Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 6.02.2019
Ran by guillaume (administrator) on TEST (06-02-2019 13:45:55)
Running from C:\Users\guillaume\Downloads
Loaded Profiles: guillaume (Available Profiles: guillaume)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(MSFree Inc.) C:\Windows\KMS\bin\KMSSS.exe
() C:\SteamLibrary\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
() C:\Windows\SysWOW64\WindowsInput.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
Failed to access process -> MusicMaker.exe
(ExKode Co. Ltd.) C:\Program Files (x86)\ExKode\Dxtory2.0\Dxtory.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ExKode Co. Ltd.) C:\Program Files (x86)\ExKode\Dxtory2.0\Dxtory64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(Druide informatique inc.) D:\DownloadSSD\antidote\Application\Bin32\AgentAntidote.exe
(Druide informatique inc.) D:\DownloadSSD\antidote\Application\Bin64\AgentAntidote.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Pushbullet inc) D:\program ssd\psuhbullet\Pushbullet\pushbullet.exe
(Apowersoft) D:\program ssd\dsadsa\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
() C:\ProgramData\iNmmvsANIm\System.exe
(Mega Limited) C:\Users\guillaume\AppData\Local\MEGAsync\MEGAsync.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TDUSrv64.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Code Systems Corporation) C:\Users\guillaume\AppData\Local\Turbo\19.1.1887.0\Turbo-Sandbox.exe
(Teleflex Incorporated) C:\Windows\Temp\_avast_\unp16258991.tmp
(Code Systems Corporation) C:\Users\guillaume\AppData\Local\Turbo\19.1.1887.0\Turbo-Launcher.exe
() C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.10\bin\TrayPopupE\TrayTipAgentE.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Emcor Group Inc.) C:\Program Files (x86)\touchpad\Synp.exe
(Pushbullet Inc) C:\Users\guillaume\AppData\Local\Pushbullet\bin\pushbullet_client.exe
(The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Users\guillaume\AppData\Roaming\Spotify\Spotify.exe
(Discord Inc.) C:\Users\guillaume\AppData\Local\Discord\app-0.0.304\Discord.exe
(Discord Inc.) C:\Users\guillaume\AppData\Local\Discord\app-0.0.304\Discord.exe
(Discord Inc.) C:\Users\guillaume\AppData\Local\Discord\app-0.0.304\Discord.exe
(Spotify Ltd) C:\Users\guillaume\AppData\Roaming\Spotify\Spotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Spotify Ltd) C:\Users\guillaume\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\guillaume\AppData\Roaming\Spotify\Spotify.exe
(Initex) C:\Users\guillaume\AppData\Roaming\VIP72 Socks Client\ProxifierPE3\Proxifier.exe
(Initex) C:\Users\guillaume\AppData\Roaming\VIP72 Socks Client\ProxifierPE3\Helper64.exe
() C:\Users\guillaume\AppData\Roaming\VIP72 Socks Client\vip72socks.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Discord Inc.) C:\Users\guillaume\AppData\Local\Discord\app-0.0.304\Discord.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Valve Corporation) D:\program ssd\steam\Steam.exe
(Valve Corporation) D:\program ssd\steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) D:\program ssd\steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) D:\program ssd\steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) D:\program ssd\steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) D:\program ssd\steam\bin\cef\cef.win7\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\Windows\system32\igfxpers.exe"
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-08] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-21] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [AgentAntidote32] => D:\DownloadSSD\antidote\Application\Bin32\AgentAntidote.exe [1653352 2017-09-12] (Druide Informatique Inc. -> Druide informatique inc.)
HKLM\...\Run: [AgentAntidote64] => D:\DownloadSSD\antidote\Application\Bin64\AgentAntidote.exe [1797736 2017-09-12] (Druide Informatique Inc. -> Druide informatique inc.)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2013-08-05] (Compal Electronics, Inc. -> TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA CORPORATION -> TOSHIBA)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4090176 2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.10\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd. -> )
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\RunOnce: [ASYNCMAC] => rundll32.exe streamci,StreamingDeviceSetup {eeab7790-c514-11d1-b42b-00805fc1270e},asyncmac,{ad498944-762f-11d0-8dcb-00c04fc3358c},C:\Windows\INF\netrasa.inf,Ndis-Mp-AsyncMac
HKU\S-1-5-21-3805808772-3452688692-1920293510-1001\...\Run: [Pushbullet] => D:\program ssd\psuhbullet\Pushbullet\pushbullet.exe [345600 2015-07-01] (Pushbullet inc)
HKU\S-1-5-21-3805808772-3452688692-1920293510-1001\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-3805808772-3452688692-1920293510-1001\...\Run: [ApowersoftScreenRecorder] => D:\program ssd\dsadsa\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe [3617944 2017-02-07] (Apowersoft Ltd -> Apowersoft)
HKU\S-1-5-21-3805808772-3452688692-1920293510-1001\...\Run: [VoiceAttack] => C:\SteamLibrary\steamapps\common\VoiceAttack\VoiceAttack.exe [5846008 2018-11-22] (VoiceAttack.com -> VoiceAttack.com)
HKU\S-1-5-21-3805808772-3452688692-1920293510-1001\...\Run: [Spotify] => C:\Users\guillaume\AppData\Roaming\Spotify\Spotify.exe [26154216 2019-01-31] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3805808772-3452688692-1920293510-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3805808772-3452688692-1920293510-1001\...\Run: [Windows 10 Update] => C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe [45152 2018-03-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3805808772-3452688692-1920293510-1001\...\Run: [touchpad] => C:\Program Files (x86)\touchpad\Synp.exe [2793472 2019-01-30] (Emcor Group Inc.)
HKLM\...\Drivers32: [vidc.xtor] => C:\Windows\system32\DxtoryCodec.dll [2606144 2015-08-10] (ExKode Co. Ltd.)
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( )
HKLM\...\Drivers32-x32: [vidc.xtor] => C:\Windows\SysWOW64\DxtoryCodec.dll [2499648 2015-08-10] (ExKode Co. Ltd.)
HKLM\...\Drivers32-x32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-20] (Google Inc -> Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2019-02-04]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
InternetURL: C:\Users\guillaume\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FqAVjWcHAv.url ->
Startup: C:\Users\guillaume\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-06-30]
ShortcutTarget: MEGAsync.lnk -> C:\Users\guillaume\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
Startup: C:\Users\guillaume\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\synp.exe.vbs [2019-02-04] ()
Startup: C:\Users\guillaume\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Turbo Sandbox Manager.lnk [2019-01-31]
ShortcutTarget: Turbo Sandbox Manager.lnk -> C:\Users\guillaume\AppData\Local\Turbo\19.1.1887.0\Turbo-Sandbox.exe (Code Systems Corporation)
Startup: C:\Users\guillaume\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TurboLauncher.lnk [2019-01-31]
ShortcutTarget: TurboLauncher.lnk -> C:\Users\guillaume\AppData\Local\Turbo\19.1.1887.0\Turbo-Launcher.exe (Code Systems Corporation)
BootExecute: autocheck autochk * aswBoot.exe /M:34097b9555 /A:"* " /L:"1033" /KBD:5 /dir:"C:\Program Files\AVAST Software\Avast"
GroupPolicy: Restriction ? <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 199.202.105.108 199.202.105.1
Tcpip\..\Interfaces\{36D2171C-A57F-46B4-B995-D6E62D4F80F7}: [DhcpNameServer] 199.202.105.108 199.202.105.1
Tcpip\..\Interfaces\{F456A0CD-13F2-4BD0-8E4A-B58889CF8AA9}: [DhcpNameServer] 172.20.1.13 172.20.1.12
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3805808772-3452688692-1920293510-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.toshiba.ca/welcome/?w=23
SearchScopes: HKU\S-1-5-21-3805808772-3452688692-1920293510-1001 -> {F4ED0519-C584-4DDA-BE93-FA0B93D040F6} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-01-31] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-31] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 6zl966uz.default
FF ProfilePath: C:\Users\guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\6zl966uz.default [2019-02-06]
FF user.js: detected! => C:\Users\guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\6zl966uz.default\user.js [2018-12-21]
FF NewTab: Mozilla\Firefox\Profiles\6zl966uz.default -> about:blank
FF Extension: (VPNetworksLLC Proxy) - C:\Users\guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\6zl966uz.default\Extensions\@VPNetworksLLC.xpi [2018-12-20]
FF Extension: (Antidote) - C:\Users\guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\6zl966uz.default\Extensions\antidote9_firefox@druide.com.xpi [2017-11-30]
FF Extension: (CryptoTab) - C:\Users\guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\6zl966uz.default\Extensions\cryptotab-ff@cryptotab.net.xpi [2018-10-10]
FF Extension: (TubeBuddy for YouTube) - C:\Users\guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\6zl966uz.default\Extensions\e389d8c2-5554-4ba2-a36e-ac7a57093130@gmail.com.xpi [2019-01-12]
FF Extension: (Spanish (Spain) Dictionary) - C:\Users\guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\6zl966uz.default\Extensions\es-es@dictionaries.addons.mozilla.org.xpi [2019-02-03]
FF Extension: (MEGA) - C:\Users\guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\6zl966uz.default\Extensions\firefox@mega.co.nz.xpi [2019-02-04]
FF Extension: (French spelling dictionary) - C:\Users\guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\6zl966uz.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org.xpi [2018-11-29]
FF Extension: (SaveFrom.net helper) - C:\Users\guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\6zl966uz.default\Extensions\helper@savefrom.net.xpi [2019-01-31]
FF Extension: (HTTPS Everywhere) - C:\Users\guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\6zl966uz.default\Extensions\https-everywhere@eff.org.xpi [2019-02-01]
FF Extension: (Honey) - C:\Users\guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\6zl966uz.default\Extensions\jid1-93CWPmRbVPjRQA@jetpack.xpi [2018-11-16]
FF Extension: (Pushbullet) - C:\Users\guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\6zl966uz.default\Extensions\jid1-BYcQOfYfmBMd9A@jetpack.xpi [2018-07-06]
FF Extension: (English (GB) Language Pack) - C:\Users\guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\6zl966uz.default\Extensions\langpack-en-GB@firefox.mozilla.org.xpi [2018-12-21]
FF Extension: (Español (España) Language Pack) - C:\Users\guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\6zl966uz.default\Extensions\langpack-es-ES@firefox.mozilla.org.xpi [2018-12-21]
FF Extension: (Français Language Pack) - C:\Users\guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\6zl966uz.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2018-12-21]
FF Extension: (British English Dictionary (Marco Pinto)) - C:\Users\guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\6zl966uz.default\Extensions\marcoagpinto@mail.telepac.pt.xpi [2019-01-31]
FF Extension: (Smart Referer) - C:\Users\guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\6zl966uz.default\Extensions\smart-referer@meh.paranoid.pk.xpi [2018-09-21]
FF Extension: (User-Agent Switcher) - C:\Users\guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\6zl966uz.default\Extensions\user-agent-switcher@ninetailed.ninja.xpi [2019-01-03]
FF Extension: (minerBlock) - C:\Users\guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\6zl966uz.default\Extensions\xd4rker@gmail.com.xpi [2019-02-05]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\6zl966uz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-01-31]
FF Extension: (Greasemonkey) - C:\Users\guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\6zl966uz.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2018-08-29]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-31] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3805808772-3452688692-1920293510-1001: @turbo.net/Turbo.net Plugin 3.33 -> C:\Users\guillaume\AppData\Local\Turbo\19.1.1887.0\npMozillaTurboPlugin.dll [2019-01-24] (Code Systems Corporation)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\guillaume\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-09-18]
CHR Profile: C:\Users\guillaume\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-02-04]
CHR Extension: (Slides) - C:\Users\guillaume\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-18]
CHR Extension: (Docs) - C:\Users\guillaume\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-18]
CHR Extension: (Google Drive) - C:\Users\guillaume\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-09-29]
CHR Extension: (YouTube) - C:\Users\guillaume\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-18]
CHR Extension: (Jaxx Liberty) - C:\Users\guillaume\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjelfplplebdjjenllpjcblmjkfcffne [2019-02-04]
CHR Extension: (Sheets) - C:\Users\guillaume\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-18]
CHR Extension: (Google Docs Offline) - C:\Users\guillaume\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-18]
CHR Extension: (Antidote) - C:\Users\guillaume\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbojggafdepnclikhiapkpinbfdhbdoi [2018-09-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\guillaume\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-18]
CHR Extension: (Gmail) - C:\Users\guillaume\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-09-18]
CHR Extension: (Chrome Media Router) - C:\Users\guillaume\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-22]
CHR Profile: C:\Users\guillaume\AppData\Local\Google\Chrome\User Data\System Profile [2018-09-18]
CHR HKLM-x32\...\Chrome\Extension: [lbojggafdepnclikhiapkpinbfdhbdoi] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
HKLM\SYSTEM\CurrentControlSet\Services\aswSP <==== ATTENTION (Rootkit!)
HKLM\SYSTEM\CurrentControlSet\Services\aswMonFlt <==== ATTENTION (Rootkit!)
HKLM\SYSTEM\CurrentControlSet\Services\aswSnx <==== ATTENTION (Rootkit!)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-03-19] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7252656 2018-08-27] (BattlEye Innovations e.K. -> )
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-30] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-06-30] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-06-07] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2018-10-25] (FUTUREMARK INC -> Futuremark)
U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-06-11] (Hi-Rez Studios) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [362912 2018-04-20] (Intel(R) pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 KMSEmulator; C:\Windows\KMS\bin\KMSSS.exe [38728 2017-10-19] (WZTeam -> MSFree Inc.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 Wallpaper Engine Service; C:\SteamLibrary\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe [356840 2018-08-11] (Kristjan Skutta -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WindowsInput; C:\Windows\SysWOW64\WindowsInput.exe [21504 2019-02-06] () [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 anvsnddrv; C:\Windows\system32\drivers\anvsnddrv.sys [34416 2016-03-24] (Anvsoft Inc. -> AnvSoft Inc.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4265984 2014-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Broadcom Corporation -> Windows (R) Win 7 DDK provider)
S3 CorsairAudioFilter; C:\Windows\system32\DRIVERS\corsveng2kamd64.sys [112808 2015-09-21] (Corsair Components, Inc. -> Corsair Components, Inc.)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [25032 2018-01-17] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 EPMVolFlt; C:\Windows\System32\drivers\EPMVolFlt.sys [21448 2018-07-20] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2016-07-11] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
S3 hmatap; C:\Windows\system32\DRIVERS\hmatap.sys [45560 2018-06-22] (Privax Limited -> The OpenVPN Project)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R0 iaStorA; C:\Windows\System32\drivers\iaStorA.sys [632168 2013-11-21] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
R3 igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [4943768 2018-04-20] (Intel(R) pGFX -> Intel Corporation)
S3 intaud_WaveExtensible; C:\Windows\system32\drivers\intelaud.sys [51704 2015-11-17] (Intel(R) Wireless Display -> Intel Corporation)
S3 IntcDAud; C:\Windows\system32\DRIVERS\IntcDAud.sys [450520 2014-01-23] (Intel Corporation - Software and Firmware Products -> Intel(R) Corporation)
R3 iwdbus; C:\Windows\System32\drivers\iwdbus.sys [39920 2015-11-17] (Intel(R) Wireless Display -> Intel Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [206496 2017-10-17] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S0 nvraid; C:\Windows\System32\drivers\nvraid.sys [150368 2013-08-22] (Microsoft Windows -> NVIDIA Corporation)
S0 nvstor; C:\Windows\System32\drivers\nvstor.sys [168288 2013-08-22] (Microsoft Windows -> NVIDIA Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291032 2013-11-22] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S0 SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [44896 2013-08-22] (Microsoft Windows -> Silicon Integrated Systems Corp.)
S0 SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [81760 2013-08-22] (Microsoft Windows -> Silicon Integrated Systems)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-02-21] (Synaptics Incorporated -> Synaptics Incorporated)
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [46408 2017-12-15] (SteelSeries ApS -> SteelSeries ApS)
R3 sshid; C:\Windows\System32\drivers\sshid.sys [46544 2018-09-13] (SteelSeries ApS -> SteelSeries ApS)
R3 tap0901; C:\Windows\system32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [33168 2013-11-01] (TOSHIBA CORPORATION -> Windows (R) Win 7 DDK provider)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2015-04-24] (Microsoft Windows -> Microsoft Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [212744 2018-07-09] (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2018-11-12] (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-06 13:45 - 2019-02-06 13:46 - 000030813 _____ C:\Users\guillaume\Downloads\FRST.txt
2019-02-06 13:45 - 2019-02-06 13:45 - 002433536 _____ (Farbar) C:\Users\guillaume\Downloads\FRST64.exe
2019-02-06 13:45 - 2019-02-06 13:45 - 000000000 ____D C:\Users\guillaume\Downloads\FRST-OlderVersion
2019-02-06 13:45 - 2019-02-06 13:45 - 000000000 ____D C:\FRST
2019-02-06 13:29 - 2019-02-06 13:29 - 000519656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswcb19eefa6cce77d3.tmp
2019-02-06 13:29 - 2019-02-06 13:29 - 000320696 _____ (AVAST Software) C:\Windows\system32\Drivers\asw4adf6fe54f46aa59.tmp
2019-02-06 13:29 - 2019-02-06 13:29 - 000225680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswa9dcd60ccdafc594.tmp
2019-02-06 13:29 - 2019-02-06 13:29 - 000216784 _____ (AVAST Software) C:\Windows\system32\Drivers\asw6c81e6878e92a4da.tmp
2019-02-06 13:29 - 2019-02-06 13:29 - 000196072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbf945a269b042aaa.tmp
2019-02-06 13:29 - 2019-02-06 13:29 - 000057960 _____ (AVAST Software) C:\Windows\system32\Drivers\asw5a78525fac7a9c28.tmp
2019-02-06 13:29 - 2019-02-06 11:32 - 000362888 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-02-06 13:26 - 2019-02-06 13:26 - 000269312 _____ (DAMN) C:\Users\guillaume\Downloads\DAMN_NFO_Viewer_v2-10-0032-RC3.exe
2019-02-06 13:26 - 2019-02-06 13:26 - 000000000 ____D C:\Program Files (x86)\DAMN NFO Viewer
2019-02-06 13:17 - 2019-02-06 13:17 - 000027719 _____ C:\Users\guillaume\Downloads\Avast Premium 2019 v19.1 Français + code d'activation [WINDOWS].torrent
2019-02-06 13:11 - 2019-02-06 13:11 - 000037104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswe0a09e7860f9c83b.tmp
2019-02-06 13:01 - 2019-02-06 13:01 - 000519656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbda878eb712936b5.tmp
2019-02-06 13:01 - 2019-02-06 13:01 - 000320696 _____ (AVAST Software) C:\Windows\system32\Drivers\asw20754f15df2d7833.tmp
2019-02-06 13:01 - 2019-02-06 13:01 - 000225680 _____ (AVAST Software) C:\Windows\system32\Drivers\asw4deb915b03be0843.tmp
2019-02-06 13:01 - 2019-02-06 13:01 - 000216784 _____ (AVAST Software) C:\Windows\system32\Drivers\asw97402a5d5c73e73e.tmp
2019-02-06 13:01 - 2019-02-06 13:01 - 000196072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswe19a2266ef9b74ef.tmp
2019-02-06 13:01 - 2019-02-06 13:01 - 000057960 _____ (AVAST Software) C:\Windows\system32\Drivers\aswb03b8de34e3fe4f3.tmp
2019-02-06 11:37 - 2019-02-06 11:37 - 000000000 ____D C:\Users\guillaume\AppData\Roaming\AVAST Software
2019-02-06 11:33 - 2019-02-06 11:33 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-02-06 11:32 - 2019-02-06 11:32 - 001034432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswd10dc0f818f0f1d0.tmp
2019-02-06 11:32 - 2019-02-06 11:32 - 001034432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswd0b15eef31672f6c.tmp
2019-02-06 11:32 - 2019-02-06 11:32 - 001034432 _____ (AVAST Software) C:\Windows\system32\Drivers\asw7f60d7cb4e8598ae.tmp
2019-02-06 11:32 - 2019-02-06 11:32 - 001034432 _____ (AVAST Software) C:\Windows\system32\Drivers\asw126c1ad9c55de180.tmp
2019-02-06 11:32 - 2019-02-06 11:32 - 000474456 _____ (AVAST Software) C:\Windows\system32\Drivers\asw5d6b75d59f875f64.tmp
2019-02-06 11:32 - 2019-02-06 11:32 - 000474456 _____ (AVAST Software) C:\Windows\system32\Drivers\asw508cf256de31e419.tmp
2019-02-06 11:32 - 2019-02-06 11:32 - 000474456 _____ (AVAST Software) C:\Windows\system32\Drivers\asw0858b54b0afa6982.tmp
2019-02-06 11:32 - 2019-02-06 11:32 - 000474456 _____ (AVAST Software) C:\Windows\system32\Drivers\asw00b14cd6313a5d67.tmp
2019-02-06 11:32 - 2019-02-06 11:32 - 000379952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswe4396c006a136fd0.tmp
2019-02-06 11:32 - 2019-02-06 11:32 - 000379952 _____ (AVAST Software) C:\Windows\system32\Drivers\asw4a0a58cc5dda3d33.tmp
2019-02-06 11:32 - 2019-02-06 11:32 - 000379952 _____ (AVAST Software) C:\Windows\system32\Drivers\asw44eff291d83c659d.tmp
2019-02-06 11:32 - 2019-02-06 11:32 - 000379952 _____ (AVAST Software) C:\Windows\system32\Drivers\asw0338491c1ff2b167.tmp
2019-02-06 11:32 - 2019-02-06 11:32 - 000205400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswa9c5f3e6eb28b559.tmp
2019-02-06 11:32 - 2019-02-06 11:32 - 000205400 _____ (AVAST Software) C:\Windows\system32\Drivers\asw723a376af37b39ba.tmp
2019-02-06 11:32 - 2019-02-06 11:32 - 000205400 _____ (AVAST Software) C:\Windows\system32\Drivers\asw388761c4ac249b53.tmp
2019-02-06 11:32 - 2019-02-06 11:32 - 000205400 _____ (AVAST Software) C:\Windows\system32\Drivers\asw37d050e05bb45a1f.tmp
2019-02-06 11:32 - 2019-02-06 11:32 - 000167304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswfc2b3569bb053eb9.tmp
2019-02-06 11:32 - 2019-02-06 11:32 - 000167304 _____ (AVAST Software) C:\Windows\system32\Drivers\asw691c67f18bde8eff.tmp
2019-02-06 11:32 - 2019-02-06 11:32 - 000167304 _____ (AVAST Software) C:\Windows\system32\Drivers\asw19c608e3062793b7.tmp
2019-02-06 11:32 - 2019-02-06 11:32 - 000167304 _____ (AVAST Software) C:\Windows\system32\Drivers\asw0bb453a6cf02fec7.tmp
2019-02-06 11:32 - 2019-02-06 11:32 - 000087944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswf580d7f41ccf3440.tmp
2019-02-06 11:32 - 2019-02-06 11:32 - 000087944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswdc66541a031faaef.tmp
2019-02-06 11:32 - 2019-02-06 11:32 - 000087944 _____ (AVAST Software) C:\Windows\system32\Drivers\asw11ab35160d2e6667.tmp
2019-02-06 11:32 - 2019-02-06 11:32 - 000087944 _____ (AVAST Software) C:\Windows\system32\Drivers\asw056f81d3d43b33e6.tmp
2019-02-06 11:32 - 2019-02-06 11:32 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\asw64662bd68d7419be.tmp
2019-02-06 11:32 - 2019-02-06 11:32 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\asw1d38cb1d02c66eca.tmp
2019-02-06 11:32 - 2019-02-06 11:32 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\asw0623b6cc849f2bbd.tmp
2019-02-06 11:32 - 2019-02-06 11:32 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\asw05cf0dc94bfcc118.tmp
2019-02-06 11:32 - 2019-02-06 11:32 - 000037104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswf9ca6a78d74fdf15.tmp
2019-02-06 11:32 - 2019-02-06 11:32 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-02-06 11:30 - 2019-02-06 11:30 - 000000000 ____D C:\Program Files\AVAST Software
2019-02-06 11:20 - 2019-02-06 11:32 - 000000000 ____D C:\ProgramData\AVAST Software
2019-02-05 21:42 - 2019-02-05 21:42 - 000000000 ____D C:\Users\guillaume\Documents\music magic
2019-02-05 21:13 - 2019-02-05 21:13 - 000000751 _____ C:\Users\Public\Desktop\Music Maker.lnk
2019-02-05 21:13 - 2019-02-05 21:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2019-02-05 16:40 - 2019-02-05 16:40 - 000000000 ____D C:\ProgramData\Mozilla
2019-02-04 12:05 - 2019-02-06 13:41 - 000000000 ____D C:\ProgramData\iNmmvsANIm
2019-02-04 10:14 - 2019-02-04 13:32 - 000003302 _____ C:\Windows\System32\Tasks\TorGuard Autostart
2019-02-04 10:13 - 2019-02-04 10:13 - 000002115 _____ C:\Users\Public\Desktop\TorGuard.lnk
2019-02-04 10:13 - 2019-02-04 10:13 - 000000000 ____D C:\Users\guillaume\AppData\Local\VPNetworkLLC
2019-02-04 10:13 - 2019-02-04 10:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VPNetwork LLC
2019-02-04 10:13 - 2019-02-04 10:13 - 000000000 ____D C:\Program Files\TAP-Windows
2019-02-04 10:12 - 2019-02-04 10:12 - 033885176 _____ C:\Users\guillaume\Downloads\torguard-setup-latest.exe
2019-02-04 10:12 - 2019-02-04 10:12 - 000000000 ____D C:\Program Files (x86)\VPNetwork LLC
2019-02-03 16:50 - 2019-02-06 12:59 - 000000000 ____D C:\Users\guillaume\AppData\Roaming\Memlog
2019-02-03 16:48 - 2019-02-06 13:41 - 000000000 ____D C:\Users\guillaume\AppData\Roaming\Orcus
2019-02-03 16:48 - 2019-02-06 11:48 - 000021504 _____ C:\Windows\SysWOW64\WindowsInput.exe
2019-02-03 16:48 - 2019-02-03 16:48 - 000007466 _____ C:\Windows\SysWOW64\WindowsInput.InstallState
2019-02-03 16:48 - 2019-02-03 16:48 - 000000357 _____ C:\Windows\SysWOW64\WindowsInput.exe.config
2019-02-03 16:48 - 2019-02-03 16:48 - 000000000 ____D C:\Program Files (x86)\touchpad
2019-02-03 16:47 - 2019-02-06 11:19 - 001261056 _____ (Teleflex Incorporated) C:\Users\guillaume\AppData\Roaming\Workk.exe
2019-02-03 16:47 - 2019-02-06 11:19 - 000000032 _____ C:\Users\guillaume\Documents\Workk.txt
2019-02-03 16:47 - 2019-02-03 16:47 - 003030531 _____ C:\Users\guillaume\Downloads\account-generator.rar
2019-02-03 16:43 - 2019-02-03 16:44 - 000000000 ____D C:\Users\guillaume\AppData\Roaming\YTMonster
2019-02-03 16:43 - 2019-02-03 16:43 - 000002393 _____ C:\Users\guillaume\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTMonster.lnk
2019-02-03 16:43 - 2019-02-03 16:43 - 000002385 _____ C:\Users\guillaume\Desktop\YTMonster.lnk
2019-02-03 16:43 - 2019-02-03 16:43 - 000000000 ____D C:\Users\guillaume\AppData\Local\ytmonster-updater
2019-02-03 16:42 - 2019-02-03 16:43 - 039261288 _____ (YTMonster) C:\Users\guillaume\Downloads\YTMonster Setup 0.2.0.exe
2019-02-03 14:54 - 2019-02-03 14:54 - 000000000 ____D C:\ProgramData\simplitec
2019-02-03 14:30 - 2019-02-03 16:49 - 000000058 _____ C:\Users\guillaume\Downloads\instance-1.rdp
2019-02-03 14:28 - 2019-02-03 14:28 - 000000000 ____H C:\Users\guillaume\Documents\Default.rdp
2019-02-01 11:12 - 2019-02-01 11:12 - 000000214 _____ C:\Users\guillaume\Desktop\Trove.url
2019-01-31 20:41 - 2019-01-31 20:41 - 000000000 ____D C:\Users\guillaume\Desktop\OneDriveBackupFiles
2019-01-31 20:40 - 2019-01-31 20:40 - 000000000 ____D C:\Temp
2019-01-31 20:34 - 2019-01-31 20:34 - 000033859 _____ C:\Users\guillaume\Downloads\Windows10Debloater-master.zip
2019-01-31 20:34 - 2019-01-31 20:34 - 000000000 ____D C:\Users\guillaume\Downloads\Windows10Debloater-master
2019-01-31 19:10 - 2019-01-08 22:34 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-01-31 19:10 - 2019-01-08 22:21 - 000102400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-01-31 19:10 - 2018-12-08 11:01 - 000513376 _____ C:\Windows\SysWOW64\locale.nls
2019-01-31 19:10 - 2018-12-08 11:01 - 000513376 _____ C:\Windows\system32\locale.nls
2019-01-31 19:10 - 2018-12-02 05:08 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2019-01-31 19:10 - 2018-12-01 11:44 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2019-01-31 19:10 - 2018-10-12 08:19 - 000998480 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-01-31 03:05 - 2019-01-31 03:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-01-22 08:14 - 2019-01-22 08:14 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2019-01-22 08:14 - 2019-01-22 08:14 - 000047800 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2019-01-22 08:14 - 2019-01-22 08:14 - 000047800 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2019-01-22 08:14 - 2019-01-22 08:14 - 000047800 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2019-01-15 15:05 - 2019-01-15 15:05 - 000014705 _____ C:\Users\guillaume\AppData\Local\recently-used.xbel
2019-01-14 19:29 - 2019-01-14 19:29 - 000783680 _____ C:\Users\guillaume\Downloads\Untitled.jpeg
2019-01-14 17:48 - 2019-01-14 17:48 - 000000028 _____ C:\Windows\OutLog.txt
2019-01-14 11:48 - 2019-01-14 12:06 - 000000000 ____D C:\Users\guillaume\Downloads\antidote
2019-01-14 11:45 - 2019-01-14 11:45 - 000037062 _____ C:\Users\guillaume\Downloads\runasdate.zip
2019-01-13 20:16 - 2019-01-13 20:16 - 000000000 ____D C:\Windows\SysWOW64\rufus_files
2019-01-13 16:48 - 2019-01-13 16:50 - 000000000 ____D C:\Users\guillaume\Downloads\KMS Tools Portable (01.08.2018 par Ratiborus)
2019-01-13 16:28 - 2019-02-02 13:05 - 000000000 ____D C:\Users\guillaume\Documents\MEGAsync Downloads
2019-01-12 19:53 - 2019-01-12 20:08 - 2304094056 _____ C:\Users\guillaume\Downloads\facebook-guillaumedoyon117.zip
2019-01-11 14:08 - 2019-01-11 14:08 - 000000000 ____D C:\Users\guillaume\AppData\Roaming\PACE Anti-Piracy
2019-01-11 14:08 - 2019-01-11 14:08 - 000000000 ____D C:\Users\guillaume\AppData\Local\PACE Anti-Piracy
2019-01-11 14:08 - 2019-01-11 14:08 - 000000000 ____D C:\ProgramData\PACE Anti-Piracy
2019-01-11 14:05 - 2019-01-11 14:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2019-01-11 14:05 - 2019-01-11 14:05 - 000000000 ____D C:\Program Files (x86)\My Company Name
2019-01-11 14:05 - 2019-01-11 14:05 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-01-11 14:05 - 2011-11-03 03:01 - 000056208 ____N (Rovi Corporation) C:\Windows\system32\Drivers\PxHlpa64.sys
2019-01-11 14:05 - 2011-10-17 03:00 - 000010224 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys
2019-01-11 14:05 - 2011-10-17 03:00 - 000010224 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys
2019-01-11 13:48 - 2019-01-11 13:48 - 000715038 _____ C:\Windows\unins000.exe
2019-01-11 13:48 - 2019-01-11 13:48 - 000001990 _____ C:\Windows\unins000.dat
2019-01-11 13:48 - 2011-12-07 19:37 - 000148992 _____ ( ) C:\Windows\system32\lagarith.dll
2019-01-11 13:48 - 2011-12-07 19:32 - 000216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2019-01-09 17:03 - 2018-07-05 21:04 - 000000490 _____ C:\Users\guillaume\Documents\1 - Copy
2019-01-09 15:47 - 2019-01-09 15:47 - 000000211 _____ C:\Users\guillaume\Desktop\Counter-Strike Global Offensive.url
2019-01-09 11:18 - 2018-12-27 19:01 - 025738240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-01-09 11:18 - 2018-12-27 18:25 - 020279808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-01-09 11:18 - 2018-12-27 17:48 - 015284224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-01-09 11:18 - 2018-12-27 17:29 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-01-09 11:18 - 2018-12-08 15:22 - 007371720 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-01-09 11:18 - 2018-12-08 06:23 - 000121272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2019-01-09 11:18 - 2018-12-08 03:13 - 002534664 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-01-09 11:18 - 2018-11-28 03:08 - 015441408 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-01-09 11:18 - 2018-11-28 03:04 - 013322240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-01-09 11:17 - 2018-12-27 21:12 - 000444368 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-01-09 11:17 - 2018-12-27 21:12 - 000178128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-01-09 11:17 - 2018-12-27 19:24 - 000333768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-01-09 11:17 - 2018-12-27 18:38 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-01-09 11:17 - 2018-12-27 18:36 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-01-09 11:17 - 2018-12-27 18:31 - 005778944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-01-09 11:17 - 2018-12-27 18:25 - 000790016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-01-09 11:17 - 2018-12-27 18:17 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-01-09 11:17 - 2018-12-27 18:05 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-01-09 11:17 - 2018-12-27 18:02 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-01-09 11:17 - 2018-12-27 17:56 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2019-01-09 11:17 - 2018-12-27 17:55 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-01-09 11:17 - 2018-12-27 17:50 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-01-09 11:17 - 2018-12-27 17:49 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-01-09 11:17 - 2018-12-27 17:48 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-01-09 11:17 - 2018-12-27 17:48 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-01-09 11:17 - 2018-12-27 17:48 - 000381440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-01-09 11:17 - 2018-12-27 17:47 - 001441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-01-09 11:17 - 2018-12-27 17:45 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-01-09 11:17 - 2018-12-27 17:41 - 000963072 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-01-09 11:17 - 2018-12-27 17:34 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2019-01-09 11:17 - 2018-12-27 17:33 - 004860416 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-01-09 11:17 - 2018-12-27 17:33 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-01-09 11:17 - 2018-12-27 17:31 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-01-09 11:17 - 2018-12-27 17:29 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-01-09 11:17 - 2018-12-27 17:29 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-01-09 11:17 - 2018-12-27 17:29 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-01-09 11:17 - 2018-12-27 17:24 - 000780800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-01-09 11:17 - 2018-12-27 17:22 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-01-09 11:17 - 2018-12-27 17:11 - 004386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-01-09 11:17 - 2018-12-27 17:11 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-01-09 11:17 - 2018-12-27 17:11 - 000785408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2019-01-09 11:17 - 2018-12-27 17:07 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-01-09 11:17 - 2018-12-27 17:06 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-01-09 11:17 - 2018-12-27 17:05 - 000566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2019-01-09 11:17 - 2018-12-08 15:22 - 002014152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-01-09 11:17 - 2018-12-08 14:00 - 000080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2019-01-09 11:17 - 2018-12-08 01:25 - 002173040 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2019-01-09 11:17 - 2018-12-08 00:56 - 001901896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-01-09 11:17 - 2018-12-08 00:32 - 001563376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2019-01-09 11:17 - 2018-12-07 22:49 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-01-09 11:17 - 2018-12-07 09:24 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-01-09 11:17 - 2018-11-28 04:39 - 004168704 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-01-09 11:17 - 2018-11-28 03:34 - 000323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2019-01-09 11:17 - 2018-11-28 03:17 - 000200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2019-01-09 11:17 - 2018-11-10 14:42 - 001368584 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-01-09 11:17 - 2018-11-10 13:54 - 001308456 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-01-09 11:17 - 2018-11-10 13:53 - 000356088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2019-01-09 11:17 - 2018-11-10 11:34 - 001754112 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-01-09 11:17 - 2018-11-10 11:25 - 001085440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-01-09 11:17 - 2018-11-10 11:22 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-01-09 11:17 - 2018-11-10 11:15 - 001491968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-01-09 11:17 - 2018-11-03 10:25 - 002348032 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2019-01-09 11:17 - 2018-11-03 10:11 - 001556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2019-01-08 21:33 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2019-01-08 20:44 - 2019-01-08 20:44 - 000000000 ____D C:\Users\guillaume\AppData\Local\DiscordGames
2019-01-08 19:13 - 2019-01-08 19:13 - 000000000 ____D C:\Users\guillaume\AppData\Local\Hinterland
2019-01-08 16:14 - 2019-01-08 16:14 - 000000000 ____D C:\Program Files (x86)\VoiceAttack
2019-01-08 15:32 - 2019-01-08 15:32 - 000000214 _____ C:\Users\guillaume\Desktop\Borderlands The Pre-Sequel.url
2019-01-08 15:32 - 2019-01-08 15:32 - 000000212 _____ C:\Users\guillaume\Desktop\BioShock Infinite.url
2019-01-08 15:31 - 2019-01-08 15:31 - 000000213 _____ C:\Users\guillaume\Desktop\GRID 2.url
2019-01-08 15:31 - 2019-01-08 15:31 - 000000213 _____ C:\Users\guillaume\Desktop\Grand Theft Auto San Andreas.url
2019-01-08 15:30 - 2019-01-08 15:30 - 000000214 _____ C:\Users\guillaume\Desktop\The Long Dark.url
2019-01-08 13:11 - 2019-01-08 13:11 - 000000000 ____D C:\Users\guillaume\AppData\Local\Steam_Library_Manager
2019-01-07 14:45 - 2019-01-07 14:45 - 014417920 _____ C:\Windows\system32\config\System.epmtempreg
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-02-06 13:47 - 2018-06-30 09:48 - 000000000 ____D C:\Users\guillaume\AppData\Roaming\Spotify
2019-02-06 13:34 - 2018-07-14 09:39 - 000000000 ____D C:\Users\guillaume\AppData\Roaming\FileZilla
2019-02-06 13:34 - 2018-06-29 21:14 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3805808772-3452688692-1920293510-1001
2019-02-06 13:25 - 2018-06-30 09:23 - 000000000 ____D C:\Users\guillaume\AppData\LocalLow\Mozilla
2019-02-06 13:24 - 2018-08-15 14:25 - 000000000 ____D C:\Users\guillaume\Downloads\New folder (2)
2019-02-06 13:12 - 2018-06-30 09:56 - 000000924 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2019-02-06 11:44 - 2013-08-22 08:36 - 000000000 ____D C:\Windows\Inf
2019-02-06 11:22 - 2014-04-07 21:15 - 000094198 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-06 11:22 - 2013-08-28 20:28 - 000092306 _____ C:\Windows\system32\perfh00C.dat
2019-02-06 11:22 - 2013-08-28 20:28 - 000021506 _____ C:\Windows\system32\perfc00C.dat
2019-02-06 11:19 - 2018-06-30 09:41 - 000000000 ____D C:\Users\guillaume\AppData\Local\Pushbullet
2019-02-06 11:19 - 2018-06-30 09:11 - 000000000 ____D C:\Users\guillaume\AppData\Local\CrashDumps
2019-02-06 11:18 - 2018-07-04 06:48 - 000000000 __SHD C:\Users\guillaume\IntelGraphicsProfiles
2019-02-06 11:18 - 2018-06-30 09:56 - 000000920 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2019-02-05 21:11 - 2018-10-09 17:13 - 000000000 ____D C:\Program Files\AMD
2019-02-05 20:22 - 2018-07-04 10:14 - 000000000 ____D C:\Users\guillaume\AppData\Local\Nox
2019-02-05 20:20 - 2018-10-18 11:54 - 000000000 ____D C:\Users\guillaume\.BigNox
2019-02-05 20:20 - 2018-07-04 10:17 - 000000000 ____D C:\Users\guillaume\.android
2019-02-05 20:20 - 2018-07-04 10:16 - 000000000 ____D C:\Users\guillaume\vmlogs
2019-02-05 18:56 - 2018-10-06 15:12 - 000000000 ____D C:\Users\guillaume\AppData\Local\Battle.net
2019-02-05 16:40 - 2018-06-30 09:23 - 000000959 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-02-05 16:40 - 2018-06-30 09:23 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-02-05 16:40 - 2018-06-30 09:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-02-05 16:37 - 2013-08-22 09:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-05 16:16 - 2018-07-29 18:13 - 000000000 ____D C:\Users\guillaume\AppData\Local\Greenshot
2019-02-05 16:16 - 2018-06-29 21:09 - 000000000 ____D C:\Users\guillaume\AppData\Local\VirtualStore
2019-02-04 10:55 - 2018-07-03 12:28 - 000000000 ____D C:\Users\guillaume\AppData\Roaming\steelseries-engine-3-client
2019-02-04 10:52 - 2018-06-30 09:54 - 000000000 ___RD C:\Users\guillaume\Documents\MEGA
2019-02-04 10:52 - 2013-08-22 08:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2019-02-03 17:52 - 2013-08-22 10:36 - 000000000 ____D C:\Windows\system32\FxsTmp
2019-02-01 11:11 - 2018-06-30 09:49 - 000000000 ____D C:\Users\guillaume\AppData\Local\Spotify
2019-01-31 20:41 - 2018-06-29 21:08 - 000000000 ____D C:\Users\guillaume
2019-01-31 20:31 - 2018-06-29 21:08 - 000000000 ____D C:\Users\guillaume\AppData\Local\Packages
2019-01-31 19:24 - 2013-08-22 10:20 - 000000000 ____D C:\Windows\CbsTemp
2019-01-31 19:02 - 2018-07-14 09:39 - 000001073 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2019-01-31 19:02 - 2018-07-14 09:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2019-01-31 06:49 - 2018-08-27 13:38 - 000099192 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2019-01-31 06:49 - 2018-08-27 13:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-01-31 06:49 - 2018-08-27 13:38 - 000000000 ____D C:\Program Files (x86)\Java
2019-01-31 06:49 - 2018-06-30 10:24 - 000000000 ____D C:\Users\guillaume\AppData\Roaming\discord
2019-01-31 03:05 - 2018-06-30 09:56 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-01-31 03:05 - 2018-06-30 09:52 - 000000000 ____D C:\Users\guillaume\AppData\Local\MEGAsync
2019-01-31 03:04 - 2018-07-19 13:04 - 000000000 ____D C:\Users\guillaume\AppData\Local\Turbo
2019-01-20 23:16 - 2018-07-06 10:17 - 000000000 ____D C:\Users\guillaume\AppData\Local\ElevatedDiagnostics
2019-01-15 19:13 - 2018-12-20 16:04 - 000002238 _____ C:\Users\guillaume\Desktop\Discord.lnk
2019-01-15 19:13 - 2018-12-20 16:04 - 000000000 ____D C:\Users\guillaume\AppData\Local\Discord
2019-01-15 19:13 - 2018-06-30 10:24 - 000000000 ____D C:\Users\guillaume\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2019-01-15 15:07 - 2018-07-31 13:48 - 000000000 ____D C:\Users\guillaume\AppData\Local\babl-0.1
2019-01-15 15:05 - 2018-07-31 13:58 - 000000000 ____D C:\Users\guillaume\AppData\Local\gtk-2.0
2019-01-14 16:01 - 2013-08-22 09:44 - 005239864 _____ C:\Windows\system32\FNTCACHE.DAT
2019-01-14 11:59 - 2018-11-22 14:48 - 000000258 __RSH C:\ProgramData\ntuser.pol
2019-01-13 20:31 - 2018-09-07 17:14 - 000000000 ____D C:\Program Files (x86)\MAGIX
2019-01-13 20:30 - 2014-06-17 07:28 - 000000000 ____D C:\ProgramData\Package Cache
2019-01-13 20:16 - 2018-11-28 11:45 - 000000165 _____ C:\Windows\SysWOW64\rufus.ini
2019-01-11 14:19 - 2013-08-22 10:36 - 000000000 ____D C:\Windows\rescache
2019-01-11 14:14 - 2018-07-14 10:59 - 000000000 ____D C:\Users\guillaume\AppData\Local\Adobe
2019-01-11 14:08 - 2018-06-29 21:09 - 000000000 ____D C:\Users\guillaume\AppData\Roaming\Adobe
2019-01-11 14:08 - 2017-05-19 20:57 - 000000000 ___HD C:\Users\guillaume\AppData\Local\JhCByIBn
2019-01-11 14:06 - 2018-07-31 11:55 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2019-01-11 14:06 - 2018-07-31 11:55 - 000000000 ____D C:\Program Files\Adobe
2019-01-11 14:06 - 2018-07-31 11:54 - 000000000 ____D C:\Program Files\Common Files\Adobe
2019-01-11 14:05 - 2018-07-14 10:57 - 000000000 ____D C:\ProgramData\Adobe
2019-01-11 14:04 - 2018-07-31 11:54 - 000001533 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2019-01-11 14:04 - 2018-07-31 11:54 - 000001521 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk
2019-01-10 12:52 - 2018-11-14 16:05 - 000000000 ____D C:\Users\guillaume\AppData\Roaming\Skype
2019-01-09 16:48 - 2017-06-05 20:16 - 000000000 ____D C:\MUSICA 007
2019-01-09 16:43 - 2018-07-20 17:12 - 000000000 ____D C:\Program Files (x86)\Futuremark
2019-01-09 11:27 - 2018-07-04 19:13 - 000000000 ____D C:\Windows\system32\MRT
2019-01-09 11:22 - 2018-07-04 19:13 - 132790320 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-01-09 10:22 - 2018-06-30 14:04 - 000000549 _____ C:\Users\guillaume\Desktop\4K Video Downloader.lnk
2019-01-09 10:22 - 2018-06-30 14:04 - 000000549 _____ C:\Users\guillaume\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\4K Video Downloader.lnk
2019-01-08 12:44 - 2018-11-15 12:08 - 000000000 __RHD C:\Windows\KMS
2019-01-07 14:45 - 2018-12-29 20:33 - 000006016 ____H C:\Windows\EPMBatch.ept
==================== Files in the root of some directories =======
2018-11-22 09:38 - 2018-11-22 09:42 - 000003072 _____ () C:\Users\guillaume\AppData\Roaming\bfs.settings
2019-02-03 16:47 - 2019-02-06 11:19 - 001261056 _____ (Teleflex Incorporated) C:\Users\guillaume\AppData\Roaming\Workk.exe
2018-11-12 21:49 - 2018-12-05 14:38 - 000000600 _____ () C:\Users\guillaume\AppData\Local\PUTTY.RND
2019-01-15 15:05 - 2019-01-15 15:05 - 000014705 _____ () C:\Users\guillaume\AppData\Local\recently-used.xbel
2018-11-23 12:01 - 2018-11-23 12:04 - 000000199 _____ () C:\Users\guillaume\AppData\Local\TheBestSpinner_Export.dat
Some files in TEMP:
====================
2019-01-31 06:47 - 2019-01-31 06:47 - 001974624 _____ (Oracle Corporation) C:\Users\guillaume\AppData\Local\Temp\jre-8u201-windows-au.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2019-01-31 19:22
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 6.02.2019
Ran by guillaume (06-02-2019 13:47:19)
Running from C:\Users\guillaume\Downloads
Windows 8.1 (Update) (X64) (2018-06-30 02:08:53)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3805808772-3452688692-1920293510-500 - Administrator - Disabled)
Guest (S-1-5-21-3805808772-3452688692-1920293510-501 - Limited - Disabled)
guillaume (S-1-5-21-3805808772-3452688692-1920293510-1001 - Administrator - Enabled) => C:\Users\guillaume
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3DMark (HKLM-x32\...\{F1A6C690-C12C-4E7A-B4BD-958678215418}) (Version: 1.0 - Futuremark)
4K Stogram 2.6 (HKLM\...\{CBD24523-4E64-4DFB-8311-05019EFD0D6B}) (Version: 2.6.14.1590 - Open Media LLC)
4K Video Downloader 4.4 (HKLM\...\{62C59C21-F5F5-41A1-B575-DE37FEAA285B}) (Version: 4.4.11.2412 - Open Media LLC)
4K YouTube to MP3 3.3 (HKLM-x32\...\{7DD40CC0-533F-4EF3-9DDC-1B6B91C8567D}) (Version: 3.3.6.1809 - Open Media LLC)
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Acapela Synthèse de la Parole pour le WordQ 4 (français) (HKLM-x32\...\{F0ADA798-6CB1-49FB-A2D3-060FFA25D60E}) (Version: 9.1.1 - Quillsoft Ltd.)
Acapela Text to Speech for WordQ 4 (Core) (HKLM-x32\...\{EE2AA629-F3EC-412E-8A14-5DD9BAD490D2}) (Version: 9.1.1 - Quillsoft)
Acapela Text to Speech for WordQ 4(North America) (HKLM-x32\...\{1D08C682-F619-4E89-8291-1C13A346DAD9}) (Version: 9.1.1 - Quillsoft Ltd.)
Acapela Text-to-Speech for WordQ 4(Canadian French) (HKLM-x32\...\{98B997C5-8A5C-4EB2-B8DE-7CBAAAFAF2A0}) (Version: 9.1.1 - Quillsoft Ltd.)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
Antidote 9 (HKLM-x32\...\{D98F9F54-E310-4F57-93F5-0F42EFAA3847}) (Version: 9.5.3407 - Druide informatique inc.)
Any Video Converter Ultimate 6.2.4 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version: - Any-Video-Converter.com)
Apowersoft Screen Recorder Pro V2.1.9 (HKLM-x32\...\{dc9006db-6b05-4f0f-833b-79ef3f284c24}_is1) (Version: 2.1.9 - APOWERSOFT LIMITED)
Article Spinner 3.0.2.0 (HKLM-x32\...\{60103DBD-B2E6-4C64-A409-36C856029364}_is1) (Version: 3.0.2.0 - Fastlink2)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
Clustertruck (HKLM-x32\...\{BB09E395-9405-44CA-A17C-98DF998CF216}) (Version: - TinyBuild LLC)
CodeTwo QR Code Desktop Reader (HKLM-x32\...\{E4979203-1431-49C1-9512-B24EC63EFF77}) (Version: 1.1.0.67 - CodeTwo)
Discord (HKU\S-1-5-21-3805808772-3452688692-1920293510-1001\...\Discord) (Version: 0.0.304 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 65.4.177 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
Dxtory version 2.0.142 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.142 - ExKode Co. Ltd.)
EaseUS Partition Master 12.10 Trial Edition (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS)
Easy Auto Spinner version 1.0 (HKLM-x32\...\{3D9BC2FA-3876-4916-B865-86BA4D5844EC}_is1) (Version: 1.0 - Spinner Pro Software)
EVGA OC Scanner X 3.6.1.2 (64-bit) (HKLM\...\{CC520CF6-B02E-49AA-8192-C1DDC159E0AA}}_is1) (Version: - EVGA)
EVGA Precision X1 (HKLM\...\EVGA Precision X1) (Version: 0.2.9.0 - EVGA Corporation)
FileZilla Client 3.40.0 (HKLM-x32\...\FileZilla Client) (Version: 3.40.0 - Tim Kosse)
Futuremark SystemInfo (HKLM-x32\...\{54A3802E-DFED-4235-85A7-A604FE1CC64D}) (Version: 5.14.693.0 - Futuremark)
GIMP 2.10.8 (HKLM\...\GIMP-2_is1) (Version: 2.10.8 - The GIMP Team)
GNU Privacy Guard (HKLM-x32\...\GnuPG) (Version: 2.2.10 - The GnuPG Project)
GoNNER (HKLM-x32\...\{516FEAE8-F1E6-4F68-A964-E5D55F92CF8F}) (Version: - Raw Fury)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Gpg4win (3.1.4) (HKLM-x32\...\Gpg4win) (Version: 3.1.4 - The Gpg4win Project)
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
HCS VoicePacks Ltd VENUS version 1.6.5 (HKLM-x32\...\{56C400CA-0D41-4ACD-A5E3-B14C5F38CCBF}_is1) (Version: 1.6.5 - HCS VoicePacks Ltd)
HCS VoicePacks Ships Parrot version Singularity and Event Horizon (HKLM-x32\...\{234C8401-2EA7-47A4-8169-50194F3859BD}_is1) (Version: Singularity and Event Horizon - HCS VoicePacks Ltd)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
I, Hope (HKLM-x32\...\{556A4404-A3F6-4AC4-8E0A-C1B4E9787255}) (Version: - Double Plus Good Games)
ICQ (version 10.0.12393) (HKU\S-1-5-21-3805808772-3452688692-1920293510-1001\...\icq.desktop) (Version: 10.0.12393 - ICQ)
InstantArticleWizard (HKLM-x32\...\InstantArticleWizard) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Jaxx Liberty 2.1.0 (HKU\S-1-5-21-3805808772-3452688692-1920293510-1001\...\5947781c-9863-579f-b9db-91554a22cc65) (Version: 2.1.0 - decentral.ca)
King of the Hat (HKU\S-1-5-21-3805808772-3452688692-1920293510-1001\...\460940655984771072) (Version: - )
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
LED Sync (HKLM-x32\...\{3EF99290-BC31-4E90-89E2-B0E44D85C11C}) (Version: 1.0.9 - EVGA)
MediaInfo 18.03 (HKLM\...\MediaInfo) (Version: 18.03 - MediaArea.net)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
METAL SLUG 3 (HKLM-x32\...\{661F739F-90E4-49EB-A79D-8B50D8FEF1E0}) (Version: - SNK)
Microsoft Office Standard 2016 (HKLM\...\Office16.STANDARD) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{756E195A-CB58-4B99-917F-0DDA0D881204}) (Version: 1.0.4.0 - Mojang)
Mozilla Firefox 65.0 (x64 en-US) (HKLM\...\Mozilla Firefox 65.0 (x64 en-US)) (Version: 65.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 65.0.0.6963 - Mozilla)
Mozilla Thunderbird 52.8.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 52.8.0 (x86 en-US)) (Version: 52.8.0 - Mozilla)
Mozilla Thunderbird 60.5.0 (x86 en-US) (HKU\S-1-5-21-3805808772-3452688692-1920293510-1001\...\Mozilla Thunderbird 60.5.0 (x86 en-US)) (Version: 60.5.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Music Maker (HKLM\...\{A03DDADD-6280-46A7-B101-93EF16E78DE4}) (Version: 27.0.2.28 - MAGIX Software GmbH) Hidden
Music Maker (HKLM-x32\...\MX.{A03DDADD-6280-46A7-B101-93EF16E78DE4}) (Version: 27.0.2.28 - MAGIX Software GmbH)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.9 - Notepad++ Team)
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.2.3.1 - Duodian Technology Co. Ltd.)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
PDF Annotator 6.1.0.605 (HKLM-x32\...\PDFAnnotator_is1) (Version: 6.1.0.605 - GRAHL software design)
PerformanceTest v9.0 (HKLM\...\PerformanceTest 9_is1) (Version: 9.0.1025.0 - Passmark Software)
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.16291 - Kakao Corp.)
Pumped BMX (HKLM-x32\...\{F8FF5767-BBB1-4AB8-9B34-D617EC534339}) (Version: - Curve Digital)
Pushbullet version 338 (HKLM-x32\...\{7578F204-49E7-4830-B051-14C23F408BFE}_is1) (Version: 338 - Pushbullet Inc)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.29073 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
Remote Desktop assistant (HKU\S-1-5-21-3805808772-3452688692-1920293510-1001\...\4ffdbc81071cec8e) (Version: 1.0.0.103 - Remote Desktop assistant)
Remote Desktop Connection Manager (HKLM-x32\...\{0240359E-6A4C-4884-9E94-B397A02D893C}) (Version: 2.7.14060 - Microsoft Corporation)
Roblox Player for guillaume (HKU\S-1-5-21-3805808772-3452688692-1920293510-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
SdediBox (HKLM\...\{B1E78DBF-DAFF-4DA8-B4C3-4428EE018FA8}) (Version: 1.0 - SARL SHPS)
SpeakQ 4 (HKLM-x32\...\{FBD8FBC5-EC77-4CA9-9B77-6AE6C36FE997}) (Version: 4.1.16 - Quillsoft Ltd.)
Spinner Pro Writer version 1.0 (HKLM-x32\...\{F3C2B3CB-27A0-4175-AEEC-57C0A4E317F7}_is1) (Version: 1.0 - Spinner Pro Software)
Spotify (HKU\S-1-5-21-3805808772-3452688692-1920293510-1001\...\Spotify) (Version: 1.0.99.250.g936eab8d - Spotify AB)
StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment)
SteelSeries Engine 3.13.6 (HKLM\...\SteelSeries Engine 3) (Version: 3.13.6 - SteelSeries ApS)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.3.0 - Synaptics Incorporated)
Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM\...\{90160000-001F-0413-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Tales from the Borderlands (HKLM-x32\...\{B24F49F9-D7FE-40B6-8F4D-65B0C6BF6A6B}) (Version: - Telltale Games)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Tesseract-OCR - open source OCR engine (HKLM-x32\...\Tesseract-OCR) (Version: 3.02.02 - Tesseract-OCR community)
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.17.3 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{484A4296-6F3D-4182-8CFA-D664F7DA34AA}) (Version: 1.1.17.0 - Toshiba Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.51.81.2C - TOSHIBA CORPORATION)
TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.5.6402 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{59358FD4-252B-4B38-AB81-955C491A494F}) (Version: 2.0.0.15C - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{BFE4C813-4DD4-4B1C-97F4-76A459055C8D}) (Version: 2.6.13 - Toshiba Corporation)
TOSHIBA Split Screen Utility (HKLM\...\{E3DFC568-B11C-48B5-8533-660D8813A868}) (Version: 1.3.0.9 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0033 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Version: 2.0.1.32003 - Toshiba Corporation)
Transmission 2.94 (d8e60ee44f) (x64) (HKLM\...\{F822870C-AD55-47D1-A705-21661A02386B}) (Version: 2.94.0 - Transmission Project)
Turbo.net Sandbox Manager 19.1 (HKU\S-1-5-21-3805808772-3452688692-1920293510-1001\...\{8248212A-01F7-4BF1-A4FD-BA0A965198B4}) (Version: 19.1.1887.0 - Code Systems Corporation)
TurboLauncher (HKU\S-1-5-21-3805808772-3452688692-1920293510-1001\...\TurboLauncher) (Version: 19.1.1887.0 - Code Systems Corporation)
Twitch (HKU\S-1-5-21-3805808772-3452688692-1920293510-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Twitch Leecher 1.5.4 (HKLM\...\{4E2BCEDA-504B-4D80-8B59-7B30D634C3B9}) (Version: 1.5.4.0 - Franiac) Hidden
Twitch Leecher 1.5.4 (HKLM-x32\...\{066210c4-4546-41ae-9cba-a97c187df768}) (Version: 1.5.4.0 - Franiac)
Utility Common Driver (HKLM-x32\...\{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}) (Version: 1.0.53.3 - Compal) Hidden
Utility Common Driver (HKLM-x32\...\InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}) (Version: 1.0.53.3 - Compal) Hidden
VIP72 Socks Client 1.8.7.2 (HKLM-x32\...\{EBF089E1-4E2E-426A-916D-6DCBE5540774}_is1) (Version: 1.8.7.2 - VIP Technologies)
VirusTotal Uploader 2.2 (HKLM-x32\...\VTUploader) (Version: - )
VPNetwork LLC - TorGuard - Online Privacy Protection Services (HKLM-x32\...\VPNetwork LLC TorGuard) (Version: "3.92.0" - "VPNetwork LLC")
WhatsApp (HKU\S-1-5-21-3805808772-3452688692-1920293510-1001\...\WhatsApp) (Version: 0.3.1847 - WhatsApp)
WordQ 4 (HKLM-x32\...\{40042175-CB48-4D51-8BAF-D66BAE867676}) (Version: 4.1.16 - Quillsoft Ltd.)
WordQ Pro CF Templates (HKLM-x32\...\{9E88CEC9-9160-417C-8647-C98D261E803B}) (Version: 4.1.1 - Quillsoft Ltd.)
WordQ4 Pro CF Dictionary (HKLM-x32\...\{AFEF30D7-DA5D-4D57-A72C-B64E5F9CD26E}) (Version: 4.1.1 - Quillsoft Ltd.)
YTMonster 0.2.0 (HKU\S-1-5-21-3805808772-3452688692-1920293510-1001\...\414fe57a-f2c0-5a13-8aa5-5afe658b6191) (Version: 0.2.0 - YTMonster)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3805808772-3452688692-1920293510-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3805808772-3452688692-1920293510-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3805808772-3452688692-1920293510-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3805808772-3452688692-1920293510-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3805808772-3452688692-1920293510-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3805808772-3452688692-1920293510-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3805808772-3452688692-1920293510-1001_Classes\CLSID\{3D58DDEA-561E-45BA-AA6A-0AB04BCD9FAD}\InprocServer32 -> C:\Users\guillaume\AppData\Local\Turbo\19.1.1887.0\Turbo-Plugin-x64.dll (Code Systems Corporation -> Code Systems Corporation)
CustomCLSID: HKU\S-1-5-21-3805808772-3452688692-1920293510-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3805808772-3452688692-1920293510-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8E}\localserver32 -> D:\DownloadSSD\antidote\Application\Bin64\AgentAntidote.exe (Druide Informatique Inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-3805808772-3452688692-1920293510-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8F}\localserver32 -> D:\DownloadSSD\antidote\Application\Bin64\Antidote.exe (Druide Informatique Inc. -> Druide informatique inc.)
CustomCLSID: HKU\S-1-5-21-3805808772-3452688692-1920293510-1001_Classes\CLSID\{AD630E0F-BF29-4791-AD3B-A289E884E37C}\localserver32 -> D:\DownloadSSD\antidote\Application\Bin64\Antidote.exe (Druide Informatique Inc. -> Druide informatique inc.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\guillaume\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\guillaume\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\guillaume\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\guillaume\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\guillaume\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\guillaume\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-07-22] (Notepad++ -> )
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => C:\Program Files (x86)\Gpg4win\bin_64\gpgex.dll [2018-10-17] (g10 Code GmbH)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\guillaume\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\guillaume\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\guillaume\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => C:\Program Files (x86)\Gpg4win\bin_64\gpgex.dll [2018-10-17] (g10 Code GmbH)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\guillaume\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2018-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01EAA64B-9B88-44ED-8CD9-F512BC143CA1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-07-03] (Google Inc -> Google Inc.)
Task: {0F518B17-5E63-41A2-A832-1C9EEA7A9694} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {29A9976A-B406-4699-B9E2-5C23ABF5377F} - System32\Tasks\TorGuard Autostart => C:\Program Files (x86)\VPNetwork LLC\TorGuard\TorGuardDesktopQt.exe [2018-12-18] (Schäuffelhut Berger GmbH -> )
Task: {438B5CCD-7268-428F-BB8A-1C71DC6EF263} - System32\Tasks\Dxstory\dxstory => C:\Program Files (x86)\ExKode\Dxtory2.0\Dxtory.exe [2017-04-08] (ExKode Co.Ltd. -> ExKode Co. Ltd.)
Task: {444638D2-C82C-4211-89E8-CC50CD7E49C4} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-06-30] (Dropbox, Inc -> Dropbox, Inc.)
Task: {4E212843-C53B-46B0-86D1-C1BECAE19225} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe
Task: {5FBBC72E-3098-4834-B559-E8C8EDA01946} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-07-03] (Google Inc -> Google Inc.)
Task: {632EE71A-EC99-4510-ADC5-028F8B309626} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {7A8B1119-41E8-4A91-A359-8AF9B353E213} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {7CBD3D0B-9C7A-4A63-B899-DD0AD03C486F} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-09-24] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
Task: {88CD0F64-638A-415D-ADD7-D92251E96E84} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
Task: {987087C7-6B6B-46B1-8F08-5E04C585C412} - System32\Tasks\KMSAuto => C:\Windows\KMSAutoS\KMSAuto x64.exe [2018-04-05] (WZTeam -> ) [File not signed]
Task: {BACA1DF0-2EE4-43E5-95C7-02412DB94D13} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-06-30] (Dropbox, Inc -> Dropbox, Inc.)
Task: {C3A59663-EC90-4267-A605-635819B3208C} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-02-21] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {DE992973-C9E1-4989-9A10-A2182F95D1CE} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3805808772-3452688692-1920293510-1001 => C:\Users\guillaume\AppData\Local\MEGAsync\MEGAupdater.exe [2018-01-15] (Mega Limited -> Mega Limited)
Task: {DF06CF26-D24A-42BA-BFA3-C3F1FC0459CF} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-02-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {F6C1D236-B5AD-4604-BCC9-E3A144864675} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [2014-03-12] (TOSHIBA Corporation) [File not signed]
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\guillaume\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) ==============
2018-08-12 11:25 - 2018-08-11 10:52 - 000356840 _____ () C:\SteamLibrary\steamapps\common\wallpaper_engine\bin\wallpaperservice32_c.exe
2019-02-03 16:48 - 2019-02-06 11:48 - 000021504 _____ () C:\Windows\SysWOW64\WindowsInput.exe
2017-10-18 16:51 - 2017-10-18 16:51 - 000598528 _____ () C:\Users\guillaume\AppData\Local\MEGAsync\ShellExtX64.dll
2018-07-22 19:14 - 2018-07-22 19:14 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-01-01 08:23 - 2018-04-20 03:56 - 000400800 _____ () C:\Windows\system32\igfxTray.exe
2012-07-18 20:38 - 2012-07-18 20:38 - 000020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2019-01-25 08:34 - 2019-01-25 08:34 - 000054440 _____ () D:\program ssd\filezilla\FileZilla FTP Client\fzshellext_64.dll
2015-10-21 20:49 - 2015-10-21 20:49 - 000087368 _____ () D:\DownloadSSD\antidote\Application\Bin64\libQtDispatchDruide9.dll
2017-04-25 15:45 - 2017-04-25 15:45 - 000108136 _____ () D:\DownloadSSD\antidote\Application\Bin64\libwebsocketsDruide9.dll
2015-10-21 20:49 - 2015-10-21 20:49 - 000467784 _____ () D:\DownloadSSD\antidote\Application\Bin64\boost_locale-vc120-mt-1_58-Druide9.dll
2015-10-21 20:49 - 2015-10-21 20:49 - 000088392 _____ () D:\DownloadSSD\antidote\Application\Bin64\libxdispatchDruide9.dll
2015-10-21 20:49 - 2015-10-21 20:49 - 000063816 _____ () D:\DownloadSSD\antidote\Application\Bin64\libdispatchDruide9.dll
2015-10-21 20:49 - 2015-10-21 20:49 - 000025928 _____ () D:\DownloadSSD\antidote\Application\Bin64\boost_system-vc120-mt-1_58-Druide9.dll
2015-10-21 20:49 - 2015-10-21 20:49 - 000036168 _____ () D:\DownloadSSD\antidote\Application\Bin64\boost_chrono-vc120-mt-1_58-Druide9.dll
2015-10-21 20:49 - 2015-10-21 20:49 - 000108360 _____ () D:\DownloadSSD\antidote\Application\Bin64\boost_thread-vc120-mt-1_58-Druide9.dll
2017-04-30 06:02 - 2017-04-30 06:02 - 000022120 _____ () D:\DownloadSSD\antidote\Application\Bin64\LibrairiesQt\libEGL.dll
2017-04-30 06:02 - 2017-04-30 06:02 - 002022504 _____ () D:\DownloadSSD\antidote\Application\Bin64\LibrairiesQt\libGLESv2.dll
2017-09-12 15:33 - 2017-09-12 15:33 - 000118376 _____ () D:\DownloadSSD\antidote\LingEN\Bin64\libYamChaDruide9.dll
2016-07-28 05:43 - 2018-04-20 03:51 - 018211640 _____ () C:\Windows\SYSTEM32\igd11dxva64.dll
2019-02-04 12:05 - 2019-02-04 12:05 - 000822272 _____ () C:\ProgramData\iNmmvsANIm\System.exe
2018-12-20 19:01 - 2014-11-18 14:44 - 000255072 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.10\bin\TrayPopupE\TrayTipAgentE.exe
2018-12-21 20:40 - 2018-12-15 21:24 - 001361088 _____ () C:\Users\guillaume\AppData\Roaming\VIP72 Socks Client\vip72socks.exe
2014-06-17 07:09 - 2013-12-10 09:27 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-10-21 20:49 - 2015-10-21 20:49 - 000076616 _____ () D:\DownloadSSD\antidote\Application\Bin32\libQtDispatchDruide9.dll
2017-04-25 15:45 - 2017-04-25 15:45 - 000093288 _____ () D:\DownloadSSD\antidote\Application\Bin32\libwebsocketsDruide9.dll
2015-10-21 20:49 - 2015-10-21 20:49 - 000373576 _____ () D:\DownloadSSD\antidote\Application\Bin32\boost_locale-vc120-mt-1_58-Druide9.dll
2015-10-21 20:49 - 2015-10-21 20:49 - 000077128 _____ () D:\DownloadSSD\antidote\Application\Bin32\libxdispatchDruide9.dll
2015-10-21 20:49 - 2015-10-21 20:49 - 000054600 _____ () D:\DownloadSSD\antidote\Application\Bin32\libdispatchDruide9.dll
2015-10-21 20:49 - 2015-10-21 20:49 - 000022856 _____ () D:\DownloadSSD\antidote\Application\Bin32\boost_system-vc120-mt-1_58-Druide9.dll
2015-10-21 20:49 - 2015-10-21 20:49 - 000033096 _____ () D:\DownloadSSD\antidote\Application\Bin32\boost_chrono-vc120-mt-1_58-Druide9.dll
2015-10-21 20:49 - 2015-10-21 20:49 - 000089928 _____ () D:\DownloadSSD\antidote\Application\Bin32\boost_thread-vc120-mt-1_58-Druide9.dll
2017-04-30 06:02 - 2017-04-30 06:02 - 000021096 _____ () D:\DownloadSSD\antidote\Application\Bin32\LibrairiesQt\libEGL.dll
2017-04-30 06:02 - 2017-04-30 06:02 - 001654888 _____ () D:\DownloadSSD\antidote\Application\Bin32\LibrairiesQt\libGLESv2.dll
2019-02-04 10:03 - 2019-02-04 10:03 - 000081408 ____T () C:\Users\guillaume\AppData\Local\Microsoft\bass_vst.dll
2019-02-04 10:03 - 2019-02-06 11:19 - 001758720 ____T () C:\Users\guillaume\AppData\Local\Microsoft\engine_vx.dll
2017-09-10 15:51 - 2017-09-10 15:51 - 000798208 _____ () C:\Users\guillaume\AppData\Local\MEGAsync\libsodium.dll
2019-01-31 03:05 - 2019-01-22 08:14 - 001213768 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2019-01-31 03:05 - 2019-01-22 08:14 - 002103112 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2019-01-09 11:14 - 2019-01-22 08:16 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:15 - 000025456 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp36-win32.pyd
2019-01-09 11:14 - 2019-01-22 08:14 - 000148968 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:15 - 001878888 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:15 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:14 - 000118232 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes36.dll
2019-01-09 11:14 - 2019-01-22 08:14 - 000109024 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:15 - 000082760 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:14 - 000418776 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom36.dll
2019-01-31 03:05 - 2019-01-22 08:15 - 000074072 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp36-win32.pyd
2019-01-09 11:14 - 2019-01-22 08:14 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp36-win32.pyd
2019-01-09 11:14 - 2019-01-22 08:14 - 000049128 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp36-win32.pyd
2019-01-09 11:14 - 2019-01-22 08:14 - 000026600 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp36-win32.pyd
2019-01-09 11:14 - 2019-01-22 08:14 - 000131552 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp36-win32.pyd
2019-01-09 11:14 - 2019-01-22 08:14 - 000182752 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp36-win32.pyd
2019-01-09 11:14 - 2019-01-22 08:14 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp36-win32.pyd
2019-01-09 11:14 - 2019-01-22 08:14 - 000119272 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp36-win32.pyd
2019-01-09 11:14 - 2019-01-22 08:16 - 000401752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp36-win32.pyd
2019-01-09 11:14 - 2019-01-22 08:14 - 000028640 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp36-win32.pyd
2019-01-09 11:14 - 2019-01-22 08:16 - 000034664 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp36-win32.pyd
2019-01-09 11:14 - 2019-01-22 08:17 - 000062304 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:14 - 000023520 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:15 - 001457488 _____ () C:\Program Files (x86)\Dropbox\Client\dbxlog._dbxlog.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:15 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp36-win32.pyd
2019-01-09 11:14 - 2019-01-22 08:14 - 000053736 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp36-win32.pyd
2019-01-09 11:14 - 2019-01-22 08:14 - 000065504 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:15 - 000025944 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp36-win32.pyd
2019-01-09 11:14 - 2019-01-22 08:16 - 000068968 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp36-win32.pyd
2019-01-09 11:14 - 2019-01-22 08:17 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp36-win32.pyd
2019-01-09 11:14 - 2019-01-22 08:14 - 000032224 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:15 - 001755472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:15 - 000101200 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt592.sip.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:15 - 001885520 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:15 - 000523600 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:15 - 003755344 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp36-win32.pyd
2019-01-09 11:14 - 2019-01-22 08:14 - 000061408 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:15 - 000169304 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:15 - 000061784 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:15 - 000042840 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:15 - 000202584 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:15 - 000117584 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:15 - 000214872 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:15 - 000099664 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp36-win32.pyd
2019-01-09 11:14 - 2019-01-22 08:17 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shell32.compiled._winffi_shell32.cp36-win32.pyd
2019-01-09 11:14 - 2019-01-22 08:17 - 000028008 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp36-win32.pyd
2019-01-09 11:14 - 2019-01-22 08:17 - 000033632 _____ () C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp36-win32.pyd
2019-01-09 11:14 - 2019-01-22 08:14 - 000027624 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp36-win32.pyd
2019-01-09 11:14 - 2019-01-22 08:16 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp36-win32.pyd
2019-01-09 11:14 - 2019-01-22 08:17 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp36-win32.pyd
2019-01-09 11:14 - 2019-01-22 08:17 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:15 - 000031600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp36-win32.pyd
2019-01-09 11:14 - 2019-01-22 08:14 - 000486880 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp36-win32.pyd
2019-01-09 11:14 - 2019-01-22 08:17 - 000051552 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp36-win32.pyd
2019-01-09 11:14 - 2019-01-22 08:17 - 000029040 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:15 - 011941712 _____ () C:\Program Files (x86)\Dropbox\Client\nucleus_python.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:15 - 000029024 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:14 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2019-01-09 11:14 - 2019-01-22 08:16 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:15 - 000433992 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2019-01-09 11:14 - 2019-01-22 08:16 - 000038240 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:15 - 000026432 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2019-01-31 03:05 - 2019-01-22 08:15 - 001967936 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2019-01-09 11:14 - 2019-01-22 08:17 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shcore.compiled._winffi_shcore.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:15 - 000054096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp36-win32.pyd
2019-01-09 11:14 - 2019-01-22 08:17 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp36-win32.pyd
2019-01-09 11:14 - 2019-01-22 08:16 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.gdi32.compiled._winffi_gdi32.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:15 - 000557392 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp36-win32.pyd
2019-01-31 03:05 - 2019-01-22 08:15 - 000335184 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp36-win32.pyd
2018-12-20 19:01 - 2014-02-13 15:27 - 000222792 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.10\bin\TrayPopupE\traynet.dll
2018-12-20 19:01 - 2014-02-13 15:27 - 000275528 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.10\bin\TrayPopupE\libcurl.dll
2018-12-20 19:01 - 2014-02-13 15:27 - 000113166 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.10\bin\TrayPopupE\zlib1.dll
2018-12-20 19:01 - 2014-02-13 15:27 - 000249928 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 12.10\bin\TrayPopupE\uexper.dll
2018-06-30 09:49 - 2019-01-31 19:47 - 088824552 _____ () C:\Users\guillaume\AppData\Roaming\Spotify\libcef.dll
2019-01-15 19:13 - 2019-01-15 15:32 - 002000216 _____ () C:\Users\guillaume\AppData\Local\Discord\app-0.0.304\ffmpeg.dll
2019-01-15 19:13 - 2019-01-15 15:32 - 004332376 _____ () C:\Users\guillaume\AppData\Local\Discord\app-0.0.304\libglesv2.dll
2019-01-15 19:13 - 2019-01-15 15:32 - 000106328 _____ () C:\Users\guillaume\AppData\Local\Discord\app-0.0.304\libegl.dll
2018-06-30 09:49 - 2019-01-31 19:47 - 004239592 _____ () C:\Users\guillaume\AppData\Roaming\Spotify\libglesv2.dll
2018-06-30 09:49 - 2019-01-31 19:47 - 000098024 _____ () C:\Users\guillaume\AppData\Roaming\Spotify\libegl.dll
2019-01-15 20:16 - 2019-01-31 06:46 - 011345240 _____ () \\?\C:\Users\guillaume\AppData\Roaming\discord\0.0.304\modules\discord_voice\discord_voice.node
2019-01-15 20:16 - 2019-01-31 06:46 - 001723224 _____ () \\?\C:\Users\guillaume\AppData\Roaming\discord\0.0.304\modules\discord_utils\discord_utils.node
2019-01-15 20:16 - 2019-01-31 06:46 - 001762648 _____ () \\?\C:\Users\guillaume\AppData\Roaming\discord\0.0.304\modules\discord_game_utils\discord_game_utils.node
2019-01-15 20:16 - 2019-01-15 20:16 - 002672984 _____ () \\?\C:\Users\guillaume\AppData\Roaming\discord\0.0.304\modules\discord_spellcheck\node_modules\cld\build\Release\cld.node
2019-01-15 20:16 - 2019-01-15 20:16 - 000837464 _____ () \\?\C:\Users\guillaume\AppData\Roaming\discord\0.0.304\modules\discord_spellcheck\node_modules\spellchecker\build\Release\spellchecker.node
2019-01-15 20:16 - 2019-01-15 20:16 - 000479064 _____ () \\?\C:\Users\guillaume\AppData\Roaming\discord\0.0.304\modules\discord_spellcheck\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
2019-01-15 20:16 - 2019-01-15 20:16 - 000553816 _____ () \\?\C:\Users\guillaume\AppData\Roaming\discord\0.0.304\modules\discord_erlpack\discord_erlpack.node
2019-01-15 20:17 - 2019-01-15 20:17 - 009914712 _____ () \\?\C:\Users\guillaume\AppData\Roaming\discord\0.0.304\modules\discord_cloudsync\discord_cloudsync.node
2019-01-15 20:17 - 2019-01-15 20:17 - 002909016 _____ () \\?\C:\Users\guillaume\AppData\Roaming\discord\0.0.304\modules\discord_rpc\discord_rpc.node
2019-01-15 20:17 - 2019-01-15 20:17 - 001266008 _____ () \\?\C:\Users\guillaume\AppData\Roaming\discord\0.0.304\modules\discord_modules\discord_modules.node
2019-01-15 20:17 - 2019-01-31 06:46 - 022327128 _____ () \\?\C:\Users\guillaume\AppData\Roaming\discord\0.0.304\modules\discord_dispatch\discord_dispatch.node
2019-01-15 20:17 - 2019-01-15 20:17 - 002947416 _____ () \\?\C:\Users\guillaume\AppData\Roaming\discord\0.0.304\modules\discord_contact_import\discord_contact_import.node
2019-01-15 20:17 - 2019-01-15 20:17 - 001297752 _____ () \\?\C:\Users\guillaume\AppData\Roaming\discord\0.0.304\modules\discord_vigilante\discord_vigilante.node
2019-02-02 12:34 - 2018-12-05 18:47 - 000885536 _____ () D:\program ssd\steam\SDL2.dll
2018-07-24 15:42 - 2016-08-31 20:02 - 004969248 _____ () D:\program ssd\steam\v8.dll
2019-02-02 13:50 - 2019-02-02 12:33 - 002667296 _____ () D:\program ssd\steam\video.dll
2018-07-24 15:42 - 2016-08-31 20:02 - 001563936 _____ () D:\program ssd\steam\icui18n.dll
2018-07-24 15:42 - 2016-08-31 20:02 - 001195296 _____ () D:\program ssd\steam\icuuc.dll
2019-02-02 12:34 - 2018-11-05 13:53 - 005137696 _____ () D:\program ssd\steam\libavcodec-57.dll
2019-02-02 12:34 - 2018-11-05 13:53 - 000810784 _____ () D:\program ssd\steam\libavformat-57.dll
2019-02-02 12:34 - 2018-11-05 13:53 - 000351520 _____ () D:\program ssd\steam\libavresample-3.dll
2019-02-02 12:34 - 2018-11-05 13:53 - 000847136 _____ () D:\program ssd\steam\libavutil-55.dll
2019-02-02 12:34 - 2018-11-05 13:53 - 000783648 _____ () D:\program ssd\steam\libswscale-4.dll
2019-02-02 13:50 - 2019-02-02 12:33 - 001031456 _____ () D:\program ssd\steam\bin\chromehtml.DLL
2018-07-24 15:42 - 2016-07-04 17:17 - 000266560 _____ () D:\program ssd\steam\openvr_api.dll
2019-02-02 12:34 - 2018-12-05 18:47 - 000885536 _____ () D:\program ssd\steam\bin\cef\cef.win7\SDL2.dll
2019-02-02 12:34 - 2018-11-19 19:55 - 088009504 _____ () D:\program ssd\steam\bin\cef\cef.win7\libcef.dll
2019-02-02 12:34 - 2018-11-19 19:55 - 004083488 _____ () D:\program ssd\steam\bin\cef\cef.win7\libglesv2.dll
2019-02-02 12:34 - 2018-11-19 19:55 - 000097056 _____ () D:\program ssd\steam\bin\cef\cef.win7\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\guillaume\Cookies:kthl1qiYXGGoqBIVJVXHE [2116]
AlternateDataStreams: C:\Users\guillaume\AppData\Local\Temporary Internet Files:qPQNCGlrbfwmkSmPuyqPqY [2358]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 08:25 - 2013-08-22 08:25 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;D:\DownloadSSD\antidote\Application\Bin64\;D:\DownloadSSD\antidote\Application\Bin32\;C:\Program Files (x86)\Tesseract-OCR;C:\Program Files (x86)\Gpg4win\..\GnuPG\bin
HKU\S-1-5-21-3805808772-3452688692-1920293510-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\guillaume\Documents\zzza.jpeg
DNS Servers: 199.202.105.108 - 199.202.105.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "TecoResident"
HKLM\...\StartupApproved\Run: => "TosWaitSrv"
HKLM\...\StartupApproved\Run32: => "CStart8"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKU\S-1-5-21-3805808772-3452688692-1920293510-1001\...\StartupApproved\Run: => "Dxtory Update Checker 2.0"
HKU\S-1-5-21-3805808772-3452688692-1920293510-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3805808772-3452688692-1920293510-1001\...\StartupApproved\Run: => "VoiceAttack"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B3C5FC64-B289-44BD-BC2D-5EE04D5EDD2F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2C2BC456-DD14-42B6-A5FC-373C41132F3F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{4C31393A-7CBD-4C71-9A2B-4165849B4643}C:\users\guillaume\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\guillaume\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{BD85F14D-401E-4FD7-A32B-4A95E86DD6AF}C:\users\guillaume\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\guillaume\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2CAFF4D8-F6F3-4912-8131-B0ECC6277EC7}] => (Allow) D:\program ssd\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0F14B499-C558-438E-B454-557A7CE09CDE}] => (Allow) D:\program ssd\steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{451B5EB8-AF2E-4C5F-97B4-7FCE032433EB}] => (Allow) D:\program ssd\steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5D380EF5-842C-4329-AC6D-53AD5585AC5A}] => (Allow) D:\program ssd\steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8510B7D8-D29B-4A73-A660-8B19384D052F}] => (Allow) E:\SteamLibrary\steamapps\common\Robocraft\Robocraft.exe No File
FirewallRules: [{5B579DDD-C647-4155-B905-290D762E3A4E}] => (Allow) E:\SteamLibrary\steamapps\common\Robocraft\Robocraft.exe No File
FirewallRules: [{25EC507E-17B8-4D18-B07F-A83A8F8D6BE9}] => (Allow) D:\program ssd\steam\steamapps\common\Unturned\Unturned_BE.exe No File
FirewallRules: [{2E3CC163-A98E-4E62-8A2C-5AF0F7C88F5A}] => (Allow) D:\program ssd\steam\steamapps\common\Unturned\Unturned_BE.exe No File
FirewallRules: [{84FE1488-43E9-4899-9AC1-5CE136D88942}] => (Allow) E:\SteamLibrary\steamapps\common\SUPERHOT\SUPERHOT.exe No File
FirewallRules: [{1D107486-1B9E-483B-84D1-02DB7CCB46EE}] => (Allow) E:\SteamLibrary\steamapps\common\SUPERHOT\SUPERHOT.exe No File
FirewallRules: [{9AD11363-0839-47DC-BFE3-BE7B5AB31473}] => (Allow) E:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe No File
FirewallRules: [{8B209C58-3140-4F10-AA16-148C6EA258A3}] => (Allow) E:\SteamLibrary\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe No File
FirewallRules: [TCP Query User{7057898F-15F7-4F00-947F-693BD9645A96}D:\program ssd\transmi\transmission-qt.exe] => (Allow) D:\program ssd\transmi\transmission-qt.exe (Mike Gelfand -> Transmission Project)
FirewallRules: [UDP Query User{4F8E08E4-BF42-46DA-B5E4-F85A5DD0008F}D:\program ssd\transmi\transmission-qt.exe] => (Allow) D:\program ssd\transmi\transmission-qt.exe (Mike Gelfand -> Transmission Project)
FirewallRules: [{E7AE011A-F195-4C58-899A-AF449B45E52B}] => (Allow) D:\program ssd\steam\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe ()
FirewallRules: [{D9F1411D-1AA2-48C0-B960-0AB25F462F2E}] => (Allow) D:\program ssd\steam\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe ()
FirewallRules: [TCP Query User{17176DF7-26F1-47CA-A167-949EB955DA75}D:\program ssd\potplayer\potplayermini64.exe] => (Allow) D:\program ssd\potplayer\potplayermini64.exe (Kakao corp. -> Kakao)
FirewallRules: [UDP Query User{3DDCEF51-3FFB-45DC-A484-F9514D830043}D:\program ssd\potplayer\potplayermini64.exe] => (Allow) D:\program ssd\potplayer\potplayermini64.exe (Kakao corp. -> Kakao)
FirewallRules: [{55FE1D21-C67E-4043-9E56-D4E7B33556C4}] => (Allow) E:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe No File
FirewallRules: [{04DF4755-E196-4B58-98F5-85BF465B8BA7}] => (Allow) E:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe No File
FirewallRules: [TCP Query User{095B0A5A-6E22-4AF9-8DFC-02996B5F4485}E:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) E:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe No File
FirewallRules: [UDP Query User{4B3E7B90-E3E7-48FE-BA58-2C2285FFAEBE}E:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) E:\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe No File
FirewallRules: [TCP Query User{411CA12A-590C-4D5B-B9D0-13360AE1EC1B}E:\program file\lol\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) E:\program file\lol\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{94C49CA8-5EF6-4200-A999-6B185DEFA2D8}E:\program file\lol\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) E:\program file\lol\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe No File
FirewallRules: [{ADF52A53-A997-4C8A-8014-B7D98B1C3D43}] => (Allow) E:\SteamLibrary\steamapps\common\Hurtworld\Hurtworld.exe No File
FirewallRules: [{F41E8C14-3DB7-4DAD-99DE-09E593FEE217}] => (Allow) E:\SteamLibrary\steamapps\common\Hurtworld\Hurtworld.exe No File
FirewallRules: [{1C9BAD96-D23A-473B-AAC2-C9EDCD0C75FD}] => (Allow) E:\SteamLibrary\steamapps\common\Hurtworld\HurtworldClient.exe No File
FirewallRules: [{902081CA-1437-4405-AB92-28CA5FB1F2B0}] => (Allow) E:\SteamLibrary\steamapps\common\Hurtworld\HurtworldClient.exe No File
FirewallRules: [{89CCF411-D5F9-4B9C-AF24-24DB116A52B3}] => (Allow) E:\SteamLibrary\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe No File
FirewallRules: [{F63515FE-B75D-44C8-88EB-78BDA138333E}] => (Allow) E:\SteamLibrary\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe No File
FirewallRules: [TCP Query User{67A61F0F-B30E-40B6-96F9-504C0BC7D81E}E:\program file\battle net\overwatch\overwatch.exe] => (Allow) E:\program file\battle net\overwatch\overwatch.exe No File
FirewallRules: [UDP Query User{1998DE3E-D26D-4993-A760-4A004780B96C}E:\program file\battle net\overwatch\overwatch.exe] => (Allow) E:\program file\battle net\overwatch\overwatch.exe No File
FirewallRules: [TCP Query User{13D05E8B-1896-4459-9A40-ADFB7622CB79}E:\steamlibrary\steamapps\common\war thunder\launcher.exe] => (Allow) E:\steamlibrary\steamapps\common\war thunder\launcher.exe No File
FirewallRules: [UDP Query User{EF214F3D-8125-466D-B6D5-F42AF317C8B8}E:\steamlibrary\steamapps\common\war thunder\launcher.exe] => (Allow) E:\steamlibrary\steamapps\common\war thunder\launcher.exe No File
FirewallRules: [TCP Query User{2AC2CB19-7BDB-4DBB-AB33-4C075ECB42C3}E:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Allow) E:\steamlibrary\steamapps\common\war thunder\win64\aces.exe No File
FirewallRules: [UDP Query User{61913B00-AAC8-4897-8247-2EE1E6A978C3}E:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Allow) E:\steamlibrary\steamapps\common\war thunder\win64\aces.exe No File
FirewallRules: [{6697988C-1A1E-49A0-BAA0-B49CC6DFD328}] => (Allow) H:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe No File
FirewallRules: [{1AA1FA47-FCA1-4FB6-A2B8-0194DB0587AC}] => (Allow) H:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe No File
FirewallRules: [TCP Query User{1CC6623F-DA32-4D09-BE19-E4970D75AC1B}H:\program file\battle net\overwatch\overwatch.exe] => (Allow) H:\program file\battle net\overwatch\overwatch.exe No File
FirewallRules: [UDP Query User{44CBB49E-07A4-4E0E-BC05-DB5688080DB8}H:\program file\battle net\overwatch\overwatch.exe] => (Allow) H:\program file\battle net\overwatch\overwatch.exe No File
FirewallRules: [{70C63C38-1459-458A-A872-9753082D0881}] => (Allow) H:\SteamLibrary\steamapps\common\Hurtworld\Hurtworld.exe No File
FirewallRules: [{B84E35BF-5178-47D7-AD9E-C190511DE9E3}] => (Allow) H:\SteamLibrary\steamapps\common\Hurtworld\Hurtworld.exe No File
FirewallRules: [{B2D17A34-AD77-4651-9FD0-3D9E9D017CD0}] => (Allow) H:\SteamLibrary\steamapps\common\Hurtworld\HurtworldClient.exe No File
FirewallRules: [{39AFA38C-BBA0-4BFA-983A-240C223A8DE1}] => (Allow) H:\SteamLibrary\steamapps\common\Hurtworld\HurtworldClient.exe No File
FirewallRules: [TCP Query User{20FF488C-F8E3-4F33-95DD-BB6BCB8F9219}H:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Allow) H:\steamlibrary\steamapps\common\war thunder\win64\aces.exe No File
FirewallRules: [UDP Query User{57A11900-1A40-43AA-A9FB-4C4BC880001E}H:\steamlibrary\steamapps\common\war thunder\win64\aces.exe] => (Allow) H:\steamlibrary\steamapps\common\war thunder\win64\aces.exe No File
FirewallRules: [TCP Query User{56EC2671-F926-4799-91EC-C08889860616}H:\steamlibrary\steamapps\common\robocraft\robocraftclient.exe] => (Allow) H:\steamlibrary\steamapps\common\robocraft\robocraftclient.exe No File
FirewallRules: [UDP Query User{661FA77C-A76D-422B-9BAD-734ABE0F8520}H:\steamlibrary\steamapps\common\robocraft\robocraftclient.exe] => (Allow) H:\steamlibrary\steamapps\common\robocraft\robocraftclient.exe No File
FirewallRules: [{1AC8374A-0BC7-4446-B000-2B091109BC42}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe No File
FirewallRules: [{198ABD83-C0DD-440A-B241-1CED2012FFBF}] => (Allow) D:\program ssd\dsadsa\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{A38FB4E2-743D-4636-8C5F-BBDED7ED0279}] => (Allow) D:\program ssd\dsadsa\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{451EE46E-00F0-43F3-B21B-E08BF3D8D661}] => (Allow) H:\SteamLibrary\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe No File
FirewallRules: [{F42FE14A-A343-472E-909E-6D1D14308F1F}] => (Allow) H:\SteamLibrary\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe No File
FirewallRules: [{F3371852-1E69-4D40-AE16-8311BD9D5E7D}] => (Allow) D:\program ssd\steam\steamapps\common\Rivals of Aether\RivalsofAether.exe No File
FirewallRules: [{FA4F35F2-24C7-42B9-A228-879B701772E4}] => (Allow) D:\program ssd\steam\steamapps\common\Rivals of Aether\RivalsofAether.exe No File
FirewallRules: [{569186BF-788D-4EB7-AFD8-A11CA4034179}] => (Allow) H:\SteamLibrary\steamapps\common\PlagueInc\PlagueIncEvolved.exe No File
FirewallRules: [{CA94A25F-38CD-4AC0-AF02-2249D37EE442}] => (Allow) H:\SteamLibrary\steamapps\common\PlagueInc\PlagueIncEvolved.exe No File
FirewallRules: [{A287DDE1-68AC-40B4-86E1-82071AAC198E}] => (Allow) H:\SteamLibrary\steamapps\common\Robocraft\Robocraft.exe No File
FirewallRules: [{18177D2A-DBFD-46F2-BF56-B4B0DBD6C321}] => (Allow) H:\SteamLibrary\steamapps\common\Robocraft\Robocraft.exe No File
FirewallRules: [UDP Query User{9B90EE77-680C-4142-9100-F0E839C2078F}C:\users\guillaume\appdata\roaming\icq\bin\icq.exe] => (Allow) C:\users\guillaume\appdata\roaming\icq\bin\icq.exe (LLC Mail.Ru -> )
FirewallRules: [{FB7343D9-4892-4C0D-AE73-41DA74A3270B}] => (Allow) C:\Users\guillaume\Pictures\LiquidSky.exe No File
FirewallRules: [{97569978-A0E8-47CA-82BF-F7EFB9ECED90}] => (Allow) C:\Users\guillaume\Pictures\LiquidSky.exe No File
FirewallRules: [{39028344-C2D7-4E96-AF4E-99777BB3BD61}] => (Allow) C:\Users\guillaume\AppData\Roaming\LiquidSky\LiquidSkyClient.exe (LiquidSky Software, Inc -> )
FirewallRules: [{C5F7DE47-9D3D-4221-BF37-3709ED3053AE}] => (Allow) C:\Users\guillaume\AppData\Roaming\LiquidSky\LiquidSkyClient.exe (LiquidSky Software, Inc -> )
FirewallRules: [{13513134-8296-4F10-B420-CC5B6260C5FC}] => (Allow) C:\Users\guillaume\AppData\Roaming\LiquidSky\lib\LiquidSky.exe (LiquidSky Software, Inc -> )
FirewallRules: [{D946626A-9FA3-47E1-9AB6-02C45053CBDC}] => (Allow) C:\Users\guillaume\AppData\Roaming\LiquidSky\lib\LiquidSky.exe (LiquidSky Software, Inc -> )
FirewallRules: [{2CB2E0BB-376F-4FFB-AE19-515FEB355C13}] => (Allow) H:\SteamLibrary\steamapps\common\Eastside Hockey Manager\ehm.exe No File
FirewallRules: [{C9C207E4-20BD-43FF-AB9F-A46B029142D5}] => (Allow) H:\SteamLibrary\steamapps\common\Eastside Hockey Manager\ehm.exe No File
FirewallRules: [{781D41F4-58C1-4AD6-8063-E79B4A727E7B}] => (Allow) H:\SteamLibrary\steamapps\common\SEGA Bass Fishing\AppLauncher.exe No File
FirewallRules: [{A2915D17-E915-458F-9400-74410270EB04}] => (Allow) H:\SteamLibrary\steamapps\common\SEGA Bass Fishing\AppLauncher.exe No File
FirewallRules: [TCP Query User{A1AA0C11-86AB-4299-A7DC-A663C4BEE134}H:\program file\lol\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) H:\program file\lol\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{E2650BFA-0192-4FDF-B6C7-C2FA2D619374}H:\program file\lol\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe] => (Allow) H:\program file\lol\rads\projects\league_client\releases\0.0.0.154\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{37C0A995-7984-414A-8A74-D643061F6C75}H:\program file\lol\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) H:\program file\lol\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{C4EE46FE-3CAD-4D8C-90D0-921E31A2355C}H:\program file\lol\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe] => (Allow) H:\program file\lol\rads\projects\league_client\releases\0.0.0.158\deploy\leagueclient.exe No File
FirewallRules: [TCP Query User{0D181CA0-E909-46F8-A00F-CB853D29FD72}H:\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) H:\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe No File
FirewallRules: [UDP Query User{3A2ADB60-AF40-4E3D-89FA-ECF394EE9793}H:\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe] => (Allow) H:\steamlibrary\steamapps\common\paladins\binaries\win64\paladins.exe No File
FirewallRules: [{04F68570-DD80-4DEE-8905-B51942F0B89B}] => (Allow) C:\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{35DAADC9-843F-4A15-AB5D-EBE89EC264B1}] => (Allow) C:\SteamLibrary\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{7F03A7EA-6B16-411F-A3DD-0DF3108B712B}] => (Allow) H:\SteamLibrary\steamapps\common\StickFightTheGame\StickFight.exe No File
FirewallRules: [{56A77E94-C1E7-4008-8923-F480F2352C3F}] => (Allow) H:\SteamLibrary\steamapps\common\StickFightTheGame\StickFight.exe No File
FirewallRules: [{22F4C789-9AF1-457C-9494-3A5487EF22DD}] => (Allow) D:6\SteamLibrary\steamapps\common\Screencheat\screencheat.exe No File
FirewallRules: [{BF17DB48-DBDE-4CFB-8188-62B44998AE6A}] => (Allow) D:6\SteamLibrary\steamapps\common\Screencheat\screencheat.exe No File
FirewallRules: [{4FE6DAB4-AE5C-456D-A200-165D5056120E}] => (Allow) D:6\SteamLibrary\steamapps\common\SUPERHOT\SUPERHOT.exe No File
FirewallRules: [{5463040C-C9FE-4C99-B1EE-E1949B19A5AF}] => (Allow) D:6\SteamLibrary\steamapps\common\SUPERHOT\SUPERHOT.exe No File
FirewallRules: [{12AEFBA1-61B4-4CCA-9FA2-3C995102DCD0}] => (Allow) C:\SteamLibrary\steamapps\common\Kingdom New Lands\Kingdom.exe ()
FirewallRules: [{ED515400-A969-4F71-B18E-297A2F533148}] => (Allow) C:\SteamLibrary\steamapps\common\Kingdom New Lands\Kingdom.exe ()
FirewallRules: [{A6346536-6D8F-42AA-BA7E-C37D26805BD9}] => (Allow) C:\SteamLibrary\steamapps\common\Broforce\Broforce_beta.exe ()
FirewallRules: [{0091CAE2-21B7-44C2-918D-3AF12C3B3C32}] => (Allow) C:\SteamLibrary\steamapps\common\Broforce\Broforce_beta.exe ()
FirewallRules: [{6C02D617-B580-49C3-B43A-3EBB8DE4BFB9}] => (Allow) H:\SteamLibrary\steamapps\common\MXGP\MXGP.exe No File
FirewallRules: [{795F443B-B0FF-4DF0-807E-A3806C77E1BF}] => (Allow) H:\SteamLibrary\steamapps\common\MXGP\MXGP.exe No File
FirewallRules: [{B64D8658-E305-40ED-B1EC-CEF0D721D73F}] => (Allow) H:\SteamLibrary\steamapps\common\RaceTheSun\RaceTheSun.exe No File
FirewallRules: [{03FE31EE-0F61-4F9E-BACA-7AC681907052}] => (Allow) H:\SteamLibrary\steamapps\common\RaceTheSun\RaceTheSun.exe No File
FirewallRules: [{D070E99E-BCB8-49A8-AF2F-24C6F8223BEE}] => (Allow) H:\SteamLibrary\steamapps\common\Saints Row the Third\game_launcher.exe No File
FirewallRules: [{184D1914-86DB-422D-84B0-4C3FC0BBED72}] => (Allow) H:\SteamLibrary\steamapps\common\Saints Row the Third\game_launcher.exe No File
FirewallRules: [{E6AA2B88-2A6D-4AE0-A2E8-9275A7527556}] => (Allow) H:\SteamLibrary\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe No File
FirewallRules: [{07480F4D-9F46-43E7-BBE5-66D987733FE7}] => (Allow) H:\SteamLibrary\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe No File
FirewallRules: [{ADB39DA7-AFFD-4514-A259-67AF8B6B36DE}] => (Allow) H:\SteamLibrary\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe No File
FirewallRules: [{B89B03B8-140D-49E3-B575-2073DE2692A4}] => (Allow) H:\SteamLibrary\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe No File
FirewallRules: [TCP Query User{075EC1B8-06E8-422D-AEB7-B2EC152B2A4D}H:\program game\battlenet\overwatch\overwatch.exe] => (Allow) H:\program game\battlenet\overwatch\overwatch.exe No File
FirewallRules: [UDP Query User{9F01D575-0F62-4459-BFF4-54C6696BFAB2}H:\program game\battlenet\overwatch\overwatch.exe] => (Allow) H:\program game\battlenet\overwatch\overwatch.exe No File
FirewallRules: [{46933911-DD77-449D-BE05-9AAC2C58A753}] => (Allow) H:\SteamLibrary\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{7E3D446A-8ED0-44FB-81A4-9B21444B2063}] => (Allow) H:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe No File
FirewallRules: [{D4BAB693-BF42-45FA-8E76-C18C5482FF53}] => (Allow) H:\SteamLibrary\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{3FF0E5D1-7BC1-4926-A1DE-7EA58217E0ED}] => (Allow) H:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe No File
FirewallRules: [{1B8A2BE8-6A0E-4C8A-8B22-6934A023ED79}] => (Allow) H:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe No File
FirewallRules: [{84A2588A-4FCB-4C26-986C-9878980C7069}] => (Allow) H:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe No File
FirewallRules: [{C1D3C873-CF3B-4ACF-BCE6-8014D13642AA}] => (Allow) H:\SteamLibrary\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{7D7EC331-05D6-497A-B75F-ED8D74F92A0A}] => (Allow) H:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe No File
FirewallRules: [{1F44E43D-A130-4CD3-84F1-04BADA7D9C9F}] => (Allow) H:\SteamLibrary\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{3E3D5804-0D92-4AC9-8801-6999E965BA2C}] => (Allow) H:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe No File
FirewallRules: [{57664DE1-2470-45BE-96C8-CC18D9CAEB88}] => (Allow) H:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe No File
FirewallRules: [{A5449A2F-46F1-4FD6-B43D-11378C6641F8}] => (Allow) H:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe No File
FirewallRules: [TCP Query User{4A92C0BC-83CE-465B-9EFB-B1D5208F4D2E}D:\program ssd\magic\25\musicmaker.exe] => (Allow) D:\program ssd\magic\25\musicmaker.exe No File
FirewallRules: [UDP Query User{EE46579B-6AAE-4A98-BE9C-80B3424F19A1}D:\program ssd\magic\25\musicmaker.exe] => (Allow) D:\program ssd\magic\25\musicmaker.exe No File
FirewallRules: [TCP Query User{9373B077-DF51-4B95-9110-A72D7AC1D007}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe (Oracle America, Inc. -> Oracle Corporation)
FirewallRules: [UDP Query User{08C80490-4B84-48D9-B54C-CAE1D37FCF6C}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe (Oracle America, Inc. -> Oracle Corporation)
FirewallRules: [TCP Query User{D93FCA67-B4BC-4FEB-A78C-181B99E8D695}H:\downl\king of the hat - august backer build\king of the hat - august backer build\pc\pc.exe] => (Allow) H:\downl\king of the hat - august backer build\king of the hat - august backer build\pc\pc.exe No File
FirewallRules: [UDP Query User{9C456ECE-2C58-471A-872C-689BB5CF1D5D}H:\downl\king of the hat - august backer build\king of the hat - august backer build\pc\pc.exe] => (Allow) H:\downl\king of the hat - august backer build\king of the hat - august backer build\pc\pc.exe No File
FirewallRules: [TCP Query User{E38D88AF-D227-485B-94F3-20BCE27C7AC3}D:\downloadssd\monero-gui-win-x64-v0.12.3.0\monero-gui-v0.12.3.0\monero-wallet-gui.exe] => (Allow) D:\downloadssd\monero-gui-win-x64-v0.12.3.0\monero-gui-v0.12.3.0\monero-wallet-gui.exe No File
FirewallRules: [UDP Query User{E886E5C3-7950-4C50-8605-F6D2EC0C5BD7}D:\downloadssd\monero-gui-win-x64-v0.12.3.0\monero-gui-v0.12.3.0\monero-wallet-gui.exe] => (Allow) D:\downloadssd\monero-gui-win-x64-v0.12.3.0\monero-gui-v0.12.3.0\monero-wallet-gui.exe No File
FirewallRules: [TCP Query User{73594363-0E00-4411-9046-1163DD2F954B}D:\downloadssd\monero-gui-win-x64-v0.12.3.0\monero-gui-v0.12.3.0\monerod.exe] => (Allow) D:\downloadssd\monero-gui-win-x64-v0.12.3.0\monero-gui-v0.12.3.0\monerod.exe No File
FirewallRules: [UDP Query User{8E6FDAB8-C655-46AF-BFF7-4B859D448512}D:\downloadssd\monero-gui-win-x64-v0.12.3.0\monero-gui-v0.12.3.0\monerod.exe] => (Allow) D:\downloadssd\monero-gui-win-x64-v0.12.3.0\monero-gui-v0.12.3.0\monerod.exe No File
FirewallRules: [{CA3EB277-B869-447A-AD52-7DF154C8A25C}] => (Allow) LPort=1688
FirewallRules: [TCP Query User{292C4D05-412C-41C5-A239-1A1CAFE0EDA3}C:\program files\sdedibox\sdedibox.exe] => (Allow) C:\program files\sdedibox\sdedibox.exe ()
FirewallRules: [UDP Query User{292F5EC9-9409-400C-9487-E53EDB8C6892}C:\program files\sdedibox\sdedibox.exe] => (Allow) C:\program files\sdedibox\sdedibox.exe ()
FirewallRules: [{11D786C8-E358-4CF1-B968-6DF9C9C9A413}] => (Allow) D:\program ssd\steam\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC -> Futuremark)
FirewallRules: [{94429A31-AF3A-4428-8C85-EA42A6F8FAE0}] => (Allow) D:\program ssd\steam\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC -> Futuremark)
FirewallRules: [{ADC77D6A-D001-476E-B842-879775BC0BA7}] => (Allow) C:\Users\guillaume\Documents\nox\Nox\bin\Nox.exe (Beijing Duodian Online Science and Technology Co.,Ltd -> Duodian Technology Co. Ltd.)
FirewallRules: [{2309D857-30F7-4767-BEC3-6748116EC113}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation)
FirewallRules: [{E6A41932-3170-491A-BB03-9D1771B28FD9}] => (Allow) D:\program ssd\steam\steamapps\common\DeathRoadToCanada\prog.exe No File
FirewallRules: [{BF76BA50-FBEB-4D9A-83B9-F1570E3D5E4F}] => (Allow) D:\program ssd\steam\steamapps\common\DeathRoadToCanada\prog.exe No File
FirewallRules: [{0646984C-B1A3-448E-9327-47335CF0276E}] => (Allow) D:\program ssd\steam\steamapps\common\VoiceAttack\VoiceAttack.exe No File
FirewallRules: [{F7EA334F-57BC-4380-A4E7-238C8F4CF1FB}] => (Allow) D:\program ssd\steam\steamapps\common\VoiceAttack\VoiceAttack.exe No File
FirewallRules: [{D2725FA7-0852-4BD0-A863-0C5DFFF53A89}] => (Allow) C:\SteamLibrary\steamapps\common\VoiceAttack\VoiceAttack.exe (VoiceAttack.com -> VoiceAttack.com)
FirewallRules: [{C81BB244-7AD5-4DC7-B0DB-0E067CF29E70}] => (Allow) C:\SteamLibrary\steamapps\common\VoiceAttack\VoiceAttack.exe (VoiceAttack.com -> VoiceAttack.com)
FirewallRules: [{40C0507E-2F21-4C3F-907F-20C299E4A54C}] => (Allow) C:\SteamLibrary\steamapps\common\Hotline Miami 2\HotlineMiami2.exe ()
FirewallRules: [{1BFAE37B-226A-4D89-8DDD-735CDDCA0573}] => (Allow) C:\SteamLibrary\steamapps\common\Hotline Miami 2\HotlineMiami2.exe ()
FirewallRules: [{DE50F62A-943E-41C5-A669-7F482DD1330C}] => (Allow) H:\SteamLibrary\steamapps\common\RiME\SirenGame\Binaries\Win64\RiME.exe No File
FirewallRules: [{451AE1EE-1E1F-4E10-80BB-ADCB98730B4E}] => (Allow) H:\SteamLibrary\steamapps\common\RiME\SirenGame\Binaries\Win64\RiME.exe No File
FirewallRules: [TCP Query User{362B8CCC-CCE0-4FCD-B2BC-8DB72935E9DD}H:\discord\king of the hat\content\kingofthehat.exe] => (Allow) H:\discord\king of the hat\content\kingofthehat.exe No File
FirewallRules: [UDP Query User{9A2920BD-F2C4-40B4-803C-6B1310139C1D}H:\discord\king of the hat\content\kingofthehat.exe] => (Allow) H:\discord\king of the hat\content\kingofthehat.exe No File
FirewallRules: [{375E9977-53DC-4B9E-AACE-80AB5526DCAC}] => (Allow) H:\SteamLibrary\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe No File
FirewallRules: [{5E5D43F4-0820-4447-AFDA-7C07E4C43005}] => (Allow) H:\SteamLibrary\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe No File
FirewallRules: [{D1CFF1D6-EBFA-4459-8DD7-62FD5097E208}] => (Allow) C:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{0C46BC3A-3405-48BC-88AF-A68BC40009C4}] => (Allow) C:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{314C28D8-9E37-480C-A44B-AAD8D5459CB8}] => (Allow) H:\downl\KMS Tools Portable (01.08.2018 par Ratiborus)\Programs\AAct Network v1.1.2 Portable\AAct_Network_x64.exe No File
FirewallRules: [{9AE2E4F9-96E3-495C-80B8-81722FDD2809}] => (Allow) H:\downl\KMS Tools Portable (01.08.2018 par Ratiborus)\Programs\AAct Network v1.1.2 Portable\AAct_Network_x64.exe No File
FirewallRules: [{9F778ED7-40D8-4979-B1E5-C32FC1F73E9C}] => (Allow) LPort=1688
FirewallRules: [TCP Query User{E082A03E-3F6E-4ECF-9D95-292AEC81913D}H:\program game\lol\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) H:\program game\lol\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{B9029D36-3C49-434C-A99D-D3C28CE679EA}H:\program game\lol\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) H:\program game\lol\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe No File
FirewallRules: [{6552B4DF-30E0-4B58-B9D9-55A3BA3DF779}] => (Allow) D:\program ssd\steam\steamapps\common\3DMark\bin\x86\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{48C195CA-56D4-4ED2-8359-F8411CC5DAB0}] => (Allow) D:\program ssd\steam\steamapps\common\3DMark\bin\x86\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{5730FC11-2A0D-4098-BE70-323D06881C08}] => (Allow) D:\program ssd\steam\steamapps\common\3DMark\bin\x64\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{002D7493-C54F-4347-B11A-A93C3D575021}] => (Allow) D:\program ssd\steam\steamapps\common\3DMark\bin\x64\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{B4E425A7-AFDE-4818-8449-77EFEB85937D}] => (Allow) C:\SteamLibrary\steamapps\common\Save Your Nuts\SaveYourNuts.exe (CryptCATAdminCalcHashFromFileHandle failed to return cbHash, #2 -> )
FirewallRules: [{983ACE58-FCCD-4F9F-A2E9-36227238BBEC}] => (Allow) C:\SteamLibrary\steamapps\common\Save Your Nuts\SaveYourNuts.exe (CryptCATAdminCalcHashFromFileHandle failed to return cbHash, #2 -> )
FirewallRules: [TCP Query User{6FF7D5F1-F5C6-4B57-AD36-C4848AAB3328}C:\steamlibrary\steamapps\common\save your nuts\saveyournuts\binaries\win64\saveyournuts-win64-shipping.exe] => (Allow) C:\steamlibrary\steamapps\common\save your nuts\saveyournuts\binaries\win64\saveyournuts-win64-shipping.exe (Triple Scale Games)
FirewallRules: [UDP Query User{C237E9DF-FFD2-4335-91D9-FC462573B0D8}C:\steamlibrary\steamapps\common\save your nuts\saveyournuts\binaries\win64\saveyournuts-win64-shipping.exe] => (Allow) C:\steamlibrary\steamapps\common\save your nuts\saveyournuts\binaries\win64\saveyournuts-win64-shipping.exe (Triple Scale Games)
FirewallRules: [{2E7C3EEF-594A-4E57-9CC1-A55AA9E2960F}] => (Allow) H:\SteamLibrary\steamapps\common\Besiege\Besiege.exe No File
FirewallRules: [{9E15CD0F-AC81-48A3-B637-2B0076856858}] => (Allow) H:\SteamLibrary\steamapps\common\Besiege\Besiege.exe No File
FirewallRules: [TCP Query User{424B8FCD-172F-40D2-9939-F3B76B638AE7}H:\program game\lol\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) H:\program game\lol\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe No File
FirewallRules: [UDP Query User{A2DF646C-7EFA-4B94-90AC-CA1A1AC5DBBC}H:\program game\lol\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe] => (Allow) H:\program game\lol\rads\projects\league_client\releases\0.0.0.175\deploy\leagueclient.exe No File
FirewallRules: [{F3993402-5ABB-4661-A3D1-E0869607205F}] => (Allow) H:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe No File
FirewallRules: [{935B60B6-E9C5-46DB-89A5-F9C48CF684D0}] => (Allow) H:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe No File
FirewallRules: [{3CE87A8B-BF15-48D6-8AC4-3C53D460436B}] => (Allow) H:\SteamLibrary\steamapps\common\Worms Clan Wars\WormsClanWars.exe No File
FirewallRules: [{C5242A29-7C41-4F34-8448-C2BA2B207F52}] => (Allow) H:\SteamLibrary\steamapps\common\Worms Clan Wars\WormsClanWars.exe No File
FirewallRules: [TCP Query User{E8EC861F-4553-47E0-9DDF-97B5C00CA6E0}C:\users\guillaume\appdata\roaming\vip72 socks client\vip72socks.exe] => (Allow) C:\users\guillaume\appdata\roaming\vip72 socks client\vip72socks.exe (UNIC-UK LTD -> )
FirewallRules: [UDP Query User{EC786BB8-107C-4EB8-94E7-1815639B3478}C:\users\guillaume\appdata\roaming\vip72 socks client\vip72socks.exe] => (Allow) C:\users\guillaume\appdata\roaming\vip72 socks client\vip72socks.exe (UNIC-UK LTD -> )
FirewallRules: [{CA13DCF9-6071-40D7-8886-51932EB0D52F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [TCP Query User{5ADBEF07-D893-4288-B3C7-AB7D71238E35}C:\program files\sdedibox\sdedibox.exe] => (Allow) C:\program files\sdedibox\sdedibox.exe ()
FirewallRules: [UDP Query User{C874F118-3D39-4A4E-8FD6-C9D35C592DEA}C:\program files\sdedibox\sdedibox.exe] => (Allow) C:\program files\sdedibox\sdedibox.exe ()
FirewallRules: [{449FCAE1-E0F1-4DE2-A33E-736F591126C1}] => (Allow) C:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Gearbox Software)
FirewallRules: [{77332E21-BD7A-497E-97E6-5F49ED553BDD}] => (Allow) C:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Gearbox Software)
FirewallRules: [{6B026453-681D-48C4-BBBB-9A69C208DCC9}] => (Allow) C:\SteamLibrary\steamapps\common\SUPERHOT\SUPERHOT.exe (SUPERHOT Sp z o.o.)
FirewallRules: [{9FA3BD46-58BE-4A4B-AF1F-019EB5AE44BE}] => (Allow) C:\SteamLibrary\steamapps\common\SUPERHOT\SUPERHOT.exe (SUPERHOT Sp z o.o.)
FirewallRules: [{F855C240-97DD-4B25-A622-C50CC92846EA}] => (Allow) C:\SteamLibrary\steamapps\common\TxP\TormentorXPunisher.exe No File
FirewallRules: [{23A44154-38A7-4702-9801-22F420D93DBD}] => (Allow) C:\SteamLibrary\steamapps\common\TxP\TormentorXPunisher.exe No File
FirewallRules: [{376CB955-8EF8-43E2-8D44-0452645B1C4D}] => (Allow) C:\SteamLibrary\steamapps\common\Saints Row the Third\game_launcher.exe (THQ Inc.)
FirewallRules: [{47CE9140-C6E1-4968-AF1B-C4A1EB05519D}] => (Allow) C:\SteamLibrary\steamapps\common\Saints Row the Third\game_launcher.exe (THQ Inc.)
FirewallRules: [{5C3F59CC-F37A-4355-9306-98C5A946B4BA}] => (Allow) C:\SteamLibrary\steamapps\common\MXGP\MXGP.exe (Milestone S.r.l.)
FirewallRules: [{8FA7CEDF-2388-4489-AE60-DCB599D7A7E4}] => (Allow) C:\SteamLibrary\steamapps\common\MXGP\MXGP.exe (Milestone S.r.l.)
FirewallRules: [{D886A9E6-8CD4-4843-82F6-03304D3768B2}] => (Allow) C:\SteamLibrary\steamapps\common\FLUID\PCE2.exe ()
FirewallRules: [{150A25D9-4DEA-431D-83E4-B0DA17447A6B}] => (Allow) C:\SteamLibrary\steamapps\common\FLUID\PCE2.exe ()
FirewallRules: [{0CCD9776-829A-40B3-B3AD-9D4FBF31799A}] => (Allow) C:\SteamLibrary\steamapps\common\Nyan Cat Lost In Space\bin_x86\NyanCat.exe ()
FirewallRules: [{6C196864-C53C-4F65-B3E6-48BC96F7BE2B}] => (Allow) C:\SteamLibrary\steamapps\common\Nyan Cat Lost In Space\bin_x86\NyanCat.exe ()
FirewallRules: [{C51ECC35-29ED-44AD-BA5D-4F57DB0A5A01}] => (Allow) C:\SteamLibrary\steamapps\common\PlagueInc\PlagueIncEvolved.exe ()
FirewallRules: [{4375FB73-EDEA-4D22-88C2-7DB92211C815}] => (Allow) C:\SteamLibrary\steamapps\common\PlagueInc\PlagueIncEvolved.exe ()
FirewallRules: [{312832F0-8406-427E-9A48-F5DDD0A101A9}] => (Allow) C:\SteamLibrary\steamapps\common\Rivals of Aether\RivalsofAether.exe (Dan Fornace)
FirewallRules: [{7F9F7B8D-46E0-4266-8F3E-1662A219F29A}] => (Allow) C:\SteamLibrary\steamapps\common\Rivals of Aether\RivalsofAether.exe (Dan Fornace)
FirewallRules: [{6C3C29B7-1841-419D-9C88-42A48B654440}] => (Allow) C:\SteamLibrary\steamapps\common\Riptide GP Renegade\Game_x64.exe ()
FirewallRules: [{A3EDFEEB-24D7-4F6B-94E4-3107A404CB89}] => (Allow) C:\SteamLibrary\steamapps\common\Riptide GP Renegade\Game_x64.exe ()
FirewallRules: [{47418F0D-19E5-48E0-B2E3-20A1496BF143}] => (Allow) C:\SteamLibrary\steamapps\common\Robocraft\Robocraft.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{8F79D2BB-D3A8-4BAD-B800-B42F56A52E99}] => (Allow) C:\SteamLibrary\steamapps\common\Robocraft\Robocraft.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{04BB520F-C409-4686-A8BB-0FC521E1F0D0}] => (Allow) C:\SteamLibrary\steamapps\common\Angry Birds Space\AngryBirdsSpace.exe (Rovio Entertainment Ltd.)
FirewallRules: [{AC7473A8-42E4-4A66-ACA9-CA1BA1B2251C}] => (Allow) C:\SteamLibrary\steamapps\common\Angry Birds Space\AngryBirdsSpace.exe (Rovio Entertainment Ltd.)
FirewallRules: [{4DAD337E-9E56-4107-AB20-94E2B522F48B}] => (Allow) C:\SteamLibrary\steamapps\common\DeathRoadToCanada\prog.exe ()
FirewallRules: [{15D3C05F-3D45-4E37-B5AE-56E28AC21638}] => (Allow) C:\SteamLibrary\steamapps\common\DeathRoadToCanada\prog.exe ()
FirewallRules: [{FCAB84F2-666F-4F31-B6B6-F7D26E5EDA85}] => (Allow) C:\SteamLibrary\steamapps\common\Besiege\Besiege.exe ()
FirewallRules: [{80A7C812-846B-4026-8E60-3FEF47781B35}] => (Allow) C:\SteamLibrary\steamapps\common\Besiege\Besiege.exe ()
FirewallRules: [{917EA80E-5A20-424D-A4C9-9723678DB5BF}] => (Allow) C:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe No File
FirewallRules: [{650DF9BE-9600-4296-8E38-B068EAA07245}] => (Allow) C:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe No File
FirewallRules: [{89EC17EA-6189-4277-BDDF-45F9E98E16AB}] => (Allow) C:\SteamLibrary\steamapps\common\TheLongDark\tld.exe ()
FirewallRules: [{64E30939-41D9-46A1-B1EF-4CF20EE69BE7}] => (Allow) C:\SteamLibrary\steamapps\common\TheLongDark\tld.exe ()
FirewallRules: [TCP Query User{6B7D366C-8E4D-4FF0-9DAC-B4494070C0AD}C:\blizzard\battlenet\overwatch\overwatch.exe] => (Allow) C:\blizzard\battlenet\overwatch\overwatch.exe No File
FirewallRules: [UDP Query User{A720F2C7-10C4-4CC8-9A7E-8A4E2DD718ED}C:\blizzard\battlenet\overwatch\overwatch.exe] => (Allow) C:\blizzard\battlenet\overwatch\overwatch.exe No File
FirewallRules: [{8F038858-1E9A-485A-A4B4-1EAFBFCD6287}] => (Allow) C:\SteamLibrary\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe (Valve Corp. -> Irrational Games)
FirewallRules: [{0EEB332B-E4BD-40C8-A7CA-07F6AD1C7286}] => (Allow) C:\SteamLibrary\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe (Valve Corp. -> Irrational Games)
FirewallRules: [{A4879B75-9762-4C61-8C1B-BB30849323CE}] => (Allow) C:\SteamLibrary\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe ()
FirewallRules: [{8DC341AB-DD5C-4901-A7D3-8729421FF397}] => (Allow) C:\SteamLibrary\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe ()
FirewallRules: [{2A6250E7-0AF8-4436-8EA7-30113AE09FB9}] => (Allow) C:\SteamLibrary\steamapps\common\grid 2\grid2.exe (Valve Corp. -> Codemasters Software Company Limited)
FirewallRules: [{2964C8C9-CBE6-440B-9564-567E378C9903}] => (Allow) C:\SteamLibrary\steamapps\common\grid 2\grid2.exe (Valve Corp. -> Codemasters Software Company Limited)
FirewallRules: [{311D85AC-30FE-462D-99B8-24BCFD297A24}] => (Allow) C:\SteamLibrary\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe (Gearbox Software)
FirewallRules: [{B4EFA1E1-5CF0-4ABA-8376-BBAA940B3DC0}] => (Allow) C:\SteamLibrary\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe (Gearbox Software)
FirewallRules: [{2DDE455D-B962-4C54-B37E-53498B977BC1}] => (Allow) C:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe No File
FirewallRules: [{B859CF74-1C90-4762-ABD7-671451C2597E}] => (Allow) C:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe No File
FirewallRules: [{99E69BE8-4E06-434B-AB86-FBFA7A9183D9}] => (Allow) D:\program ssd\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{D90637EC-DF40-4DE9-B7DB-0C879285D42F}] => (Allow) D:\program ssd\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [TCP Query User{BB08115F-E2A9-4C79-AB1D-39FD3E1AEC0D}C:\steamlibrary\steamapps\common\war thunder\launcher.exe] => (Allow) C:\steamlibrary\steamapps\common\war thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{5428EC8A-1B80-40A2-87A8-9F05E639338F}C:\steamlibrary\steamapps\common\war thunder\launcher.exe] => (Allow) C:\steamlibrary\steamapps\common\war thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{846328C7-FBDB-4C14-8F4C-F3A74E5E572A}] => (Allow) D:\program ssd\steam\steamapps\common\TxP\TormentorXPunisher.exe ( )
FirewallRules: [{5DF01717-9013-4134-B5E9-7D67906194AD}] => (Allow) D:\program ssd\steam\steamapps\common\TxP\TormentorXPunisher.exe ( )
FirewallRules: [TCP Query User{7EE5AD8C-FEA7-4DF0-A0DE-0C68C3D7E929}D:\blizzard\battlenet\overwatch\overwatch.exe] => (Allow) D:\blizzard\battlenet\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{C75D3BC3-A012-482A-9859-DA187A6CC4B3}D:\blizzard\battlenet\overwatch\overwatch.exe] => (Allow) D:\blizzard\battlenet\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{5A0842F3-21EB-4711-9637-DC27EE98FCF0}D:\program ssd\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\program ssd\steam\steamapps\common\war thunder\win64\aces.exe No File
FirewallRules: [UDP Query User{25A77F02-5710-4CF9-BFCB-D311CAFACCEC}D:\program ssd\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\program ssd\steam\steamapps\common\war thunder\win64\aces.exe No File
FirewallRules: [{57EE4770-3F2E-40A5-9BDB-EADC593A3F05}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{99A7A430-725E-4409-B471-833CEF5A72CE}] => (Allow) D:\program ssd\steam\steamapps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe ()
FirewallRules: [{BAA46ECD-34E2-44C7-B9EA-38ED8D29E9DE}] => (Allow) D:\program ssd\steam\steamapps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe ()
FirewallRules: [{1AB1DD34-90DF-4A02-8A5A-3B8504711196}] => (Allow) C:\SteamLibrary\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe ()
FirewallRules: [{7A7EFF78-E027-4766-997C-61F001D7DB72}] => (Allow) C:\SteamLibrary\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe ()
FirewallRules: [{23089981-BDD7-4B24-B00B-3DC7989DD5B4}] => (Allow) C:\SteamLibrary\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe ()
FirewallRules: [{0E948DA1-90E6-4E94-8AF4-75FDD3A3E50E}] => (Allow) C:\SteamLibrary\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe ()
FirewallRules: [{4D03F4D4-2548-45FF-9588-8EE36539B3FC}] => (Allow) D:\program ssd\steam\steamapps\common\Riptide GP2\GameWin32RetailSteam.exe ()
FirewallRules: [{86C758C5-925B-4EEE-943E-1AC32C1DE545}] => (Allow) D:\program ssd\steam\steamapps\common\Riptide GP2\GameWin32RetailSteam.exe ()
FirewallRules: [{861F4447-60FF-4A0A-9651-FFD37DAF16A7}] => (Allow) D:\program ssd\steam\steamapps\common\Geometry Dash\GeometryDash.exe ()
FirewallRules: [{B99D9D01-44DF-4E0B-9EB4-02452610FA1D}] => (Allow) D:\program ssd\steam\steamapps\common\Geometry Dash\GeometryDash.exe ()
FirewallRules: [{6718C9C3-9F16-4344-8A35-D65FA9BBAB83}] => (Allow) C:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{D097AD51-C06B-4AF3-8864-0A9841373FB6}] => (Allow) C:\SteamLibrary\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Kristjan Skutta -> )
FirewallRules: [{717D027A-F3A2-45D5-8FBF-E81F1784F828}] => (Allow) D:\program ssd\steam\steamapps\common\Trove\GlyphClient.exe (gamigo AG -> Trion Worlds Inc.)
FirewallRules: [{A844997A-A4DD-4A12-9609-78AFBDB93939}] => (Allow) D:\program ssd\steam\steamapps\common\Trove\GlyphClient.exe (gamigo AG -> Trion Worlds Inc.)
FirewallRules: [{CD32356E-DFC2-4481-ABC0-A04BD9BD6C96}] => (Allow) D:\program ssd\steam\steamapps\common\3DMark\bin\x86\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{2CC18901-4B26-447A-9087-902FB880A86B}] => (Allow) D:\program ssd\steam\steamapps\common\3DMark\bin\x86\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{A7116CA1-DE97-4E95-99E5-8F627FE4DDAC}] => (Allow) D:\program ssd\steam\steamapps\common\3DMark\bin\x64\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{10F2641F-E327-41F6-99B5-8E8BC2EC9624}] => (Allow) D:\program ssd\steam\steamapps\common\3DMark\bin\x64\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{BA8D1C46-A8C4-4DF4-B7B8-BA2919072ABF}] => (Allow) D:\program ssd\mmm\27\MusicMaker.exe (MAGIX Software GmbH -> MAGIX Software GmbH)
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/06/2019 11:22:32 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (02/06/2019 11:19:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Synp.exe, version: 3.9.25.1, time stamp: 0x1f04f3c7
Faulting module name: KERNELBASE.dll, version: 6.3.9600.19178, time stamp: 0x5bc10573
Exception code: 0xe0434352
Fault offset: 0x00015ef8
Faulting process ID: 0x208
Faulting application start time: 0x01d4be37afc143bc
Faulting application path: C:\Program Files (x86)\touchpad\Synp.exe
Faulting module path: C:\Windows\SYSTEM32\KERNELBASE.dll
Report ID: f5d90301-2a2a-11e9-82f3-645a045cd845
Faulting package full name:
Faulting package-relative application ID:
Error: (02/06/2019 11:19:22 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Synp.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Resources.MissingManifestResourceException
at System.Resources.ManifestBasedResourceGroveler.HandleResourceStreamMissing(System.String)
at System.Resources.ManifestBasedResourceGroveler.GrovelForResourceSet(System.Globalization.CultureInfo, System.Collections.Generic.Dictionary`2<System.String,System.Resources.ResourceSet>, Boolean, Boolean, System.Threading.StackCrawlMark ByRef)
at System.Resources.ResourceManager.InternalGetResourceSet(System.Globalization.CultureInfo, Boolean, Boolean, System.Threading.StackCrawlMark ByRef)
at System.Resources.ResourceManager.InternalGetResourceSet(System.Globalization.CultureInfo, Boolean, Boolean)
at System.Resources.ResourceManager.GetString(System.String, System.Globalization.CultureInfo)
at System.Resources.ResourceManager.GetString(System.String)
at jesXCAvZ./0o2N3\+pKmY4ukWPDIljePVwgAYmjH3HMUhCB3VaW\+P5epZbPVHd\+plBZbA91uMpMd37cQ1jHi6/LrAgym/NnSVjMQ425ulnD0Ty1BoLDyElMlJH4lQ=.sn6j/CymcWStQgpOUgI9oi9+2Xhs1lSRcFbaSxo2l1PhBvyBUg5qT2KIjE7bcwnkh5OLGoa3VehSo7s2db64zayWmmdDb+L8mV1YoHdKWeP3NLRdHY7svcdegkvyHY4VfRwrN79Yse/x5A==()
at jesXCAvZ./0o2N3\+pKmY4ukWPDIljePVwgAYmjH3HMUhCB3VaW\+P5epZbPVHd\+plBZbA91uMpMd37cQ1jHi6/LrAgym/NnSVjMQ425ulnD0Ty1BoLDyElMlJH4lQ=.V0df4w3kXlzT5sm7g4EPyjETMl17PyrBLv5INJksQ0Q671jnhiuzMFic53PF0h+vGIekrmky7P9KXfgHfmt++PLujnCLqt4G/lcdjrueAj+OOc2c07GFBiS1EK/dJAXKfVUlLLI2HSM9Sg==()
Error: (02/06/2019 10:36:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Synp.exe, version: 3.9.25.1, time stamp: 0x1f04f3c7
Faulting module name: KERNELBASE.dll, version: 6.3.9600.19178, time stamp: 0x5bc10573
Exception code: 0xe0434352
Fault offset: 0x00015ef8
Faulting process ID: 0x1c84
Faulting application start time: 0x01d4be31bbafd743
Faulting application path: C:\Program Files (x86)\touchpad\Synp.exe
Faulting module path: C:\Windows\SYSTEM32\KERNELBASE.dll
Report ID: 02bbb629-2a25-11e9-82f3-645a045cd845
Faulting package full name:
Faulting package-relative application ID:
Error: (02/06/2019 10:36:46 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Synp.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Resources.MissingManifestResourceException
at System.Resources.ManifestBasedResourceGroveler.HandleResourceStreamMissing(System.String)
at System.Resources.ManifestBasedResourceGroveler.GrovelForResourceSet(System.Globalization.CultureInfo, System.Collections.Generic.Dictionary`2<System.String,System.Resources.ResourceSet>, Boolean, Boolean, System.Threading.StackCrawlMark ByRef)
at System.Resources.ResourceManager.InternalGetResourceSet(System.Globalization.CultureInfo, Boolean, Boolean, System.Threading.StackCrawlMark ByRef)
at System.Resources.ResourceManager.InternalGetResourceSet(System.Globalization.CultureInfo, Boolean, Boolean)
at System.Resources.ResourceManager.GetString(System.String, System.Globalization.CultureInfo)
at System.Resources.ResourceManager.GetString(System.String)
at jesXCAvZ./0o2N3\+pKmY4ukWPDIljePVwgAYmjH3HMUhCB3VaW\+P5epZbPVHd\+plBZbA91uMpMd37cQ1jHi6/LrAgym/NnSVjMQ425ulnD0Ty1BoLDyElMlJH4lQ=.sn6j/CymcWStQgpOUgI9oi9+2Xhs1lSRcFbaSxo2l1PhBvyBUg5qT2KIjE7bcwnkh5OLGoa3VehSo7s2db64zayWmmdDb+L8mV1YoHdKWeP3NLRdHY7svcdegkvyHY4VfRwrN79Yse/x5A==()
at jesXCAvZ./0o2N3\+pKmY4ukWPDIljePVwgAYmjH3HMUhCB3VaW\+P5epZbPVHd\+plBZbA91uMpMd37cQ1jHi6/LrAgym/NnSVjMQ425ulnD0Ty1BoLDyElMlJH4lQ=.V0df4w3kXlzT5sm7g4EPyjETMl17PyrBLv5INJksQ0Q671jnhiuzMFic53PF0h+vGIekrmky7P9KXfgHfmt++PLujnCLqt4G/lcdjrueAj+OOc2c07GFBiS1EK/dJAXKfVUlLLI2HSM9Sg==()
Error: (02/05/2019 09:22:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program MusicMaker.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 2374
Start Time: 01d4bdbfc6fde8e9
Termination Time: 4294967295
Application Path: C:\Program Files (x86)\MAGIX\Music Maker\27\MusicMaker.exe
Report Id: 02fc4b2c-29b6-11e9-82f3-645a045cd845
Faulting package full name:
Faulting package-relative application ID:
Error: (02/05/2019 09:22:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program MusicMaker.exe version 27.0.2.28 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: c24
Start Time: 01d4bdc234dde571
Termination Time: 4294967295
Application Path: D:\program ssd\mmm\27\MusicMaker.exe
Report Id: 01c9d0e8-29b6-11e9-82f3-645a045cd845
Faulting package full name:
Faulting package-relative application ID:
Error: (02/05/2019 09:12:35 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Users\GUILLA~1\AppData\Local\Temp\mgxja7m9umr\addon\vcredist2013_12.0.21005\vcredist_x86.exe /quiet /norestart /l "C:\Users\guillaume\AppData\Local\Temp\MxMsiLogs\mm27_20190205_211107\001#Install#vcredist2013_12_0_21005_x86.txt"; Description = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005; Error = 0x80070422).
System errors:
=============
Error: (02/06/2019 01:29:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Avast Firewall Service service failed to start due to the following error:
The system cannot find the file specified.
Error: (02/06/2019 01:29:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Avast Firewall Service service failed to start due to the following error:
The system cannot find the file specified.
Error: (02/06/2019 01:02:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Avast Firewall Service service failed to start due to the following error:
The system cannot find the file specified.
Error: (02/06/2019 01:02:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Avast Firewall Service service failed to start due to the following error:
The system cannot find the file specified.
Error: (02/06/2019 11:36:31 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 70.
Error: (02/06/2019 11:36:30 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 70.
Error: (02/06/2019 11:19:33 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.
Error: (02/06/2019 11:19:32 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.
Windows Defender:
===================================
Date: 2019-02-06 13:44:02.372
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted: Current
Error Code: 0x80073aba
Error description: The resource is too old to be compatible.
Signature version: 1.155.266.0;1.155.266.0
Engine version: 1.1.9700.0
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz
Percentage of memory in use: 60%
Total physical RAM: 8102.89 MB
Available physical RAM: 3212.54 MB
Total Virtual: 11402.28 MB
Available Virtual: 4591.29 MB
==================== Drives ================================
Drive c: (TI31284600C) (Fixed) (Total:434.98 GB) (Free:101.71 GB) NTFS
Drive d: (a7SSD) (Fixed) (Total:111.66 GB) (Free:34.6 GB) NTFS
Drive e: (System) (Fixed) (Total:1 GB) (Free:0.09 GB) NTFS
Drive f: (Recovery) (Fixed) (Total:10.91 GB) (Free:0.99 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 447.1 GB) (Disk ID: 09428284)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 0E1E0C3B)
Partition: GPT.
==================== End of Addition.txt ============================