Serveur d'impression

La souris nécessite plusieurs clics gauches pour fonctionner – malware ? – Serveur d’impression

Par Titanfall , le 12 octobre 2021 - 57 minutes de lecture

[bzkshopping keyword= »Minecraft » count= »8″ template= »grid »]

A exécuté le scanner ESET et Malwarebytes, mais après quelques minutes de navigation, ma souris USB sans fil nécessite plusieurs clics pour fonctionner. Connecteur USB déplacé vers un autre emplacement et vice-versa. Même chose. Piles de souris remplacées.

Vous trouverez ci-dessous mes scans FRST et Add – Aide appréciée

Résultat de l'analyse de l'outil d'analyse de récupération Farbar (FRST) (x64) Version : 13-09-2021

Exécuté par le PROPRIÉTAIRE (administrateur) sur HP-Z220 (Hewlett-Packard HP Compaq Elite 8300 SFF) (13-09-2021 16:12:33)

Exécuté depuis C:UsersOwnerDownloads

Profils chargés : PROPRIÉTAIRE

Plate-forme : Windows 10 Pro Version 20H2 19042.1165 (X64) Langue : Anglais (États-Unis)

Navigateur par défaut : Chrome

Mode de démarrage : Normal

==================== Processus (liste blanche) ==================

(Si une entrée est incluse dans la fixlist, le processus sera fermé. Le fichier ne sera pas déplacé.)

(Google LLC -> Google LLC) C:Program Files (x86)GoogleChromeApplicationchrome.exe <20>

(HP Inc. -> HP Inc.) C:Program FilesHPHP Enabling ServicesAppHelperCap.exe

(HP Inc. -> HP Inc.) C:Program FilesHPHP Enabling ServicesDiagsCap.exe

(HP Inc. -> HP Inc.) C:Program FilesHPHP Enabling ServicesNetworkCap.exe

(HP Inc. -> HP Inc.) C:Program FilesHPHP Enabling ServicesSysInfoCap.exe

(HP Inc. -> HP Inc.) C:Program FilesHPPrintScanDoctorHPPrintScanDoctorService.exe

(Microsoft Corporation -> Microsoft Corporation) C:Program FilesCommon Filesmicrosoft sharedClickToRunOfficeClickToRun.exe

(Microsoft Corporation -> Microsoft Corporation) C:WindowsSystem32WirelessKB850NotificationService.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe <2>

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2108.7-0MsMpEng.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2108.7-0NisSrv.exe

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARAVBg64.exe

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARtkAudioService64.exe

==================== Registre (liste blanche) ====================

(Si une entrée est incluse dans la liste de correctifs, l'élément de registre sera restauré par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM…Exécuter : [RTHDVCPL] => C:Program FilesRealtekAudioHDARtkNGUI64.exe [9240512 2017-12-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM…Exécuter : [RtHDVBg] => C:Program FilesRealtekAudioHDARAVBg64.exe [1492928 2017-12-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM…Exécuter : [TabletDriver] => C:Huion TabletHuion Tablet.exe [2821128 2017-06-26] (Shenzhen Huion Animation Technology Co., Ltd. -> HUION Animation Technology Co., Ltd)

HKLM-x32…Exécuter : [DivXMediaServer] => C:Program Files (x86)DivXDivX Media ServerDivXMediaServer.exe [1058512 2018-12-17] (DivX, LLC. -> DivX, LLC)

HKLM-x32…Exécuter : [InCD] => C:Program Files (x86)NeroToolsInCDInCD.exe [1060136 2009-10-16] (Nero AG -> Nero AG)

HKLM-x32…Exécuter : [NBHGui] => C:Program Files (x86)NeroToolsInCDNBHGui.exe [1600816 2009-10-16] (Nero AG -> Nero AG)

HKUS-1-5-21-528068570-1047697352-1524386410-1001…Exécuter : [Toolkit] => C:Program Files (x86)ToolkitToolkit.exe [1147184 2018-11-09] (Seagate Technology LLC -> Seagate Technology LLC)

HKUS-1-5-21-528068570-1047697352-1524386410-1001…Exécuter : [CCleaner Smart Cleaning] => C:Program FilesCCleanerCCleaner64.exe [35144320 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)

HKUS-1-5-21-528068570-1047697352-1524386410-1001…Exécuter : [FlashGet 3] => C:Program Files (x86)FlashGet NetworkFlashGet 3FlashGet3.exe [3083712 2012-01-09] (Trend Media Corporation Limited -> Trend Media Corporation Limited) [File not signed]

HKUS-1-5-21-528068570-1047697352-1524386410-1001…Exécuter : [EpicGamesLauncher] => C:Program Files (x86)Epic GamesLauncherPortalBinariesWin64EpicGamesLauncher.exe [31606672 2020-02-18] (Epic Games Inc. -> Epic Games, Inc.)

HKUS-1-5-21-528068570-1047697352-1524386410-1001…Exécuter : [com.squirrel.Teams.Teams] => C:UsersOwnerAppDataLocalMicrosoftTeamsUpdate.exe [2453688 2020-12-03] (Composant d'application tiers Microsoft -> Microsoft Corporation)

HKUS-1-5-21-528068570-1047697352-1524386410-1001…Exécuter : [Steam] => C:UsersOwnerDesktopNouveau dossiersteam.exe [4110568 2021-07-20] (Valve -> Valve Corporation)

HKLM…PrintMonitorsHP 7112 Status Monitor : C:WINDOWSsystem32hpinksts7112LM.dll [328704 2014-03-03] (Éditeur de compatibilité matérielle Microsoft Windows -> Hewlett-Packard Co.)

HKLMSoftwareMicrosoftActive SetupComposants installés : [8A69D345-D564-463c-AFF1-A69D9E530F96] -> C:Program Files (x86)GoogleChromeApplication93.0.4577.63Installerchrmstp.exe [2021-09-02] (Google LLC -> Google LLC)

HKLMSoftwareWow6432NodeMicrosoftActive SetupComposants installés : [052EB454-9F19-CB42-7875-807F79F311C4] -> C:Program Files (x86)CCleaner BrowserApplication84.1.5543.138Installerchrmstp.exe [2020-08-26] (Piriform Software Ltd -> Piriform Software)

Démarrage : C:UsersOwnerAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupMEGAsync.lnk [2018-05-31]

Raccourci cible : MEGAsync.lnk -> C:UsersOwnerAppDataLocalMEGAsyncMEGAsync.exe (Mega Limited -> Mega Limited)

==================== Tâches planifiées (liste blanche) ============

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé à moins qu'il ne soit répertorié séparément.)

Tâche : 12EA6C1A-4659-4767-B3F6-7C4489A9564D – System32TasksCCleaner Browser Heartbeat Task (Logon) => C:Program Files (x86)CCleaner BrowserApplicationCCleanerBrowser.exe [1976296 2020-08-19] (Piriform Software Ltd -> Piriform Software)

Tâche : 190D5EDC-B0FD-4C0A-89B4-56EE74309ACC – System32TasksHewlett-PackardHP Support AssistantHP Support Solutions Framework Updater => C:Program Files (x86)Hewlett-PackardHP Support Solutions ModulesHPSSFUpdater.exe

Tâche : 24680B4B-C3F2-4DF1-B486-C6686ECBDCA6 – System32TasksAdobe Flash Player PPAPI Notifier => C:WINDOWSSysWOW64MacromedFlashFlashUtil32_32_0_0_330_pepper.exe [1453624 2020-02-18] (Adobe Inc. -> Adobe)

Tâche : 2B71ED87-D64F-4EC7-885B-685DFDD0B7D6 – System32TasksAdobe Flash Player NPAPI Notifier => C:WINDOWSSysWOW64MacromedFlashFlashUtil32_32_0_0_433_Plugin.exe [1502264 2020-09-15] (Adobe Inc. -> Adobe)

Tâche : 3F66D202-02BB-488E-886D-95853DA684F0 – Tâche de mise à jour System32TasksMEGAMEGAsync S-1-5-21-528068570-1047697352-1524386410-1001 => C:UsersOwnerAppDataLocal MEGAsyncMEGAupdater.exe [760696 2018-01-15] (Méga Limité -> Méga Limité)

Tâche : 40251405-C5DA-4B15-9941-661CFF7E0763 – System32TasksGoogleUpdateTaskMachineCore1d57d506dbbf599 => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156968 2019-02-18] (Google Inc -> Google Inc.)

Tâche : 44CCE751-EB6E-4DE8-9F94-EA754915B5A3 – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cache Maintenance => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2108.7-0MpCmdRun .EXE [851472 2021-09-09] (Éditeur Microsoft Windows -> Microsoft Corporation)

Tâche : 47B23BBE-5A50-4322-BCB6-15BF78601996 – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Scan programmé => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2108.7-0MpCmdRun .EXE [851472 2021-09-09] (Éditeur Microsoft Windows -> Microsoft Corporation)

Tâche : 4D31E5F4-827C-429D-AD14-915DB592E83F – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156968 2019-02-18] (Google Inc -> Google Inc.)

Tâche : 50FE835A-0215-40FB-820A-D46893062769 – System32TasksCCleanerSkipUAC => C:Program FilesCCleanerCCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)

Tâche : 558A262F-87FF-4F67-BCBE-4867914F94FC – System32TasksGoogleUpdateTaskMachineUA1d57d506ddc0dc6 => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156968 2019-02-18] (Google Inc -> Google Inc.)

Tâche : 5E093222-A248-449F-BBFE-6B1954D28789 – System32TasksCorelUpdateHelperTaskCore => C:Program Files (x86)CorelCUHv2CUH.exe [1656568 2018-06-21] (Corel Corporation -> Corel Corporation)

Tâche : 662AEBA6-96A4-4872-8952-06ED58BC61AD – System32TasksCCleanerUpdateTaskMachineCore => C:Program Files (x86)CCleaner BrowserUpdateCCleanerBrowserUpdate.exe [209128 2019-08-14] (Piriform Software Ltd -> Piriform Software)

Tâche : 74196BB5-AE2F-48E6-A6D0-32812196CBAD – System32TasksMicrosoftOfficeOffice ClickToRun Service Monitor => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)

Tâche : 786A75B1-651F-4FE2-95EA-439838FC2263 – System32TasksMicrosoftOfficeOffice Fonctionnalités d'ouverture de session => C:Program Files (x86)Microsoft OfficerootOffice16sdxhelper.exe [113496 2021-09-11] (Microsoft Corporation -> Microsoft Corporation)

Tâche : 84BD143D-7651-4218-B909-D6BACACAB302 – Tâche de pulsation du navigateur System32TasksCCleaner (horaire) => C:Program Files (x86)CCleaner BrowserApplicationCCleanerBrowser.exe [1976296 2020-08-19] (Piriform Software Ltd -> Piriform Software)

Tâche : 86A064C9-C560-443E-AAE7-587D3DCA1041 – System32TasksCCleanerSkipUAC – OWNER => C:Program FilesCCleanerCCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)

Tâche : 86BBEDDB-EB3C-4714-B697-BDF41411334E – System32TasksHewlett-PackardHP Support AssistantWarrantyChecker_CN5BAF30JC => C:Program Files (x86)Hewlett-PackardHP Support FrameworkResourcesHPWarrantyCheck HPWarrantyChecker.exe

Tâche : 8E858723-CF20-4E85-B68D-7857716E2306 – System32TasksMicrosoftOfficeOffice Feature Updates => C:Program Files (x86)Microsoft OfficerootOffice16sdxhelper.exe [113496 2021-09-11] (Microsoft Corporation -> Microsoft Corporation)

Tâche : 930D4E41-1C6B-4260-8BF9-CA5848F80645 – System32TasksHewlett-PackardHP Support AssistantWarrantyChecker => C:Program Files (x86)Hewlett-PackardHP Support FrameworkResourcesHPWarrantyCheck HPWarrantyChecker.exe

Tâche : 9FFF541B-80EE-4D51-ADD9-DF5B8F6A1944 – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156968 2019-02-18] (Google Inc -> Google Inc.)

Tâche : A3470DA0-5113-4880-BECE-A4E034BE4FBF – System32TasksHewlett-PackardHP Support AssistantHP Support Solutions Framework Report => C:Program Files (x86)Hewlett-PackardHP Support Solutions ModulesHPSFReport.exe

Tâche : A5EDE02B-778D-418A-81B0-9BF11492B3B0 – System32TasksCorelUpdateHelperTask-3AD98B0771EF8756195E11A32ED20632 => C:Program Files (x86)CorelCUHv2CUH.exe [1656568 2018-06-21] (Corel Corporation -> Corel Corporation)

Tâche : B84CB31D-1AE1-447E-AA65-11C254D67236 – System32TasksHewlett-PackardHP Support AssistantWarrantyChecker_DeviceScan => C:Program Files (x86)Hewlett-PackardHP Support FrameworkResourcesHPWarrantyCheck HPWarrantyChecker.exe

Tâche : B98D1504-F9D3-4D52-AF0E-E411472DD9A2 – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cleanup => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2108.7-0MpCmdRun. EXE [851472 2021-09-09] (Éditeur Microsoft Windows -> Microsoft Corporation)

Tâche : C0E53B97-F2FE-40C7-A443-0D777DEC8FCD – System32TasksCCleaner Update => C:Program FilesCCleanerCCUpdate.exe [684976 2021-08-16] (Piriform Software Ltd -> Piriform)

Tâche : C5877927-B67E-4A8C-99A5-E6764B67F4AD – System32TasksCCleanerUpdateTaskMachineUA => C:Program Files (x86)CCleaner BrowserUpdateCCleanerBrowserUpdate.exe [209128 2019-08-14] (Piriform Software Ltd -> Piriform Software)

Tâche : CB056E81-7895-4E8E-8685-CFD28BC3349D – System32TasksDivXUpdate => C:Program Files (x86)Common FilesDivX SharedDivX UpdateDivXUpdate.exe [68568 2017-08-02] (DivX, LLC -> DivX, LLC)

Tâche : CEFE5998-3FC0-43D1-9B10-3AADB7A95479 – System32TasksAdobe Flash Player Updater => C:WINDOWSSysWOW64MacromedFlashFlashPlayerUpdateService.exe [335416 2020-09-15] (Adobe Inc. -> Adobe)

Tâche : D248A325-0CA8-49F9-A92C-497BA71A0D88 – System32TasksMicrosoftOfficeOfficeTelemetryAgentFallBack2016 => C:Program Files (x86)Microsoft OfficerootOffice16msoia.exe [5439384 2021-09-11] (Microsoft Corporation -> Microsoft Corporation)

Tâche : D504148F-A5DE-4474-B8CF-1982B9E3861B – System32TasksMicrosoftOfficeOfficeTelemetryAgentLogOn2016 => C:Program Files (x86)Microsoft OfficerootOffice16msoia.exe [5439384 2021-09-11] (Microsoft Corporation -> Microsoft Corporation)

Tâche : DD078C13-D166-4F99-8FE1-ACC9741938B1 – System32TasksAdobe Acrobat Update Task => C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)

Tâche : E6321CF5-D4E8-4F18-BC40-C9034C430391 – Maintenance des abonnements System32TasksMicrosoftOfficeOffice => C:Program Files (x86)Microsoft OfficerootvfsProgramFilesCommonx86Microsoft SharedOffice16 OLicenseHeartbeat.exe [1155504 2021-09-11] (Microsoft Corporation -> Microsoft Corporation)

Tâche : EFFF5976-C7AA-4834-9DDD-B71648ED4686 – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Verification => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2108.7-0MpCmdRun. EXE [851472 2021-09-09] (Éditeur Microsoft Windows -> Microsoft Corporation)

Tâche : F5F2DF03-ECE7-4FA8-8D7B-26ACCF3375A5 – System32TasksMicrosoftOfficeOffice Automatic Updates 2.0 => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)

(Si une entrée est incluse dans la liste de correctifs, le fichier de tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

==================== Internet (liste blanche) ====================

(Si un élément est inclus dans la liste de correctifs, s'il s'agit d'un élément de registre, il sera supprimé ou restauré par défaut.)

Hosts : fichier Hosts non détecté dans le répertoire par défaut

TcpipParamètres : [DhcpNameServer] 192.168.2.1 142.166.166.166

Tcpip..Interfaces45a228de-0f35-45b3-96f5-df99a529abe0 : [DhcpNameServer] 192.168.2.1 142.166.166.166

Tcpip..Interfaces967011db-fc46-4443-a72b-8d01f612f251 : [DhcpNameServer] 172.20.10.1

Tcpip..Interfaceseeca0073-ae0b-411d-b0ef-87af1964de3b : [DhcpNameServer] 192.168.2.1 142.166.166.166

Bord:

=======

DownloadDir: C:UsersOwnerDownloads

Profil par défaut Edge : par défaut

Profil Edge : C:UsersOwnerAppDataLocalMicrosoftEdgeUser DataDefault [2021-09-13]

Edge DownloadDir : Par défaut -> C:UsersOwnerDownloads

Extension Edge : (Malwarebytes Browser Guard) – C:UsersOwnerAppDataLocalMicrosoftEdgeUser DataDefaultExtensionsihcjicgdanjaechkgeegckofjjedodee [2021-08-11]

Bord HKLM-x32…BordExtension : [ihcjicgdanjaechkgeegckofjjedodee]

FireFox :

========

Profil par défaut FF : x5gvt07o.default-1526577378407

Chemin de profil FF : C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesx5gvt07o.default-1526577378407 [2021-09-13]

FF DownloadDir : E:DrivesLooksxnt

Notifications FF : MozillaFirefoxProfilesx5gvt07o.default-1526577378407 -> hxxps://vznm.haphetititletleres.club ; hxxps://tf3t.butfirecrangu.club ; hxxps://members.puremature.com ; hxxps://members.passion-hd.com ; hxxps://members.pornpros.com ; hxxps://untheronsuprec.info; hxxps://openloadmovies.bz; hxxps://www1.ecleneue.com; hxxps://rgzbb.ctableobs.work; hxxps://www.tushy.com; hxxps://www.blacked.com

Extension FF : (Télécharger toutes les images) – C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesx5gvt07o.default-1526577378407Extensions32af1358-428a-446d-873e-5f8eb5f2a72e.xpi [2021-07-05]

Extension FF : (Video DownloadHelper) – C:UsersOwnerAppDataRoamingMozillaFirefoxProfilesx5gvt07o.default-1526577378407Extensionsb9db16a4-6edc-47ec-a1f4-b86292ed211d.xpi [2021-07-05]

Plugin FF : @adobe.com/FlashPlayer -> C:WINDOWSsystem32MacromedFlashNPSWF64_32_0_0_433.dll [2020-09-15] (Adobe Inc. -> )

Plugin FF-x32 : @adobe.com/FlashPlayer -> C:WINDOWSSysWOW64MacromedFlashNPSWF32_32_0_0_433.dll [2020-09-15] (Adobe Inc. -> )

FF Plugin-x32 : @divx.com/DivX Web Player Plug-In, version=1.0.0 -> C:Program Files (x86)DivXDivX Web Playernpdivx32.dll [2017-11-21] (DivX, LLC -> DivX, LLC)

Plugin FF-x32 : @microsoft.com/Lync, version=15.0 -> C:Program Files (x86)Microsoft OfficerootVFSProgramFilesX86Mozilla Firefoxpluginsnpmeetingjoinpluginoc.dll [2021-09-11] (Microsoft Corporation -> Microsoft Corporation)

Plugin FF-x32 : @microsoft.com/SharePoint, version=14.0 -> C:Program Files (x86)Microsoft OfficerootOffice16NPSPWRAP.DLL [2021-09-11] (Microsoft Corporation -> Microsoft Corporation)

Plugin FF-x32 : @videolan.org/vlc,version=3.0.10 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

Plugin FF-x32 : @videolan.org/vlc,version=3.0.11 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

Plugin FF-x32 : @videolan.org/vlc,version=3.0.12 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

Plugin FF-x32 : @videolan.org/vlc,version=3.0.2 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

Plugin FF-x32 : @videolan.org/vlc,version=3.0.4 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

Plugin FF-x32 : @videolan.org/vlc,version=3.0.6 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

Plugin FF-x32 : Adobe Reader -> C:Program Files (x86)AdobeAcrobat Reader DCReaderAIRnppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:

=======

Profil par défaut du CHR : par défaut

Profil CHR : C:UsersOwnerAppDataLocalGoogleChromeUser DataDefault [2021-09-13]

Notifications CHR : Par défaut -> hxxps://aoschat.apple.com ; hxxps://business.facebook.com ; hxxps://chatsupport.apple.com ; hxxps://meet.google.com ; hxxps://www.kijiji.ca; hxxps://www.netflix.com ; hxxps://www.wordans.ca

CHR StartupUrls : Par défaut -> "hxxp://google.ca/"

Extension CHR : (diapositives) – C:UsersOwnerAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2017-10-31]

Extension CHR : (Docs) – C:UsersOwnerAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2017-10-31]

Extension CHR : (Google Drive) – C:UsersOwnerAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2020-10-27]

Extension CHR : (YouTube) – C:UsersOwnerAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-31]

Extension CHR : (Adobe Acrobat) – C:UsersOwnerAppDataLocalGoogleChromeUser DataDefaultExtensionsefaidnbmnnnibpcajpcglclefindmkaj [2021-09-07]

Extension CHR : (Feuilles) – C:UsersOwnerAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2017-10-31]

Extension CHR : (alliage) – C:UsersOwnerAppDataLocalGoogleChromeUser DataDefaultExtensionsfljipcgeenffdcglannkpppedokbpgjl [2019-06-20]

Extension CHR : (Google Docs Offline) – C:UsersOwnerAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-29]

Extension CHR : (AdBlock – meilleur bloqueur de publicités) – C:UsersOwnerAppDataLocalGoogleChromeUser DataDefaultExtensionsgighmmpiobklfepjocnamgkkbiglidom [2021-09-11]

Extension CHR : (Malwarebytes Browser Guard) – C:UsersOwnerAppDataLocalGoogleChromeUser DataDefaultExtensionsihcjicgdanjaechkgeegckofjjedodee [2021-08-30]

Extension CHR : (Flash Player pour le Web) – C:UsersOwnerAppDataLocalGoogleChromeUser DataDefaultExtensionsmcakfkioeanhfiojkchcndahgagcidbd [2021-03-08]

Extension CHR : (Video Downloader PLUS) – C:UsersOwnerAppDataLocalGoogleChromeUser DataDefaultExtensionsnjgehaondchbmjmajphnhlojfnbfokng [2021-09-07]

Extension CHR : (Chrome Web Store Payments) – C:UsersOwnerAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]

Extension CHR : (Gmail) – C:UsersOwnerAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]

Profil CHR : C:UsersOwnerAppDataLocalGoogleChromeUser DataGuest Profile [2021-09-07]

Profil CHR : C:UsersOwnerAppDataLocalGoogleChromeUser DataProfile 1 [2021-05-03]

Extension CHR : (diapositives) – C:UsersOwnerAppDataLocalGoogleChromeUser DataProfile 1Extensionsaapocclcgogkmnckokdopfmhonfmgoek [2020-03-24]

Extension CHR : (Docs) – C:UsersOwnerAppDataLocalGoogleChromeUser DataProfile 1Extensionsaohghmighlieiainnegkcijnfilokake [2020-03-24]

Extension CHR : (Google Drive) – C:UsersOwnerAppDataLocalGoogleChromeUser DataProfile 1Extensionsapdfllckaahabafndbhieahigkjlhalf [2020-03-24]

Extension CHR : (YouTube) – C:UsersOwnerAppDataLocalGoogleChromeUser DataProfile 1Extensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-24]

Extension CHR : (Adobe Acrobat) – C:UsersOwnerAppDataLocalGoogleChromeUser DataProfile 1Extensionsefaidnbmnnnibpcajpcglclefindmkaj [2020-10-12]

Extension CHR : (Feuilles) – C:UsersOwnerAppDataLocalGoogleChromeUser DataProfile 1Extensionsfelcaaldnbdncclmgdcncolpebgiejap [2020-03-24]

Extension CHR : (Google Docs Offline) – C:UsersOwnerAppDataLocalGoogleChromeUser DataProfile 1Extensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-10-12]

Extension CHR : (Chrome Web Store Payments) – C:UsersOwnerAppDataLocalGoogleChromeUser DataProfile 1Extensionsnmmhkkegccagdldgiimedpiccmgmieda [2020-03-24]

Extension CHR : (Gmail) – C:UsersOwnerAppDataLocalGoogleChromeUser DataProfile 1Extensionspjkljhegncpnkpknbcohdijeoejaedia [2020-03-24]

Extension CHR : (Chrome Media Router) – C:UsersOwnerAppDataLocalGoogleChromeUser DataProfile 1Extensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-12]

Profil CHR : C:UsersOwnerAppDataLocalGoogleChromeUser DataProfile 2 [2021-09-04]

Extension CHR : (diapositives) – C:UsersOwnerAppDataLocalGoogleChromeUser DataProfile 2Extensionsaapocclcgogkmnckokdopfmhonfmgoek [2021-09-04]

Extension CHR : (Docs) – C:UsersOwnerAppDataLocalGoogleChromeUser DataProfile 2Extensionsaohghmighlieiainnegkcijnfilokake [2021-09-04]

Extension CHR : (Google Drive) – C:UsersOwnerAppDataLocalGoogleChromeUser DataProfile 2Extensionsapdfllckaahabafndbhieahigkjlhalf [2021-09-04]

Extension CHR : (YouTube) – C:UsersOwnerAppDataLocalGoogleChromeUser DataProfile 2Extensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2021-09-04]

Extension CHR : (Adobe Acrobat) – C:UsersOwnerAppDataLocalGoogleChromeUser DataProfile 2Extensionsefaidnbmnnnibpcajpcglclefindmkaj [2021-09-04]

Extension CHR : (Feuilles) – C:UsersOwnerAppDataLocalGoogleChromeUser DataProfile 2Extensionsfelcaaldnbdncclmgdcncolpebgiejap [2021-09-04]

Extension CHR : (Google Docs Offline) – C:UsersOwnerAppDataLocalGoogleChromeUser DataProfile 2Extensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-04]

Extension CHR : (Avast Online Security) – C:UsersOwnerAppDataLocalGoogleChromeUser DataProfile 2Extensionsgomekmidlodglbbmalcneegieacbdmki [2021-09-04]

Extension CHR : (Malwarebytes Browser Guard) – C:UsersOwnerAppDataLocalGoogleChromeUser DataProfile 2Extensionsihcjicgdanjaechkgeegckofjjedodee [2021-09-04]

Extension CHR : (Paiements Chrome Web Store) – C:UsersOwnerAppDataLocalGoogleChromeUser DataProfile 2Extensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-09-04]

Extension CHR : (Gmail) – C:UsersOwnerAppDataLocalGoogleChromeUser DataProfile 2Extensionspjkljhegncpnkpknbcohdijeoejaedia [2021-09-04]

Profil CHR : C:UsersOwnerAppDataLocalGoogleChromeUser DataSystem Profile [2021-09-07]

CHR HKLM-x32…ChromeExtension : [efaidnbmnnnibpcajpcglclefindmkaj]

CHR HKLM-x32…ChromeExtension : [gomekmidlodglbbmalcneegieacbdmki]

CHR HKLM-x32…ChromeExtension : [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (liste blanche) ====================

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé à moins qu'il ne soit répertorié séparément.)

Service AdobeARM S2 ; C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)

S4 AdobeFlashPlayerUpdateSvc; C:WINDOWSSysWOW64MacromedFlashFlashPlayerUpdateService.exe [335416 2020-09-15] (Adobe Inc. -> Adobe)

Service S4 BE ; C:Program Files (x86)Common FilesBattlEyeBEService.exe [8395968 2019-10-29] (BattlEye Innovations e.K. -> )

nettoyeur S4; C:Program Files (x86)CCleaner BrowserUpdateCCleanerBrowserUpdate.exe [209128 2019-08-14] (Piriform Software Ltd -> Piriform Software)

S4 CCleanerBrowserElevationService; C:Program Files (x86)CCleaner BrowserApplication84.1.5543.138elevation_service.exe [1071832 2020-08-19] (Piriform Software Ltd -> Piriform Software)

S4 ccleanerm; C:Program Files (x86)CCleaner BrowserUpdateCCleanerBrowserUpdate.exe [209128 2019-08-14] (Piriform Software Ltd -> Piriform Software)

R2 ClickToRunSvc ; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [9166736 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)

S4 EasyAntiCheat; C:Program Files (x86)EasyAntiCheatEasyAntiCheat.exe [803440 2019-10-27] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

R2 HPAppHelperCap; C:Program FilesHPHP Enabling ServicesAppHelperCap.exe [733200 2021-04-19] (HP Inc. -> HP Inc.)

R2 HPDiagsCap; C:Program FilesHPHP Enabling ServicesDiagsCap.exe [731152 2021-04-19] (HP Inc. -> HP Inc.)

R2 HPNetworkCap ; C:Program FilesHPHP Enabling ServicesNetworkCap.exe [731152 2021-04-19] (HP Inc. -> HP Inc.)

R2 HPPrintScanDoctorService ; C:Program FilesHPPrintScanDoctorHPPrintScanDoctorService.exe [288360 2021-05-12] (HP Inc. -> HP Inc.)

R2 HPSysInfoCap ; C:Program FilesHPHP Enabling ServicesSysInfoCap.exe [732176 2021-04-19] (HP Inc. -> HP Inc.)

S4 InCDSrv; C:Program Files (x86)NeroToolsInCDInCDSrv.exe [1420592 2009-10-16] (Nero AG -> Nero AG)

Service MBAM S3 ; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [7456464 2021-05-04] (Malwarebytes Inc -> Malwarebytes)

S4 NeroRegInCDSrv; C:Program Files (x86)NeroToolsInCDNBHRegInCDSrv.exe [53560 2009-10-16] (Nero AG -> Nero AG)

S4 PSI_SVC_2 ; c:Program Files (x86)Common FilesProtexisLicense ServicePsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)

S4 PSI_SVC_2_x64 ; c:Program FilesCommon FilesProtexisLicense ServicePsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)

Sens S3 ; C:Program FilesWindows Defender Advanced Threat ProtectionMsSense.exe [5394872 2021-08-12] (Éditeur Microsoft Windows -> Microsoft Corporation)

R3 WdNisSvc; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2108.7-0NisSrv.exe [2772856 2021-09-09] (Éditeur Microsoft Windows -> Microsoft Corporation)

R2 WinDefend ; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2108.7-0MsMpEng.exe [136640 2021-09-09] (Éditeur Microsoft Windows -> Microsoft Corporation)

Service de notification sans fil R2 KB850 ; C:WINDOWSsystem32WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)

===================== Pilotes (liste blanche) ===================

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé à moins qu'il ne soit répertorié séparément.)

ampli S3 ; C:WINDOWSsystem32ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )

R0 apmwin ; C:WINDOWSSystem32DRIVERSapmwin.sys [48920 2017-08-31] (Paragon Software GmbH -> Paragon Software Group)

S3 BthA2dp; C:WINDOWSSystem32driversBthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]

S2 csvol; C:WINDOWSsystem32DRIVERScsvol.sys [46552 2017-08-31] (Paragon Software GmbH -> Paragon Software Group)

S3 ddmdrv; C:WINDOWSsystem32ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )

R1 ESProtectionDriver ; C:WINDOWSsystem32driversmbae64.sys [160176 2021-08-29] (Éditeur de compatibilité matérielle Microsoft Windows -> Malwarebytes)

R0 gpt_loader ; C:WINDOWSSystem32DRIVERSgpt_loader.sys [79832 2017-08-31] (Paragon Software GmbH -> )

S3 hfsplus; C:WINDOWSSystem32DRIVERShfsplus.sys [218072 2017-08-31] (Paragon Software GmbH -> Paragon Software Group)

R2 HfsplusRec; C:WINDOWSSystem32DRIVERShfsplusrec.sys [35288 2017-08-31] (Paragon Software GmbH -> Paragon Software Group)

R3 InCDPass ; C:WINDOWSsystem32DRIVERSInCDPass.sys [60952 2009-10-16] (Nero AG -> Nero AG)

S1 InCDRec; C:WINDOWSSystem32DRIVERSInCDRec.sys [22040 2009-10-16] (Nero AG -> Nero AG)

R2 MBAMChameleon; C:WINDOWSSystem32DriversMbamChameleon.sys [210344 2021-08-29] (Éditeur de compatibilité matérielle Microsoft Windows -> Malwarebytes)

S0 MbamElam; C:WINDOWSSystem32DRIVERSMbamElam.sys [19912 2021-05-04] (Microsoft Windows Early Launch Anti-Malware Publisher -> Malwarebytes)

S3 MBAMFarflt; C:WINDOWSSystem32DRIVERSfarflt.sys [198888 2021-08-29] (Malwarebytes Inc -> Malwarebytes)

S3 MBAMProtection ; C:WINDOWSsystem32DRIVERSmbam.sys [68528 2021-08-29] (Éditeur de compatibilité matérielle Microsoft Windows -> Malwarebytes)

S3 MBAMSwissArmy ; C:WINDOWSSystem32Driversmbamswissarmy.sys [248992 2021-08-29] (Malwarebytes Inc -> Malwarebytes)

S3 MBAMWebProtection ; C:WINDOWSsystem32DRIVERSmwac.sys [149424 2021-08-29] (Éditeur de compatibilité matérielle Microsoft Windows -> Malwarebytes)

R0 mounthlp; C:WINDOWSSystem32DRIVERSmounthlp.sys [66832 2017-08-31] (Paragon Software GmbH -> Paragon Software Group)

R3 vmulti ; C:WINDOWSSystem32driversvmulti.sys [10752 2014-09-17] (Éditeur de compatibilité matérielle Microsoft Windows -> Fournisseur DDK Windows ® Win 7)

S0 WdBoot ; C:WINDOWSSystem32driverswdWdBoot.sys [48536 2021-09-09] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)

R0 WdFiltre; C:WINDOWSSystem32driverswdWdFilter.sys [433384 2021-09-09] (Microsoft Windows -> Microsoft Corporation)

R3 WdNisDrv; C:WINDOWSSystem32driverswdWdNisDrv.sys [86264 2021-09-09] (Microsoft Windows -> Microsoft Corporation)

Filtre de clavier sans fil R3 ; C:WINDOWSSystem32driversWirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)

==================== NetSvcs (liste blanche) ===================

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé à moins qu'il ne soit répertorié séparément.)

==================== Un mois (créé) (Liste blanche) =========

(Si une entrée est incluse dans la liste de correctifs, le fichier/dossier sera déplacé.)

2021-09-13 16:08 – 2021-09-13 16:08 – 002303488 _____ (Farbar) C:UsersOwnerDownloadsFRST64 (1).exe

2021-09-13 14:14 – 2021-09-13 14:14 – 001225928 _____ C:UsersOwnerDownloadsIMG_8065.jpg.crdownload

2021-09-11 14:38 – 2021-09-11 14:38 – 000001423 _____ C:UsersOwnerAppDataRoamingMicrosoftWindowsStart MenuProgramsOutlook.lnk

2021-09-10 21:16 – 2021-09-10 21:16 – 000489996 _____ C:UsersOwnerDownloadsH1ode11.pdf

2021-09-10 01:15 – 2021-09-11 07:21 – 00000000 ____D C:Program FilesMozilla Firefox

2021-09-08 17:09 – 2021-09-08 17:09 – 00000000 ____D C:UsersOwnerDocumentsOutlook Files

2021-09-07 17:34 – 2021-09-07 17:34 – 000520041 _____ C:UsersOwnerDownloadsVirginPDF (1).pdf

2021-09-07 10:39 – 2021-09-07 10:39 – 000499380 _____ C:UsersOwnerDownloadsgrade8.pdf

2021-09-06 20:19 – 2021-09-06 20:38 – 1384663545 _____ C:UsersOwnerDownloadsRegardez le film gratuit en ligne Pans Labyrinth (2006) sur Streamm4u.c.mp4

2021-09-06 20:18 – 2021-09-06 20:28 – 894691878 _____ C:UsersOwnerDownloadsRegardez le film gratuit en ligne Thunderbird 6 (1968) sur Streamm4u.co.mp4

2021-09-04 16:47 – 2021-09-04 16:47 – 000298917 _____ C:UsersOwnerDownloadsInstructional Positions – Health Science (Open) (1).pdf

2021-09-04 16:45 – 2021-09-04 16:45 – 000425673 _____ C:UsersOwnerDownloadsClinical Instructor- Practical Nursing (Open).pdf

2021-09-04 16:41 – 2021-09-04 16:41 – 000629790 _____ C:UsersOwnerDownloadsdocument (23).pdf

2021-09-04 16:40 – 2021-09-04 16:40 – 000019808 _____ C:UsersOwnerDownloadsdocument (22).pdf

2021-09-04 16:40 – 2021-09-04 16:40 – 000019808 _____ C:UsersOwnerDownloadsdocument (21).pdf

2021-08-29 07:24 – 2021-08-29 07:24 – 132334800 _____ C:UsersOwnerDownloadsGH013785.MP4

2021-08-29 07:22 – 2021-08-29 07:26 – 892112626 _____ C:UsersOwnerDownloadsGH013205.MP4

2021-08-29 07:21 – 2021-08-29 07:26 – 1304454562 _____ C:UsersOwnerDownloadsGH013203.MP4

2021-08-29 07:21 – 2021-08-29 07:26 – 1071333410 _____ C:UsersOwnerDownloadsGH013204.MP4

2021-08-29 07:21 – 2021-08-29 07:25 – 880308392 _____ C:UsersOwnerDownloadsGH013202.MP4

2021-08-29 07:20 – 2021-08-29 07:25 – 575427272 _____ C:UsersOwnerDownloadsGH013201.MP4

2021-08-29 07:20 – 2021-08-29 07:24 – 1231333387 _____ C:UsersOwnerDownloadsGH013199.MP4

2021-08-29 07:19 – 2021-08-29 07:20 – 270137864 _____ C:UsersOwnerDownloadsGH013198.MP4

2021-08-29 04:40 – 2021-08-29 04:40 – 000248992 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbamswissarmy.sys

2021-08-29 04:40 – 2021-08-29 04:40 – 000210344 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamChameleon.sys

2021-08-29 04:40 – 2021-08-29 04:40 – 000198888 _____ (Malwarebytes) C:WINDOWSsystem32Driversfarflt.sys

2021-08-29 04:40 – 2021-08-29 04:40 – 000149424 _____ (Malwarebytes) C:WINDOWSsystem32Driversmwac.sys

2021-08-29 04:40 – 2021-08-29 04:40 – 000068528 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbam.sys

2021-08-26 14:34 – 2021-09-01 04:57 – 00000000 ____D C:UsersOwnerAppDataLocalLowIGDump

2021-08-25 22:43 – 2021-08-25 22:43 – 000002912 _____ C:WINDOWSsystem32TasksCCleanerSkipUAC – PROPRIÉTAIRE

2021-08-24 22:47 – 2021-08-24 22:47 – 000000000 ____D C:UsersOwnerDocumentsregistry backup

2021-08-24 22:34 – 2021-08-24 22:34 – 008553680 _____ (Malwarebytes) C:UsersOwnerDesktopadwcleaner_8.3.0.exe

2021-08-24 01:50 – 2021-08-24 01:50 – 000000306 _____ C:UsersOwnerDesktopaugust scan.txt

2021-08-21 18:22 – 2021-08-21 18:23 – 999353524 _____ C:UsersOwnerDownloadsxOWqYLJhRAWRKqZOQme36Q_2BIyE1XdRKZCb4XgyvqwRQ_o.MP4

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-13 16:14 – 2021-05-01 19:24 – 000030554 _____ C:UsersOwnerDownloadsFRST.txt

2021-09-13 16:13 – 2021-05-01 19:24 – 000000000 ____D C:FRST

2021-09-13 15:51 – 2021-03-23 05:55 – 000000000 ____D C:WINDOWSsystem32SleepStudy

2021-09-13 15:23 – 2017-10-31 15:55 – 000000000 ____D C:Program Files (x86)Google

2021-09-13 14:09 – 2020-09-02 00:40 – 000002438 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk

2021-09-13 14:09 – 2020-09-02 00:40 – 000002276 _____ C:UsersPublicDesktopMicrosoft Edge.lnk

2021-09-13 14:09 – 2019-12-07 06:44 – 000000000 ___HD C:Program FilesWindowsApps

2021-09-13 14:09 – 2019-12-07 06:44 – 000000000 ____D C:WINDOWSAppReadiness

2021-09-13 14:09 – 2019-12-07 06:44 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft

2021-09-13 14:02 – 2018-05-03 10:55 – 000000000 ____D C:UsersOwnerAppDataRoamingvlc

2021-09-13 13:59 – 2018-05-02 22:46 – 000000000 ____D C:UsersOwnerAppDataLocalLowMozilla

2021-09-13 13:29 – 2019-02-06 11:12 – 000000000 ____D C:ProgramDataMozilla

2021-09-13 11:21 – 2021-05-04 16:14 – 000001378 _____ C:UsersOwnerAppDataRoamingMicrosoftWindowsStart MenuProgramsESET Online Scanner.lnk

2021-09-13 11:21 – 2021-05-04 16:14 – 000001272 _____ C:UsersOwnerDesktopESET Online Scanner.lnk

2021-09-13 10:44 – 2018-05-17 14:53 – 000000000 ____D C:Program FilesCCleaner

2021-09-11 14:37 – 2021-03-23 10:26 – 000769700 _____ C:WINDOWSsystem32perfh00C.dat

2021-09-11 14:37 – 2021-03-23 10:26 – 000145092 _____ C:WINDOWSsystem32perfc00C.dat

2021-09-11 14:37 – 2018-05-17 17:31 – 001753160 _____ C:WINDOWSSysWOW64PerfStringBackup.INI

2021-09-11 11:22 – 2021-03-23 06:25 – 000004562 _____ C:WINDOWSsystem32TasksAdobe Acrobat Update Task

2021-09-11 07:37 – 2018-05-03 10:36 – 000000000 ____D C:Program Files (x86)Microsoft Office

2021-09-11 07:36 – 2019-12-07 06:43 – 000000000 ____D C:WINDOWSINF

2021-09-11 07:21 – 2021-03-23 06:25 – 000000006 ____H C:WINDOWSTasksSA.DAT

2021-09-11 07:21 – 2021-03-23 05:55 – 000008192 ___SH C:DumpStack.log.tmp

2021-09-11 07:21 – 2018-05-02 22:46 – 000000000 ____D C:Program Files (x86)Mozilla Maintenance Service

2021-09-10 08:19 – 2018-05-02 22:46 – 000001005 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsFirefox.lnk

2021-09-10 08:01 – 2020-12-14 10:46 – 000000000 ____D C:UsersOwnerDesktopNew folder

2021-09-09 08:19 – 2020-09-02 04:01 – 000000000 ____D C:Program FilesMicrosoft Update Health Tools

2021-09-09 05:17 – 2018-04-21 13:05 – 000000000 ____D C:WINDOWSsystem32Driverswd

2021-09-07 08:25 – 2021-01-20 01:41 – 000000000 ____D C:UsersOwnerDownloadsio-oi.xyz

2021-09-02 20:15 – 2017-10-31 15:55 – 000002301 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk

2021-09-02 20:15 – 2017-10-31 15:55 – 000002260 _____ C:UsersPublicDesktopGoogle Chrome.lnk

2021-09-02 05:10 – 2021-03-23 06:02 – 000000000 ____D C:UsersOwner

2021-09-02 05:07 – 2021-03-23 05:55 – 000472664 _____ C:WINDOWSsystem32FNTCACHE.DAT

2021-08-31 16:09 – 2017-11-01 13:32 – 000803176 ____N (Microsoft Corporation) C:WINDOWSsystem32MpSigStub.exe

2021-08-29 04:40 – 2019-03-19 02:12 – 000160176 _____ (Malwarebytes) C:WINDOWSsystem32Driversmbae64.sys

2021-08-25 22:43 – 2021-03-23 06:25 – 000003936 _____ C:WINDOWSsystem32TasksCCleaner Update

2021-08-24 22:44 – 2021-03-17 16:23 – 000000000 ___DC C:WINDOWSPanther

2021-08-24 22:44 – 2018-05-31 14:50 – 000000000 ____D C:UsersOwnerAppDataLocalCrashDumps

2021-08-24 22:37 – 2018-05-31 16:28 – 000000000 ____D C:UsersOwnerAppDataRoamingHewlett-Packard

2021-08-24 22:37 – 2018-05-31 16:26 – 000000000 ____D C:ProgramDataHewlett-Packard

2021-08-24 22:37 – 2018-05-31 16:26 – 000000000 ____D C:Program Files (x86)Hewlett-Packard

2021-08-23 07:22 – 2021-05-04 15:45 – 011697056 _____ (ESET) C:UsersOwnerDownloadsesetonlinescanner.exe

2021-08-22 16:03 – 2021-03-23 06:13 – 001709070 _____ C:WINDOWSsystem32PerfStringBackup.INI

2021-08-22 07:38 – 2019-12-07 06:33 – 000262144 _____ C:WINDOWSsystem32configBBI

2021-08-21 21:38 – 2021-05-03 13:42 – 000000000 ____D C:UsersOwnerDesktopNew folder (2)

2021-08-21 21:28 – 2021-03-19 10:43 – 000001107 _____ C:UsersPublicDesktopiMazing HEIC Converter.lnk

2021-08-21 21:28 – 2021-03-19 10:43 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsiMazing HEIC Converter

2021-08-17 06:25 – 2021-03-23 06:25 – 000000000 ____D C:WINDOWSsystem32TasksNCH Software

2021-08-17 01:22 – 2020-09-02 04:01 – 000486728 _____ (Microsoft Corporation) C:WINDOWSsystem32QualityUpdateAssistant.dll

2021-08-17 01:22 – 2020-02-19 08:40 – 000740168 _____ (Microsoft Corporation) C:WINDOWSsystem32sedplugins.dll

2021-08-16 01:59 – 2021-04-12 19:35 – 000003386 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore1d71fc04447c9f5

2021-08-16 01:59 – 2021-03-23 06:25 – 000003480 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineUA

==================== Files in the root of some directories ========

2018-06-30 12:58 – 2014-12-25 23:33 – 366402764 _____ () C:Program FilesImage-Line.FL.Studio.Producer.Edition.v11.1.0.R2.Incl.Keygen-R2R.rar

2020-05-27 00:23 – 2021-09-05 22:25 – 000262123 _____ () C:UsersOwnerAppDataRoamingError.log

2019-01-11 14:34 – 2019-01-11 14:34 – 000000078 _____ () C:UsersOwnerAppDataRoamingIC.dat

2018-05-06 20:25 – 2021-02-14 15:15 – 000036352 _____ () C:UsersOwnerAppDataLocalDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2019-11-29 19:24 – 2019-11-29 19:24 – 000000356 _____ () C:UsersOwnerAppDataLocalkarboncalligraphyrc

2019-10-24 19:05 – 2019-11-29 19:26 – 000089005 _____ () C:UsersOwnerAppDataLocalkrita.log

2019-11-29 19:26 – 2019-11-29 19:26 – 000000068 _____ () C:UsersOwnerAppDataLocalkritadisplayrc

2019-10-24 19:06 – 2019-11-29 19:26 – 000016863 _____ () C:UsersOwnerAppDataLocalkritarc

2018-07-07 23:21 – 2018-07-07 23:21 – 000001469 _____ () C:UsersOwnerAppDataLocalrecently-used.xbel

2018-05-06 22:47 – 2018-05-26 21:57 – 000007597 _____ () C:UsersOwnerAppDataLocalresmon.resmoncfg

2018-05-17 09:22 – 2018-05-17 09:22 – 000000003 _____ () C:UsersOwnerAppDataLocalwbem.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

ADDITION LOG

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-09-2021

Ran by Owner (13-09-2021 16:15:01)

Running from C:UsersOwnerDownloads

Windows 10 Pro Version 20H2 19042.1165 (X64) (2021-03-23 08:56:40)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-528068570-1047697352-1524386410-500 – Administrator – Disabled)

DefaultAccount (S-1-5-21-528068570-1047697352-1524386410-503 – Limited – Disabled)

Guest (S-1-5-21-528068570-1047697352-1524386410-501 – Limited – Disabled)

nubiw (S-1-5-21-528068570-1047697352-1524386410-1002 – Limited – Disabled)

Owner (S-1-5-21-528068570-1047697352-1524386410-1001 – Administrator – Enabled) => C:UsersOwner

WDAGUtilityAccount (S-1-5-21-528068570-1047697352-1524386410-504 – Limited – Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46

AS: Windows Defender (Enabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32…AC76BA86-7AD7-1033-7B44-AC0F074E4100) (Version: 21.005.20060 – Adobe Systems Incorporated)

Adobe Flash Player 32 NPAPI (HKLM-x32…Adobe Flash Player NPAPI) (Version: 32.0.0.433 – Adobe)

Adobe Flash Player 32 PPAPI (HKLM-x32…Adobe Flash Player PPAPI) (Version: 32.0.0.330 – Adobe)

AOMEI Partition Assistant Standard Edition 8.8 (HKLM-x32…2F850ED-FD0E-4ED1-BE0B-54981f5BD3D4_is1) (Version:  – AOMEI Technology Co., Ltd.)

CCleaner (HKLM…CCleaner) (Version: 5.84 – Piriform)

CCleaner Browser (HKLM-x32…CCleaner Browser) (Version: 84.1.5543.138 – Piriform Software)

CCleaner Update Helper (HKLM-x32…A92DAB39-4E2C-4304-9AB6-BC44E68B55E2) (Version: 1.5.21.0 – Piriform Software) Hidden

CDisplayEx 1.10.33 (HKLM…CDisplayEx_is1) (Version:  – Progdigy Software S.A.R.L.)

Centricity DICOM Viewer (HKLM-x32…Centricity DICOM Viewer) (Version: 3.1.4 – GE Healthcare IT)

Corel AfterShot 3 – ICA x64 (HKLM…FE875B02-11A1-4D1E-B57A-8DE2C00C0B51) (Version: 3.4 – Corel Corporation) Hidden

Corel AfterShot 3 – IPM Content x64 (HKLM…3E064BED-C9D8-4BEF-A2EE-8D67E99C3932) (Version: 3.4 – Corel Corporation) Hidden

Corel AfterShot 3 – IPM x64 (HKLM…5059B47C-4D7B-46E9-9D7A-1E2FCF5DDBED) (Version: 3.4.0.297 – Corel Corporation) Hidden

Corel AfterShot 3(64-bit) (HKLM…_FE875B02-11A1-4D1E-B57A-8DE2C00C0B51) (Version: 3.4.0.297 – Corel Corporation)

Corel Painter Essentials 5 – IPM (HKLM…7AE4E1DB-DD52-46DA-806C-30A10D3FDEA7) (Version: 5.0 – Corel Corporation) Hidden

Corel Painter Essentials 5 – IPM Content (HKLM…E7C117A5-E97D-487B-AEB6-1293FA0BF8E6) (Version: 5.0 – Corel Corporation) Hidden

Corel Painter Essentials 5 (HKLM…_7E35BD37-3F00-4FCB-A357-92F5D0CDEC2A) (Version: 0.0 – Corel Corporation)

Corel PaintShop Pro 2018 (HKLM-x32…_6000096B-318C-40F8-A450-043B6A602D16) (Version: 20.2.0.1 – Corel Corporation)

Corel Update Manager (HKLM…1E7AD2D2-EDD9-4334-992D-7F7ED9769217) (Version: 2.9.389 – Corel corporation) Hidden

Corel Update Manager (HKLM…67881956-8135-4804-9465-BA1419010638) (Version: 2.9.389 – Corel corporation) Hidden

Corel Update Manager (HKLM…B6C0FB43-0C9B-46E6-93E4-DF171ED80C53) (Version: 2.9.389 – Corel corporation) Hidden

Debut Video Capture Software (HKLM-x32…Debut) (Version: 7.39 – NCH Software)

Disk Drill 2.0.0.323 (HKLM-x32…C400FA2A-059E-4EF8-B687-542D7907ED97) (Version: 2.0.323 – CleverFiles)

DivX Setup (HKLM…DivX Setup) (Version: 10.8.7.0 – DivX, LLC)

Epic Games Launcher (HKLM-x32…C69A2919-0662-4390-9418-67C931B44C18) (Version: 1.1.236.0 – Epic Games, Inc.)

Epic Games Launcher Prerequisites (x64) (HKLM…66C5838F-B854-4A55-89E6-A6138747A4DF) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden

ffdshow x64 v1.3.4533 [2014-09-29] (HKLM…ffdshow64_is1) (Version: 1.3.4533.0 – )

Fishing Vessel Stability – Flash Component (HKLM-x32…CCPFH-FVSTABSIM-flash) (Version: 1.0.0 – )

Fishing Vessel Stability – Sim Component (HKLM-x32…CCPFH-FVSTABSIM-sim) (Version: 1.0.0 – )

Fishing Vessel Stability (HKLM-x32…CCPFH-FVSTABSIM-system) (Version: 1.0.0 – )

FlashGet3.7 (HKLM-x32…FlashGet3.7) (Version: 3.7.0.1195 – hxxp://www.FlashGet.com)

GIMP 2.10.4 (HKLM…GIMP-2_is1) (Version: 2.10.4 – The GIMP Team)

Google Chrome (HKLM-x32…Google Chrome) (Version: 93.0.4577.63 – Google LLC)

Google Play Music Desktop Player (HKUS-1-5-21-528068570-1047697352-1524386410-1001…GPMDP_3) (Version: 4.6.1 – Samuel Attard)

HHD Software Free Hex Editor Neo 6.52 (HKUS-1-5-21-528068570-1047697352-1524386410-1001…8EB85C0E-DE7D-4A53-BD66-708B8F2C80B0) (Version: 6.52.00.6347 – HHD Software, Ltd.)

ICA (HKLM-x32…6000096B-318C-40F8-A450-043B6A602D16) (Version: 20.2.0.1 – Corel Corporation) Hidden

IconHandler 64 bit (HKLM…4E82E2E9-668B-4F8A-814A-78E163FCDBCD) (Version: 2.0 – Corel Corporation) Hidden

Image Cartoonizer version 3.9.4 (HKLM-x32…5B7A8010-41AE-4811-ADA4-D49E648884C2_is1) (Version: 3.9.4 – Cartoonize.net)

iMazing HEIC Converter 1.0.10.0 (HKLM…FA58AFA9-B210-409C-88F1-2A90D577C170_is1) (Version: 1.0.10.0 – DigiDNA)

Intel® Processor Graphics (HKLM-x32…F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA) (Version: 10.18.10.4358 – Intel Corporation)

IPM_PSP_COM64 (HKLM…2013AABB-7212-4D79-B13B-25E567C2D0E4) (Version: 20.2.0.1 – Corel Corporation) Hidden

IsoBuster 4.5 (HKLM-x32…IsoBuster_is1) (Version: 4.5 – Smart Projects)

Jasc Animation Shop 3 (HKLM-x32…174D5678-D941-433C-BD23-58A5C7B0D36D) (Version: 3.05.0000 – Jasc Software Inc)

Krita (x64) 4.2.7.1 (HKLM…Krita_x64) (Version: 4.2.7.1 – Krita Foundation)

Launcher Prerequisites (x64) (HKLM-x32…c6c5a357-c7ca-4a5f-9789-3bb1af579253) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden

LAV Filters 0.74.1 (HKLM-x32…lavfilters_is1) (Version: 0.74.1 – Hendrik Leppkes)

Malwarebytes version 4.3.0.98 (HKLM…35065F43-4BB2-439A-BFF7-0F1014F2E0CD_is1) (Version: 4.3.0.98 – Malwarebytes)

MEGAsync (HKLM-x32…MEGAsync) (Version:  – Mega Limited)

Microsoft 365 Apps for enterprise – en-us (HKLM…O365ProPlusRetail – en-us) (Version: 16.0.14326.20238 – Microsoft Corporation)

Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 93.0.961.47 – Microsoft Corporation)

Microsoft Edge WebView2 Runtime (HKLM-x32…Microsoft EdgeWebView) (Version: 93.0.961.47 – Microsoft Corporation)

Microsoft OneDrive (HKUS-1-5-21-528068570-1047697352-1524386410-1001…OneDriveSetup.exe) (Version: 20.134.0705.0008 – Microsoft Corporation)

Microsoft Teams (HKUS-1-5-21-528068570-1047697352-1524386410-1001…Teams) (Version: 1.3.00.30866 – Microsoft Corporation)

Microsoft Update Health Tools (HKLM…7B981965-2FBC-433C-B4B3-E183EE97CD29) (Version: 2.83.0.0 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32…710f4c1c-cc18-4c49-8cbf-51240c89a1a2) (Version: 8.0.61001 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc) (Version: 8.0.59192 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.17 (HKLM…8220EEFE-38CD-377E-8595-13398D740ACE) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…9BE518E6-ECC6-35A9-88E4-87755C07200F) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…1D8E6291-B0D5-35EC-8441-6616F567A0F7) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…F0C3E5D1-1ADE-321E-8167-68EF0DE699A5) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…ca67548a-5ebe-413a-b50c-4b9ceb6d66c6) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…33d1fd90-4274-48a1-9bc1-97e33d9c2d6f) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…50d4fc8-5d48-4b8f-8972-47c82c46020f) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…f65db027-aff3-4070-886a-0d87064aabb1) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.24.28127 (HKLM-x32…282975d8-55fe-4991-bbbb-06a72581ce58) (Version: 14.24.28127.4 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.24.28127 (HKLM-x32…e31cb1a4-76b5-46a5-a084-3fa419e82201) (Version: 14.24.28127.4 – Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 (HKLM-x32…2BFC7AA0-544C-4E3A-8796-67F3BE655BE9) (Version: 4.0.20823.0 – Microsoft Corporation)

Mozilla Firefox (x64 en-US) (HKLM…Mozilla Firefox 92.0 (x64 en-US)) (Version: 92.0 – Mozilla)

Mozilla Maintenance Service (HKLM…MozillaMaintenanceService) (Version: 59.0.3 – Mozilla)

Nero 6 Demo (HKLM-x32…Nero – Burning Rom!UninstallKey) (Version:  – )

Nero InCD (HKLM…59482AA7-3E30-4B5E-A52F-4101DACC2707) (Version: 6.6.5100 – Nero AG)

Office 16 Click-to-Run Extensibility Component (HKLM-x32…90160000-008C-0000-0000-0000000FF1CE) (Version: 16.0.14326.20238 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM…90160000-00DD-0000-1000-0000000FF1CE) (Version: 16.0.14326.20238 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM…90160000-008F-0000-1000-0000000FF1CE) (Version: 16.0.14326.20238 – Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM-x32…90160000-008C-0409-0000-0000000FF1CE) (Version: 16.0.13801.20638 – Microsoft Corporation) Hidden

OpenAL (HKLM-x32…OpenAL) (Version:  – )

OpenOffice 4.1.4 (HKLM-x32…BDB210E1-06C5-451F-BDAC-C18DDC7C2F14) (Version: 4.14.9788 – Apache Software Foundation)

Painter Essentials 5 – Contentx64 (HKLM…F62567D5-C772-44A9-8197-3B16D42EB944) (Version: 5.0 – Corel Corporation) Hidden

Painter Essentials 5 – Core (HKLM…8E99D572-EE7E-4840-9C79-FA26C1FA08D2) (Version: 5.0.1 – Corel Corporation) Hidden

Painter Essentials 5 – Corex64 (HKLM…5A595A4C-E10E-4695-8914-317AE77CBB79) (Version: 5.0 – Corel Corporation) Hidden

Painter Essentials 5 – CT (HKLM…26489B02-A6F9-4F46-A59D-DB65FA8FD4F9) (Version: 5.0 – Corel Corporation) Hidden

Painter Essentials 5 – DE (HKLM…99211142-E2B0-4CE8-A35A-792A531BAD40) (Version: 5.0.1 – Corel Corporation) Hidden

Painter Essentials 5 – EN (HKLM…662D2525-13B4-41BF-824F-53A2E0D6FA82) (Version: 5.0.1 – Corel Corporation) Hidden

Painter Essentials 5 – FR (HKLM…B00BA6C2-FD72-4434-A82D-415C65DA359C) (Version: 5.0 – Corel Corporation) Hidden

Painter Essentials 5 – JP (HKLM…89BAB6D5-EA63-449B-A7AA-27E457C172C0) (Version: 5.0 – Corel Corporation) Hidden

Painter Essentials 5 – Setup Files (HKLM…7E35BD37-3F00-4FCB-A357-92F5D0CDEC2A) (Version: 5.0 – Corel Corporation) Hidden

Paragon HFS+ for Windows (HKLM-x32…429D6E81-8E1E-42E6-8AB9-025DD9157F9B) (Version: 9.2.0.42 – Paragon Software)

ParticleShop – Core (HKLM…539A8441-261C-42DA-8B4B-FB512F61D33B) (Version: 1.5 – Corel Corporation) Hidden

ParticleShop – IPM (HKLM…9E99AA1D-F1DC-442D-B9D9-8DD3EE529AE9) (Version: 1.5 – Corel Corporation) Hidden

ParticleShop – IPM Content (HKLM…67BDB811-383B-4D2B-870E-F27D2511F200) (Version: 1.5 – Corel Corporation) Hidden

ParticleShop (HKLM…_6F224046-E164-4B78-9867-3AE494271D29) (Version: 1.5.0.108 – Corel Corporation)

ParticleShop (HKLM…6F224046-E164-4B78-9867-3AE494271D29) (Version: 1.5 – Corel Corporation) Hidden

ParticleShop (HKLM…D4F483F8-71F1-457F-AB1B-31C61529B658) (Version: 1.5 – Corel Corporation) Hidden

PhotoPad Image Editor (HKLM-x32…PhotoPad) (Version: 4.19 – NCH Software)

PSPPContent (HKLM-x32…CC719875-8939-48D2-BA50-D5F5673C4C6A) (Version: 20.2.0.1 – Corel Corporation) Hidden

PSPPHelp (HKLM-x32…BBF5A9A0-82BD-4C51-9EAD-624651FE765B) (Version: 20.2.0.1 – Corel Corporation) Hidden

PSPPro64 (HKLM…A8A7345E-0111-4A73-9F0F-560A837BF901) (Version: 20.2.0.1 – Corel Corporation) Hidden

Realtek High Definition Audio Driver (HKLM-x32…F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC) (Version: 6.0.1.8328 – Realtek Semiconductor Corp.)

Samsung_MonSetup (HKLM-x32…8EA79DBF-D637-448A-89D6-410A087A4493) (Version: 1.00.0000 – Samsung)

Setup (HKLM-x32…C9C9ACD1-F275-45CB-B507-96486DB5E608) (Version: 20.2.0.1 – Corel Corporation) Hidden

Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)

Stellar Data Recovery (HKLM…Stellar Data Recovery_is1) (Version: 9.0.0.5 – Stellar Information Technology Pvt Ltd.)

StudioTax 2017 (HKLM-x32…45CD8473-5E55-4046-A7DC-55342B43B527) (Version: 13.0.5.0 – BHOK IT Consulting)

StudioTax 2018 (HKLM-x32…434FEE6C-16DB-41AF-99B8-5E4BF2D41D9D) (Version: 14.0.6.0 – BHOK IT Consulting)

StudioTax 2019 (HKLM-x32…24E4396E-4E7A-4837-A975-D4EAF3DFC958) (Version: 15.0.6.0 – BHOK IT Consulting)

Teams Machine-Wide Installer (HKLM-x32…39AF0813-FA7B-4860-ADBE-93B9B214B914) (Version: 1.2.0.34161 – Microsoft Corporation)

Toolkit (HKLM-x32…Toolkit) (Version: 1.5.3.3 – Seagate)

Undelete Navigator (HKLM-x32…UndeleteNavigator) (Version: 1.2.3.328 – www.4r-soft.com)

UninstallTabletDeviceDriver (HKLM…39089688-F09E-4DAD-8C80-647D3DF68630_is1) (Version: v13.14.13.170626 – )

VC80CRTRedist – 8.0.50727.6195 (HKLM-x32…933B4015-4618-4716-A828-5289FC03165F) (Version: 1.2.0 – DivX, Inc) Hidden

VideoPad Video Editor (HKLM-x32…VideoPad) (Version: 8.45 – NCH Software)

VLC media player (HKLM-x32…VLC media player) (Version: 3.0.12 – VideoLAN)

Windows Driver Package – Graphics Tablet (WinUsb) USBDevice  (04/10/2014 8.33.30.0) (HKLM…142118DF51345EA02D2B1583E102C8FB95FD6D52) (Version: 04/10/2014 8.33.30.0 – Graphics Tablet)

WinRAR 5.91 (64-bit) (HKLM…WinRAR archiver) (Version: 5.91.0 – win.rar GmbH)

Wondershare Helper Compact 2.5.3 (HKLM-x32…5363CE84-5F09-48A1-8B6C-6BB590FFEDF2_is1) (Version: 2.5.3 – Wondershare)

Wondershare Recoverit(Build 8.7.2.21) (HKLM-x32…829555DC-31E5-4FEA-B350-8FCF24CECD95_is1) (Version: 8.7.2.21 – Wondershare Software Co.,Ltd.)

Zoom (HKUS-1-5-21-528068570-1047697352-1524386410-1001…ZoomUMX) (Version: 5.4.1 (58698.1027) – Zoom Video Communications, Inc.)

Packages:

=========

Chess GrandMaster -> C:Program FilesWindowsApps44206SilentMonkGames.ChessGrandMaster_1.1.7.0_x86__9nr9yt7wn1prj [2020-06-20] (Silent Monk Games) [MS Ad]

Facebook -> C:Program FilesWindowsAppsFACEBOOK.FACEBOOK_2021.312.1.0_neutral__8xx8rvfyw5nnt [2021-03-25] (Facebook Inc)

File Downloader -> C:Program FilesWindowsApps25974MegaScopes.UniversalFileDownloader_3.6.0.0_x64__0pcxtv3ezwmq8 [2021-07-26] (MegaScopes)

HP Smart -> C:Program FilesWindowsAppsAD2F1837.HPPrinterControl_130.1.323.0_x64__v10z8vjag6ke6 [2021-08-20] (HP Inc.)

HP Support Assistant -> C:Program FilesWindowsAppsAD2F1837.HPSupportAssistant_9.8.27.0_x64__v10z8vjag6ke6 [2021-09-02] (HP Inc.)

iTunes -> C:Program FilesWindowsAppsAppleInc.iTunes_12114.15.53119.0_x64__nzyj5cx40ttqa [2021-08-11] (Apple Inc.) [Startup Task]

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-23] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-23] (Microsoft Corporation) [MS Ad]

Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-02] (Microsoft Studios) [MS Ad]

Microsoft Whiteboard -> C:Program FilesWindowsAppsMicrosoft.Whiteboard_21.10823.5772.0_x64__8wekyb3d8bbwe [2021-09-03] (Microsoft Corporation)

MPEG-2 Video Extension -> C:Program FilesWindowsAppsMicrosoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-26] (Microsoft Corporation)

Photos Add-on -> C:Program FilesWindowsAppsMicrosoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation)

Photos Media Engine Add-on -> C:Program FilesWindowsAppsMicrosoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-17] (Microsoft Corporation)

Time Lapse Creator -> C:Program FilesWindowsApps20332AchievementHoundsPod.5162681B85826_3.2.2.0_x64__3zepjrwat9r3j [2021-07-26] (Kyle Worley) [MS Ad]

Video to GIF Maker, Photo to GIF Maker -> C:Program FilesWindowsApps2725Swisspix.VideotoGIFMakerPhototoGIFMaker_1.1.3.0_x64__q68sgvev02mx6 [2019-02-28] (Swisspix) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKUS-1-5-21-528068570-1047697352-1524386410-1001_ClassesCLSID182FB546-8596-4CEF-9CB5-E9505BF7F628InprocServer32 -> C:UsersOwnerAppDataLocalHHD SoftwareFree Hex Editor Neohhdhexneo.dll (HHD Software Ltd. -> HHD Software Ltd.)

CustomCLSID: HKUS-1-5-21-528068570-1047697352-1524386410-1001_ClassesCLSID19A6E644-14E6-4A60-B8D7-DD20610A871DInprocServer32 -> C:UsersOwnerAppDataLocalMicrosoftTeamsMeetingAddin1.0.20275.4x64Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-528068570-1047697352-1524386410-1001_ClassesCLSID6DB27B2E-87AC-4354-927A-AD711A0ED77EInprocServer32 -> C:UsersOwnerAppDataLocalHHD SoftwareFree Hex Editor NeoFileDocument.dll (HHD Software Ltd. -> HHD Software Ltd.)

CustomCLSID: HKUS-1-5-21-528068570-1047697352-1524386410-1001_ClassesCLSID820D63D5-8CFF-46DE-86AF-4997DEDD6DB5localserver32 -> C:WINDOWSsystem32igfxEM.exe (Intel® pGFX -> Intel Corporation)

CustomCLSID: HKUS-1-5-21-528068570-1047697352-1524386410-1001_ClassesCLSIDA244CEC5-DB63-4ED9-B0D7-A0527C064113InprocServer32 -> C:UsersOwnerAppDataLocalHHD SoftwareFree Hex Editor NeoFileDocument.dll (HHD Software Ltd. -> HHD Software Ltd.)

CustomCLSID: HKUS-1-5-21-528068570-1047697352-1524386410-1001_ClassesCLSIDAE1514A4-5D7D-4D1B-BC7F-320E6962B0DDInprocServer32 -> C:UsersOwnerAppDataLocalHHD SoftwareFree Hex Editor NeoFileDocument.dll (HHD Software Ltd. -> HHD Software Ltd.)

CustomCLSID: HKUS-1-5-21-528068570-1047697352-1524386410-1001_ClassesCLSIDB845012A-F05A-4EC8-816D-B033183B9CA5InprocServer32 -> C:UsersOwnerAppDataLocalHHD SoftwareFree Hex Editor Neohhdhexneo.dll (HHD Software Ltd. -> HHD Software Ltd.)

CustomCLSID: HKUS-1-5-21-528068570-1047697352-1524386410-1001_ClassesCLSIDCB965DF1-B8EA-49C7-BDAD-5457FDC1BF92InprocServer32 -> C:UsersOwnerAppDataLocalMicrosoftTeamsMeetingAddin1.0.20091.2x64Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-528068570-1047697352-1524386410-1001_ClassesCLSIDF350F7C1-9F0E-4A97-8EEC-E690C7095BEFInprocServer32 -> C:UsersOwnerAppDataLocalHHD SoftwareFree Hex Editor NeoPatchAPIdllx64hexpatch64.dll () [File not signed]

ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> 056D528D-CE28-4194-9BA3-BA2E9197FF8C => C:UsersOwnerAppDataLocalMEGAsyncShellExtX64.dll [2017-10-18] () [File not signed]

ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> 05B38830-F4E9-4329-978B-1DD28605D202 => C:UsersOwnerAppDataLocalMEGAsyncShellExtX64.dll [2017-10-18] () [File not signed]

ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> 0596C850-7BDD-4C9D-AFDF-873BE6890637 => C:UsersOwnerAppDataLocalMEGAsyncShellExtX64.dll [2017-10-18] () [File not signed]

ShellIconOverlayIdentifiers: [NBHShellExt] -> 8D2223A2-B3C6-4e32-B096-CDD11F628C60 => C:Program FilesNeroToolsInCDNBHshx.dll [2009-10-16] (Nero AG -> Nero AG)

ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> 056D528D-CE28-4194-9BA3-BA2E9197FF8C => C:UsersOwnerAppDataLocalMEGAsyncShellExtX64.dll [2017-10-18] () [File not signed]

ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> 05B38830-F4E9-4329-978B-1DD28605D202 => C:UsersOwnerAppDataLocalMEGAsyncShellExtX64.dll [2017-10-18] () [File not signed]

ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> 0596C850-7BDD-4C9D-AFDF-873BE6890637 => C:UsersOwnerAppDataLocalMEGAsyncShellExtX64.dll [2017-10-18] () [File not signed]

ShellIconOverlayIdentifiers-x32: [NBHShellExt] -> 8D2223A2-B3C6-4e32-B096-CDD11F628C60 => C:Program FilesNeroToolsInCDNBHshx.dll [2009-10-16] (Nero AG -> Nero AG)

ContextMenuHandlers1: [DivXShellExtensionItem] -> 48A8A3B0-57E8-4F2B-A49D-19E02B92377B => C:Program Files (x86)Common FilesDivX SharedDivXShellExtension64.dll [2018-10-08] (DivX, LLC -> DivX, LLC)

ContextMenuHandlers1: [DivXShellExtensionItem64] -> 6B49A276-0DBA-43F4-BC96-A841AD11B40B => C:Program Files (x86)Common FilesDivX SharedDivXShellExtension64.dll [2018-10-08] (DivX, LLC -> DivX, LLC)

ContextMenuHandlers1: [MEGA (Context menu)] -> 0229E5E7-09E9-45CF-9228-0228EC7D5F17 => C:UsersOwnerAppDataLocalMEGAsyncShellExtX64.dll [2017-10-18] () [File not signed]

ContextMenuHandlers1: [NBHShellExt] -> 8D2223A2-B3C6-4e32-B096-CDD11F628C60 => C:Program FilesNeroToolsInCDNBHshx.dll [2009-10-16] (Nero AG -> Nero AG)

ContextMenuHandlers1: [WinRAR] -> B41DB860-64E4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> B41DB860-8EE4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers2: [InCDShellExt] -> 09bffb91-ecda-4149-bcfd-d87a345c219e => C:Program FilesNeroToolsInCDInCDshx.dll [2009-10-16] (Nero AG -> Nero AG)

ContextMenuHandlers2: [MEGA (Context menu)] -> 0229E5E7-09E9-45CF-9228-0228EC7D5F17 => C:UsersOwnerAppDataLocalMEGAsyncShellExtX64.dll [2017-10-18] () [File not signed]

ContextMenuHandlers2: [NBHShellExt] -> 8D2223A2-B3C6-4e32-B096-CDD11F628C60 => C:Program FilesNeroToolsInCDNBHshx.dll [2009-10-16] (Nero AG -> Nero AG)

ContextMenuHandlers3: [MEGA (Context menu)] -> 0229E5E7-09E9-45CF-9228-0228EC7D5F17 => C:UsersOwnerAppDataLocalMEGAsyncShellExtX64.dll [2017-10-18] () [File not signed]

ContextMenuHandlers4: [MEGA (Context menu)] -> 0229E5E7-09E9-45CF-9228-0228EC7D5F17 => C:UsersOwnerAppDataLocalMEGAsyncShellExtX64.dll [2017-10-18] () [File not signed]

ContextMenuHandlers4: [NBHShellExt] -> 8D2223A2-B3C6-4e32-B096-CDD11F628C60 => C:Program FilesNeroToolsInCDNBHshx.dll [2009-10-16] (Nero AG -> Nero AG)

ContextMenuHandlers5: [igfxDTCM] -> 9B5F5829-A529-4B12-814A-E81BCB8D93FC => C:WINDOWSsystem32igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

ContextMenuHandlers6: [NBHShellExt] -> 8D2223A2-B3C6-4e32-B096-CDD11F628C60 => C:Program FilesNeroToolsInCDNBHshx.dll [2009-10-16] (Nero AG -> Nero AG)

ContextMenuHandlers6: [WinRAR] -> B41DB860-64E4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> B41DB860-8EE4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:UsersOwnerDesktopDesktop1Anthony – Chrome.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC) -> –profile-directory="Default"

ShortcutWithArgument: C:UsersOwnerDesktopDesktop1charles – Chrome.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC) -> –profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2017-10-18 19:21 – 2017-10-18 19:21 – 000598528 _____ () [File not signed] C:UsersOwnerAppDataLocalMEGAsyncShellExtX64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:desktop.ini:CachedTiles [464]

AlternateDataStreams: C:E:| [327680002]

AlternateDataStreams: C:UsersPublicDRM:احتضان [48]

AlternateDataStreams: C:UsersPublicShared Files:VersionCache [484]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => ""="Service"

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> 31D09BA0-12F5-4CCE-BE8A-2923E76605DA -> C:Program Files (x86)Microsoft OfficerootVFSProgramFilesX64Microsoft OfficeOffice16OCHelper.dll [2021-09-11] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Skype for Business Browser Helper -> 31D09BA0-12F5-4CCE-BE8A-2923E76605DA -> C:Program Files (x86)Microsoft OfficerootOffice16OCHelper.dll [2021-09-11] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: FlashGetBHO -> b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0 -> C:UsersOwnerAppDataRoamingFlashGetBHOFlashGetBHO.dll [2012-01-06] (Trend Media Corporation Limited -> Trend Media Group)

Handler-x32: mso-minsb-roaming.16 – 83C25742-A9F7-49FB-9138-434302C88D07 – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-09-11] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-09-11] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf-roaming.16 – 42089D2D-912D-4018-9087-2B87803E93FB – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-09-11] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 – 5504BE45-A83B-4808-900A-3A5C36E7F77A – C:Program Files (x86)Microsoft OfficerootOffice16MSOSB.DLL [2021-09-11] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKUS-1-5-21-528068570-1047697352-1524386410-1001…sharepoint.com -> hxxps://athabascaedu-files.sharepoint.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKUS-1-5-21-528068570-1047697352-1524386410-1001Control PanelDesktop\Wallpaper -> c:windowswebwallpapertheme1img1.jpg

DNS Servers: 192.168.2.1 – 142.166.166.166

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)

HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: )

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIGServices: AdobeARMservice => 2

MSCONFIGServices: AdobeFlashPlayerUpdateSvc => 3

MSCONFIGServices: BEService => 3

MSCONFIGServices: ccleaner => 2

MSCONFIGServices: CCleanerBrowserElevationService => 3

MSCONFIGServices: ccleanerm => 3

MSCONFIGServices: cphs => 3

MSCONFIGServices: EasyAntiCheat => 3

MSCONFIGServices: GoogleChromeElevationService => 3

MSCONFIGServices: gupdate => 2

MSCONFIGServices: gupdatem => 3

MSCONFIGServices: hpqcaslwmiex => 3

MSCONFIGServices: HPSupportSolutionsFrameworkService => 2

MSCONFIGServices: igfxCUIService1.0.0.0 => 2

MSCONFIGServices: InCDSrv => 2

MSCONFIGServices: MozillaMaintenance => 3

MSCONFIGServices: NeroRegInCDSrv => 2

MSCONFIGServices: PSI_SVC_2 => 2

MSCONFIGServices: PSI_SVC_2_x64 => 2

MSCONFIGServices: RtkAudioService => 2

MSCONFIGServices: Steam Client Service => 3

HKLM…StartupApprovedRun: => "RtHDVBg"

HKLM…StartupApprovedRun: => "RTHDVCPL"

HKLM…StartupApprovedRun: => "TabletDriver"

HKLM…StartupApprovedRun32: => "DivXMediaServer"

HKLM…StartupApprovedRun32: => "TeamsMachineInstaller"

HKLM…StartupApprovedRun32: => "InCD"

HKLM…StartupApprovedRun32: => "NBHGui"

HKLM…StartupApprovedRun32: => "NeroFilterCheck"

HKUS-1-5-21-528068570-1047697352-1524386410-1001…StartupApprovedStartupFolder: => "MEGAsync.lnk"

HKUS-1-5-21-528068570-1047697352-1524386410-1001…StartupApprovedRun: => "OneDrive"

HKUS-1-5-21-528068570-1047697352-1524386410-1001…StartupApprovedRun: => "Toolkit"

HKUS-1-5-21-528068570-1047697352-1524386410-1001…StartupApprovedRun: => "CCleaner Monitoring"

HKUS-1-5-21-528068570-1047697352-1524386410-1001…StartupApprovedRun: => "CCleaner Smart Cleaning"

HKUS-1-5-21-528068570-1047697352-1524386410-1001…StartupApprovedRun: => "FlashGet 3"

HKUS-1-5-21-528068570-1047697352-1524386410-1001…StartupApprovedRun: => "EpicGamesLauncher"

HKUS-1-5-21-528068570-1047697352-1524386410-1001…StartupApprovedRun: => "com.squirrel.Teams.Teams"

HKUS-1-5-21-528068570-1047697352-1524386410-1001…StartupApprovedRun: => "Steam"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User86C6FF18-0D96-4B5E-88CA-CFF0CA653C67C:usersownerappdatalocalmicrosoftteamscurrentteams.exe] => (Allow) C:usersownerappdatalocalmicrosoftteamscurrentteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [TCP Query User6625A42A-56A7-456E-8991-D1B6AC82B98EC:usersownerappdatalocalmicrosoftteamscurrentteams.exe] => (Allow) C:usersownerappdatalocalmicrosoftteamscurrentteams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [BA4966C8-CF44-4D3E-B84B-A4B598B01EF9] => (Allow) C:UsersOwnerAppDataRoamingZoombinZoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FirewallRules: [839DA6D7-3496-41EB-AF26-5DC284F37A2F] => (Allow) C:Program Files (x86)CCleaner BrowserApplicationCCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)

FirewallRules: [E6D7A676-5269-481F-925F-62D27200D50D] => (Allow) C:UsersOwnerDesktopNew foldersteamappscommonGarrysModhl2.exe () [File not signed]

FirewallRules: [9356B34E-46F3-453E-8CFD-5D5542E1D846] => (Allow) C:UsersOwnerDesktopNew foldersteamappscommonGarrysModhl2.exe () [File not signed]

FirewallRules: [D12AFFCB-077D-4735-80AD-B2B3C50A798F] => (Allow) LPort=57209

FirewallRules: [687E76A0-7469-4714-85A4-54318BC2EFF4] => (Allow) LPort=57209

FirewallRules: [AE98E806-8650-44A4-B29E-258053D94B82] => (Allow) C:UsersOwnerDesktopNew folderbincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [66EFA15D-AD6F-4C92-A01D-156B4D8FC5D5] => (Allow) C:UsersOwnerDesktopNew folderbincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [D0DADDB3-954C-40DE-91FF-67C03EA93A31] => (Allow) C:UsersOwnerDesktopNew folderSteam.exe (Valve -> Valve Corporation)

FirewallRules: [BDACBB6B-41F3-4F79-86AF-FC6EFF2FF4E7] => (Allow) C:UsersOwnerDesktopNew folderSteam.exe (Valve -> Valve Corporation)

FirewallRules: [6758C8BB-ADC2-4281-BAF9-CF32E982B973] => (Allow) C:Program FilesCCleanerCCUpdate.exe (Piriform Software Ltd -> Piriform)

FirewallRules: [A85AD11D-8327-4DDC-A882-117C9245A7C7] => (Allow) C:Program FilesCCleanerCCUpdate.exe (Piriform Software Ltd -> Piriform)

FirewallRules: [UDP Query User058FE14E-6D92-4E75-B781-366A71C74B38C:program files (x86)flashget networkflashget 3flashget3.exe] => (Block) C:program files (x86)flashget networkflashget 3flashget3.exe (Trend Media Corporation Limited -> Trend Media Corporation Limited) [File not signed]

FirewallRules: [TCP Query UserDA7AD5CD-E5D1-46FE-B09C-2E4A5140C09DC:program files (x86)flashget networkflashget 3flashget3.exe] => (Block) C:program files (x86)flashget networkflashget 3flashget3.exe (Trend Media Corporation Limited -> Trend Media Corporation Limited) [File not signed]

FirewallRules: [UDP Query UserF13E01DC-4C9F-44B5-9299-CBCB64174CC6C:program files (x86)flashget networkflashget 3flashget3.exe] => (Block) C:program files (x86)flashget networkflashget 3flashget3.exe (Trend Media Corporation Limited -> Trend Media Corporation Limited) [File not signed]

FirewallRules: [TCP Query User9EB60944-5889-48EC-8DE0-C0276BE08D2FC:program files (x86)flashget networkflashget 3flashget3.exe] => (Block) C:program files (x86)flashget networkflashget 3flashget3.exe (Trend Media Corporation Limited -> Trend Media Corporation Limited) [File not signed]

FirewallRules: [UDP Query User28408841-F96A-4FCF-9DEC-29F307CA0FECC:usersownerappdatalocalgpmdp_3app-4.6.1google play music desktop player.exe] => (Allow) C:usersownerappdatalocalgpmdp_3app-4.6.1google play music desktop player.exe (Samuel Attard -> Samuel Attard) [File not signed]

FirewallRules: [TCP Query User3B5CACAF-EFA3-4152-8894-E5557D37B26CC:usersownerappdatalocalgpmdp_3app-4.6.1google play music desktop player.exe] => (Allow) C:usersownerappdatalocalgpmdp_3app-4.6.1google play music desktop player.exe (Samuel Attard -> Samuel Attard) [File not signed]

FirewallRules: [UDP Query UserD60737BE-8974-403E-853A-8B7D0BA6318BC:program files (x86)videolanvlcvlc.exe] => (Block) C:program files (x86)videolanvlcvlc.exe (VideoLAN -> VideoLAN)

FirewallRules: [TCP Query UserA36E4351-835C-4EE5-9E6E-5E5C89F753F2C:program files (x86)videolanvlcvlc.exe] => (Block) C:program files (x86)videolanvlcvlc.exe (VideoLAN -> VideoLAN)

FirewallRules: [E30A8E2F-D378-48CF-83F8-D67BAB4F76B1] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [D56ED4BB-55A3-4638-B481-D02DBF3B827E] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [E877A9A2-8B02-4759-8B5A-0DACD31E863B] => (Allow) C:WindowsSysWOW64msiexec.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [TCP Query User43174638-6E0B-431F-9D26-27991BE6E254C:program files (x86)divxdivx media serverdivxmediaserver.exe] => (Allow) C:program files (x86)divxdivx media serverdivxmediaserver.exe (DivX, LLC. -> DivX, LLC)

FirewallRules: [UDP Query User37AF9C40-A6CE-4614-8058-6877456C8CC3C:program files (x86)divxdivx media serverdivxmediaserver.exe] => (Allow) C:program files (x86)divxdivx media serverdivxmediaserver.exe (DivX, LLC. -> DivX, LLC)

FirewallRules: [6BE3D97A-E693-4E5D-8DF2-0EB9174F78F1] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [1718868A-B3C1-4217-836B-B41BCB43142C] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [53EE0785-71A3-47C6-9189-4B0F38B1BCED] => (Allow) C:UsersOwnerDesktopNew foldersteamappscommonFistful of Fragssdkhl2.exe (Valve -> )

FirewallRules: [9CC59742-7AE7-4B84-BF58-8B8E4865663A] => (Allow) C:UsersOwnerDesktopNew foldersteamappscommonFistful of Fragssdkhl2.exe (Valve -> )

FirewallRules: [9260B117-723A-43DE-88F8-045921654AAC] => (Allow) C:UsersOwnerDesktopNew foldersteamappscommonPost VoidPost Void.exe (YCJY Games) [File not signed]

FirewallRules: [E42B4B25-88E4-47CF-A65E-2387AD6362A8] => (Allow) C:UsersOwnerDesktopNew foldersteamappscommonPost VoidPost Void.exe (YCJY Games) [File not signed]

FirewallRules: [7F44A382-C5D7-4D04-9D61-6C43C552E7C1] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12114.15.53119.0_x64__nzyj5cx40ttqaiTunes.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [DA110D4B-99A7-4802-B157-8969C6CA8DDC] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12114.15.53119.0_x64__nzyj5cx40ttqaiTunes.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [0F6B23E9-E96E-487B-80B3-7AD8DD3C2154] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12114.15.53119.0_x64__nzyj5cx40ttqaiTunes.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [D9C61E0C-D8B7-4CA1-B065-096E722D8517] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12114.15.53119.0_x64__nzyj5cx40ttqaiTunes.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [5349DA23-A09D-4955-A741-AC33A760C983] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12114.15.53119.0_x64__nzyj5cx40ttqaAMDS64AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [AEAE4DEF-6078-41F3-AE8E-3C029EA6B6F5] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12114.15.53119.0_x64__nzyj5cx40ttqaAMDS64AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [5E873A39-B5C6-4EEA-A1B5-03F3D3070713] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12114.15.53119.0_x64__nzyj5cx40ttqaAMDS64AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [94CA22D7-404F-4A71-87C6-5523EECFDD65] => (Allow) C:Program FilesWindowsAppsAppleInc.iTunes_12114.15.53119.0_x64__nzyj5cx40ttqaAMDS64AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [6605DD57-100A-4700-BB8A-1073B432F184] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [C80A36DC-E203-470C-BF79-A9ACC9A9307D] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [28ECFC7E-E855-47A0-91B6-E875C6FF2785] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [8F5070D9-C6A6-45EF-97BC-F64FB32BF3E6] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [ACD7FDDF-1324-4417-B942-593719265238] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

FirewallRules: [6A0CF7A0-2CFE-4B43-8136-5AF7601D8CBA] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16outlook.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [F05BAE52-3783-478F-8396-CA7D5098961E] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16Lync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [AC62324D-7CB0-4922-9396-5CC3738BD73A] => (Allow) C:Program Files (x86)Microsoft OfficerootOffice16UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [66E162A4-0DFF-40BB-8590-C5607747B6B6] => (Allow) C:Program Files (x86)MicrosoftEdgeWebViewApplication93.0.961.47msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

StandardProfileAuthorizedApplications: [C:Program Files (x86)FlashGet NetworkFlashGet 3FlashGet3.exe] => Enabled:Flashget3

==================== Restore Points =========================

24-08-2021 22:36:43 AdwCleaner_BeforeCleaning_24/08/2021_22:36:36

03-09-2021 07:12:03 Scheduled Checkpoint

12-09-2021 07:26:12 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

Name: Standard PS/2 Keyboard

Description: Standard PS/2 Keyboard

Class Guid: 4d36e96b-e325-11ce-bfc1-08002be10318

Manufacturer: (Standard keyboards)

Service: i8042prt

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft PS/2 Mouse

Description: Microsoft PS/2 Mouse

Class Guid: 4d36e96f-e325-11ce-bfc1-08002be10318

Manufacturer: Microsoft

Service: i8042prt

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: ========================

Application errors:

==================

Error: (09/08/2021 02:41:34 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )

Description: The storage optimizer couldn't complete retrim on (C:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (09/02/2021 07:43:51 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )

Description: The storage optimizer couldn't complete retrim on (C:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (08/26/2021 06:45:20 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program CCleaner64.exe version 5.84.0.9126 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2a60

Start Time: 01d79a17ab24a3dc

Termination Time: 4294967295

Application Path: C:Program FilesCCleanerCCleaner64.exe

Report Id: 53192988-f37f-4f65-9805-caa507e285b9

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle

Error: (08/25/2021 12:19:56 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )

Description: The storage optimizer couldn't complete retrim on (C:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (08/22/2021 04:08:27 PM) (Source: Windows Search Service) (EventID: 7042) (User: )

Description: The Windows Search Service is being stopped because there is a problem with the indexer: Recovery phase failed.

Context:  Application, SystemIndex Catalog

Des détails:

The gatherer is shutting down.  (HRESULT : 0x80040d23) (0x80040d23)

Error: (08/22/2021 04:08:27 PM) (Source: Windows Search Service) (EventID: 3602) (User: )

Description: Error ID 1 happened in Windows Search recovery stage, please restart the service. If this error persists, please recreate the index.

Context:  Application, SystemIndex Catalog

Des détails:

The gatherer is shutting down.  (HRESULT : 0x80040d23) (0x80040d23)

Error: (08/21/2021 09:28:21 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program iMazing HEIC Converter.exe version 1.0.10.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2594

Start Time: 01d796e719566af7

Termination Time: 4294967295

Application Path: C:Program FilesDigiDNAiMazing HEIC ConverteriMazing HEIC Converter.exe

Report Id: e3ed122d-3f80-493d-a4e4-b35546b94b1c

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle

Error: (08/18/2021 12:56:47 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )

Description: The storage optimizer couldn't complete retrim on (C:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

System errors:

=============

Error: (09/13/2021 04:02:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (09/13/2021 04:02:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The HP System Info HSA Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (09/13/2021 04:02:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Microsoft Office Click-to-Run Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (09/13/2021 04:02:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The HP Print Scan Doctor Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (09/13/2021 04:02:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The HP App Helper HSA Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (09/13/2021 04:02:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The HP Diagnostics HSA Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (09/13/2021 04:02:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The HP Network HSA Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (09/13/2021 11:23:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The eapihdrv service failed to start due to the following error:

This driver has been blocked from loading

Windows Defender:

================

Date: 2021-09-13 07:06:13

La description:

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2021-09-12 07:24:13

La description:

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2021-09-11 08:26:58

La description:

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2021-09-11 08:16:53

La description:

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2021-09-11 07:39:05

La description:

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

==================== Memory info ===========================

BIOS: Hewlett-Packard K01 v02.90 07/16/2013

Motherboard: Hewlett-Packard 3397

Processor: Intel® Core™ i5-3470 CPU @ 3.20GHz

Percentage of memory in use: 61%

Total physical RAM: 6018.05 MB

Available physical RAM: 2332.03 MB

Total Virtual: 12018.05 MB

Available Virtual: 8017.75 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.91 GB) (Free:522.57 GB) NTFS

\?Volumeb7cc10b3-ae3d-4df5-b3d6-30b393a263a8 () (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS

\?Volumed509af32-31bb-4dd1-aa9d-b4040c3ea05d () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================

Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Click to rate this post!
[Total: 0 Average: 0]

Commentaires

Laisser un commentaire

Votre commentaire sera révisé par les administrateurs si besoin.