I tried running tdsskiller after 1st not being able to download it (redirected to an about:blank page) and I got BSOD. (same thing on another pc I tried). Also I noticed when I extract and copy contents the speed fluctuates (it goes down to zero and then back to normal speeds).
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-04-2021
Ran by AAman (administrator) on PC1 (07-04-2021 14:19:21)
Running from C:UsersonextDesktop
Loaded Profiles: user & AAman
Platform: Windows 10 Enterprise Version 20H2 19042.867 (X64) Language: English (United States) -> English (United States)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:Bazarrnssm.exe
() [File not signed] C:nginxnginx.exe <2>
() [File not signed] C:Program Files (x86)IDBKUPSmartUPSmart.exe
() [File not signed] C:Program FilesqBittorrentqbittorrent.exe
() [File not signed] C:Python27pythonw.exe
(BigStretch) [File not signed] C:UsersonextAppDataRoamingMicrosoftWindowsStart MenuProgramsMonkeymattBig Stretchbigstretch.exe
(BitTorrent Inc -> BitTorrent, Inc.) C:Program Files (x86)uTorrentuTorrent.exe
(DeepL GmbH) [File not signed] C:UsersonextAppDataLocalDeepLapp-2.3.1DeepL.exe
(ESET, spol. s r.o. -> ESET) C:Program FilesESETESET SecurityeguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:Program FilesESETESET Securityekrn.exe
(Google LLC -> ) C:Program FilesGoogleDrivegoogledrivesync.exe <2>
(Google LLC -> ) C:Program FilesGoogleDrivenativeproxy.exe <3>
(Google LLC -> Google LLC) C:Program Files (x86)GoogleChromeApplicationchrome.exe <33>
(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.72GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.72GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:Program Files (x86)HPHP Software Updatehpwuschd2.exe
(Iain Patterson) [File not signed] C:WindowsSystem32nssm.exe <2>
(JackettConsole) [File not signed] C:ProgramDataJackettJackettConsole.exe
(JackettService) [File not signed] C:ProgramDataJackettJackettService.exe
(JackettTray) [File not signed] C:ProgramDataJackettJackettTray.exe
(Mega Limited -> Mega Limited) C:UsersonextAppDataLocalMEGAsyncMEGAsync.exe
(Microsoft Corporation -> ) C:Program Files (x86)MicrosoftEdge BetaApplicationpwahelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:Program Files (x86)MicrosoftEdge BetaApplicationmsedge.exe <11>
(Microsoft Corporation -> Microsoft Corporation) C:Program FilesMicrosoft Mouse and Keyboard Centeripoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:Program FilesMicrosoft Mouse and Keyboard Centeritype.exe
(Microsoft Corporation -> Microsoft Corporation) C:Program FilesMicrosoft Mouse and Keyboard CenterMKCHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:Program FilesPowerToysmoduleslauncherPowerLauncher.exe
(Microsoft Corporation -> Microsoft Corporation) C:Program FilesPowerToysPowerToys.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsImmersiveControlPanelSystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe
(Notepad++ -> Don HO don.h@free.fr) C:Program FilesNotepad++notepad++.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationDisplay.NvContainerNVDisplay.Container.exe <2>
(Plex, Inc. -> ) C:Program Files (x86)PlexPlex Media ServerPlex Tuner Service.exe
(Plex, Inc. -> Plex, Inc.) C:Program Files (x86)PlexPlex Media ServerPlex Media Server.exe
(Plex, Inc. -> Plex, Inc.) C:Program Files (x86)PlexPlex Media ServerPlex Update Service.exe
(Plex, Inc. -> Python Software Foundation) C:Program Files (x86)PlexPlex Media ServerPlexScriptHost.exe
(Python Software Foundation -> Python Software Foundation) C:BazarrWinPythonpython-3.8.0python.exe <2>
(radarr.video) [File not signed] C:ProgramDataRadarrbinRadarr.exe
(RouteThis Inc. -> ) C:UsersonextAppDataLocalVideostreamapp-0.4.3videostream-nativevideostream-native.exe <2>
(RouteThis Inc. -> Videostream) C:UsersonextAppDataLocalVideostreamapp-0.4.3Videostream.exe
(ShareX Team) [File not signed] C:Program FilesShareXShareX.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:Program Files (x86)MicrosoftSkype for DesktopSkype.exe <5>
(sonarr.tv) [File not signed] C:ProgramDataSonarrbinSonarr.exe
(Tailscale Inc. -> Tailscale Inc.) C:Program Files (x86)Tailscale IPNtailscale-ipn.exe <3>
(The CefSharp Authors) [File not signed] C:UsersonextAppDataLocalDeepLapp-2.3.1x64CefSharp.BrowserSubprocess.exe <3>
(The PHP Group) [File not signed] C:nginxphpphp-cgi.exe <4>
0 C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5cSkypeSkype.exe <6>
0 C:Program FilesWindowsAppsmicrosoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbweHxOutlook.exe
0 C:Program FilesWindowsAppsmicrosoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbweHxTsr.exe
0 C:Program FilesWindowsAppsMicrosoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbweWinStore.App.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM…Run: [egui] => C:Program FilesESETESET SecurityecmdS.exe [175504 2020-11-04] (ESET, spol. s r.o. -> ESET)
HKLM…Run: [Wondershare Helper Compact.exe] => C:Program FilesCommon FilesWondershareWondershare Helper CompactWSHelper.exe
HKLM…Run: [WSVCUUpdateHelper.exe] => C:Program FilesWondershareWondershare UniConverterWSVCUUpdateHelper.exe
HKLM-x32…Run: [KeePass 2 PreLoad] => C:Program Files (x86)KeePass Password Safe 2KeePass.exe [3137728 2021-01-09] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32…Run: [HP Software Update] => C:Program Files (x86)HpHP Software UpdateHPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32…Run: [Wondershare Helper Compact.exe] => C:Program Files (x86)Common FilesWondershareWondershare Helper CompactWSHelper.exe
HKUS-1-5-21-3472972625-813258079-3912501916-1001…Run: [Plex Media Server] => C:Program Files (x86)PlexPlex Media ServerPlex Media Server.exe [21674096 2021-04-01] (Plex, Inc. -> Plex, Inc.)
HKUS-1-5-21-3472972625-813258079-3912501916-1001…Run: [qBittorrent] => C:Program FilesqBittorrentqbittorrent.exe [26243584 2021-03-24] () [File not signed]
HKUS-1-5-21-3472972625-813258079-3912501916-1001…Run: [uTorrent] => C:Program Files (x86)uTorrentuTorrent.exe [399736 2019-07-30] (BitTorrent Inc -> BitTorrent, Inc.)
HKUS-1-5-21-3472972625-813258079-3912501916-1001…Run: [GoogleDriveSync] => C:Program FilesGoogleDrivegoogledrivesync.exe [50041472 2021-03-12] (Google LLC -> )
HKUS-1-5-21-3472972625-813258079-3912501916-1001…Run: [electron.app.Fing] => C:Program FilesFingFing.exe –processStart “Fing.exe” –process-start-args “–hidden”
HKUS-1-5-21-3472972625-813258079-3912501916-1001…Run: [Videostream] => C:UsersonextAppDataLocalVideostreamapp-0.4.3Videostream.exe [340584 2020-08-25] (RouteThis Inc. -> Videostream)
HKUS-1-5-21-3472972625-813258079-3912501916-1001…Run: [UPSmart] => C:Program Files (x86)IDBKUPSmartUPSmart.exe [3230208 2014-07-11] () [File not signed]
HKUS-1-5-21-3472972625-813258079-3912501916-1001…Run: [GlassWire] => “C:Program Files (x86)GlassWireglasswire.exe” -hide
HKUS-1-5-21-3472972625-813258079-3912501916-1001…Run: [DeepL] => C:UsersonextAppDataLocalDeepLapp-2.3.1DeepL.exe [199680 2021-04-07] (DeepL GmbH) [File not signed]
HKUS-1-5-21-3472972625-813258079-3912501916-1001…Run: [Skype for Desktop] => C:Program Files (x86)MicrosoftSkype for DesktopSkype.exe [109945728 2021-02-12] (Skype Software Sarl -> Skype Technologies S.A.)
HKUS-1-5-21-3472972625-813258079-3912501916-1001…Run: [XperiaCompanionAgent] => “C:Program Files (x86)SonyXperia CompanionXperiaCompanionAgent.exe”
HKUS-1-5-21-3472972625-813258079-3912501916-1001…Run: [SUPERAntiSpyware] => C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe
HKUS-1-5-21-3472972625-813258079-3912501916-1001…MountPoints2: {301c2dff-8328-11eb-82c5-60a44c5975da} – “E:startme.exe”
HKUS-1-5-21-3472972625-813258079-3912501916-1001…MountPoints2: {feccbcff-e8c9-11ea-82a2-60a44c5975da} – “D:Setup.exe”
HKUS-1-5-21-3472972625-813258079-3912501916-1004…Run: [NordVPN] => C:Program Files (x86)NordVPNNordVPN.exe
HKUS-1-5-21-3472972625-813258079-3912501916-1005…MountPoints2: {feccbcff-e8c9-11ea-82a2-60a44c5975da} – “D:Setup.exe”
HKUS-1-5-18…Run: [Plex Media Server] => C:Program Files (x86)PlexPlex Media ServerPlex Media Server.exe [21674096 2021-04-01] (Plex, Inc. -> Plex, Inc.)
HKLM…PrintMonitorsHP C211 Status Monitor: C:WINDOWSsystem32hpinkstsC211LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM…PrintMonitorsHP Discovery Port Monitor (HP Deskjet 2540 series): C:WINDOWSsystem32HPDiscoPMC211.dll [763912 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKLMSoftwareMicrosoftActive SetupInstalled Components: [{43F137B0-8F4D-463B-AB83-ADEAD4F15096}] -> C:Program Files (x86)MicrosoftEdge BetaApplication90.0.818.27Installersetup.exe [2021-04-03] (Microsoft Corporation -> Microsoft Corporation)
HKLMSoftwareMicrosoftActive SetupInstalled Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program Files (x86)GoogleChromeApplication89.0.4389.114Installerchrmstp.exe [2021-04-02] (Google LLC -> Google LLC)
Startup: C:ProgramDataMicrosoftWindowsStart MenuProgramsStartupTailscale.lnk [2020-09-18]
ShortcutTarget: Tailscale.lnk -> C:Program Files (x86)Tailscale IPNtailscale-ipn.exe (Tailscale Inc. -> Tailscale Inc.)
Startup: C:UsersonextAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupBig Stretch Reminder Program.lnk [2020-11-13]
ShortcutTarget: Big Stretch Reminder Program.lnk -> C:UsersAAmanAppDataRoamingMicrosoftWindowsStart MenuProgramsMonkeymattBig Stretchbigstretch.exe (No File)
Startup: C:UsersonextAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupJackett.lnk [2020-06-01]
ShortcutTarget: Jackett.lnk -> C:ProgramDataJackettJackettTray.exe (JackettTray) [File not signed]
Startup: C:UsersonextAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupMEGAsync.lnk [2019-10-08]
ShortcutTarget: MEGAsync.lnk -> C:UsersAAmanAppDataLocalMEGAsyncMEGAsync.exe (No File)
Startup: C:UsersonextAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupRadarr.lnk [2020-12-11]
ShortcutTarget: Radarr.lnk -> C:ProgramDataRadarrbinRadarr.exe (radarr.video) [File not signed]
Startup: C:UsersonextAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupShareX.lnk [2019-07-23]
ShortcutTarget: ShareX.lnk -> C:Program FilesShareXShareX.exe (ShareX Team) [File not signed]
Startup: C:UsersonextAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupSonarr.lnk [2020-10-25]
ShortcutTarget: Sonarr.lnk -> C:ProgramDataSonarrbinSonarr.exe (sonarr.tv) [File not signed]
Startup: C:UsersonextAppDataRoamingMicrosoftWindowsStart MenuProgramsStartuptautuli.lnk [2018-12-25]
ShortcutTarget: tautuli.lnk -> C:Python27pythonw.exe () [File not signed]
Policies: C:ProgramDataNTUSER.pol: Restriction <==== ATTENTION
HKLMSOFTWAREPoliciesGoogle: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2ABFA613-10CF-4A29-AFE7-5ADFBFB0E159} – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [154920 2019-07-23] (Google Inc -> Google LLC)
Task: {3E3B77A9-EF45-48DB-A2B9-647D66AC031B} – System32TasksMicrosoft_MKC_Logon_Task_ceip.exe => C:Program FilesMicrosoft Mouse and Keyboard Centerceip.exe [32624 2020-10-22] (Microsoft Corporation -> Microsoft)
Task: {47C607F1-E7FA-4FA2-B183-0EC40D7DD7AB} – System32TasksMEGAMEGAsync Update Task S-1-5-21-3472972625-813258079-3912501916-1001 => C:UsersonextAppDataLocalMEGAsyncMEGAupdater.exe [1303800 2021-03-01] (Mega Limited -> Mega Limited)
Task: {48139646-C4D7-4CA0-8367-7AD8D1F7E892} – System32TasksOneDrive Standalone Update Task-S-1-5-21-3472972625-813258079-3912501916-1005 => C:UsersAAmanAppDataLocalMicrosoftOneDriveOneDriveStandaloneUpdater.exe
Task: {4C84F7D7-C3F2-462C-9328-9F245122878F} – System32TasksMicrosoft_Hardware_Launch_mousekeyboardcenter_exe => C:Program FilesMicrosoft Mouse and Keyboard Centermousekeyboardcenter.exe [2311536 2020-10-22] (Microsoft Corporation -> Microsoft)
Task: {4ED342C7-C8DF-424B-BAA9-E8CB27608345} – System32TasksMicrosoft_Hardware_Launch_itype_exe => C:Program FilesMicrosoft Mouse and Keyboard Centeritype.exe [1910128 2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {54276DC5-1439-45ED-9FF9-4537C0021F2B} – System32TasksApple Diagnostics => eReporter-AppX.exe
Task: {6B477B77-EE3D-4476-9416-508D38DE8403} – System32TasksHPCustParticipation HP Deskjet 2540 series => C:Program FilesHPHP Deskjet 2540 seriesBinHPCustPartic.exe [5745672 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {7B84C6A8-8B40-41A3-A1D8-D403A065A221} – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [154920 2019-07-23] (Google Inc -> Google LLC)
Task: {7CDDDA96-83F9-46FD-83BF-86F125F5FBE8} – System32Tasksnpcapwatchdog => C:Program FilesNpcapCheckStatus.bat [1145 2020-12-04] () [File not signed]
Task: {868F2318-2CC3-4867-B46D-506109208634} – System32TasksMicrosoft_MKC_Logon_Task_itype.exe => C:Program FilesMicrosoft Mouse and Keyboard Centeritype.exe [1910128 2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {A1138E0C-0CCE-4B6A-982A-D96F40C05E86} – System32TasksMozillaFirefox Default Browser Agent 308046B0AF4A39CB => C:Program FilesMozilla Firefoxdefault-browser-agent.exe [696816 2021-03-29] (Mozilla Corporation -> Mozilla Foundation)
Task: {A78B2653-A349-4A42-A8C7-2641A1C996FE} – System32TasksOneDrive Standalone Update Task-S-1-5-21-3472972625-813258079-3912501916-1004 => C:UsersAAmanAppDataLocalMicrosoftOneDriveOneDriveStandaloneUpdater.exe
Task: {AF8472D1-03EA-4297-82FC-7AD284437341} – System32TasksPowerToysAutorun for user => C:Program FilesPowerToysPowerToys.exe [1256840 2021-03-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {B38C3279-2CC2-4A20-B577-0C57554C9494} – System32TasksMicrosoft_MKC_Logon_Task_ipoint.exe => C:Program FilesMicrosoft Mouse and Keyboard Centeripoint.exe [2434424 2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {D0356855-950F-40DD-BB5F-86BE1E64A6D5} – System32TasksOneDrive Standalone Update Task-S-1-5-21-3472972625-813258079-3912501916-1001 => C:UsersAAmanAppDataLocalMicrosoftOneDriveOneDriveStandaloneUpdater.exe
Task: {FECFDE2E-B3B7-491E-8838-2BA1E93BDDDF} – System32TasksMicrosoft_Hardware_Launch_ipoint_exe => C:Program FilesMicrosoft Mouse and Keyboard Centeripoint.exe [2434424 2020-10-22] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:WINDOWSTasksCreateExplorerShellUnelevatedTask.job => C:WINDOWSexplorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip..Interfaces{053ce65f-8e1f-491f-8a60-19b7851361a5}: [NameServer] 1.1.1.1,8.8.4.4
Edge:
=======
StartMenuInternet: Microsoft Edge Beta – C:Program Files (x86)MicrosoftEdge BetaApplicationmsedge.exe
FireFox:
========
FF HKUS-1-5-21-3472972625-813258079-3912501916-1001…FirefoxExtensions: [acewebextension_unlisted@acestream.org] – C:UsersonextAppDataRoamingACEStreamextensionsawefirefoxacewebextension_unlisted.xpi
FF Extension: (Ace Script) – C:UsersonextAppDataRoamingACEStreamextensionsawefirefoxacewebextension_unlisted.xpi [2018-11-26]
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF ExtraCheck: C:Program Filesmozilla firefoxdefaultsprefeset_security_config_overlay.js [2021-04-07]
Chrome:
=======
CHR HKUS-1-5-21-3472972625-813258079-3912501916-1001SOFTWAREGoogleChromeExtensions…ChromeExtension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKUS-1-5-21-3472972625-813258079-3912501916-1001SOFTWAREGoogleChromeExtensions…ChromeExtension: [mjbepbhonbojpoaenhckjocchgfiaofo]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Bazarr; C:Bazarrnssm.exe [294912 2014-08-31] () [File not signed]
R2 ekrn; C:Program FilesESETESET Securityekrn.exe [2595360 2020-11-04] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:Program FilesESETESET Securityekrn.exe [2595360 2020-11-04] (ESET, spol. s r.o. -> ESET)
R2 Jackett; C:ProgramDataJackettJackettService.exe [418816 2021-04-07] (JackettService) [File not signed]
S3 MBAMService; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [7456464 2021-01-10] (Malwarebytes Inc -> Malwarebytes)
S3 MicrosoftEdgeBetaElevationService; C:Program Files (x86)MicrosoftEdge BetaApplication90.0.818.27elevation_service.exe [1565592 2021-04-02] (Microsoft Corporation -> Microsoft Corporation)
R2 NGINX; C:WINDOWSsystem32nssm.exe [368640 2017-04-26] (Iain Patterson) [File not signed]
S4 Ombi; C:nssm-2.24win64nssm.exe [331264 2020-05-31] () [File not signed]
R2 PHP; C:WINDOWSsystem32nssm.exe [368640 2017-04-26] (Iain Patterson) [File not signed]
R2 PlexUpdateService; C:Program Files (x86)PlexPlex Media ServerPlex Update Service.exe [1437808 2021-04-01] (Plex, Inc. -> Plex, Inc.)
S2 Radarr-GR; C:nssm-2.24win64nssm.exe [331264 2020-05-31] () [File not signed]
S3 Sense; C:Program FilesWindows Defender Advanced Threat ProtectionMsSense.exe [5352528 2021-03-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Tailscale IPN; C:Program Files (x86)Tailscale IPNtailscale-ipn.exe [14231296 2020-08-10] (Tailscale Inc. -> Tailscale Inc.)
S3 WdNisSvc; C:Program FilesWindows DefenderNisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:Program FilesWindows DefenderMsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Fing.Agent; C:Program FilesFingresourcesextraResourcesfingagent.exe –servicemode Fing.Agent –agentroot “C:UsersonextAppDataRoaming”
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 95336843; C:WINDOWSSystem32drivers39112344.sys [208216 2021-04-07] () [File not signed]
S0 amdkmafd; C:WINDOWSSystem32driversamdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AmUStor; C:WINDOWSsystem32driversAmUStorU.sys [136760 2019-05-07] (Alcorlink Corp. -> )
S3 AppleKmdfFilter; C:WINDOWSSystem32driversAppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:WINDOWSSystem32driversAppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 eamonm; C:WINDOWSSystem32DRIVERSeamonm.sys [160992 2020-10-27] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:WINDOWSSystem32DRIVERSedevmon.sys [109360 2020-10-27] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:WINDOWSSystem32DRIVERSeelam.sys [15824 2021-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:WINDOWSsystem32DRIVERSehdrv.sys [190464 2020-10-27] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:WINDOWSsystem32DRIVERSepfwwfp.sys [107784 2020-10-27] (ESET, spol. s r.o. -> ESET)
S3 ggsomc; C:WINDOWSSystem32driversggsomc.sys [32384 2018-03-14] (Sony Mobile Communications AB -> Sony Mobile Communications)
R3 LifeCamTrueColor; C:WINDOWSsystem32DRIVERSLifeCamTrueColor.sys [37928 2016-07-27] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMChameleon; C:WINDOWSSystem32DriversMbamChameleon.sys [220616 2021-03-31] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:WINDOWSSystem32DRIVERSMbamElam.sys [19912 2021-01-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:WINDOWSSystem32Driversmbamswissarmy.sys [248992 2021-02-18] (Malwarebytes Inc -> Malwarebytes)
R1 npcap; C:WINDOWSsystem32DRIVERSnpcap.sys [74616 2020-12-12] (Insecure.Com LLC -> Insecure.Com LLC.)
S4 npcap_wifi; C:WINDOWSsystem32DRIVERSnpcap.sys [74616 2020-12-12] (Insecure.Com LLC -> Insecure.Com LLC.)
S3 ssudmdm; C:WINDOWSsystem32DRIVERSssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:WINDOWSSystem32driversssudqcfilter.sys [64912 2017-05-18] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
R3 tap0901; C:WINDOWSSystem32driverstap0901.sys [27136 2018-02-01] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapnordvpn; C:WINDOWSSystem32driverstapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
U5 vsock; C:WindowsSystem32Driversvsock.sys [92040 2019-04-27] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:WINDOWSsystem32driversWdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:WINDOWSsystem32driversWdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:WINDOWSSystem32driversusb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:WINDOWSSystem32DriversWdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:WINDOWSSystem32driverswintun.sys [31096 2020-01-15] (WDKTestCert apenw,131978594335802643 -> WireGuard LLC)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-04-07 14:19 – 2021-04-07 14:20 – 000022941 _____ C:UsersonextDesktopFRST.txt
2021-04-07 14:10 – 2021-04-07 14:19 – 000000000 ____D C:FRST
2021-04-07 14:07 – 2021-04-07 14:07 – 002298368 _____ (Farbar) C:UsersonextDesktopFRST64.exe
2021-04-07 13:40 – 2021-04-07 13:40 – 000286624 _____ C:UsersonextDesktopminidump_new.zip
2021-04-07 13:39 – 2021-04-07 13:30 – 002012924 _____ C:UsersonextDesktop�40721-8468-01.dmp
2021-04-07 13:30 – 2021-04-07 13:30 – 002012924 _____ C:WINDOWSMinidump�40721-8468-01.dmp
2021-04-07 13:30 – 2021-04-07 13:30 – 000208216 _____ C:WINDOWSsystem32Drivers39112344.sys
2021-04-07 13:30 – 2021-04-07 13:30 – 000000522 _____ C:TDSSKiller.2.8.16.0_07.04.2021_13.30.02_log.txt
2021-04-07 13:29 – 2021-04-07 13:29 – 002237968 _____ (Kaspersky Lab ZAO) C:UsersonextDesktoptdsskiller.exe
2021-04-05 16:06 – 2021-04-05 16:06 – 000001181 _____ C:ProgramDataDesktopLibreOffice 7.1.lnk
2021-04-05 16:06 – 2021-04-05 16:06 – 000000000 ___SD C:ProgramDataMicrosoftWindowsStart MenuProgramsLibreOffice 7.1
2021-04-05 16:05 – 2021-04-05 16:05 – 000000000 ____D C:Program FilesLibreOffice
2021-04-05 14:15 – 2021-04-05 14:15 – 000000000 ____D C:UsersAAmanAppDataRoamingmpv
2021-04-05 14:13 – 2021-04-05 14:14 – 000000000 ____D C:Program Files (x86)MP3Gain
2021-04-05 14:13 – 2021-04-05 14:13 – 000000000 ____D C:UsersAAmanAppDataRoamingMicrosoftWindowsStart MenuProgramsMP3Gain
2021-04-05 00:03 – 2021-04-05 00:03 – 000255928 _____ (Malwarebytes) C:WINDOWSsystem32Drivers65234784.sys
2021-04-05 00:02 – 2021-04-05 11:59 – 000000000 ____D C:ProgramDataMalwarebytes’ Anti-Malware (portable)
2021-04-04 09:33 – 2021-04-04 09:33 – 000000000 ____D C:UsersonextAppDataRoamingSUPERAntiSpyware.com
2021-04-03 14:15 – 2021-04-03 14:16 – 000000000 ____D C:Usersonextperformance
2021-04-03 12:35 – 2021-04-03 12:35 – 000000000 ____D C:SymCache
2021-04-03 12:33 – 2021-04-03 12:41 – 000000000 ____D C:UsersonextAppDataLocalWindows Performance Analyzer
2021-04-03 12:33 – 2021-04-03 12:33 – 000000000 ____D C:UsersonextDocumentsWPA Files
2021-04-03 12:32 – 2021-04-03 12:32 – 000000000 ____D C:UsersAAmanDocumentsWPR Files
2021-04-03 12:27 – 2021-04-03 12:27 – 000000000 ____D C:ProgramDataWindowsPerformanceRecorder
2021-04-02 22:51 – 2021-04-02 22:57 – 637560832 _____ C:UsersonextDownloadskrd.iso
2021-04-02 21:14 – 2021-04-02 21:14 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsPlex Media Server
2021-04-02 21:13 – 2021-04-02 21:13 – 000000000 ____D C:Program Files (x86)Plex
2021-04-02 13:01 – 2021-04-02 13:01 – 000036200 _____ (Sysinternals – www.sysinternals.com) C:WINDOWSsystem32DriversPROCEXP152.SYS
2021-04-01 22:30 – 2021-04-07 13:30 – 000000000 ____D C:WINDOWSsystem32TasksPowerToys
2021-04-01 22:30 – 2021-04-01 22:30 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsPowerToys (Preview)
2021-04-01 22:30 – 2021-04-01 22:30 – 000000000 ____D C:Program FilesPowerToys
2021-03-31 19:05 – 2021-04-01 06:46 – 000000000 ____D C:ProgramDataHitmanPro
2021-03-31 18:54 – 2021-04-07 13:30 – 1237314764 _____ C:WINDOWSMEMORY.DMP
2021-03-31 18:54 – 2021-03-31 18:55 – 003041556 _____ C:WINDOWSMinidump�33121-12078-01.dmp
2021-03-31 18:46 – 2021-04-01 06:41 – 000003020 _____ C:UsersAAmanDesktopRkill.txt
2021-03-31 18:36 – 2021-03-31 18:36 – 000220616 _____ (Malwarebytes) C:WINDOWSsystem32DriversMbamChameleon.sys
2021-03-30 22:39 – 2021-03-30 22:39 – 000000000 ____D C:WINDOWSsystem32TasksMozilla
2021-03-29 13:16 – 2021-03-31 18:54 – 000000000 ____D C:Program FilesMozilla Firefox
2021-03-25 19:40 – 2021-03-25 19:40 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsqBittorrent
2021-03-25 19:40 – 2021-03-25 19:40 – 000000000 ____D C:Program FilesqBittorrent
2021-03-20 19:38 – 2021-03-20 19:38 – 002534855 _____ C:UsersonextDownloadsChina The Bubble that Never Pops by Thomas Orlik (z-lib.org).epub
2021-03-19 21:07 – 2021-03-19 21:07 – 000000000 ____D C:ProgramDataGlassWire
2021-03-17 00:33 – 2021-03-17 00:33 – 000000120 _____ C:UsersonextAppDataRoamingFixVTS.ini
2021-03-16 23:02 – 2007-08-31 19:36 – 000036864 _____ (Robdogg Inc.) C:WINDOWSSysWOW64trayicon_handler.ocx
2021-03-16 23:02 – 2003-01-26 14:41 – 000040960 _____ (vbAccelerator) C:WINDOWSSysWOW64ssubtmr6.dll
2021-03-16 23:01 – 2021-03-16 23:01 – 012951423 _____ (Dennis Meuwissen ) C:UsersonextDownloadsdvdflick_setup_1.3.0.7.exe
2021-03-16 22:38 – 2021-03-16 22:38 – 000000000 ____D C:Usersonext.fontconfig
2021-03-16 22:37 – 2021-03-16 22:38 – 000000000 ____D C:UsersonextAppDataLocalMovavi
2021-03-16 22:37 – 2021-03-16 22:37 – 000012653 _____ C:ProgramDatamerjmevq.cmt
2021-03-16 22:37 – 2021-03-16 22:37 – 000000016 _____ C:ProgramDatamntemp
2021-03-16 22:37 – 2021-03-16 22:37 – 000000000 ____D C:UsersonextAppDataLocalCrashRpt
2021-03-16 22:37 – 2021-03-16 22:37 – 000000000 ____D C:UsersonextAppDataLocalConverterAgent
2021-03-16 22:37 – 2021-03-16 22:37 – 000000000 ____D C:UsersonextAppDataLocalconverter
2021-03-16 22:37 – 2021-03-16 22:37 – 000000000 ____D C:ProgramDatamovavi
2021-03-16 22:33 – 2021-03-16 22:33 – 000000000 ____D C:UsersonextAppDataRoamingAshampoo
2021-03-16 22:33 – 2021-03-16 22:33 – 000000000 ____D C:UsersonextAppDataLocalAshampoo
2021-03-16 22:32 – 2021-03-17 00:34 – 000000000 ____D C:ProgramDataAshampoo
2021-03-16 22:32 – 2021-03-16 22:32 – 000000000 ____D C:UsersAAmanAppDataLocalashampoo
2021-03-16 21:10 – 2021-03-16 23:17 – 000099384 _____ C:UsersAAmanAppDataRoaminginst.exe
2021-03-16 21:10 – 2021-03-16 23:17 – 000082816 _____ (VSO Software) C:UsersAAmanAppDataRoamingpcouffin.sys
2021-03-16 21:10 – 2021-03-16 23:17 – 000007859 _____ C:UsersAAmanAppDataRoamingpcouffin.cat
2021-03-16 21:10 – 2021-03-16 21:24 – 000000000 ____D C:UsersonextDocumentsConvertXtoDVD_Resources
2021-03-16 21:10 – 2021-03-16 21:10 – 000000000 ____D C:UsersonextAppDataRoamingVSO
2021-03-16 21:10 – 2021-03-16 21:10 – 000000000 ____D C:UsersAAmanDocumentsPcSetup
2021-03-16 21:09 – 2021-03-16 23:17 – 000000000 ____D C:UsersAAmanAppDataRoamingVSO
2021-03-16 21:09 – 2021-03-16 23:17 – 000000000 ____D C:ProgramDataVSO
2021-03-16 21:02 – 2021-03-16 21:02 – 000000000 ____D C:UsersonextAppDataRoamingWondershare
2021-03-16 21:02 – 2021-03-16 21:02 – 000000000 ____D C:UsersonextAppDataRoamingTransferSupport
2021-03-16 21:02 – 2021-03-16 21:02 – 000000000 ____D C:UsersonextAppDataLocalWondershare
2021-03-16 21:02 – 2021-03-16 21:02 – 000000000 ____D C:UsersAAmanAppDataLocalCrashDumps
2021-03-16 20:50 – 2021-03-16 20:50 – 000000000 ____D C:Program Files (x86)WondershareUpdate
2021-03-16 20:49 – 2021-03-16 20:49 – 000000000 ____D C:UsersAAmanAppDataRoamingWondershare
2021-03-16 20:49 – 2021-03-16 20:49 – 000000000 ____D C:UsersAAmanAppDataRoamingNVIDIA
2021-03-16 20:49 – 2021-03-16 20:49 – 000000000 ____D C:UsersAAmanAppDataLocalWondershare
2021-03-16 20:49 – 2021-03-16 20:49 – 000000000 ____D C:ProgramDataGraphicsType
2021-03-16 20:48 – 2021-03-16 21:08 – 000000000 ____D C:Program FilesWondershare
2021-03-16 20:00 – 2021-03-16 20:00 – 004246756 _____ C:WINDOWSMinidump�31621-15531-01.dmp
2021-03-14 16:38 – 2021-03-14 17:53 – 000000000 ____D C:UsersonextAppDataRoamingWireshark
2021-03-14 16:38 – 2021-03-14 16:38 – 000003166 _____ C:WINDOWSsystem32Tasksnpcapwatchdog
2021-03-14 16:38 – 2021-03-14 16:38 – 000001827 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsWireshark.lnk
2021-03-14 16:38 – 2021-03-14 16:38 – 000000000 ____D C:WINDOWSSysWOW64Npcap
2021-03-14 16:38 – 2021-03-14 16:38 – 000000000 ____D C:WINDOWSsystem32Npcap
2021-03-14 16:37 – 2021-03-14 16:38 – 000000000 ____D C:Program FilesNpcap
2021-03-14 16:36 – 2021-03-14 16:38 – 000000000 ____D C:Program FilesWireshark
2021-03-12 18:48 – 2021-03-12 18:48 – 000874572 _____ C:UsersonextDownloadsCritique of Pure Reason by Immanuel Kant Paul Guyer, Allen W. Wood (z-lib.org).epub
2021-03-12 18:43 – 2021-03-12 18:43 – 040178886 _____ C:UsersonextDownloadsCritique of Pure Reason by Immanuel Kant, Paul Guyer (Editor, Translator), Allen W. Wood (Editor, Translator) (z-lib.org).pdf
2021-03-12 15:18 – 2021-03-12 15:18 – 000000000 ____D C:ProgramDataSony Mobile
2021-03-12 15:18 – 2021-03-12 15:18 – 000000000 ____D C:Program FilesDIFX
2021-03-12 15:01 – 2021-03-12 15:01 – 000000000 ____D C:UsersonextDocumentsSony
2021-03-12 15:01 – 2021-03-12 15:01 – 000000000 ____D C:UsersonextAppDataRoamingApple Computer
2021-03-12 15:01 – 2021-03-12 15:01 – 000000000 ____D C:UsersAAmanDocumentsSony
2021-03-09 23:51 – 2021-03-09 23:51 – 002755584 _____ (Microsoft Corporation) C:WINDOWSSysWOW64mshtml.tlb
2021-03-09 23:51 – 2021-03-09 23:51 – 002755584 _____ (Microsoft Corporation) C:WINDOWSsystem32mshtml.tlb
2021-03-09 23:51 – 2021-03-09 23:51 – 001822272 _____ (Microsoft Corporation) C:WINDOWSsystem32winload.efi
2021-03-09 23:51 – 2021-03-09 23:51 – 001394024 _____ (Microsoft Corporation) C:WINDOWSsystem32winresume.efi
2021-03-09 23:51 – 2021-03-09 23:51 – 001314128 _____ (Microsoft Corporation) C:WINDOWSsystem32SecConfig.efi
2021-03-09 23:51 – 2021-03-09 23:51 – 001163776 _____ C:WINDOWSsystem32MBR2GPT.EXE
2021-03-09 23:51 – 2021-03-09 23:51 – 000611952 _____ C:WINDOWSSysWOW64TextShaping.dll
2021-03-09 23:51 – 2021-03-09 23:51 – 000480256 _____ C:WINDOWSsystem32AssignedAccessCsp.dll
2021-03-09 23:51 – 2021-03-09 23:51 – 000011359 _____ C:WINDOWSsystem32DrtmAuthTxt.wim
2021-03-09 23:50 – 2021-03-09 23:50 – 000707016 _____ C:WINDOWSsystem32TextShaping.dll
2021-03-09 23:50 – 2021-03-09 23:50 – 000231248 _____ C:WINDOWSsystem32containerdevicemanagement.dll
2021-03-09 23:50 – 2021-03-09 23:50 – 000091136 _____ C:WINDOWSsystem32Driverscimfs.sys
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-04-07 14:21 – 2020-09-13 11:36 – 000000000 ____D C:ProgramDataSonarr
2021-04-07 14:20 – 2019-08-07 20:57 – 000000000 ____D C:ProgramDataRadarr
2021-04-07 14:17 – 2019-07-23 14:49 – 000000000 ____D C:UsersonextAppDataRoamingqBittorrent
2021-04-07 14:15 – 2019-12-07 12:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft
2021-04-07 14:11 – 2019-07-30 18:55 – 000000000 ____D C:UsersonextAppDataRoaminguTorrent
2021-04-07 14:08 – 2019-03-05 10:45 – 000000000 ____D C:Tautulli
2021-04-07 13:52 – 2019-07-23 14:25 – 000000000 ____D C:UsersonextAppDataRoamingKeePass
2021-04-07 13:40 – 2021-01-31 14:06 – 000000000 ____D C:UsersAAman
2021-04-07 13:37 – 2020-08-11 11:16 – 000551756 _____ C:WINDOWSsystem32perfh008.dat
2021-04-07 13:37 – 2020-08-11 11:16 – 000088752 _____ C:WINDOWSsystem32perfc008.dat
2021-04-07 13:37 – 2020-08-11 11:14 – 000487072 _____ C:WINDOWSsystem32perfh011.dat
2021-04-07 13:37 – 2020-08-11 11:14 – 000132800 _____ C:WINDOWSsystem32perfc011.dat
2021-04-07 13:37 – 2020-08-11 03:52 – 002079026 _____ C:WINDOWSsystem32PerfStringBackup.INI
2021-04-07 13:37 – 2019-12-07 12:13 – 000000000 ____D C:WINDOWSINF
2021-04-07 13:37 – 2017-06-11 02:00 – 000000000 ____D C:UsersonextDesktop245
2021-04-07 13:31 – 2020-10-20 09:22 – 000000000 ____D C:WINDOWSMinidump
2021-04-07 13:31 – 2020-09-18 15:53 – 000000000 ____D C:UsersonextAppDataLocalTailscale
2021-04-07 13:31 – 2020-07-03 14:02 – 000000000 ____D C:UsersonextAppDataLocalVideostream
2021-04-07 13:31 – 2019-07-23 14:54 – 000000000 ____D C:UsersonextAppDataLocalPlex Media Server
2021-04-07 13:30 – 2020-08-11 03:53 – 000000006 ____H C:WINDOWSTasksSA.DAT
2021-04-07 13:30 – 2020-08-11 03:43 – 000000000 ____D C:Usersonext
2021-04-07 13:30 – 2020-08-11 03:40 – 000527592 _____ C:WINDOWSsystem32FNTCACHE.DAT
2021-04-07 13:30 – 2020-08-11 03:40 – 000008192 ___SH C:DumpStack.log.tmp
2021-04-07 13:30 – 2020-08-11 03:40 – 000000000 ____D C:WINDOWSsystem32SleepStudy
2021-04-07 13:30 – 2019-07-23 13:54 – 000000000 ____D C:ProgramDataNVIDIA
2021-04-07 11:59 – 2017-03-23 22:57 – 000000000 ____D C:UsersonextDocumentsShareX
2021-04-07 11:19 – 2020-12-09 18:42 – 000002159 _____ C:UsersonextDesktopDeepL.lnk
2021-04-07 11:19 – 2020-12-09 18:42 – 000000000 ____D C:UsersonextAppDataRoamingMicrosoftWindowsStart MenuProgramsDeepL GmbH
2021-04-07 11:19 – 2020-12-09 18:42 – 000000000 ____D C:UsersonextAppDataLocalDeepL_GmbH
2021-04-07 11:19 – 2020-12-09 18:42 – 000000000 ____D C:UsersonextAppDataLocalDeepL
2021-04-07 04:21 – 2020-05-31 10:02 – 000000000 ____D C:ProgramDataJackett
2021-04-07 00:53 – 2019-12-07 12:14 – 000000000 ____D C:WINDOWSAppReadiness
2021-04-06 17:38 – 2019-07-25 20:56 – 000000000 ____D C:UsersonextAppDataRoamingAnki2
2021-04-05 16:04 – 2021-02-18 23:32 – 000007610 _____ C:UsersAAmanAppDataLocalResmon.ResmonCfg
2021-04-05 15:56 – 2020-09-29 17:35 – 000000000 ____D C:UsersonextAppDataRoamingTaiga
2021-04-05 13:21 – 2019-09-05 21:06 – 000000000 ___RD C:UsersonextDocumentsScanned Documents
2021-04-05 00:03 – 2020-05-22 15:42 – 000000000 ____D C:ProgramDataMalwarebytes
2021-04-04 14:21 – 2019-12-07 12:03 – 000000000 ____D C:WINDOWSCbsTemp
2021-04-04 14:19 – 2019-12-07 12:14 – 000000000 ____D C:WINDOWSSystemResources
2021-04-04 14:19 – 2019-12-07 12:14 – 000000000 ____D C:WINDOWSPolicyDefinitions
2021-04-04 04:34 – 2019-12-07 12:14 – 000000000 ___HD C:Program FilesWindowsApps
2021-04-04 00:18 – 2021-01-30 01:11 – 000000000 ____D C:UsersonextAppDataLocalLowIGDump
2021-04-03 15:58 – 2019-07-23 14:54 – 000000000 ____D C:ProgramDataPackage Cache
2021-04-03 11:18 – 2020-09-02 07:10 – 000002438 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk
2021-04-03 11:18 – 2020-09-02 07:10 – 000002276 _____ C:ProgramDataDesktopMicrosoft Edge.lnk
2021-04-03 01:18 – 2019-08-22 17:57 – 000002357 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge Beta.lnk
2021-04-03 01:18 – 2019-08-22 17:57 – 000002316 _____ C:ProgramDataDesktopMicrosoft Edge Beta.lnk
2021-04-02 23:07 – 2019-12-07 12:03 – 001048576 _____ C:WINDOWSsystem32configBBI
2021-04-02 23:06 – 2020-05-21 16:20 – 000000000 ____D C:UsersonextAppDataLocalCrashDumps
2021-04-02 17:18 – 2019-09-22 12:48 – 000000000 ____D C:UsersonextAppDataLocalAirflow
2021-04-02 03:02 – 2017-04-20 18:57 – 000002301 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk
2021-04-02 03:02 – 2017-04-20 18:57 – 000002260 _____ C:ProgramDataDesktopGoogle Chrome.lnk
2021-03-31 18:54 – 2019-07-30 23:03 – 000000000 ____D C:Program Files (x86)Mozilla Maintenance Service
2021-03-31 18:25 – 2020-08-01 09:54 – 000000000 ____D C:UsersonextDesktopTools
2021-03-31 18:25 – 2018-08-09 18:26 – 000000877 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsNotepad++.lnk
2021-03-30 22:46 – 2019-07-30 23:03 – 000000000 ____D C:ProgramDataMozilla
2021-03-30 22:46 – 2017-11-15 10:36 – 000000000 ____D C:UsersonextAppDataLocalLowMozilla
2021-03-30 22:39 – 2019-07-03 18:10 – 000001005 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsFirefox.lnk
2021-03-26 12:57 – 2019-07-29 12:51 – 000000128 _____ C:UsersonextAppDataLocalPUTTY.RND
2021-03-24 10:05 – 2019-01-25 17:22 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsBackup and Sync from Google
2021-03-23 19:27 – 2019-08-09 14:23 – 000000000 ____D C:UsersonextAppDataRoamingvlc
2021-03-23 19:26 – 2019-09-03 20:29 – 000000000 ____D C:UsersonextAppDataLocalPlex
2021-03-22 21:23 – 2019-09-04 18:02 – 000000000 ____D C:UsersonextAppDataLocalSpotify
2021-03-22 21:22 – 2019-09-04 18:01 – 000000000 ____D C:UsersonextAppDataRoamingSpotify
2021-03-18 21:18 – 2020-01-15 16:59 – 000000000 ____D C:UsersonextDesktopΚΑΠΕΛΑΣ
2021-03-16 21:22 – 2020-07-03 17:56 – 000000000 ____D C:UsersonextAppDataRoamingdvdcss
2021-03-16 20:49 – 2018-06-28 18:26 – 000000000 ____D C:ProgramDataDocumentsWondershare
2021-03-15 12:44 – 2019-05-31 03:34 – 000015824 _____ (ESET) C:WINDOWSsystem32Driverseelam.sys
2021-03-15 05:16 – 2020-08-11 03:53 – 000003352 _____ C:WINDOWSsystem32TasksOneDrive Standalone Update Task-S-1-5-21-3472972625-813258079-3912501916-1001
2021-03-15 05:16 – 2020-08-11 03:43 – 000002363 _____ C:UsersonextAppDataRoamingMicrosoftWindowsStart MenuProgramsOneDrive.lnk
2021-03-15 05:16 – 2017-03-22 00:00 – 000000000 ___RD C:UsersonextOneDrive
2021-03-10 01:52 – 2019-12-07 12:54 – 000000000 ___SD C:WINDOWSsystem32AppV
2021-03-10 01:52 – 2019-12-07 12:54 – 000000000 ____D C:Program FilesWindows Defender Advanced Threat Protection
2021-03-10 01:52 – 2019-12-07 12:14 – 000000000 ___RD C:WINDOWSImmersiveControlPanel
2021-03-10 01:52 – 2019-12-07 12:14 – 000000000 ____D C:WINDOWSSysWOW64setup
2021-03-10 01:52 – 2019-12-07 12:14 – 000000000 ____D C:WINDOWSSysWOW64oobe
2021-03-10 01:52 – 2019-12-07 12:14 – 000000000 ____D C:WINDOWSSysWOW64Dism
2021-03-10 01:52 – 2019-12-07 12:14 – 000000000 ____D C:WINDOWSsystem32WinBioPlugIns
2021-03-10 01:52 – 2019-12-07 12:14 – 000000000 ____D C:WINDOWSsystem32SystemResetPlatform
2021-03-10 01:52 – 2019-12-07 12:14 – 000000000 ____D C:WINDOWSsystem32setup
2021-03-10 01:52 – 2019-12-07 12:14 – 000000000 ____D C:WINDOWSsystem32oobe
2021-03-10 01:52 – 2019-12-07 12:14 – 000000000 ____D C:WINDOWSsystem32Dism
2021-03-10 01:52 – 2019-12-07 12:14 – 000000000 ____D C:WINDOWSProvisioning
2021-03-10 01:52 – 2019-12-07 12:14 – 000000000 ____D C:WINDOWSbcastdvr
2021-03-09 23:39 – 2019-07-23 19:58 – 000000000 ____D C:WINDOWSsystem32MRT
2021-03-09 23:34 – 2020-10-09 21:10 – 000000000 ____D C:Program Filesdotnet
2021-03-09 23:34 – 2019-07-23 19:58 – 131005360 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe
2021-03-09 23:32 – 2019-12-07 12:14 – 000000000 ____D C:WINDOWSRegistration
2021-03-09 20:53 – 2019-07-23 14:10 – 000000000 ____D C:UsersonextAppDataLocalPlaceholderTileLogoFolder
2021-03-09 20:53 – 2019-07-23 14:06 – 000000000 ____D C:UsersonextAppDataLocalPackages
2021-03-09 20:53 – 2019-07-23 14:06 – 000000000 ____D C:ProgramDataPackages
2021-03-09 00:22 – 2017-10-31 14:25 – 000000000 ____D C:UsersonextAppDataRoamingMicrosoftWindowsStart MenuProgramsPopcorn-Time
==================== Files in the root of some directories ========
2021-03-16 21:10 – 2021-03-16 23:17 – 000099384 _____ () C:UsersAAmanAppDataRoaminginst.exe
2021-03-16 21:10 – 2021-03-16 23:17 – 000007859 _____ () C:UsersAAmanAppDataRoamingpcouffin.cat
2021-03-16 21:10 – 2021-03-16 23:17 – 000001167 _____ () C:UsersAAmanAppDataRoamingpcouffin.inf
2021-03-16 21:10 – 2021-03-16 23:17 – 000000055 _____ () C:UsersAAmanAppDataRoamingpcouffin.log
2021-03-16 21:10 – 2021-03-16 23:17 – 000082816 _____ (VSO Software) C:UsersAAmanAppDataRoamingpcouffin.sys
2021-02-18 23:32 – 2021-04-05 16:04 – 000007610 _____ () C:UsersAAmanAppDataLocalResmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-04-2021
Ran by AAman (07-04-2021 14:21:20)
Running from C:UsersonextDesktop
Windows 10 Enterprise Version 20H2 19042.867 (X64) (2020-08-11 00:53:25)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
AAman (S-1-5-21-3472972625-813258079-3912501916-1015 – Administrator – Enabled) => C:UsersAAman
Administrator (S-1-5-21-3472972625-813258079-3912501916-500 – Administrator – Disabled)
DefaultAccount (S-1-5-21-3472972625-813258079-3912501916-503 – Limited – Disabled)
dhmhtra (S-1-5-21-3472972625-813258079-3912501916-1005 – Limited – Enabled) => C:Usersdhmhtra
Guest (S-1-5-21-3472972625-813258079-3912501916-501 – Limited – Disabled)
guest1996 (S-1-5-21-3472972625-813258079-3912501916-1004 – Limited – Enabled) => C:Usersguest1996
user (S-1-5-21-3472972625-813258079-3912501916-1001 – Limited – Enabled) => C:Usersonext
WDAGUtilityAccount (S-1-5-21-3472972625-813258079-3912501916-504 – Limited – Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled – Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled – Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled – Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
==================== Installed Programs ======================
(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32…uTorrent) (Version: 2.2.1 – )
7-Zip 19.00 (x64) (HKLM…7-Zip) (Version: 19.00 – Igor Pavlov)
Airflow (64-bit) (HKLM…Airflow (64-bit)) (Version: 3.2.0 – BitCave)
Anki (HKLM-x32…Anki) (Version: 2.1.35 – )
Authy Desktop (HKUS-1-5-21-3472972625-813258079-3912501916-1001…authy-electron) (Version: 1.8.3 – Twilio Inc.)
Backup and Sync from Google (HKLM…{3CBE1074-3A4F-4BA6-95E3-7A660B54FE33}) (Version: 3.55.3625.9414 – Google, Inc.)
Bazarr (HKLM-x32…{EEC3B85A-0666-4A5A-BD10-9BD1C237FEF0}_is1) (Version: – Bazarr)
Big Stretch Reminder (HKLM-x32…BigStretch_is1) (Version: 2.1 – MonkeyMatt)
DeepL (HKUS-1-5-21-3472972625-813258079-3912501916-1001…DeepL) (Version: 2.3.1 – DeepL GmbH)
ESET Security (HKLM…{91C0EC98-6614-4E9B-ABD7-6BAC18CD8067}) (Version: 14.0.22.0 – ESET, spol. s r.o.)
Google Chrome (HKLM-x32…Google Chrome) (Version: 89.0.4389.114 – Google LLC)
HexChat (HKLM…HexChat_is1) (Version: 2.14.3 – HexChat)
HP Deskjet 2540 series Basic Device Software (HKLM…{6A79CD11-0C1C-4E24-A8C6-46A02F680346}) (Version: 32.2.188.47710 – Hewlett-Packard Co.)
HP Deskjet 2540 series Help (HKLM-x32…{4539575D-C09D-4E71-B207-0F2D6BD74DA2}) (Version: 30.0.0 – Hewlett Packard)
HP Photo Creations (HKLM-x32…HP Photo Creations) (Version: 1.0.0.7702 – HP)
HP Update (HKLM-x32…{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 – Hewlett-Packard)
iCloud Outlook (HKLM…{BC06C9EA-78BE-4B52-BA89-E6FAAFBF3CB0}) (Version: 12.2.0.10 – Apple Inc.)
Jackett (HKLM-x32…{C2A9FC00-AA48-4F17-9A72-62FBCEE2785B}_is1) (Version: 0.16.585.0 – Jackett)
JDownloader 2 (HKLM-x32…jdownloader2) (Version: 2.0 – AppWork GmbH)
KeePass Password Safe 2.47 (HKLM-x32…KeePassPasswordSafe2_is1) (Version: 2.47 – Dominik Reichl)
LibreOffice 7.1.2.2 (HKLM…{07426A34-E0CD-4EC4-843B-F7A47C7BC835}) (Version: 7.1.2.2 – The Document Foundation)
Link Shell Extension (HKLM…HardlinkShellExt) (Version: 3.9.2.5 – Hermann Schinagl)
Malwarebytes version 4.3.0.98 (HKLM…{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 – Malwarebytes)
MediaHuman YouTube to MP3 Converter 3.9.9.52 (HKLM-x32…MediaHuman YouTube to MP3 Converter_is1) (Version: 3.9.9.52 – MediaHuman)
MEGAsync (HKLM-x32…MEGAsync) (Version: – Mega Limited)
Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 89.0.774.68 – Microsoft Corporation)
Microsoft Edge Beta (HKLM-x32…Microsoft Edge Beta) (Version: 90.0.818.27 – Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM…Microsoft Mouse and Keyboard Center) (Version: 13.222.137.0 – Microsoft Corporation)
Microsoft OneDrive (HKUS-1-5-21-3472972625-813258079-3912501916-1001…OneDriveSetup.exe) (Version: 21.030.0211.0002 – Microsoft Corporation)
Microsoft OneDrive (HKUS-1-5-21-3472972625-813258079-3912501916-1004…OneDriveSetup.exe) (Version: 19.152.0927.0012 – Microsoft Corporation)
Microsoft OneDrive (HKUS-1-5-21-3472972625-813258079-3912501916-1005…OneDriveSetup.exe) (Version: 20.169.0823.0008 – Microsoft Corporation)
Microsoft Update Health Tools (HKLM…{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 – Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable – 10.0.30319 (HKLM…{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 – Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable – 10.0.30319 (HKLM-x32…{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 – Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.28.29910 (HKLM-x32…{53f1dc9d-ed94-4650-a079-129785ce7905}) (Version: 14.28.29910.0 – Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.24.28127 (HKLM-x32…{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 – Microsoft Corporation)
Microsoft Windows Desktop Runtime – 3.1.13 (x64) (HKLM-x32…{df32638d-0722-47cb-b084-3dd851b1146e}) (Version: 3.1.13.29816 – Microsoft Corporation)
MKVToolNix 48.0.0 (64-bit) (HKLM-x32…MKVToolNix) (Version: 48.0.0 – Moritz Bunkus)
Mozilla Firefox 87.0 (x64 en-US) (HKLM…Mozilla Firefox 87.0 (x64 en-US)) (Version: 87.0 – Mozilla)
Mozilla Maintenance Service (HKLM…MozillaMaintenanceService) (Version: 68.0.1 – Mozilla)
Notepad++ (64-bit x64) (HKLM…Notepad++) (Version: 7.9.5 – Notepad++ Team)
Npcap (HKLM-x32…NpcapInst) (Version: 1.10 – Nmap Project)
NVIDIA Graphics Driver 456.71 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 – NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.35 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 – NVIDIA Corporation)
Plex (HKLM-x32…Plex) (Version: 1.28.0 – Plex, Inc.)
Plex Media Server (HKLM-x32…{7ea28a32-d463-4bee-88af-6e203874dba6}) (Version: 1.22.1.4275 – Plex, Inc.)
Plex Media Server (HKLM-x32…{D21C3F10-8563-428C-9F84-D7D12435D46D}) (Version: 1.22.1275 – Plex, Inc.) Hidden
PowerToys (Preview) (HKLM…{28C1DE41-8926-479A-901C-A5C9E2CE469B}) (Version: 0.35.0 – Microsoft Corporation)
Product Improvement Study for HP Deskjet 2540 series (HKLM…{DF34643B-A745-430C-B27B-A48F853C81E4}) (Version: 32.2.188.47710 – Hewlett-Packard Co.)
PuTTY release 0.74 (64-bit) (HKLM…{127B996B-5308-4012-865B-9446451EA326}) (Version: 0.74.0.0 – Simon Tatham)
Python 2.7.17 (64-bit) (HKLM…{9255D53C-6C21-4664-AAF3-6EAC50F867Da}) (Version: 2.7.17150 – Python Software Foundation)
qBittorrent 4.3.4.1 (HKLM-x32…qBittorrent) (Version: 4.3.4.1 – The qBittorrent project)
Recorder Devices for ShareX 0.12.10 (HKLM…Recorder Devices for ShareX_is1) (Version: 0.12.10 – )
ShareX (HKLM…82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 13.4.0 – ShareX Team)
Skype version 8.69 (HKLM-x32…Skype_is1) (Version: 8.69 – Skype Technologies S.A.)
Sonarr version 3.0 (HKLM-x32…{56C1065D-3523-4025-B76D-6F73F67F7F71}_is1) (Version: 3.0 – Team Sonarr)
Spotify (HKUS-1-5-21-3472972625-813258079-3912501916-1001…Spotify) (Version: 1.1.52.687.gf5565fe5 – Spotify AB)
Stopping Plex (HKLM-x32…{92C52277-DD8B-431D-AAF4-5967A23CB7B2}) (Version: 1.22.1275 – Plex, Inc.) Hidden
Subtitle Edit 3.5.9 (HKLM…SubtitleEdit_is1) (Version: 3.5.9.0 – Nikse)
Subtitle Speech Synchronizer (HKLM…{B4689409-FE7C-46F2-B8A7-9F4A26906056}) (Version: 0.16.0 – sc0ty)
Tailscale (HKLM-x32…Tailscale IPN) (Version: 1.0.4 – Tailscale Inc.)
UPSmart version 1.3 (HKLM-x32…UPSmart_is1) (Version: 1.3 – Guangdong IDBK software technology Inc)
VdhCoApp 1.6.0 (HKLM…weh-iss-net.downloadhelper.coapp_is1) (Version: – DownloadHelper)
Videostream (HKUS-1-5-21-3472972625-813258079-3912501916-1001…Videostream) (Version: 0.4.0 – Videostream)
VLC media player (HKLM…VLC media player) (Version: 3.0.12 – VideoLAN)
WinDirStat 1.1.2 (HKUS-1-5-21-3472972625-813258079-3912501916-1001…WinDirStat) (Version: – )
WinSCP 5.17.10 (HKLM-x32…winscp3_is1) (Version: 5.17.10 – Martin Prikryl)
Wireshark 3.4.4 64-bit (HKLM-x32…Wireshark) (Version: 3.4.4 – The Wireshark developer community, hxxps://www.wireshark.org)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKUS-1-5-21-3472972625-813258079-3912501916-1001_ClassesCLSID{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}InprocServer32 -> C:UsersonextAppDataLocalGoogleUpdate1.3.35.442psuser_64.dll => No File
CustomCLSID: HKUS-1-5-21-3472972625-813258079-3912501916-1001_ClassesCLSID{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}InprocServer32 -> C:UsersonextAppDataLocalGoogleUpdate1.3.35.422psuser_64.dll => No File
CustomCLSID: HKUS-1-5-21-3472972625-813258079-3912501916-1001_ClassesCLSID{84EB3779-151B-4C71-AEF0-A0FEE9481401}InprocServer32 -> C:UsersonextAppDataLocalGoogleUpdate1.3.35.342psuser_64.dll => No File
CustomCLSID: HKUS-1-5-21-3472972625-813258079-3912501916-1001_ClassesCLSID{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}InprocServer32 -> C:UsersonextAppDataLocalGoogleUpdate1.3.34.11psuser_64.dll => No File
CustomCLSID: HKUS-1-5-21-3472972625-813258079-3912501916-1001_ClassesCLSID{EF076C91-DC9E-43E3-84ED-3D219E065A4F}InprocServer32 -> C:UsersonextAppDataLocalGoogleUpdate1.3.35.302psuser_64.dll => No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:UsersonextAppDataLocalMEGAsyncShellExtX64.dll [2021-03-01] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:UsersonextAppDataLocalMEGAsyncShellExtX64.dll [2021-03-01] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:UsersonextAppDataLocalMEGAsyncShellExtX64.dll [2021-03-01] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:Program FilesGoogleDrivegoogledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:Program FilesGoogleDrivegoogledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:Program FilesGoogleDrivegoogledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:Program FilesLinkShellExtensionHardlinkShellExt.dll [2019-07-26] (Hermann Schinagl -> Hermann Schinagl) [File not signed]
ShellIconOverlayIdentifiers: [IconOverlayJunction] -> {0A479751-02BC-11d3-A855-0004AC2568FF} => C:Program FilesLinkShellExtensionHardlinkShellExt.dll [2019-07-26] (Hermann Schinagl -> Hermann Schinagl) [File not signed]
ShellIconOverlayIdentifiers: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:Program FilesLinkShellExtensionHardlinkShellExt.dll [2019-07-26] (Hermann Schinagl -> Hermann Schinagl) [File not signed]
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:UsersonextAppDataLocalMEGAsyncShellExtX64.dll [2021-03-01] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:UsersonextAppDataLocalMEGAsyncShellExtX64.dll [2021-03-01] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:UsersonextAppDataLocalMEGAsyncShellExtX64.dll [2021-03-01] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:Program FilesLinkShellExtensionHardlinkShellExt.dll [2019-07-26] (Hermann Schinagl -> Hermann Schinagl) [File not signed]
ShellIconOverlayIdentifiers-x32: [IconOverlayJunction] -> {0A479751-02BC-11d3-A855-0004AC2568FF} => C:Program FilesLinkShellExtensionHardlinkShellExt.dll [2019-07-26] (Hermann Schinagl -> Hermann Schinagl) [File not signed]
ShellIconOverlayIdentifiers-x32: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:Program FilesLinkShellExtensionHardlinkShellExt.dll [2019-07-26] (Hermann Schinagl -> Hermann Schinagl) [File not signed]
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:Program FilesNotepad++NppShell_06.dll [2021-03-22] (Notepad++ -> )
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:Program FilesESETESET SecurityshellExt.dll [2020-11-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:Program FilesGoogleDrivecontextmenu64.dll [2021-03-12] (Google LLC -> Google)
ContextMenuHandlers1: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:Program FilesLinkShellExtensionHardlinkShellExt.dll [2019-07-26] (Hermann Schinagl -> Hermann Schinagl) [File not signed]
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:UsersonextAppDataLocalMEGAsyncShellExtX64.dll [2021-03-01] (Mega Limited -> )
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:Program FilesESETESET SecurityshellExt.dll [2020-11-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:UsersonextAppDataLocalMEGAsyncShellExtX64.dll [2021-03-01] (Mega Limited -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2020-05-22] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:UsersonextAppDataLocalMEGAsyncShellExtX64.dll [2021-03-01] (Mega Limited -> )
ContextMenuHandlers3: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:Program FilesPowerToysmodulesPowerRenamePowerRenameExt.dll [2021-03-31] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:Program FilesGoogleDrivecontextmenu64.dll [2021-03-12] (Google LLC -> Google)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:UsersonextAppDataLocalMEGAsyncShellExtX64.dll [2021-03-01] (Mega Limited -> )
ContextMenuHandlers5: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:Program FilesLinkShellExtensionHardlinkShellExt.dll [2019-07-26] (Hermann Schinagl -> Hermann Schinagl) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:WINDOWSsystem32nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:Program FilesESETESET SecurityshellExt.dll [2020-11-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:Program FilesLinkShellExtensionHardlinkShellExt.dll [2019-07-26] (Hermann Schinagl -> Hermann Schinagl) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2020-05-22] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers1_S-1-5-21-3472972625-813258079-3912501916-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_S-1-5-21-3472972625-813258079-3912501916-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_S-1-5-21-3472972625-813258079-3912501916-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-09-15 23:31 – 2020-09-15 23:31 – 000355840 _____ () [File not signed] [File is in use] C:Program FilesPowerToysmoduleslauncherMono.Cecil.dll
2020-05-31 10:02 – 2021-04-07 04:21 – 000205824 _____ () [File not signed] [File is in use] C:ProgramDataJackettYamlDotNet.dll
2021-04-07 11:19 – 2021-04-07 11:19 – 001278976 _____ () [File not signed] [File is in use] C:UsersonextAppDataLocalDeepLapp-2.3.1x64CefSharp.BrowserSubprocess.Core.dll
2021-04-07 11:19 – 2021-04-07 11:19 – 001957888 _____ () [File not signed] [File is in use] C:UsersonextAppDataLocalDeepLapp-2.3.1x64CefSharp.Core.dll
2021-03-25 22:11 – 2021-03-25 22:11 – 000629760 _____ () [File not signed] \?C:UsersonextAppDataLocalPlex Media ServerCodecs73e06c8-3759-windows-x86aac_decoder.dll
2021-03-25 22:11 – 2021-03-25 22:11 – 000336896 _____ () [File not signed] \?C:UsersonextAppDataLocalPlex Media ServerCodecs73e06c8-3759-windows-x86ac3_decoder.dll
2021-03-25 22:11 – 2021-03-25 22:11 – 000608256 _____ () [File not signed] \?C:UsersonextAppDataLocalPlex Media ServerCodecs73e06c8-3759-windows-x86dca_decoder.dll
2021-03-25 22:11 – 2021-03-25 22:11 – 001559040 _____ () [File not signed] \?C:UsersonextAppDataLocalPlex Media ServerCodecs73e06c8-3759-windows-x86h264_decoder.dll
2021-03-25 22:11 – 2021-03-25 22:11 – 000818688 _____ () [File not signed] \?C:UsersonextAppDataLocalPlex Media ServerCodecs73e06c8-3759-windows-x86hevc_decoder.dll
2021-03-25 22:11 – 2021-03-25 22:11 – 001800704 _____ () [File not signed] \?C:UsersonextAppDataLocalPlex Media ServerCodecs73e06c8-3759-windows-x86libx264_encoder.dll
2021-03-25 22:11 – 2021-03-25 22:11 – 000579072 _____ () [File not signed] \?C:UsersonextAppDataLocalPlex Media ServerCodecs73e06c8-3759-windows-x86mp2_decoder.dll
2021-03-25 22:11 – 2021-03-25 22:11 – 000579072 _____ () [File not signed] \?C:UsersonextAppDataLocalPlex Media ServerCodecs73e06c8-3759-windows-x86mp3_decoder.dll
2021-03-25 22:11 – 2021-03-25 22:11 – 001268224 _____ () [File not signed] \?C:UsersonextAppDataLocalPlex Media ServerCodecs73e06c8-3759-windows-x86mpeg4_decoder.dll
2021-03-25 22:11 – 2021-03-25 22:11 – 001718784 _____ () [File not signed] \?C:UsersonextAppDataLocalPlex Media ServerCodecs73e06c8-3759-windows-x86vp9_decoder.dll
2020-10-24 22:25 – 2019-12-25 15:34 – 000143872 _____ () [File not signed] C:BazarrWinPythonpython-3.8.0libsite-packageslxml_elementpath.cp38-win32.pyd
2020-10-24 22:25 – 2019-12-25 15:34 – 003564032 _____ () [File not signed] C:BazarrWinPythonpython-3.8.0libsite-packageslxmletree.cp38-win32.pyd
2021-01-30 13:46 – 2020-07-09 12:37 – 001332736 _____ () [File not signed] c:nginxphplibsqlite3.dll
2021-01-30 13:46 – 2020-07-09 12:36 – 000281600 _____ () [File not signed] c:nginxphplibssh2.dll
2019-07-23 15:03 – 2013-01-25 14:12 – 000043008 _____ () [File not signed] C:Program Files (x86)IDBKUPSmartlibgcc_s_dw2-1.dll
2019-07-23 15:03 – 2013-01-25 14:12 – 000011362 _____ () [File not signed] C:Program Files (x86)IDBKUPSmartmingwm10.dll
2021-02-18 21:00 – 2021-02-12 22:46 – 002552320 _____ () [File not signed] C:Program Files (x86)MicrosoftSkype for Desktopffmpeg.dll
2021-02-18 21:00 – 2021-02-12 22:46 – 000367104 _____ () [File not signed] C:Program Files (x86)MicrosoftSkype for Desktoplibegl.dll
2021-02-18 21:00 – 2021-02-12 22:46 – 006631936 _____ () [File not signed] C:Program Files (x86)MicrosoftSkype for Desktoplibglesv2.dll
2019-10-19 22:02 – 2019-10-19 22:02 – 000122368 _____ () [File not signed] C:Python27DLLs_ctypes.pyd
2019-10-19 22:02 – 2019-10-19 22:02 – 000186880 _____ () [File not signed] C:Python27DLLs_elementtree.pyd
2019-10-19 22:07 – 2019-10-19 22:07 – 001654784 _____ () [File not signed] C:Python27DLLs_hashlib.pyd
2019-10-19 22:02 – 2019-10-19 22:02 – 000034816 _____ () [File not signed] C:Python27DLLs_multiprocessing.pyd
2019-10-19 22:06 – 2019-10-19 22:06 – 000051200 _____ () [File not signed] C:Python27DLLs_socket.pyd
2019-10-19 22:03 – 2019-10-19 22:03 – 000064000 _____ () [File not signed] C:Python27DLLs_sqlite3.pyd
2019-10-19 22:07 – 2019-10-19 22:07 – 002120704 _____ () [File not signed] C:Python27DLLs_ssl.pyd
2019-10-19 22:03 – 2019-10-19 22:03 – 000092672 _____ () [File not signed] C:Python27DLLsbz2.pyd
2019-10-19 22:02 – 2019-10-19 22:02 – 000185344 _____ () [File not signed] C:Python27DLLspyexpat.pyd
2019-10-19 22:02 – 2019-10-19 22:02 – 000011776 _____ () [File not signed] C:Python27DLLsselect.pyd
2019-10-19 22:03 – 2019-10-19 22:03 – 000926208 _____ () [File not signed] C:Python27DLLssqlite3.dll
2019-10-19 22:02 – 2019-10-19 22:02 – 000692224 _____ () [File not signed] C:Python27DLLsunicodedata.pyd
2018-12-27 21:59 – 2018-12-27 21:59 – 000549888 _____ () [File not signed] C:Python27libsite-packagespywin32_system32pythoncom27.dll
2018-12-27 21:59 – 2018-12-27 21:59 – 000138752 _____ () [File not signed] C:Python27libsite-packagespywin32_system32pywintypes27.dll
2018-12-27 21:59 – 2018-12-27 21:59 – 000008192 _____ () [File not signed] C:Python27libsite-packageswin32_win32sysloader.pyd
2018-12-27 21:59 – 2018-12-27 21:59 – 000130560 _____ () [File not signed] C:Python27libsite-packageswin32win32api.pyd
2018-12-27 21:59 – 2018-12-27 21:59 – 000023040 _____ () [File not signed] C:Python27libsite-packageswin32win32event.pyd
2018-12-27 21:59 – 2018-12-27 21:59 – 000053760 _____ () [File not signed] C:Python27libsite-packageswin32win32service.pyd
2021-04-07 11:19 – 2021-04-07 11:19 – 137093632 _____ () [File not signed] C:UsersonextAppDataLocalDeepLapp-2.3.1x64libcef.dll
2021-04-07 11:19 – 2021-04-07 11:19 – 000396800 _____ () [File not signed] C:UsersonextAppDataLocalDeepLapp-2.3.1x64libegl.dll
2021-04-07 11:19 – 2021-04-07 11:19 – 006338560 _____ () [File not signed] C:UsersonextAppDataLocalDeepLapp-2.3.1x64libglesv2.dll
2020-10-15 12:40 – 2020-10-15 12:40 – 013053440 _____ () [File not signed] C:UsersonextAppDataLocalMEGAsyncavcodec-58.dll
2020-10-15 12:40 – 2020-10-15 12:40 – 002290176 _____ () [File not signed] C:UsersonextAppDataLocalMEGAsyncavformat-58.dll
2020-10-15 12:40 – 2020-10-15 12:40 – 000521728 _____ () [File not signed] C:UsersonextAppDataLocalMEGAsyncavutil-56.dll
2019-05-14 03:06 – 2020-10-15 12:40 – 000065024 _____ () [File not signed] C:UsersonextAppDataLocalMEGAsynccares.dll
2020-10-15 12:40 – 2020-10-15 12:40 – 000145408 _____ () [File not signed] C:UsersonextAppDataLocalMEGAsyncswresample-3.dll
2020-10-15 12:40 – 2020-10-15 12:40 – 000570880 _____ () [File not signed] C:UsersonextAppDataLocalMEGAsyncswscale-5.dll
2021-04-07 13:31 – 2021-04-07 13:31 – 000114176 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722_ctypes.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000172544 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722_elementtree.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 002255872 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722_hashlib.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000032256 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722_multiprocessing.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000046080 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722_psutil_windows.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000047616 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722_socket.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 002824704 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722_ssl.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000026112 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722_yappi.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000080896 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722bz2.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000015872 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722common.time34.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000007680 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722hashobjs_ext.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000301568 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722PIL._imaging.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000168448 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722pyexpat.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 001084416 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722pysqlite2._sqlite.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000548864 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722pythoncom27.dll
2021-04-07 13:31 – 2021-04-07 13:31 – 000137728 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722pywintypes27.dll
2021-04-07 13:31 – 2021-04-07 13:31 – 000010752 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722select.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000020992 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722thumbnails_ext.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000689664 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722unicodedata.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000119808 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722usb_ext.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000128512 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722win32api.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000438784 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722win32com.shell.shell.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000011776 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722win32crypt.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000023040 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722win32event.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000149504 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722win32file.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000223232 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722win32gui.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000048128 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722win32inet.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000029696 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722win32pdh.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000027648 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722win32pipe.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000044032 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722win32process.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000020480 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722win32profile.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000136192 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722win32security.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000026624 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722win32ts.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000034304 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722windows.conditional.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000037888 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722windows.connectivity.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000071680 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722windows.device_monitor.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000103936 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722windows.volumes.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000019968 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722windows.winwrap.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 001325056 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722wx._controls_.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 001489408 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722wx._core_.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 001007104 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722wx._gdi_.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000103424 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722wx._html2.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 000916992 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722wx._misc_.pyd
2021-04-07 13:31 – 2021-04-07 13:31 – 001039872 _____ () [File not signed] C:UsersonextAppDataLocalTemp_MEI132722wx._windows_.pyd
2021-02-06 00:42 – 2021-02-06 00:41 – 000008704 _____ (Andreas Håkansson, Steven Robbins and contributors) [File not signed] [File is in use] C:ProgramDataRadarrbinNancy.Authentication.Basic.dll
2021-02-06 00:42 – 2021-02-06 00:41 – 000013824 _____ (Andreas Håkansson, Steven Robbins and contributors) [File not signed] [File is in use] C:ProgramDataRadarrbinNancy.Authentication.Forms.dll
2021-02-06 00:42 – 2021-02-06 00:41 – 000919552 _____ (Andreas Håkansson, Steven Robbins and contributors) [File not signed] [File is in use] C:ProgramDataRadarrbinNancy.dll
2020-05-31 10:02 – 2021-04-07 04:21 – 000829440 _____ (AngleSharp) [File not signed] [File is in use] C:ProgramDataJackettAngleSharp.dll
2020-05-31 10:02 – 2021-04-07 04:21 – 000251904 _____ (Autofac) [File not signed] [File is in use] C:ProgramDataJackettAutofac.dll
2020-05-31 10:02 – 2021-04-07 04:21 – 000015872 _____ (Autofac) [File not signed] [File is in use] C:ProgramDataJackettAutofac.Extensions.DependencyInjection.dll
2020-05-31 10:02 – 2021-04-07 04:21 – 000014336 _____ (DateTimeRoutines) [File not signed] [File is in use] C:ProgramDataJackettDateTimeRoutines.dll
2020-12-14 10:38 – 2021-04-07 04:21 – 000018432 _____ (Diego Heras (ngosang)) [File not signed] [File is in use] C:ProgramDataJackettFlareSolverrSharp.dll
2021-02-06 00:42 – 2021-02-06 00:41 – 000091648 _____ (FluentMigrator Project) [File not signed] [File is in use] C:ProgramDataRadarrbinFluentMigrator.Abstractions.dll
2021-02-06 00:42 – 2021-02-06 00:41 – 000054272 _____ (FluentMigrator Project) [File not signed] [File is in use] C:ProgramDataRadarrbinFluentMigrator.dll
2021-02-06 00:42 – 2021-02-06 00:41 – 000114176 _____ (FluentMigrator Project) [File not signed] [File is in use] C:ProgramDataRadarrbinFluentMigrator.Runner.Core.dll
2021-02-06 00:42 – 2021-02-06 00:41 – 000067072 _____ (FluentMigrator Project) [File not signed] [File is in use] C:ProgramDataRadarrbinFluentMigrator.Runner.dll
2021-02-06 00:42 – 2021-02-06 00:41 – 000021504 _____ (FluentMigrator Project) [File not signed] [File is in use] C:ProgramDataRadarrbinFluentMigrator.Runner.SQLite.dll
2020-05-31 10:02 – 2021-04-07 04:21 – 000217088 _____ (gsscoder;nemec;ericnewton76;moh-hassan) [File not signed] [File is in use] C:ProgramDataJackettCommandLine.dll
2019-07-26 09:10 – 2019-07-26 09:10 – 000498096 _____ (Hermann Schinagl -> Hermann Schinagl) [File not signed] C:Program FilesLinkShellExtensionHardlinkShellExt.dll
2021-01-30 13:46 – 2020-07-09 12:36 – 000206336 _____ (hxxps://nghttp2.org/) [File not signed] c:nginxphpnghttp2.dll
2020-12-11 13:52 – 2021-02-06 00:41 – 000351744 _____ (hxxps://system.data.sqlite.org/) [File not signed] [File is in use] C:ProgramDataRadarrbinSystem.Data.SQLite.dll
2021-02-18 21:00 – 2019-02-21 19:00 – 000078336 _____ (Igor Pavlov) [File not signed] C:Program Files7-Zip7-zip.dll
2020-05-31 10:02 – 2021-04-07 04:21 – 001243136 _____ (Jackett.Common) [File not signed] [File is in use] C:ProgramDataJackettJackett.Common.dll
2020-05-31 10:02 – 2021-04-07 04:21 – 000393728 _____ (JackettConsole) [File not signed] [File is in use] C:ProgramDataJackettJackettConsole.dll
2020-05-31 10:02 – 2021-04-07 04:21 – 000312832 _____ (JackettService) [File not signed] [File is in use] C:ProgramDataJackettJackettService.dll
2020-05-31 10:02 – 2021-04-07 04:21 – 000934400 _____ (JackettTray) [File not signed] [File is in use] C:ProgramDataJackettJackettTray.dll
2021-02-06 00:42 – 2021-02-06 00:41 – 000339456 _____ (Jeremy Skinner) [File not signed] [File is in use] C:ProgramDataRadarrbinFluentValidation.dll
2020-05-31 10:02 – 2021-04-07 04:21 – 000297472 _____ (Jimmy Bogard) [File not signed] [File is in use] C:ProgramDataJackettAutoMapper.dll
2021-02-06 00:42 – 2021-02-06 00:41 – 000080384 _____ (Kveer) [File not signed] [File is in use] C:ProgramDataRadarrbinKveer.XmlRPC.dll
2020-05-31 10:02 – 2021-04-07 04:21 – 000010752 _____ (Landon Key) [File not signed] [File is in use] C:ProgramDataJackettSocksWebProxy.dll
2021-03-31 19:59 – 2021-03-31 19:59 – 000006656 _____ (Microsoft Corporation) [File not signed] [File is in use] C:Program FilesPowerToysmoduleslauncherManagedTelemetry.dll
2021-03-31 20:00 – 2021-03-31 20:00 – 000016896 _____ (Microsoft.PowerToys.Run.Plugin.Calculator) [File not signed] C:Program FilesPowerToysmoduleslauncherPluginsCalculatorMicrosoft.PowerToys.Run.Plugin.Calculator.dll
2021-01-06 17:55 – 2021-01-06 17:55 – 000902144 _____ (ModernWpf) [File not signed] [File is in use] C:Program FilesPowerToysmoduleslauncherModernWpf.dll
2020-08-22 10:31 – 2020-08-22 10:31 – 000817152 _____ (NLog) [File not signed] [File is in use] C:Program FilesPowerToysmoduleslauncherNLog.dll
2020-08-27 20:03 – 2020-08-27 20:03 – 000046080 _____ (NLog) [File not signed] [File is in use] C:Program FilesPowerToysmoduleslauncherNLog.Extensions.Logging.dll
2020-05-31 10:02 – 2021-04-07 04:21 – 000817152 _____ (NLog) [File not signed] [File is in use] C:ProgramDataJackettNLog.dll
2020-05-31 10:02 – 2021-04-07 04:21 – 000046080 _____ (NLog) [File not signed] [File is in use] C:ProgramDataJackettNLog.Extensions.Logging.dll
2020-05-31 10:02 – 2021-04-07 04:21 – 000046592 _____ (NLog) [File not signed] [File is in use] C:ProgramDataJackettNLog.Web.AspNetCore.dll
2021-02-06 00:42 – 2021-02-06 00:41 – 000803328 _____ (NLog) [File not signed] [File is in use] C:ProgramDataRadarrbinNLog.dll
2021-02-06 00:42 – 2021-02-06 00:41 – 000045056 _____ (NLog) [File not signed] [File is in use] C:ProgramDataRadarrbinNLog.Extensions.Logging.dll
2019-07-23 15:03 – 2013-06-26 17:42 – 000083456 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:Program Files (x86)IDBKUPSmartimageformatsqgif4.dll
2019-07-23 15:03 – 2013-01-25 14:28 – 002847232 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:Program Files (x86)IDBKUPSmartQtCore4.dll
2019-07-23 15:03 – 2013-01-25 14:27 – 010137600 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:Program Files (x86)IDBKUPSmartQtGui4.dll
2019-07-23 15:03 – 2013-01-25 14:27 – 001290752 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:Program Files (x86)IDBKUPSmartQtNetwork4.dll
2019-07-23 15:03 – 2013-01-25 14:27 – 000275456 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:Program Files (x86)IDBKUPSmartQtSql4.dll
2019-07-23 15:03 – 2013-06-26 17:43 – 000373760 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:Program Files (x86)IDBKUPSmartQtSvg4.dll
2019-07-23 15:03 – 2012-10-12 08:31 – 000527360 _____ (Nokia Corporation and/or its subsidiary(-ies)) [File not signed] C:Program Files (x86)IDBKUPSmartsqldriversqsqlite4.dll
2020-05-31 10:02 – 2021-04-07 04:21 – 000028672 _____ (Org.Mentalis) [File not signed] [File is in use] C:ProgramDataJackettOrg.Mentalis.dll
2021-04-07 13:31 – 2021-04-07 13:31 – 003043328 _____ (Python Software Foundation) [File not signed] C:UsersonextAppDataLocalTemp_MEI132722python27.dll
2019-10-19 22:02 – 2019-10-19 22:02 – 003429376 _____ (Python Software Foundation) [File not signed] C:WINDOWSSYSTEM32python27.dll
2021-02-06 00:42 – 2021-02-06 00:41 – 000192000 _____ (radarr.video) [File not signed] [File is in use] C:ProgramDataRadarrbinRadarr.Api.dll
2021-02-06 00:42 – 2021-02-06 00:41 – 000261120 _____ (radarr.video) [File not signed] [File is in use] C:ProgramDataRadarrbinRadarr.Api.V3.dll
2021-02-06 00:42 – 2021-02-06 00:41 – 000271360 _____ (radarr.video) [File not signed] [File is in use] C:ProgramDataRadarrbinRadarr.Common.dll
2021-02-06 00:42 – 2021-02-06 00:41 – 001822720 _____ (radarr.video) [File not signed] [File is in use] C:ProgramDataRadarrbinRadarr.Core.dll
2021-02-06 00:42 – 2021-02-06 00:41 – 000426496 _____ (radarr.video) [File not signed] [File is in use] C:ProgramDataRadarrbinRadarr.dll
2021-02-06 00:42 – 2021-02-06 00:41 – 000033280 _____ (radarr.video) [File not signed] [File is in use] C:ProgramDataRadarrbinRadarr.Host.dll
2020-12-11 13:52 – 2021-02-06 00:41 – 000090624 _____ (radarr.video) [File not signed] [File is in use] C:ProgramDataRadarrbinRadarr.Http.dll
2020-12-11 13:52 – 2021-02-06 00:41 – 000009216 _____ (radarr.video) [File not signed] [File is in use] C:ProgramDataRadarrbinRadarr.SignalR.dll
2020-12-11 13:52 – 2021-02-06 00:41 – 000010240 _____ (radarr.video) [File not signed] C:ProgramDataRadarrbinRadarr.Windows.dll
2021-02-06 00:42 – 2021-02-06 00:41 – 000190464 _____ (Sam Saffron;Marc Gravell;Nick Craver) [File not signed] [File is in use] C:ProgramDataRadarrbinDapper.dll
2020-12-11 13:52 – 2021-02-06 00:41 – 000011264 _____ (Sentry Team and Contributors) [File not signed] [File is in use] C:ProgramDataRadarrbinSentry.PlatformAbstractions.dll
2020-12-11 13:52 – 2021-02-06 00:41 – 000088576 _____ (Sentry.io) [File not signed] [File is in use] C:ProgramDataRadarrbinSentry.dll
2020-12-11 13:52 – 2021-02-06 00:41 – 000051200 _____ (Sentry.io) [File not signed] [File is in use] C:ProgramDataRadarrbinSentry.Protocol.dll
2020-12-11 13:52 – 2021-02-06 00:41 – 001148928 _____ (Six Labors) [File not signed] [File is in use] C:ProgramDataRadarrbinSixLabors.ImageSharp.dll
2020-12-11 13:52 – 2021-02-06 00:41 – 001947136 _____ (SQLite Development Team) [File not signed] C:ProgramDataRadarrbinsqlite3.DLL
2020-10-25 13:33 – 2020-10-24 15:55 – 000665719 _____ (SQLite Development Team) [File not signed] C:ProgramDataSonarrbinsqlite3.DLL
2020-10-12 22:38 – 2020-10-12 22:38 – 000052224 _____ (Tatham Oddie & friends) [File not signed] [File is in use] C:Program FilesPowerToysmoduleslauncherSystem.IO.Abstractions.dll
2021-04-07 11:19 – 2021-04-07 11:19 – 001010176 _____ (The Chromium Authors) [File not signed] C:UsersonextAppDataLocalDeepLapp-2.3.1x64chrome_elf.dll
2019-05-14 03:06 – 2020-10-15 12:40 – 000295936 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:UsersonextAppDataLocalMEGAsynclibcurl.dll
2021-01-30 13:46 – 2020-07-09 12:36 – 003439616 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] c:nginxphplibcrypto-1_1-x64.dll
2021-01-30 13:46 – 2020-07-09 12:36 – 000682496 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] c:nginxphplibssl-1_1-x64.dll
2020-10-15 12:40 – 2020-10-15 12:40 – 002444288 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:UsersonextAppDataLocalMEGAsynclibcrypto-1_1.dll
2020-10-15 12:40 – 2020-10-15 12:40 – 000504320 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:UsersonextAppDataLocalMEGAsynclibssl-1_1.dll
2021-01-30 13:46 – 2020-07-09 12:36 – 000551936 _____ (The PHP Group) [File not signed] c:nginxphpextphp_curl.dll
2021-01-30 13:46 – 2020-07-09 12:36 – 000127488 _____ (The PHP Group) [File not signed] c:nginxphpextphp_openssl.dll
2021-01-30 13:46 – 2020-07-09 12:36 – 000028672 _____ (The PHP Group) [File not signed] c:nginxphpextphp_pdo_sqlite.dll
2021-01-30 13:46 – 2020-07-09 12:36 – 000045056 _____ (The PHP Group) [File not signed] c:nginxphpextphp_sqlite3.dll
2021-01-30 13:46 – 2020-07-09 12:36 – 000082944 _____ (The PHP Group) [File not signed] c:nginxphpextphp_xmlrpc.dll
2021-01-30 13:46 – 2020-07-09 12:36 – 009360384 _____ (The PHP Group) [File not signed] c:nginxphpphp7.dll
2019-05-14 03:06 – 2020-10-15 12:39 – 005118072 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:UsersonextAppDataLocalMEGAsyncQt5Core.dll
2020-11-13 18:59 – 2019-05-13 17:40 – 000105528 _____ (Un4seen Developments) [File not signed] C:UsersonextAppDataRoamingMicrosoftWindowsStart MenuProgramsMonkeymattBig Stretchbass.dll
2021-04-07 13:31 – 2021-04-07 13:31 – 000202240 _____ (wxWidgets development team) [File not signed] C:UsersonextAppDataLocalTemp_MEI132722wxbase30u_net_vc90_x64.dll
2021-04-07 13:31 – 2021-04-07 13:31 – 002831872 _____ (wxWidgets development team) [File not signed] C:UsersonextAppDataLocalTemp_MEI132722wxbase30u_vc90_x64.dll
2021-04-07 13:31 – 2021-04-07 13:31 – 001654784 _____ (wxWidgets development team) [File not signed] C:UsersonextAppDataLocalTemp_MEI132722wxmsw30u_adv_vc90_x64.dll
2021-04-07 13:31 – 2021-04-07 13:31 – 006542336 _____ (wxWidgets development team) [File not signed] C:UsersonextAppDataLocalTemp_MEI132722wxmsw30u_core_vc90_x64.dll
2021-04-07 13:31 – 2021-04-07 13:31 – 000773632 _____ (wxWidgets development team) [File not signed] C:UsersonextAppDataLocalTemp_MEI132722wxmsw30u_html_vc90_x64.dll
2021-04-07 13:31 – 2021-04-07 13:31 – 000137216 _____ (wxWidgets development team) [File not signed] C:UsersonextAppDataLocalTemp_MEI132722wxmsw30u_webview_vc90_x64.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:ProgramDataTEMP:4FC01C57 [146]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)
HKLMSYSTEMCurrentControlSetControlSafeBootMinimal95336843.sys => “”=”Driver”
HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => “”=”Service”
HKLMSYSTEMCurrentControlSetControlSafeBootNetwork95336843.sys => “”=”Driver”
HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => “”=”Service”
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Search Page =
HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Default_Page_URL =
HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Default_Search_URL =
HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Local Page =
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-07-23 21:43 – 2020-09-16 18:00 – 000000823 _____ C:WINDOWSsystem32driversetchosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKUS-1-5-21-3472972625-813258079-3912501916-1001Control PanelDesktop\Wallpaper -> C:UsersonextAppDataRoamingMicrosoftWindowsThemesTranscodedWallpaper
HKUS-1-5-21-3472972625-813258079-3912501916-1004Control PanelDesktop\Wallpaper -> C:WINDOWSwebwallpaperWindowsimg0.jpg
HKUS-1-5-21-3472972625-813258079-3912501916-1005Control PanelDesktop\Wallpaper -> C:WINDOWSwebwallpaperWindowsimg0.jpg
HKUS-1-5-21-3472972625-813258079-3912501916-1015Control PanelDesktop\Wallpaper -> C:WindowsWebWallpaperWindowsimg0.jpg
DNS Servers: 1.1.1.1 – 8.8.4.4
HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet 2: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet 2: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled)
Tailscale: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Tailscale: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled)
Ethernet: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM…StartupApprovedRun: => “Everything”
HKUS-1-5-21-3472972625-813258079-3912501916-1001…StartupApprovedRun: => “OneDrive”
HKUS-1-5-21-3472972625-813258079-3912501916-1001…StartupApprovedRun: => “NordVPN”
HKUS-1-5-21-3472972625-813258079-3912501916-1001…StartupApprovedRun: => “Opera Browser Assistant”
HKUS-1-5-21-3472972625-813258079-3912501916-1001…StartupApprovedRun: => “electron.app.Fing”
HKUS-1-5-21-3472972625-813258079-3912501916-1001…StartupApprovedRun: => “XperiaCompanionAgent”
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{065DDA7F-F737-4E00-AC5F-E3BDAD757ED4}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication85.0.564.30msedgewebview2.exe => No File
FirewallRules: [{0BCE820D-8FD3-4796-82DB-10EC52F075D5}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication85.0.564.23msedgewebview2.exe => No File
FirewallRules: [{997748C8-7803-46CF-809D-C9F5540A76A6}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication85.0.564.18msedgewebview2.exe => No File
FirewallRules: [{F64339A3-913C-4AD8-A535-14D953A62A12}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication84.0.522.44msedgewebview2.exe => No File
FirewallRules: [UDP Query User{83DF18D2-9A64-419B-923D-D4F205FEB393}C:program filesplexplexplex.exe] => (Allow) C:program filesplexplexplex.exe (Plex, Inc. -> )
FirewallRules: [TCP Query User{12D07BB1-A8FF-4E5B-9B87-D375B288473A}C:program filesplexplexplex.exe] => (Allow) C:program filesplexplexplex.exe (Plex, Inc. -> )
FirewallRules: [{7A2F320A-4F1E-4227-BB5B-5B628E405DD3}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication84.0.522.39msedgewebview2.exe => No File
FirewallRules: [UDP Query User{54D41B6B-8D0F-4A61-810A-1D349431DA62}C:usersonextappdatalocalprogramsopera69.0.3686.57opera.exe] => (Block) C:usersonextappdatalocalprogramsopera69.0.3686.57opera.exe => No File
FirewallRules: [TCP Query User{312277D8-5CF5-40D3-82EE-16CB341033CC}C:usersonextappdatalocalprogramsopera69.0.3686.57opera.exe] => (Block) C:usersonextappdatalocalprogramsopera69.0.3686.57opera.exe => No File
FirewallRules: [{478FFD90-9AE5-4273-993D-79CE8D5EAE24}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication84.0.522.35msedgewebview2.exe => No File
FirewallRules: [{EED98BD1-37A0-4D1D-9BDF-0AE4B525C422}] => (Allow) C:UsersonextAppDataLocalVideostreamapp-0.4.0videostream-nativevideostream-native.exe (RouteThis Inc. -> )
FirewallRules: [{03A0E0AE-10CD-4577-9C1B-C0C06FE6CD5A}] => (Allow) C:UsersonextAppDataLocalVideostreamapp-0.4.0videostream-nativevideostream-native.exe (RouteThis Inc. -> )
FirewallRules: [{DA7A5C45-3060-4B30-8285-276AE97D8FF8}] => (Allow) LPort=5557
FirewallRules: [UDP Query User{E747980A-ACF0-42E6-85CD-D4CD5467AC32}C:python27pythonw.exe] => (Allow) C:python27pythonw.exe () [File not signed]
FirewallRules: [TCP Query User{16A55D6B-B2A5-41BC-BC82-85618B1DEB7E}C:python27pythonw.exe] => (Allow) C:python27pythonw.exe () [File not signed]
FirewallRules: [{9BB70852-07D3-4F78-9AAB-24A8A2595FCE}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication84.0.522.28msedgewebview2.exe => No File
FirewallRules: [{A96AD36E-3181-42A2-B00E-2F2441AA413F}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication84.0.522.26msedgewebview2.exe => No File
FirewallRules: [{1EC2A5AF-FD2B-46D3-843A-9FA9A05BEE1E}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication84.0.522.20msedgewebview2.exe => No File
FirewallRules: [UDP Query User{E4DD60E5-0226-4D75-95B3-2D34CC81D1B9}C:usersonextdocumentstools and stuff from desktopiperf-3.1.3-win64iperf3.exe] => (Allow) C:usersonextdocumentstools and stuff from desktopiperf-3.1.3-win64iperf3.exe => No File
FirewallRules: [TCP Query User{85D0D404-E65B-4C34-9030-5FCF044B9326}C:usersonextdocumentstools and stuff from desktopiperf-3.1.3-win64iperf3.exe] => (Allow) C:usersonextdocumentstools and stuff from desktopiperf-3.1.3-win64iperf3.exe => No File
FirewallRules: [{D477C6AB-96DE-426D-94F2-8959CDEDD875}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication84.0.522.15msedgewebview2.exe => No File
FirewallRules: [UDP Query User{6C8292B8-7011-4FA2-8102-489E6C20176B}C:usersonextappdatalocalprogramsopera68.0.3618.125opera.exe] => (Allow) C:usersonextappdatalocalprogramsopera68.0.3618.125opera.exe => No File
FirewallRules: [TCP Query User{01004463-FBE8-4F79-B351-AB3FD705D873}C:usersonextappdatalocalprogramsopera68.0.3618.125opera.exe] => (Allow) C:usersonextappdatalocalprogramsopera68.0.3618.125opera.exe => No File
FirewallRules: [{854440E8-5A99-4266-B094-74431624468C}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication84.0.522.11msedgewebview2.exe => No File
FirewallRules: [{06312A7C-8402-4537-A4A9-B64A69B42016}] => (Allow) LPort=7879
FirewallRules: [UDP Query User{4FDE8100-2280-4118-8FF0-B0A1644237F7}C:usersonextappdatalocalprogramsopera68.0.3618.104opera.exe] => (Allow) C:usersonextappdatalocalprogramsopera68.0.3618.104opera.exe => No File
FirewallRules: [TCP Query User{D6D81303-3EA8-4A0F-A448-6ADF8F5491E2}C:usersonextappdatalocalprogramsopera68.0.3618.104opera.exe] => (Allow) C:usersonextappdatalocalprogramsopera68.0.3618.104opera.exe => No File
FirewallRules: [UDP Query User{641706B8-0BD2-4D22-87BA-0F692C30A0B4}C:usersonextappdatalocalprogramsopera67.0.3575.53opera.exe] => (Allow) C:usersonextappdatalocalprogramsopera67.0.3575.53opera.exe => No File
FirewallRules: [TCP Query User{C4E13F89-B4AD-4EEA-89DF-2BB64A673033}C:usersonextappdatalocalprogramsopera67.0.3575.53opera.exe] => (Allow) C:usersonextappdatalocalprogramsopera67.0.3575.53opera.exe => No File
FirewallRules: [UDP Query User{DC3AA98A-9452-41DB-8F6D-CC5E347456F2}C:usersonextappdatalocalprogramsopera66.0.3515.115opera.exe] => (Allow) C:usersonextappdatalocalprogramsopera66.0.3515.115opera.exe => No File
FirewallRules: [TCP Query User{9CCFD6E6-B221-4CFA-9A9A-5B763206F22C}C:usersonextappdatalocalprogramsopera66.0.3515.115opera.exe] => (Allow) C:usersonextappdatalocalprogramsopera66.0.3515.115opera.exe => No File
FirewallRules: [UDP Query User{824081C1-6A76-449A-B823-A0225E4C7D36}C:usersonextappdatalocalprogramsopera66.0.3515.44opera.exe] => (Allow) C:usersonextappdatalocalprogramsopera66.0.3515.44opera.exe => No File
FirewallRules: [TCP Query User{46B7B2C6-1F7C-4399-A147-5A73241AD6D2}C:usersonextappdatalocalprogramsopera66.0.3515.44opera.exe] => (Allow) C:usersonextappdatalocalprogramsopera66.0.3515.44opera.exe => No File
FirewallRules: [UDP Query User{CAA2DC5F-DCE2-41CF-9F34-EBE9CE504489}C:usersonextappdatalocalprogramsopera64.0.3417.92opera.exe] => (Allow) C:usersonextappdatalocalprogramsopera64.0.3417.92opera.exe => No File
FirewallRules: [TCP Query User{ACAFA798-B046-48CF-B28B-6E960CBC0B14}C:usersonextappdatalocalprogramsopera64.0.3417.92opera.exe] => (Allow) C:usersonextappdatalocalprogramsopera64.0.3417.92opera.exe => No File
FirewallRules: [UDP Query User{BC9513AA-FE70-4B48-81AD-51344DFE2C9C}C:usersonextappdatalocalprogramsopera63.0.3368.107opera.exe] => (Allow) C:usersonextappdatalocalprogramsopera63.0.3368.107opera.exe => No File
FirewallRules: [TCP Query User{2E09045C-DFDE-4075-AC42-C1BA3B07B026}C:usersonextappdatalocalprogramsopera63.0.3368.107opera.exe] => (Allow) C:usersonextappdatalocalprogramsopera63.0.3368.107opera.exe => No File
FirewallRules: [UDP Query User{CC33EEC9-C5C4-43B2-B97A-FA3E2727D06B}C:usersonextappdatalocalprogramsopera63.0.3368.94opera.exe] => (Allow) C:usersonextappdatalocalprogramsopera63.0.3368.94opera.exe => No File
FirewallRules: [TCP Query User{EEAA888E-CAD2-4B67-B34E-DE17D53ECDB4}C:usersonextappdatalocalprogramsopera63.0.3368.94opera.exe] => (Allow) C:usersonextappdatalocalprogramsopera63.0.3368.94opera.exe => No File
FirewallRules: [UDP Query User{C0D58161-6D27-4589-A1A5-8B51A4226D6D}C:usersonextdesktopvlc-3.0.9vlc.exe] => (Allow) C:usersonextdesktopvlc-3.0.9vlc.exe => No File
FirewallRules: [TCP Query User{70DB9882-D1F8-45A2-9375-A5D8D295DFAA}C:usersonextdesktopvlc-3.0.9vlc.exe] => (Allow) C:usersonextdesktopvlc-3.0.9vlc.exe => No File
FirewallRules: [{C7CFB5CF-8884-459E-B007-1BB691100171}] => (Allow) LPort=5558
FirewallRules: [{A9EEBC29-50BF-48C5-A28C-8A4F605D0991}] => (Allow) LPort=5556
FirewallRules: [{6A3F5E98-7A6D-41A8-AF6A-65D3D5AFAB50}] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)
FirewallRules: [{AEDFF0ED-32FB-4C32-AF76-FBCFF026B785}] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E6E49AF1-F9B7-4C7D-AD40-EE794E8D80EA}] => (Allow) C:Program FilesAirflowAirflow.transcoder.exe (InMethod s.r.o. -> )
FirewallRules: [{5300FFA0-F7FB-4D3E-82EF-5C174088935C}] => (Allow) C:Program FilesAirflowAirflow.transcoder.exe (InMethod s.r.o. -> )
FirewallRules: [{4C33DDB7-BD51-4AFE-8D9D-F3FD36AF01F9}] => (Allow) C:Program FilesAirflowAirflow.server.exe (InMethod s.r.o. -> )
FirewallRules: [{5A813932-E174-4E7A-B549-2FF1D36A740B}] => (Allow) C:Program FilesAirflowAirflow.server.exe (InMethod s.r.o. -> )
FirewallRules: [{062CDC6A-CB60-43C2-A36E-0551EC227217}] => (Allow) C:Program FilesAirflowAirflow.analyzer.exe (InMethod s.r.o. -> )
FirewallRules: [{1FBD9DF1-5629-4356-BDF3-115628F7830D}] => (Allow) C:Program FilesAirflowAirflow.analyzer.exe (InMethod s.r.o. -> )
FirewallRules: [{8C547565-4C2A-4C6D-BD4A-AD9D74EC2A5C}] => (Allow) C:Program FilesAirflowAirflow.exe (InMethod s.r.o. -> inMethod)
FirewallRules: [{0612FA0B-2624-4AC4-991F-72A2A883EDFA}] => (Allow) C:Program FilesAirflowAirflow.exe (InMethod s.r.o. -> inMethod)
FirewallRules: [UDP Query User{1C97891A-D08E-4E7B-AE23-3F15448FEE64}C:usersonextappdataroamingspotifyspotify.exe] => (Allow) C:usersonextappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{EF07AA57-923D-4F66-9482-907B06F92649}C:usersonextappdataroamingspotifyspotify.exe] => (Allow) C:usersonextappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{83034492-8587-4FE6-AF05-039D43F93731}C:program filesplexplexplex.exe] => (Allow) C:program filesplexplexplex.exe (Plex, Inc. -> )
FirewallRules: [TCP Query User{7F11C4DE-622C-4307-AF4A-3E056CDE7A6E}C:program filesplexplexplex.exe] => (Allow) C:program filesplexplexplex.exe (Plex, Inc. -> )
FirewallRules: [UDP Query User{B4A63124-5C23-425E-B4F8-F1A52B3106D6}C:usersonextappdatalocalprogramsopera62.0.3331.116opera.exe] => (Allow) C:usersonextappdatalocalprogramsopera62.0.3331.116opera.exe => No File
FirewallRules: [TCP Query User{66BE698E-7401-4EED-90DC-F08B3DBBC380}C:usersonextappdatalocalprogramsopera62.0.3331.116opera.exe] => (Allow) C:usersonextappdatalocalprogramsopera62.0.3331.116opera.exe => No File
FirewallRules: [UDP Query User{9FBFE15F-1699-4E2A-B6CA-1E5E6A03C2BD}C:usersonextdesktopiperf-3.1.3-win64iperf3.exe] => (Allow) C:usersonextdesktopiperf-3.1.3-win64iperf3.exe => No File
FirewallRules: [TCP Query User{DCC940BF-4D92-494D-A60E-4F8014C5F1FA}C:usersonextdesktopiperf-3.1.3-win64iperf3.exe] => (Allow) C:usersonextdesktopiperf-3.1.3-win64iperf3.exe => No File
FirewallRules: [{137E8EDD-B8C8-4E34-AB4B-704E2A16165C}] => (Allow) C:Program FilesHPHP Deskjet 2540 seriesBinHPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{73407E93-344A-4BA9-8C8E-620DFDC732FC}] => (Allow) LPort=5357
FirewallRules: [{3E2DD5DF-1211-4C4D-B50D-2518713905AC}] => (Allow) C:Program FilesHPHP Deskjet 2540 seriesBinDeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [UDP Query User{BF05DF54-AD82-4366-AABE-BAF261038F9A}C:program filesvideolanvlcvlc.exe] => (Allow) C:program filesvideolanvlcvlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{98A6CCB7-E139-4E5F-9A89-EF87BC6F5612}C:program filesvideolanvlcvlc.exe] => (Allow) C:program filesvideolanvlcvlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{2B10B491-6620-4281-8975-25D864842E62}] => (Allow) LPort=8989
FirewallRules: [{F59F2046-2B83-4DD4-ABF5-90F2C39F49E0}] => (Allow) LPort=7878
FirewallRules: [UDP Query User{472565CF-B863-4AA7-862B-146773B29F2D}C:usersonextappdatalocalprogramsopera62.0.3331.99opera.exe] => (Allow) C:usersonextappdatalocalprogramsopera62.0.3331.99opera.exe => No File
FirewallRules: [TCP Query User{A28986AD-281A-4CD9-802C-CA2C7AFF128F}C:usersonextappdatalocalprogramsopera62.0.3331.99opera.exe] => (Allow) C:usersonextappdatalocalprogramsopera62.0.3331.99opera.exe => No File
FirewallRules: [UDP Query User{91DA2DD4-FF39-45F6-932D-665443B8B0F6}C:usersonextappdataroamingsynctrayzorsyncthing.exe] => (Allow) C:usersonextappdataroamingsynctrayzorsyncthing.exe => No File
FirewallRules: [TCP Query User{61E628F4-A44A-4421-BC92-AADC3E152F52}C:usersonextappdataroamingsynctrayzorsyncthing.exe] => (Allow) C:usersonextappdataroamingsynctrayzorsyncthing.exe => No File
FirewallRules: [{CA7CE653-6D5C-4911-A17C-77C6C87C343F}] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B6760396-B3CE-47C8-B6AB-2D4C648D84C4}] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C1DBD1FB-3EDD-4A9B-8FE1-0695DC8FCD8E}] => (Allow) C:Program Files (x86)uTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{7628B115-D6D0-4ABC-8728-7E80FA39E6B6}] => (Allow) C:Program Files (x86)uTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [UDP Query User{89F816A8-AF18-4878-8E1C-CDA52035B73C}C:program filesqbittorrentqbittorrent.exe] => (Allow) C:program filesqbittorrentqbittorrent.exe () [File not signed]
FirewallRules: [TCP Query User{3D551DF2-15F7-4E40-84CA-40FC4127F19D}C:program filesqbittorrentqbittorrent.exe] => (Allow) C:program filesqbittorrentqbittorrent.exe () [File not signed]
FirewallRules: [UDP Query User{C54E0FFB-835E-4AAD-9409-A3C209E4105A}C:usersonextappdatalocalprogramsopera62.0.3331.72opera.exe] => (Allow) C:usersonextappdatalocalprogramsopera62.0.3331.72opera.exe => No File
FirewallRules: [TCP Query User{A0751A22-F820-42A4-B15F-140A7A012DD7}C:usersonextappdatalocalprogramsopera62.0.3331.72opera.exe] => (Allow) C:usersonextappdatalocalprogramsopera62.0.3331.72opera.exe => No File
FirewallRules: [{1BA31192-4B9F-4808-99E1-ACB8AA2DE0AF}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication85.0.564.36msedgewebview2.exe => No File
FirewallRules: [{33BB468B-5E3B-4102-AA52-956FFC8475FB}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication85.0.564.40msedgewebview2.exe => No File
FirewallRules: [{59B20667-E4EB-490B-B946-65471B7E25C5}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication85.0.564.41msedgewebview2.exe => No File
FirewallRules: [{492A8A25-FBA9-47CA-A3A0-B1DEEF6E7E86}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication85.0.564.44msedgewebview2.exe => No File
FirewallRules: [{45181E0E-656F-454A-82F3-C09D6AF100AB}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication86.0.622.11msedgewebview2.exe => No File
FirewallRules: [{7B488C42-90B9-4679-A96A-F7F23071C923}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication86.0.622.15msedgewebview2.exe => No File
FirewallRules: [{48286C03-1CBD-405A-8490-E43643468338}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication86.0.622.19msedgewebview2.exe => No File
FirewallRules: [{6FA0A169-9A50-46CB-8298-E1F7A2D6A0D9}] => (Allow) C:ombiOmbi.exe => No File
FirewallRules: [{AEA8498C-85BB-4216-A384-C994CDECCF98}] => (Allow) C:ombiOmbi.exe => No File
FirewallRules: [{DD91BDC0-2229-4AE6-932D-9F7168D4A6EF}] => (Allow) C:ombiOmbi.exe => No File
FirewallRules: [{A87D23F7-D2B9-4D76-85FF-7C4472F536E2}] => (Allow) C:ombiOmbi.exe => No File
FirewallRules: [{312957CC-EE53-40FC-94EF-E68BABB4A545}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication86.0.622.28msedgewebview2.exe => No File
FirewallRules: [{1862D562-1906-4FF8-962F-C544CAF5883C}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication86.0.622.31msedgewebview2.exe => No File
FirewallRules: [{4F38F292-905C-4582-A559-B92C2682E750}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication86.0.622.36msedgewebview2.exe => No File
FirewallRules: [{39422BDF-FE1E-4345-A1B5-CD4A9F6E564D}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication86.0.622.38msedgewebview2.exe => No File
FirewallRules: [{FFAAC026-3312-4AE0-8BBF-A2460314B443}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication86.0.622.43msedgewebview2.exe => No File
FirewallRules: [{8DD32E6F-A902-435A-B977-5846226BC3D2}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication87.0.664.12msedgewebview2.exe => No File
FirewallRules: [{7E73CFD8-0D8C-43E4-B8B3-AB8BC62398F8}] => (Allow) C:BazarrWinPythonpython-3.8.0python.exe (Python Software Foundation -> Python Software Foundation)
FirewallRules: [{3A8BBD8E-04FD-404B-8845-81E5CC08F0AD}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication87.0.664.24msedgewebview2.exe => No File
FirewallRules: [{31204EBE-BCA5-4E3A-9222-2DDBA2AA093A}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication87.0.664.30msedgewebview2.exe => No File
FirewallRules: [{56CA65CE-A249-4962-A73B-2F35DD63E743}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication87.0.664.36msedgewebview2.exe => No File
FirewallRules: [{B242F84C-65CD-48CF-9873-AC36FD31052A}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication87.0.664.40msedgewebview2.exe => No File
FirewallRules: [{AC16255C-C725-452F-B894-34F8BE876C55}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication87.0.664.41msedgewebview2.exe => No File
FirewallRules: [{955B52F8-9587-4438-8E56-130540306FA6}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication87.0.664.47msedgewebview2.exe => No File
FirewallRules: [{CF572304-FD82-47F1-BA79-23BE5AA1D5E2}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication87.0.664.52msedgewebview2.exe => No File
FirewallRules: [{65F5A246-678E-41BB-B295-89F016B643D1}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication87.0.664.55msedgewebview2.exe => No File
FirewallRules: [{D7401357-390F-4E6B-B5FA-D8EC71CA1CDF}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication87.0.664.57msedgewebview2.exe => No File
FirewallRules: [{B04D9769-80DD-4BD5-BD09-3522986B6B4A}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication88.0.705.18msedgewebview2.exe => No File
FirewallRules: [{EEFB1BE0-D494-44F5-BD1E-C98259FC90CB}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication88.0.705.22msedgewebview2.exe => No File
FirewallRules: [{175BCFFA-28C0-4196-AC01-4AC894179FFA}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication88.0.705.29msedgewebview2.exe => No File
FirewallRules: [{A8623C5D-0760-4E8D-B74C-9204254BB63A}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication88.0.705.41msedgewebview2.exe => No File
FirewallRules: [{57C3BB10-6F31-405D-81F8-5EE7712570E4}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication88.0.705.45msedgewebview2.exe => No File
FirewallRules: [{8EEAC7C9-49AA-4125-8A1A-F994A6E965C6}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication88.0.705.49msedgewebview2.exe => No File
FirewallRules: [{406340C0-6E66-49EA-8986-5D4CF52E6EEA}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{46497894-61DD-45BE-99C7-9F36A54FDD8F}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BE70B1D5-98B9-45F6-9AA3-9B88889A073C}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0E4C804C-D3A3-4827-BB1F-F7C7C55EF09A}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{45310534-72CD-421F-9E2D-F73F3EEBAD42}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication88.0.705.56msedgewebview2.exe => No File
FirewallRules: [{8C01071B-6860-4BE2-9B7D-F202D66F358C}] => (Allow) LPort=80
FirewallRules: [{EA9ABE2D-D92C-4302-A56F-3E6628BE2BE3}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication89.0.774.18msedgewebview2.exe => No File
FirewallRules: [{82DA819F-056E-4BB5-AE7A-F099D7FCD673}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication89.0.774.23msedgewebview2.exe => No File
FirewallRules: [{CF95C8F2-BC04-4EF2-BBDE-79411AB4605F}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication89.0.774.27msedgewebview2.exe => No File
FirewallRules: [{0FF93BFC-E3AB-4C98-942A-00EE182C3DA4}] => (Allow) C:Program Files (x86)MicrosoftSkype for DesktopSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C5EF9479-D8C3-4FC7-97A3-E38C113787DA}] => (Allow) C:Program Files (x86)MicrosoftSkype for DesktopSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3FE6FD72-A82E-45A5-9F9E-BB4E68C171FD}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication89.0.774.34msedgewebview2.exe => No File
FirewallRules: [{9445EA4A-AED3-489C-AD9C-2205FCA9B6F8}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication89.0.774.39msedgewebview2.exe => No File
FirewallRules: [{895243DC-F37F-45FE-9238-771AC974AF02}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication89.0.774.45msedgewebview2.exe => No File
FirewallRules: [{6C3E58CD-2695-42EF-BB18-6207C7359CC7}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication89.0.774.48msedgewebview2.exe => No File
FirewallRules: [{C958D7BF-8A80-4899-97F3-C2D901EF0D5A}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication89.0.774.50msedgewebview2.exe => No File
FirewallRules: [{CAF9CB1A-01C5-4327-BC4D-8E04FACBF9DA}] => (Allow) C:Program FilesqBittorrentqbittorrent.exe () [File not signed]
FirewallRules: [{9E408771-225B-468A-8D23-C1FEA49FA3DD}] => (Allow) C:Program FilesqBittorrentqbittorrent.exe () [File not signed]
FirewallRules: [{5D16CE75-DF89-4C67-8517-32CDD582F60C}] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)
FirewallRules: [{851A9878-5EFF-4173-8315-51FA47A64EC6}] => (Allow) C:Program Files (x86)PlexPlex Media ServerPlex Media Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{DE34D5DB-1A73-4825-BE68-B8B64001B0A6}] => (Allow) C:Program Files (x86)PlexPlex Media ServerPlexScriptHost.exe (Plex, Inc. -> Python Software Foundation)
FirewallRules: [{0DDF8637-7A8A-4558-B206-7ECE5E93820A}] => (Allow) C:Program Files (x86)PlexPlex Media ServerPlex DLNA Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{31B3A277-2B3B-4081-A4D8-EDB417CA8956}] => (Allow) C:Program Files (x86)PlexPlex Media ServerPlex Tuner Service.exe (Plex, Inc. -> )
FirewallRules: [{382AC4A9-8E88-438A-AF03-8619C5EF4787}] => (Allow) C:Program Files (x86)PlexPlex Media ServerPlex Game TranscoderPlex Game Transcoder.exe (Plex, Inc. -> )
FirewallRules: [{44F4D649-DDB9-4FD8-93F5-37C0FAFC825E}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplicationmsedge.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CF26B53F-265C-41CE-ACC3-1E815AF14BF5}] => (Allow) C:Program Files (x86)MicrosoftEdge BetaApplication90.0.818.27msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:100.96 GB) (Free:35.94 GB) (36%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/07/2021 01:32:07 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (04/07/2021 01:31:18 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (04/07/2021 01:31:13 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (04/07/2021 01:31:03 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (04/07/2021 06:13:23 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn’t complete retrim on 6TB Seagate (H:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
Error: (04/06/2021 11:19:37 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007007B
Command-line arguments:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=TimerEvent
Error: (04/06/2021 03:10:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmiprvse.exe, version: 10.0.19041.546, time stamp: 0x5da7ab91
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x80131623
Fault offset: 0x00007ffb8af9200f
Faulting process id: 0x3338
Faulting application start time: 0x01d72addc7b3421f
Faulting application path: C:WINDOWSsystem32wbemwmiprvse.exe
Faulting module path: unknown
Report Id: a24ffa9a-ffa6-4385-95a1-28d5d484bedd
Faulting package full name:
Faulting package-relative application ID:
Error: (04/06/2021 03:10:06 PM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application: wmiprvse.exe
Framework Version: v4.0.30319
Description: The application requested process termination through System.Environment.FailFast(string message).
Message: Unexpected exception thrown from the provider:
System.IO.FileLoadException:
File name: ‘Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35’
at Microsoft.AppV.AppvPublishingServerWMI.AppvPublishingServer.EnumeratePublishingServers()
Stack:
at System.Environment.FailFast(System.String)
at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink)
System errors:
=============
Error: (04/07/2021 01:30:56 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: The computer has rebooted from a bugcheck. The bugcheck was: 0x00000050 (0xfffff8005bd8108b, 0x0000000000000000, 0xfffff8000e61f1c2, 0x0000000000000002). A dump was saved in: C:WINDOWSMEMORY.DMP. Report Id: a578f374-dd04-4bee-af0b-0891d2fdf09f.
Error: (04/07/2021 01:30:45 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Initialization failed because the driver device could not be created.
Use the string “%2” to identify the interface for which initialization
failed. It represents the MAC address of the failed interface or the
Globally Unique Interface Identifier (GUID) if NetBT was unable to
map from GUID to MAC address. If neither the MAC address nor the GUID were
available, the string represents a cluster device name.
Error: (04/07/2021 01:30:45 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Initialization failed because the driver device could not be created.
Use the string “%2” to identify the interface for which initialization
failed. It represents the MAC address of the failed interface or the
Globally Unique Interface Identifier (GUID) if NetBT was unable to
map from GUID to MAC address. If neither the MAC address nor the GUID were
available, the string represents a cluster device name.
Error: (04/07/2021 01:30:39 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The Radarr-GR service depends on the following service: Radarr. This service might not be installed.
Error: (04/07/2021 01:30:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Fing.Agent service failed to start due to the following error:
The system cannot find the file specified.
Error: (04/07/2021 01:30:36 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 1:18:20 PM on 4/7/2021 was unexpected.
Error: (04/02/2021 11:18:30 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Initialization failed because the driver device could not be created.
Use the string “%2” to identify the interface for which initialization
failed. It represents the MAC address of the failed interface or the
Globally Unique Interface Identifier (GUID) if NetBT was unable to
map from GUID to MAC address. If neither the MAC address nor the GUID were
available, the string represents a cluster device name.
Error: (04/02/2021 11:18:30 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Initialization failed because the driver device could not be created.
Use the string “%2” to identify the interface for which initialization
failed. It represents the MAC address of the failed interface or the
Globally Unique Interface Identifier (GUID) if NetBT was unable to
map from GUID to MAC address. If neither the MAC address nor the GUID were
available, the string represents a cluster device name.
CodeIntegrity:
===============
Date: 2021-04-07 13:32:45
Description:
Windows is unable to verify the image integrity of the file DeviceHarddiskVolume6Program FilesESETESET Securityeamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1302 11/14/2012
Motherboard: ASUSTeK COMPUTER INC. M5A97 R2.0
Processor: AMD FX-8150 Eight-Core Processor
Percentage of memory in use: 75%
Total physical RAM: 8093.57 MB
Available physical RAM: 1947.1 MB
Total Virtual: 19737.09 MB
Available Virtual: 11014.46 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:100.96 GB) (Free:35.94 GB) NTFS
Drive h: (6TB Seagate) (Fixed) (Total:5589.01 GB) (Free:1183.53 GB) NTFS
\?Volume{0bc56457-e0f9-483b-9685-39db690af4f9} (Recovery) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\?Volume{0b759406-2098-4611-9bc1-44940868106e} () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\?Volume{1619e4dc-cbd6-40ef-8227-26b944619340} () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 5589 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
