Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12.05.2018
Ran by tiles (13-05-2018 09:31:58)
Running from C:\Users\tiles\Desktop
Windows 10 Pro Version 1709 16299.371 (X64) (2018-02-09 21:44:46)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1663164167-2339489011-2821599755-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1663164167-2339489011-2821599755-503 - Limited - Disabled)
Guest (S-1-5-21-1663164167-2339489011-2821599755-501 - Limited - Disabled)
tiles (S-1-5-21-1663164167-2339489011-2821599755-1001 - Administrator - Enabled) => C:\Users\tiles
WDAGUtilityAccount (S-1-5-21-1663164167-2339489011-2821599755-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe After Effects CC 2015 (HKLM-x32\...\{147EC100-14BE-45EF-AB42-35BAEE7D02F0}) (Version: 13.5.0 - Adobe Systems Incorporated)
Adobe Audition CC 2015 (HKLM-x32\...\{839A3566-AED6-4787-A849-5CBE2B1DC6AE}) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.0.272 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015 (HKLM-x32\...\ILST_19_2_1) (Version: 19.2.1 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.2.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1.2 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Amnesia - The Dark Descent (HKLM-x32\...\{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1) (Version: 1.0.0 - Frictional Games)
Amnesia: A Machine for Pigs (HKLM-x32\...\Amnesia: A Machine for Pigs_is1) (Version: - )
AOMEI Partition Assistant Pro Edition 5.5 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-5498165BF300}_is1) (Version: - AOMEI Technology Co., Ltd.)
Avast Antivirus Gratuit (HKLM-x32\...\Avast Antivirus) (Version: 17.2.2288 - AVAST Software)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CASIO FA-124 (HKLM-x32\...\{FB47E710-6249-4EFA-BE36-E922B0612AF4}) (Version: 2.00.0001 - CASIO COMPUTER CO., LTD.)
CCleaner (HKLM\...\CCleaner) (Version: 5.33 - Piriform) <==== ATTENTION
CCleaner Cloud (HKLM-x32\...\CCleaner Cloud) (Version: 1.9.0.3441 - Piriform)
CCleaner Cloud Installer (HKLM-x32\...\{60C009FE-4CE7-4597-BC56-2C08A77A33C0}) (Version: 1.0.0.1951 - Piriform) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0152 - Disc Soft Ltd)
Dragon NaturallySpeaking 13 (HKLM-x32\...\{33EA20FB-5389-4938-BA59-2BCD9BB68F41}) (Version: 13.00.000 - Nuance Communications Inc.)
Epson Easy Photo Print 2 (HKLM-x32\...\{310C1558-F6B5-4889-98B0-7471966BA7F2}) (Version: 2.2.3.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
EPSON SX125 Series Printer Uninstall (HKLM\...\EPSON SX125 Series) (Version: - SEIKO EPSON Corporation)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Everything 1.4.1.895 (x86) (HKLM-x32\...\Everything) (Version: 1.4.1.895 - David Carpenter)
Facebook Gameroom 1.3.1.3 (HKLM-x32\...\{7E155A45-DE1A-46E0-A6B2-10FE1D8501FC}) (Version: 1.3.1.3 - Facebook)
FluidSIM Pneumatique Etudiant version 3.5 (HKLM-x32\...\{86595631-CF9D-4D77-AC1D-F17F7CA64B24}_is1) (Version: 3.5 - Festo Didactic)
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.209.0 - International GeoGebra Institute)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.139 - Google Inc.)
Google Earth Pro (HKLM\...\{D9EF644E-2FAE-493B-8180-5617CC774C4F}) (Version: 7.3.1.4507 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.6.18.11 - HP)
HP Support Solutions Framework (HKLM-x32\...\{EB72DB50-C935-4C26-8349-69828F198902}) (Version: 12.9.18.3 - HP)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
Little Nightmares (HKLM-x32\...\Little Nightmares_is1) (Version: - )
Logiciel de base du périphérique HP Deskjet 3070 B611 series (HKLM\...\{7FA67271-304A-404C-A0F2-C7232E32A07D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
LTspice IV (HKLM-x32\...\LTspice IV) (Version: - )
Malwarebytes version 3.4.5.2467 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.5.2467 - Malwarebytes)
Microsoft Office Professionnel Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1663164167-2339489011-2821599755-1001\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{45CD67FD-3218-4207-A0A2-BC41245189E3}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 59.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.3 (x64 en-US)) (Version: 59.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)
MP3 Skype recorder (HKLM-x32\...\{E74ABD95-9B43-418B-9479-479490A14D9B}) (Version: 4.32.2.0 - Domit LTD)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MuseScore 2 (HKLM-x32\...\{4F0E15EA-F64C-11E5-9992-E717EA7DB0C8}) (Version: 2.0.3 - Werner Schweer and Others)
NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
Oracle VM VirtualBox 3.2.6 (HKLM\...\{AB048BF4-6AD7-450B-9538-0DF2C9229840}) (Version: 3.2.6 - Oracle Corporation)
Ori and the Blind Forest (HKLM-x32\...\Ori and the Blind Forest_is1) (Version: - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Prince of Persia Sands of Time (HKLM-x32\...\Uplay Install 111) (Version: - Ubisoft)
Python 3.6.2 (32-bit) (HKU\S-1-5-21-1663164167-2339489011-2821599755-1001\...\{8388fa07-1617-4b8d-8ad8-6a940ad8052c}) (Version: 3.6.2150.0 - Python Software Foundation)
Python 3.6.2 Core Interpreter (32-bit) (HKLM-x32\...\{4542573C-6216-4584-BA90-72BAF7954404}) (Version: 3.6.2150.0 - Python Software Foundation) Hidden
Python 3.6.2 Development Libraries (32-bit) (HKLM-x32\...\{69E3E4A6-2A0F-4A32-9C2D-591EEC107289}) (Version: 3.6.2150.0 - Python Software Foundation) Hidden
Python 3.6.2 Documentation (32-bit) (HKLM-x32\...\{796410A7-1669-4FE4-8332-F684B61269E2}) (Version: 3.6.2150.0 - Python Software Foundation) Hidden
Python 3.6.2 Executables (32-bit) (HKLM-x32\...\{348C0EFF-60B1-4E68-88B8-33D7DF70DFCF}) (Version: 3.6.2150.0 - Python Software Foundation) Hidden
Python 3.6.2 pip Bootstrap (32-bit) (HKLM-x32\...\{6B2D61BA-C42D-4324-B23F-1D7B5A2808EF}) (Version: 3.6.2150.0 - Python Software Foundation) Hidden
Python 3.6.2 Standard Library (32-bit) (HKLM-x32\...\{79B4337D-166F-4BC0-B67A-F73806CC730E}) (Version: 3.6.2150.0 - Python Software Foundation) Hidden
Python 3.6.2 Tcl/Tk Support (32-bit) (HKLM-x32\...\{DF24AFFD-23AB-4A7D-A0E0-6410CE3B6B9D}) (Version: 3.6.2150.0 - Python Software Foundation) Hidden
Python 3.6.2 Test Suite (32-bit) (HKLM-x32\...\{433FD2E2-839C-4211-88B7-45C90F738842}) (Version: 3.6.2150.0 - Python Software Foundation) Hidden
Python 3.6.2 Utility Scripts (32-bit) (HKLM-x32\...\{9B79DE7E-E864-4758-8DFC-85DA43B19671}) (Version: 3.6.2150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{2636F1E4-2BC5-4B19-BFFD-A08F72598309}) (Version: 3.6.6032.0 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6794 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Sid Meiers Civilization Beyond Earth (HKLM-x32\...\U2lkTWVpZXJzQ2l2aWxpemF0aW9uQmV5b25kRWFydGg=_is1) (Version: 1 - )
Sid Meier's Civilization V (HKLM-x32\...\{349DBF63-2FF1-4650-A38D-34FFFAEB0982}_is1) (Version: 1.0.3.144 - 2K Games)
Sid Meiers Civilization VI Winter 2016 Edition with Vikings and Poland Scenario Packs (HKLM\...\c2lkbWVpZXJzY2l2aWxpemF0aW9udmk_is1) (Version: 1 - )
SimCity (HKLM-x32\...\SimCity_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1663164167-2339489011-2821599755-1001\...\Spotify) (Version: 1.0.77.338.g758ebd78 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.38 - Synaptics Incorporated)
Synthesia (HKLM-x32\...\Synthesia) (Version: 9 - Synthesia LLC)
Tablette Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.17-3 - Wacom Technology Corp.)
Tropico 5 (HKLM-x32\...\Tropico 5_is1) (Version: - )
UltraISO Premium V9.33 (HKLM-x32\...\UltraISO_is1) (Version: - )
Update for Skype for Business 2015 (KB4011678) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8E63F16F-BC60-413E-8ABA-DAD375D2C356}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4011678) 64-Bit Edition (HKLM\...\{90150000-012B-040C-1000-0000000FF1CE}_Office15.PROPLUSR_{8E63F16F-BC60-413E-8ABA-DAD375D2C356}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4011678) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8E63F16F-BC60-413E-8ABA-DAD375D2C356}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{AC0D130B-8809-4125-811F-667893B90644}) (Version: 2.11.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 20.0 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1F535D6E-0BC8-11E5-B2CB-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{4D318F4F-79F9-11E6-86C2-BB95F5A309BD}) (Version: 14.0.161 - VEGAS)
VirtualDJ 8 (HKLM-x32\...\{5A89A21C-6391-4AFC-8502-66F6F7250125}) (Version: 8.0.2325.0 - Atomix Productions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.2 - VideoLAN)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Winamax Installer (HKU\S-1-5-21-1663164167-2339489011-2821599755-1001\...\Winamax Installer 2.0) (Version: 2.0 - Winamax)
Windows Driver Package - Cambridge Silicon Radio Ltd. (CSRBC) USB (04/21/2011 01.0.0.0) (HKLM\...\BEA7B05370C19B9C86893BB484FD6B9CC52B0CD8) (Version: 04/21/2011 01.0.0.0 - Cambridge Silicon Radio Ltd.)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Wondershare Filmora(Build 8.5.5) (HKLM\...\Wondershare Filmora_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Wondershare Streaming Audio Recorder(Build 2.3.6) (HKLM-x32\...\Wondershare Streaming Audio Recorder_is1) (Version: 2.3.6.1 - Wondershare Software)
Wondershare TunesGo Retro ( Version 4.8.3 ) (HKLM-x32\...\{0B31C808-8274-460D-8846-C711D40544A0}_is1) (Version: 4.8.3 - Wondershare)
Yamaha USB-MIDI Driver (HKLM\...\{71E75F05-930E-41BA-BDBC-15E3134DD45B}) (Version: 3.1.3.1 - Yamaha Corporation) Hidden
Yamaha USB-MIDI Driver (HKLM-x32\...\InstallShield_{71E75F05-930E-41BA-BDBC-15E3134DD45B}) (Version: 3.1.3.1 - Yamaha Corporation)
Zotero (HKLM-x32\...\Zotero 5.0.45 (x86 en-US)) (Version: 5.0.45 - Corporation for Digital Scholarship)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1663164167-2339489011-2821599755-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-27] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-27] (AVAST Software)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-27] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2007-07-17] (EZB Systems, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-27] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-27] (Malwarebytes)
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2007-07-17] (EZB Systems, Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-27] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-27] (Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2007-07-17] (EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2BDBE9C7-6DB1-4A36-B9D8-F0212214B14E} - System32\Tasks\S-1-5-21-1663164167-2339489011-2821599755-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-09-29] (Microsoft Corporation)
Task: {754BC157-6BEB-4B65-A199-694614CCAFBC} - System32\Tasks\CCleaner Cloud Update => C:\Program Files (x86)\CCleaner Cloud\CCleanerCloudHealthCheck.exe [2018-02-15] (Piriform)
Task: {784756BC-75D7-46FA-8B03-D8615E5BBDCD} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-tilesec@orange.fr => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-01-05] (Adobe Systems, Incorporated)
Task: {9C1C001C-9066-4E20-94F5-95B3EC322054} - System32\Tasks\CCleaner Cloud Watchdog => C:\Program Files (x86)\CCleaner Cloud\CCleanerCloudHealthCheck.exe [2018-02-15] (Piriform)
Task: {A8EC3926-056E-46B5-943C-BA225F9867B1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {B66B6A4C-D4F8-4950-BBCE-173DA349645B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner64.exe [2017-08-03] (Piriform Ltd)
Task: {DDD1EB75-5A03-4E47-920E-0C9710DD1568} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {F874A781-5E5C-415A-81F1-4EFEF889324C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\tiles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki
Shortcut: C:\Users\tiles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com

==================== Loaded Modules (Whitelisted) ==============

2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-03 20:59 - 2018-03-12 15:09 - 002300192 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-04-02 11:52 - 2018-02-09 06:11 - 001668200 _____ () C:\Program Files (x86)\Everything\Everything.exe
2016-05-22 19:33 - 2016-05-22 19:33 - 000491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2018-04-04 14:07 - 2018-02-22 02:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-04-04 14:07 - 2018-02-22 02:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-04-05 14:14 - 2018-04-05 14:14 - 004734464 _____ () C:\Program Files\WindowsApps\Microsoft.Wallet_2.2.18065.0_x64__8wekyb3d8bbwe\Microsoft.Wallet.dll
2018-05-05 10:26 - 2018-05-05 10:27 - 000062464 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11803.1001.11.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2018-05-05 10:26 - 2018-05-05 10:27 - 000178688 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11803.1001.11.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-04-24 19:06 - 2018-04-24 19:06 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-04-24 19:06 - 2018-04-24 19:06 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-04-24 19:06 - 2018-04-24 19:06 - 022320128 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-04-24 19:06 - 2018-04-24 19:06 - 002603008 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1813.286.0_x64__kzf8qxf38zg5c\skypert.dll
2018-02-10 07:47 - 2018-02-10 07:47 - 003657624 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2018-02-10 07:47 - 2018-02-10 07:47 - 002470296 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
2017-03-27 19:16 - 2017-03-27 19:16 - 000170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-02-25 12:37 - 2017-02-25 12:37 - 048936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-03-27 19:16 - 2017-03-27 19:16 - 000290352 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2016-08-12 11:35 - 2016-08-12 11:35 - 040523480 _____ () C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8 [168]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2018-05-05 11:33 - 000000341 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 platform.wondershare.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1663164167-2339489011-2821599755-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\tiles\Desktop\909855.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "Agent Serveur Média.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "LWS"
HKLM\...\StartupApproved\Run32: => "CCleanerCloudTray"
HKLM\...\StartupApproved\Run32: => "ISUSPM"
HKLM\...\StartupApproved\Run32: => "DNS7reminder"
HKLM\...\StartupApproved\Run32: => "Malwarebytes TrayApp"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKU\S-1-5-21-1663164167-2339489011-2821599755-1001\...\StartupApproved\StartupFolder: => "Logitech . Enregistrement du produit.lnk"
HKU\S-1-5-21-1663164167-2339489011-2821599755-1001\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk"
HKU\S-1-5-21-1663164167-2339489011-2821599755-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1663164167-2339489011-2821599755-1001\...\StartupApproved\Run: => "Flvto YouTube Downloader"
HKU\S-1-5-21-1663164167-2339489011-2821599755-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1663164167-2339489011-2821599755-1001\...\StartupApproved\Run: => "HP Deskjet 3070 B611 series (NET)"
HKU\S-1-5-21-1663164167-2339489011-2821599755-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1663164167-2339489011-2821599755-1001\...\StartupApproved\Run: => "DVSSkypeRecorder"
HKU\S-1-5-21-1663164167-2339489011-2821599755-1001\...\StartupApproved\Run: => "AmoltoRecorder"
HKU\S-1-5-21-1663164167-2339489011-2821599755-1001\...\StartupApproved\Run: => "MP3 Skype recorder"
HKU\S-1-5-21-1663164167-2339489011-2821599755-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1663164167-2339489011-2821599755-1001\...\StartupApproved\Run: => "DVSFreeVideoCallRecorder"
HKU\S-1-5-21-1663164167-2339489011-2821599755-1001\...\StartupApproved\Run: => "ISUSPM"
HKU\S-1-5-21-1663164167-2339489011-2821599755-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1663164167-2339489011-2821599755-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1663164167-2339489011-2821599755-1001\...\StartupApproved\Run: => "Dashlane"
HKU\S-1-5-21-1663164167-2339489011-2821599755-1001\...\StartupApproved\Run: => "DashlanePlugin"
HKU\S-1-5-21-1663164167-2339489011-2821599755-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1663164167-2339489011-2821599755-1001\...\StartupApproved\Run: => "EPSON SX125 Series"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A74E88CB-ACE7-4CB6-96DE-D3A38BFDC0DC}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0E39F076-C302-4000-99CA-7391077D4428}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{923BF1D5-6334-4934-9642-6A309DBBC38F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A7E9BCA6-4616-4CE8-821B-FEF46F307726}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{4A944B01-4974-400C-9512-3EC04675D09B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{3A9C895C-7ED6-442E-BF52-450FBBEC0CCA}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{6E2D8E5C-650D-45E7-9323-3933D49B2249}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{90AA27A1-5F99-450D-AE10-42BDD4496DFE}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{58BBDA0F-CF4D-4FB6-8E6D-D5D6058E3440}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8BF99964-AC63-4565-AD1D-15875B6265D4}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{028F3F49-C1E7-441D-8E2A-012734D519EA}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{428D1E76-22CE-4C89-8024-26E532DBD79B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{01B9357E-3984-4A45-A4BD-D1C617A5B6FE}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{E477BD09-1CE8-415B-A5F9-F36D8C7CD017}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0E499A2D-66E7-4069-B4BD-9F76E10C842A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{5433A5B1-456B-45E0-9D8B-E6D053444DE5}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B5EF2903-CFB7-4B6D-BE22-E58AFCCE5D27}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{D0601DB9-262C-471D-B2D3-B1ED98B3D755}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{6472316A-5515-4F91-BA2D-71DDF31EB4C4}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{568AE808-A801-4E1C-9B1D-553BAC171E8D}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{DE9FB899-2BC8-4B36-985A-69BB2684B25E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C10DC002-A321-49C8-8647-BD57818B092D}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B0AD0C30-F349-48DC-8DD6-A9185238497C}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{939F1D93-BB6F-4961-9BEF-9750E24E9EC3}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{149F672E-41B6-4B38-8CCA-A8042F3A5917}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{DE74B72B-E921-4152-B2AC-DC94CD297332}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{140E3E2D-1B96-4EEE-9153-5525A2BB7851}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{6B81DF61-0B64-4F06-A3E2-00F7E29D9803}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A065A76C-CB83-4A78-8A98-963E89726C6E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{AB9B363F-F6B9-4EFF-8465-5291B47AE19A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1B13C554-E627-46EF-BF9E-EDEBD6EA1AFF}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{79F22268-2B19-4EDE-B3C6-BAEBD3A65BDB}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B1FBC5E1-A993-48BA-8931-8BD4ADEF2B04}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{4AD94A35-A040-4D0C-B339-5BA38FF6F644}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8FE33DD6-0F1F-498D-B13A-0D6B73306A48}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{E8AB31C9-5C6D-4C87-8160-94BF81E2EF48}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{32BC95E3-A9C5-4EDB-8457-49C8C21CC9A4}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{6FFE7048-A243-4CD6-BDF0-8351A01E453D}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9C70B18C-6751-463B-B2A0-391ECF4BE77E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{2C3234CC-0CB3-4F28-ACC2-70DBC9D1DD5D}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{63F259EC-EA73-4898-8E84-F0AF2788B006}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{4D00EC09-3060-423D-99BE-C55B1840B093}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{D7130DD8-4F0B-4686-85B1-6B6C8F47282B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1F0C7F27-55AE-4744-8AF6-A5F286A6575B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{83F046E6-FE1D-4E1D-AE90-FCD9FCE40645}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{7E514C20-7C3D-4A5D-A902-EC1F26F45D8C}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1D134F1D-CE2F-4AC6-9141-1DA386A3EF77}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8CFC4192-3E99-4DF2-A15A-8ADE50DD6072}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8E490C3C-8E7E-47A7-8882-AC0A79F2578E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{CC0F8A19-42D3-4E9C-B219-05D7FCB58DD5}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{781FFFF6-A33B-4447-858E-B2FFEC95EFE0}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{784FDCE3-3AA0-43DD-B359-D7D623EC891B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F68D1BF0-3479-4482-9C4A-106F379816FA}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{EB2656CC-0B86-4005-AB0E-089CAC56A011}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{2CD0235E-01EE-44F2-991F-0827343A7DFF}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{83235FE0-74FC-4652-8BE0-532CA632B925}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1B22289C-5399-41BF-83CF-C4171D60BA79}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{505FECEA-E883-454A-86E9-4FA54BCBDD70}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{6018CAF4-12D9-4321-A2D3-E1537AF64849}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{3CCBDD7E-03F4-404A-A1E0-A5D71851F3A4}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{59E99252-A1AD-4F34-9DE1-613A6FCCBC09}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{AAB24CA3-FBC4-49E9-9531-067D48438871}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{D153138D-42C4-4EC0-BF5A-D940A7C3C58D}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{11846763-ADBD-42AF-BCBD-169FC3AC5E56}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0B59F1C6-4793-4062-98F7-7664B0B06E46}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F1998FED-2716-4AD9-A0A5-0629C718D41E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{27E580E3-1DD0-40AE-846C-7DEC1ADDAA26}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{CF4A56DC-27A3-409F-818F-AEADBCC2475D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{998BE7AE-DEF9-4E6A-BA85-84327F84D274}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{E87058F7-244B-436D-8EA7-D9D2B6CF94E3}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{52AF3423-AED5-4750-ABD4-692BB9047338}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{F8D6B7FC-BFD0-4CCB-BB83-C8B3CC7E3EEF}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{3F0F8AD2-1B7C-433B-8C35-6056A533B9DC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{49AF7C3E-7E57-4A0A-BC11-A3B8C051CE12}] => (Allow) LPort=51001
FirewallRules: [{A1708B17-D4C3-471F-B76E-0F20160E7D70}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{BE2BFE71-1476-495F-B294-81D08500A47C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{19B3C221-C77C-4233-93A2-0B2871B778B1}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{700D7586-E416-43E7-A32C-4DD3016822EC}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{05E8476F-C5F0-4FB4-8C41-8D4F84DCD78F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{CA6484D0-BB20-4740-972A-68FE5E93596E}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{CA7C4CAB-E220-4250-A4DD-8D0A0F6139EF}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{90F84FFD-C831-44ED-8429-08ED5F707341}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{4986B639-05CC-4E0D-A2C3-463D34ACF545}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{487E42D6-4DC1-4D64-86A5-3057C793FB52}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6206B31E-39F4-4ACB-86CB-A9A28336B993}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6D9DDC56-99C2-424F-A77A-1B1F8D801BB5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{92AECE00-DABC-4609-96CF-F675C17B2F89}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{98F84FC8-2848-4953-BA53-82ABBA178F20}C:\users\tiles\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\tiles\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [TCP Query User{6CEF1B55-E0D6-4E25-9B75-F6B560EF6E1E}C:\users\tiles\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\tiles\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [UDP Query User{61F3E0C8-D543-42F1-8647-6ABD227B7510}C:\program files\hp\hp deskjet 3070 b611 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp deskjet 3070 b611 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [TCP Query User{665CB9DC-A377-4313-B29F-1C0C09E60C94}C:\program files\hp\hp deskjet 3070 b611 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp deskjet 3070 b611 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [TCP Query User{23F7D409-7B34-438F-90F6-FE38828545B4}C:\program files\hp\hp deskjet 3070 b611 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp deskjet 3070 b611 series\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{B0DD7EA1-1368-4122-A034-956D7DE41931}C:\program files\hp\hp deskjet 3070 b611 series\bin\hpnetworkcommunicator.exe] => (Allow) C:\program files\hp\hp deskjet 3070 b611 series\bin\hpnetworkcommunicator.exe
FirewallRules: [TCP Query User{B8D19421-DBFA-4C12-9EC0-06855507FC57}C:\program files\hp\hp deskjet 3070 b611 series\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp deskjet 3070 b611 series\bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{1EE27E1A-6F98-4055-B879-03F4019085B6}C:\program files\hp\hp deskjet 3070 b611 series\bin\hpnetworkcommunicator.exe] => (Block) C:\program files\hp\hp deskjet 3070 b611 series\bin\hpnetworkcommunicator.exe
FirewallRules: [{4832BBE0-4F28-4C2C-A9A1-0412B56E4EE6}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{12D94009-E8FC-42C0-9B9B-C005ED67D20D}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{2A6F72FF-1867-48AB-91A9-2D8D6B1C4E5E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B23F2EA2-1F3E-4250-8FEE-4C31FDC3A4E5}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0D49DA35-4771-44CE-B50B-602B7EFC8B2D}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8D5C9581-B041-47C9-BC77-AEE709392615}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{CE115F03-4577-4229-8FC1-B16C8D298B5A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0F9D5472-E5A9-4750-855D-2E775299E480}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{DBD04A9B-F2C3-48C7-88E6-6D5475ACAB45}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{76DBB06D-B449-4DA6-AAE5-B23A861C856C}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A3160C01-DF5A-4D54-86BC-39E72A4DDB09}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9AD30FF5-DEF9-4F6C-BE69-E31FA3D862F6}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0ADA30D8-ECD2-426F-B600-6295711E8A23}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B1540B50-977A-45EA-963D-08FF14A9E3DB}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{39E42768-B4F5-4183-9B7A-3A3AD1FDE698}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{36A57386-B691-4065-8408-EF9D5852BE8D}C:\users\tiles\appdata\roaming\bittorrent\bittorrent.exe] => (Block) C:\users\tiles\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [UDP Query User{9D2BD804-6E39-4C39-A4F3-096ED23C2770}C:\users\tiles\appdata\roaming\bittorrent\bittorrent.exe] => (Block) C:\users\tiles\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [{9745558E-EDE4-4598-8604-671FABEDF6C7}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{BF4BF99E-17B4-4A7C-82A3-35CB28316254}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{58E59383-6F46-4B9F-974A-1617547F1C0A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{56582BC1-115D-48AF-A5FC-F726CEB44667}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F84E521B-887C-4286-AF08-62BC992148C0}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{E83A8286-7DEE-40D0-97D7-854CEB993600}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{24E0A30A-AC32-4522-BB6D-375312259B8E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{534011A9-076B-426E-91E3-4C7FBF5967B5}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{FAC685BF-AE71-40DB-8A07-0E68D50B1E8E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{033C6F0E-ED62-4C96-940E-7E605DF96CE1}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C3713BEE-84D0-41DD-AC2F-ECA968DFEE44}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{CCFB2A9D-5C40-40CA-A384-4592AAA46F4B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{6CE4393A-15A2-4FAB-A1B6-87F2A8FEA34C}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9787506E-B8E4-4EE9-8C33-A795AC160DD3}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{ED74B735-B292-4774-8198-A5C5E0F0F6B6}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{2C65A9F2-88A8-4555-8ECF-29BE4E61040F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A067DFCD-2E0C-4F08-9B62-D52B34F05880}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9344F52B-DA5E-4BDF-A781-F35D2A589836}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{8E36A43E-D76E-470E-8644-57BDAE1308D2}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{E4F55ADF-3B10-4800-A54C-B3DE2489948B}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{4FA14298-C1ED-49ED-9602-4EDA687A47D6}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{95865F2D-B474-41B9-B336-71BBF263E62A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{11D5A99E-EF61-449F-B570-F88CCF352FDC}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{E2121064-45C9-4230-B0D5-383DB9F81ADD}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{DAE03F0E-9F54-4DBA-AEA0-BE7A40F506D0}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{33A80707-B8F9-4A4B-AAF7-9AF1247913C5}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{27269E1A-49BB-44F2-B89B-23EE281E7111}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{306A61B4-7E9F-4E51-94DF-60B8123FA14C}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C5C7D07C-B70D-4AD8-A0F8-0BA6834C8E5C}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9F1E0FD8-1B1D-4EBF-9ED9-CB3056213D6E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0B90F929-D0CA-4959-90C1-1CC3E1357B31}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C07BCC80-280D-4588-B5AB-8D218B003F02}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{7816172D-1388-4FD2-9DC1-FF65FEE56AEE}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{545A0E67-0D97-47DA-8D53-D2EE3DC1C932}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{25C6E836-19C5-4C0F-9EB7-E57C24957FC9}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A6A0881A-E2E2-407F-9B09-E0E87A665BC7}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0F4E01AA-C4E1-4652-9C84-BDFF458A686A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{66057270-8B95-4477-904A-04A3014CB027}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{B7F30295-562D-42E5-A46F-8E89BE6C3FB0}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{5C9D845D-2ACC-407A-8786-50B5A9DA7042}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C4DE454F-C44F-49ED-B8DD-26BFE40AAC68}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{5BB1EC4B-2E2A-45F4-8CEE-D07419717F91}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0FE4AD07-2071-4C25-8237-0AF3ABD83DB9}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{27DD78F5-8444-4A49-A915-FC25EFE49EB4}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9EED43AA-D017-4666-A2BE-A4082515A224}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{060C50B5-E3CB-4EC1-9338-49587D93BCCB}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{61B58D10-E103-43E3-8871-F66E48635B4B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{D235AC26-6716-4D5B-89F9-A033C403302B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{FCAF4611-9890-40A5-9185-732FA8E813FC}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{D31BCA5C-B4B3-4A57-B41A-41D8F1CC825F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{6A454D5F-7507-4221-BC65-79194A6E6F79}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{7D84D6D5-176D-47B0-B56A-C144099E4873}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{2AB27DFD-EDFC-403F-8D04-9EEDC7E22005}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{4217A9A7-D7E4-4E73-A8A5-32ECDE20C34C}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8AF45D9D-815A-422F-BBBA-22D7CFAF7E9E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{5F295DE3-7689-43E7-94DA-6F6976C44463}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{E4CF5634-5ABA-491B-9DFF-6B8646DD4562}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{16625984-777F-4C92-8AC3-36D5D2010B01}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [TCP Query User{519A624B-6E7F-4115-9730-124A644E18ED}C:\users\tiles\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tiles\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{FF04E19A-8222-4B9E-8DE8-EECCBA3378E5}C:\users\tiles\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tiles\appdata\roaming\spotify\spotify.exe
FirewallRules: [{385BFA34-38B7-4B55-8953-356E14C724A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe
FirewallRules: [{CB23CB85-577E-43F6-A41D-76D6CD064E08}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe
FirewallRules: [{95755BF6-D095-4EED-8CCE-D03AB3F4E600}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A07055F3-AE27-4265-8D66-E29A575CA5AA}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{3E80C294-AB4B-489D-B039-CDBE72D3CEC2}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{96F1E0A6-EFCE-4159-9213-61285FD3E315}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{CF005A12-C1C9-4434-A7B8-FEBB2D2B04E0}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{3B9BA127-2B98-421A-999B-9A1E3F15A3C6}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C7B527AA-D2D0-4E51-B7AC-23241BC73981}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{BF327E9F-1DB9-4CB7-881D-6B3C3C7973AD}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{12B2BC80-9D92-409B-A9DB-19C89297E352}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{8764C72C-AA01-4F62-95B1-792E656B56C8}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{3C426021-E923-4773-8DC8-E93D843A6941}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A9DE206F-F8D3-473C-92F6-E72B5067FA93}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{E3FB6C97-9F48-411C-9F41-08DBCBB7AA36}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{E7E5AC0A-06CC-4932-8CB4-35518DB6C907}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{1F1779EB-3CE9-4278-8E71-90E936CFDFBF}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{FEE84DC2-DB7A-4D17-819E-DF2459C2F8EB}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{D99AB156-8273-40BC-AC4D-B6C5EED4B0A7}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A422EACF-E0E2-4429-AEA0-A80CF9A15EBD}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{917521ED-DF85-4470-9411-02846CE07C88}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{4C4971A3-BC67-4C04-BFA9-03F9B75456A1}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{C95FEC8C-433E-44EC-90E7-B95BC291C771}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{75EA1BA9-3A2D-4084-BD5A-12D1CED299B2}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{51EE4349-5B40-406A-9853-380EA78A066E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{10D3DBAC-CB79-4724-B413-7D20357F5B8F}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{122689D1-897B-40B8-B736-2E532DAC2932}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F98B2277-ABA8-4EA7-89A9-4D465DB17812}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{6C4F4C2B-BC48-43DB-8626-76EBAF98170A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{9D18B070-46BC-4162-82D6-5A2B40ACB02E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{EBA984E5-9790-40F6-BFC2-8D1898EEC5B1}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{669312DB-2731-486B-AACA-6AB09E7049D2}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{55C0AD02-13D5-4DE6-BF70-B36F258BE05B}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F7308DEB-B8DD-4928-BED5-A15B519A4964}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{4C250DEF-0706-41D4-ABC0-F84AB18ED28A}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{80A98010-3385-4005-B12C-D213A0E3F964}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{CA050E5C-6996-4C81-9E3F-12C8E6A9744E}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0DA1AB5E-36D9-4615-99F4-A1DC4E1F5491}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F7E2D91A-6EC5-4AFD-9035-6D36EC38BD64}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{DE073152-2443-4E80-819B-4EE970145C20}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F908CD62-8C75-4702-8B80-A931FE520285}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{342F1A75-E7A2-463B-8A85-A5175BE945B6}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{FA696627-A183-4411-8F7C-137D1363B454}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{83EE1A70-D3D9-4C24-9F31-B50E6552A187}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{45F8E3F9-7DDD-43FE-9F9E-F46B45044368}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{BD9775C3-D654-4E81-BF44-E969591F3F53}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{48A79CF7-3060-43AF-A793-3B378244CDD2}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{54F1AA49-F85B-4F79-89C9-1320BBE95301}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{96787AEA-3E17-4926-8508-88711CB3D267}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{0044B515-AAFC-48CB-9532-E8CCA30E0732}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{55F4070D-09D4-4340-8B2F-9FA0D98D1CF6}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{049E7341-D1C1-4334-AFE4-892633016F95}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A21ED85A-C1E3-4169-9586-5175AFDE69C1}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{36A9E65B-FB2F-4733-99BC-D637BCA0E128}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{4B3E9794-5F5C-4387-B668-7D56B5C08D68}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{3DB171BD-0C83-4485-9A84-C12F467C8832}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

20-04-2018 18:07:36 Windows Update
20-04-2018 18:13:31 Windows Update
05-05-2018 10:10:38 Windows Update
05-05-2018 10:14:45 Windows Update
11-05-2018 13:44:27 Windows Update
11-05-2018 13:55:17 Windows Update

==================== Faulty Device Manager Devices =============

Name: Anchorfree HSS VPN Adapter
Description: Anchorfree HSS VPN Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Anchorfree HSS VPN Adapter
Service: taphss6
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Sun Microsystems, Inc.
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/13/2018 09:24:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-TSTKEDT)
Description: Le package Microsoft.Windows.ShellExperienceHost_10.0.16299.371_neutral_neutral_cw5n1h2txyewy+App a été interrompu, car sa suspension a été trop longue.

Error: (05/13/2018 09:23:10 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows ne parvient pas à charger la DLL de compteur extensible rdyboost. Le premier mot (DWORD) de la section Données contient le code d’erreur Windows.

Error: (05/13/2018 09:23:05 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Échec de la procédure d’ouverture pour le service « BITS » dans la DLL « C:\Windows\System32\bitsperf.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur.

Error: (05/13/2018 09:22:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante WTabletServicePro.exe, version : 6.3.17.3, horodatage : 0x5787f8d8
Nom du module défaillant : WTabletServicePro.exe, version : 6.3.17.3, horodatage : 0x5787f8d8
Code d’exception : 0xc0000005
Décalage d’erreur : 0x0000000000044f2a
ID du processus défaillant : 0x878
Heure de début de l’application défaillante : 0x01d3ea8b1d50d4f7
Chemin d’accès de l’application défaillante : C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
Chemin d’accès du module défaillant: C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
ID de rapport : dcd1d62d-2c8f-4ba2-8a9d-7cd3f0093172
Nom complet du package défaillant :
ID de l’application relative au package défaillant :

Error: (05/11/2018 07:16:54 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Échec de la planification du redémarrage du service de protection logicielle à 2018-05-12T11:55:54Z. Code d’erreur : 0x80070002.

Error: (05/11/2018 07:16:24 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Échec de la planification du redémarrage du service de protection logicielle à 2018-05-12T11:55:24Z. Code d’erreur : 0x80070002.

Error: (05/11/2018 07:15:54 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Échec de la planification du redémarrage du service de protection logicielle à 2018-05-12T11:55:54Z. Code d’erreur : 0x80070002.

Error: (05/11/2018 07:15:24 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Échec de la planification du redémarrage du service de protection logicielle à 2018-05-12T11:55:24Z. Code d’erreur : 0x80070002.


System errors:
=============
Error: (05/13/2018 09:35:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Le service Wacom Professional Service s’est terminé de façon inattendue pour la 1ème fois.

Error: (05/13/2018 09:29:09 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-TSTKEDT)
Description: Les paramètres d’autorisation application-specific n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
et l’APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
au SID DESKTOP-TSTKEDT\tiles de l’utilisateur (S-1-5-21-1663164167-2339489011-2821599755-1001) depuis l’adresse LocalHost (Using LRPC) s’exécutant dans le SID Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy du conteneur d’applications (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.

Error: (05/13/2018 09:27:33 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Le service Downloaded Maps Manager est en attente de démarrage.

Error: (05/13/2018 09:25:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service HP Touchpoint Analytics n’a pas pu démarrer en raison de l’erreur :
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.

Error: (05/13/2018 09:25:28 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service HP Touchpoint Analytics.

Error: (05/13/2018 09:24:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service HP Support Solutions Framework Service n’a pas pu démarrer en raison de l’erreur :
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.

Error: (05/13/2018 09:24:58 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service HP Support Solutions Framework Service.

Error: (05/13/2018 09:22:46 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Les paramètres d’autorisation application-specific n’accordent pas l’autorisation Local Activation pour l’application serveur COM avec le CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
et l’APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
au SID NT AUTHORITY\LOCAL SERVICE de l’utilisateur (S-1-5-19) depuis l’adresse LocalHost (Using LRPC) s’exécutant dans le SID Unavailable du conteneur d’applications (Unavailable). Cette autorisation de sécurité peut être modifiée à l’aide de l’outil d’administration Services de composants.


Windows Defender:
===================================
Date: 2018-04-01 18:47:09.658
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nom : HackTool:MSIL/AutoKMS
ID : 2147711767
Gravité : Medium
Catégorie : Tool
Chemin : file:_C:\Program Files\KMSpico\Service_KMS.exe
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur : NT AUTHORITY\SYSTEM
Nom du processus : C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
Version de la signature : AV: 1.263.1892.0, AS: 1.263.1892.0, NIS: 119.0.0.0
Version du moteur : AM: 1.1.14600.4, NIS: 2.1.14600.4

Date: 2018-04-01 16:13:52.673
Description:
Antivirus Windows Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nom : HackTool:MSIL/AutoKMS
ID : 2147711767
Gravité : Medium
Catégorie : Tool
Chemin : file:_C:\Program Files\KMSpico\KMSELDI.exe;file:_C:\Program Files\KMSpico\Service_KMS.exe;process:_pid:3584,ProcessStart:131670652948342868;regkey:_HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1;service:_Service KMSELDI;uninstall:_HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Système
Utilisateur : NT AUTHORITY\SYSTEM
Nom du processus : C:\Program Files\KMSpico\Service_KMS.exe
Version de la signature : AV: 1.257.660.0, AS: 1.257.660.0, NIS: 118.2.0.0
Version du moteur : AM: 1.1.14306.0, NIS: 2.1.14202.0

Date: 2018-04-01 16:21:14.233
Description:
Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures.
Nouvelle version de la signature :
Version précédente de la signature : 1.263.1892.0
Source de mise à jour : Serveur Microsoft Update
Type de signature : Anti-virus
Type de mise à jour : Complet
Utilisateur : NT AUTHORITY\SYSTEM
Version actuelle du moteur :
Version précédente du moteur : 1.1.14600.4
Code d’erreur : 0x80072f8f
Description de l’erreur : A security error occurred

Date: 2018-04-01 16:11:12.201
Description:
Antivirus Windows Defender a rencontré une erreur lors d la mise à jour des signatures.
Nouvelle version de la signature :
Version précédente de la signature : 1.257.660.0
Source de mise à jour : Serveur Microsoft Update
Type de signature : Anti-virus
Type de mise à jour : Complet
Utilisateur : NT AUTHORITY\SYSTEM
Version actuelle du moteur :
Version précédente du moteur : 1.1.14306.0
Code d’erreur : 0x80072f8f
Description de l’erreur : A security error occurred

CodeIntegrity:
===================================

Date: 2018-04-22 14:32:30.260
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Nuance\NaturallySpeaking13\Program\x64\dgniedct_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-04-22 14:32:24.755
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Nuance\NaturallySpeaking13\Program\x64\dgniedct_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-04-22 14:32:24.754
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Nuance\NaturallySpeaking13\Program\x64\dgniedct_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-04-22 14:32:24.752
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Nuance\NaturallySpeaking13\Program\x64\dgniedct_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-04-22 14:31:59.705
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Nuance\NaturallySpeaking13\Program\x64\dd10hook_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-04-22 14:31:59.701
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Nuance\NaturallySpeaking13\Program\x64\nlutmgrhook_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-04-22 14:31:59.698
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Nuance\NaturallySpeaking13\Program\x64\dd10hook_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-04-22 14:31:59.602
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Nuance\NaturallySpeaking13\Program\x64\nlutmgrhook_x64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 34%
Total physical RAM: 6095.22 MB
Available physical RAM: 3984.55 MB
Total Virtual: 7119.22 MB
Available Virtual: 5110 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:438.51 GB) (Free:135.28 GB) NTFS
Drive d: (EMTEC) (Removable) (Total:3.73 GB) (Free:2.84 GB) FAT32

\\?\Volume{1c925e87-a23e-4d74-a9fb-7a4fd4c80ef3}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{0246b793-3c7e-421d-8358-71afb440b382}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
\\?\Volume{094cb0bf-7dac-454d-82dd-2587f1067a6d}\ () (Fixed) (Total:0.94 GB) (Free:0.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 3.7 GB) (Disk ID: F2868155)
Partition 1: (Not Active) - (Size=3.7 GB) - (Type=0C)

==================== End of Addition.txt ============================