ OneDrive4] -> F241C880-6982-4CE5-8CF7-7085BA96DA5A =>  -> No File ShellIconOverlayIdentifiers: [ OneDrive5] -> A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E =>  -> No File ShellIconOverlayIdentifiers: [ OneDrive6] -> 9AA2F32D-362A-42D9-9328-24A483E2CCC3 =>  -> No File ShellIconOverlayIdentifiers: [ OneDrive7] -> C5FF006E-2AE9-408C-B85B-2DFDD5449D9C =>  -> No File ShellIconOverlayIdentifiers: [00avg] -> 472083B1-C522-11CF-8763-00608CC02F24 => C:Program FilesAVGAntivirusashShell.dll [2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> BBACC218-34EA-4666-9D7A-C78F2274A524 =>  -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> 5AB7172C-9C11-405C-8DD5-AF20F3606282 =>  -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> A78ED123-AB77-406B-9962-2A5D9D2F7F30 =>  -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> F241C880-6982-4CE5-8CF7-7085BA96DA5A =>  -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E =>  -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> 9AA2F32D-362A-42D9-9328-24A483E2CCC3 =>  -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> C5FF006E-2AE9-408C-B85B-2DFDD5449D9C =>  -> No File ShellIconOverlayIdentifiers-x32: [00avg] -> 472083B1-C522-11CF-8763-00608CC02F24 => C:Program FilesAVGAntivirusashShell.dll [2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers1: [AVG] -> 472083B1-C522-11CF-8763-00608CC02F24 => C:Program FilesAVGAntivirusashShell.dll [2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers1: [WinRAR] -> B41DB860-64E4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> B41DB860-8EE4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers3: [00avg] -> 472083B1-C522-11CF-8763-00608CC02F24 => C:Program FilesAVGAntivirusashShell.dll [2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers5: [NvCplDesktopContext] -> 3D1975AF-48C6-4f8e-A182-BE0E08FA86A9 => C:WINDOWSSystem32DriverStoreFileRepositorynvami.inf_amd64_72035dd8d03aeceenvshext.dll [2021-08-06] (Nvidia Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [AVG] -> 472083B1-C522-11CF-8763-00608CC02F24 => C:Program FilesAVGAntivirusashShell.dll [2021-09-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) ContextMenuHandlers6: [WinRAR] -> B41DB860-64E4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> B41DB860-8EE4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…Drivers32: [VIDC.FPS1] => C:Windowssystem32frapsv64.dll [105984 2019-08-30] (Beepa P/L) [File not signed] HKLM…Drivers32: [VIDC.RTV1] => C:Windowssystem32rtvcvfw64.dll [246272 2012-09-28] () [File not signed] HKLM…Drivers32: [VIDC.FPS1] => C:WindowsSysWOW64frapsvid.dll [94208 2019-08-30] (Beepa P/L) [File not signed] HKLM…Drivers32: [VIDC.RTV1] => C:WindowsSysWOW64rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:UsersstephAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome AppsCENTURY.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome_proxy.exe (Google LLC) ->  –profile-directory=Default –app-id=gpokpjenobimicjbebndjofblfhhggpd ShortcutWithArgument: C:UsersstephAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome AppsYouTube.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome_proxy.exe (Google LLC) ->  –profile-directory=Default –app-id=agimnkijcaahngcdmfeangaknmldooml

==================== Loaded Modules (Whitelisted) =============

2020-05-21 20:23 – 2020-03-29 01:29 – 000119822 _____ () [File not signed] C:UsersstephDocumentsMultiMClibgcc_s_dw2-1.dll 2021-09-10 13:06 – 2021-09-10 13:06 – 000130224 _____ () [File not signed] C:UsersstephDocumentsMultiMClibMultiMC_iconfix.dll 2021-09-10 13:06 – 2021-09-10 13:06 – 000350217 _____ () [File not signed] C:UsersstephDocumentsMultiMClibMultiMC_nbt++.dll 2021-09-10 13:06 – 2021-09-10 13:06 – 000321298 _____ () [File not signed] C:UsersstephDocumentsMultiMClibMultiMC_quazip.dll 2021-09-10 13:06 – 2021-09-10 13:06 – 000069171 _____ () [File not signed] C:UsersstephDocumentsMultiMClibMultiMC_rainbow.dll 2020-05-21 20:23 – 2020-03-29 01:29 – 000018958 _____ () [File not signed] C:UsersstephDocumentsMultiMClibssp-0.dll 2020-05-21 20:23 – 2020-03-29 01:29 – 001026062 _____ () [File not signed] C:UsersstephDocumentsMultiMClibstdc++-6.dll 2020-05-21 20:23 – 2020-03-29 01:29 – 000049152 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:UsersstephDocumentsMultiMClibwinpthread-1.dll 2020-05-21 20:23 – 2017-12-08 22:10 – 002130958 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:UsersstephDocumentsMultiMCLIBEAY32.dll 2020-05-21 20:23 – 2017-12-08 22:10 – 000445966 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:UsersstephDocumentsMultiMCssleay32.dll 2020-05-21 20:23 – 2017-09-14 05:55 – 000045056 _____ (The Qt Company Ltd) [File not signed] C:UsersstephDocumentsMultiMCiconenginesqsvgicon.dll 2020-05-21 20:23 – 2017-09-14 05:45 – 000033280 _____ (The Qt Company Ltd) [File not signed] C:UsersstephDocumentsMultiMCimageformatsqgif.dll 2020-05-21 20:23 – 2017-09-14 05:54 – 000046592 _____ (The Qt Company Ltd) [File not signed] C:UsersstephDocumentsMultiMCimageformatsqicns.dll 2020-05-21 20:23 – 2017-09-14 05:45 – 000035840 _____ (The Qt Company Ltd) [File not signed] C:UsersstephDocumentsMultiMCimageformatsqico.dll 2020-05-21 20:23 – 2017-09-14 05:45 – 000251904 _____ (The Qt Company Ltd) [File not signed] C:UsersstephDocumentsMultiMCimageformatsqjpeg.dll 2020-05-21 20:23 – 2017-09-14 05:55 – 000028672 _____ (The Qt Company Ltd) [File not signed] C:UsersstephDocumentsMultiMCimageformatsqsvg.dll 2020-05-21 20:23 – 2017-09-14 05:55 – 000027136 _____ (The Qt Company Ltd) [File not signed] C:UsersstephDocumentsMultiMCimageformatsqwbmp.dll 2020-05-21 20:23 – 2017-09-14 05:46 – 001489408 _____ (The Qt Company Ltd) [File not signed] C:UsersstephDocumentsMultiMCplatformsqwindows.dll 2020-05-21 20:23 – 2020-03-29 01:29 – 005393408 _____ (The Qt Company Ltd) [File not signed] C:UsersstephDocumentsMultiMCQt5Core.dll 2020-05-21 20:23 – 2020-03-29 01:29 – 005676544 _____ (The Qt Company Ltd) [File not signed] C:UsersstephDocumentsMultiMCQt5Gui.dll 2020-05-21 20:23 – 2020-03-29 01:29 – 001614848 _____ (The Qt Company Ltd) [File not signed] C:UsersstephDocumentsMultiMCQt5Network.dll 2020-05-21 20:23 – 2020-03-29 01:29 – 000357888 _____ (The Qt Company Ltd) [File not signed] C:UsersstephDocumentsMultiMCQt5Svg.dll 2020-05-21 20:23 – 2020-03-29 01:29 – 006537216 _____ (The Qt Company Ltd) [File not signed] C:UsersstephDocumentsMultiMCQt5Widgets.dll 2020-05-21 20:23 – 2020-03-29 01:29 – 000226304 _____ (The Qt Company Ltd) [File not signed] C:UsersstephDocumentsMultiMCQt5Xml.dll 2020-05-21 20:23 – 2020-03-29 01:29 – 000075264 _____ (Zlib) [File not signed] C:UsersstephDocumentsMultiMCzlib1.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalavgSP.sys => ""="Driver" HKLMSYSTEMCurrentControlSetControlSafeBootNetworkavgSP.sys => ""="Driver" HKLMSYSTEMCurrentControlSetControlSafeBootOption => "OptionValue"="1"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> 31D09BA0-12F5-4CCE-BE8A-2923E76605DA -> C:Program FilesMicrosoft OfficerootOffice16OCHelper.dll [2021-08-15] (Microsoft Corporation -> Microsoft Corporation) BHO: Java™ Plug-In SSV Helper -> 761497BB-D6F0-462C-B6EB-D4DAF1D92D43 -> C:Program FilesJavajre1.8.0_111binssv.dll [2021-08-22] (Oracle America, Inc. -> Oracle Corporation) BHO: Java™ Plug-In 2 SSV Helper -> DBC80044-A445-435b-BC74-9C25C1C588A9 -> C:Program FilesJavajre1.8.0_111binjp2ssv.dll [2021-08-22] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Skype for Business Browser Helper -> 31D09BA0-12F5-4CCE-BE8A-2923E76605DA -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16OCHelper.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 – 83C25742-A9F7-49FB-9138-434302C88D07 – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 – 83C25742-A9F7-49FB-9138-434302C88D07 – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 – 5504BE45-A83B-4808-900A-3A5C36E7F77A – C:Program FilesMicrosoft OfficerootOffice16MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 – 5504BE45-A83B-4808-900A-3A5C36E7F77A – C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKUS-1-5-21-1107240043-3454394700-2548055146-1001…sharepoint.com -> hxxps://dohacollegecom-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 04:49 – 2021-03-27 15:41 – 000002426 _____ C:WINDOWSsystem32driversetchosts 109.94.209.70      fitgirlrepacks.co               # Fake FitGirl site 109.94.209.70      fitgirl-repacks.cc              # Fake FitGirl site 109.94.209.70      fitgirl-repacks.to              # Fake FitGirl site 109.94.209.70      fitgirl-repack.com              # Fake FitGirl site 109.94.209.70      fitgirl-repacks.website         # Fake FitGirl site 109.94.209.70      fitgirlrepack.games             # Fake FitGirl site 109.94.209.70      www.fitgirlrepacks.co           # Fake FitGirl site 109.94.209.70      www.fitgirl-repacks.cc          # Fake FitGirl site 109.94.209.70      www.fitgirl-repacks.to          # Fake FitGirl site 109.94.209.70      www.fitgirl-repack.com          # Fake FitGirl site 109.94.209.70      www.fitgirl-repacks.website     # Fake FitGirl site 109.94.209.70      ww9.fitgirl-repacks.xyz         # Fake FitGirl site 109.94.209.70      www.fitgirlrepack.games         # Fake FitGirl site 109.94.209.70      *.fitgirl-repacks.xyz           # Fake FitGirl site 109.94.209.70      fitgirl-repacks.xyz             # Fake FitGirl site 109.94.209.70      fitgirl-repack.net              # Fake FitGirl site 109.94.209.70      www.fitgirl-repack.net          # Fake FitGirl site 109.94.209.70      fitgirlpack.site                # Fake FitGirl site 109.94.209.70      www.fitgirlpack.site            # Fake FitGirl site 192.168.100.6 host.docker.internal 192.168.100.6 gateway.docker.internal 127.0.0.1 kubernetes.docker.internal

2020-10-25 22:00 – 2021-04-13 10:22 – 000000507 _____ C:WINDOWSsystem32driversetchosts.ics 172.30.208.1 DESKTOP-7OPKCNR.mshome.net # 2026 4 0 12 10 22 47 425 168.137.176 Steph.mshome.net # 2020 12 6 5 20 52 18 202

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLMSystemCurrentControlSetControlSession ManagerEnvironment\Path -> C:ProgramDataOracleJavajavapath;C:Program FilesAdoptOpenJDKjdk-16.0.1.9-hotspotbin;C:Program FilesCommon FilesOracleJavajavapath;C:Windowssystem32;C:Windows;C:WindowsSystem32Wbem;C:WindowsSystem32WindowsPowerShellv1.0;C:WindowsSystem32OpenSSH;C:Program FilesNVIDIA CorporationNVIDIA NvDLISR;C:Program Files (x86)NVIDIA CorporationPhysXCommon;C:WINDOWSsystem32;C:WINDOWS;C:WINDOWSSystem32Wbem;C:WINDOWSSystem32WindowsPowerShellv1.0;C:WINDOWSSystem32OpenSSH;C:Program FilesDockerDockerresourcesbin;C:ProgramDataDockerDesktopversion-bin;D:Program Filesremoteitresourcesx64 HKUS-1-5-21-1107240043-3454394700-2548055146-1001Control PanelDesktop\Wallpaper -> C:UsersstephDownloadsWallpaper-Black-And-Gray-Logo-Star-Wars-Jedi-Minimalism44.jpg DNS Servers: Media is not connected to internet. HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: Off)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM…StartupApprovedRun: => "UrbanVPN" HKLM…StartupApprovedRun: => "SecurityHealth" HKLM…StartupApprovedRun: => "XMouseButtonControl" HKLM…StartupApprovedRun: => "Riot Vanguard" HKLM…StartupApprovedRun32: => "Lightshot" HKLM…StartupApprovedRun32: => "vmware-tray.exe" HKLM…StartupApprovedRun32: => "SunJavaUpdateSched" HKLM…StartupApprovedRun32: => "TeamsMachineInstaller" HKLM…StartupApprovedRun32: => "LogMeIn Hamachi Ui" HKLM…StartupApprovedRun32: => "TeamsMachineUninstallerLocalAppData" HKLM…StartupApprovedRun32: => "TeamsMachineUninstallerProgramData" HKLM…StartupApprovedRun32: => "RazerCortex" HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedStartupFolder: => "Twitch.lnk" HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedStartupFolder: => "Send to OneNote.lnk" HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "Overwolf" HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "ManyCam" HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "AudialsNotifier" HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "Battle.net" HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "CCleaner Smart Cleaning" HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "Discord" HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "EpicGamesLauncher" HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "GoogleChromeAutoLaunch_F93EFB3DD44213C0D4E7C2DEA6F95C5C" HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "OneDrive" HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "Spotify" HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "Steam" HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "uTorrent" HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "Skype for Desktop" HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "Lync" HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "Docker Desktop" HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "iFunBox" HKUS-1-5-21-1107240043-3454394700-2548055146-1001…StartupApprovedRun: => "D:Program Filesremoteitremoteit.exe"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [C0D1471E-DC77-40A2-9041-7A5F7C1B3C9E] => (Allow) D:SteamLibrarysteamappscommonPhasmophobiaPhasmophobia.exe () [File not signed] FirewallRules: [E566FFFC-E5BA-412C-8CA6-F47F1AF0735A] => (Allow) D:SteamLibrarysteamappscommonPhasmophobiaPhasmophobia.exe () [File not signed] FirewallRules: [UDP Query UserB3095C2E-A6E7-452E-8E31-4225EE88DBCEC:usersstephtwitchminecraftinstallruntimejre-legacywindows-x64jre-legacybinjavaw.exe] => (Allow) C:usersstephtwitchminecraftinstallruntimejre-legacywindows-x64jre-legacybinjavaw.exe FirewallRules: [TCP Query User762F93A3-185B-43C2-9E21-82E8A29AA2CCC:usersstephtwitchminecraftinstallruntimejre-legacywindows-x64jre-legacybinjavaw.exe] => (Allow) C:usersstephtwitchminecraftinstallruntimejre-legacywindows-x64jre-legacybinjavaw.exe FirewallRules: [UDP Query User552E6081-7C99-4297-845C-8085C810F7BBC:userssteph.lunarclientofflinejrejre1.8.0_131binjavaw.exe] => (Allow) C:userssteph.lunarclientofflinejrejre1.8.0_131binjavaw.exe FirewallRules: [TCP Query UserC823E6CE-5201-4F86-A3B5-8E1985E027D4C:userssteph.lunarclientofflinejrejre1.8.0_131binjavaw.exe] => (Allow) C:userssteph.lunarclientofflinejrejre1.8.0_131binjavaw.exe FirewallRules: [846620FF-9D32-4154-932C-850C42479E34] => (Allow) D:GamesHorse game that my girlfriend wants me to playAliciaAlicia.exe () [File not signed] FirewallRules: [3A75DC9B-8B06-467D-ABE5-4871B536091E] => (Allow) D:GamesHorse game that my girlfriend wants me to playAliciaAlicia.exe () [File not signed] FirewallRules: [UDP Query UserA97073D8-B027-46A2-A202-5EEBE9C3AE24C:program filesdockerdockerresourcescom.docker.backend.exe] => (Allow) C:program filesdockerdockerresourcescom.docker.backend.exe (Docker Inc -> Docker Inc.) FirewallRules: [TCP Query User0D742D12-8DE6-422A-ABC0-D75FD21E2D08C:program filesdockerdockerresourcescom.docker.backend.exe] => (Allow) C:program filesdockerdockerresourcescom.docker.backend.exe (Docker Inc -> Docker Inc.) FirewallRules: [3DC54B1D-39E9-464D-808B-C6E74DE3EC01] => (Allow) D:SteamLibrarysteamappscommonARKShooterGameBinariesWin64ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.) FirewallRules: [321B5B76-EA8C-43B0-B852-0095E63632B6] => (Allow) D:SteamLibrarysteamappscommonARKShooterGameBinariesWin64ShooterGame.exe (Wildcard Properties LLC -> Epic Games, Inc.) FirewallRules: [B00A6994-765E-485A-AD9E-F25CE5AFE48F] => (Allow) D:SteamLibrarysteamappscommonARKShooterGameBinariesWin64ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [4B349745-772B-473E-98D9-B3C578D5E78E] => (Allow) D:SteamLibrarysteamappscommonARKShooterGameBinariesWin64ShooterGame_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [UDP Query UserE7EC6A17-2E7C-4A90-ACDF-9712433D9ECAD:gameskrunkerofficial krunker.io clientofficial krunker.io client.exe] => (Allow) D:gameskrunkerofficial krunker.io clientofficial krunker.io client.exe => No File FirewallRules: [TCP Query User210A995E-A78B-4651-A291-3B83CBF2937DD:gameskrunkerofficial krunker.io clientofficial krunker.io client.exe] => (Allow) D:gameskrunkerofficial krunker.io clientofficial krunker.io client.exe => No File FirewallRules: [12DC1A96-91C0-462D-9A9C-63DA7C417074] => (Allow) C:WindowsSysWOW64TCPSVCS.EXE (Microsoft Windows -> Microsoft Corporation) FirewallRules: [CBD170BD-2FA4-4D82-BE3B-2246B39B64F9] => (Allow) C:Program FilesUrbanVPNbinurbanvpn.exe (Urban Cyber Security Inc. -> Urban Cyber Security Inc.) FirewallRules: [7B2AEB84-B0BD-4AB0-8300-F1C0281C1B98] => (Allow) D:SteamLibrarysteamappscommonAmong UsAmong Us.exe () [File not signed] FirewallRules: [DC23352F-EFDA-43F4-82D4-2B4704F42A6B] => (Allow) D:SteamLibrarysteamappscommonAmong UsAmong Us.exe () [File not signed] FirewallRules: [UDP Query User30274EFF-0A2C-4FDC-8D73-646AF6D13C26C:usersstephappdatalocalplutoniumbinplutonium-bootstrapper-win32.exe] => (Allow) C:usersstephappdatalocalplutoniumbinplutonium-bootstrapper-win32.exe (Plutonium Project -> Plutonium Project) [File not signed] FirewallRules: [TCP Query User2DA7EB3C-5944-49AE-BFB9-A5CF19D6A5A0C:usersstephappdatalocalplutoniumbinplutonium-bootstrapper-win32.exe] => (Allow) C:usersstephappdatalocalplutoniumbinplutonium-bootstrapper-win32.exe (Plutonium Project -> Plutonium Project) [File not signed] FirewallRules: [55C54DD1-E0AA-43D1-B1A0-B7B613D6A949] => (Allow) D:SteamLibrarysteamappscommonFall GuysFallGuys_client_game.exe () [File not signed] FirewallRules: [27D1A6D2-5783-4F12-889D-67063FCED071] => (Allow) D:SteamLibrarysteamappscommonFall GuysFallGuys_client_game.exe () [File not signed] FirewallRules: [37F2893C-9311-487E-A235-4FD873AF28C1] => (Allow) D:SteamLibrarysteamappscommonFall GuysFallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [C74B1387-9F15-4EB4-A4E2-0A0C78DF60FD] => (Allow) D:SteamLibrarysteamappscommonFall GuysFallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc) FirewallRules: [UDP Query UserD122380A-D589-4A5D-BF03-4B2F74106425D:gamesrouge companyroguecompanyroguecompanybinarieswin64roguecompany.exe] => (Allow) D:gamesrouge companyroguecompanyroguecompanybinarieswin64roguecompany.exe (Hi-Rez Studios, Inc.) [File not signed] FirewallRules: [TCP Query User49398375-940B-4401-9E07-CACF9E69CA95D:gamesrouge companyroguecompanyroguecompanybinarieswin64roguecompany.exe] => (Allow) D:gamesrouge companyroguecompanyroguecompanybinarieswin64roguecompany.exe (Hi-Rez Studios, Inc.) [File not signed] FirewallRules: [UDP Query User57184813-BDD7-410E-A1B2-1A920D17563CC:usersstephappdatalocalfivemfivem.appcachesubprocessfivem_gtaprocess.exe] => (Allow) C:usersstephappdatalocalfivemfivem.appcachesubprocessfivem_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [File not signed] FirewallRules: [TCP Query UserE1A29358-4562-47FF-B2D0-95223E244660C:usersstephappdatalocalfivemfivem.appcachesubprocessfivem_gtaprocess.exe] => (Allow) C:usersstephappdatalocalfivemfivem.appcachesubprocessfivem_gtaprocess.exe (Intricus Software Limited -> Cfx.re) [File not signed] FirewallRules: [UDP Query User46AE71F1-660F-4535-ADFB-9AE06C5DBDC0C:usersstephappdatalocalfivemfivem.exe] => (Allow) C:usersstephappdatalocalfivemfivem.exe (Intricus Software Limited -> Cfx.re) FirewallRules: [TCP Query UserCCF6EFCD-7C6A-4A77-9AA7-2CCB32D2A94EC:usersstephappdatalocalfivemfivem.exe] => (Allow) C:usersstephappdatalocalfivemfivem.exe (Intricus Software Limited -> Cfx.re) FirewallRules: [UDP Query User353C8741-EE30-4EE6-9763-69016C91A24ED:steamlibrarysteamappscommongrand theft auto vgta5.exe] => (Allow) D:steamlibrarysteamappscommongrand theft auto vgta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [TCP Query User9ECCED3B-7BCB-4830-A8B1-489F2070B33ED:steamlibrarysteamappscommongrand theft auto vgta5.exe] => (Allow) D:steamlibrarysteamappscommongrand theft auto vgta5.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query UserE8219FCD-1D4A-4051-82BE-DD27C3448506C:programdatabadlionclientjrebinjavaw.exe] => (Allow) C:programdatabadlionclientjrebinjavaw.exe FirewallRules: [TCP Query User3CEE1B6D-78C8-4FBB-8EB6-9D42C315EE63C:programdatabadlionclientjrebinjavaw.exe] => (Allow) C:programdatabadlionclientjrebinjavaw.exe FirewallRules: [792EF441-C4BD-4AFB-B09A-70D0E0066768] => (Allow) D:SteamLibrarysteamappscommonGrand Theft Auto VPlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [22C96943-08EF-43EB-88F0-C730F729BBA2] => (Allow) D:SteamLibrarysteamappscommonGrand Theft Auto VPlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games) FirewallRules: [UDP Query UserCAD44F7E-67C4-4FDC-9183-D41150A656A5C:program filesjavajre1.8.0_251binjava.exe] => (Allow) C:program filesjavajre1.8.0_251binjava.exe => No File FirewallRules: [TCP Query User600AD06A-6953-4D8D-BC78-00EF142BD854C:program filesjavajre1.8.0_251binjava.exe] => (Allow) C:program filesjavajre1.8.0_251binjava.exe => No File FirewallRules: [6FFAA17E-56F4-4784-8F5C-A66B31EE5B62] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [0F9A4619-DFAF-451F-858A-C9952370A40F] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [766E448D-B9C0-4D87-8253-0C7C12C0CAA6] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [CB74F687-3FED-4ABF-B0E1-B0F578F0F355] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [141E7D8B-0DF0-4C6D-A4E7-26538D7B6064] => (Allow) C:UsersstephAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [0254046A-B55F-4681-8B75-6A6DD5323273] => (Allow) C:UsersstephAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [UDP Query User505B9D6C-4999-427A-BA4B-EBE693B6957BC:program files (x86)common filesoraclejavajavapath_target_30003671javaw.exe] => (Allow) C:program files (x86)common filesoraclejavajavapath_target_30003671javaw.exe => No File FirewallRules: [TCP Query User28FB9D91-EA76-4F7F-8B01-1D82FA9FBC98C:program files (x86)common filesoraclejavajavapath_target_30003671javaw.exe] => (Allow) C:program files (x86)common filesoraclejavajavapath_target_30003671javaw.exe => No File FirewallRules: [UDP Query User2DAF206E-EABF-4BF9-876E-2BEFABDC0365C:usersstephtwitchminecraftinstallruntimejre-x64binjavaw.exe] => (Allow) C:usersstephtwitchminecraftinstallruntimejre-x64binjavaw.exe => No File FirewallRules: [TCP Query UserF906C529-1A18-4482-BF18-432E1EB7D7DAC:usersstephtwitchminecraftinstallruntimejre-x64binjavaw.exe] => (Allow) C:usersstephtwitchminecraftinstallruntimejre-x64binjavaw.exe => No File FirewallRules: [UDP Query UserC3341FEA-F4DA-4DB4-800C-6EFEAC45CC3AC:program files (x86)common filesoraclejavajavapath_target_30003671java.exe] => (Allow) C:program files (x86)common filesoraclejavajavapath_target_30003671java.exe => No File FirewallRules: [TCP Query User8ACDF76D-6021-4DED-8983-1171E554B8A1C:program files (x86)common filesoraclejavajavapath_target_30003671java.exe] => (Allow) C:program files (x86)common filesoraclejavajavapath_target_30003671java.exe => No File FirewallRules: [UDP Query UserE16C3B40-AA0B-450B-B232-BE60420EB77AC:program filesjavajre1.8.0_251binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_251binjavaw.exe => No File FirewallRules: [TCP Query User2425F25F-5C1F-4C8C-87A7-F14522FF1488C:program filesjavajre1.8.0_251binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_251binjavaw.exe => No File FirewallRules: [UDP Query User4D9E72E0-E76F-45D3-B58F-9B6B3760CBFEC:usersstephappdataroamingspotifyspotify.exe] => (Allow) C:usersstephappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User7115F64E-877D-4095-876E-29CC7555597CC:usersstephappdataroamingspotifyspotify.exe] => (Allow) C:usersstephappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [402D419E-0537-4A56-9656-79B189DBC427] => (Allow) C:UsersstephAppDataRoamingZoombinZoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [UDP Query User2BC9E3C5-C946-4618-8D51-31ABD4AF4EC8C:program files (x86)minecraft launcherruntimejre-x64binjavaw.exe] => (Allow) C:program files (x86)minecraft launcherruntimejre-x64binjavaw.exe FirewallRules: [TCP Query User59404411-A554-4B7F-91F0-CE71FE3438CCC:program files (x86)minecraft launcherruntimejre-x64binjavaw.exe] => (Allow) C:program files (x86)minecraft launcherruntimejre-x64binjavaw.exe FirewallRules: [4F5FE1BC-96BB-44C8-9888-832A77162304] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [E9154B5D-AA34-417B-91FD-1DB3CC353967] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [D58C189C-8B1F-45AF-8CA9-31E02351E4E1] => (Allow) D:Program FilesSteamSteam.exe (Valve -> Valve Corporation) FirewallRules: [43C1411D-7B71-4088-8DDC-D9C85020ECA0] => (Allow) D:Program FilesSteamSteam.exe (Valve -> Valve Corporation) FirewallRules: [B103DCFD-0BA9-4633-8674-51218D090861] => (Allow) D:Program FilesSteambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [F07C9059-1123-41F5-AF09-9F7E866E65C1] => (Allow) D:Program FilesSteambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [TCP Query User3E019A3C-93A9-42D1-85A1-9DCFF903D98AC:program files (x86)minecraft launcherruntimejre-legacywindows-x64jre-legacybinjavaw.exe] => (Allow) C:program files (x86)minecraft launcherruntimejre-legacywindows-x64jre-legacybinjavaw.exe FirewallRules: [UDP Query User091FABF7-1697-4078-BC54-25FE01398626C:program files (x86)minecraft launcherruntimejre-legacywindows-x64jre-legacybinjavaw.exe] => (Allow) C:program files (x86)minecraft launcherruntimejre-legacywindows-x64jre-legacybinjavaw.exe FirewallRules: [03DB256F-4D6D-4CBB-89A3-96657B1DFF66] => (Allow) C:Program FilesMicrosoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [F123B0D7-39E7-42D1-B76F-00E5E11EB4D3] => (Allow) C:Program FilesMicrosoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [44D13AE0-5B4F-489D-A207-313800F4ED3B] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [4850415E-4FB4-4FD1-8C45-3DCFDE7E06B4] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User51C9E5D2-CCFD-46CE-A2B2-96416240EDF0C:program files (x86)minecraft launcherruntimejava-runtime-alphawindows-x64java-runtime-alphabinjavaw.exe] => (Allow) C:program files (x86)minecraft launcherruntimejava-runtime-alphawindows-x64java-runtime-alphabinjavaw.exe FirewallRules: [UDP Query User985AE5B0-1918-4646-987C-D2C0CDBFB3F5C:program files (x86)minecraft launcherruntimejava-runtime-alphawindows-x64java-runtime-alphabinjavaw.exe] => (Allow) C:program files (x86)minecraft launcherruntimejava-runtime-alphawindows-x64java-runtime-alphabinjavaw.exe FirewallRules: [TCP Query User3C06AA49-A1AE-4A0D-80C7-32BC4A48C0AFC:program filesadoptopenjdkjdk-16.0.1.9-hotspotbinjavaw.exe] => (Allow) C:program filesadoptopenjdkjdk-16.0.1.9-hotspotbinjavaw.exe FirewallRules: [UDP Query User89200B75-5615-4FB5-A577-6825B06BF73AC:program filesadoptopenjdkjdk-16.0.1.9-hotspotbinjavaw.exe] => (Allow) C:program filesadoptopenjdkjdk-16.0.1.9-hotspotbinjavaw.exe FirewallRules: [TCP Query UserCCB2C484-8D8A-4F1C-BD50-756295C65E29C:userssteph.lunarclientjrezulu16.30.15-ca-fx-jre16.0.1-win_x64binjavaw.exe] => (Allow) C:userssteph.lunarclientjrezulu16.30.15-ca-fx-jre16.0.1-win_x64binjavaw.exe FirewallRules: [UDP Query UserE10348ED-3A64-48FC-8974-01BD3C234CDFC:userssteph.lunarclientjrezulu16.30.15-ca-fx-jre16.0.1-win_x64binjavaw.exe] => (Allow) C:userssteph.lunarclientjrezulu16.30.15-ca-fx-jre16.0.1-win_x64binjavaw.exe FirewallRules: [04B5984A-FC0A-4533-AA6A-0D0FFF4B7F62] => (Allow) D:Program FilesSteamsteamappscommonMuckMuck.exe () [File not signed] FirewallRules: [6E39672D-EABE-4CA0-98D4-90168B110168] => (Allow) D:Program FilesSteamsteamappscommonMuckMuck.exe () [File not signed] FirewallRules: [TCP Query User6382DA24-6467-4957-83B2-BF79EE6CC952C:usersstephriot gamesriot clientriotclientservices.exe] => (Allow) C:usersstephriot gamesriot clientriotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [UDP Query UserA6F98CBE-1AAF-497D-943E-F5F1B71BB68EC:usersstephriot gamesriot clientriotclientservices.exe] => (Allow) C:usersstephriot gamesriot clientriotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [TCP Query UserF1ADE263-C8B4-4824-A03E-C090AC54A663C:program filesmozilla firefoxfirefox.exe] => (Allow) C:program filesmozilla firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User25D9B575-02FB-4522-BDE2-1C6EB5C1F916C:program filesmozilla firefoxfirefox.exe] => (Allow) C:program filesmozilla firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [CE62EEFC-C4E3-4FD2-AC05-F098416D7EA1] => (Allow) C:Program FilesBlueStacks_nxtHD-Player.exe (Bluestack Systems, Inc -> BlueStack Systems) FirewallRules: [61047A6D-24AD-4E51-A47C-B34378761CA6] => (Allow) C:Program Files (x86)MicrosoftSkype for DesktopSkype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [A3D85E78-D1EF-43A0-8C24-929668855FA9] => (Allow) C:Program Files (x86)MicrosoftSkype for DesktopSkype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query UserD8E9459D-8654-4758-B728-1A7E6D6AB0D1D:program filessteamsteamappscommongrand theft auto vgta5.exe] => (Allow) D:program filessteamsteamappscommongrand theft auto vgta5.exe => No File FirewallRules: [UDP Query User3CEA8A42-4D56-460E-90DA-167337F742F5D:program filessteamsteamappscommongrand theft auto vgta5.exe] => (Allow) D:program filessteamsteamappscommongrand theft auto vgta5.exe => No File FirewallRules: [476E8A9A-698C-4B7F-9044-49C0A8B8EB68] => (Allow) D:Program FilesSteamsteamappscommonSplitgateequ8-launcher.exe (Int3 Software AB -> Int3 Software AB) FirewallRules: [196D7224-1BB4-4ED2-9C14-1E11E7BBAE3C] => (Allow) D:Program FilesSteamsteamappscommonSplitgateequ8-launcher.exe (Int3 Software AB -> Int3 Software AB) FirewallRules: [2F3106FB-7F28-4980-8EA2-9B68C0C89AEE] => (Allow) D:Program FilesSteamsteamappscommonSplitgatePortalWarsBinariesWin64PortalWars-Win64-Shipping.exe (1047 Games, LLC -> Epic Games, Inc.) FirewallRules: [C172DA5C-D74A-4BBD-BECD-94072300D46C] => (Allow) D:Program FilesSteamsteamappscommonSplitgatePortalWarsBinariesWin64PortalWars-Win64-Shipping.exe (1047 Games, LLC -> Epic Games, Inc.) FirewallRules: [55208925-AAB2-4314-818D-559682FB9515] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [6D597250-FAB0-4F3C-B9AB-BBA175E9B6C9] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [366E0814-F67D-4FFA-93EC-4F5C5DFBEFC5] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [A1BBC4DE-A6E9-4D79-8D75-0129D7CBA9FB] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User391D94C6-B594-42E0-A2BD-BC12891F7F7CD:gamescall of duty black ops cold warblackopscoldwar.exe] => (Allow) D:gamescall of duty black ops cold warblackopscoldwar.exe (Activision Publishing Inc -> Activision Publishing, Inc.) FirewallRules: [UDP Query User802C7711-340F-4CC5-A6BF-F02B543A7FDDD:gamescall of duty black ops cold warblackopscoldwar.exe] => (Allow) D:gamescall of duty black ops cold warblackopscoldwar.exe (Activision Publishing Inc -> Activision Publishing, Inc.) FirewallRules: [BC90EF4C-1473-4C05-A044-DC13885A2528] => (Allow) D:Program FilesSteamsteamappscommonPhasmophobiaPhasmophobia.exe () [File not signed] FirewallRules: [6022EE5A-2E30-4F6F-8C9F-D4C53B0E73B3] => (Allow) D:Program FilesSteamsteamappscommonPhasmophobiaPhasmophobia.exe () [File not signed] FirewallRules: [31DBA337-77E5-4FD9-A7E6-753F1E06B2C3] => (Allow) C:Program FilesMicrosoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [06977EA0-9022-4D27-93A5-A2644A170D7C] => (Allow) C:Program FilesMicrosoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User98149B2F-8157-4B36-A08B-77AFE1B2DD2EC:program filesjavajre1.8.0_111binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_111binjavaw.exe FirewallRules: [UDP Query User296B5D9E-872C-4626-B454-417275D556C2C:program filesjavajre1.8.0_111binjavaw.exe] => (Allow) C:program filesjavajre1.8.0_111binjavaw.exe FirewallRules: [TCP Query User92D5755C-06F0-4623-AC6F-B24F3D2BEFC2D:program filesjavabinjavaw.exe] => (Allow) D:program filesjavabinjavaw.exe FirewallRules: [UDP Query User81E466DA-0624-44A2-A8B2-DE5F185FEE8CD:program filesjavabinjavaw.exe] => (Allow) D:program filesjavabinjavaw.exe FirewallRules: [5074A29F-3911-4AD7-B1D8-E8937C8D4FD3] => (Allow) C:Program FilesMicrosoft OfficerootOffice16outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [A351A112-E64A-4604-B5D4-B2BAB5FFACA5] => (Block) C:Program FilesAVGAntivirusAVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [71151704-A70E-48F3-B602-42A62F90C98F] => (Block) C:Program FilesAVGAntivirusAVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [CD764171-A816-4C67-86AE-3FE660BDF003] => (Allow) D:GamesCurseForgeOverwolf.174.0.10OverwolfBrowser.exe => No File FirewallRules: [ADAA0EA3-D743-4CC4-B5B5-899228E0C7AA] => (Allow) D:GamesCurseForgeOverwolf.174.0.10OverwolfBrowser.exe => No File FirewallRules: [5196C56E-5386-4BCF-B0F0-D63EFBB768FC] => (Block) D:GamesCurseForgeOverwolf.174.0.10OverwolfBrowser.exe => No File FirewallRules: [A2D3606B-0F32-4057-ACF6-F4709A0825EC] => (Block) D:GamesCurseForgeOverwolf.174.0.10OverwolfBrowser.exe => No File FirewallRules: [104C872D-427B-4EA1-B29E-079C46246774] => (Allow) D:GamesCurseForgeOverwolf.178.0.16OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [916DA170-1FD1-4314-B9F3-E9D18CC150E1] => (Allow) D:GamesCurseForgeOverwolf.178.0.16OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [B10C492F-82C4-49C0-91F1-4E71CA10AFB5] => (Block) D:GamesCurseForgeOverwolf.178.0.16OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [F2020FDC-5B2A-46DE-8585-AE52B8E0799D] => (Block) D:GamesCurseForgeOverwolf.178.0.16OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD) FirewallRules: [9D487F6D-DA32-4BD0-A90B-710B3E82C4BD] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [0FC6A1E9-8B65-4754-A81A-F63FAB2346D0] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [8725ADEA-2FF9-4BF6-A9AF-9B3AD26E3036] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [55963F98-4514-4B84-8338-3E22591C3A28] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) FirewallRules: [TCP Query UserDDE20F01-3CD7-45C4-A4A8-0E9B97C9E81FD:program filesremoteitremoteit.exe] => (Allow) D:program filesremoteitremoteit.exe (remot3.it, Inc. -> remote.it) FirewallRules: [UDP Query User24E26D5E-D79C-43A0-AC03-9789F3E216BFD:program filesremoteitremoteit.exe] => (Allow) D:program filesremoteitremoteit.exe (remot3.it, Inc. -> remote.it) FirewallRules: [5A91B6C3-D5EA-43DF-9600-A39D403D92C2] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC) FirewallRules: [32860D49-F4DA-4D98-A78B-F4DD6E4DF51A] => (Block) C:Program FilesAVGAntivirusAVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [0D432ECC-11E5-485F-B819-CB909CE51F37] => (Block) C:Program FilesAVGAntivirusAVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) FirewallRules: [6A34D3B4-65D3-4460-8DCD-2742F6F9BBED] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqaiTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [7613B586-39D0-4053-BC11-BD2D087106A1] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqaiTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [93EB4B6F-6F41-4178-B423-2D6603BF9533] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqaiTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [0939542B-B930-4889-ADE0-33FEB8171665] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqaiTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [612B6226-4012-4B0A-9EBB-53CD56300BFD] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqaAMDS64AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [5FE0C43C-E466-4297-812B-F28B4E0DFDAB] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqaAMDS64AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [6DE9EA84-0839-4CF5-8642-BB94192E54CD] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqaAMDS64AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [F1BC382B-A68D-4429-9250-83870EAB8CEB] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqaAMDS64AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [F199342F-7FF2-4120-A494-A3EB2291CBE9] => (Allow) C:Program Files (x86)MicrosoftEdgeWebViewApplication94.0.992.31msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:118.11 GB) (Free:8.49 GB) (7%) Check "VSS" service

==================== Faulty Device Manager Devices ============

Name: Microsoft Hyper-V Virtual Machine Bus Provider Description: Microsoft Hyper-V Virtual Machine Bus Provider Class Guid: 4d36e97d-e325-11ce-bfc1-08002be10318 Manufacturer: Microsoft Service: vmbusr Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver

Name: Microsoft Hyper-V Virtualization Infrastructure Driver Description: Microsoft Hyper-V Virtualization Infrastructure Driver Class Guid: 4d36e97d-e325-11ce-bfc1-08002be10318 Manufacturer: Microsoft Service: Vid Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver

Name: Realtek High Definition Audio Description: Realtek High Definition Audio Class Guid: 4d36e96c-e325-11ce-bfc1-08002be10318 Manufacturer: Realtek Service: IntcAzAudAddService Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver

Name: Intel® Display Audio Description: Intel® Display Audio Class Guid: 4d36e96c-e325-11ce-bfc1-08002be10318 Manufacturer: Intel® Corporation Service: IntcDAud Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver

Name: Microsoft Hyper-V Virtual Disk Server Description: Microsoft Hyper-V Virtual Disk Server Class Guid: 4d36e97d-e325-11ce-bfc1-08002be10318 Manufacturer: Microsoft Service: storvsp Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver

Name: NVIDIA Virtual Audio Device (Wave Extensible) (WDM) Description: NVIDIA Virtual Audio Device (Wave Extensible) (WDM) Class Guid: 4d36e96c-e325-11ce-bfc1-08002be10318 Manufacturer: Microsoft Service: nvvad_WaveExtensible Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver

Name: VB-Audio Virtual Cable Description: VB-Audio Virtual Cable Class Guid: 4d36e96c-e325-11ce-bfc1-08002be10318 Manufacturer: VB-Audio Software Service: VBAudioVACMME Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver

==================== Event log errors: ========================

Application errors: ================== Error: (09/26/2021 03:17:27 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID 4e14fba2-2e22-11d1-9964-00c04fbbb345 and name CEventSystem cannot be started.[0x8007045bAsystemshutdownisinprogress[0x8007045bAsystemshutdownisinprogress[0x8007045bAsystemshutdownisinprogress[0x8007045bAsystemshutdownisinprogress ]

Error: (09/26/2021 03:17:27 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress. .

Error: (09/26/2021 03:17:27 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID 4e14fba2-2e22-11d1-9964-00c04fbbb345 and name CEventSystem cannot be started.[0x8007045bAsystemshutdownisinprogress[0x8007045bAsystemshutdownisinprogress[0x8007045bAsystemshutdownisinprogress[0x8007045bAsystemshutdownisinprogress ]

Error: (09/26/2021 03:17:23 PM) (Source: VSS) (EventID: 12289) (User: ) Description: Volume Shadow Copy Service error: Unexpected error FindFirstVolumeW( [Ȅ], MAX_PATH).  hr = 0x80070012, There are no more files. .

Operation: Removing auto-release shadow copies Loading provider

Context: Execution Context: System Provider

Error: (09/26/2021 03:16:10 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Instup.exe, version: 21.8.6586.0, time stamp: 0x613f5f48 Faulting module name: Instup.exe, version: 21.8.6586.0, time stamp: 0x613f5f48 Exception code: 0xc0000409 Fault offset: 0x00000000001ad1e5 Faulting process id: 0x2af4 Faulting application start time: 0x01d7b2e96f96c643 Faulting application path: C:Program FilesAVGAntivirusSetupInstup.exe Faulting module path: C:Program FilesAVGAntivirusSetupInstup.exe Report Id: 4a774aa8-5361-4899-8578-16433241d129 Faulting package full name: Faulting package-relative application ID:

Error: (09/26/2021 03:12:01 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Instup.exe, version: 21.8.6586.0, time stamp: 0x613f5f48 Faulting module name: Instup.exe, version: 21.8.6586.0, time stamp: 0x613f5f48 Exception code: 0xc0000409 Fault offset: 0x00000000001ad1e5 Faulting process id: 0x2ba8 Faulting application start time: 0x01d7b2e8db55a624 Faulting application path: C:Program FilesAVGAntivirussetupInstup.exe Faulting module path: C:Program FilesAVGAntivirussetupInstup.exe Report Id: 1a981e5c-69f6-4d65-8fba-e4c665d71d0a Faulting package full name: Faulting package-relative application ID:

Error: (09/26/2021 03:07:25 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: mousocoreworker.exe, version: 10.0.19041.1202, time stamp: 0x6ae17470 Faulting module name: ucrtbase.dll, version: 10.0.19041.789, time stamp: 0x2bd748bf Exception code: 0xc0000409 Fault offset: 0x000000000007286e Faulting process id: 0x336c Faulting application start time: 0x01d7b2e17828ef0b Faulting application path: C:WindowsSystem32mousocoreworker.exe Faulting module path: C:WINDOWSSystem32ucrtbase.dll Report Id: c852ffb8-7c70-4484-98b4-be0b8c55a618 Faulting package full name: Faulting package-relative application ID:

Error: (09/26/2021 03:07:18 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program firefox.exe version 92.0.1.7935 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 4fc

Start Time: 01d7b2dfbc46281f

Termination Time: 4294967295

Application Path: C:Program FilesMozilla Firefoxfirefox.exe

Report Id: 1e679526-9b5f-4936-ba0e-a7a1438c9fdb

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle

System errors: ============= Error: (09/26/2021 09:30:19 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-21721) Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: DD522ACC-F821-461A-A407-50B198B896DC

Error: (09/26/2021 09:29:49 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-21721) Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: DD522ACC-F821-461A-A407-50B198B896DC

Error: (09/26/2021 09:29:29 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-21721) Description: DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: 9E175B6D-F52A-11D8-B9A5-505054503030

Error: (09/26/2021 09:29:29 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-21721) Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: DD522ACC-F821-461A-A407-50B198B896DC

Error: (09/26/2021 09:29:29 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-21721) Description: DCOM got error "1084" attempting to start the service VSS with arguments "Unavailable" in order to run the server: E579AB5F-1CC4-44B4-BED9-DE0991FF0623

Error: (09/26/2021 09:29:29 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-21721) Description: DCOM got error "1084" attempting to start the service VSS with arguments "Unavailable" in order to run the server: E579AB5F-1CC4-44B4-BED9-DE0991FF0623

Error: (09/26/2021 09:29:29 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-21721) Description: DCOM got error "1084" attempting to start the service VSS with arguments "Unavailable" in order to run the server: E579AB5F-1CC4-44B4-BED9-DE0991FF0623

Error: (09/26/2021 09:29:20 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-21721) Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: DD522ACC-F821-461A-A407-50B198B896DC

CodeIntegrity: =============== Date: 2021-09-26 15:03:36 Description: Code Integrity determined that a process (DeviceHarddiskVolume7WindowsSystem32SecurityHealthService.exe) attempted to load DeviceHarddiskVolume7Program FilesAVGAntivirusaswAMSI.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. FX504GD.322 08/23/2021 Motherboard: ASUSTeK COMPUTER INC. FX504GD Processor: Intel® Core™ i7-8750H CPU @ 2.20GHz Percentage of memory in use: 13% Total physical RAM: 16238.95 MB Available physical RAM: 14007.01 MB Total Virtual: 21102.95 MB Available Virtual: 19185.11 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.11 GB) (Free:8.49 GB) NTFS Drive d: () (Fixed) (Total:930.95 GB) (Free:246.58 GB) NTFS Drive e: () (Removable) (Total:14.59 GB) (Free:14.58 GB) FAT32

\?Volume9131c828-5e4a-450f-9833-1be65199d827 () (Fixed) (Total:0.54 GB) (Free:0.08 GB) NTFS \?Volume8187546c-15c0-42af-a097-124f9493a221 (Recuperación) (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS \?Volumec139f2f7-80b9-4672-9e81-3a87175bdb72 () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS \?Volume01cf6d03-5bdc-4624-b7e0-29120e82972e () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

========================================================== Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================== Disk: 1 (Protective MBR) (Size: 119.2 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================== Disk: 2 (Size: 14.6 GB) (Disk ID: 225FF615) Partition 1: (Not Active) – (Size=14.6 GB) – (Type=0C)

==================== End of Addition.txt =======================

Edited by hamluis, 26 September 2021 – 01:51 PM.

Click to rate this post! [Total: 0 Average: 0]