Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2023
Ran by Alex (administrator) on DESKTOP-B066BC4 (Gigabyte Technology Co., Ltd. H81M-S2PV) (07-10-2023 19:28:47)
Running from C:\Users\Alex\Downloads\FRST64.exe
Loaded Profiles: Alex
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3448 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(cmd.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(D:\Jeux PC\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) D:\Jeux PC\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <6>
(DriverStore\FileRepository\u0396094.inf_amd64_a90ea54eeab05481\B395672\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0396094.inf_amd64_a90ea54eeab05481\B395672\atieclxx.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\Alex\AppData\Local\FluxSoftware\Flux\flux.exe
(explorer.exe ->) (Gaijin Network Ltd -> Gaijin) C:\Users\Alex\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <27>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) D:\Jeux PC\Steam\steam.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0396094.inf_amd64_a90ea54eeab05481\B395672\atiesrxx.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> ) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrB.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordUpdater\NordUpdateService.exe
(services.exe ->) (nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe
(svchost.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(svchost.exe ->) (KORG INC. -> KORG Inc.) C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(TP-Link Technologies Co., Ltd) [File not signed] C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\TWCU.exe
Failed to access process -> AMDInstallUEP.exe
Failed to access process -> TESvc.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [255896 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [FxSound Enhancer] => C:\Program Files (x86)\DFX\dfx.exe [1665528 2017-07-01] (Power Technology -> ) [File not signed]
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [325856 2020-07-22] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [ZaAntiRansomware] => C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe [4231392 2021-04-19] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [KORG USB-MIDI Driver] => C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper.exe [394176 2020-08-28] (KORG INC. -> KORG Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\Run: [Shell] => C:\Program Files (x86)\TP-Link\TP-LINK TL-WN823N\WPS_TOOL_AUTO.vbs [151 2020-01-18] () [File not signed]
HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\Run: [f.lux] => C:\Users\Alex\AppData\Local\FluxSoftware\Flux\flux.exe [1515848 2021-06-18] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\Run: [Gaijin.Net Updater] => C:\Users\Alex\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [3053768 2023-06-28] (Gaijin Network Ltd -> Gaijin)
HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\Run: [Steam] => D:\Jeux PC\Steam\steam.exe [4375912 2023-09-29] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\Run: [Dashlane] => C:\Users\Alex\AppData\Roaming\Dashlane\Dashlane.exe [321152 2021-05-10] (Dashlane USA, Inc. -> Dashlane, Inc.)
HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\Run: [DashlanePlugin] => C:\Users\Alex\AppData\Roaming\Dashlane\DashlanePlugin.exe [342144 2021-05-10] (Dashlane USA, Inc. -> Dashlane, Inc.)
HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [45488 2020-03-04] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\Run: [Mingle tracks] => C:\Users\Alex\AppData\Local\Mingle tracks\Mingle tracks.exe [1236776 2020-08-18] (SOLUCIONES NETQUEST DE INVESTIGACION SL -> Wakoopa)
HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [409280 2021-01-02] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\Run: [EpicGamesLauncher] => D:\Jeux PC\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37097936 2023-09-09] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\Run: [Amazon Music Helper] => C:\Users\Alex\AppData\Local\Amazon Music\Amazon Music Helper.exe [2359136 2022-03-22] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\Run: [Icecream_Screen_Recorder_New_Auto_Start] => C:\Program Files (x86)\Icecream Screen Recorder 7\recorder.exe [7872360 2022-10-20] (Icecream Apps Ltd -> Icecream)
HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\Run: [Opera Browser Assistant] => C:\Users\Alex\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [1752480 2023-10-06] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\Run: [MicrosoftEdgeAutoLaunch_9907A6E846273BFEEA9614E5E48A76AD] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4210216 2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\Run: [AMDNoiseSuppression] => "C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe" (No File)
HKLM\...\Print\Monitors\HP 7212 Status Monitor: C:\WINDOWS\system32\hpinksts7212LM.dll [336904 2014-07-16] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\...\Print\Monitors\HP D711 Status Monitor: C:\WINDOWS\system32\hpinkstsD711LM.dll [393352 2017-03-27] (Hewlett Packard -> HP Inc.)
HKLM\Software\...\AppCompatFlags\Custom\DKII.EXE: [{b6462b67-caf5-4a74-99df-cc2811bd1957}.sdb] -> GOG.com Dungeon Keeper 2
HKLM\Software\...\AppCompatFlags\InstalledSDB\{b6462b67-caf5-4a74-99df-cc2811bd1957}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{b6462b67-caf5-4a74-99df-cc2811bd1957}.sdb [2012-11-06]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\117.0.5938.134\Installer\chrmstp.exe [2023-10-05] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\117.1.58.137\Installer\chrmstp.exe [2023-10-04] (Brave Software, Inc. -> Brave Software, Inc.)
BootExecute: autocheck autochk *
GroupPolicy-Firefox: Restriction <==== ATTENTION
GroupPolicyScripts: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {097CC660-4181-4232-B2CC-B7BDD4E7DDAE} - no filepath. <==== ATTENTION
Task: {0CAF91A5-4BF1-4702-9908-10807AA0D985} - no filepath. <==== ATTENTION
Task: {1952DD70-319F-435A-AB46-5595EC43FAD4} - no filepath. <==== ATTENTION
Task: {28458485-3E13-490E-BDC5-E9EECD19CB00} - no filepath. <==== ATTENTION
Task: {34ADEFE8-89DB-43BC-8C0B-14BB34D69F6D} - no filepath. <==== ATTENTION
Task: {36A78C3E-A142-4F86-903E-AE26291F646C} - \Microsoft\Windows\Autochk\Proxy -> No File <==== ATTENTION
Task: {4DD0A215-9EA2-4FE7-AA54-00CFCCC1A8F6} - no filepath. <==== ATTENTION
Task: {54543C57-698F-4FA8-9C30-15446FDE2E96} - no filepath. <==== ATTENTION
Task: {5CEA66B5-E59E-4A9D-AE21-5000AB689B58} - no filepath. <==== ATTENTION
Task: {66B8BDAE-B919-4D44-BE24-52C7B95E8577} - no filepath. <==== ATTENTION
Task: {67C2E769-20DD-4C49-A206-1F6CD2CBFDAE} - no filepath. <==== ATTENTION
Task: {7C739318-25C5-4EDF-85F4-1BC32032B3E3} - no filepath. <==== ATTENTION
Task: {801828D7-7F70-4E06-AD86-1CAE36D12A4C} - no filepath. <==== ATTENTION
Task: {82DADB6E-E1BC-434A-BF2F-183FE9826607} - no filepath. <==== ATTENTION
Task: {87094343-6C1F-4855-A6B9-305BA74AB761} - no filepath. <==== ATTENTION
Task: {9B3D3322-F586-4276-8379-92BF97E0D53E} - no filepath. <==== ATTENTION
Task: {B7470112-453B-48B2-B549-517FC37BC6D0} - no filepath. <==== ATTENTION
Task: {B8A29D58-379D-4B7C-8BF1-3A2F473C8462} - \Microsoft\Windows\Windows Media Sharing\UpdateLibrary -> No File <==== ATTENTION
Task: {C5394E42-3394-4935-BBB8-5E3FF56A75B4} - no filepath. <==== ATTENTION
Task: {C7E0934A-96C5-4F3B-A542-1937D2046050} - no filepath. <==== ATTENTION
Task: {CF18C73C-18DD-437F-BF8A-8D8EB1E7FD76} - no filepath. <==== ATTENTION
Task: {D5FE79C9-A3DD-452E-A316-C4C579A02700} - no filepath. <==== ATTENTION
Task: {DC466425-77FB-406D-B1DF-E4F279B15784} - no filepath. <==== ATTENTION
Task: {E6B0846C-E4C9-4838-A99B-078BFEF4F1FC} - no filepath. <==== ATTENTION
Task: {EE1B1172-8E4C-417E-B340-0A96E51A1262} - no filepath. <==== ATTENTION
Task: {FA9AD370-C019-410A-85B3-E5783CB35E8E} - no filepath. <==== ATTENTION
Task: {FD26E1B0-07EC-4135-8F1A-5B15EBC2FD0A} - no filepath. <==== ATTENTION
Task: {9F1AB4DC-17E0-4BF3-B6BB-CE29EDEF547C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-08-02] (Adobe Inc. -> Adobe Inc.)
Task: {A42E29E6-8BFF-48D3-8A2D-D473389331B0} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2023-09-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {436E613F-0C8B-47DA-814E-2613C9C17218} - System32\Tasks\AMDInstallUEP => C:\Program Files\AMD\InstallUEP\AMDInstallUEP.exe [3455928 2023-09-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {0824343B-D05A-4717-B9AF-AEADCA145DEB} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2023-09-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {68170A7C-262F-4058-A74C-BDA128F772D1} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5135256 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
Task: {79E7CA53-5828-45A4-9463-2B42A7C5E99F} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1294232 2023-08-27] (Avast Software s.r.o. -> AVAST Software)
Task: {B63BFFCE-2862-43A8-8267-3562E0A73A7E} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4758936 2023-08-27] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\A (the data entry has 70 more characters).
Task: {03F7C97B-312D-4E27-B569-4E50B95DF1B5} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [7212952 2023-07-18] (Avast Software s.r.o. -> Avast Software)
Task: {9CE25DA0-A428-46CE-939C-E4782CE7F52A} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4758936 2023-08-27] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --log (the data entry has 99 more characters).
Task: {DC7E14FB-188A-4BD8-9A8B-47999BCCFF19} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [7212952 2023-08-02] (Avast Software s.r.o. -> Avast Software)
Task: {0C81A9D5-4143-4CA3-98E2-746AB2834A92} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4759448 2023-08-27] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramDat (the data entry has 80 more characters).
Task: {E38027C1-9D8F-4D9E-860C-29B27BE22FE3} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [7092120 2023-07-18] (Avast Software s.r.o. -> Avast Software)
Task: {B3A6C9AC-0002-471E-9FC9-8E27AF7CCF19} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-27] (Avast Software s.r.o. -> Avast Software)
Task: {90BEB718-C084-4ECA-A95D-9CECE7B167D2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-18] (Google LLC -> Google LLC)
Task: {CC75CB6F-7E13-4B20-B28B-D5A2C6CAEA8C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-18] (Google LLC -> Google LLC)
Task: {0DAABDA2-7E32-4E92-8987-D0348C5A76AE} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-B066BC4-Alex DESKTOP-B066BC4 => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [469640 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {1BA04C61-C088-4E97-BA1E-49992D39DF62} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {74F9EE42-4980-456B-AE6F-4C334E347CA2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {FCA2D9C1-E19D-4EED-8462-4277CD33D4BB} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2023-09-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {AB2119DD-BB56-42D0-A6A3-47A8F5AEA788} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [862 2019-04-30] () [File not signed]
Task: {C806E617-DAC0-4262-8311-ED18CB07C1BA} - System32\Tasks\Opera scheduled assistant Autoupdate 1583860093 => C:\Users\Alex\AppData\Local\Programs\Opera\launcher.exe [2744224 2023-09-28] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Alex\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {EAAD6071-3991-4CD0-B4B9-E78FE1F9A064} - System32\Tasks\Opera scheduled Autoupdate 1579347732 => C:\Users\Alex\AppData\Local\Programs\Opera\launcher.exe [2744224 2023-09-28] (Opera Norway AS -> Opera Software)
Task: {B9F51ECE-8936-43F8-B5FD-1C9A7E2E4D07} - System32\Tasks\ProtonVPN Update => C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [61760 2020-07-22] (ProtonVPN AG -> )
Task: {B9E67878-E494-4D15-A851-B3CF94988CDA} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60344 2023-08-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {F9FA6FB6-EA21-4622-A0FE-CC28E507FB07} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [324024 2023-08-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{6c7de9eb-cfdb-44d7-8dfb-643d7232ba77}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{fa12bd5d-4052-416f-a190-bff326be7240}: [DhcpNameServer] 192.168.0.254
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Default [2023-10-07]
Edge Extension: (Google Docs Offline) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-07]
Edge Extension: (Edge relevant text changes) - C:\Users\Alex\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-10-07]
FireFox:
========
FF DefaultProfile: urrnlyl3.default
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\urrnlyl3.default [2020-01-18]
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\fyzil4i2.default-release-1687287550929 [2023-10-07]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-09-07] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default [2023-10-07]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Online Tools by 10015.io) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\afbphoagjpegnkpeiliacmiiggojdabo [2021-04-20]
CHR Extension: (Lighthouse) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blipmdconlkpinefehnmjammfjpmpbjk [2023-08-27]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-08-27]
CHR Extension: (uBlock Origin) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-09-28]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2020-05-23]
CHR Extension: (Accounting Software by ZipBooks) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcbcpddhnnaigbleipcoaiglbfchagmb [2020-01-18]
CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-09-28]
CHR Extension: (Dashlane - Gestionnaire de mots de passe) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2023-10-02]
CHR Extension: (NordVPN - VPN Proxy for Privacy and Security) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2023-09-20]
CHR Extension: (Google Search Console Extended) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\gafcchglbfbajijlhhcnklpdcljldhlk [2020-11-18]
CHR Extension: (HTTPS partout) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2022-06-12]
CHR Extension: (Google Docs hors connexion) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-27]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2023-10-04]
CHR Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2022-12-31]
CHR Extension: (Responsive Viewer) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmopeiepgfljkpkidclfgbgbmfcennb [2023-07-25]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2022-12-20]
CHR Extension: (WordPress Theme Detector and Plugins Detector) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdflfokckhmchfpokjmpcoblghjngjja [2023-08-20]
CHR Extension: (Grammarly: Grammar Checker and AI Writing App) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2023-10-05]
CHR Extension: (Chrome Audio Capture) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfokdmfpdnokpmpbjhjbcabgligoelgp [2021-09-30]
CHR Extension: (SparkChess) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\khgabmflimjjbclkmljlpmgaleanedem [2020-01-18]
CHR Extension: (PageSpeed Insights (MV3)) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lanlbpjbalfkflkhegagflkgcfklnbnh [2023-03-08]
CHR Extension: (Video DownloadHelper) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2023-08-27]
CHR Extension: (Extension Google Keep pour Chrome) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2023-10-05]
CHR Extension: (FranceVerif - Anti-Fraude et Meilleur prix) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkejggchhilmabpicojddgaahkkgoln [2023-09-20]
CHR Extension: (Microsoft 365) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndjpnladcallmjemlbaebfadecfhkepb [2023-09-28]
CHR Extension: (Mailtrack et publipostage pour Gmail) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2023-10-04]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Web Server for Chrome) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofhbbkphhbklhfoeikjpcbhemlocgigb [2021-04-10]
CHR Extension: (CrossShopper comparateur de prix collaboratif) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmadodlofglhgdbehodningfkgloccgn [2020-01-18]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fjoaledfpmneenckfbpdfhkmimnjocfa]
Opera:
=======
OPR Profile: C:\Users\Alex\AppData\Roaming\Opera Software\Opera Stable [2023-10-05]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
Brave:
=======
BRA DefaultProfile: Default
BRA Profile: C:\Users\Alex\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-09-03]
BRA Notifications: Default -> hxxps://drive.google.com; hxxps://web.whatsapp.com; hxxps://www.facebook.com; hxxps://www.tchap.gouv.fr; hxxps://www.youtube.com
BRA Extension: (Google Translate) - C:\Users\Alex\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-04-16]
BRA Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Alex\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-06-15]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Alex\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-09-03]
BRA Extension: (Brave NTP background images) - C:\Users\Alex\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-09-03]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications List (plaintext))) - C:\Users\Alex\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2023-06-15]
BRA Extension: (Wallet Data Files Updater) - C:\Users\Alex\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-09-03]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Alex\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-10-29]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\Alex\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2020-07-25]
BRA Extension: (Brave Ad Block Updater (AdGuard Français)) - C:\Users\Alex\AppData\Local\BraveSoftware\Brave-Browser\User Data\emaecjinaegfkoklcdafkiocjhoeilao [2022-10-29]
BRA Extension: (Brave User Model Installer) - C:\Users\Alex\AppData\Local\BraveSoftware\Brave-Browser\User Data\emgmepnebbddgnkhfmhdhmjifkglkamo [2021-04-05]
BRA Extension: (Brave Ad Block Updater (AdGuard Français (plaintext))) - C:\Users\Alex\AppData\Local\BraveSoftware\Brave-Browser\User Data\flnkmpokemfpaajmiimmjeiandgoodgg [2023-09-03]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Alex\AppData\Local\BraveSoftware\Brave-Browser\User Data\gccbbckogglekeggclmmekihdgdpdgoe [2023-09-03]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\Alex\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-06-06]
BRA Extension: (Brave Ads Resources) - C:\Users\Alex\AppData\Local\BraveSoftware\Brave-Browser\User Data\iblokdlgekdjophgeonmanpnjihcjkjj [2023-06-06]
BRA Extension: (Brave Ad Block Updater (Default (plaintext))) - C:\Users\Alex\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-09-03]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\Alex\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-03-30]
BRA Extension: (Brave User Model Installer) - C:\Users\Alex\AppData\Local\BraveSoftware\Brave-Browser\User Data\kkjipiepeooghlclkedllogndmohhnhi [2021-04-05]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\Alex\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-06-15]
BRA Extension: (Brave Ads Resources) - C:\Users\Alex\AppData\Local\BraveSoftware\Brave-Browser\User Data\ocilmpijebaopmdifcomolmpigakocmo [2023-06-06]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Alex\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-09-03]
StartMenuInternet: Brave - C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-08-02] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [9090968 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [776088 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2304920 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [796568 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2023-08-27] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2022-01-28] (BattlEye Innovations e.K. -> )
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-02-10] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-02-10] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveVpnService; C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\117.1.58.137\brave_vpn_helper.exe [3246104 2023-10-04] (Brave Software, Inc. -> Brave Software, Inc.)
S3 BraveVpnWireguardService; C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\117.1.58.137\BraveVpnWireguardService\brave_vpn_wireguard_service.exe [11065880 2023-10-04] (Brave Software, Inc. -> Brave Software, Inc.)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [17765272 2023-08-27] (Avast Software s.r.o. -> AVAST Software)
R2 CPEFR; C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe [3274432 2021-04-10] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 CpSbaCipolla; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33984 2021-04-19] (Check Point Software Technologies Ltd. -> )
R2 CpSbaUpdater; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [33984 2021-04-19] (Check Point Software Technologies Ltd. -> )
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [5030592 2021-01-02] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [9697688 2023-08-27] (Avast Software s.r.o. -> AVAST Software)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [11070056 2023-10-05] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [813032 2022-01-28] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-10-01] (Epic Games Inc. -> Epic Games, Inc.)
S3 nordsec-threatprotection-service; C:\Program Files\NordVPN\NordSec ThreatProtection\nordsec-threatprotection-service.exe [310136 2021-06-11] (nordvpn s.a. -> TEFINCOM S.A.)
R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2023-05-24] (nordvpn s.a. -> nordvpn S.A.)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [254328 2022-08-03] (nordvpn s.a. -> TEFINCOM S.A.)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2021-01-02] (Even Balance, Inc. -> )
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [107832 2021-01-02] (Even Balance, Inc. -> )
S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [98624 2020-07-22] (ProtonVPN AG -> )
S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [61760 2020-07-22] (ProtonVPN AG -> )
R2 RemediationService; C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe [18624 2021-03-29] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [10781080 2023-08-27] (Avast Software s.r.o. -> AVAST Software)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402264 2023-09-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 TESvc; C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe [137920 2021-04-09] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 TwitchService; C:\Program Files\Common Files\Twitch\TwitchService.exe [334208 2020-06-05] (Twitch Interactive, Inc. -> )
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [804296 2023-07-12] (Oracle Corporation -> Oracle and/or its affiliates)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4528344 2020-07-22] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe [2665432 2021-07-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe [136640 2021-07-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZA NET ICM Service; C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe [42208 2020-03-13] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 ZAARUpdateService; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe [51936 2021-04-19] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2020-07-22] (Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.)
S3 BraveElevationService; "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\117.1.58.137\elevation_service.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [36736 2023-05-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_66a9fa5d80327844\amdsafd.sys [113080 2022-06-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0396094.inf_amd64_a90ea54eeab05481\B395672\amdkmdag.sys [106388000 2023-09-20] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [61888 2023-05-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [31528 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [240176 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [392984 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297992 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [96064 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2023-08-27] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39760 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [275168 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [559696 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105248 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80416 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [950696 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [708048 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [213192 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319560 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [76568 2023-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R2 cpbak; C:\WINDOWS\System32\DRIVERS\cpbak.sys [83248 2020-09-03] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 CPEPMon; C:\WINDOWS\System32\DRIVERS\CPEPMon.sys [153040 2021-04-06] (Microsoft Windows Hardware Compatibility Publisher -> Check Point Software Technologies)
S3 DFX11_1; C:\WINDOWS\system32\drivers\dfx11_1x64.sys [28008 2017-06-19] (Power Technology -> Windows (R) Win 7 DDK provider)
R3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [39048 2017-06-19] (Power Technology -> Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2021-01-02] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2021-01-02] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 epnetflt; C:\WINDOWS\system32\drivers\epnetflt.sys [135984 2020-12-06] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 epregflt; C:\WINDOWS\system32\drivers\epregflt.sys [133416 2020-12-02] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [28936 2020-03-15] (Glarysoft LTD -> Glarysoft Ltd)
R2 ISWKL; C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\bin\ISWKL.sys [56184 2021-01-28] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 NDivert; C:\Program Files\NordVPN\7.13.4.0\Drivers\NDivert.sys [131472 2023-05-24] (nordvpn s.a. -> Nordvpn S.A.)
S3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2021-01-29] (TEFINCOM S.A. -> WireGuard LLC)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [38608 2020-12-14] (TEFINCOM S.A. -> TEFINCOM S.A.)
S3 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [81680 2020-05-02] (Insecure.Com LLC -> Insecure.Com LLC.)
S3 npcap_wifi; C:\WINDOWS\system32\DRIVERS\npcap.sys [81680 2020-05-02] (Insecure.Com LLC -> Insecure.Com LLC.)
S3 ProtonVPNSplitTunnel; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.SplitTunnelDriver.sys [31584 2020-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49008 2020-04-06] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 USBPcap; C:\WINDOWS\system32\DRIVERS\USBPcap.sys [60448 2019-08-11] (Tomasz Moń -> USBPcap)
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [253224 2023-07-12] (Oracle Corporation -> Oracle and/or its affiliates)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [264096 2023-07-12] (Oracle Corporation -> Oracle and/or its affiliates)
R1 VBoxSup; C:\WINDOWS\system32\DRIVERS\VBoxSup.sys [1062048 2023-07-12] (Oracle Corporation -> Oracle and/or its affiliates)
R1 Vsdatant; C:\WINDOWS\system32\DRIVERS\vsdatant.sys [461240 2020-07-22] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [50688 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-07-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [425192 2021-07-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-07-17] (Microsoft Windows -> Microsoft Corporation)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2023-06-26] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
U1 aswbdisk; no ImagePath
U3 iswSvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-10-07 19:28 - 2023-10-07 19:29 - 000047713 _____ C:\Users\Alex\Downloads\FRST.txt
2023-10-07 19:28 - 2023-10-07 19:29 - 000000000 ____D C:\FRST
2023-10-07 19:28 - 2023-10-07 19:28 - 002383360 _____ (Farbar) C:\Users\Alex\Downloads\FRST64.exe
2023-10-07 18:32 - 2023-10-07 18:33 - 000003116 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2023-10-07 18:32 - 2023-10-07 18:33 - 000003108 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2023-10-07 18:32 - 2023-10-07 18:32 - 000003484 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2023-10-07 18:31 - 2023-10-07 18:31 - 000003152 _____ C:\WINDOWS\system32\Tasks\StartCN
2023-10-07 18:31 - 2023-10-07 18:31 - 000003072 _____ C:\WINDOWS\system32\Tasks\StartDVR
2023-10-07 18:31 - 2023-10-07 18:31 - 000000000 ____D C:\WINDOWS\LastGood
2023-10-07 18:31 - 2023-10-07 18:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin Edition
2023-10-07 18:31 - 2023-10-07 18:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2023-10-07 18:29 - 2023-10-07 18:29 - 000003502 _____ C:\WINDOWS\system32\Tasks\AMDInstallUEP
2023-10-07 18:29 - 2023-09-20 17:58 - 000548896 _____ C:\WINDOWS\system32\libsmi_guest.dll
2023-10-07 18:29 - 2023-09-20 17:58 - 000524320 _____ C:\WINDOWS\system32\libsmi_host.dll
2023-10-07 18:29 - 2023-09-20 17:58 - 000207496 _____ C:\WINDOWS\system32\mantle64.dll
2023-10-07 18:29 - 2023-09-20 17:58 - 000186512 _____ C:\WINDOWS\system32\mantleaxl64.dll
2023-10-07 18:29 - 2023-09-20 17:58 - 000165408 _____ C:\WINDOWS\SysWOW64\mantle32.dll
2023-10-07 18:29 - 2023-09-20 17:58 - 000149128 _____ C:\WINDOWS\SysWOW64\mantleaxl32.dll
2023-10-07 18:29 - 2023-09-20 17:57 - 000607776 _____ C:\WINDOWS\system32\GameManager64.dll
2023-10-07 18:29 - 2023-09-20 17:57 - 000503952 _____ C:\WINDOWS\system32\EEURestart.exe
2023-10-07 18:29 - 2023-09-20 17:57 - 000462368 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2023-10-07 18:29 - 2023-08-31 16:25 - 002968448 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\AMDBugReportTool.exe
2023-10-07 18:28 - 2023-09-20 17:57 - 000975392 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2023-10-07 18:28 - 2023-09-20 17:57 - 000537120 _____ C:\WINDOWS\system32\atieah64.exe
2023-10-07 18:28 - 2023-09-20 17:57 - 000473120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2023-10-07 18:28 - 2023-09-20 17:57 - 000405944 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2023-10-07 18:28 - 2023-09-20 17:57 - 000266792 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2023-10-07 18:28 - 2023-09-20 17:57 - 000228896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2023-10-07 18:28 - 2023-09-20 17:57 - 000210768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2023-10-07 18:28 - 2023-09-20 17:57 - 000196128 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2023-10-07 18:28 - 2023-09-20 17:57 - 000184464 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2023-10-07 18:28 - 2023-09-20 17:57 - 000174584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2023-10-07 18:28 - 2023-09-20 17:57 - 000148616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2023-10-07 18:28 - 2023-09-20 17:56 - 011757048 _____ C:\WINDOWS\system32\amdsmi.exe
2023-10-07 18:28 - 2023-09-20 17:56 - 002245256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsasrv64.dll
2023-10-07 18:28 - 2023-09-20 17:56 - 001338504 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsacli64.dll
2023-10-07 18:28 - 2023-09-20 17:56 - 001059256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdsacli32.dll
2023-10-07 18:28 - 2023-09-20 17:56 - 000943656 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2023-10-07 18:28 - 2023-09-20 17:56 - 000771000 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2023-10-07 18:28 - 2023-09-20 17:56 - 000138888 _____ C:\WINDOWS\system32\amdxc64.dll
2023-10-07 18:28 - 2023-09-20 17:56 - 000114720 _____ C:\WINDOWS\SysWOW64\amdxc32.dll
2023-10-07 18:28 - 2023-09-20 17:56 - 000074680 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2023-10-07 18:28 - 2023-09-20 17:55 - 004384696 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdadlx64.dll
2023-10-07 18:28 - 2023-09-20 17:55 - 004189728 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdadlx32.dll
2023-10-07 18:28 - 2023-09-20 17:55 - 000569784 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2023-10-07 18:28 - 2023-09-20 17:55 - 000433592 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2023-10-07 18:28 - 2023-09-20 17:55 - 000187480 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2023-10-07 18:28 - 2023-09-20 17:55 - 000167160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2023-10-07 18:28 - 2023-09-20 17:55 - 000158672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2023-10-07 18:28 - 2023-09-20 17:55 - 000138232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2023-10-07 18:28 - 2023-09-20 17:55 - 000132408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2023-10-07 18:28 - 2023-09-20 17:54 - 001725560 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2023-10-07 18:28 - 2023-09-20 17:54 - 001400128 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2023-10-07 18:28 - 2023-09-20 17:54 - 000572064 _____ C:\WINDOWS\system32\amdmiracast.dll
2023-10-07 18:28 - 2023-09-20 17:54 - 000177704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2023-10-07 18:28 - 2023-09-20 17:54 - 000167168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2023-10-07 18:28 - 2023-09-20 17:54 - 000152144 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2023-10-07 18:28 - 2023-09-20 17:54 - 000138240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2023-10-07 18:28 - 2023-09-20 17:21 - 109628240 _____ C:\WINDOWS\system32\amdxc64.so
2023-10-07 18:24 - 2023-10-07 18:24 - 000000000 ____D C:\Users\Alex\AppData\LocalLow\AMD
2023-10-07 18:24 - 2023-09-20 17:56 - 000115112 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2023-10-05 19:22 - 2023-10-05 19:22 - 000000000 ____D C:\ESD
2023-10-05 19:20 - 2023-10-05 19:20 - 000000000 ___HD C:\$Windows.~WS
2023-10-05 19:20 - 2023-10-05 19:20 - 000000000 ____D C:\$WINDOWS.~BT
2023-10-05 17:13 - 2023-10-05 17:13 - 000026751 _____ C:\Users\Alex\Downloads\2023_09_BP_septembre.pdf
2023-10-05 15:29 - 2023-10-05 15:29 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2023-10-05 15:23 - 2023-09-20 17:58 - 000856712 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-10-05 15:23 - 2023-09-20 17:58 - 000856712 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-10-05 15:23 - 2023-09-20 17:58 - 000737424 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-10-05 15:23 - 2023-09-20 17:58 - 000737424 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-10-05 15:23 - 2023-09-20 17:58 - 000682144 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-10-05 15:23 - 2023-09-20 17:58 - 000682144 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-10-05 15:23 - 2023-09-20 17:58 - 000667736 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-10-05 15:23 - 2023-09-20 17:58 - 000667736 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-10-05 15:23 - 2023-09-20 17:57 - 001617336 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2023-10-05 15:23 - 2023-09-20 17:57 - 001617336 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2023-10-05 15:23 - 2023-09-20 17:56 - 000142368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2023-10-05 15:23 - 2023-09-20 17:56 - 000118304 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2023-10-05 15:22 - 2023-09-20 17:55 - 105409976 _____ C:\WINDOWS\system32\amd_comgr.dll
2023-10-05 15:22 - 2023-09-20 17:55 - 088606240 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2023-10-05 15:22 - 2023-09-20 17:55 - 000801312 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2023-10-05 15:22 - 2023-09-20 17:55 - 000678328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2023-10-05 15:22 - 2023-09-20 17:55 - 000542752 _____ C:\WINDOWS\system32\dgtrayicon.exe
2023-10-05 15:22 - 2023-09-20 17:55 - 000524832 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-10-05 15:22 - 2023-09-20 17:55 - 000471176 _____ C:\WINDOWS\system32\amdlogum.exe
2023-10-05 15:22 - 2023-09-20 17:55 - 000390584 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-10-05 15:22 - 2023-09-20 17:55 - 000337776 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdfendr.stz
2023-10-05 15:22 - 2023-09-20 17:55 - 000103048 _____ C:\WINDOWS\system32\clinfo.exe
2023-10-05 15:22 - 2023-09-20 17:55 - 000056280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdfendrmgr.stz
2023-10-05 15:22 - 2023-09-20 17:55 - 000051232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2023-10-05 15:22 - 2023-09-20 17:55 - 000048160 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2023-10-05 15:22 - 2023-09-20 17:54 - 019433912 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2023-10-05 15:22 - 2023-09-20 17:54 - 000176568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2023-10-05 15:22 - 2023-09-20 17:54 - 000145336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl.dll
2023-10-05 15:17 - 2023-10-05 15:18 - 654776232 _____ (Advanced Micro Devices, Inc.) C:\Users\Alex\Downloads\whql-amd-software-adrenalin-edition-23.9.2-win10-win11-sep19-vega-polaris.exe
2023-10-05 15:10 - 2023-10-05 15:10 - 048241128 _____ (AMD Inc.) C:\Users\Alex\Downloads\amd-software-adrenalin-edition-23.9.3-minimalsetup-230926_web (1).exe
2023-10-05 15:08 - 2023-10-05 15:08 - 000000709 _____ C:\Users\Public\Desktop\Battlefield 1.lnk
2023-10-05 15:08 - 2023-10-05 15:08 - 000000000 ___HD C:\Program Files\Common FilesEAInstaller
2023-10-05 14:41 - 2023-10-05 14:41 - 000000000 ____D C:\Users\Public\Documents\sun
2023-10-04 18:18 - 2023-10-04 18:31 - 087484670 _____ C:\Users\Alex\Downloads\[ Torrent911.io ] Geek_2023_09_10_11_fr.pdf
2023-10-04 18:10 - 2023-10-04 18:31 - 000000000 ____D C:\Users\Alex\Downloads\www.Torrenting.com - The Equalizer 3 (2023) 720p WEBRip-LAMA
2023-10-04 16:33 - 2023-10-04 16:33 - 004847296 _____ (Husdawg, LLC) C:\Users\Alex\Downloads\Detection (1).exe
2023-10-04 16:31 - 2023-10-04 16:31 - 004847296 _____ (Husdawg, LLC) C:\Users\Alex\Downloads\Detection.exe
2023-10-01 18:43 - 2023-10-01 18:43 - 048241128 _____ (AMD Inc.) C:\Users\Alex\Downloads\amd-software-adrenalin-edition-23.9.3-minimalsetup-230926_web.exe
2023-09-28 21:25 - 2023-09-28 21:25 - 087637251 _____ C:\Users\Alex\Downloads\NegaMAME-Win64.0.257-1.7z
2023-09-28 21:22 - 2023-09-28 21:37 - 445784126 _____ C:\Users\Alex\Downloads\King of Fighters '98, The - The Slugfest (1998)(SNK)(Jp)[!][King of Fighters '98, The - Dream Match Never Ends][NGCD-2420 MT A04, NGCD-2421].rar
2023-09-28 21:14 - 2023-09-28 21:14 - 000269942 _____ C:\Users\Alex\Downloads\Mortal Kombat 3 (Europe).zip
2023-09-28 21:10 - 2023-09-28 21:10 - 000021057 _____ C:\Users\Alex\Downloads\Columns (USA, Europe) (1).zip
2023-09-28 21:10 - 2023-09-28 21:10 - 000000896 _____ C:\Users\Alex\Desktop\ares - Shortcut.lnk
2023-09-28 21:09 - 2023-09-28 21:09 - 006200990 _____ C:\Users\Alex\Downloads\ares-windows (1).zip
2023-09-28 21:08 - 2023-09-28 21:08 - 006200990 _____ C:\Users\Alex\Downloads\ares-windows.zip
2023-09-28 21:07 - 2023-09-28 21:07 - 000021057 _____ C:\Users\Alex\Downloads\Columns (USA, Europe).zip
2023-09-28 19:20 - 2023-09-28 19:20 - 111406948 _____ C:\Users\Alex\Downloads\black-white-2-1.1-installer.exe
2023-09-28 19:18 - 2023-09-28 19:19 - 001767664 _____ ( ) C:\Users\Alex\Downloads\black-white-2-1.1-installer_z7H-1b1.exe
2023-09-28 19:17 - 2023-09-28 19:17 - 000313240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2023-09-28 19:14 - 2023-09-28 19:14 - 013695638 _____ C:\Users\Alex\Downloads\019_RC3.zip
2023-09-20 19:31 - 2023-08-21 22:04 - 1544881152 _____ C:\Users\Alex\Downloads\kali-linux-2023.3-virtualbox-amd64.vdi
2023-09-20 19:09 - 2023-09-20 19:25 - 3184589596 _____ C:\Users\Alex\Downloads\kali-linux-2023.3-virtualbox-amd64.7z
2023-09-20 19:09 - 2023-09-20 19:09 - 000243559 _____ C:\Users\Alex\Downloads\kali-linux-2023.3-virtualbox-amd64.7z.torrent
2023-09-20 19:09 - 2023-09-20 19:09 - 000001149 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2023-09-20 19:09 - 2023-09-20 19:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2023-09-20 19:09 - 2023-09-20 19:09 - 000000000 ____D C:\Program Files\Oracle
2023-09-20 19:09 - 2023-07-12 12:39 - 001062048 _____ (Oracle and/or its affiliates) C:\WINDOWS\system32\Drivers\VBoxSup.sys
2023-09-20 19:07 - 2023-09-20 19:08 - 110898280 _____ (Oracle and/or its affiliates) C:\Users\Alex\Downloads\VirtualBox-7.0.10-158379-Win.exe
2023-09-18 22:45 - 2023-09-18 22:45 - 033072492 _____ (The qBittorrent project) C:\Users\Alex\Downloads\qbittorrent_4.5.5_x64_setup.exe
2023-09-18 22:44 - 2023-09-18 22:44 - 000001181 _____ C:\Users\Public\Desktop\LibreOffice 7.5.lnk
2023-09-18 22:44 - 2023-09-18 22:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.5
2023-09-18 22:43 - 2023-09-18 22:44 - 000000000 ____D C:\Program Files\LibreOffice
2023-09-18 22:36 - 2023-09-18 22:38 - 360439808 _____ C:\Users\Alex\Downloads\LibreOffice_7.5.6_Win_x86-64.msi
2023-09-18 21:20 - 2023-09-18 21:20 - 057346232 _____ C:\Users\Alex\Downloads\[ Torrent911.io ] Windows___Internet_Pratique_-_Septembre_2023.pdf
2023-09-18 21:18 - 2023-09-18 21:18 - 004132342 _____ C:\Users\Alex\Downloads\[ Torrent911.io ] Journal Le Canard Enchaine du Mercredi 13 Septembre 2023.pdf
2023-09-18 21:04 - 2023-09-18 21:06 - 029245935 _____ C:\Users\Alex\Downloads\[ Torrent911.io ] VTT_Magazine_-_Octobre-Novembre_2023.pdf
2023-09-16 09:47 - 2023-09-16 09:47 - 000000000 ___HD C:\$WinREAgent
2023-09-16 07:37 - 2023-09-16 07:39 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-09-16 07:33 - 2023-09-16 07:33 - 010973568 _____ C:\Users\Alex\Downloads\Fiches IGPDE.zip
2023-09-16 07:32 - 2023-09-16 07:32 - 006246927 _____ C:\Users\Alex\Downloads\Fascicules IGPDE.zip
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-10-07 19:28 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-10-07 19:27 - 2021-03-21 11:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-10-07 19:05 - 2023-08-27 11:01 - 000000000 ____D C:\Users\Alex\AppData\Local\Avast Software
2023-10-07 19:03 - 2023-08-27 11:30 - 000005242 _____ C:\WINDOWS\system32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-B066BC4-Alex DESKTOP-B066BC4
2023-10-07 19:03 - 2020-02-04 01:07 - 000000000 ____D C:\Users\Alex\AppData\Local\D3DSCache
2023-10-07 19:03 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-10-07 18:40 - 2021-03-21 11:41 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-10-07 18:39 - 2021-01-16 16:07 - 000000000 ____D C:\Users\Alex\AppData\Local\AMD
2023-10-07 18:35 - 2023-08-27 10:59 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-10-07 18:35 - 2021-12-29 20:30 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-10-07 18:35 - 2020-01-18 20:23 - 000000000 ____D C:\Users\Alex\AppData\Local\CrashDumps
2023-10-07 18:35 - 2020-01-18 13:28 - 000000000 ____D C:\Program Files (x86)\Google
2023-10-07 18:33 - 2023-08-27 11:00 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2023-10-07 18:33 - 2020-01-18 13:44 - 000000000 ____D C:\ProgramData\AVAST Software
2023-10-07 18:33 - 2020-01-18 13:28 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-10-07 18:33 - 2020-01-18 13:28 - 000000000 __SHD C:\Users\Alex\IntelGraphicsProfiles
2023-10-07 18:32 - 2021-03-28 10:07 - 000008192 ___SH C:\DumpStack.log.tmp
2023-10-07 18:32 - 2021-03-21 11:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-10-07 18:32 - 2020-01-18 19:42 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2023-10-07 18:32 - 2020-01-18 19:40 - 000000000 ____D C:\AMD
2023-10-07 18:32 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-10-07 18:31 - 2020-01-18 19:40 - 000000000 ____D C:\Program Files\AMD
2023-10-07 17:07 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-10-07 17:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-10-07 17:03 - 2021-03-21 11:32 - 000000000 ____D C:\Users\Alex
2023-10-07 16:53 - 2020-01-18 19:45 - 000000000 ____D C:\WINDOWS\system32\AMD
2023-10-07 16:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-10-07 16:41 - 2023-06-27 19:42 - 000004450 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1583860093
2023-10-05 22:29 - 2020-08-01 18:14 - 000000000 ____D C:\Users\Alex\AppData\Roaming\qBittorrent
2023-10-05 19:42 - 2023-03-08 19:38 - 000000000 ____D C:\WINDOWS\Panther
2023-10-05 15:49 - 2021-01-29 19:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec
2023-10-05 15:49 - 2021-01-29 19:20 - 000000000 ____D C:\Program Files\NordVPN
2023-10-05 15:20 - 2020-05-12 20:53 - 000000000 ____D C:\Users\Alex\AppData\Local\Ubisoft Game Launcher
2023-10-05 15:11 - 2021-01-16 15:51 - 000000000 ____D C:\Users\Alex\AppData\Local\AMD_Common
2023-10-05 14:04 - 2023-03-08 22:59 - 000000000 ____D C:\ProgramData\EA Desktop
2023-10-05 11:32 - 2020-01-18 13:29 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-10-05 11:32 - 2020-01-18 13:29 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-10-04 21:02 - 2020-01-18 13:41 - 000000000 ____D C:\Users\Alex\AppData\Roaming\vlc
2023-10-04 20:40 - 2020-02-10 21:36 - 000002418 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2023-10-04 20:40 - 2020-02-10 21:36 - 000002377 _____ C:\Users\Public\Desktop\Brave.lnk
2023-10-02 18:26 - 2023-03-08 18:13 - 000004198 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1579347732
2023-10-02 18:26 - 2020-01-18 13:42 - 000001402 _____ C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2023-10-01 18:51 - 2020-07-05 10:02 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-10-01 18:51 - 2020-07-05 10:02 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-10-01 18:49 - 2020-02-04 01:09 - 000000000 ____D C:\ProgramData\Packages
2023-09-28 19:17 - 2023-08-27 10:58 - 000950696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2023-09-28 19:17 - 2023-08-27 10:58 - 000708048 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2023-09-28 19:17 - 2023-08-27 10:58 - 000559696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2023-09-28 19:17 - 2023-08-27 10:58 - 000392984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2023-09-28 19:17 - 2023-08-27 10:58 - 000319560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2023-09-28 19:17 - 2023-08-27 10:58 - 000297992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2023-09-28 19:17 - 2023-08-27 10:58 - 000275168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2023-09-28 19:17 - 2023-08-27 10:58 - 000240176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2023-09-28 19:17 - 2023-08-27 10:58 - 000105248 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2023-09-28 19:17 - 2023-08-27 10:58 - 000096064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2023-09-28 19:17 - 2023-08-27 10:58 - 000080416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2023-09-28 19:17 - 2023-08-27 10:58 - 000039760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2023-09-28 19:17 - 2023-08-27 10:58 - 000031528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2023-09-28 19:17 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-09-23 17:40 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-09-20 20:35 - 2020-09-23 21:45 - 000000000 ____D C:\Users\Alex\.VirtualBox
2023-09-20 19:30 - 2020-09-23 21:45 - 000000000 ____D C:\ProgramData\VirtualBox
2023-09-20 19:18 - 2020-03-15 21:48 - 000000000 ____D C:\Users\Alex\AppData\Roaming\GlarySoft
2023-09-20 17:57 - 2021-01-16 15:53 - 002099744 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2023-09-20 17:55 - 2023-04-06 13:08 - 000232312 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2023-09-20 17:27 - 2021-01-29 19:21 - 000000000 ____D C:\Users\Alex\AppData\Local\NordVPN
2023-09-20 16:26 - 2021-03-21 11:38 - 000003714 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-09-20 16:26 - 2021-03-21 11:38 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-09-20 16:19 - 2020-08-27 20:45 - 000000000 ____D C:\Users\Alex\AppData\Roaming\dvdcss
2023-09-20 16:18 - 2021-03-21 11:30 - 000605072 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-09-17 19:56 - 2020-01-18 13:24 - 000000000 ____D C:\Users\Alex\AppData\Local\Packages
2023-09-17 19:17 - 2019-12-07 11:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2023-09-17 19:17 - 2019-12-07 11:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-09-17 19:17 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-09-17 19:17 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-09-17 19:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-09-17 19:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-09-17 19:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-09-17 19:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-09-17 19:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-09-17 19:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-09-17 19:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-09-17 19:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-09-16 14:43 - 2020-01-18 19:45 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-09-16 09:57 - 2021-03-21 11:31 - 003014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-09-16 09:37 - 2020-01-18 19:44 - 177941912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-09-16 07:37 - 2022-10-12 10:57 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
==================== Files in the root of some directories ========
2023-05-22 18:46 - 2023-05-22 18:46 - 000000074 _____ () C:\Users\Alex\AppData\Roaming\Camdata.ini
2023-05-22 18:46 - 2023-05-22 18:46 - 000000408 _____ () C:\Users\Alex\AppData\Roaming\CamLayout.ini
2023-05-22 18:46 - 2023-05-22 18:46 - 000000408 _____ () C:\Users\Alex\AppData\Roaming\CamShapes.ini
2023-05-22 18:46 - 2023-05-22 18:46 - 000004536 _____ () C:\Users\Alex\AppData\Roaming\CamStudio.cfg
2020-10-24 15:59 - 2020-10-24 19:58 - 000000113 _____ () C:\Users\Alex\AppData\Roaming\D2Info0
2020-10-24 15:59 - 2020-10-24 16:41 - 000000008 _____ () C:\Users\Alex\AppData\Roaming\DofusAppId0_1
2020-10-24 19:58 - 2020-10-24 20:20 - 000000008 _____ () C:\Users\Alex\AppData\Roaming\DofusAppId0_2
2023-05-22 13:38 - 2023-05-22 13:38 - 000000377 _____ () C:\Users\Alex\AppData\Roaming\version2.xml
2020-06-17 14:17 - 2020-06-17 15:18 - 000013824 _____ () C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-06-10 21:43 - 2020-06-10 21:43 - 000000128 _____ () C:\Users\Alex\AppData\Local\PUTTY.RND
2021-02-27 20:54 - 2021-02-27 20:54 - 000004759 _____ () C:\Users\Alex\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
ADDITION.TXT
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2023
Ran by Alex (07-10-2023 19:31:34)
Running from C:\Users\Alex\Downloads
Microsoft Windows 10 Pro Version 22H2 19045.3448 (X64) (2021-03-21 09:39:08)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-297231944-1307813967-1431008427-500 - Administrator - Disabled)
Alex (S-1-5-21-297231944-1307813967-1431008427-1002 - Administrator - Enabled) => C:\Users\Alex
DefaultAccount (S-1-5-21-297231944-1307813967-1431008427-503 - Limited - Disabled)
Guest (S-1-5-21-297231944-1307813967-1431008427-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-297231944-1307813967-1431008427-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {217C3BCF-3FBD-7C30-A427-2D11E16F3BEB}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
7-Zip 23.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2301-000001000000}) (Version: 23.01.00.0 - Igor Pavlov)
Adobe Acrobat Reader - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 23.006.20320 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601052}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AIDA64 Extreme v6.25 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.25 - FinalWire Ltd.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 23.9.2 - Advanced Micro Devices, Inc.)
Ankama Launcher 3.0.4 (HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\{410fcd79-1be8-5bf1-986e-ea09c55f7edf}) (Version: 3.0.4 - Ankama)
Arx Fatalis (HKLM-x32\...\GOGPACKARXFATALIS_is1) (Version: 2.0.0.7 - GOG.com)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Audacity 2.4.1 (HKLM-x32\...\Audacity_is1) (Version: 2.4.1 - Audacity Team)
Avast One (HKLM\...\Avast Antivirus) (Version: 23.9.6082 - Avast Software)
Bandicam (HKLM-x32\...\Bandicam) (Version: 6.0.4.2024 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Branding64 (HKLM\...\{492AEFBE-1B81-4C20-A111-E6974BB98EC5}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 117.1.58.137 - Brave Software Inc)
CamStudio 2.7.4 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.4 - CamStudio Open Source)
Check Point SBA (HKLM\...\{405209A1-63AA-4AB5-A6A9-4F088BA951A3}) (Version: 86.6.8560 - Check Point Software Technologies Ltd.) Hidden
CPUID CPU-Z 2.05 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.05 - CPUID, Inc.)
CPUID HWMonitor 1.51 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.51 - CPUID, Inc.)
CrystalDiskInfo 8.3.2 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.3.2 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.14.0.1567 - Disc Soft Ltd)
Dashlane (HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\Dashlane) (Version: 6.2119.0.45871 - Dashlane, Inc.)
Dungeon Keeper 2 (HKLM-x32\...\GOGPACKDUNGEONKEEPER2_is1) (Version: 2.0.0.32 - GOG.com)
Dxtory version 2.0.141 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.141 - ExKode Co. Ltd.)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.37.0.5550 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{da55497d-e852-46d9-a4e3-1d8186a8bff4}) (Version: 13.37.0.5550 - Electronic Arts)
Electrum (HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\Electrum) (Version: 4.0.5 - Electrum Technologies GmbH)
Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
f.lux (HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\Flux) (Version: - f.lux Software LLC)
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version: - Ubisoft)
Far Cry 5 (HKLM-x32\...\Uplay Install 1803) (Version: - Ubisoft)
Far Cry New Dawn (HKLM-x32\...\Uplay Install 5210) (Version: - Ubisoft)
FileZilla 3.62.2 (HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\FileZilla Client) (Version: 3.62.2 - Tim Kosse)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Freelancer version 2 (HKLM-x32\...\{5A5372CD-90EC-457E-81E6-588B8AF87159}_is1) (Version: 2 - Abandonware-France)
FxSound Enhancer (HKLM-x32\...\DFX) (Version: 13.008.0.0 - FxSound)
GIMP 2.10.14 (HKLM\...\GIMP-2_is1) (Version: 2.10.14 - The GIMP Team)
Glary Utilities 5.137 (HKLM-x32\...\Glary Utilities 5) (Version: 5.137.0.163 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 117.0.5938.134 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
HP ePrint SW (HKLM\...\{16311D0B-D57C-46F8-AE64-9D4D44227271}) (Version: 5.5.22560 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{4C246A91-6BAE-450E-BDEA-70D01663DF43}) (Version: 5.5.22560 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{78525DEA-1E62-429B-9CA4-A78F899A9F29}) (Version: 5.5.22560 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{B2CFD444-5088-4ECC-A1F1-28620C082C36}) (Version: 5.5.22560 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{3D00C669-D447-4A04-AFDA-25E9E76E7873}) (Version: 5.5.22560 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{59649835-21FD-4523-9AB0-9E67ED77F0CA}) (Version: 5.5.22560 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{cdb5f70f-5107-4613-bf69-15de903b5b5d}) (Version: 5.5.22560 - HP Inc.)
HWiNFO64 Version 6.20 (HKLM\...\HWiNFO64_is1) (Version: 6.20 - Martin Malik - REALiX)
Icecream Ebook Reader version 5.19 (HKLM-x32\...\{B8C30F0F-1F23-49E1-A3ED-44DE17660EE2}_is1) (Version: 5.19 - Icecream Apps)
Icecream Screen Recorder version 7.15 (HKLM-x32\...\{CE9603D0-2A7F-4B94-BF4D-BC4B1389888F}_is1) (Version: 7.15 - Icecream Apps)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
IPScan32 v3.4.4 (HKLM-x32\...\IPScan32_is1) (Version: 3.4.4 - Dipisoft)
KORG USB-MIDI Driver Tools for Windows 10 (HKLM-x32\...\{C7B06DB0-64A6-436E-B473-0E0EECC5E174}) (Version: 1.15.3802 - Korg Inc.)
Krita (x64) 4.2.8 (HKLM\...\Krita_x64) (Version: 4.2.8.0 - Krita Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 7.5.6.2 (HKLM\...\{20B06F1A-1770-46E9-999C-D99D0609FCBD}) (Version: 7.5.6.2 - The Document Foundation)
Microsoft Access MUI (English) 2013 (HKLM\...\{90150000-0015-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (HKLM\...\{90150000-0117-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (HKLM\...\{90150000-0090-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.47 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.47 - Microsoft Corporation)
Microsoft Excel MUI (English) 2013 (HKLM\...\{90150000-0016-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (HKLM\...\{90150000-00BA-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (HKLM\...\{90150000-0044-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (HKLM\...\{90150000-00E1-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (HKLM\...\{90150000-00E2-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Proofing (English) 2013 (HKLM\...\{90150000-002C-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2013 (HKLM\...\{90150000-00C1-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (HKLM\...\{90150000-006E-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (HKLM\...\{90150000-0115-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\OneDriveSetup.exe) (Version: 22.176.0821.0003 - Microsoft Corporation)
Microsoft OneNote MUI (English) 2013 (HKLM\...\{90150000-00A1-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (HKLM\...\{90150000-001A-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (HKLM\...\{90150000-0018-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (HKLM\...\{90150000-0019-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30133 (HKLM\...\{E699E009-1C3C-4E50-9B57-2B39F0954C7F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30133 (HKLM\...\{6CD9E9ED-906D-4196-8DC3-F987D2F6615F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.24.28127 (HKLM-x32\...\{EAC73207-74BD-4B13-AACF-8C0E751FA4E8}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.24.28127 (HKLM-x32\...\{2E72FA1F-BADB-4337-B8AE-F7C17EC57D1D}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Word MUI (English) 2013 (HKLM\...\{90150000-001B-0409-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Mingle tracks (HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\Mingle tracks) (Version: 1.9.9.8 - Wakoopa B.V.)
Molotov (HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\Molotov) (Version: 4.3.0 - Molotov)
Monero GUI Wallet version 0.17.1.9 (HKLM\...\Monero GUI Wallet_is1) (Version: 0.17.1.9 - The Monero Developer Community)
Movavi Video Editor 23 (HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\Movavi Video Editor 23) (Version: 23.4.1 - Movavi)
Mozilla Firefox (x64 fr) (HKLM\...\Mozilla Firefox 116.0.3 (x64 fr)) (Version: 116.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.1 - Mozilla)
NordUpdater (HKLM\...\{6E35DB82-3D19-4DD6-B8CB-F082815FDE18}_is1) (Version: 1.4.0.132 - Nord Security)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 7.13.4.0 - Nord Security)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{BD0E4F38-D3F6-452D-A32E-B14D721839AC}) (Version: 1.0.1 - NordVPN)
Npcap (HKLM-x32\...\NpcapInst) (Version: 0.9991 - Nmap Project)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 29.1.2 - OBS Project)
OpenShot Video Editor version 2.5.1 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.5.1 - OpenShot Studios, LLC)
Opera Stable 102.0.4880.78 (HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\Opera 102.0.4880.78) (Version: 102.0.4880.78 - Opera Software)
Oracle VM VirtualBox 7.0.10 (HKLM\...\{D989F957-5A0B-4C36-BF71-38BD1A35C2F1}) (Version: 7.0.10 - Oracle and/or its affiliates)
Orbiter 2016 (HKLM-x32\...\{4D27CE85-F519-42C1-B4AB-C0BD976FB0BA}) (Version: 1.1.0.0 - Martin Schweiger)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
ProtonVPN (HKLM-x32\...\{2E5B3FB1-FDCC-4BC8-AA99-E0EE5343CAF8}) (Version: 1.16.3 - Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.16.3) (Version: 1.16.3 - Proton Technologies AG)
ProtonVPNTap (HKLM-x32\...\{BCB82CD9-F514-4F93-A6D9-F898494DC927}) (Version: 1.1.0 - Proton Technologies AG)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
PuTTY release 0.73 (64-bit) (HKLM\...\{44F7642C-AB7E-4468-B028-E8D08A0CBB0E}) (Version: 0.73.0.0 - Simon Tatham)
qBittorrent 4.2.5 (HKLM-x32\...\qBittorrent) (Version: 4.2.5 - The qBittorrent project)
REAPER (x64) (HKLM\...\REAPER) (Version: - )
Revo Uninstaller 2.4.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.4.5 - VS Revo Group, Ltd.)
Screaming Frog SEO Spider (HKLM\...\Screaming Frog SEO Spider) (Version: 14.0 - Screaming Frog Ltd)
Sent 1.4.11 (HKLM-x32\...\Sent_is1) (Version: - Winsent Lab, hxxp://www.winsentmessenger.com)
Shotcut (HKLM-x32\...\Shotcut) (Version: 19.08.05 - Meltytech, LLC)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Terra Nil (HKLM-x32\...\Terra Nil_is1) (Version: - )
Tom Clancy's Rainbow Six Vegas 2 (HKLM-x32\...\{FD416706-875C-4B0B-A23A-9E740DAE029E}) (Version: 1.00 - Ubisoft)
TP-LINK TL-WN823N (HKLM-x32\...\{CE194A8D-C8DF-47EB-AB04-5A54CDC1C5BD}) (Version: 1.0.0 - TP-Link)
TP-Link Wireless Adapter WPS Tool (HKLM-x32\...\{685EFF87-B126-49E4-8213-70C56625C5B5}) (Version: 1.0.0.1 - TP-Link)
TreeSize Free V4.6.3 (64 bit) (HKLM\...\TreeSize Free_is1) (Version: 4.6.3 - JAM Software)
Twitch Studio (HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF372B0}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 107.0 - Ubisoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
USBPcap 1.5.3.0 (HKLM\...\USBPcap) (Version: 1.5.3.0 - Tomasz Mon)
Valiant Hearts (HKLM-x32\...\Uplay Install 659) (Version: - Ubisoft)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software)
VdhCoApp 1.5.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
wages of war version 1 (HKLM-x32\...\75F3C06F-D214-4F58-950C-C421A3C36780_is1) (Version: 1 - Abandonware-France)
War Thunder Launcher 1.0.3.207 (HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
Wargaming.net Game Center (HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\Wargaming.net Game Center) (Version: 23.4.0.3412 - Wargaming.net)
Wartales (HKLM-x32\...\Wartales_is1) (Version: - )
WebM Media Foundation Components (HKLM-x32\...\webmmf) (Version: 1.0.1.2 - WebM Project)
WhatsApp (HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\WhatsApp) (Version: 2.2106.10 - WhatsApp)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Wireshark 3.2.4 64-bit (HKLM-x32\...\Wireshark) (Version: 3.2.4 - The Wireshark developer community, hxxps://www.wireshark.org)
World_of_Warships_EU (HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\WOWS.EU.PRODUCTION) (Version: - Wargaming.net)
Xenu's Link Sleuth (HKLM-x32\...\Xenu's Link Sleuth) (Version: 1.3.8 - Tilman Hausherr)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
ZoneAlarm Anti-Ransomware (HKLM-x32\...\{0B8C3231-9818-4CB9-8213-4AB839836791}) (Version: 1.004.7033 - Check Point Software) Hidden
ZoneAlarm Firewall (HKLM-x32\...\{4F2FE9C8-183F-4099-A5BF-5C40C9ED61D3}) (Version: 15.8.125.18466 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 15.8.125.18466 - Check Point)
ZoneAlarm Security (HKLM-x32\...\{694B6C07-D488-4074-91EB-4524BC2764DF}) (Version: 15.8.125.18466 - Check Point Software Technologies Ltd.) Hidden
Zoom (HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)
Packages:
=========
BitPay for Windows -> C:\Program Files\WindowsApps\18C7659D.BitPayforWindows_12.12.2.0_x64__tq51jcq72mbzw [2022-07-31] (BitPay Inc.)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_3.6.4.0_x64__kgqvnymyfvs32 [2023-09-23] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2621.1.0_x64__kgqvnymyfvs32 [2023-10-01] (king.com)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-20] (Microsoft Corporation)
Dragon Mania Legends -> C:\Program Files\WindowsApps\A278AB0D.DragonManiaLegends_7.6.14.0_x64__h6adky7gbf63m [2023-10-03] (Gameloft SE)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_149.1.1056.0_x64__v10z8vjag6ke6 [2023-09-09] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-21] (Microsoft Corporation) [MS Ad]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-08-27] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0 [2023-10-01] (Spotify AB) [Startup Task]
Windows Package Manager Source (winget) -> C:\Program Files\WindowsApps\Microsoft.Winget.Source_2023.930.722.582_neutral__8wekyb3d8bbwe [2023-10-01] (Microsoft Corporation)
Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2020-11-29] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-297231944-1307813967-1431008427-1002_Classes\CLSID\{4e6f7264-5650-4e00-0000-000000000000}\localserver32 -> C:\Program Files\NordVPN\NordVPN.exe (nordvpn s.a. -> TEFINCOM S.A.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-28] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2020-03-04] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-01-02] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2020-03-04] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-01-02] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2020-03-04] (Glarysoft LTD -> Glarysoft Ltd)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.xtor] => C:\WINDOWS\system32\DxtoryCodec.dll [2606144 2015-08-10] (ExKode Co.Ltd. -> ExKode Co. Ltd.)
HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.xtor] => C:\WINDOWS\System32\DxtoryCodec.dll [2606144 2015-08-10] (ExKode Co.Ltd. -> ExKode Co. Ltd.)
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\wages of war.lnk -> D:\Jeux PC\Wages of war\lancer.bat ()
Shortcut: C:\Users\Public\Desktop\wages of war.lnk -> D:\Jeux PC\Wages of war\lancer.bat ()
ShortcutWithArgument: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\TikTok.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ahoadnkmomodgfkfokbclmabbfdaejpe
ShortcutWithArgument: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl
ShortcutWithArgument: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Web Server for Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ofhbbkphhbklhfoeikjpcbhemlocgigb
==================== Loaded Modules (Whitelisted) =============
2020-01-18 13:57 - 2016-11-30 10:55 - 000195072 _____ () [File not signed] C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\DC_WFF.dll
2020-07-22 00:43 - 2020-07-22 00:43 - 000986112 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\CheckPoint\ZoneAlarm\dbghelp.dll
2021-04-19 15:12 - 2021-04-19 15:12 - 001156608 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\x86\SQLite.Interop.dll
2021-03-29 13:26 - 2021-03-29 13:26 - 001156608 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\SQLite\SQLite.Interop.dll
2020-01-18 13:57 - 2016-12-27 21:26 - 001715200 _____ (TP-Link Technologies Co., Ltd) [File not signed] C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\language\English(United_States)\nicLan.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [5184]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2020-09-07 21:40 - 2020-09-07 21:40 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Sent;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\PuTTY\
HKU\S-1-5-21-297231944-1307813967-1431008427-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is disabled.
Network Binding:
=============
Ethernet 2: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet 2: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled)
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled)
Ethernet: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 4: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet 4: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet 4: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled)
Ethernet 4: NordVPN LightWeight Firewall -> NordLwf (enabled)
Local Area Connection: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Local Area Connection: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled)
Local Area Connection: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Local Area Connection: NordVPN LightWeight Firewall -> NordLwf (enabled)
NordLynx 1: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled)
NordLynx 1: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "FxSound Enhancer"
HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\StartupApproved\Run: => "Dashlane"
HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\StartupApproved\Run: => "DashlanePlugin"
HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\StartupApproved\Run: => "Mingle tracks"
HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\StartupApproved\Run: => "Amazon Music Helper"
HKU\S-1-5-21-297231944-1307813967-1431008427-1002\...\StartupApproved\Run: => "Icecream_Screen_Recorder_New_Auto_Start"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{3E4925B0-CB1C-41E3-9B56-0A7A4AE8F6A9}] => (Allow) C:\Program Files\OpenShot Video Editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed]
FirewallRules: [{F834B9DA-4F72-4AB9-BDB0-C3EDEB1D33BC}] => (Allow) D:\Jeux PC\Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe => No File
FirewallRules: [{4F342F3E-5CCA-4E0A-A1A6-1EAF3FB3B9E3}] => (Allow) D:\Jeux PC\Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe => No File
FirewallRules: [{C751E0DF-45B6-4A02-A36B-DD888A41BF5F}] => (Allow) D:\Jeux PC\Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe => No File
FirewallRules: [{81FBBD50-526E-4705-8596-F982811F5C65}] => (Allow) D:\Jeux PC\Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe => No File
FirewallRules: [{23DBE1D8-5817-4DBA-983A-63DE7381B4BA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{A599A35A-75AB-49BB-A283-48D40FB4A050}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{4969C7CE-87F8-4153-8A02-1F0EBD3849B6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{A6B45091-A69F-4117-8BC9-9B875D991EB9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{C0969618-7C44-4DEF-BC9C-B869BCAA7FA6}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{0BBB5998-28ED-40B9-A586-1B3E3D7EC561}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{A6353114-5E16-47CC-B8DF-3A533419B2E7}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe => No File
FirewallRules: [{FB89ADC4-DE79-416E-BC87-D873ADD2A224}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe => No File
FirewallRules: [{93D54A0E-27B8-49B7-98E0-5FBB516D5227}] => (Allow) LPort=1688
FirewallRules: [{1C3E4A4D-BF1D-4C55-A3F9-B1A0FEB62CAA}] => (Allow) D:\Jeux PC\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe => No File
FirewallRules: [{CAE027BB-3EA0-4829-A536-315DDAA803EF}] => (Allow) D:\Jeux PC\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe => No File
FirewallRules: [{1C92C2C8-21F2-4907-8136-4A268D5F683F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{FD31C190-D092-4BB8-BB45-DAFB55020CE5}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{AA4C75D5-2682-44B1-BC6A-D0177005CB80}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{E7338B21-6E21-4AC5-9E52-4CFB8706676E}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{83DF42C8-117D-4697-AC3B-AAB2BC21B8B1}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [UDP Query User{326EE4F3-C336-4038-809B-F5C45866FE43}D:\jeux pc\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) D:\jeux pc\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [TCP Query User{608DE4E4-F20D-43E7-B464-36C78F25CE36}D:\jeux pc\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) D:\jeux pc\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [{D00CE7F6-89FD-4150-A62E-B326919607C0}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{8FB2E6E1-46A8-436B-B8C2-A1DBA548D8DF}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [UDP Query User{57C2A60F-3A0F-4509-B1B1-133F43AC4EF0}D:\jeux pc\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) D:\jeux pc\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [TCP Query User{00845297-2488-42A0-83F8-FFE248139942}D:\jeux pc\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) D:\jeux pc\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [{60F794B6-923E-43DF-81AC-673C0F022195}] => (Allow) LPort=138
FirewallRules: [{3A51FA9D-69BC-40CE-A9E6-CE1CE438145E}] => (Allow) LPort=137
FirewallRules: [{BEEEDDC4-F5CE-4D81-91DE-23F065DEF437}] => (Allow) LPort=445
FirewallRules: [{21E7B8D5-7959-47BC-9E53-C3DC54D2EF32}] => (Allow) LPort=139
FirewallRules: [{4EB134E4-1B8A-4BB4-98B5-0617FFA9EF58}] => (Allow) C:\Program Files (x86)\Sent\sent.exe (Winsent Lab) [File not signed]
FirewallRules: [{3241A3FA-82B1-44C7-9143-29AC1C459AD8}] => (Allow) C:\Program Files (x86)\Sent\sent.exe (Winsent Lab) [File not signed]
FirewallRules: [UDP Query User{BA5B47CE-283B-40D7-BF47-F243CB27CA34}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [TCP Query User{8A09360C-609B-4269-8E06-E9C55A8A331A}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [UDP Query User{951174A7-ED94-4802-BCEC-C5A2EBAF3FF5}D:\jeux pc\steam\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) D:\jeux pc\steam\steamapps\common\total war warhammer ii\warhammer2.exe => No File
FirewallRules: [TCP Query User{A4060B34-3815-466E-9DB5-34BB23506FEA}D:\jeux pc\steam\steamapps\common\total war warhammer ii\warhammer2.exe] => (Allow) D:\jeux pc\steam\steamapps\common\total war warhammer ii\warhammer2.exe => No File
FirewallRules: [{724A90FC-61DB-4FFA-965C-D13278AC2566}] => (Allow) C:\Users\Alex\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{AEA72323-8448-4B77-82AB-493CDE220252}] => (Allow) C:\Users\Alex\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{B5FD0CD3-A308-4F41-B099-1A4AD6D909A0}D:\jeux pc\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) D:\jeux pc\steam\steamapps\common\total war warhammer\warhammer.exe => No File
FirewallRules: [TCP Query User{D9B29244-836B-48EB-B23A-D5BBCEA1ECA4}D:\jeux pc\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) D:\jeux pc\steam\steamapps\common\total war warhammer\warhammer.exe => No File
FirewallRules: [UDP Query User{E8384FAB-0C01-4196-99FD-B72606BF6A37}D:\jeux pc\warthunder\win64\aces.exe] => (Allow) D:\jeux pc\warthunder\win64\aces.exe (Gaijin Network Ltd -> Gaijin Entertainment)
FirewallRules: [TCP Query User{6CC42E13-B7EB-4E33-BD57-51AB2DCA5751}D:\jeux pc\warthunder\win64\aces.exe] => (Allow) D:\jeux pc\warthunder\win64\aces.exe (Gaijin Network Ltd -> Gaijin Entertainment)
FirewallRules: [UDP Query User{DD44F61C-D3BE-4938-9F92-E6A5A8575DE8}D:\jeux pc\warthunder\launcher.exe] => (Allow) D:\jeux pc\warthunder\launcher.exe (Gaijin Network Ltd -> Gaijin)
FirewallRules: [TCP Query User{24F96833-7482-4405-8463-8D7B80D5D70F}D:\jeux pc\warthunder\launcher.exe] => (Allow) D:\jeux pc\warthunder\launcher.exe (Gaijin Network Ltd -> Gaijin)
FirewallRules: [UDP Query User{CC9EA07B-A6F0-47DC-BE9A-2A5AA93B086C}D:\jeux pc\steam\steamapps\common\total war attila\attila.exe] => (Allow) D:\jeux pc\steam\steamapps\common\total war attila\attila.exe => No File
FirewallRules: [TCP Query User{ED3B1CA0-4C6C-4DE5-94AF-F2993540656F}D:\jeux pc\steam\steamapps\common\total war attila\attila.exe] => (Allow) D:\jeux pc\steam\steamapps\common\total war attila\attila.exe => No File
FirewallRules: [{57E38DC0-26C3-454D-97A2-D334E81D4F33}] => (Allow) D:\Jeux PC\Steam\steamapps\common\Total War Attila\launcher\launcher.exe => No File
FirewallRules: [{C213A4ED-A3D1-41FD-8B4E-2E94014915BB}] => (Allow) D:\Jeux PC\Steam\steamapps\common\Total War Attila\launcher\launcher.exe => No File
FirewallRules: [UDP Query User{E1ABCCFB-2CC5-42AB-BA21-28151544AF6C}D:\jeux pc\steam\steamapps\common\post scriptum\postscriptum\binaries\win64\postscriptum.exe] => (Allow) D:\jeux pc\steam\steamapps\common\post scriptum\postscriptum\binaries\win64\postscriptum.exe => No File
FirewallRules: [TCP Query User{467DFC23-5EDC-4ADA-97E1-5927915026F4}D:\jeux pc\steam\steamapps\common\post scriptum\postscriptum\binaries\win64\postscriptum.exe] => (Allow) D:\jeux pc\steam\steamapps\common\post scriptum\postscriptum\binaries\win64\postscriptum.exe => No File
FirewallRules: [{979EB7AB-67B2-4B36-9623-E4FE39198C6C}] => (Allow) D:\Jeux PC\Steam\steamapps\common\Post Scriptum\Launch_PostScriptum.exe => No File
FirewallRules: [{90E9F644-067A-4304-B456-310EA68B5818}] => (Allow) D:\Jeux PC\Steam\steamapps\common\Post Scriptum\Launch_PostScriptum.exe => No File
FirewallRules: [{163E0166-E40D-4FA9-9BB6-5E20DB06B582}] => (Allow) D:\Jeux PC\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe => No File
FirewallRules: [{0D470C3F-E3AB-4442-90B8-71E257736090}] => (Allow) D:\Jeux PC\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe => No File
FirewallRules: [UDP Query User{C8EA3809-0210-418A-B631-187D17024151}D:\jeux pc\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) D:\jeux pc\steam\steamapps\common\total war warhammer\warhammer.exe => No File
FirewallRules: [TCP Query User{41086342-F6B4-488E-82FA-235C189BD931}D:\jeux pc\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) D:\jeux pc\steam\steamapps\common\total war warhammer\warhammer.exe => No File
FirewallRules: [{E39A3B56-A257-41DA-B228-B383D53CA981}] => (Allow) D:\Jeux PC\Steam\steamapps\common\MountBlade Warband\mb_warband.exe ( Taleworlds Entertainment) [File not signed]
FirewallRules: [{73DCC660-5F28-4BD8-A3F4-BED96A69E951}] => (Allow) D:\Jeux PC\Steam\steamapps\common\MountBlade Warband\mb_warband.exe ( Taleworlds Entertainment) [File not signed]
FirewallRules: [{72C10179-4018-4BAD-AB6C-9C71046D9390}] => (Allow) D:\Jeux PC\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F21BB055-DB6C-4302-B91B-B696C92D3CD6}] => (Allow) D:\Jeux PC\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{88B7CD8C-B940-4D66-B53C-FF119E5F3BF9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DDBDF581-64CF-48FB-96D0-47EA7576FFC7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CDD67198-7A14-42F2-AA00-6E4A953FB24A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7FF8DDE2-ABBD-4A91-9D05-546C075A3338}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{9358DF3B-C9C1-4043-B64F-88E5DA280B6A}D:\jeux pc\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) D:\jeux pc\world_of_tanks_eu\win32\worldoftanks.exe => No File
FirewallRules: [TCP Query User{550E0554-BE5F-49AB-BEC9-AA336FC7E607}D:\jeux pc\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) D:\jeux pc\world_of_tanks_eu\win32\worldoftanks.exe => No File
FirewallRules: [{725FA72F-56D6-4826-B430-0C4C9941AFFD}] => (Allow) D:\Jeux PC\Wargaming.net\GameCenter\wgc.exe (Wargaming Group Limited -> Wargaming.net)
FirewallRules: [{412A45BE-6516-4043-9531-F3D2388E1453}] => (Allow) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{D75C4756-07FE-4374-9F91-DFC082050E3D}] => (Allow) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{E2467D97-8C32-4410-BF06-FA10E92D57C9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F8DCDCF4-9C3F-4452-A6B3-58FEE61AC5A3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AA8D1BAB-AA0A-453A-B07B-F151F08CF35E}] => (Allow) C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\RTLDHCP.exe (Realtek) [File not signed]
FirewallRules: [{457917FD-39B2-4B61-ABB4-FFF67171A109}] => (Allow) C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\RTLDHCP.exe (Realtek) [File not signed]
FirewallRules: [{F141F9C5-8EDB-478F-9E21-31512F8FB75E}] => (Allow) C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\RTLDHCP.exe (Realtek) [File not signed]
FirewallRules: [{24D1C1DB-DE3C-40CB-B9C9-7DE9E60B3CB4}] => (Allow) C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\RTLDHCP.exe (Realtek) [File not signed]
FirewallRules: [{B2625295-8FAD-4669-94B7-B782A8D317B1}] => (Allow) C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\RTLDHCP.exe (Realtek) [File not signed]
FirewallRules: [{8E3DDDA6-4137-463C-9872-8179ECEC22B9}] => (Allow) C:\Program Files (x86)\TP-Link\TP-Link Wireless Adapter WPS Tool\RTLDHCP.exe (Realtek) [File not signed]
FirewallRules: [{92185FD6-C912-408B-9933-A0B24872B555}] => (Allow) C:\Windows\schemas\Scripts\32-bit\vlmcsd.exe () [File not signed]
FirewallRules: [{6BA52E4D-1234-46C8-9EEF-1199E0598723}] => (Allow) C:\Windows\schemas\Scripts\32-bit\vlmcsd.exe () [File not signed]
FirewallRules: [TCP Query User{06B3525E-078E-4216-9D4D-14B51F147500}D:\jeux pc\warthunder\launcher.exe] => (Allow) D:\jeux pc\warthunder\launcher.exe (Gaijin Network Ltd -> Gaijin)
FirewallRules: [UDP Query User{70F538C4-4A17-4A5C-ACD7-B04E9DCA37FE}D:\jeux pc\warthunder\launcher.exe] => (Allow) D:\jeux pc\warthunder\launcher.exe (Gaijin Network Ltd -> Gaijin)
FirewallRules: [TCP Query User{E10FD1D1-163D-4CEC-8F58-7532337D3C08}D:\jeux pc\warthunder\win64\aces.exe] => (Allow) D:\jeux pc\warthunder\win64\aces.exe (Gaijin Network Ltd -> Gaijin Entertainment)
FirewallRules: [UDP Query User{757E71F1-F9BD-4557-9340-6855E73D5AA5}D:\jeux pc\warthunder\win64\aces.exe] => (Allow) D:\jeux pc\warthunder\win64\aces.exe (Gaijin Network Ltd -> Gaijin Entertainment)
FirewallRules: [{FDE88F8D-BF5B-4052-8E57-D1371E54857E}] => (Allow) D:\Jeux PC\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9062EE96-8DE0-4D42-AE16-53C0DDDC28A8}] => (Allow) D:\Jeux PC\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4465F4B5-5EB0-4969-BC24-0C9BE5AE10CD}] => (Allow) D:\Jeux PC\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{5B312E91-B952-4741-8255-BBAE4423D719}] => (Allow) D:\Jeux PC\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{2DC475F7-4798-4862-8447-92CC69B955FC}] => (Allow) D:\Jeux PC\Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe => No File
FirewallRules: [{98A67296-C578-40F3-89F4-C4E75B0248AB}] => (Allow) D:\Jeux PC\Steam\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe => No File
FirewallRules: [{61BDD8FD-CD2C-4A3F-AB60-2ADBE6489063}] => (Allow) D:\Jeux PC\Steam\steamapps\common\Total War Attila\launcher\launcher.exe => No File
FirewallRules: [{1F4D176F-2C74-491C-9A71-D4A02A527995}] => (Allow) D:\Jeux PC\Steam\steamapps\common\Total War Attila\launcher\launcher.exe => No File
FirewallRules: [{1D50F4EA-216C-413A-8BE1-80F99BDD6EE3}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{2AAD99DD-568B-40AB-ADF8-85F43734195B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{8F324A28-F483-493C-8C00-12A9A607E65A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{950B68EB-D5FA-42A0-916A-94B828FFB29D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{E5AD40F1-79AC-4D14-986C-6077FAA0D443}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{5C627736-BD03-4046-A3EE-60889A08A0A6}] => (Allow) D:\Jeux PC\Far Cry 5\bin\FarCry5.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{C59FA02C-72BF-4AC1-9214-3A4135B33588}] => (Allow) D:\Jeux PC\Far Cry 5\bin\ArcadeEditor64.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{80A5AF40-3093-4BF0-883C-F3007A9A354A}] => (Allow) D:\Jeux PC\Far Cry 5\bin\FarCry5.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{90D4E547-0709-4D91-88A0-98E5524C3F89}] => (Allow) D:\Jeux PC\Far Cry 5\bin\ArcadeEditor64.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{92222244-5273-4898-B027-254F46842DCC}] => (Allow) D:\Jeux PC\Far Cry 4\bin\FarCry4.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{EFD59D02-2FA6-44B8-AB25-A3DA9542DFE2}] => (Allow) D:\Jeux PC\Far Cry 4\bin\FarCry4.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{D718367A-4587-4711-9CEF-8A00250D2EA6}] => (Allow) D:\Jeux PC\Far Cry 4\bin\IGE_WPF64.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{D767E39D-0C21-4A11-B37E-F43914642CA9}] => (Allow) D:\Jeux PC\Far Cry 4\bin\IGE_WPF64.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{56968996-924C-43B0-828B-9CEF43EB61D9}] => (Allow) D:\Jeux PC\Far Cry New Dawn\bin\FarCryNewDawn.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{BF8DD4FE-3CFD-4BC4-8C4D-4EB80A870126}] => (Allow) D:\Jeux PC\Far Cry New Dawn\bin\FarCryNewDawn.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{99A99413-9EF3-43EA-8108-51E1BA74D589}] => (Allow) D:\Jeux PC\Steam\steamapps\common\Dungeons 3\Dungeons3.exe () [File not signed]
FirewallRules: [{47069534-AF26-4095-8C63-575C7658D209}] => (Allow) D:\Jeux PC\Steam\steamapps\common\Dungeons 3\Dungeons3.exe () [File not signed]
FirewallRules: [{F19EC09C-AFC0-4B1E-AF8A-7A94BEBA3C51}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8C8B328A-C009-4578-9E82-C04CF10E0499}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D3F53FD7-C504-40E4-9C52-DD58E650070B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{69D7C4B8-1EE7-4894-B90E-F0BE1A4E9D7D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BAC35415-1A74-48F2-83ED-EB3ED00B5823}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{9DA9DBDD-A2A5-4A47-B923-A851FBCFAA91}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{8CA133D7-8AB2-49D3-93FE-F6757C3D67BA}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{1BEE27D6-96D0-4AB0-ADC9-652EAEDF4253}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{0A2676C1-677E-4362-B988-35A6B96E9817}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{115F6C6D-2E90-40B3-A9ED-9D02BA6FF52A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{5C0F5CA2-A6F8-42F9-A280-2CF0A4956C27}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5329E2B9-BFEC-41B2-8348-23FE07B814EF}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{BEB221FB-B467-4BD6-9D3B-12E4522ECEA8}] => (Allow) C:\Program Files\NordVPN\nordvpn-service.exe (nordvpn s.a. -> TEFINCOM S.A.)
FirewallRules: [{C5901EC0-BA30-4DA0-BB47-A7C690D14228}] => (Allow) C:\Program Files\NordVPN\nordvpn-service.exe (nordvpn s.a. -> TEFINCOM S.A.)
FirewallRules: [{8050F981-87A7-45E1-B86C-0FF1162424B0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5D858795-FB04-4F5F-822F-69B9BC983136}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4520A1B7-1683-4628-BFD6-EB80B1B75148}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4A04487B-5D88-44CF-90F4-5CEF7016E6D0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EB676B5E-1C09-469F-AF76-BAA5F5379E91}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9EE50FCE-9A87-42D8-BB7B-A2CD89C62150}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EF874354-5860-4323-8E23-2E49F0A4D130}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{10522836-93BA-433C-96B9-73E83FE3D1A7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{47457A2A-6EDC-48B0-884A-CC3C6031F158}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9B1703C7-ED5E-4C16-9EF2-CE7DA1C67B51}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A9455EED-08D1-4FC7-8156-C493A2243343}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0B8FEB5C-958D-48B3-AE04-8EBBD762B159}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{860A9DE4-F097-4949-930A-E3A56F244CDB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C4BF5091-B8D4-47CE-A0FE-BB7DA31C1E4E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0C059241-6030-4A60-81C2-EAFA7FDCCCAE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2891A1CD-1E2E-4064-86F6-58D6970A8676}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{BD6D84F1-D7B2-46E4-8081-2C6697438014}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{7D781754-CD3F-4E2A-9141-29E5B546475D}] => (Allow) D:\Jeux PC\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{190B4E5B-949A-46F7-8F39-D1C6D3645AAB}] => (Allow) D:\Jeux PC\Battlefield 1\bf1Trial.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{32991800-50CA-4BA9-A3C7-CBCA02713648}] => (Allow) D:\Jeux PC\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{97443854-94E7-4926-94AB-5F68A0BC8337}] => (Allow) D:\Jeux PC\Battlefield 1\bf1.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB)
FirewallRules: [{44D6A7BA-0F9A-484F-B574-290D22E7E76C}] => (Allow) C:\Program Files\NordVPN\nordvpn-service.exe (nordvpn s.a. -> TEFINCOM S.A.)
FirewallRules: [{3A93F656-F790-4519-8A46-667035D21459}] => (Allow) C:\Program Files\NordVPN\nordvpn-service.exe (nordvpn s.a. -> TEFINCOM S.A.)
==================== Restore Points =========================
05-10-2023 15:08:03 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
05-10-2023 15:08:23 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
05-10-2023 15:24:12 Radeon Installer
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/07/2023 06:45:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: bad_module_info, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0x00000000
Fault offset: 0x00000000
Faulting process id: 0x26c4
Faulting application start time: 0x01d9f93da3404153
Faulting application path: bad_module_info
Faulting module path: unknown
Report Id: 5d8aef66-29bf-4ae1-8fb3-9e88fdd68962
Faulting package full name:
Faulting package-relative application ID:
Error: (10/07/2023 06:45:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TESvc.exe, version: 8.60.6.8515, time stamp: 0x607025b1
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xfcc51236
Faulting process id: 0x26c4
Faulting application start time: 0x01d9f93da3404153
Faulting application path: C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe
Faulting module path: unknown
Report Id: 09a14274-e152-4456-b153-d48edcc252f9
Faulting package full name:
Faulting package-relative application ID:
Error: (10/07/2023 06:45:17 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: TESvc.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address FCC51236
Error: (10/07/2023 06:45:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TESvc.exe, version: 8.60.6.8515, time stamp: 0x607025b1
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xfcc51236
Faulting process id: 0x55c
Faulting application start time: 0x01d9f93d837d2354
Faulting application path: C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe
Faulting module path: unknown
Report Id: 65700ffb-a67a-4a8f-b22f-aabd859b1b36
Faulting package full name:
Faulting package-relative application ID:
Error: (10/07/2023 06:44:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TESvc.exe, version: 8.60.6.8515, time stamp: 0x607025b1
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xfcc51236
Faulting process id: 0x55c
Faulting application start time: 0x01d9f93d837d2354
Faulting application path: C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe
Faulting module path: unknown
Report Id: 452a09e3-dc0c-4335-8fcc-31c31c494448
Faulting package full name:
Faulting package-relative application ID:
Error: (10/07/2023 06:44:36 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: TESvc.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address FCC51236
Error: (10/07/2023 06:44:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TESvc.exe, version: 8.60.6.8515, time stamp: 0x607025b1
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xfcc51236
Faulting process id: 0x3874
Faulting application start time: 0x01d9f93d6a60270f
Faulting application path: C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe
Faulting module path: unknown
Report Id: 91f82d92-1790-4def-8426-4e27b4fb1f8a
Faulting package full name:
Faulting package-relative application ID:
Error: (10/07/2023 06:44:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TESvc.exe, version: 8.60.6.8515, time stamp: 0x607025b1
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xfcc51236
Faulting process id: 0x3874
Faulting application start time: 0x01d9f93d6a60270f
Faulting application path: C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe
Faulting module path: unknown
Report Id: 9c9fb7da-6e04-4b45-8a25-99e75ed792d8
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (10/07/2023 06:45:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Check Point SandBlast Agent Threat Emulation service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (10/07/2023 06:45:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Check Point SandBlast Agent Threat Emulation service to connect.
Error: (10/07/2023 06:45:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Check Point SandBlast Agent Threat Emulation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 500 milliseconds: Restart the service.
Error: (10/07/2023 06:45:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Check Point SandBlast Agent Threat Emulation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 500 milliseconds: Restart the service.
Error: (10/07/2023 06:44:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Check Point SandBlast Agent Threat Emulation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 500 milliseconds: Restart the service.
Error: (10/07/2023 06:43:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Check Point SandBlast Agent Threat Emulation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 500 milliseconds: Restart the service.
Error: (10/07/2023 06:42:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Check Point SandBlast Agent Threat Emulation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 500 milliseconds: Restart the service.
Error: (10/07/2023 06:42:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Check Point SandBlast Agent Threat Emulation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 500 milliseconds: Restart the service.
Windows Defender:
================
Date: 2021-07-18 19:00:51
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-04-20 17:45:22
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Name: HackTool:Win64/AutoKMS
Severity: High
Category: Tool
Path: file:_C:\WINDOWS\SECOH-QAD.dll; file:_C:\WINDOWS\SECOH-QAD.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: System
Process Name: Unknown
Security intelligence Version: AV: 1.335.1263.0, AS: 1.335.1263.0, NIS: 1.335.1263.0
Engine Version: AM: 1.1.18000.5, NIS: 1.1.18000.5
Date: 2021-04-20 17:34:52
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-04-20 16:53:31
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===============
Date: 2023-10-07 18:36:25
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2023-10-07 18:36:25
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CP_AmsiProvider64.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F8 06/19/2014
Motherboard: Gigabyte Technology Co., Ltd. H81M-S2PV
Processor: Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz
Percentage of memory in use: 56%
Total physical RAM: 8070.47 MB
Available physical RAM: 3531.63 MB
Total Virtual: 23430.47 MB
Available Virtual: 14188.07 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:222.97 GB) (Free:69.69 GB) (Model: SanDisk SDSSDA240G) NTFS
Drive d: (WD 1To New) (Fixed) (Total:931.39 GB) (Free:276.92 GB) (Model: WDC WD10EZRZ-00HTKB0) NTFS
\\?\Volume{764a1db8-bdac-4b14-94b6-a38d8d87b41e}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
\\?\Volume{9c937f62-2ef1-4e23-a65c-5291d1571cd3}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 07B09F60)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================