--------------- QuickDiag | g3n-h@ckm@n | V7.145.21.1 ---------------

----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 26/05/2021 13:59:38

Updated 25/05/2021 | 10:30 (GMT) by g3n-h@ckm@n
Contact : http://www.sosvirus.net/

Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris
[alex- (Administrator)] - [DESKTOP-I5G6LTC] (S-1-5-21-2423402792-3554856681-1955181387-1001)

PC : Gigabyte Technology Co., Ltd. B450 AORUS ELITE x64-based PC
System: Microsoft Windows 10 Famille - X64 - (10.0.19042) -  BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> (20H2)
System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True
Boot : Microsoft Windows 10 Famille|C:\Windows|\Device\Harddisk1\Partition3
Boot : Normal boot
PC: B450 AORUS ELITE - Gigabyte Technology Co., Ltd. - IdNumber: Default string - UUID: 03C00218-044D-052A-9806-D10700080009
Processor : AMD Ryzen 5 2600X Six-Core Processor            (AuthenticAMD) - Clock Speed : 3600 - Socket : AM4 - Stauts : OK
BIOS : American Megatrends Inc. F52 - SN : Default string - Status : OK
 - Version : ALASKA - 1072009 - PrimaryBios : True - CurrentLanguage : en|US|iso8859-1 - OtherTargetOS : 
CoreTemp : ? Celsius

----------| Quick


---------- | SoundDevice

Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0892&SUBSYS_1458A182&REV_1003\5&5E7EDB7&0&0001
NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0060&SUBSYS_14623102&REV_1001\5&374FBA99&0&0001
NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: ROOT\UNNAMED_DEVICE\0000

---------- | Video

NVIDIA GeForce GTX 750 Ti - Resolution: 1920x1080 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d71d3f5ea7618cbb\nvldumdx.dll,C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d71d3f5ea7618cbb\nvldumdx.dll,C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d71d3f5ea7618cbb\nvldumdx.dll,C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d71d3f5ea7618cbb\nvldumdx.dll - PNPDeviceID: PCI\VEN_10DE&DEV_1380&SUBSYS_31021462&REV_A2\4&1C3D25BB&0&0019 - AdapterCompatibility: NVIDIA - RAM: -2147483648
Inegrated Video Chipset DeviceName: NVIDIA GeForce GTX 750 Ti - DriverVersion: 27.21.14.6647 - SpecificationVersion: 1025

---------- | Codecs

C:\Windows\system32\MSADP32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34600 -  Manufacturer: Microsoft Corporation - Status: OK
C:\Windows\system32\MSVIDC32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 39936 -  Manufacturer: Microsoft Corporation - Status: OK
C:\Windows\system32\TSBYUV.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 -  Manufacturer: Microsoft Corporation - Status: OK
C:\Windows\system32\MSYUV.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 27648 -  Manufacturer: Microsoft Corporation - Status: OK
C:\Windows\system32\MSG711.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25824 -  Manufacturer: Microsoft Corporation - Status: OK
C:\Windows\system32\IMAADP32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 37440 -  Manufacturer: Microsoft Corporation - Status: OK
C:\Windows\system32\IYUV_32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 -  Manufacturer: Microsoft Corporation - Status: OK
C:\Windows\system32\MSRLE32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 18432 -  Manufacturer: Microsoft Corporation - Status: OK
C:\Windows\system32\L3CODECA.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 93184 -  Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK
C:\Windows\system32\MSGSM32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42904 -  Manufacturer: Microsoft Corporation - Status: OK

---------- | Memory

Pagefile = Total (MB) : 19218 | Free (MB) : 14237
Virtual = Total (MB) : 4194 | Free (MB) : 3920

Physical Memory (MB)
--------------------
Total:     16335
Available: 12594
Cached:    2058
Free:      414

System
------
Handles:   68215
Processes: 169
Threads:   2408

---------- | SID Users

Administrateur : [S-1-5-21-2423402792-3554856681-1955181387-500]
alex- : [S-1-5-21-2423402792-3554856681-1955181387-1001]
DefaultAccount : [S-1-5-21-2423402792-3554856681-1955181387-503]
InvitÃ© : [S-1-5-21-2423402792-3554856681-1955181387-501]
WDAGUtilityAccount : [S-1-5-21-2423402792-3554856681-1955181387-504]
Administrateurs : [S-1-5-32-544]
Administrateurs Hyper-V : [S-1-5-32-578]
IIS_IUSRS : [S-1-5-32-568]
InvitÃ©s : [S-1-5-32-546]
Lecteurs des journaux dÂÃ©vÃ©nements : [S-1-5-32-573]
PropriÃ©taires d'appareils : [S-1-5-32-583]
System Managed Accounts Group : [S-1-5-32-581]
Utilisateurs : [S-1-5-32-545]
Utilisateurs de gestion Ã  distance : [S-1-5-32-580]
Utilisateurs de lÂAnalyseur de performances : [S-1-5-32-558]
Utilisateurs du journal de performances : [S-1-5-32-559]
Utilisateurs du modÃ¨le COM distribuÃ© : [S-1-5-32-562]

---------- | Drives

C:\ -> [Fixed] | [] | Total : 222.96 Go | Free : 112.86 Go -> NTFS (SSD) [SATA]
D:\ -> [Fixed] | [Stockage] | Total : 931.51 Go | Free : 166.04 Go -> NTFS [SATA]

Drive: 0
Cylinders: 121601
Tracks per Cylinder: 255
Sectors per Track: 63
Bytes per Sector: 512
Total Space: 1000204886016 bytes

Drive: 1
Cylinders: 29186
Tracks per Cylinder: 255
Sectors per Track: 63
Bytes per Sector: 512
Total Space: 240065183744 bytes


---------- | Windows updates - Activation - License


W.A.T : :)

Test 1 : Windows Is Activated

Volume License


---------- | Browsers

IE : 11.0.19041.1     (Â© Microsoft Corporation. Tous droits rÃ©servÃ©s.)

Default : "C:\Program Files\Internet Explorer\iexplore.exe" 

---------- | FlashPlayer


---------- | Security

AV : Windows Defender Enabled
AS : 
FW : WINDOWS Firewall
WMI : OK
WU: Windows Update Service [Manual(3)] = Running
AS: Windows Defender [Auto(2)] = Running
WMI: Windows Management Instrumentation [Auto(2)] = Running



---------- | Running processes

536 | [Owner : SystÃ¨me | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.19041.964) = C:\Windows\System32\smss.exe     [13/05/2021 18:09:06]    CPU Usage:0 %
780 | [Owner : SystÃ¨me | Parent : 768() | ?????] - (.Microsoft Corporation - Processus dÂexÃ©cution client-serveur.) - (10.0.19041.546) = C:\Windows\System32\csrss.exe     [19/11/2020 04:50:05]    CPU Usage:0 %
560 | [Owner : SystÃ¨me | Parent : 768() | ?????] - (.Microsoft Corporation - Application de dÃ©marrage de Windows.) - (10.0.19041.662) = C:\Windows\System32\wininit.exe     [27/04/2021 18:41:47]    CPU Usage:0 %
844 | [Owner : SystÃ¨me | Parent : 560(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et ContrÃ´leur.) - (10.0.19041.928) = C:\Windows\System32\services.exe     [27/04/2021 18:41:48]    CPU Usage:0 %
888 | [Owner : SystÃ¨me | Parent : 560(wininit.exe) | 21.34 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.19041.906) = C:\Windows\System32\lsass.exe     [27/04/2021 18:41:48]    CPU Usage:0 %
1052 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 26.12 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
1096 | [Owner : UMFD-0 | Parent : 560(wininit.exe) | 2.36 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.19041.906) = C:\Windows\System32\fontdrvhost.exe     [27/04/2021 18:41:49]    CPU Usage:0 %
1224 | [Owner : SERVICE RÃSEAU | Parent : 844(services.exe) | 14.24 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
1272 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 8.12 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
1528 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 8.93 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
1572 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 5.3 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
1620 | [Owner : SERVICE LOCAL | Parent : 844(services.exe) | 17.95 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
1656 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 12.9 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
1664 | [Owner : SERVICE LOCAL | Parent : 844(services.exe) | 7.18 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
1780 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 14.66 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
1840 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 9.17 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
1888 | [Owner : SERVICE LOCAL | Parent : 844(services.exe) | 7.71 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
1928 | [Owner : SERVICE LOCAL | Parent : 844(services.exe) | 6.7 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
1976 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 17.78 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.28.2851.9944) = C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d71d3f5ea7618cbb\Display.NvContainer\NVDisplay.Container.exe     [23/05/2021 11:19:56]    CPU Usage:0 %
1072 | [Owner : SERVICE RÃSEAU | Parent : 844(services.exe) | 12.28 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
1756 | [Owner : SERVICE LOCAL | Parent : 844(services.exe) | 4.97 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
2120 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 4.68 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
2128 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 12.7 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
2136 | [Owner : SERVICE LOCAL | Parent : 844(services.exe) | 6.75 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
2144 | [Owner : SERVICE LOCAL | Parent : 844(services.exe) | 8.39 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
2252 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 7.49 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
2276 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 7.42 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
2284 | [Owner : SERVICE LOCAL | Parent : 844(services.exe) | 7.73 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
2544 | [Owner : SERVICE LOCAL | Parent : 844(services.exe) | 6.02 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
2652 | [Owner : SERVICE LOCAL | Parent : 844(services.exe) | 13.34 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
2692 | [Owner : SERVICE RÃSEAU | Parent : 844(services.exe) | 8.4 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
2700 | [Owner : SERVICE LOCAL | Parent : 844(services.exe) | 5.61 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
2708 | [Owner : SERVICE LOCAL | Parent : 844(services.exe) | 8.62 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
2780 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 12.85 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
2964 | [Owner : SERVICE LOCAL | Parent : 844(services.exe) | 6.6 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
2972 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 14.9 Mo] - (.Microsoft Corporation - Application sous-systÃ¨me spouleur.) - (10.0.19041.964) = C:\Windows\System32\spoolsv.exe     [13/05/2021 18:08:55]    CPU Usage:0 %
2220 | [Owner : SERVICE LOCAL | Parent : 844(services.exe) | 19.9 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
2804 | [Owner : SERVICE RÃSEAU | Parent : 844(services.exe) | 7.22 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
3160 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 15.42 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
3404 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 31.04 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
3412 | [Owner : SERVICE RÃSEAU | Parent : 844(services.exe) | 13.4 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
3420 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 18.36 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
3428 | [Owner : SERVICE LOCAL | Parent : 844(services.exe) | 21.15 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
3436 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 7 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
3444 | [Owner : SERVICE LOCAL | Parent : 844(services.exe) | 8.28 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
3452 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 19.9 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
3460 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 4.7 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
3472 | [Owner : SERVICE LOCAL | Parent : 844(services.exe) | 5.28 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
3636 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 7.82 Mo] - (.Wacom Co. Ltd. - Tablet Service.) - (6.3.42.2) = C:\Program Files\Tablet\Wacom\WTabletServicePro.exe     [27/04/2021 16:30:39]    CPU Usage:0 %
3652 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 6.09 Mo] - (.Apple Inc. - Bonjour Service.) - (3.1.0.1) = C:\Program Files\Bonjour\mDNSResponder.exe     [12/08/2015 16:03:42]    CPU Usage:0 %
3664 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 13.76 Mo] - (.Apple Inc. - MobileDeviceService.) - (474.120.1.13) = C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe     [20/05/2020 10:33:46]    CPU Usage:0 %
3712 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 8.81 Mo] - (.Realtek Semiconductor - Realtek HD Audio Universal Service.) - (1.0.362.1) = C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c51a65fb5ec70f9d\RtkAudUService64.exe     [27/04/2021 16:22:33]    CPU Usage:0 %
3720 | [Owner : SystÃ¨me | Parent : 844(services.exe) | ?????] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.18.2104.14) = C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe     [14/05/2021 09:56:04]    CPU Usage:1 %
3784 | [Owner : SERVICE LOCAL | Parent : 844(services.exe) | 4.38 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
3852 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 8.05 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
3936 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 11.64 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
3976 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 4.64 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
3996 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 10.07 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
4972 | [Owner : SERVICE LOCAL | Parent : 844(services.exe) | 7.48 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
3604 | [Owner : SERVICE LOCAL | Parent : 844(services.exe) | 8.97 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
4536 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 23.39 Mo] - (.Microsoft Corporation - GamingServices.) - (10.0.19041.7259) = C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17002.0_x64__8wekyb3d8bbwe\GamingServices.exe     [20/05/2021 15:46:03]    CPU Usage:0 %
4540 | [Owner : SERVICE LOCAL | Parent : 844(services.exe) | 3.94 Mo] - (.Microsoft Corporation - GamingServices.) - (10.0.19041.7259) = C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17002.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe     [20/05/2021 15:46:03]    CPU Usage:0 %
5368 | [Owner : SERVICE LOCAL | Parent : 844(services.exe) | ?????] - (.Microsoft Corporation - Microsoft Network Realtime Inspection Service.) - (4.18.2104.14) = C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe     [14/05/2021 09:56:04]    CPU Usage:0 %
5508 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 5.33 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
5596 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 10.34 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
5668 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 3.27 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
6060 | [Owner : SystÃ¨me | Parent : 1052(svchost.exe) | 9 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.19041.546) = C:\Windows\System32\wbem\WmiPrvSE.exe     [19/11/2020 04:49:56]    CPU Usage:0 %
6112 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 10.33 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
6208 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 7.06 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
6384 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 20.92 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
6664 | [Owner : SERVICE LOCAL | Parent : 844(services.exe) | 19.44 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
7396 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 34.53 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.19041.844) = C:\Windows\System32\SearchIndexer.exe     [27/04/2021 18:41:21]    CPU Usage:0 %
8584 | [Owner : SystÃ¨me | Parent : 844(services.exe) | ?????] - (.Microsoft Corporation - Windows Security Health Service.) - (4.18.1907.16384) = C:\Windows\System32\SecurityHealthService.exe     [13/05/2021 18:09:05]    CPU Usage:0 %
8860 | [Owner : SystÃ¨me | Parent : 5584() | 1.5 Mo] - (.Google LLC - Google Crash Handler.) - (1.3.36.81) = C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe     [27/04/2021 16:04:43]    CPU Usage:0 %
8868 | [Owner : SystÃ¨me | Parent : 5584() | 1.2 Mo] - (.Google LLC - Google Crash Handler.) - (1.3.36.81) = C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe     [27/04/2021 16:04:43]    CPU Usage:0 %
9052 | [Owner : SERVICE LOCAL | Parent : 2652(svchost.exe) | 22.04 Mo] - (.Microsoft Corporation - Isolation graphique de pÃ©riphÃ©rique audio Windows .) - (10.0.19041.906) = C:\Windows\System32\audiodg.exe     [27/04/2021 18:40:40]    CPU Usage:0 %
14988 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 20.4 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
5908 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 22.8 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
10696 | [Owner : SERVICE LOCAL | Parent : 844(services.exe) | 6.73 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
14940 | [Owner : SystÃ¨me | Parent : 844(services.exe) | ?????] - (.Microsoft Corporation - Service Broker du moniteur d'exÃ©cution System Guard.) - (10.0.19041.546) = C:\Windows\System32\SgrmBroker.exe     [19/11/2020 04:50:36]    CPU Usage:0 %
10280 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 20.54 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
4848 | [Owner : SERVICE LOCAL | Parent : 844(services.exe) | ?????] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
6864 | [Owner : SERVICE LOCAL | Parent : 844(services.exe) | 10.67 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
9968 | [Owner : SystÃ¨me | Parent : 3964() | ?????] - (.Microsoft Corporation - Processus dÂexÃ©cution client-serveur.) - (10.0.19041.546) = C:\Windows\System32\csrss.exe     [19/11/2020 04:50:05]    CPU Usage:0 %
3376 | [Owner : SystÃ¨me | Parent : 3964() | 9.67 Mo] - (.Microsoft Corporation - Application dÂouverture de session Windows.) - (10.0.19041.906) = C:\Windows\System32\winlogon.exe     [27/04/2021 18:41:49]    CPU Usage:0 %
3820 | [Owner : UMFD-2 | Parent : 3376(winlogon.exe) | 4.5 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.19041.906) = C:\Windows\System32\fontdrvhost.exe     [27/04/2021 18:41:49]    CPU Usage:0 %
12436 | [Owner : DWM-2 | Parent : 3376(winlogon.exe) | 52.04 Mo] - (.Microsoft Corporation - Gestionnaire de fenÃªtres du Bureau.) - (10.0.19041.746) = C:\Windows\System32\dwm.exe     [27/04/2021 18:41:43]    CPU Usage:0 %
6512 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 6.6 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
10332 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 42.67 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
8428 | [Owner : SystÃ¨me | Parent : 1976(NVDisplay.Container.exe) | 45.64 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.28.2851.9944) = C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d71d3f5ea7618cbb\Display.NvContainer\NVDisplay.Container.exe     [23/05/2021 11:19:56]    CPU Usage:0 %
13060 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 11.17 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
8608 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 9.7 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
7996 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 8.25 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
5956 | [Owner : SERVICE LOCAL | Parent : 844(services.exe) | 5.66 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
2556 | [Owner : alex- | Parent : 1840(svchost.exe) | 27.94 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.19041.746) = C:\Windows\System32\sihost.exe     [27/04/2021 18:41:23]    CPU Usage:0 %
3180 | [Owner : alex- | Parent : 844(services.exe) | 29.04 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
14896 | [Owner : alex- | Parent : 844(services.exe) | 36.97 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
11164 | [Owner : alex- | Parent : 1780(svchost.exe) | 15.26 Mo] - (.Microsoft Corporation - Processus hÃ´te pour TÃ¢ches Windows.) - (10.0.19041.906) = C:\Windows\System32\taskhostw.exe     [27/04/2021 18:41:59]    CPU Usage:0 %
8936 | [Owner : alex- | Parent : 11544() | 127.43 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.19041.964) = C:\Windows\explorer.exe     [13/05/2021 18:08:55]    CPU Usage:0 %
11124 | [Owner : alex- | Parent : 844(services.exe) | 22.2 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
8884 | [Owner : alex- | Parent : 6208(svchost.exe) | 21.34 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.19041.1) = C:\Windows\System32\ctfmon.exe     [07/12/2019 11:09:00]    CPU Usage:0 %
2244 | [Owner : alex- | Parent : 1052(svchost.exe) | 67.34 Mo] - (. - .) - (0.0.0.0) = C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe     [19/11/2020 04:49:55]    CPU Usage:0 %
11220 | [Owner : alex- | Parent : 1052(svchost.exe) | 17.96 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe     [27/04/2021 18:41:15]    CPU Usage:0 %
13896 | [Owner : alex- | Parent : 1052(svchost.exe) | 191.88 Mo] - (.Microsoft Corporation - Search application.) - (10.0.19041.964) = C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe     [13/05/2021 18:09:30]    CPU Usage:0 %
3144 | [Owner : alex- | Parent : 3636(WTabletServicePro.exe) | 9.61 Mo] - (.Wacom Co. Ltd. - Tablet user module for professional driver.) - (6.3.42.2) = C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe     [27/04/2021 16:31:00]    CPU Usage:0 %
14540 | [Owner : alex- | Parent : 1052(svchost.exe) | 37.05 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe     [27/04/2021 18:41:15]    CPU Usage:0 %
8924 | [Owner : alex- | Parent : 1052(svchost.exe) | 18.73 Mo] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.19041.746) = C:\Windows\System32\SettingSyncHost.exe     [27/04/2021 18:42:08]    CPU Usage:0 %
10380 | [Owner : alex- | Parent : 1052(svchost.exe) | 51.45 Mo] - (.Microsoft Corporation - .) - (2001.22012.0.2020) = C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe     [13/05/2021 18:09:29]    CPU Usage:0 %
7624 | [Owner : SystÃ¨me | Parent : 3636(WTabletServicePro.exe) | 12.2 Mo] - (.Wacom Technology - Wacom Load Agent.) - (1.0.0.2) = C:\Program Files\Tablet\Wacom\WacomHost.exe     [27/04/2021 16:30:59]    CPU Usage:0 %
10632 | [Owner : alex- | Parent : 1052(svchost.exe) | 36.5 Mo] - (.Microsoft Corporation - Windows Defender SmartScreen.) - (10.0.19041.844) = C:\Windows\System32\smartscreen.exe     [27/04/2021 18:41:11]    CPU Usage:0 %
2776 | [Owner : alex- | Parent : 8936(explorer.exe) | 9.28 Mo] - (.Microsoft Corporation - Windows Security notification icon.) - (10.0.19041.1) = C:\Windows\System32\SecurityHealthSystray.exe     [07/12/2019 11:08:41]    CPU Usage:0 %
9508 | [Owner : SystÃ¨me | Parent : 7624(WacomHost.exe) | 39.13 Mo] - (.Wacom Co. Ltd. - Tablet Service for professional driver.) - (6.3.42.2) = C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe     [27/04/2021 16:30:59]    CPU Usage:0 %
10956 | [Owner : alex- | Parent : 3636(WTabletServicePro.exe) | 16.43 Mo] - (.Wacom Co. Ltd. - Touch User Mode Driver.) - (6.3.42.2) = C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe     [27/04/2021 16:30:59]    CPU Usage:0 %
9664 | [Owner : alex- | Parent : 8936(explorer.exe) | 9.21 Mo] - (.Realtek Semiconductor - Realtek HD Audio Universal Service.) - (1.0.362.1) = C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c51a65fb5ec70f9d\RtkAudUService64.exe     [27/04/2021 16:22:33]    CPU Usage:0 %
12852 | [Owner : alex- | Parent : 8936(explorer.exe) | 14.86 Mo] - (.Logitech Inc. - Logitech WingMan Event Monitor.) - (5.10.127.0) = C:\Program Files\Logitech\Gaming Software\LWEMon.exe     [14/06/2010 16:18:10]    CPU Usage:0 %
9456 | [Owner : alex- | Parent : 11408() | 103.69 Mo] - (.Discord Inc. - Discord.) - (1.0.9002.0) = C:\Users\alex-\AppData\Local\Discord\app-1.0.9002\Discord.exe     [25/05/2021 18:54:39]    CPU Usage:0 %
14272 | [Owner : alex- | Parent : 8936(explorer.exe) | 25.83 Mo] - (.f.lux Software LLC - f.lux.) - (4.119.0.0) = C:\Users\alex-\AppData\Local\FluxSoftware\Flux\flux.exe     [04/02/2021 21:16:18]    CPU Usage:0 %
12432 | [Owner : alex- | Parent : 8936(explorer.exe) | 132.51 Mo] - (.Epic Games, Inc. - EpicGamesLauncher.) - (12.2.5.0) = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe     [16/05/2021 15:02:25]    CPU Usage:0 %
2624 | [Owner : alex- | Parent : 9456(Discord.exe) | 23.92 Mo] - (.Discord Inc. - Discord.) - (1.0.9002.0) = C:\Users\alex-\AppData\Local\Discord\app-1.0.9002\Discord.exe     [25/05/2021 18:54:39]    CPU Usage:0 %
5024 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 6.02 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
3320 | [Owner : alex- | Parent : 9456(Discord.exe) | 102.78 Mo] - (.Discord Inc. - Discord.) - (1.0.9002.0) = C:\Users\alex-\AppData\Local\Discord\app-1.0.9002\Discord.exe     [25/05/2021 18:54:39]    CPU Usage:0 %
9384 | [Owner : alex- | Parent : 9456(Discord.exe) | 37.64 Mo] - (.Discord Inc. - Discord.) - (1.0.9002.0) = C:\Users\alex-\AppData\Local\Discord\app-1.0.9002\Discord.exe     [25/05/2021 18:54:39]    CPU Usage:0 %
11232 | [Owner : alex- | Parent : 13336() | 189.75 Mo] - (.Overwolf LTD - Overwolf.) - (0.170.0.13) = C:\Program Files (x86)\Overwolf\Overwolf.exe     [04/05/2021 18:57:44]    CPU Usage:0 %
11112 | [Owner : alex- | Parent : 8936(explorer.exe) | 87.21 Mo] - (.Wargaming.net - Wargaming.net Game Center.) - (21.2.3.5077) = C:\ProgramData\Wargaming.net\GameCenter\wgc.exe     [25/05/2021 22:08:50]    CPU Usage:1 %
7116 | [Owner : alex- | Parent : 9456(Discord.exe) | 240 Mo] - (.Discord Inc. - Discord.) - (1.0.9002.0) = C:\Users\alex-\AppData\Local\Discord\app-1.0.9002\Discord.exe     [25/05/2021 18:54:39]    CPU Usage:0 %
3920 | [Owner : alex- | Parent : 11008() | 7.61 Mo] - (.Oracle Corporation - Java Update Scheduler.) - (2.8.291.10) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe     [09/04/2021 01:24:40]    CPU Usage:0 %
4492 | [Owner : alex- | Parent : 12432(EpicGamesLauncher.exe) | 43.13 Mo] - (.Epic Games, Inc. - EpicWebHelper.) - (4.23.0.0) = C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe     [16/05/2021 15:02:24]    CPU Usage:0 %
6136 | [Owner : alex- | Parent : 11112(wgc.exe) | 11.89 Mo] - (.Wargaming.net - Wargaming.net Error Monitor.) - (3.2.0.2934) = C:\ProgramData\Wargaming.net\GameCenter\WargamingErrorMonitor.exe     [25/05/2021 22:08:50]    CPU Usage:0 %
2044 | [Owner : alex- | Parent : 11112(wgc.exe) | 67.58 Mo] - (.Wargaming.net - Wargaming.net Game Center.) - (21.2.3.5077) = C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe     [25/05/2021 22:08:50]    CPU Usage:1 %
1772 | [Owner : alex- | Parent : 11112(wgc.exe) | 21.53 Mo] - (.Wargaming.net - Wargaming.net Game Center.) - (21.2.3.5077) = C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe     [25/05/2021 22:08:50]    CPU Usage:0 %
8748 | [Owner : alex- | Parent : 11112(wgc.exe) | 98.16 Mo] - (.Wargaming.net - Wargaming.net Game Center.) - (21.2.3.5077) = C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe     [25/05/2021 22:08:50]    CPU Usage:0 %
8128 | [Owner : alex- | Parent : 11232(Overwolf.exe) | 28.78 Mo] - (.Overwolf LTD - OverwolfBrowser.) - (0.170.0.13) = C:\Program Files (x86)\Overwolf\0.170.0.13\OverwolfBrowser.exe     [04/05/2021 18:57:44]    CPU Usage:0 %
13956 | [Owner : alex- | Parent : 12432(EpicGamesLauncher.exe) | 30.16 Mo] - (.Epic Games, Inc. - EpicWebHelper.) - (4.23.0.0) = C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe     [16/05/2021 15:02:24]    CPU Usage:0 %
4052 | [Owner : alex- | Parent : 11232(Overwolf.exe) | 64.3 Mo] - (.Overwolf LTD - OverwolfBrowser.) - (0.170.0.13) = C:\Program Files (x86)\Overwolf\0.170.0.13\OverwolfBrowser.exe     [04/05/2021 18:57:44]    CPU Usage:0 %
2592 | [Owner : alex- | Parent : 9456(Discord.exe) | 57.28 Mo] - (.Discord Inc. - Discord.) - (1.0.9002.0) = C:\Users\alex-\AppData\Local\Discord\app-1.0.9002\Discord.exe     [25/05/2021 18:54:39]    CPU Usage:0 %
10416 | [Owner : alex- | Parent : 11232(Overwolf.exe) | 39.29 Mo] - (.Overwolf LTD - OverwolfBrowser.) - (0.170.0.13) = C:\Program Files (x86)\Overwolf\0.170.0.13\OverwolfBrowser.exe     [04/05/2021 18:57:44]    CPU Usage:0 %
14956 | [Owner : alex- | Parent : 11232(Overwolf.exe) | 17.9 Mo] - (.Overwolf LTD - Overlay.) - (2.2.85.4) = C:\Program Files (x86)\Common Files\Overwolf\0.170.0.13\OverwolfHelper.exe     [04/05/2021 18:56:38]    CPU Usage:0 %
10232 | [Owner : alex- | Parent : 11232(Overwolf.exe) | 22.5 Mo] - (.Overwolf LTD - Overlay.) - (2.2.85.4) = C:\Program Files (x86)\Common Files\Overwolf\0.170.0.13\OverwolfHelper64.exe     [04/05/2021 18:56:40]    CPU Usage:0 %
1760 | [Owner : alex- | Parent : 8936(explorer.exe) | 143.73 Mo] - (.Google LLC - Google Chrome.) - (90.0.4430.212) = C:\Program Files\Google\Chrome\Application\chrome.exe     [27/04/2021 16:05:06]    CPU Usage:0 %
4520 | [Owner : alex- | Parent : 1760(chrome.exe) | 7.49 Mo] - (.Google LLC - Google Chrome.) - (90.0.4430.212) = C:\Program Files\Google\Chrome\Application\chrome.exe     [27/04/2021 16:05:06]    CPU Usage:0 %
4016 | [Owner : alex- | Parent : 1760(chrome.exe) | 104.13 Mo] - (.Google LLC - Google Chrome.) - (90.0.4430.212) = C:\Program Files\Google\Chrome\Application\chrome.exe     [27/04/2021 16:05:06]    CPU Usage:1 %
7820 | [Owner : alex- | Parent : 1760(chrome.exe) | 33.73 Mo] - (.Google LLC - Google Chrome.) - (90.0.4430.212) = C:\Program Files\Google\Chrome\Application\chrome.exe     [27/04/2021 16:05:06]    CPU Usage:0 %
14580 | [Owner : alex- | Parent : 1760(chrome.exe) | 16.74 Mo] - (.Google LLC - Google Chrome.) - (90.0.4430.212) = C:\Program Files\Google\Chrome\Application\chrome.exe     [27/04/2021 16:05:06]    CPU Usage:0 %
6376 | [Owner : alex- | Parent : 1760(chrome.exe) | 34.48 Mo] - (.Google LLC - Google Chrome.) - (90.0.4430.212) = C:\Program Files\Google\Chrome\Application\chrome.exe     [27/04/2021 16:05:06]    CPU Usage:0 %
6104 | [Owner : alex- | Parent : 1760(chrome.exe) | 61.8 Mo] - (.Google LLC - Google Chrome.) - (90.0.4430.212) = C:\Program Files\Google\Chrome\Application\chrome.exe     [27/04/2021 16:05:06]    CPU Usage:0 %
12228 | [Owner : alex- | Parent : 1760(chrome.exe) | 36.14 Mo] - (.Google LLC - Google Chrome.) - (90.0.4430.212) = C:\Program Files\Google\Chrome\Application\chrome.exe     [27/04/2021 16:05:06]    CPU Usage:0 %
11360 | [Owner : alex- | Parent : 1760(chrome.exe) | 34.21 Mo] - (.Google LLC - Google Chrome.) - (90.0.4430.212) = C:\Program Files\Google\Chrome\Application\chrome.exe     [27/04/2021 16:05:06]    CPU Usage:0 %
6340 | [Owner : alex- | Parent : 1760(chrome.exe) | 82.51 Mo] - (.Google LLC - Google Chrome.) - (90.0.4430.212) = C:\Program Files\Google\Chrome\Application\chrome.exe     [27/04/2021 16:05:06]    CPU Usage:0 %
760 | [Owner : alex- | Parent : 1760(chrome.exe) | 116.3 Mo] - (.Google LLC - Google Chrome.) - (90.0.4430.212) = C:\Program Files\Google\Chrome\Application\chrome.exe     [27/04/2021 16:05:06]    CPU Usage:0 %
13940 | [Owner : alex- | Parent : 844(services.exe) | 12.7 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
13324 | [Owner : alex- | Parent : 11232(Overwolf.exe) | 111.28 Mo] - (.Overwolf LTD - OverwolfBrowser.) - (0.170.0.13) = C:\Users\alex-\AppData\Local\Overwolf\ProcessCache\0.170.0.13\cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj\curseforge.exe     [20/05/2021 21:40:15]    CPU Usage:0 %
14048 | [Owner : alex- | Parent : 1052(svchost.exe) | 12.67 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.19041.546) = C:\Windows\System32\dllhost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
12580 | [Owner : alex- | Parent : 1052(svchost.exe) | 17.96 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe     [27/04/2021 18:41:15]    CPU Usage:0 %
14256 | [Owner : alex- | Parent : 8936(explorer.exe) | 49.12 Mo] - (.Microsoft Corporation - Outil Capture dÂÃ©cran.) - (10.0.19041.746) = C:\Windows\System32\SnippingTool.exe     [27/04/2021 18:43:05]    CPU Usage:0 %
12272 | [Owner : alex- | Parent : 1760(chrome.exe) | 59.81 Mo] - (.Google LLC - Google Chrome.) - (90.0.4430.212) = C:\Program Files\Google\Chrome\Application\chrome.exe     [27/04/2021 16:05:06]    CPU Usage:0 %
4552 | [Owner : alex- | Parent : 1760(chrome.exe) | 23.38 Mo] - (.Google LLC - Google Chrome.) - (90.0.4430.212) = C:\Program Files\Google\Chrome\Application\chrome.exe     [27/04/2021 16:05:06]    CPU Usage:0 %
10508 | [Owner : SERVICE RÃSEAU | Parent : 1052(svchost.exe) | 11.43 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.19041.546) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe     [19/11/2020 04:50:20]    CPU Usage:0 %
5856 | [Owner : alex- | Parent : 1052(svchost.exe) | 56.79 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.19041.610) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe     [19/11/2020 04:51:03]    CPU Usage:0 %
12028 | [Owner : alex- | Parent : 1052(svchost.exe) | 21.27 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe     [27/04/2021 18:41:15]    CPU Usage:0 %
13824 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 6.8 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
14616 | [Owner : SystÃ¨me | Parent : 844(services.exe) | 12.07 Mo] - (.Microsoft Corporation - Processus hÃ´te pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe     [19/11/2020 04:50:03]    CPU Usage:0 %
6944 | [Owner : alex- | Parent : 8936(explorer.exe) | 57.55 Mo] - (.SosVirus - QuickDiag.) - (7.145.21.1) = C:\Users\alex-\Desktop\QuickDiag.exe     [26/05/2021 13:58:33]    CPU Usage:0 %

---------- | Locked Applications


---------- | Policy Restrictions


---------- | Explorer.exe Modules (Microsoft Files Whitelisted)

(..-..) - (0.0.0.0) -- C:\Windows\SYSTEM32\UMPDC.dll
(..-..) - (0.0.0.0) -- C:\Windows\SYSTEM32\TextShaping.dll
(..-..) - (0.0.0.0) -- C:\Windows\System32\WindowManagementAPI.dll
(..-..) - (0.0.0.0) -- C:\Windows\System32\VirtualMonitorManager.dll
(..-..) - (0.0.0.0) -- C:\Users\alex-\AppData\Local\MEGAsync\ShellExtX64.dll
(..-..) - (0.0.0.0) -- C:\Windows\System32\Windows.Internal.UI.Shell.WindowTabManager.dll
(.NVIDIA Corporation.-.NVIDIA Driver Loader, Version 466.47 .) - (27.21.14.6647) -- C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d71d3f5ea7618cbb\nvldumdx.dll
(.NVIDIA Corporation.-.NVIDIA D3D10 Driver, Version 466.47 .) - (27.21.14.6647) -- C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d71d3f5ea7618cbb\nvwgf2umx_cfg.dll
(..-..) - (0.0.0.0) -- C:\Windows\ShellExperiences\TileControl.dll
(..-..) - (0.0.0.0) -- C:\Windows\ShellComponents\TaskFlowUI.dll
(.Alexander Roshal.-.WinRAR shell extension.) - (6.1.0.0) -- C:\Program Files\WinRAR\rarext.dll
(.NVIDIA Corporation.-.NVIDIA Shell Extensions.) - (6.14.14.6647) -- C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d71d3f5ea7618cbb\nv3dappshext.dll
(.NVIDIA Corporation.-.NVIDIA NVAPI Library, Version 466.47 .) - (27.21.14.6647) -- C:\Windows\SYSTEM32\nvapi64.dll

---------- | Winlogon.exe Modules (Microsoft Files Whitelisted)

(..-..) - (0.0.0.0) -- C:\Windows\System32\UMPDC.dll

---------- | svchost.exe Modules (Microsoft Files Whitelisted)

(..-..) - (0.0.0.0) -- c:\windows\system32\UMPDC.dll
(.Apple Inc..-.Bonjour Namespace Provider.) - (3.1.0.1) -- C:\Program Files\Bonjour\mdnsNSP.dll
(..-..) - (0.0.0.0) -- c:\windows\system32\TextShaping.dll
(.SQLite Development Team.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.29.0.0) -- c:\windows\system32\winsqlite3.dll
(..-..) - (0.0.0.0) -- C:\Windows\System32\WindowManagementAPI.dll
(..-..) - (0.0.0.0) -- C:\Windows\System32\usocoreps.dll

---------- | Windows Installer Installations

(Advanced Micro Devices, Inc.) AMD Ryzen Balanced Driver - Install. : 27/04/2021 - Package : C:\Windows\Installer\157a14.msi
(Microsoft Corporation) Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 - Install. : 28/04/2021 - Package : C:\Windows\Installer\a3e16.msi
(Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) - Install. : 28/04/2021 - Package : C:\Windows\Installer\ab4cd.msi
(Microsoft Corporation) Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 - Install. : 28/04/2021 - Package : C:\Windows\Installer\ab4ed.msi
(Microsoft Corporation) Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 - Install. : 28/04/2021 - Package : C:\Windows\Installer\a4ff8.msi
(Microsoft Corporation) Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29914 - Install. : 27/04/2021 - Package : C:\Windows\Installer\a6ac7.msi
(Microsoft Corporation) Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 - Install. : 28/04/2021 - Package : C:\Windows\Installer\ab4ad.msi
(Advanced Micro Devices, Inc.) AMD_Chipset_Drivers - Install. : 27/04/2021 - Package : C:\Windows\Installer\1579f6.msi
(Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) - Install. : 16/05/2021 - Package : C:\Windows\Installer\b5b064a.msi
(Oracle Corporation) Java 8 Update 291 (64-bit) - Install. : 28/04/2021 - Package : C:\Windows\Installer\1a3732.msi
(Apple Inc.) Apple Mobile Device Support - Install. : 11/05/2021 - Package : C:\Windows\Installer\1e393.msi
(Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 - Install. : 28/04/2021 - Package : C:\Windows\Installer\ab4c8.msi
(Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - Install. : 28/04/2021 - Package : C:\Windows\Installer\ab4d7.msi
(Microsoft Corporation) Microsoft Visual C++ 2019 X86 Additional Runtime - 14.24.28127 - Install. : 28/04/2021 - Package : C:\Windows\Installer\ab519.msi
(Epic Games, Inc.) Epic Online Services - Install. : 16/05/2021 - Package : C:\Windows\Installer\b5b0645.msi
(Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 - Install. : 28/04/2021 - Package : C:\Windows\Installer\ab4bc.msi
(Advanced Micro Devices, Inc.) AMD PSP Driver - Install. : 27/04/2021 - Package : C:\Windows\Installer\157a0a.msi
(Apple Inc.) Bonjour - Install. : 11/05/2021 - Package : C:\Windows\Installer\1e399.msi
(Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) - Install. : 09/05/2021 - Package : C:\Windows\Installer\c4388f.msi
(Apple Inc.) Apple Application Support (64 bits) - Install. : 11/05/2021 - Package : C:\Windows\Installer\1e38e.msi
(Epic Games, Inc.) Epic Games Launcher - Install. : 16/05/2021 - Package : C:\Windows\Installer\b5b0640.msi
(Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 - Install. : 28/04/2021 - Package : C:\Windows\Installer\ab4b2.msi
(Apple Inc.) Apple Application Support (32 bits) - Install. : 11/05/2021 - Package : C:\Windows\Installer\1e389.msi
(Mojang) Minecraft Launcher - Install. : 18/05/2021 - Package : C:\Windows\Installer\484bc94.msi
(Microsoft Corporation) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 - Install. : 28/04/2021 - Package : C:\Windows\Installer\ab4e8.msi
(Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - Install. : 28/04/2021 - Package : C:\Windows\Installer\ab4d2.msi
(Microsoft Corporation) Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29914 - Install. : 27/04/2021 - Package : C:\Windows\Installer\a6ab1.msi
(Microsoft Corporation) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 - Install. : 28/04/2021 - Package : C:\Windows\Installer\ab4b7.msi
(Advanced Micro Devices, Inc.) Promontory_GPIO Driver - Install. : 27/04/2021 - Package : C:\Windows\Installer\157a0f.msi
(Microsoft Corporation) Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 - Install. : 28/04/2021 - Package : C:\Windows\Installer\ab4f2.msi
(Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - Install. : 30/04/2021 - Package : C:\Windows\Installer\7acedb.msi
(Microsoft Corporation) Microsoft Update Health Tools - Install. : 27/04/2021 - Package : C:\Windows\Installer\ae3eb.msi
(Advanced Micro Devices, Inc.) AMD SBxxx SMBus Driver Alpha - Install. : 27/04/2021 - Package : C:\Windows\Installer\157a05.msi
(Microsoft Corporation) Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 - Install. : 28/04/2021 - Package : C:\Windows\Installer\ab4e3.msi
(Advanced Micro Devices, Inc.) AMD StoreMI - Install. : 28/04/2021 - Package : C:\Windows\Installer\254d46.msi
(Logitech) Logitech Gaming Software 5.10 - Install. : 09/05/2021 - Package : C:\Windows\Installer\c43895.msi
(Advanced Micro Devices, Inc.) AMD PCI Driver - Install. : 27/04/2021 - Package : C:\Windows\Installer\157a00.msi
(Microsoft Corporation) Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.24.28127 - Install. : 28/04/2021 - Package : C:\Windows\Installer\ab503.msi
(Oracle Corporation) Java Auto Updater - Install. : 28/04/2021 - Package : C:\Windows\Installer\1a3737.msi
(Advanced Micro Devices, Inc.) AMD GPIO2 Driver - Install. : 27/04/2021 - Package : C:\Windows\Installer\1579fb.msi
(Cybelsoft) DriversCloud.com (64 bits) - Install. : 27/04/2021 - Package : C:\Windows\Installer\c2238.msi

---------- | Windows Updates

KB4601554 - Installed On : 04/27/2021 - [Update]
KB4562830 - Installed On : 04/27/2021 - [Update]
KB4570334 - Installed On : 11/18/2020 - [Security Update]
KB4577586 - Installed On : 04/27/2021 - [Update]
KB4580325 - Installed On : 11/19/2020 - [Security Update]
KB4586864 - Installed On : 11/19/2020 - [Security Update]
KB4589212 - Installed On : 04/27/2021 - [Update]
KB5003173 - Installed On : 05/14/2021 - [Security Update]
KB5003242 - Installed On : 05/13/2021 - [Security Update]

---------- | ZeroAccess Check

[HKLM64\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM64\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll
[HKLM64\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM64\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll
[HKLM64\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll

---------- | Startings up

[HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[OneDriveSetup] : C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
[HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[OneDriveSetup] : C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
C:\Users\alex-\AppAdata\Roaming\Microsoft\Start Menu\Programs\Startup\MEGAsync.lnk|MEGAsync : MEGAsync.lnk
C:\Users\alex-\AppAdata\Roaming\Microsoft\Start Menu\Programs\Startup\Twitch.lnk|Twitch : Twitch.lnk
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Discord] : C:\Users\alex-\AppData\Local\Discord\Update.exe --processStart Discord.exe
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Steam] : "C:\Program Files (x86)\Steam\steam.exe" -silent
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Gif Your Game] : "C:\Users\alex-\AppData\Local\Programs\badpanda-react\Gif Your Game.exe"
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[f.lux] : "C:\Users\alex-\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[CCleaner Smart Cleaning] : "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[EpicGamesLauncher] : "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Overwolf] : C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Wargaming.net Game Center] : "C:\ProgramData\Wargaming.net\GameCenter\wgc.exe" --background
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[SecurityHealth] : %windir%\system32\SecurityHealthSystray.exe
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[RtkAudUService] : "C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c51a65fb5ec70f9d\RtkAudUService64.exe" -background
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Start WingMan Profiler] : C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui

[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Discord"=C:\Users\alex-\AppData\Local\Discord\Update.exe --processStart Discord.exe   
"Steam"="C:\Program Files (x86)\Steam\steam.exe" -silent   
"Gif Your Game"="C:\Users\alex-\AppData\Local\Programs\badpanda-react\Gif Your Game.exe"   
"f.lux"="C:\Users\alex-\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow   
"CCleaner Smart Cleaning"="C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR   
"EpicGamesLauncher"="C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent   
"Overwolf"=C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent   
"Wargaming.net Game Center"="C:\ProgramData\Wargaming.net\GameCenter\wgc.exe" --background   

[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]
"BakkesMod"=0x020000000000000000000000   
"Gif Your Game"=0x0300000033EA22E7E945D701   
"Steam"=0x03000000240092EBE945D701   
"Discord"=0x020000000000000000000000   
"CCleaner Smart Cleaning"=0x03000000B93A56E4E945D701   
"f.lux"=0x020000000000000000000000   

[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"Device"=Microsoft Print to PDF,winspool,Ne01:   
"IsMRUEstablished"=0   
"LegacyDefaultPrinterMode"=0   
"MenuDropAlignment"=0   

[HKLM64\Software\Microsoft\Command Processor]
"CompletionChar"=9   
"DefaultColor"=0   
"EnableExtensions"=1   
"PathCompletionChar"=9   

[HKLM64\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=%windir%\system32\SecurityHealthSystray.exe   
"RtkAudUService"="C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c51a65fb5ec70f9d\RtkAudUService64.exe" -background   
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui   

[HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]
"SecurityHealth"=0x060000000000000000000000   
"RtkAudUService"=0x020000000000000000000000   
"Start WingMan Profiler"=0x020000000000000000000000   

[HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32]
"CK550_CK552"=0x030000003D2CB5E3E945D701   
"SunJavaUpdateSched"=0x020000000000000000000000   

[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
""=mnmsrvc   
"AppInit_DLLs"=   
"DdeSendTimeout"=0   
"DesktopHeapLogging"=1   
"DeviceNotSelectedTimeout"=15   
"DwmInputUsesIoCompletionPort"=1   
"EnableDwmInputProcessing"=7   
"GDIProcessHandleQuota"=10000   
"IconServiceLib"=IconCodecService.dll   
"LoadAppInit_DLLs"=0   
"NaturalInputHandler"=Ninput.dll   
"ShutdownWarningDialogTimeout"=4294967295   
"Spooler"=yes   
"ThreadUnresponsiveLogTimeout"=500   
"TransmissionRetryTimeout"=90   
"USERNestedWindowLimit"=50   
"USERPostMessageLimit"=10000   
"USERProcessHandleQuota"=10000   
"Win32kLastWriteTime"=1D7481249906C58   

[HKLM\Software\WOW6432Node\Microsoft\Command Processor]
"CompletionChar"=9   
"DefaultColor"=0   
"EnableExtensions"=1   
"PathCompletionChar"=9   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"   
"CK550_CK552"="C:\Program Files (x86)\Cooler Master\CK550_CK552\CK550_CK552 HID.exe"   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows]
""=mnmsrvc   
"AppInit_DLLs"=   
"DdeSendTimeout"=0   
"DesktopHeapLogging"=1   
"DeviceNotSelectedTimeout"=15   
"DwmInputUsesIoCompletionPort"=1   
"EnableDwmInputProcessing"=7   
"GDIProcessHandleQuota"=10000   
"IconServiceLib"=IconCodecService.dll   
"LoadAppInit_DLLs"=0   
"NaturalInputHandler"=Ninput.dll   
"ShutdownWarningDialogTimeout"=4294967295   
"Spooler"=yes   
"ThreadUnresponsiveLogTimeout"=500   
"TransmissionRetryTimeout"=90   
"USERNestedWindowLimit"=50   
"USERPostMessageLimit"=10000   
"USERProcessHandleQuota"=10000   

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED}   


---------- | Win.ini : 



---------- | System.ini : 



---------- | Tasks List

AMDAutoUpdate
CCleaner Update
CCleanerSkipUAC
GoogleUpdateTaskMachineCore
GoogleUpdateTaskMachineUA
MicrosoftEdgeUpdateTaskMachineCore
MicrosoftEdgeUpdateTaskMachineUA
NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
OneDrive Standalone Update Task-S-1-5-21-2423402792-3554856681-1955181387-500
Overwolf Updater Task

---------- | Startings up registry Â¦ Folder


---------- | Control - lsa - SecurityProviders - Session Manager - Terminal Server


[HKLM\System\CurrentControlSet\Control]
"BootDriverFlags"=28   
"CurrentUser"=USERNAME   
"EarlyStartServices"=RpcSs
Power
BrokerInfrastructure
SystemEventsBroker
DcomLaunch
RpcEpMapper
LSM
AppIdSvc   
"PreshutdownOrder"=DeviceInstall
UsoSvc
gpsvc
trustedinstaller   
"SvcHostSplitThresholdInKB"=3670016   
"WaitToKillServiceTimeout"=2000   
"SystemStartOptions"= NOEXECUTE=OPTIN   
"SystemBootDevice"=multi(0)disk(0)rdisk(1)partition(3)   
"FirmwareBootDevice"=multi(0)disk(0)rdisk(1)partition(1)   
"LastBootSucceeded"=1   
"LastBootShutdown"=0   
"DirtyShutdownCount"=40   

[HKLM\System\CurrentControlSet\Control\lsa]
"auditbasedirectories"=0   
"auditbaseobjects"=0   
"Bounds"=0x0030000000200000   
"crashonauditfail"=0   
"fullprivilegeauditing"=0x00   
"LimitBlankPasswordUse"=1   
"NoLmHash"=1   
"Security Packages"=""   [27/04/2021 15:54:52]
"Notification Packages"=scecli   
"Authentication Packages"=msv1_0   
"LsaPid"=888   
"SecureBoot"=1   
"ProductType"=3   
"disabledomaincreds"=0   
"everyoneincludesanonymous"=0   
"forceguest"=0   
"restrictanonymous"=0   
"restrictanonymoussam"=1   
"SamConnectedAccountsExist"=1   

[HKLM\System\CurrentControlSet\Control\SecurityProviders]
"SecurityProviders"=credssp.dll   

[HKLM\System\CurrentControlSet\Control\Session Manager]
"AutoChkTimeout"=8   
"BootExecute"=autocheck autochk *   
"BootShell"=%SystemRoot%\system32\bootim.exe   
"CriticalSectionTimeout"=2592000   
"ExcludeFromKnownDlls"=   
"GlobalFlag"=0   
"GlobalFlag2"=0   
"HeapDeCommitFreeBlockThreshold"=0   
"HeapDeCommitTotalFreeThreshold"=0   
"HeapSegmentCommit"=0   
"HeapSegmentReserve"=0   
"InitConsoleFlags"=0   
"NumberOfInitialSessions"=2   
"ObjectDirectories"=\Windows
\RPC Control   
"ProcessorControl"=2   
"ProtectionMode"=1   
"ResourceTimeoutCount"=150   
"RunLevelExecute"=WinInit
ServiceControlManager   
"RunLevelValidate"=ServiceControlManager   
"SETUPEXECUTE"=   
"AutoChkSkipSystemPartition"=0   

[HKLM\System\CurrentControlSet\Control\Terminal Server]
"AllowRemoteRPC"=0   
"DelayConMgrTimeout"=0   
"DeleteTempDirsOnExit"=1   
"fDenyTSConnections"=1   
"fSingleSessionPerUser"=1   
"NotificationTimeOut"=0   
"PerSessionTempDir"=0   
"ProductVersion"=5.1   
"RCDependentServices"=CertPropSvc
SessionEnv   
"SnapshotMonitors"=1   
"StartRCM"=0   
"TSUserEnabled"=0   
"InstanceID"=8d99d8ad-0fcf-4b69-97f0-3d2d043   
"GlassSessionId"=2   


---------- | .LNK with Arguments


---------- | AppCertDlls


---------- | Dnsapi.dll

C:\Windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts
C:\Windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts

---------- | Policies | Registry

[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Control Panel\Desktop]
"ActiveWndTrackTimeout"=0   
"BlockSendInputResets"=0   
"CaretTimeout"=5000   
"CaretWidth"=1   
"ClickLockTime"=1200   
"CoolSwitchColumns"=7   
"CoolSwitchRows"=3   
"CursorBlinkRate"=530   
"DockMoving"=1   
"DragFromMaximize"=1   
"DragFullWindows"=1   
"DragHeight"=4   
"DragWidth"=4   
"FocusBorderHeight"=1   
"FocusBorderWidth"=1   
"FontSmoothing"=2   
"FontSmoothingGamma"=0   
"FontSmoothingOrientation"=1   
"FontSmoothingType"=2   
"ForegroundFlashCount"=7   
"ForegroundLockTimeout"=0   
"LeftOverlapChars"=3   
"MenuShowDelay"=400   
"MouseWheelRouting"=2   
"PaintDesktopVersion"=0   
"Pattern"=0   
"RightOverlapChars"=3   
"ScreenSaveActive"=1   
"SnapSizing"=1   
"TileWallpaper"=0   
"WallPaper"=C:\Users\alex-\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\797273.jpg   [27/04/2021 16:03:24]
"WallpaperOriginX"=0   
"WallpaperOriginY"=0   
"WallpaperStyle"=10   
"WheelScrollChars"=3   
"WheelScrollLines"=3   
"WindowArrangementActive"=1   
"Win8DpiScaling"=0   
"DpiScalingVer"=4096   
"UserPreferencesMask"=0x9012038012000000   
"MaxVirtualDesktopDimension"=3360   
"MaxMonitorDimension"=1920   
"TranscodedImageCount"=2   
"LastUpdated"=4294967295   
"TranscodedImageCache"=0x7AC30100CBCE05008A0A0000ED05000071C3A7166E3BD70143003A005C00550073006500720073005C0061006C00650078002D005C0041007000700044006100740061005C004C006F00630061006C005C004D006900630072006F0073006F00660074005C00570069006E0064006F00770073005C005400680065006D00650073005C0052006F0061006D00650064005400680065006D006500460069006C00650073005C004400650073006B0074006F0070004200610063006B00670072006F0075006E0064005C003700390037003200370033002E006A00700067000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000   
"PreviousPreferredUILanguages"=fr-FR   
"PreferredUILanguages"=fr-FR   
"WaitToKillAppTimeout"=2000   
"HungAppTimeout"=2000   

[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Microsoft\Windows\CurrentVersion\Explorer]
"ExplorerStartupTraceRecorded"=1   
"ShellState"=0x240000003428000000000000000000000000000001000000130000000000000062000000   
"UserSignedIn"=1   
"SIDUpdatedOnLibraries"=1   
"LocalKnownFoldersMigrated"=1   
"TelemetrySalt"=6   
"GlobalAssocChangedCounter"=52   
"FirstRunTelemetryComplete"=1   
"AppReadinessLogonComplete"=1   
"PostAppInstallTasksCompleted"=1   
"ExcludedFromStableAnaheimDownloadPromotionSL"=1   
"SlowContextMenuEntries"=0x16EC7DE90DA5BB49AE24CF682282E08D940400000114020000000000C000000000000046BA08000060B81DB4E464D2119906E49FADC173CA570900006024B221EA3A6910A2DC08002B30309DC10C0000602F47BDFA27CF11B8B4444553540000DE020000   
"Browse For Folder Width"=347   
"Browse For Folder Height"=346   
"Reason Setting"=255   

[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Start_SearchFiles"=2   
"ServerAdminUI"=0   
"Hidden"=2   
"ShowCompColor"=1   
"HideFileExt"=1   
"DontPrettyPath"=0   
"ShowInfoTip"=1   
"HideIcons"=0   
"MapNetDrvBtn"=0   
"WebView"=1   
"Filter"=0   
"ShowSuperHidden"=0   
"SeparateProcess"=0   
"AutoCheckSelect"=0   
"IconsOnly"=0   
"ShowTypeOverlay"=1   
"ShowStatusBar"=1   
"StoreAppsOnTaskbar"=1   
"ListviewAlphaSelect"=0   
"ListviewShadow"=0   
"TaskbarAnimations"=0   
"ShowCortanaButton"=0   
"StartMigratedBrowserPin"=1   
"StartMenuInit"=13   
"TaskbarStateLastRun"=0xF402AD6000000000   
"ReindexedProfile"=1   
"ShowTaskViewButton"=0   
"JointResize"=0   
"SnapAssist"=0   
"SnapFill"=0   
"Start_TrackProgs"=0   
"TaskbarSizeMove"=0   

[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery]
"MRUListEx"=0x0400000003000000020000000100000000000000FFFFFFFF   
"0"=0x730063007200650065006E000000   
"1"=0x630072006100730068000000   
"2"=0x630068006500610074000000   
"3"=0x63006800650061007400200065006E00670069006E0065000000   
"4"=0x4D0069006E00650063007200610066007400720075006E00740069006D0065006A00720065002D0078003600340031002E0038002E0030005F0032003500620069006E000000   

[HKLM64\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers]
"authenticodeenabled"=0   

[HKLM64\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5   
"ConsentPromptBehaviorUser"=3   
"DSCAutomationHostEnabled"=2   
"EnableCursorSuppression"=1   
"EnableFullTrustStartupTasks"=2   
"EnableInstallerDetection"=1   
"EnableLUA"=1   
"EnableSecureUIAPaths"=1   
"EnableUIADesktopToggle"=0   
"EnableUwpStartupTasks"=2   
"EnableVirtualization"=1   
"PromptOnSecureDesktop"=1   
"SupportFullTrustStartupTasks"=1   
"SupportUwpStartupTasks"=1   
"ValidateAdminCodeSignatures"=0   
"dontdisplaylastusername"=0   
"legalnoticecaption"=   
"legalnoticetext"=   
"scforceoption"=0   
"shutdownwithoutlogon"=1   
"undockwithoutlogon"=1   

[HKLM64\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"ForceActiveDesktopOn"=0   
"NoActiveDesktop"=1   
"NoActiveDesktopChanges"=1   
"NoRecentDocsHistory"=0   

[HKLM64\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop]
"NoAddingComponents"=1   
"NoComponents"=1   

[HKLM64\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
"{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1   
"{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1   
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1   
"{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1   
"{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1   
"{871C5380-42A0-1069-A2EA-08002B30309D}"=1   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   
"{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1   
"{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1   

[HKLM64\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu]
"{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   

[HKLM64\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=1   
"DefaultValue"=2   
"HKeyRoot"=2147483649   
"Id"=2   
"RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced   
"Text"=@shell32.dll,-30500   
"Type"=radio   
"ValueName"=Hidden   

[HKLM64\Software\Microsoft\Windows\CurrentVersion\Explorer]
"ActiveSetupDisabled"=0   
"ActiveSetupTaskOverride"=1   
"AsyncRunOnce"=1   
"AsyncUpdatePCSettings"=1   
"DisableAppInstallsOnFirstLogon"=1   
"DisableResolveStoreCategories"=1   
"DisableUpgradeCleanup"=1   
"EarlyAppResolverStart"=1   
"FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7}   
"FSIASleepTimeInMs"=60000   
"GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}   
"IconUnderline"=2   
"ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed}   
"LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff}   
"MachineOobeUpdates"=1   
"NoWaitOnRoamingPayloads"=1   
"TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd}   
"GlobalAssocChangedCounter"=1   

[HKLM64\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Start_TrackDocs"=1   
"TaskbarSizeMove"=0   

[HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations]
"Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s   

[HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\Safer\CodeIdentifiers]
"authenticodeenabled"=0   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5   
"ConsentPromptBehaviorUser"=3   
"DSCAutomationHostEnabled"=2   
"EnableCursorSuppression"=1   
"EnableFullTrustStartupTasks"=2   
"EnableInstallerDetection"=1   
"EnableLUA"=1   
"EnableSecureUIAPaths"=1   
"EnableUIADesktopToggle"=0   
"EnableUwpStartupTasks"=2   
"EnableVirtualization"=1   
"PromptOnSecureDesktop"=1   
"SupportFullTrustStartupTasks"=1   
"SupportUwpStartupTasks"=1   
"ValidateAdminCodeSignatures"=0   
"dontdisplaylastusername"=0   
"legalnoticecaption"=   
"legalnoticetext"=   
"scforceoption"=0   
"shutdownwithoutlogon"=1   
"undockwithoutlogon"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"ForceActiveDesktopOn"=0   
"NoActiveDesktop"=1   
"NoActiveDesktopChanges"=1   
"NoRecentDocsHistory"=0   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop]
"NoAddingComponents"=1   
"NoComponents"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
"{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1   
"{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1   
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1   
"{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1   
"{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1   
"{871C5380-42A0-1069-A2EA-08002B30309D}"=1   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   
"{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1   
"{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu]
"{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=1   
"DefaultValue"=2   
"HKeyRoot"=2147483649   
"Id"=2   
"RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced   
"Text"=@shell32.dll,-30500   
"Type"=radio   
"ValueName"=Hidden   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer]
"ActiveSetupDisabled"=0   
"ActiveSetupTaskOverride"=1   
"AsyncRunOnce"=1   
"AsyncUpdatePCSettings"=1   
"DisableAppInstallsOnFirstLogon"=1   
"DisableResolveStoreCategories"=1   
"DisableUpgradeCleanup"=1   
"EarlyAppResolverStart"=1   
"FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7}   
"FSIASleepTimeInMs"=60000   
"GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}   
"IconUnderline"=2   
"ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed}   
"LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff}   
"MachineOobeUpdates"=1   
"NoWaitOnRoamingPayloads"=1   
"TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd}   
"GlobalAssocChangedCounter"=6   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Start_TrackDocs"=1   
"TaskbarSizeMove"=0   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations]
"Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s   


---------- | Winlogon 

[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders   
"BuildNumber"=19042   
"FirstLogon"=0   
"ParseAutoexec"=1   
"PUUActive"=0x23E86B57010025005700710154CC1100E2DD1300E2DD1300D200000004004600559448F165382300C52A1600EB5F0D00CA390700EF860400000000000000000000000000F0991400ED7F00001005000090DDBBD42652D70154CC1100000000000100000054CC1100624A0000000000000000000000000000   
"DP"=0xD200E800540025005100000023E86B57000000000000000070DCFDB12552D70170DCFDB12552D701000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000F03F8051010061D1000040082B42401EAB56871A0100046C2322466C372253F900000029130644A91306603B00800189D426418BD56E3DD700803208C929720AC929135B00804000964446009644DA1600C0C5626308E56A7B08BBA6008004248206242482068FC6008022994805A29BCC05FF4D01801964230159642B11883B00C0C009460CC219460C   

[HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"AutoRestartShell"=1   
"Background"=0 0 0   
"CachedLogonsCount"=10   
"DebugServerCommand"=no   
"DisableBackButton"=1   
"EnableSIHostIntegration"=1   
"ForceUnlockLogon"=0   
"LegalNoticeCaption"=   
"LegalNoticeText"=   
"PasswordExpiryWarning"=5   
"PowerdownAfterShutdown"=0   
"PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16}   
"ReportBootOk"=1   
"Shell"=explorer.exe   
"ShellCritical"=0   
"ShellInfrastructure"=sihost.exe   
"SiHostCritical"=0   
"SiHostReadyTimeOut"=0   
"SiHostRestartCountLimit"=0   
"SiHostRestartTimeGap"=0   
"Userinit"=C:\Windows\system32\userinit.exe,   
"VMApplet"=SystemPropertiesPerformance.exe /pagefile   
"WinStationsDisabled"=0   
"scremoveoption"=0   
"DisableCAD"=1   
"LastLogOffEndTimePerfCounter"=37526974658   
"ShutdownFlags"=2147483687   
"DisableLockWorkstation"=0   
"EnableFirstLogonAnimation"=1   
"AutoLogonSID"=S-1-5-21-2423402792-3554856681-1955181387-1001   
"LastUsedUsername"=alex-   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon]
"DefaultDomainName"=   
"DefaultUserName"=   
"PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16}   
"Shell"=explorer.exe   
"ShellCritical"=0   
"SiHostCritical"=0   
"SiHostReadyTimeOut"=0   
"SiHostRestartCountLimit"=0   
"SiHostRestartTimeGap"=0   


---------- | Associations

[HKLM64\Software\Classes\.exe]
""=exefile   
"Content Type"=application/x-msdownload   

[HKLM64\Software\Classes\exefile\Shell\Open\Command]
""="%1" %*   
"IsolatedCommand"="%1" %*   

[HKLM64\Software\Classes\.com]
""=comfile   

[HKLM64\Software\Classes\comfile\Shell\Open\Command]
""="%1" %*   

[HKLM64\Software\Classes\.reg]
""=regfile   

[HKLM64\Software\Classes\regfile\Shell\Open\Command]
""=regedit.exe "%1"   

[HKLM64\Software\Classes\.scr]
""=scrfile   

[HKLM64\Software\Classes\scrfile\Shell\Open\Command]
""="%1" /S   

[HKLM64\Software\Classes\.bat]
""=batfile   

[HKLM64\Software\Classes\batfile\Shell\Open\Command]
""="%1" %*   

[HKLM64\Software\Classes\.cmd]
""=cmdfile   

[HKLM64\Software\Classes\cmdfile\Shell\Open\Command]
""="%1" %*   

[HKLM64\Software\Classes\.pif]
""=piffile   

[HKLM64\Software\Classes\piffile\Shell\Open\Command]
""="%1" %*   

[HKLM64\Software\Classes\.inf]
""=inffile   

[HKLM64\Software\Classes\inffile\Shell\Open\Command]
""=%SystemRoot%\system32\NOTEPAD.EXE %1   

[HKLM64\Software\Classes\.url]
""=InternetShortcut   

[HKLM64\Software\Classes\.lnk]
""=lnkfile   

[HKLM64\Software\Classes\.hta]
""=htafile   
"Content Type"=application/hta   
"PerceivedType"=text   

[HKLM64\Software\Classes\htafile\Shell\Open\Command]
""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %*   

[HKLM64\Software\Classes\InternetShortcut]
"EditFlags"=2   
"FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046   
"FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"IsShortcut"=   
"NeverShowExt"=   
"PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment   

[HKLM64\Software\Classes\Application.Manifest]
""=Application Manifest   
"BrowserFlags"=4096   
"EditFlags"=4259840   
"FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200   

[HKLM64\Software\Classes\Application.Reference]
""=Application Reference   
"EditFlags"=131072   
"FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201   
"IsShortcut"=   
"NeverShowExt"=   

[HKLM64\Software\Classes\Folder]
""=Folder   
"AppUserModelID"=Microsoft.Windows.Explorer   
"ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified   
"ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay   
"ContentViewModeLayoutPatternForBrowse"=delta   
"ContentViewModeLayoutPatternForSearch"=alpha   
"EditFlags"=0xD2030000   
"FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus   
"NoRecentDocs"=   
"ThumbnailCutoff"=0   
"TileInfo"=prop:System.Title;System.HomeGroupSharingStatus   

[HKLM\Software\WOW6432Node\Classes\.exe]
""=exefile   
"Content Type"=application/x-msdownload   

[HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command]
""="%1" %*   
"IsolatedCommand"="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.com]
""=comfile   

[HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.reg]
""=regfile   

[HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command]
""=regedit.exe "%1"   

[HKLM\Software\WOW6432Node\Classes\.scr]
""=scrfile   

[HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command]
""="%1" /S   

[HKLM\Software\WOW6432Node\Classes\.bat]
""=batfile   

[HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.cmd]
""=cmdfile   

[HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.pif]
""=piffile   

[HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.inf]
""=inffile   

[HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command]
""=%SystemRoot%\system32\NOTEPAD.EXE %1   

[HKLM\Software\WOW6432Node\Classes\.url]
""=InternetShortcut   

[HKLM\Software\WOW6432Node\Classes\.lnk]
""=lnkfile   

[HKLM\Software\WOW6432Node\Classes\.hta]
""=htafile   
"Content Type"=application/hta   
"PerceivedType"=text   

[HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command]
""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %*   

[HKLM\Software\WOW6432Node\Classes\InternetShortcut]
"EditFlags"=2   
"FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046   
"FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"IsShortcut"=   
"NeverShowExt"=   
"PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment   

[HKLM\Software\WOW6432Node\Classes\Application.Manifest]
""=Application Manifest   
"BrowserFlags"=4096   
"EditFlags"=4259840   
"FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200   

[HKLM\Software\WOW6432Node\Classes\Application.Reference]
""=Application Reference   
"EditFlags"=131072   
"FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201   
"IsShortcut"=   
"NeverShowExt"=   

[HKLM\Software\WOW6432Node\Classes\Folder]
""=Folder   
"AppUserModelID"=Microsoft.Windows.Explorer   
"ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified   
"ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay   
"ContentViewModeLayoutPatternForBrowse"=delta   
"ContentViewModeLayoutPatternForSearch"=alpha   
"EditFlags"=0xD2030000   
"FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus   
"NoRecentDocs"=   
"ThumbnailCutoff"=0   
"TileInfo"=prop:System.Title;System.HomeGroupSharingStatus   

[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command]
""="C:\Program Files\Mozilla Firefox\firefox.exe"   
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo]
"ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal

[HKLM64\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command]
""="C:\Program Files\Mozilla Firefox\firefox.exe"   
[HKLM64\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo]
"ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal

[HKLM64\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command]
""="C:\Program Files\Google\Chrome\Application\chrome.exe"   
[HKLM64\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo]
"ReinstallCommand"="C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser

[HKLM64\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command]
""=C:\Program Files\Internet Explorer\iexplore.exe   [07/12/2019 16:50:50]
[HKLM64\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo]
"ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall

[HKLM64\Software\Clients\StartMenuInternet\Microsoft Edge\Shell\open\Command]
""="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"   
[HKLM64\Software\Clients\StartMenuInternet\Microsoft Edge\InstallInfo]
"ReinstallCommand"="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --make-default-browser

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command]
""="C:\Program Files\Mozilla Firefox\firefox.exe"   
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo]
"ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command]
""="C:\Program Files\Google\Chrome\Application\chrome.exe"   
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo]
"ReinstallCommand"="C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command]
""=C:\Program Files\Internet Explorer\iexplore.exe   [07/12/2019 16:50:50]
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo]
"ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Microsoft Edge\Shell\open\Command]
""="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"   
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Microsoft Edge\InstallInfo]
"ReinstallCommand"="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --make-default-browser


---------- | AppcompatFlags

[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]
"C:\Users\alex-\AppData\Local\Temp\7zS5466.tmp\setup.exe"=1
"C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe"=33
"C:\Program Files (x86)\Realtek\NICDRV_8169\RTINSTALLER64.EXE"=1
"C:\Users\alex-\AppData\Local\Temp\7zSFD17.tmp\setup.exe"=1

[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\alex-\AppData\Local\Microsoft\OneDrive\19.043.0304.0013\FileSyncConfig.exe"=0x534143500100000000000000070000002800000060AE040085EF040001000000000000000000000A0021000050BB64EDDDACD5010000000100000000
"D:\466.11-desktop-win10-64bit-international-whql.exe"=0x534143500100000000000000070000002800000008432D284E532D280100000000000000000002060001000050BB64EDDDACD501000000000000000002000000280000000000000000000040000000000000000000000000000000009BF00300000000000100000001000000
"C:\Users\alex-\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"=0x5341435001000000000000000700000028000000803D3F0206513F0201000000000000000000000A0021000050BB64EDDDACD5010000000100000000
"C:\Users\alex-\AppData\Local\Microsoft\OneDrive\21.062.0328.0001\FileSyncConfig.exe"=0x534143500100000000000000070000002800000070890700E2DC070001000000000000000000000A0021000050BB64EDDDACD5010000000100000000
"D:\DriversCloud.com\DriversCloud.exe"=0x5341435001000000000000000700000028000000A8C79700574B980001000000000000000000000A0021000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000DD170000000000000100000001000000
"C:\Users\alex-\Downloads\DriversCloud_Win.exe"=0x534143500100000000000000070000002800000070A603008B03040001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000D0210000000000000100000001000000
"C:\Users\alex-\AppData\Local\Temp\Temp1_drivers_74512_mb_driver_612_realtekdch_6.0.9126.1.zip\mb_driver_612_realtekdch_6.0.9126.1.exe"=0x5341435001000000000000000700000028000000E8991A01DAF41A010100000000000000000001067102000050BB64EDDDACD501000000000000000002000000280000000000000000000040000000000000000000000000000000004F680000000000000100000001000000
"C:\Users\alex-\AppData\Local\Temp\Temp1_drivers_74580_Install_Win10_10048_04212021.zip\Install_Win10_10048_04212021.exe"=0x5341435001000000000000000700000028000000A87B4E0075D64E000100000000000000000001060001000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000E4D40000000000000100000001000000
"C:\Program Files\DriversCloud.com\DriversCloud.exe"=0x5341435001000000000000000700000028000000A8C79700574B980001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000040000000000000000000000000000000005D490000000000000100000001000000
"C:\Users\alex-\Desktop\DriversCloud_Install\drivers_74412_WacomTablet_6.3.42-2.exe"=0x53414350010000000000000007000000280000003846FB019744FC0101000000000000000000000A7122000050BB64EDDDACD5010000000000000000020000002800000000000000000000400000000000000000000000000000000056C20000000000000100000001000000
"C:\Users\alex-\AppData\Local\Discord\Update.exe"=0x534143500100000000000000070000002800000068121700F64A170001000000000000000000000A7522000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000078060000000000001100000011000000
"C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.157.443.0_x86__zpdnekdrzrea0\SpotifyStartupTask.exe"=0x5341435001000000000000000700000028000000481A02009623020001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000EA000000000000000100000001000000
"C:\Users\alex-\AppData\Local\Microsoft\OneDrive\OneDrive.exe"=0x5341435001000000000000000700000028000000780B1E00017B1E0001000000000000000000000A0021000050BB64EDDDACD5010000000100000000
"C:\Users\alex-\AppData\Local\Microsoft\OneDrive\21.062.0328.0001\OneDriveSetup.exe"=0x5341435001000000000000000700000028000000803D3F0206513F0203000000000000000000000A0021000050BB64EDDDACD5010000000100000000
"C:\Users\alex-\Desktop\BakkesModSetup.exe"=0x5341435001000000000000000700000028000000B55684000000000001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000977F0200000000000100000001000000
"C:\Program Files\BakkesMod\BakkesMod.exe"=0x53414350010000000000000007000000280000000038F5000000000001000000000000000000000A7322000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000F2E5F002000000001A0000001A000000
"C:\Users\alex-\AppData\Local\Programs\badpanda-react\Gif Your Game.exe"=0x5341435001000000000000000700000028000000C86F8907B8C5890701000000000000000000000A0021000050BB64EDDDACD5010000000000000000
"C:\Program Files\WhoCrashed\WhoCrashedEx.exe"=0x534143500100000000000000070000002800000090989900828E9A0001000000000000000000000A0021000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000F77C0901000000000F0000000F000000
"C:\Users\alex-\Downloads\466.11-desktop-win10-64bit-international-dch-whql.exe"=0x53414350010000000000000007000000280000003875F029EFB1F0290100000000000000000002060001000050BB64EDDDACD501000000000000000002000000280000000000000000000040000000000000000000000000000000007A8F0100000000000100000001000000
"D:\SteamLibrary\steamapps\common\H1Z1\H1Z1_BE.exe"=0x534143500100000000000000070000002800000008820F006B5D100001000000000000000000000A7120000050BB64EDDDACD5010000000000000000020000002800000000000000000000400000000000000000000000000000000037040000000000000100000001000000
"C:\Users\alex-\Desktop\Dossier\DDU v18.0.3.7\Display Driver Uninstaller.exe"=0x5341435001000000000000000700000028000000380F15005E8F150001000000000000000000000A7522000050BB64EDDDACD5010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000026260000000000000100000001000000
"C:\Program Files\WinRAR\WinRAR.exe"=0x53414350010000000000000007000000280000009830280055AE280001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000088E81B00000000001500000015000000
"C:\Users\alex-\Desktop\Dossier\DDU v18.0.3.9\Display Driver Uninstaller.exe"=0x5341435001000000000000000700000028000000C80C15006D33150001000000000000000000000A7522000050BB64EDDDACD501000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000007B440000000000000100000001000000
"C:\Users\alex-\Desktop\vcredist2013_x64.exe"=0x5341435001000000000000000700000028000000E8DF6D0019D96E0001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000003D150000000000000100000001000000
"C:\Users\alex-\Desktop\vcredist2012_x64.exe"=0x534143500100000000000000070000002800000030AA6D00C1356E000100000000000000000003060001000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000079130000000000000100000001000000
"C:\Users\alex-\Desktop\vcredist2010_x64.exe"=0x534143500100000000000000070000002800000058C59C003B209D000100000000000000000000067102000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000BE170000000000000100000001000000
"C:\Users\alex-\Desktop\vcredist2008_x64.exe"=0x534143500100000000000000070000002800000058774F00FB2850000100000000000000000000067102000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000603E0000000000000100000001000000
"C:\Users\alex-\Desktop\vcredist2005_x64.exe"=0x534143500100000000000000070000002800000098753000741B31000100000000000000000001057100000050BB64EDDDACD50100000000000000000200000028000000000000008001000000000000000000000000000000000000A8180000000000000100000001000000
"C:\Users\alex-\Desktop\RuntimePack_x86_x64.exe"=0x5341435001000000000000000700000028000000C862A2049F5F02000100000000000000000001060001000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000092910000000000000200000002000000
"C:\Users\alex-\Desktop\466.11-desktop-win10-64bit-international-dch-whql.exe"=0x53414350010000000000000007000000280000003875F029EFB1F0290100000000000000000002060001000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000F7CC0300000000000100000001000000
"C:\Users\alex-\AppData\Local\Programs\badpanda-react\Uninstall Gif Your Game.exe"=0x53414350010000000000000007000000280000009876060004D1060003000000000000000000000A0021000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000C3110000000000000200000002000000
"C:\Users\alex-\Desktop\AMD_StoreMI.exe"=0x5341435001000000000000000700000028000000585F8B04D2FA8B040100000000000000000003067100000050BB64EDDDACD5010000000000000000
"C:\Program Files\Tablet\Wacom\32\WacomDesktopCenter.exe"=0x5341435001000000000000000700000028000000302224009C5F240001000000000000000000000A7122000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000002EC30400000000000500000005000000
"C:\Program Files\VideoLAN\VLC\vlc.exe"=0x5341435001000000000000000700000028000000D8040F0033B90F000100000000000000000000060001000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000ADC5DA00000000003400000034000000
"C:\Users\alex-\Desktop\466.27-desktop-win10-64bit-international-dch-whql.exe"=0x5341435001000000000000000700000028000000E87FDA29B803DB290100000000000000000002060001000050BB64EDDDACD5010000000000000000020000002800000000000000000000400000000000000000000000000000000058DA0200000000000100000001000000
"C:\Users\alex-\AppData\Local\T2GP Launcher\app-1.0.1.1798\launcher.exe"=0x534143500100000000000000070000002800000080917D00B5DD7D0001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000A69D0700000000000100000001000000
"D:\Super Seducer 3\SuperSeducer3.exe"=0x534143500100000000000000070000002800000000EE09000000000001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000085D04700000000000100000001000000
"D:\Grand Theft Auto V\GTA5.exe"=0x5341435001000000000000000700000028000000888BC003D416C10301000000000000000000000A7320000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000006A180000000000000100000001000000
"D:\Grand Theft Auto V\GTAVLauncher.exe"=0x5341435001000000000000000700000028000000A024030066D6030001000000000000000000000A7322000050BB64EDDDACD50100000000000000000200000028000000000000000000000000020000000000000000000000000000BA100000000000000100000001000000
"D:\Rockstar Launcher\Launcher\LauncherPatcher.exe"=0x534143500100000000000000070000002800000098BD07007FD3070001000000000000000000000A7322000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000005EA40000000000000100000001000000
"D:\Launcher\Launcher.exe"=0x53414350010000000000000007000000280000008058DD0141DCDD0101000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000AD5B0000000000000200000002000000
"C:\Users\alex-\Desktop\Rockstar-Games-Launcher.exe"=0x534143500100000000000000070000002800000028BE2505A4D9250501000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000008000004000000000000000000000000000000000245D0000000000000100000001000000
"C:\Users\alex-\Documents\DS4Windows\DS4Windows.exe"=0x5341435001000000000000000700000028000000005830000000000001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000B0430000000000000200000002000000
"C:\Users\alex-\AppData\Local\T2GP Launcher\app-1.0.2.1881\launcher.exe"=0x534143500100000000000000070000002800000080A17E006F777F0001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000003DDD0400000000000200000002000000
"C:\Program Files\WindowsApps\Microsoft.GamingApp_2104.1001.13.0_x64__8wekyb3d8bbwe\XboxAppServices.exe"=0x534143500100000000000000070000002800000000926C000000000001000000000000000000000A7320000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000DBDD5702000000000600000006000000
"C:\Users\alex-\AppData\Local\MEGAsync\MEGAsync.exe"=0x5341435001000000000000000700000028000000B0986D0120866E0101000000000000000000000A7320000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000046040000000000000100000001000000
"C:\Users\alex-\Documents\MEGAsync Downloads\[Game3rb.com] Call of Duty - Black Ops [FitGirl Repack]\setup-multi6.exe"=0x5341435001000000000000000700000028000000ABF38500000000000100000000000000000001060001000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000100000000000000000000000000000D7B70000000000000100000001000000
"C:\Users\alex-\Desktop\Dossier\DS4Windows.exe"=0x5341435001000000000000000700000028000000005830000000000001000000000000000000000A0021000050BB64EDDDACD5010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000000000000000000000000000000000080CC3300000000000D0000000D000000
"C:\Program Files (x86)\Internet Download Manager\IDMan.exe"=0x534143500100000000000000070000002800000068C156006B89570001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000005E000000000000000100000001000000
"C:\Program Files (x86)\Internet Download Manager\Uninstall.exe"=0x5341435001000000000000000700000028000000688502005739030001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000883A0000000000000100000001000000
"C:\Users\alex-\Documents\DS4Windows\DS4Updater.exe"=0x534143500100000000000000070000002800000000C208000000000001000000000000000000000A7522000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000D7DE0000000000000100000001000000
"C:\Program Files\Easeware\DriverEasy\DriverEasy.exe"=0x5341435001000000000000000700000028000000B03F3A007A8D3A0001000000000000000000000A7522000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000004E000000000000000100000001000000
"C:\Program Files\Easeware\DriverEasy\unins000.exe"=0x5341435001000000000000000700000028000000B08F2B0043022C0001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000032170000000000000100000001000000
"D:\obs-studio\bin\64bit\obs64.exe"=0x5341435001000000000000000700000028000000C81C2A00A00F2B0001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000052FEDA00000000001B0000001B000000
"C:\Users\alex-\Desktop\Dossier\GoOsu\gosumemory.exe"=0x534143500100000000000000070000002800000052AC6E014B456F0101000000000000000000000A7320000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000004396C900000000000900000009000000
"C:\Program Files\Mozilla Firefox\firefox.exe"=0x5341435001000000000000000700000028000000F01909000256090001000000000000000000000A0021000050BB64EDDDACD5010000000100000000
"C:\Program Files\e2eSoft\iVCam\iVCam.exe"=0x534143500100000000000000070000002800000090DF4900201F4A0001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000036481A00000000000300000003000000
"C:\Program Files\Tablet\Wacom\Professional_CPL.exe"=0x53414350010000000000000007000000280000003082AD00B58BAD0001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000000A1B0000000000000200000002000000
"C:\Program Files\TruckersMP Launcher\Launcher.exe"=0x534143500100000000000000070000002800000000F603000000000001000000000000000000000A7322000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000006C888D00000000001400000014000000
"C:\Users\alex-\Desktop\Dossier\tout\CheatEngine72 (1).exe"=0x5341435001000000000000000700000028000000407B34002DAF340001000000000000000000000A0021000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000783A0000000000000200000002000000
"C:\Users\alex-\Desktop\CheatEngine72.exe"=0x5341435001000000000000000700000028000000407B34002DAF340001000000000000000000000A0021000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000B73A0000000000000100000001000000
"C:\Users\alex-\Desktop\CheatEngine71.exe"=0x5341435001000000000000000700000028000000282E5F01BA345F0101000000000000000000000A0021000050BB64EDDDACD501000000000000000005000000100000000000000000000000000000000000000002000000500000000000000000000000000000000000000000000000000000005E1A0000000000000400000001000000000000000000004000000000000000000000000000000000FB0D0000000000000100000000000000
"C:\Users\alex-\Desktop\Nouveau dossier\innoextract.exe"=0x534143500100000000000000070000002800000000981200B87A130001000000000000000000000A6120000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000EB000000000000000200000002000000
"C:\Users\alex-\Desktop\innoextract.exe"=0x534143500100000000000000070000002800000000981200B87A130001000000000000000000000A6120000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000410A0000000000000100000001000000
"C:\Users\alex-\Desktop\app\Cheat Engine.exe"=0x5341435001000000000000000700000028000000A0170500A20C060001000000000000000000000A0021000050BB64EDDDACD501000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000008CC96C00000000000100000001000000
"C:\Program Files\Windows NT\Accessories\wordpad.exe"=0x534143500100000000000000070000002800000000B02E007D6A2F0001000000010000000000000A6322000050BB64EDDDACD5010000000000000000
"C:\Users\alex-\Desktop\lgs510_x64.exe"=0x53414350010000000000000007000000280000009065F500E33FF60001000000000000000000000A0021000050BB64EDDDACD5010000000000000000
"C:\Users\alex-\Desktop\adwcleaner_8.2.exe"=0x5341435001000000000000000700000028000000A83A8200F705830001000000000000000000000A0021000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000F62D0000000000000200000002000000
"C:\Users\alex-\Desktop\RogueKiller_setup.exe"=0x5341435001000000000000000700000028000000D0CE69025B956A0201000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000CC5B0000000000000100000001000000
"C:\Users\alex-\Desktop\ccsetup579.exe"=0x53414350010000000000000007000000280000003850DF01A9B5DF0101000000000000000000000A0021000050BB64EDDDACD5010000000000000000
"C:\Program Files\RogueKiller\unins000.exe"=0x5341435001000000000000000700000028000000502F0C0071A80C0001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000673D0000000000000100000001000000
"C:\Users\alex-\Downloads\obs-ios-camera-source-v2.8.0-Windows-Installer.exe"=0x534143500100000000000000070000002800000002F07B000000000001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000A7830000000000000200000002000000
"C:\Program Files\e2eSoft\iVCam\unins000.exe"=0x5341435001000000000000000700000028000000C99B15000000000001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000066160000000000000100000001000000
"C:\Program Files\Google\Chrome\Application\chrome.exe"=0x53414350010000000000000007000000280000007090240003C9240001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000006FF64000000000001100000011000000
"D:\obs-studio\unins000.exe"=0x53414350010000000000000007000000280000003D5C2E000000000001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000F7180000000000000100000001000000
"C:\Program Files\obs-studio\bin\64bit\obs64.exe"=0x5341435001000000000000000700000028000000C81C2A00A00F2B0001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000C57DB300000000000B0000000B000000
"C:\Program Files\obs-studio\uninstall.exe"=0x5341435001000000000000000700000028000000EB3F02003EFF810401000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000481B0000000000000100000001000000
"C:\Program Files\obs-studio\unins000.exe"=0x53414350010000000000000007000000280000003D5C2E000000000001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000710F0000000000000100000001000000
"C:\Users\alex-\Desktop\OBS-Studio-26.1.1-Full-Installer-x64.exe"=0x534143500100000000000000070000002800000038AF81043EFF810401000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000400000000000000000000000000000000036400000000000000100000001000000
"C:\Users\alex-\Desktop\CopyTransDriversInstaller.exe"=0x53414350010000000000000007000000280000000855BB00215CBB0001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000EFB20100000000000100000001000000
"C:\Users\alex-\Desktop\Dossier\OCCT.exe"=0x5341435001000000000000000700000028000000F07C20011595200101000000000000000000000A7322000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000C3D10100000000000100000001000000
"D:\[Game3rb.com] Call of Duty - Black Ops [FitGirl Repack]\setup-multi6.exe"=0x5341435001000000000000000700000028000000ABF38500000000000100000000000000000001060001000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000100200000000000000000000000000FC7A0000000000000100000001000000
"C:\Users\alex-\Desktop\Dossier\DS4Updater.exe"=0x534143500100000000000000070000002800000000C208000000000001000000000000000000000A7522000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000AA8D0000000000000100000001000000
"C:\Users\alex-\Desktop\setup_1.3.8.exe"=0x5341435001000000000000000700000028000000ED70AF010000000001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000BA803100000000000100000001000000
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe"=0x534143500100000000000000070000002800000048E802006BD103000100000000000000000001067322000050BB64EDDDACD5010000000000000000
"C:\Program Files (x86)\TrucksBook Client\TB Client.exe"=0x5341435001000000000000000700000028000000004E15000000000001000000000000000000000A7122000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000200000000000000000000000000D91F6A00000000000C0000000C000000
"C:\Users\alex-\Desktop\Dossier\PhotoShop CS6\PhotoshopCS6Portable.exe"=0x5341435001000000000000000700000028000000C6B50100000000000100000000000000000001060021000050BB64EDDDACD5010000000000000000020000002800000000000000000000401010000000000000000000000000000025BF0100000000000200000002000000
"C:\Program Files (x86)\Epic Games\Launcher\Portal\SelfUpdateStaging\Install\Portal\Extras\Redist\LauncherPrereqSetup_x64.exe"=0x53414350010000000000000007000000280000001833B1000C5DB1000100000000000000000003060001000050BB64EDDDACD50100000000000000000200000028000000000000008000004000000000000000000000000000000000DB1A0000000000000100000001000000
"C:\Program Files (x86)\Minecraft Launcher\MinecraftLauncher.exe"=0x5341435001000000000000000700000028000000580534001C03350001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000008000000000000000000000000000000000000000B4B63A00000000000B0000000B000000
"C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe"=0x5341435001000000000000000700000028000000E00BF8016B73F80101000000000000000000000A0021000050BB64EDDDACD5010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000059060000000000000100000001000000
"SIGN.MEDIA=5A8D7432 setup.exe"=0x534143500100000000000000070000002800000004F56900000000000100000000000000000001060001000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000FFB30300000000000100000001000000
"D:\Games\Biker Garage Mechanic Simulator Customization\BikerGarage.exe"=0x534143500100000000000000070000002800000000EE09000000000001000000000000000000000A0021000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000200000000200000028000000000000002000006000000000000000000000000000000000D6E20500000000000100000001000000
"D:\Barn Finders\BarnFinders.exe"=0x5341435001000000000000000700000028000000007203008835030001000000000000000000000A7320000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000C3151200000000000200000002000000
"C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe"=0x5341435001000000000000000700000028000000E0832A006AFD2A0001000000000000000000000A7122000050BB64EDDDACD50100000000000000000200000028000000000000008000000000000000000000000000000000000000AF020000000000000700000007000000
"C:\Program Files (x86)\Common Files\Overwolf\0.170.0.13\OverwolfHelper.exe"=0x534143500100000000000000070000002800000058E9010072FA010001000000000000000000000A7122000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000C56CBC01000000000400000004000000
"C:\Program Files (x86)\Common Files\Overwolf\0.170.0.13\OverwolfHelper64.exe"=0x5341435001000000000000000700000028000000582D02002F62020001000000000000000000000A7322000050BB64EDDDACD501000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000009B6BBC01000000000400000004000000
"C:\Program Files (x86)\Steam\steam.exe"=0x5341435001000000000000000700000028000000E85E3E0096453F0001000000000000000000000A0021000050BB64EDDDACD5010000000100000000
"C:\Program Files (x86)\Common Files\Steam\steamservice.exe"=0x5341435001000000000000000700000028000000E8502A0029C92A0001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000040000000000000000000000000000000008E0C0100000000000100000001000000
"D:\osu!\osu!.exe"=0x534143500100000000000000070000002800000000454300FA7843000100000000000000000003060001000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000082733300000000000400000004000000
"D:\Launcher\LauncherPatcher.exe"=0x534143500100000000000000070000002800000098BD0700B7D4070001000000000000000000000A7322000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000006F822400000000000100000001000000
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"=0x534143500100000000000000070000002800000098B5320051FD320001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000100000000000000000000000000000000082070000000000000300000003000000
"C:\Users\alex-\Downloads\world_of_warships_ww_install_eu_cbmlgql8h5cx.exe"=0x5341435001000000000000000700000028000000E0B263003C82640001000000000000000000000A7122000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000037DC0000000000000100000001000000
"C:\ProgramData\Wargaming.net\GameCenter\dlls\pluginhost.exe"=0x5341435001000000000000000700000028000000502718000672180001000000000000000000000A7122000050BB64EDDDACD5010000000000000000
"C:\ProgramData\Wargaming.net\GameCenter\wgc.exe"=0x534143500100000000000000070000002800000050B120003259210001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000001F000000000000000300000003000000
"C:\Users\alex-\Desktop\Install_Win10_10049_05212021.exe"=0x534143500100000000000000070000002800000048804E00BF314F000100000000000000000001060001000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000D8120100000000000100000001000000
"C:\Users\alex-\Desktop\QuickDiag.exe"=0x5341435001000000000000000700000028000000F05045006F9D450001000000000000000000000A0021000050BB64EDDDACD5010000000000000000


---------- | IFEO


---------- | Mountpoints2


---------- | Windows

[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows]
""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows   
"APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"Beep"=#USR:Control Panel\Sound   
"CoolSwitch"=USR:Control Panel\Desktop   
"DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW   
"DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"DoubleClickHeight"=#USR:Control Panel\Mouse   
"DoubleClickSpeed"=#USR:Control Panel\Mouse   
"DoubleClickWidth"=#USR:Control Panel\Mouse   
"DragFullWindows"=USR:Control Panel\Desktop   
"InitialKeyboardIndicators"=USR:Control Panel\Keyboard   
"LowPowerActive"=#USR:Control Panel\Desktop   
"LowPowerTimeOut"=#USR:Control Panel\Desktop   
"MouseSpeed"=#USR:Control Panel\Mouse   
"MouseThreshold1"=#USR:Control Panel\Mouse   
"MouseThreshold2"=#USR:Control Panel\Mouse   
"PowerOffActive"=#USR:Control Panel\Desktop   
"PowerOffTimeOut"=#USR:Control Panel\Desktop   
"ScreenSaveActive"=#USR:Control Panel\Desktop   
"ScreenSaveTimeOut"=#USR:Control Panel\Desktop   
"SnapToDefaultButton"=#USR:Control Panel\Mouse   
"Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows   
"SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"SwapMouseButtons"=#USR:Control Panel\Mouse   
"TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   

[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]
""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot   
"ScreenSaverActive"=USR:Control Panel\Desktop   
"ScreenSaverIsSecure"=USR:Control Panel\Desktop   
"SCRNSAVE.EXE"=USR:Control Panel\Desktop   
"Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows]
"APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"Beep"=#USR:Control Panel\Sound   
"CoolSwitch"=USR:Control Panel\Desktop   
"DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW   
"DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"DoubleClickHeight"=#USR:Control Panel\Mouse   
"DoubleClickSpeed"=#USR:Control Panel\Mouse   
"DoubleClickWidth"=#USR:Control Panel\Mouse   
"DragFullWindows"=USR:Control Panel\Desktop   
"InitialKeyboardIndicators"=USR:Control Panel\Keyboard   
"LowPowerActive"=#USR:Control Panel\Desktop   
"LowPowerTimeOut"=#USR:Control Panel\Desktop   
"MouseSpeed"=#USR:Control Panel\Mouse   
"MouseThreshold1"=#USR:Control Panel\Mouse   
"MouseThreshold2"=#USR:Control Panel\Mouse   
"PowerOffActive"=#USR:Control Panel\Desktop   
"PowerOffTimeOut"=#USR:Control Panel\Desktop   
"ScreenSaveActive"=#USR:Control Panel\Desktop   
"ScreenSaveTimeOut"=#USR:Control Panel\Desktop   
"SnapToDefaultButton"=#USR:Control Panel\Mouse   
"SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"SwapMouseButtons"=#USR:Control Panel\Mouse   
"TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]
""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot   
"ScreenSaverActive"=USR:Control Panel\Desktop   
"ScreenSaverIsSecure"=USR:Control Panel\Desktop   
"SCRNSAVE.EXE"=USR:Control Panel\Desktop   
"Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon   

[HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems]
"windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

---------- | Security center

[HKLM64\SOFTWARE\Microsoft\Security Center]
"cval"=1

[HKLM64\SOFTWARE\Microsoft\Security Center\svc]
"VistaSp1"=132502160618825698

[HKLM64\SOFTWARE\Microsoft\Windows Defender]
"ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender
"ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100
"ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000
"RemediationExe"=windowsdefender://
"ProductType"=2
"InstallLocation"=C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\
"ManagedDefenderProductType"=0
"ProductStatus"=0
"InstallTime"=0x576AF8076C3BD701
"OOBEInstallTime"=0x2DF42F846D3BD701
"DisableAntiSpyware"=0
"DisableAntiVirus"=0
"PUAProtection"=1
"BackupLocation"=C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.10-0
"LastEnabledTime"=0x1B9420FE9845D701
"IsServiceRunning"=1

[HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=1

[HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=1

[HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=1


---------- | Safeboot

[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CBDHSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MsQuic]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NgcCtnrSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NgcSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

---------- | Winsock (Whitelist)


---------- | Hosts


---------- | Ping

Envoi d'une requ?te 'ping' sur google.com [2a00:1450:4007:809::200e] avec 32 octets de donn?es?:
R?ponse de 2a00:1450:4007:809::200e?: temps=21 ms 
R?ponse de 2a00:1450:4007:809::200e?: temps=22 ms 
R?ponse de 2a00:1450:4007:809::200e?: temps=21 ms 
R?ponse de 2a00:1450:4007:809::200e?: temps=21 ms 

Statistiques Ping pour 2a00:1450:4007:809::200e:
    Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%),
Dur?e approximative des boucles en millisecondes :
    Minimum = 21ms, Maximum = 22ms, Moyenne = 21ms

---------- | @

[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Microsoft\Internet Explorer\Main]
"Anchor Underline"=yes
"Cache_Update_Frequency"=yes
"Disable Script Debugger"=yes
"DisableScriptDebuggerIE"=yes
"Display Inline Images"=yes
"Do404Search"=0x01000000
"Local Page"=%11%\blank.htm
"Save_Session_History_On_Exit"=no
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Show_FullURL"=no
"Show_StatusBar"=yes
"Show_ToolBar"=yes
"Show_URLinStatusBar"=yes
"Show_URLToolBar"=yes
"Use_DlgBox_Colors"=yes
"UseClearType"=no
"XMLHTTP"=1
"Enable Browser Extensions"=yes
"Play_Background_Sounds"=yes
"Play_Animations"=yes
"Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141
"ImageStoreRandomFolder"=z9a3wag
"OperationalData"=13
"CompatibilityFlags"=0
"SearchBandMigrationVersion"=1
"FullScreen"=no
"Start Page_TIMESTAMP"=0xBDB833E1B03ED701
"SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"=0x0100000033000000855B5A0B5C9481801DE1417A21BE7CE8BAD75FAB5737597B78E4B4D2145EB2190301CB5C536C490C21FFFE51EBEF64EA70E9AE0200000010000000564D3859777731253262465963253364
"IE10RunOnceLastShown"=1
"IE10RunOnceLastShown_TIMESTAMP"=0x8A20E9E1B03ED701
"IE10TourShown"=1
"IE10TourShownTime"=0x04C9122D6C3BD701

[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings]
"CertificateRevocation"=1
"DisableCachingOfSSLPages"=0
"IE5_UA_Backup_Flag"=5.0
"PrivacyAdvanced"=1
"SecureProtocols"=2688
"User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32)
"ZonesSecurityUpgrade"=0x04C9122D6C3BD701
"WarnonZoneCrossing"=0
"EnableNegotiate"=1
"ProxyEnable"=0
"MigrateProxy"=1
"LockDatabase"=132640055589678479
"ProxyOverride"=*.local

[HKLM64\Software\Microsoft\Internet Explorer\Main]
"ApplicationTileImmersiveActivation"=1
"AssociationActivationMode"=0
"AutoHide"=yes
"Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141
"Anchor_Visitation_Horizon"=0x01000000
"Cache_Percent_of_Disk"=0x0A000000
"Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Secondary_Page_URL"=
"Delete_Temp_Files_On_Exit"=yes
"Enable_Disk_Cache"=yes
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=C:\Windows\System32\blank.htm
"Placeholder_Height"=0x1A000000
"Placeholder_Width"=0x1A000000
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Security Risk Page"=about:SecurityRisk
"Use_Async_DNS"=yes
"x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

[HKLM64\Software\Microsoft\Internet Explorer\AboutURLs]
"blank"=res://mshtml.dll/blank.htm
"DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm
"Home"=270
"InPrivate"=res://ieframe.dll/inprivate.htm
"NavigationCanceled"=res://ieframe.dll/navcancl.htm
"NavigationFailure"=res://ieframe.dll/navcancl.htm
"NoAdd-ons"=res://ieframe.dll/noaddon.htm
"NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm
"PostNotCached"=res://ieframe.dll/repost.htm
"SecurityRisk"=res://ieframe.dll/securityatrisk.htm

[HKLM64\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

[HKLM64\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes]
"ftp"=ftp://
"home"=http://
"mosaic"=http://
"www"=http://

[HKLM64\Software\Microsoft\Windows\CurrentVersion\Internet settings]
"ActiveXCache"=C:\Windows\Downloaded Program Files
"CodeBaseSearchPath"=CODEBASE
"EnablePunycode"=1
"MinorVersion"=0
"WarnOnIntranet"=1

[HKLM64\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings]
"CallLegacyWCMPolicies"=0

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main]
"ApplicationTileImmersiveActivation"=1
"AssociationActivationMode"=0
"AutoHide"=yes
"Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141
"Anchor_Visitation_Horizon"=0x01000000
"Cache_Percent_of_Disk"=0x0A000000
"Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Secondary_Page_URL"=
"Delete_Temp_Files_On_Exit"=yes
"Enable_Disk_Cache"=yes
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=C:\Windows\SysWOW64\blank.htm
"Placeholder_Height"=0x1A000000
"Placeholder_Width"=0x1A000000
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Security Risk Page"=about:SecurityRisk
"Use_Async_DNS"=yes
"x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs]
"blank"=res://mshtml.dll/blank.htm
"DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm
"Home"=270
"InPrivate"=res://ieframe.dll/inprivate.htm
"NavigationCanceled"=res://ieframe.dll/navcancl.htm
"NavigationFailure"=res://ieframe.dll/navcancl.htm
"NoAdd-ons"=res://ieframe.dll/noaddon.htm
"NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm
"PostNotCached"=res://ieframe.dll/repost.htm
"SecurityRisk"=res://ieframe.dll/securityatrisk.htm

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes]
"ftp"=ftp://
"home"=http://
"mosaic"=http://
"www"=http://

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings]
"ActiveXCache"=C:\Windows\Downloaded Program Files
"CodeBaseSearchPath"=CODEBASE
"EnablePunycode"=1
"MinorVersion"=0
"WarnOnIntranet"=1

[HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\CurrentVersion\Internet Settings]
"CallLegacyWCMPolicies"=0


---------- | Proxy


---------- | reparsepoint


---------- | Detection of offsets


---------- | Notify 


---------- | Execution FileExts









---------- | SIOI | SEH | URLSH

[HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending)] - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} --  C:\Users\alex-\AppData\Local\MEGAsync\ShellExtX64.dll   [27/04/2021 00:34:52]
[HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced)] - {05B38830-F4E9-4329-978B-1DD28605D202} --  C:\Users\alex-\AppData\Local\MEGAsync\ShellExtX64.dll   [27/04/2021 00:34:52]
[HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing)] - {0596C850-7BDD-4C9D-AFDF-873BE6890637} --  C:\Users\alex-\AppData\Local\MEGAsync\ShellExtX64.dll   [27/04/2021 00:34:52]
[HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} --  C:\Windows\System32\EhStorShell.dll   [27/04/2021 18:41:53]

[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"=   


---------- | Toolbar

[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"Locked"=1   

[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}   

[HKLM64\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}   

[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}   


---------- | Extensions


---------- | SearchScopes

[HKLM64\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : 

---------- | Browser Helper Objects

[HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}] -> (IEToEdge BHO) : C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\BHO\ie_to_edge_bho.dll  [21/05/2021 16:12:30]
[HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> () :   
[HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> () :   
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}] -> (IEToEdge BHO) : C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\BHO\ie_to_edge_bho.dll  [21/05/2021 16:12:30]

---------- | Chrome

C:\Users\alex-\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\alex-\AppData\Local\Google\Chrome\User Data\Default\extensions\aimihpobjpagjiakhcpijibnaafdniol =  :     Calculate pp for a beatmap directly in your browser. -     ezpp! - https://clients2.google.com/service/update2/crx
C:\Users\alex-\AppData\Local\Google\Chrome\User Data\Default\extensions\ajopnjidmegmdimjlfnijceegpefgped =  :     BetterTTV enhances Twitch with new features emotes and more. -    short_name: BTTV - https://clients2.google.com/service/update2/crx
C:\Users\alex-\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\alex-\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf =  : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx
C:\Users\alex-\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo =  : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx
C:\Users\alex-\AppData\Local\Google\Chrome\User Data\Default\extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm =  :     __MSG_extShortDesc__ -    name: uBlock Origin -    short_name: uBlock0 - permissions:[contextMenusprivacystoragetabsunlimitedStoragewebNavigationwebRequestwebRequestBlocking\u003Call_urls>] - https://clients2.google.com/service/update2/crx
C:\Users\alex-\AppData\Local\Google\Chrome\User Data\Default\extensions\dhahdaemhibjdnilnolfkpalodmmalnp =  :     This extension autocompletes Twitch emotes using BTTV emote list (works only with BTTV installed!) -     Twitch Emote Autocomplete - https://clients2.google.com/service/update2/crx
C:\Users\alex-\AppData\Local\Google\Chrome\User Data\Default\extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb =  :     Use a variety of unique faces on Twitch! -    short_name: FFZ - https://clients2.google.com/service/update2/crx
C:\Users\alex-\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\alex-\AppData\Local\Google\Chrome\User Data\Default\extensions\hcfnhafpadfnabbnjnhdfdacolpmdbjo =  : Google & co - Google & co - permissions:[tabCapturetabsstorage\u003Call_urls>webRequestwebRequestBlocking] - https://clients2.google.com/service/update2/crx
C:\Users\alex-\AppData\Local\Google\Chrome\User Data\Default\extensions\kgeglempfkhalebjlogemlmeakondflc =  :     Swaps video ads for an ad-free stream between 1080p and 480p. -     Video Ad-Block for Twitch - https://clients2.google.com/service/update2/crx
C:\Users\alex-\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda =  : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx
C:\Users\alex-\AppData\Local\Google\Chrome\User Data\Default\extensions\ohahllgiabjaoigichmmfljhkcfikeof =  :     __MSG_description__ -    short_name: __MSG_short_name__ - permissions:[tabs\u003Call_urls>webRequestwebRequestBlockingwebNavigationstorageunlimitedStoragecontextMenus] - https://clients2.google.com/service/update2/crx
C:\Users\alex-\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia =  : Google & co - https://mail.google.com/mail - Google & co - [*://mail.google.com/mail] - https://clients2.google.com/service/update2/crx
C:\Users\alex-\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm =  :     Provider for discovery and services for mirroring of Chrome Media Router -     Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx


---------- | Opera


---------- | Firefox


[HKLM64\Software\MozillaPlugins\@java.com/DTPlugin,version=11.291.2] - (JavaÂ Deployment Toolkit) : C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll
[HKLM64\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.291.2] - (OracleÂ® Next Generation JavaÂ Plug-In) : C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll


C:\Users\alex-\AppData\Roaming\Mozilla\Firefox\Profiles\55yy3pds.default-release\Prefs.js

user_pref("browser.startup.homepage_override.buildID", "20210504152106");
user_pref("browser.startup.homepage_override.mstone", "88.0.1");
user_pref("extensions.activeThemeID", "default-theme@mozilla.org");
user_pref("extensions.blocklist.pingCountVersion", -1);
user_pref("extensions.databaseSchema", 33);
user_pref("extensions.getAddons.cache.lastUpdate", 1621973303);
user_pref("extensions.getAddons.databaseSchema", 6);
user_pref("extensions.incognito.migrated", true);
user_pref("extensions.lastAppBuildId", "20210504152106");
user_pref("extensions.lastAppVersion", "88.0.1");
user_pref("extensions.lastPlatformVersion", "88.0.1");
user_pref("extensions.pendingOperations", false);
user_pref("extensions.pictureinpicture.enable_picture_in_picture_overrides", true);
user_pref("extensions.systemAddonSet", "{\"schema\":1,\"addons\":{}}");
user_pref("extensions.webcompat.enable_shims", true);
user_pref("extensions.webcompat.perform_injections", true);
user_pref("extensions.webcompat.perform_ua_overrides", true);
user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.frankerfacez@frankerfacez.com", true);
user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.screenshots@mozilla.org", true);
user_pref("extensions.webextensions.uuids", "{\"doh-rollout@mozilla.org\":\"2b783743-33ab-482c-9ba6-130a2d222ad2\",\"formautofill@mozilla.org\":\"ed2e5782-b112-421f-a7d8-ed3e24c3f6fd\",\"pictureinpicture@mozilla.org\":\"f35a1265-ae42-4619-be19-9bb1f9cef35b\",\"screenshots@mozilla.org\":\"464cdf28-4448-4615-a275-918a95b391ef\",\"webcompat-reporter@mozilla.org\":\"05cd399b-5afc-4d1c-a59f-49375f4bd91e\",\"webcompat@mozilla.org\":\"10180be6-ef33-4bf9-bbd7-d4f675963a15\",\"default-theme@mozilla.org\":\"a8e5519d-139d-4d82-9810-d787a06d7819\",\"google@search.mozilla.org\":\"416b2292-cde1-4ed1-8101-fdec18cdc8c3\",\"wikipedia@search.mozilla.org\":\"08aad36d-1fd1-4661-ad3e-3d623df73e31\",\"bing@search.mozilla.org\":\"08023707-73f3-47c4-ad14-72242b6b9f52\",\"amazon@search.mozilla.org\":\"d10e430a-312e-4be9-8290-efda5a05c1a3\",\"ddg@search.mozilla.org\":\"12932503-9c14-4d6a-9f5d-30b2960e0559\",\"ebay@search.mozilla.org\":\"6b70dde9-02dc-4b4c-bcd6-3c0ed50aa11e\",\"qwant@search.mozilla.org\":\"abccf72e-4e0c-425d-91bc-483c274a3e88\",\"frankerfacez@frankerfacez.com\":\"686d24e3-9ddf-43c2-b1b5-7c463b7368ff\",\"firefox@betterttv.net\":\"6720c86e-24b7-49e5-bd0b-d87acdd53fa6\"}");


[Profile0] - Name=default-release -> Profiles/55yy3pds.default-release

---------- | DNS

[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters]
"DhcpNameServer"=192.168.1.1
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{2f1e1eff-cde8-4978-8d14-cb97c9619add}]
"DhcpNameServer"=192.168.1.1
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{2f1e1eff-cde8-4978-8d14-cb97c9619add}]
"DhcpNameServer"=192.168.1.1

---------- | Applications

[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Classes\Applications\firefox.exe] : "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1"
[HKLM64\SOFTWARE\Classes\Applications\firefox.exe] : "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1"
[HKLM64\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1
[HKLM64\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1
[HKLM64\SOFTWARE\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen
[HKLM64\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1"
[HKLM64\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L"
[HKLM64\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\firefox.exe] : "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1"

---------- | SvcHost (Whitelist)

[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost]
"DcomLaunch"=Power
LSM
BrokerInfrastructure
PlugPlay
DcomLaunch
SystemEventsBroker
DeviceInstall
"rdxgroup"=RetailDemo
"Camera"=FrameS
"LocalServiceNoNetworkFirewall"=BFE
mpssvc
"diagnostics"=DiagSvc
"AarSvcGroup"=AarSvc
"PrintWorkflow"=PrintWorkflowUserSvc
"wusvcs"=WaaSMedicSvc
"BcastDVRUserService"=BcastDVRUserService
"GraphicsPerfSvcGroup"=GraphicsPerfSvc
"autoTimeSvc"=autoTimeSvc
"ClipboardSvcGroup"=cbdhsvc
"BthAppGroup"=BluetoothUserService
"smbsvcs"=lanmanserver
"UdkSvcGroup"=UdkUserSvc
"DevicesFlow"=DeviceAssociationBrokerSvc
DevicesFlowUserSvc
ConsentUxUserSvc
DevicePickerUserSvc

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost]
"DcomLaunch"=DcomLaunch
DeviceInstall
"PrintWorkflow"=PrintWorkflowUserSvc
"AarSvcGroup"=AarSvc
"DevicesFlow"=DeviceAssociationBrokerSvc
"smbsvcs"=lanmanserver


---------- | SvcHost - Netsvcs (Whitelist)


---------- | Software

[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Adlice Software]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Adobe]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\AppDataLow]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\AvastAdSDK]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\BakkesMod]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\BeardedBrothersGames]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Cheat Engine]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Chromium]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Clients]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Discord]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\DownloadManager]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\e2eSoft]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Epic Games]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Gaijin]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Google]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Khronos]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\LaRuina]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Logitech]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Michael Herf]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Microsoft]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Mojang]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Mozilla]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Noble Empire]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\NVIDIA Corporation]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\osu!]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Overwolf]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Piriform]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Policies]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\QtProject]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Realtek]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\RegisteredApplications]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Resplendence Sp]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\SyncEngines]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Team 17 Digital ltd.]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\TrucksBook]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Twitch Desktop]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Unity]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Valve]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Wacom]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Wargaming.net]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\WinRAR]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\WinRAR SFX]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Wow6432Node]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\AppDataLow\Software\Microsoft]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Accessibility]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Active Setup]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\ActiveMovie]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\ActiveSync]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Assistance]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\AuthCookies]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Avalon.Graphics]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Clipboard]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\CommsAPHost]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\CTF]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\DeviceDirectory]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\DirectInput]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\DirectX]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\DirectX Diagnostic Tool]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Edge]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\EdgeUpdate]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\EventSystem]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\F12]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Fax]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Feeds]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\FTP]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\GameBar]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\GameBarApi]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\IdentityCRL]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\IME]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Input]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\InputMethod]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\InputPersonalization]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Internet Connection Wizard]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Internet Explorer]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Keyboard]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\LanguageOverlay]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\MediaPlayer]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Microsoft Management Console]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\MPEG2Demultiplexer]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\MSF]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Multimedia]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Narrator]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\NGC]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Notepad]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Office]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\OneDrive]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Osk]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\PeerNet]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Personalization]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Phone]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Pim]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Poom]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\RAS AutoDial]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\RAS Phonebook]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Remote Assistance]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\ScreenMagnifier]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Sensors]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Siuf]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Speech]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Speech Virtual]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Speech_OneCore]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Spelling]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\SQMClient]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\SystemCertificates]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\TabletTip]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\TPG]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Unified Store]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Unistore]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\UserData]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\UserDataService]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\WAB]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\WcmSvc]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\wfs]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Windows]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Windows Defender Security Center]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Windows Media]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Windows NT]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Windows Script]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Windows Script Host]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Windows Search]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Windows Security Health]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\Wisp]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\XboxLive]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Microsoft\Windows\AssignedAccessConfiguration]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Microsoft\Windows\CurrentVersion]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Microsoft\Windows\DWM]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Microsoft\Windows\Shell]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Microsoft\Windows\TabletPC]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Microsoft\Windows\Windows Error Reporting]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Microsoft\Windows\Winlogon]
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\Software\Microsoft\Windows NT\CurrentVersion]
[HKLM64\Software\AGEIA Technologies]
[HKLM64\Software\AMD]
[HKLM64\Software\Apple Inc.]
[HKLM64\Software\ATI Technologies]
[HKLM64\Software\Clients]
[HKLM64\Software\CVSM]
[HKLM64\Software\cybelsoft]
[HKLM64\Software\DefaultUserEnvironment]
[HKLM64\Software\Enmotus]
[HKLM64\Software\g3n-h@ckm@n]
[HKLM64\Software\Google]
[HKLM64\Software\INextUUID]
[HKLM64\Software\Intel]
[HKLM64\Software\JavaSoft]
[HKLM64\Software\JreMetrics]
[HKLM64\Software\Khronos]
[HKLM64\Software\Logitech]
[HKLM64\Software\Malwarebytes]
[HKLM64\Software\Microsoft]
[HKLM64\Software\Mozilla]
[HKLM64\Software\mozilla.org]
[HKLM64\Software\MozillaPlugins]
[HKLM64\Software\NVIDIA Corporation]
[HKLM64\Software\OBS Studio]
[HKLM64\Software\ODBC]
[HKLM64\Software\OEM]
[HKLM64\Software\OpenSSH]
[HKLM64\Software\Oracle]
[HKLM64\Software\Partner]
[HKLM64\Software\Piriform]
[HKLM64\Software\Policies]
[HKLM64\Software\Realtek]
[HKLM64\Software\RegisteredApplications]
[HKLM64\Software\Rockstar Games]
[HKLM64\Software\RTLSetup]
[HKLM64\Software\SMIUUID]
[HKLM64\Software\TruckersMP]
[HKLM64\Software\VideoLAN]
[HKLM64\Software\Windows]
[HKLM64\Software\WinRAR]
[HKLM64\Software\WOW6432Node]
[HKLM64\SOFTWARE\Microsoft\.NETFramework]
[HKLM64\SOFTWARE\Microsoft\AccountsControl]
[HKLM64\SOFTWARE\Microsoft\Active Setup]
[HKLM64\SOFTWARE\Microsoft\ActiveSync]
[HKLM64\SOFTWARE\Microsoft\ADs]
[HKLM64\SOFTWARE\Microsoft\Advanced INF Setup]
[HKLM64\SOFTWARE\Microsoft\ALG]
[HKLM64\SOFTWARE\Microsoft\AllUserInstallAgent]
[HKLM64\SOFTWARE\Microsoft\AMSI]
[HKLM64\SOFTWARE\Microsoft\Analog]
[HKLM64\SOFTWARE\Microsoft\AppServiceProtocols]
[HKLM64\SOFTWARE\Microsoft\ASP.NET]
[HKLM64\SOFTWARE\Microsoft\Assistance]
[HKLM64\SOFTWARE\Microsoft\AuthHost]
[HKLM64\SOFTWARE\Microsoft\BidInterface]
[HKLM64\SOFTWARE\Microsoft\BitLockerCsp]
[HKLM64\SOFTWARE\Microsoft\CallAndMessagingEnhancement]
[HKLM64\SOFTWARE\Microsoft\Cellular]
[HKLM64\SOFTWARE\Microsoft\Chkdsk]
[HKLM64\SOFTWARE\Microsoft\Clipboard]
[HKLM64\SOFTWARE\Microsoft\ClipboardServer]
[HKLM64\SOFTWARE\Microsoft\CloudManagedUpdate]
[HKLM64\SOFTWARE\Microsoft\COM3]
[HKLM64\SOFTWARE\Microsoft\Command Processor]
[HKLM64\SOFTWARE\Microsoft\CommsAPHost]
[HKLM64\SOFTWARE\Microsoft\CoreShell]
[HKLM64\SOFTWARE\Microsoft\Cryptography]
[HKLM64\SOFTWARE\Microsoft\CTF]
[HKLM64\SOFTWARE\Microsoft\DataAccess]
[HKLM64\SOFTWARE\Microsoft\DataCollection]
[HKLM64\SOFTWARE\Microsoft\DataSharing]
[HKLM64\SOFTWARE\Microsoft\DDDS]
[HKLM64\SOFTWARE\Microsoft\DevDiv]
[HKLM64\SOFTWARE\Microsoft\Device Association Framework]
[HKLM64\SOFTWARE\Microsoft\DeviceReg]
[HKLM64\SOFTWARE\Microsoft\Dfrg]
[HKLM64\SOFTWARE\Microsoft\DFS]
[HKLM64\SOFTWARE\Microsoft\DiagnosticLogCSP]
[HKLM64\SOFTWARE\Microsoft\DirectDraw]
[HKLM64\SOFTWARE\Microsoft\DirectInput]
[HKLM64\SOFTWARE\Microsoft\DirectMusic]
[HKLM64\SOFTWARE\Microsoft\DirectPlay8]
[HKLM64\SOFTWARE\Microsoft\DirectPlayNATHelp]
[HKLM64\SOFTWARE\Microsoft\DirectShow]
[HKLM64\SOFTWARE\Microsoft\DirectX]
[HKLM64\SOFTWARE\Microsoft\DownloadManager]
[HKLM64\SOFTWARE\Microsoft\Driver Signing]
[HKLM64\SOFTWARE\Microsoft\DRM]
[HKLM64\SOFTWARE\Microsoft\DusmSvc]
[HKLM64\SOFTWARE\Microsoft\DVDNavigator]
[HKLM64\SOFTWARE\Microsoft\DVR]
[HKLM64\SOFTWARE\Microsoft\DXP]
[HKLM64\SOFTWARE\Microsoft\EAPSIMMethods]
[HKLM64\SOFTWARE\Microsoft\Edge]
[HKLM64\SOFTWARE\Microsoft\Enrollment]
[HKLM64\SOFTWARE\Microsoft\Enrollments]
[HKLM64\SOFTWARE\Microsoft\EnterpriseCertificates]
[HKLM64\SOFTWARE\Microsoft\EnterpriseDataProtection]
[HKLM64\SOFTWARE\Microsoft\EnterpriseResourceManager]
[HKLM64\SOFTWARE\Microsoft\EventSounds]
[HKLM64\SOFTWARE\Microsoft\EventSystem]
[HKLM64\SOFTWARE\Microsoft\F12]
[HKLM64\SOFTWARE\Microsoft\FamilyStore]
[HKLM64\SOFTWARE\Microsoft\Fax]
[HKLM64\SOFTWARE\Microsoft\FaxServer]
[HKLM64\SOFTWARE\Microsoft\Feeds]
[HKLM64\SOFTWARE\Microsoft\FilePicker]
[HKLM64\SOFTWARE\Microsoft\FilterDS]
[HKLM64\SOFTWARE\Microsoft\FingerKB]
[HKLM64\SOFTWARE\Microsoft\FTH]
[HKLM64\SOFTWARE\Microsoft\Function Discovery]
[HKLM64\SOFTWARE\Microsoft\Fusion]
[HKLM64\SOFTWARE\Microsoft\FuzzyDS]
[HKLM64\SOFTWARE\Microsoft\GameOverlay]
[HKLM64\SOFTWARE\Microsoft\GamingServices]
[HKLM64\SOFTWARE\Microsoft\HTMLHelp]
[HKLM64\SOFTWARE\Microsoft\IdentityCRL]
[HKLM64\SOFTWARE\Microsoft\IdentityStore]
[HKLM64\SOFTWARE\Microsoft\IHDS]
[HKLM64\SOFTWARE\Microsoft\ImageTimeSettings]
[HKLM64\SOFTWARE\Microsoft\IMAPI]
[HKLM64\SOFTWARE\Microsoft\IME]
[HKLM64\SOFTWARE\Microsoft\IMEJP]
[HKLM64\SOFTWARE\Microsoft\IMEKR]
[HKLM64\SOFTWARE\Microsoft\IMETC]
[HKLM64\SOFTWARE\Microsoft\InProcLogger]
[HKLM64\SOFTWARE\Microsoft\Input]
[HKLM64\SOFTWARE\Microsoft\InputMethod]
[HKLM64\SOFTWARE\Microsoft\InputPersonalization]
[HKLM64\SOFTWARE\Microsoft\Internet Account Manager]
[HKLM64\SOFTWARE\Microsoft\Internet Domains]
[HKLM64\SOFTWARE\Microsoft\Internet Explorer]
[HKLM64\SOFTWARE\Microsoft\IsoBurn]
[HKLM64\SOFTWARE\Microsoft\KGL]
[HKLM64\SOFTWARE\Microsoft\LanguageOverlay]
[HKLM64\SOFTWARE\Microsoft\LexiconUpdate]
[HKLM64\SOFTWARE\Microsoft\Managed Desktop]
[HKLM64\SOFTWARE\Microsoft\MdmCommon]
[HKLM64\SOFTWARE\Microsoft\MdmDiagnostics]
[HKLM64\SOFTWARE\Microsoft\MediaEngine]
[HKLM64\SOFTWARE\Microsoft\MediaPlayer]
[HKLM64\SOFTWARE\Microsoft\MemoryDiagnostic]
[HKLM64\SOFTWARE\Microsoft\Messaging]
[HKLM64\SOFTWARE\Microsoft\MessengerService]
[HKLM64\SOFTWARE\Microsoft\Microsoft Camera Codec Pack]
[HKLM64\SOFTWARE\Microsoft\MiracastReceiver]
[HKLM64\SOFTWARE\Microsoft\MMC]
[HKLM64\SOFTWARE\Microsoft\Mobile]
[HKLM64\SOFTWARE\Microsoft\MpSigStub]
[HKLM64\SOFTWARE\Microsoft\MSBuild]
[HKLM64\SOFTWARE\Microsoft\MSDE]
[HKLM64\SOFTWARE\Microsoft\MSDRM]
[HKLM64\SOFTWARE\Microsoft\MSDTC]
[HKLM64\SOFTWARE\Microsoft\MSF]
[HKLM64\SOFTWARE\Microsoft\MSIME]
[HKLM64\SOFTWARE\Microsoft\MSLicensing]
[HKLM64\SOFTWARE\Microsoft\MSMQ]
[HKLM64\SOFTWARE\Microsoft\MSN Apps]
[HKLM64\SOFTWARE\Microsoft\MTF]
[HKLM64\SOFTWARE\Microsoft\MTFFuzzyFactors]
[HKLM64\SOFTWARE\Microsoft\MTFInputType]
[HKLM64\SOFTWARE\Microsoft\MTFKeyboardMappings]
[HKLM64\SOFTWARE\Microsoft\Multimedia]
[HKLM64\SOFTWARE\Microsoft\Multivariant]
[HKLM64\SOFTWARE\Microsoft\NET Framework Setup]
[HKLM64\SOFTWARE\Microsoft\NetSh]
[HKLM64\SOFTWARE\Microsoft\Network]
[HKLM64\SOFTWARE\Microsoft\Non-Driver Signing]
[HKLM64\SOFTWARE\Microsoft\Notepad]
[HKLM64\SOFTWARE\Microsoft\ODBC]
[HKLM64\SOFTWARE\Microsoft\OEM]
[HKLM64\SOFTWARE\Microsoft\Office]
[HKLM64\SOFTWARE\Microsoft\OfficeCSP]
[HKLM64\SOFTWARE\Microsoft\Ole]
[HKLM64\SOFTWARE\Microsoft\OnlineProviders]
[HKLM64\SOFTWARE\Microsoft\Outlook Express]
[HKLM64\SOFTWARE\Microsoft\Palm]
[HKLM64\SOFTWARE\Microsoft\Personalization]
[HKLM64\SOFTWARE\Microsoft\Phone]
[HKLM64\SOFTWARE\Microsoft\Photos]
[HKLM64\SOFTWARE\Microsoft\Pim]
[HKLM64\SOFTWARE\Microsoft\PLA]
[HKLM64\SOFTWARE\Microsoft\PlayToReceiver]
[HKLM64\SOFTWARE\Microsoft\PointOfService]
[HKLM64\SOFTWARE\Microsoft\Policies]
[HKLM64\SOFTWARE\Microsoft\PolicyManager]
[HKLM64\SOFTWARE\Microsoft\Poom]
[HKLM64\SOFTWARE\Microsoft\PowerShell]
[HKLM64\SOFTWARE\Microsoft\Print]
[HKLM64\SOFTWARE\Microsoft\Provisioning]
[HKLM64\SOFTWARE\Microsoft\PushRouter]
[HKLM64\SOFTWARE\Microsoft\RADAR]
[HKLM64\SOFTWARE\Microsoft\Ras]
[HKLM64\SOFTWARE\Microsoft\RAS AutoDial]
[HKLM64\SOFTWARE\Microsoft\RcsPresence]
[HKLM64\SOFTWARE\Microsoft\Reliability Analysis]
[HKLM64\SOFTWARE\Microsoft\Remediation]
[HKLM64\SOFTWARE\Microsoft\RemovalTools]
[HKLM64\SOFTWARE\Microsoft\RendezvousApps]
[HKLM64\SOFTWARE\Microsoft\Router]
[HKLM64\SOFTWARE\Microsoft\Rpc]
[HKLM64\SOFTWARE\Microsoft\SchedulingAgent]
[HKLM64\SOFTWARE\Microsoft\Security Center]
[HKLM64\SOFTWARE\Microsoft\SecurityManager]
[HKLM64\SOFTWARE\Microsoft\SEMgr]
[HKLM64\SOFTWARE\Microsoft\Sensors]
[HKLM64\SOFTWARE\Microsoft\Shared Tools]
[HKLM64\SOFTWARE\Microsoft\Shared Tools Location]
[HKLM64\SOFTWARE\Microsoft\Shell]
[HKLM64\SOFTWARE\Microsoft\SIH]
[HKLM64\SOFTWARE\Microsoft\Siuf]
[HKLM64\SOFTWARE\Microsoft\Software]
[HKLM64\SOFTWARE\Microsoft\Speech]
[HKLM64\SOFTWARE\Microsoft\Speech_OneCore]
[HKLM64\SOFTWARE\Microsoft\SQMClient]
[HKLM64\SOFTWARE\Microsoft\Sync Framework]
[HKLM64\SOFTWARE\Microsoft\Sysprep]
[HKLM64\SOFTWARE\Microsoft\SystemCertificates]
[HKLM64\SOFTWARE\Microsoft\SystemSettings]
[HKLM64\SOFTWARE\Microsoft\TableTextService]
[HKLM64\SOFTWARE\Microsoft\TabletTip]
[HKLM64\SOFTWARE\Microsoft\TaskFlowDataEngine]
[HKLM64\SOFTWARE\Microsoft\Tcpip]
[HKLM64\SOFTWARE\Microsoft\TelemetryClient]
[HKLM64\SOFTWARE\Microsoft\Terminal Server Client]
[HKLM64\SOFTWARE\Microsoft\TermServLicensing]
[HKLM64\SOFTWARE\Microsoft\TouchPrediction]
[HKLM64\SOFTWARE\Microsoft\TPG]
[HKLM64\SOFTWARE\Microsoft\Tpm]
[HKLM64\SOFTWARE\Microsoft\Tracing]
[HKLM64\SOFTWARE\Microsoft\Transaction Server]
[HKLM64\SOFTWARE\Microsoft\TV System Services]
[HKLM64\SOFTWARE\Microsoft\uDRM]
[HKLM64\SOFTWARE\Microsoft\Unified Store]
[HKLM64\SOFTWARE\Microsoft\UNP]
[HKLM64\SOFTWARE\Microsoft\UPnP Control Point]
[HKLM64\SOFTWARE\Microsoft\UPnP Device Host]
[HKLM64\SOFTWARE\Microsoft\UserData]
[HKLM64\SOFTWARE\Microsoft\UserManager]
[HKLM64\SOFTWARE\Microsoft\Virtual Machine]
[HKLM64\SOFTWARE\Microsoft\VisualStudio]
[HKLM64\SOFTWARE\Microsoft\WAB]
[HKLM64\SOFTWARE\Microsoft\Wallet]
[HKLM64\SOFTWARE\Microsoft\Wbem]
[HKLM64\SOFTWARE\Microsoft\WcmSvc]
[HKLM64\SOFTWARE\Microsoft\WIMMount]
[HKLM64\SOFTWARE\Microsoft\Windows]
[HKLM64\SOFTWARE\Microsoft\Windows Defender]
[HKLM64\SOFTWARE\Microsoft\Windows Defender Security Center]
[HKLM64\SOFTWARE\Microsoft\Windows Desktop Search]
[HKLM64\SOFTWARE\Microsoft\Windows Mail]
[HKLM64\SOFTWARE\Microsoft\Windows Media Device Manager]
[HKLM64\SOFTWARE\Microsoft\Windows Media Foundation]
[HKLM64\SOFTWARE\Microsoft\Windows Media Player NSS]
[HKLM64\SOFTWARE\Microsoft\Windows Messaging Subsystem]
[HKLM64\SOFTWARE\Microsoft\Windows NT]
[HKLM64\SOFTWARE\Microsoft\Windows Photo Viewer]
[HKLM64\SOFTWARE\Microsoft\Windows Portable Devices]
[HKLM64\SOFTWARE\Microsoft\Windows Script Host]
[HKLM64\SOFTWARE\Microsoft\Windows Search]
[HKLM64\SOFTWARE\Microsoft\Windows Security Health]
[HKLM64\SOFTWARE\Microsoft\WindowsRuntime]
[HKLM64\SOFTWARE\Microsoft\WindowsSelfHost]
[HKLM64\SOFTWARE\Microsoft\WindowsUpdate]
[HKLM64\SOFTWARE\Microsoft\Wisp]
[HKLM64\SOFTWARE\Microsoft\WlanSvc]
[HKLM64\SOFTWARE\Microsoft\Wlpasvc]
[HKLM64\SOFTWARE\Microsoft\Wow64]
[HKLM64\SOFTWARE\Microsoft\WSDAPI]
[HKLM64\SOFTWARE\Microsoft\WwanSvc]
[HKLM64\SOFTWARE\Microsoft\XAML]
[HKLM64\SOFTWARE\Microsoft\XboxLive]
[HKLM64\SOFTWARE\Microsoft\XGameSaveStorage]
[HKLM64\Software\Microsoft\Windows\Autopilot]
[HKLM64\Software\Microsoft\Windows\ClickNote]
[HKLM64\Software\Microsoft\Windows\CurrentVersion]
[HKLM64\Software\Microsoft\Windows\Dwm]
[HKLM64\Software\Microsoft\Windows\DynamicManagement]
[HKLM64\Software\Microsoft\Windows\EnterpriseResourceManager]
[HKLM64\Software\Microsoft\Windows\Heat]
[HKLM64\Software\Microsoft\Windows\HTML Help]
[HKLM64\Software\Microsoft\Windows\ITStorage]
[HKLM64\Software\Microsoft\Windows\NcsiUwpApp]
[HKLM64\Software\Microsoft\Windows\Notepad]
[HKLM64\Software\Microsoft\Windows\ScheduledDiagnostics]
[HKLM64\Software\Microsoft\Windows\ScriptedDiagnosticsProvider]
[HKLM64\Software\Microsoft\Windows\Shell]
[HKLM64\Software\Microsoft\Windows\Tablet PC]
[HKLM64\Software\Microsoft\Windows\TabletPC]
[HKLM64\Software\Microsoft\Windows\UpdateApi]
[HKLM64\Software\Microsoft\Windows\Windows Error Reporting]
[HKLM64\Software\Microsoft\Windows\Windows Search]
[HKLM64\Software\Microsoft\Windows NT\CurrentVersion]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AarSvc]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\autotimesvc]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BcastDVRUserService]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\btagservice]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BthAppGroup]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\Camera]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ClipboardSvcGroup]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\DevicesFlow]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\diagnostics]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GraphicsPerfSvcGroup]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\rdxgroup]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\RmSvc]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UdkSvcGroup]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx]
[HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs]
[HKLM\Software\WOW6432Node\Adobe]
[HKLM\Software\WOW6432Node\AGEIA Technologies]
[HKLM\Software\WOW6432Node\AMD]
[HKLM\Software\WOW6432Node\Apple Inc.]
[HKLM\Software\WOW6432Node\ATI Technologies]
[HKLM\Software\WOW6432Node\DownloadCenter]
[HKLM\Software\WOW6432Node\EasyAntiCheat]
[HKLM\Software\WOW6432Node\Epic Games]
[HKLM\Software\WOW6432Node\EpicGames]
[HKLM\Software\WOW6432Node\Google]
[HKLM\Software\WOW6432Node\Intel]
[HKLM\Software\WOW6432Node\Internet Download Manager]
[HKLM\Software\WOW6432Node\JavaSoft]
[HKLM\Software\WOW6432Node\JreMetrics]
[HKLM\Software\WOW6432Node\Khronos]
[HKLM\Software\WOW6432Node\Malwarebytes]
[HKLM\Software\WOW6432Node\Microsoft]
[HKLM\Software\WOW6432Node\Mozilla]
[HKLM\Software\WOW6432Node\NVIDIA Corporation]
[HKLM\Software\WOW6432Node\OBS Studio]
[HKLM\Software\WOW6432Node\ODBC]
[HKLM\Software\WOW6432Node\Overwolf]
[HKLM\Software\WOW6432Node\Piriform]
[HKLM\Software\WOW6432Node\Realtek]
[HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\WOW6432Node\Rockstar Games]
[HKLM\Software\WOW6432Node\Valve]
[HKLM\Software\WOW6432Node\WOW6432Node]
[HKLM\Software\WOW6432Node\Clients]
[HKLM\Software\WOW6432Node\Policies]
[HKLM\Software\WOW6432Node\RegisteredApplications]
[HKLM\Software\WOW6432Node\Microsoft\.NETFramework]
[HKLM\Software\WOW6432Node\Microsoft\Active Setup]
[HKLM\Software\WOW6432Node\Microsoft\ADs]
[HKLM\Software\WOW6432Node\Microsoft\Advanced INF Setup]
[HKLM\Software\WOW6432Node\Microsoft\AMSI]
[HKLM\Software\WOW6432Node\Microsoft\AppServiceProtocols]
[HKLM\Software\WOW6432Node\Microsoft\ASP.NET]
[HKLM\Software\WOW6432Node\Microsoft\Assistance]
[HKLM\Software\WOW6432Node\Microsoft\AudioCompressionManager]
[HKLM\Software\WOW6432Node\Microsoft\AuthHost]
[HKLM\Software\WOW6432Node\Microsoft\BidInterface]
[HKLM\Software\WOW6432Node\Microsoft\BitLockerCsp]
[HKLM\Software\WOW6432Node\Microsoft\ClipboardServer]
[HKLM\Software\WOW6432Node\Microsoft\Command Processor]
[HKLM\Software\WOW6432Node\Microsoft\Cryptography]
[HKLM\Software\WOW6432Node\Microsoft\CTF]
[HKLM\Software\WOW6432Node\Microsoft\DataAccess]
[HKLM\Software\WOW6432Node\Microsoft\DevDiv]
[HKLM\Software\WOW6432Node\Microsoft\Device Association Framework]
[HKLM\Software\WOW6432Node\Microsoft\Direct3D]
[HKLM\Software\WOW6432Node\Microsoft\DirectDraw]
[HKLM\Software\WOW6432Node\Microsoft\DirectInput]
[HKLM\Software\WOW6432Node\Microsoft\DirectMusic]
[HKLM\Software\WOW6432Node\Microsoft\DirectPlay]
[HKLM\Software\WOW6432Node\Microsoft\DirectPlay8]
[HKLM\Software\WOW6432Node\Microsoft\DirectPlayNATHelp]
[HKLM\Software\WOW6432Node\Microsoft\DirectShow]
[HKLM\Software\WOW6432Node\Microsoft\DirectX]
[HKLM\Software\WOW6432Node\Microsoft\DownloadManager]
[HKLM\Software\WOW6432Node\Microsoft\DRM]
[HKLM\Software\WOW6432Node\Microsoft\DVDNavigator]
[HKLM\Software\WOW6432Node\Microsoft\DVR]
[HKLM\Software\WOW6432Node\Microsoft\EAPSIMMethods]
[HKLM\Software\WOW6432Node\Microsoft\Edge]
[HKLM\Software\WOW6432Node\Microsoft\EdgeUpdate]
[HKLM\Software\WOW6432Node\Microsoft\ENROLLMENTS]
[HKLM\Software\WOW6432Node\Microsoft\EnterpriseResourceManager]
[HKLM\Software\WOW6432Node\Microsoft\Exchange]
[HKLM\Software\WOW6432Node\Microsoft\F12]
[HKLM\Software\WOW6432Node\Microsoft\Fax]
[HKLM\Software\WOW6432Node\Microsoft\Feeds]
[HKLM\Software\WOW6432Node\Microsoft\FilePicker]
[HKLM\Software\WOW6432Node\Microsoft\Function Discovery]
[HKLM\Software\WOW6432Node\Microsoft\Fusion]
[HKLM\Software\WOW6432Node\Microsoft\GameOverlay]
[HKLM\Software\WOW6432Node\Microsoft\HTMLHelp]
[HKLM\Software\WOW6432Node\Microsoft\IdentityCRL]
[HKLM\Software\WOW6432Node\Microsoft\IdentityStore]
[HKLM\Software\WOW6432Node\Microsoft\IMAPI]
[HKLM\Software\WOW6432Node\Microsoft\IME]
[HKLM\Software\WOW6432Node\Microsoft\IMEJP]
[HKLM\Software\WOW6432Node\Microsoft\IMEKR]
[HKLM\Software\WOW6432Node\Microsoft\IMETC]
[HKLM\Software\WOW6432Node\Microsoft\InputMethod]
[HKLM\Software\WOW6432Node\Microsoft\InputPersonalization]
[HKLM\Software\WOW6432Node\Microsoft\Internet Account Manager]
[HKLM\Software\WOW6432Node\Microsoft\Internet Domains]
[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer]
[HKLM\Software\WOW6432Node\Microsoft\IsoBurn]
[HKLM\Software\WOW6432Node\Microsoft\Jet]
[HKLM\Software\WOW6432Node\Microsoft\MediaEngine]
[HKLM\Software\WOW6432Node\Microsoft\MediaPlayer]
[HKLM\Software\WOW6432Node\Microsoft\MessengerService]
[HKLM\Software\WOW6432Node\Microsoft\Microsoft Camera Codec Pack]
[HKLM\Software\WOW6432Node\Microsoft\MiracastReceiver]
[HKLM\Software\WOW6432Node\Microsoft\MMC]
[HKLM\Software\WOW6432Node\Microsoft\MSBuild]
[HKLM\Software\WOW6432Node\Microsoft\MSDE]
[HKLM\Software\WOW6432Node\Microsoft\MSDRM]
[HKLM\Software\WOW6432Node\Microsoft\MSDTC]
[HKLM\Software\WOW6432Node\Microsoft\MSF]
[HKLM\Software\WOW6432Node\Microsoft\MSLicensing]
[HKLM\Software\WOW6432Node\Microsoft\MSN Apps]
[HKLM\Software\WOW6432Node\Microsoft\Multimedia]
[HKLM\Software\WOW6432Node\Microsoft\NET Framework Setup]
[HKLM\Software\WOW6432Node\Microsoft\NetSh]
[HKLM\Software\WOW6432Node\Microsoft\Network]
[HKLM\Software\WOW6432Node\Microsoft\Notepad]
[HKLM\Software\WOW6432Node\Microsoft\ODBC]
[HKLM\Software\WOW6432Node\Microsoft\OEM]
[HKLM\Software\WOW6432Node\Microsoft\Office Server]
[HKLM\Software\WOW6432Node\Microsoft\OnlineProviders]
[HKLM\Software\WOW6432Node\Microsoft\Outlook Express]
[HKLM\Software\WOW6432Node\Microsoft\Palm]
[HKLM\Software\WOW6432Node\Microsoft\Personalization]
[HKLM\Software\WOW6432Node\Microsoft\Photos]
[HKLM\Software\WOW6432Node\Microsoft\PLA]
[HKLM\Software\WOW6432Node\Microsoft\Policies]
[HKLM\Software\WOW6432Node\Microsoft\PowerShell]
[HKLM\Software\WOW6432Node\Microsoft\Print]
[HKLM\Software\WOW6432Node\Microsoft\Provisioning]
[HKLM\Software\WOW6432Node\Microsoft\RADAR]
[HKLM\Software\WOW6432Node\Microsoft\RendezvousApps]
[HKLM\Software\WOW6432Node\Microsoft\SchedulingAgent]
[HKLM\Software\WOW6432Node\Microsoft\Security Center]
[HKLM\Software\WOW6432Node\Microsoft\Sensors]
[HKLM\Software\WOW6432Node\Microsoft\Shared Tools]
[HKLM\Software\WOW6432Node\Microsoft\Shared Tools Location]
[HKLM\Software\WOW6432Node\Microsoft\Software]
[HKLM\Software\WOW6432Node\Microsoft\SPEECH]
[HKLM\Software\WOW6432Node\Microsoft\Speech_OneCore]
[HKLM\Software\WOW6432Node\Microsoft\SQMClient]
[HKLM\Software\WOW6432Node\Microsoft\Sync Framework]
[HKLM\Software\WOW6432Node\Microsoft\SystemSettings]
[HKLM\Software\WOW6432Node\Microsoft\TableTextService]
[HKLM\Software\WOW6432Node\Microsoft\TabletTip]
[HKLM\Software\WOW6432Node\Microsoft\Tcpip]
[HKLM\Software\WOW6432Node\Microsoft\Terminal Server Client]
[HKLM\Software\WOW6432Node\Microsoft\TouchPrediction]
[HKLM\Software\WOW6432Node\Microsoft\TPG]
[HKLM\Software\WOW6432Node\Microsoft\Tpm]
[HKLM\Software\WOW6432Node\Microsoft\Tracing]
[HKLM\Software\WOW6432Node\Microsoft\TV System Services]
[HKLM\Software\WOW6432Node\Microsoft\uDRM]
[HKLM\Software\WOW6432Node\Microsoft\Updates]
[HKLM\Software\WOW6432Node\Microsoft\UPnP Control Point]
[HKLM\Software\WOW6432Node\Microsoft\UPnP Device Host]
[HKLM\Software\WOW6432Node\Microsoft\VisualStudio]
[HKLM\Software\WOW6432Node\Microsoft\WAB]
[HKLM\Software\WOW6432Node\Microsoft\WBEM]
[HKLM\Software\WOW6432Node\Microsoft\WIMMount]
[HKLM\Software\WOW6432Node\Microsoft\Windows]
[HKLM\Software\WOW6432Node\Microsoft\Windows Defender]
[HKLM\Software\WOW6432Node\Microsoft\Windows Desktop Search]
[HKLM\Software\WOW6432Node\Microsoft\Windows Mail]
[HKLM\Software\WOW6432Node\Microsoft\Windows Media Device Manager]
[HKLM\Software\WOW6432Node\Microsoft\Windows Media Foundation]
[HKLM\Software\WOW6432Node\Microsoft\Windows Media Player NSS]
[HKLM\Software\WOW6432Node\Microsoft\Windows Messaging Subsystem]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT]
[HKLM\Software\WOW6432Node\Microsoft\Windows Photo Viewer]
[HKLM\Software\WOW6432Node\Microsoft\Windows Portable Devices]
[HKLM\Software\WOW6432Node\Microsoft\Windows Script Host]
[HKLM\Software\WOW6432Node\Microsoft\WindowsRuntime]
[HKLM\Software\WOW6432Node\Microsoft\WindowsUpdate]
[HKLM\Software\WOW6432Node\Microsoft\Wisp]
[HKLM\Software\WOW6432Node\Microsoft\WlanSvc]
[HKLM\Software\WOW6432Node\Microsoft\WSDAPI]
[HKLM\Software\WOW6432Node\Microsoft\Cellular]
[HKLM\Software\WOW6432Node\Microsoft\COM3]
[HKLM\Software\WOW6432Node\Microsoft\DeviceReg]
[HKLM\Software\WOW6432Node\Microsoft\DFS]
[HKLM\Software\WOW6432Node\Microsoft\Driver Signing]
[HKLM\Software\WOW6432Node\Microsoft\EnterpriseCertificates]
[HKLM\Software\WOW6432Node\Microsoft\EventSystem]
[HKLM\Software\WOW6432Node\Microsoft\FingerKB]
[HKLM\Software\WOW6432Node\Microsoft\FuzzyDS]
[HKLM\Software\WOW6432Node\Microsoft\Input]
[HKLM\Software\WOW6432Node\Microsoft\LanguageOverlay]
[HKLM\Software\WOW6432Node\Microsoft\Messaging]
[HKLM\Software\WOW6432Node\Microsoft\MSMQ]
[HKLM\Software\WOW6432Node\Microsoft\MTF]
[HKLM\Software\WOW6432Node\Microsoft\MTFFuzzyFactors]
[HKLM\Software\WOW6432Node\Microsoft\MTFInputType]
[HKLM\Software\WOW6432Node\Microsoft\MTFKeyboardMappings]
[HKLM\Software\WOW6432Node\Microsoft\Non-Driver Signing]
[HKLM\Software\WOW6432Node\Microsoft\Ole]
[HKLM\Software\WOW6432Node\Microsoft\Phone]
[HKLM\Software\WOW6432Node\Microsoft\Pim]
[HKLM\Software\WOW6432Node\Microsoft\Poom]
[HKLM\Software\WOW6432Node\Microsoft\Ras]
[HKLM\Software\WOW6432Node\Microsoft\Rpc]
[HKLM\Software\WOW6432Node\Microsoft\SecurityManager]
[HKLM\Software\WOW6432Node\Microsoft\Semgr]
[HKLM\Software\WOW6432Node\Microsoft\Shell]
[HKLM\Software\WOW6432Node\Microsoft\SystemCertificates]
[HKLM\Software\WOW6432Node\Microsoft\TermServLicensing]
[HKLM\Software\WOW6432Node\Microsoft\Transaction Server]
[HKLM\Software\WOW6432Node\Microsoft\Unified Store]
[HKLM\Software\WOW6432Node\Microsoft\UserData]
[HKLM\Software\WOW6432Node\Microsoft\Windows Search]
[HKLM\Software\WOW6432Node\Microsoft\XAML]
[HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Dwm]
[HKLM\Software\WOW6432Node\Microsoft\Windows\EnterpriseResourceManager]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Heat]
[HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help]
[HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage]
[HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC]
[HKLM\Software\WOW6432Node\Microsoft\Windows\UpdateApi]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\AarSvc]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs]

---------- | Drives


D:

[18/04/2019 15:19:32] - |SH| - (. - .) - [0] - (0.0.0.0) - D:\desktop.ini

---------- | C:

[07/12/2019 11:14:52] - |SHD| - [714953757] - C:\$Recycle.Bin
[27/04/2021 18:14:14] - |HD| - [0] - C:\$WinREAgent
[MD5.10C719C049CC1FDB8EC1874B4A673FFE] - [13/05/2021 21:45:50] - |AH| - (. - .) - [40] - (0.0.0.0) - C:\0A86EB73AE0B
[MD5.6DCB713D06223E88A62A4729494AE56B] - [13/05/2021 21:45:50] - |AH| - (. - .) - [112] - (0.0.0.0) - C:\475D80154B5B
[09/05/2021 22:46:42] - |D| - [2356] - C:\AdwCleaner
[27/04/2021 16:10:31] - |D| - [484469019] - C:\AMD
[MD5.25C4C0632E904DD7C943BC3554E8E449] - [19/11/2020 01:13:36] - |RASH| - (. - .) - [413738] - (0.0.0.0) - C:\bootmgr
[MD5.93B885ADFE0DA089CDF634904FD59F71] - [19/11/2020 01:13:37] - |ASH| - (. - .) - [1] - (0.0.0.0) - C:\BOOTNXT
[MD5.862871A4F661B20504FD71A49B493920] - [11/05/2021 00:59:08] - |SH| - (. - .) - [112] - (0.0.0.0) - C:\bootTel.dat
[27/04/2021 16:13:47] - |SHD| - [0] - C:\Config.Msi
[27/04/2021 15:50:31] - |SHD| - [0] - C:\Documents and Settings
[MD5.FFF6BA17726F49EEEFD361888F144653] - [27/04/2021 15:48:26] - |ASH| - (. - .) - [8192] - (0.0.0.0) - C:\DumpStack.log
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [27/04/2021 15:48:26] - |ASH| - (. - .) - [8192] - (0.0.0.0) - C:\DumpStack.log.tmp
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [27/04/2021 15:50:23] - |ASH| - (. - .) - [6851579904] - (0.0.0.0) - C:\hiberfil.sys
[27/04/2021 16:00:10] - |HD| - [0] - C:\OneDriveTemp
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [27/04/2021 15:48:26] - |ASH| - (. - .) - [2550136832] - (0.0.0.0) - C:\pagefile.sys
[07/12/2019 11:14:52] - |D| - [0] - C:\PerfLogs
[07/12/2019 11:14:52] - |RD| - [22011759962] - C:\Program Files
[07/12/2019 11:14:52] - |RD| - [24696726621] - C:\Program Files (x86)
[07/12/2019 11:14:52] - |HD| - [2827639710] - C:\ProgramData
[26/05/2021 13:58:58] - |D| - [33] - C:\QuickDiag
[MD5.0537A77558EF190B5F057C47E7E64756] - [26/05/2021 13:59:02] - |A| - (. - .) - [199452] - (0.0.0.0) - C:\QuickDiag.txt
[27/04/2021 15:50:33] - |SHD| - [0] - C:\Recovery
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [27/04/2021 15:48:26] - |ASH| - (. - .) - [16777216] - (0.0.0.0) - C:\swapfile.sys
[27/04/2021 15:48:25] - |SHD| - [0] - C:\System Volume Information
[07/12/2019 11:03:44] - |RD| - [22760802800] - C:\Users
[07/12/2019 11:03:44] - |D| - [25620068846] - C:\Windows

---------- | C:\Windows

[07/12/2019 16:51:10] - |D| - [802] - C:\Windows\addins
[07/12/2019 11:14:52] - |D| - [12981495] - C:\Windows\appcompat
[07/12/2019 11:14:52] - |D| - [9892148] - C:\Windows\apppatch
[07/12/2019 11:14:52] - |D| - [0] - C:\Windows\AppReadiness
[07/12/2019 11:14:52] - |RSD| - [932583499] - C:\Windows\assembly
[07/12/2019 11:14:52] - |D| - [785153] - C:\Windows\bcastdvr
[MD5.862251351EC170BB3BD59CB219491811] - [27/04/2021 18:40:40] - |A| - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - Utilitaire de service de fichier de dÃ©marrage.) - [77824] - (10.0.19041.746) - C:\Windows\bfsvc.exe
[07/12/2019 11:14:52] - |D| - [40888156] - C:\Windows\Boot
[MD5.85AEA12B65D0483BB656829FE2F191B5] - [19/11/2020 01:29:37] - |AS| - (. - .) - [67584] - (0.0.0.0) - C:\Windows\bootstat.dat
[07/12/2019 11:14:52] - |D| - [2450448] - C:\Windows\Branding
[07/12/2019 11:03:44] - |D| - [0] - C:\Windows\CbsTemp
[07/12/2019 11:14:52] - |D| - [34067960] - C:\Windows\Containers
[MD5.C6C52AF48A75DCC59644DC894D2F524E] - [07/12/2019 16:53:23] - |A| - (. - .) - [29857] - (0.0.0.0) - C:\Windows\Core.xml
[07/12/2019 11:14:52] - |D| - [11501377] - C:\Windows\Cursors
[07/12/2019 11:14:52] - |D| - [1387626] - C:\Windows\debug
[07/12/2019 11:14:52] - |D| - [4307035] - C:\Windows\diagnostics
[07/12/2019 11:14:52] - |D| - [1701843] - C:\Windows\DiagTrack
[07/12/2019 16:49:55] - |D| - [0] - C:\Windows\DigitalLocker
[MD5.779A4B85BE373FD0F555851CA7E643F7] - [16/05/2021 15:03:31] - |A| - (. - .) - [17876] - (0.0.0.0) - C:\Windows\DirectX.log
[07/12/2019 11:14:52] - |SD| - [65] - C:\Windows\Downloaded Program Files
[07/12/2019 11:14:52] - |HD| - [46688] - C:\Windows\ELAMBKUP
[07/12/2019 16:49:55] - |D| - [0] - C:\Windows\en-US
[MD5.F5883F210AF1795C1868AE570FCB7185] - [13/05/2021 18:08:55] - |A| - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - Explorateur Windows.) - [4826160] - (10.0.19041.964) - C:\Windows\explorer.exe
[07/12/2019 11:14:52] - |RSD| - [361661278] - C:\Windows\Fonts
[07/12/2019 16:49:55] - |D| - [111616] - C:\Windows\fr-FR
[07/12/2019 11:14:52] - |D| - [0] - C:\Windows\GameBarPresenceWriter
[07/12/2019 11:14:52] - |D| - [75077612] - C:\Windows\Globalization
[07/12/2019 11:14:52] - |D| - [1315831] - C:\Windows\Help
[MD5.86AE3BE50DF246C646DA76E7223A968E] - [27/04/2021 18:42:54] - |A| - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - Aide et support Microsoft.) - [1076736] - (10.0.19041.906) - C:\Windows\HelpPane.exe
[MD5.2C8FE78D53C8CA27523A71DFD2938241] - [07/12/2019 11:09:39] - |A| - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - ExÃ©cutable de lÂaide HTML MicrosoftÂ®.) - [18432] - (10.0.19041.1) - C:\Windows\hh.exe
[07/12/2019 11:14:52] - |D| - [30327] - C:\Windows\IdentityCRL
[07/12/2019 11:14:52] - |D| - [28822470] - C:\Windows\IME
[07/12/2019 11:14:52] - |RD| - [8165408] - C:\Windows\ImmersiveControlPanel
[07/12/2019 11:13:02] - |D| - [64138365] - C:\Windows\INF
[MD5.A5D09CF2456DDBE605AAB21876DE4199] - [27/01/2021 13:01:36] - |A| - (. - .) - [3816] - (0.0.0.0) - C:\Windows\Info.xml
[07/12/2019 11:14:52] - |D| - [38193580] - C:\Windows\InputMethod
[07/12/2019 11:14:52] - |SHD| - [407871400] - C:\Windows\Installer
[07/12/2019 11:14:52] - |D| - [109650] - C:\Windows\L2Schemas
[07/12/2019 11:14:52] - |HD| - [0] - C:\Windows\LanguageOverlayCache
[07/12/2019 11:14:52] - |D| - [0] - C:\Windows\LiveKernelReports
[07/12/2019 11:14:52] - |D| - [30809820] - C:\Windows\Logs
[07/12/2019 11:14:52] - |RSD| - [20063519] - C:\Windows\Media
[MD5.81EFAA11E8A736ECD58E5E3C91AEE7B9] - [11/05/2021 00:59:29] - |A| - (. - .) - [993310642] - (0.0.0.0) - C:\Windows\MEMORY.DMP
[MD5.23AF90D2355D8C83AA4567EF1763B467] - [07/12/2019 11:08:58] - |A| - (. - .) - [43131] - (0.0.0.0) - C:\Windows\mib.bin
[07/12/2019 11:14:52] - |RD| - [840866446] - C:\Windows\Microsoft.NET
[07/12/2019 11:14:52] - |D| - [3323] - C:\Windows\Migration
[27/04/2021 17:35:13] - |D| - [6616156] - C:\Windows\Minidump
[07/12/2019 11:14:52] - |D| - [0] - C:\Windows\ModemLogs
[MD5.423D3ADE2F14572C5BD5F546973EB493] - [27/04/2021 18:43:55] - |A| - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - Bloc-notes.) - [202240] - (10.0.19041.746) - C:\Windows\notepad.exe
[MD5.74F28574BB8F61FFC7DD419FE6B6E0D5] - [29/04/2021 18:47:03] - |A| - (. - .) - [1951] - (0.0.0.0) - C:\Windows\NvContainerRecovery.bat
[07/12/2019 16:51:57] - |D| - [419226] - C:\Windows\OCR
[07/12/2019 11:14:52] - |RD| - [65] - C:\Windows\Offline Web Pages
[27/04/2021 16:48:06] - |D| - [3818996] - C:\Windows\Panther
[07/12/2019 11:14:52] - |D| - [502504] - C:\Windows\Performance
[MD5.5BFAA1530ACEBC1FD9E1903D1141B4E6] - [19/11/2020 01:32:06] - |A| - (. - .) - [22132] - (0.0.0.0) - C:\Windows\PFRO.log
[07/12/2019 11:14:52] - |D| - [1136442] - C:\Windows\PLA
[07/12/2019 11:14:52] - |D| - [2932885] - C:\Windows\PolicyDefinitions
[27/04/2021 15:48:25] - |D| - [8727674] - C:\Windows\Prefetch
[07/12/2019 11:14:52] - |RD| - [2234382] - C:\Windows\PrintDialog
[07/12/2019 11:14:52] - |D| - [6016999] - C:\Windows\Provisioning
[MD5.999A30979F6195BF562068639FFC4426] - [27/04/2021 18:43:02] - |A| - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - Ãditeur du Registre.) - [370176] - (10.0.19041.746) - C:\Windows\regedit.exe
[07/12/2019 11:14:52] - |D| - [22588] - C:\Windows\Registration
[07/12/2019 11:14:52] - |D| - [7180520] - C:\Windows\rescache
[07/12/2019 11:14:52] - |D| - [3471899] - C:\Windows\Resources
[MD5.D0B22CFA9BFB7635A5B5D4C46B515257] - [27/04/2021 16:22:32] - |R| - (.Copyright (C) 2019 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [2877104] - (1.0.7.5) - C:\Windows\RtlExUpd.dll
[07/12/2019 11:14:52] - |D| - [0] - C:\Windows\SchCache
[07/12/2019 11:14:52] - |D| - [126782] - C:\Windows\schemas
[07/12/2019 11:14:52] - |D| - [6365184] - C:\Windows\security
[19/11/2020 00:28:50] - |D| - [76593696] - C:\Windows\ServiceProfiles
[07/12/2019 11:14:52] - |D| - [4096] - C:\Windows\ServiceState
[07/12/2019 11:03:44] - |D| - [1802684560] - C:\Windows\servicing
[07/12/2019 11:18:25] - |D| - [42] - C:\Windows\Setup
[MD5.D5D914A1E26A02AB0CCB57D569FE1352] - [15/05/2021 17:33:09] - |A| - (. - .) - [5610] - (0.0.0.0) - C:\Windows\setupact.log
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [15/05/2021 17:33:09] - |A| - (. - .) - [0] - (0.0.0.0) - C:\Windows\setuperr.log
[07/12/2019 11:14:52] - |D| - [5500416] - C:\Windows\ShellComponents
[07/12/2019 11:14:52] - |D| - [19058688] - C:\Windows\ShellExperiences
[07/12/2019 11:14:52] - |D| - [6828144] - C:\Windows\SKB
[27/04/2021 15:50:48] - |D| - [45972235] - C:\Windows\SoftwareDistribution
[07/12/2019 11:14:52] - |D| - [178377146] - C:\Windows\Speech
[07/12/2019 11:14:52] - |D| - [123247540] - C:\Windows\Speech_OneCore
[MD5.D037F0B45155C32F25C26937A30C809B] - [27/04/2021 18:40:41] - |A| - (.Â© Microsoft Corporation. - Print driver host for applications.) - [136192] - (10.0.19041.746) - C:\Windows\splwow64.exe
[07/12/2019 11:14:52] - |D| - [31039] - C:\Windows\System
[MD5.286A9EDB379DC3423A528B0864A0F111] - [07/12/2019 11:14:54] - |A| - (. - .) - [219] - (0.0.0.0) - C:\Windows\system.ini
[07/12/2019 11:03:44] - |D| - [5294565350] - C:\Windows\System32
[07/12/2019 11:14:52] - |D| - [146898549] - C:\Windows\SystemApps
[07/12/2019 11:14:52] - |D| - [167480377] - C:\Windows\SystemResources
[07/12/2019 11:14:52] - |AD| - [1311805624] - C:\Windows\SysWOW64
[07/12/2019 11:14:52] - |D| - [0] - C:\Windows\TAPI
[07/12/2019 11:14:52] - |D| - [220] - C:\Windows\Tasks
[07/12/2019 11:14:52] - |D| - [1536850] - C:\Windows\Temp
[07/12/2019 11:14:52] - |D| - [0] - C:\Windows\tracing
[07/12/2019 11:14:52] - |D| - [7680] - C:\Windows\twain_32
[MD5.AFE119DD4E17891B227684F38AA25D4D] - [07/12/2019 11:10:00] - |A| - (. - Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [65024] - (1.7.1.3) - C:\Windows\twain_32.dll
[MD5.1FC8D4DA102967664BD976C9277223A4] - [09/05/2021 00:07:06] - |A| - (. - .) - [136276] - (0.0.0.0) - C:\Windows\uninsCK550_CK552.dat
[MD5.B7266FE6885494518DF55C26C64CA698] - [09/05/2021 00:07:06] - |A| - (.Cooler Master.  - CK550/CK552 uninstall.) - [6178304] - (1.0.0.1) - C:\Windows\uninsCK550_CK552.exe
[MD5.EEA2EB36D41965AABF8A495F0A325900] - [09/05/2021 00:06:21] - |A| - (. - .) - [48554] - (0.0.0.0) - C:\Windows\uninsCooler Master Portal.dat
[MD5.D508EBD2953E7C76C65C19051DE3EC69] - [09/05/2021 00:06:21] - |A| - (.Cooler Master.  - Cooler Master Portal.) - [6177792] - (1.0.0.1) - C:\Windows\uninsCooler Master Portal.exe
[07/12/2019 11:14:52] - |D| - [12420] - C:\Windows\Vss
[07/12/2019 11:14:52] - |D| - [33188] - C:\Windows\WaaS
[07/12/2019 11:14:52] - |D| - [16568315] - C:\Windows\Web
[MD5.23CF8138F49416231807E6DE371FB9E6] - [07/12/2019 11:14:54] - |A| - (. - .) - [92] - (0.0.0.0) - C:\Windows\win.ini
[MD5.C844CA459F3B209329984772269B6E56] - [07/12/2019 11:09:09] - |RAH| - (. - .) - [670] - (0.0.0.0) - C:\Windows\WindowsShell.Manifest
[MD5.2CC83D93DD1DDE691158CF5E9882420B] - [11/05/2021 00:22:31] - |A| - (. - .) - [276] - (0.0.0.0) - C:\Windows\WindowsUpdate.log
[MD5.0629E6D130F226C009EA9AB329F37ACC] - [07/12/2019 11:10:00] - |A| - (.Â© Microsoft Corporation. Tous droits rÃ©servÃ©s. - Relais Windows Winhlp32.) - [11776] - (10.0.19041.1) - C:\Windows\winhlp32.exe
[07/12/2019 11:03:44] - |D| - [12427421079] - C:\Windows\WinSxS
[MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [07/12/2019 11:10:11] - |A| - (. - .) - [316640] - (0.0.0.0) - C:\Windows\WMSysPr9.prx
[MD5.B947CCA7F485F6C1156F4D02E8C9874F] - [07/12/2019 16:52:21] - |A| - (.Â© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.19041.1) - C:\Windows\write.exe

---------- | C:\Windows\System32\GroupPolicy


---------- | Systemroot\System


---------- | Systemroot\Installer (Microsoft Files Whitelisted)

[27/04/2021 16:13:44] - C:\Windows\Installer\1579f6.msi : (AMD_Chipset_Drivers - Advanced Micro Devices, Inc.)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[27/01/2021 05:01:40] - C:\Windows\Installer\1579fb.msi : (AMD GPIO2 Driver - Advanced Micro Devices, Inc.)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[27/01/2021 05:01:40] - C:\Windows\Installer\157a00.msi : (AMD PCI Driver - Advanced Micro Devices, Inc.)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[27/01/2021 05:01:40] - C:\Windows\Installer\157a05.msi : (AMD SBxxxSMBus Driver - Advanced Micro Devices, Inc.)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[27/01/2021 05:01:40] - C:\Windows\Installer\157a0a.msi : (AMD PSP Driver - Advanced Micro Devices, Inc.)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[27/01/2021 05:01:42] - C:\Windows\Installer\157a0f.msi : (Promontory GPIO Driver - Advanced Micro Devices, Inc.)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[27/01/2021 05:01:42] - C:\Windows\Installer\157a14.msi : (AMD Ryzen Balanced Driver - Advanced Micro Devices, Inc.)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[28/04/2021 12:24:32] - C:\Windows\Installer\1a3737.msi : (Java Auto Updater - Oracle Corporation)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[20/05/2020 12:42:50] - C:\Windows\Installer\1e393.msi : (Apple Mobile Device Support Installer - Apple Inc.)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[20/05/2020 12:44:54] - C:\Windows\Installer\1e399.msi : ([ProductName] Installer - Apple Inc.)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[18/05/2021 00:00:08] - C:\Windows\Installer\484bc94.msi : (Minecraft Launcher - Mojang)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[22/04/2021 13:23:56] - C:\Windows\Installer\b5b0645.msi : (Epic Online Services - Epic Games, Inc.)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[18/06/2020 11:28:42] - C:\Windows\Installer\b5b064a.msi : (Epic Games Launcher Prerequisites (x64) - Epic Games, Inc.)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[04/02/2021 13:34:40] - C:\Windows\Installer\c2238.msi : (Hardware Detection DriversCloud.com - Cybelsoft)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[14/06/2010 16:42:14] - C:\Windows\Installer\c43895.msi : (Logitech Gaming Software 5.10 - Logitech)          [Header ok : D0CF11E0A1B11AE10000000000000000]
[28/06/2011 21:27:28] - [4028928] - (.().-. - ()) - C:\Windows\Installer\20a718.msp
[28/06/2011 21:21:32] - [4637184] - (.().-. - ()) - C:\Windows\Installer\20baaf.msp

---------- | %System%\*.in*

[07/12/2019 11:09:39] - [3329] - C:\Windows\System32\ieuinit.inf
[27/04/2021 15:56:43] - [1771594] - C:\Windows\System32\PerfStringBackup.INI
[07/12/2019 11:09:05] - [60124] - C:\Windows\System32\tcpmon.ini
[07/12/2019 11:08:46] - [2404] - C:\Windows\System32\WimBootCompress.ini
[07/12/2019 11:10:00] - [3329] - C:\Windows\Syswow64\ieuinit.inf
[07/12/2019 11:09:22] - [2404] - C:\Windows\Syswow64\WimBootCompress.ini

---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan

[MD5.026A26F8A52D806776942549269976FA] - |A| - [11/05/2021 00:23:27] - (. - .) - [17.62 Ko] - (0.0.0.0) - C:\Windows\Temp\catalog.json
[MD5.00000000000000000000000000000000] - |D| - [10/05/2021 20:10:14] - [0 Ko] - C:\Windows\Temp\Crashpad
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [23/05/2021 23:02:57] - (. - .) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\FXSAPIDebugLogFile.txt
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [23/05/2021 23:02:57] - (. - .) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\FXSTIFFDebugLogFile.txt
[MD5.F98BB9212B7ED049BB2D04CCEACB5439] - |A| - [20/05/2021 15:10:31] - (. - .) - [2.96 Ko] - (0.0.0.0) - C:\Windows\Temp\Install-pid-5832.txt
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [21/05/2021 16:12:37] - (. - .) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\mat-debug-10108.log
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [20/05/2021 15:10:42] - (. - .) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\mat-debug-11036.log
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [22/05/2021 17:57:17] - (. - .) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\mat-debug-12240.log
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [25/05/2021 21:57:17] - (. - .) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\mat-debug-13404.log
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [22/05/2021 12:16:40] - (. - .) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\mat-debug-1924.log
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [19/05/2021 09:06:09] - (. - .) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\mat-debug-7624.log
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [21/05/2021 16:12:37] - (. - .) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\mat-debug-8860.log
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [24/05/2021 19:57:18] - (. - .) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\mat-debug-8896.log
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [23/05/2021 18:57:18] - (. - .) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\mat-debug-9140.log
[MD5.92752B5F7B7093459B32ABB7B1C8E0CD] - |A| - [27/04/2021 15:48:43] - (. - .) - [321.51 Ko] - (0.0.0.0) - C:\Windows\Temp\MpCmdRun.log
[MD5.545CBB42566AD7101C3222E0C347D39D] - |A| - [27/04/2021 18:14:01] - (. - .) - [646.83 Ko] - (0.0.0.0) - C:\Windows\Temp\MpSigStub.log
[MD5.00000000000000000000000000000000] - |D| - [14/05/2021 20:58:02] - [0.17 Ko] - C:\Windows\Temp\MsEdgeCrashpad
[MD5.74FD228E76A270CA5810C529D4003EF6] - |A| - [14/05/2021 20:58:02] - (. - .) - [61 Ko] - (0.0.0.0) - C:\Windows\Temp\msedge_installer.log
[MD5.00000000000000000000000000000000] - |D| - [23/05/2021 11:21:39] - [2.75 Ko] - C:\Windows\Temp\NvidiaLogging
[MD5.2A8FC5CE158020164FD9ACFE1D9F90C3] - |A| - [24/05/2021 21:24:59] - (. - .) - [448 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_2F3D.tmp
[MD5.CFCD208495D565EF66E7DFF9F98764DA] - |A| - [19/05/2021 23:51:18] - (. - .) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\WacomInstallO.txt
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:55] - [0 Ko] - C:\Windows\System32\0409
[MD5.C652A5EA6545C98CE71684018E0640E7] - |A| - [07/12/2019 11:09:00] - (. - .) - [3.1 Ko] - (0.0.0.0) - C:\Windows\System32\@AdvancedKeySettingsNotification.png
[MD5.D6F8DD9F561B8A67FFAC2BAD7E989770] - |A| - [07/12/2019 11:08:44] - (. - .) - [0.23 Ko] - (0.0.0.0) - C:\Windows\System32\@AppHelpToast.png
[MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [07/12/2019 11:08:45] - (. - .) - [0.3 Ko] - (0.0.0.0) - C:\Windows\System32\@AudioToastIcon.png
[MD5.8E4B25CC8E98F63DBD54176DFAB539E0] - |A| - [07/12/2019 11:08:21] - (. - .) - [0.44 Ko] - (0.0.0.0) - C:\Windows\System32\@BackgroundAccessToastIcon.png
[MD5.3937359E324E15F6A7A7092D4DAEBD64] - |A| - [07/12/2019 11:08:52] - (. - .) - [0.19 Ko] - (0.0.0.0) - C:\Windows\System32\@bitlockertoastimage.png
[MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [07/12/2019 11:08:52] - (. - .) - [0.32 Ko] - (0.0.0.0) - C:\Windows\System32\@EnrollmentToastIcon.png
[MD5.C2A332DE50FE519DA21AFB8BD6E134F4] - |A| - [07/12/2019 11:08:58] - (. - .) - [0.55 Ko] - (0.0.0.0) - C:\Windows\System32\@language_notification_icon.png
[MD5.A119D69B4C29845D3F8CE2E5638C8E65] - |A| - [07/12/2019 11:09:45] - (. - .) - [0.47 Ko] - (0.0.0.0) - C:\Windows\System32\@optionalfeatures.png
[MD5.A3437673F5766635A8378F67645B81C0] - |A| - [07/12/2019 11:09:37] - (. - .) - [0.35 Ko] - (0.0.0.0) - C:\Windows\System32\@StorageSenseToastIcon.png
[MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [07/12/2019 11:09:07] - (. - .) - [0.39 Ko] - (0.0.0.0) - C:\Windows\System32\@VpnToastIcon.png
[MD5.79166EAF65485F1432DD72B72870026B] - |A| - [07/12/2019 11:09:32] - (. - .) - [190.86 Ko] - (0.0.0.0) - C:\Windows\System32\@windows-hello-V4.1.gif
[MD5.13EF2C8D799F7B6E9D8E3D6BACB9C779] - |A| - [07/12/2019 11:09:32] - (. - .) - [0.7 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsHelloFaceToastIcon.png
[MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [07/12/2019 11:08:39] - (. - .) - [0.51 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsUpdateToastIcon.contrast-black.png
[MD5.DAD405CBDE259DE527EBF71BCC28099C] - |A| - [07/12/2019 11:08:39] - (. - .) - [0.79 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsUpdateToastIcon.contrast-white.png
[MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [07/12/2019 11:08:39] - (. - .) - [0.51 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsUpdateToastIcon.png
[MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [07/12/2019 11:08:19] - (. - .) - [0.67 Ko] - (0.0.0.0) - C:\Windows\System32\@WirelessDisplayToast.png
[MD5.147B047B46B79A91CC34499D4F89119E] - |A| - [07/12/2019 11:09:05] - (. - .) - [0.39 Ko] - (0.0.0.0) - C:\Windows\System32\@WLOGO_48x48.png
[MD5.31A16C523B62500F83C82217F056A538] - |A| - [07/12/2019 11:08:39] - (. - .) - [8.13 Ko] - (0.0.0.0) - C:\Windows\System32\ActiveHours.png
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [2786.8 Ko] - C:\Windows\System32\AdvancedInstallers
[MD5.A49C26AA0CADD994DE158F51CB7EEFBC] - |A| - [13/05/2021 18:08:54] - (. - .) - [13 Ko] - (0.0.0.0) - C:\Windows\System32\agentactivationruntimestarter.exe
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5.97 Ko] - C:\Windows\System32\am-et
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\System32\AppLocker
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [2808.41 Ko] - C:\Windows\System32\appraiser
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [279.5 Ko] - C:\Windows\System32\ar-SA
[MD5.C9486151C26D64A4933B95BA10BF730A] - |A| - [07/12/2019 11:09:34] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [614 Ko] - (3.3.2.0) - C:\Windows\System32\archiveint.dll
[MD5.C03F0062C0749CDB59A4D60862C3E83E] - |A| - [07/12/2019 11:08:07] - (. - .) - [134.86 Ko] - (0.0.0.0) - C:\Windows\System32\AverageRoom.bin
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [258.5 Ko] - C:\Windows\System32\bg-BG
[MD5.705628497C0012302212A46ADD463E6E] - |A| - [07/12/2019 11:08:05] - (. - .) - [8.3 Ko] - (0.0.0.0) - C:\Windows\System32\BluetoothPairingSystemToastIcon.contrast-black.png
[MD5.F63C615733A3337BF2BEA96C6EE9B568] - |A| - [07/12/2019 11:08:05] - (. - .) - [8.53 Ko] - (0.0.0.0) - C:\Windows\System32\BluetoothPairingSystemToastIcon.contrast-high.png
[MD5.705628497C0012302212A46ADD463E6E] - |A| - [07/12/2019 11:08:05] - (. - .) - [8.3 Ko] - (0.0.0.0) - C:\Windows\System32\BluetoothPairingSystemToastIcon.contrast-white.png
[MD5.DAF1DCB4AEE839A1965F4CC160C49A53] - |A| - [07/12/2019 11:08:05] - (. - .) - [8.34 Ko] - (0.0.0.0) - C:\Windows\System32\BluetoothPairingSystemToastIcon.png
[MD5.28ECA83D7F9D10D69E969675D1FF6725] - |A| - [07/12/2019 11:08:05] - (. - .) - [1.29 Ko] - (0.0.0.0) - C:\Windows\System32\BluetoothSystemToastIcon.contrast-white.png
[MD5.A620186FF1CDE4EE117FC4CAD648B9CC] - |A| - [07/12/2019 11:08:05] - (. - .) - [1.2 Ko] - (0.0.0.0) - C:\Windows\System32\BluetoothSystemToastIcon.png
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5939.64 Ko] - C:\Windows\System32\Boot
[MD5.3149A16CF39B9A49BD9A1EF98A1C527B] - |A| - [27/04/2021 18:41:41] - (.Copyright (C) 2008 - Gestionnaire de contexte pour rÃ©seau personnel Bluetooth.) - [186.5 Ko] - (1.0.0.1) - C:\Windows\System32\BthpanContextHandler.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.1 Ko] - C:\Windows\System32\Bthprops
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:03:44] - [79858 Ko] - C:\Windows\System32\CatRoot
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [50556.32 Ko] - C:\Windows\System32\catroot2
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [20.62 Ko] - C:\Windows\System32\CodeIntegrity
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [377.5 Ko] - C:\Windows\System32\Com
[MD5.535884123FABC2C15AA7DEC9834B55D4] - |A| - [07/12/2019 11:08:05] - (. - .) - [0.67 Ko] - (0.0.0.0) - C:\Windows\System32\ComputerToastIcon.contrast-white.png
[MD5.89F92266DFC6F93961DFFBB2D6C61A15] - |A| - [07/12/2019 11:08:05] - (. - .) - [0.38 Ko] - (0.0.0.0) - C:\Windows\System32\ComputerToastIcon.png
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:03:44] - [266779.86 Ko] - C:\Windows\System32\config
[MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [53.11 Ko] - C:\Windows\System32\Configuration
[MD5.C113EC3ABF481A1B41F99BD721B513C3] - |A| - [27/04/2021 18:41:29] - (. - .) - [225.83 Ko] - (0.0.0.0) - C:\Windows\System32\containerdevicemanagement.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.34 Ko] - C:\Windows\System32\ContainerSettingsProviders
[MD5.D28333B58305A94157F38D961F032930] - |A| - [27/04/2021 18:40:40] - (. - .) - [280.5 Ko] - (0.0.0.0) - C:\Windows\System32\CoreMas.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [318 Ko] - C:\Windows\System32\cs-CZ
[MD5.1C3645EBDDBE2DA6A32A5F9FB43A3C23] - |A| - [07/12/2019 11:09:34] - (.Â© 1996 - 2017 Daniel Stenberg, <daniel@haxx.se>. - The curl executable.) - [411.5 Ko] - (7.55.1.0) - C:\Windows\System32\curl.exe
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [321.5 Ko] - C:\Windows\System32\da-DK
[MD5.C071699F4F21B82606C72BAE2A430E1D] - |A| - [13/05/2021 18:08:56] - (. - .) - [162 Ko] - (0.0.0.0) - C:\Windows\System32\DataStoreCacheDumpTool.exe
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [271.02 Ko] - C:\Windows\System32\DDFs
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [358.5 Ko] - C:\Windows\System32\de-DE
[MD5.C1684AACAAD62889ACFCA988AA46562D] - |A| - [07/12/2019 11:08:21] - (. - .) - [28.83 Ko] - (0.0.0.0) - C:\Windows\System32\DefaultAccountTile.png
[MD5.057C75B5735EEF2A75ABF8F6770BCA34] - |A| - [19/11/2020 04:49:25] - (. - .) - [4128.04 Ko] - (0.0.0.0) - C:\Windows\System32\DefaultHrtfs.bin
[MD5.664AA698FC0106A2B075A641E8DC6302] - |A| - [07/12/2019 11:14:56] - (. - .) - [0.84 Ko] - (0.0.0.0) - C:\Windows\System32\DefaultQuestions.json
[MD5.041A7B079E9776721847031A7CF533E1] - |A| - [07/12/2019 11:09:34] - (. - .) - [15.97 Ko] - (0.0.0.0) - C:\Windows\System32\DeliveryOptimizationMIProv.mof
[MD5.59D5500F74109D59522F5A9457B8D9A2] - |A| - [07/12/2019 11:09:34] - (. - .) - [0.89 Ko] - (0.0.0.0) - C:\Windows\System32\DeliveryOptimizationMIProvUninstall.mof
[MD5.B924F1A7DE5ED8331B3375A778B3FE38] - |A| - [07/12/2019 11:08:52] - (. - .) - [35.5 Ko] - (0.0.0.0) - C:\Windows\System32\deploymentcsphelper.exe
[MD5.851A9305E14B348CA0D9C7FB75391FDB] - |A| - [07/12/2019 11:08:39] - (. - .) - [272.34 Ko] - (0.0.0.0) - C:\Windows\System32\DesktopKeepOnToastImg.gif
[MD5.4A6FA3C0EFD237F104E09A22883D9388] - |A| - [07/12/2019 11:08:43] - (. - .) - [3.85 Ko] - (0.0.0.0) - C:\Windows\System32\DetailedReading-Default.xml
[MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [882 Ko] - C:\Windows\System32\DiagSvcs
[MD5.037DF43BCC9F9A4DF6548FED8F4503AF] - |A| - [07/12/2019 11:08:37] - (. - .) - [82.96 Ko] - (0.0.0.0) - C:\Windows\System32\DiskSnapshot.conf
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [9884.79 Ko] - C:\Windows\System32\Dism
[MD5.6AB2B935BF38EB13CFCB9506223FD6E7] - |A| - [07/12/2019 11:08:05] - (. - .) - [0.59 Ko] - (0.0.0.0) - C:\Windows\System32\DisplaySystemToastIcon.contrast-white.png
[MD5.FF004E0B30E5E4EC747B3D8EF6E3B89E] - |A| - [07/12/2019 11:08:05] - (. - .) - [0.34 Ko] - (0.0.0.0) - C:\Windows\System32\DisplaySystemToastIcon.png
[MD5.5E11A46BEB9134C860E125582311F64B] - |A| - [13/05/2021 18:09:14] - (. - .) - [11.08 Ko] - (0.0.0.0) - C:\Windows\System32\DrtmAuthTxt.wim
[MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [161.5 Ko] - C:\Windows\System32\dsc
[MD5.64E652DC979CB9EF1AEE91DBD4F8C624] - |A| - [27/04/2021 18:41:43] - (. - .) - [2201.5 Ko] - (0.0.0.0) - C:\Windows\System32\dwmscene.dll
[MD5.DF84EB7B44D1414284BA384F0061D1DC] - |A| - [07/12/2019 11:08:07] - (. - .) - [728.08 Ko] - (0.0.0.0) - C:\Windows\System32\DynamicLong.bin
[MD5.346870077DFD18867A9693C7A59AA3E6] - |A| - [07/12/2019 11:08:07] - (. - .) - [503.08 Ko] - (0.0.0.0) - C:\Windows\System32\DynamicMedium.bin
[MD5.2BEC13D68312ADE8C0065D8BCC146D2F] - |A| - [07/12/2019 11:08:07] - (. - .) - [315.58 Ko] - (0.0.0.0) - C:\Windows\System32\DynamicShort.bin
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [361.5 Ko] - C:\Windows\System32\el-GR
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:55] - [0 Ko] - C:\Windows\System32\en
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [244 Ko] - C:\Windows\System32\en-GB
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [2257.13 Ko] - C:\Windows\System32\en-US
[MD5.1D0A840D731A2C1F2E1FB5B8596B4C34] - |A| - [27/04/2021 18:41:40] - (. - .) - [148.5 Ko] - (0.0.0.0) - C:\Windows\System32\EoAExperiences.exe
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [343.5 Ko] - C:\Windows\System32\es-ES
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [271 Ko] - C:\Windows\System32\es-MX
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [238 Ko] - C:\Windows\System32\et-EE
[MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [16718.64 Ko] - C:\Windows\System32\F12
[MD5.4DED57BD7ACB9B0EBBE82034EC44645A] - |A| - [07/12/2019 11:08:41] - (. - .) - [43.22 Ko] - (0.0.0.0) - C:\Windows\System32\FeatureToastBulldogImg.png
[MD5.7F65C93283F31EB39E311DDDC00DFBA6] - |A| - [19/11/2020 04:50:03] - (. - .) - [16.54 Ko] - (0.0.0.0) - C:\Windows\System32\FeatureToastDlpImg.png
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [7.11 Ko] - C:\Windows\System32\ff-Adlm-SN
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [326 Ko] - C:\Windows\System32\fi-FI
[MD5.93DE0567C51664964422F0ADA5210024] - |A| - [19/11/2020 00:28:49] - (. - .) - [260.13 Ko] - (0.0.0.0) - C:\Windows\System32\FNTCACHE.DAT
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:55] - [3403.5 Ko] - C:\Windows\System32\fr
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [279 Ko] - C:\Windows\System32\fr-CA
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [46742.33 Ko] - C:\Windows\System32\fr-FR
[MD5.F5CA01AB732F8723CEB0118923F1AD32] - |A| - [13/05/2021 18:09:20] - (. - .) - [684.5 Ko] - (0.0.0.0) - C:\Windows\System32\FsNVSDeviceSource.dll
[MD5.F755D5BD38F3110AFE3927B573BE4389] - |A| - [27/04/2021 16:03:50] - (. - .) - [72.86 Ko] - (0.0.0.0) - C:\Windows\System32\FvSDK_x64.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:51:10] - [0 Ko] - C:\Windows\System32\FxsTmp
[MD5.41FD64AE28A0C932CA7B2A250993D675] - |A| - [07/12/2019 11:08:05] - (. - .) - [1.45 Ko] - (0.0.0.0) - C:\Windows\System32\GameSystemToastIcon.contrast-white.png
[MD5.6DC77FD8B062264AF1C6DA325ABB7010] - |A| - [07/12/2019 11:08:05] - (. - .) - [1.11 Ko] - (0.0.0.0) - C:\Windows\System32\GameSystemToastIcon.png
[MD5.2E6AF4D5BF6E31E728F409984C3045D4] - |A| - [07/12/2019 11:09:48] - (. - .) - [86.7 Ko] - (0.0.0.0) - C:\Windows\System32\gatherNetworkInfo.vbs
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\System32\GroupPolicy
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\System32\GroupPolicyUsers
[MD5.EA99A87E98D995DE6E280CF85CEAD413] - |A| - [07/12/2019 11:08:05] - (. - .) - [1.21 Ko] - (0.0.0.0) - C:\Windows\System32\HandwritingSystemToastIcon.contrast-white.png
[MD5.B8E586ED92DB703FFA480E254996160E] - |A| - [07/12/2019 11:08:05] - (. - .) - [0.89 Ko] - (0.0.0.0) - C:\Windows\System32\HandwritingSystemToastIcon.png
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [256.5 Ko] - C:\Windows\System32\he-IL
[MD5.6E9E9D56B192B2995493E529CFF2BBFE] - |A| - [07/12/2019 11:08:05] - (. - .) - [1.43 Ko] - (0.0.0.0) - C:\Windows\System32\HeadphoneSystemToastIcon.contrast-white.png
[MD5.7F1E9502267F778F3A8139C35A352190] - |A| - [07/12/2019 11:08:05] - (. - .) - [1.09 Ko] - (0.0.0.0) - C:\Windows\System32\HeadphoneSystemToastIcon.png
[MD5.202A07E4526B050E22624328E64E0470] - |A| - [07/12/2019 11:08:05] - (. - .) - [1.52 Ko] - (0.0.0.0) - C:\Windows\System32\HeadsetSystemToastIcon.contrast-white.png
[MD5.1892ACC10CAC009BCAC146AD650ABA58] - |A| - [07/12/2019 11:08:05] - (. - .) - [1.17 Ko] - (0.0.0.0) - C:\Windows\System32\HeadsetSystemToastIcon.png
[MD5.031713BFD5F30E63336D3CA5D2767BE9] - |A| - [07/12/2019 11:08:05] - (. - .) - [1.79 Ko] - (0.0.0.0) - C:\Windows\System32\HealthSystemToastIcon.contrast-white.png
[MD5.C1BD7976C99830E33A713D02374054EC] - |A| - [07/12/2019 11:08:05] - (. - .) - [1.62 Ko] - (0.0.0.0) - C:\Windows\System32\HealthSystemToastIcon.png
[MD5.6D2BA2902199292D57806E3C53C587BF] - |A| - [27/04/2021 18:41:21] - (. - .) - [299.5 Ko] - (0.0.0.0) - C:\Windows\System32\HeatCore.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [250 Ko] - C:\Windows\System32\hr-HR
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [324.5 Ko] - C:\Windows\System32\hu-HU
[MD5.871CA2345825E86D1D2D2A2E9E475D4F] - |A| - [19/11/2020 04:50:45] - (. - .) - [44.8 Ko] - (0.0.0.0) - C:\Windows\System32\HvSocket.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:53:03] - [149.55 Ko] - C:\Windows\System32\Hydrogen
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5.36 Ko] - C:\Windows\System32\ias
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [36.27 Ko] - C:\Windows\System32\icsxml
[MD5.061462282D516227FAB40231BAE93F1A] - |A| - [19/11/2020 04:49:50] - (. Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html  - ICU Combined Library.) - [2207.5 Ko] - (64.2.0.0) - C:\Windows\System32\icu.dll
[MD5.A7B574704574F326B92DCEA872F1E9E1] - |A| - [19/11/2020 04:49:50] - (. Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html  - ICU I18N Forwarder DLL.) - [24.5 Ko] - (64.2.0.0) - C:\Windows\System32\icuin.dll
[MD5.4A85A9DEA3D47D95CEF5525586756EA6] - |A| - [19/11/2020 04:49:50] - (. Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html  - ICU Common Forwarder DLL.) - [29 Ko] - (64.2.0.0) - C:\Windows\System32\icuuc.dll
[MD5.388BE35F952EC7F057CDD79E8EDF9A18] - |A| - [19/11/2020 04:49:25] - (. - .) - [193 Ko] - (0.0.0.0) - C:\Windows\System32\IHDS.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [26862.43 Ko] - C:\Windows\System32\IME
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\System32\inetsrv
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [6943 Ko] - C:\Windows\System32\InputMethod
[MD5.8DE9AE82152650C178BF1E24014E8503] - |A| - [07/12/2019 11:08:05] - (. - .) - [1.25 Ko] - (0.0.0.0) - C:\Windows\System32\InputSystemToastIcon.contrast-white.png
[MD5.0B9FBD6F3ED617CD36D042D3422F1C2B] - |A| - [07/12/2019 11:08:05] - (. - .) - [0.9 Ko] - (0.0.0.0) - C:\Windows\System32\InputSystemToastIcon.png
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\System32\Ipmi
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [346 Ko] - C:\Windows\System32\it-IT
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [262.34 Ko] - C:\Windows\System32\ja-jp
[MD5.23AC7515B6D8A794BCC01B582F044078] - |A| - [07/12/2019 11:08:05] - (. - .) - [0.82 Ko] - (0.0.0.0) - C:\Windows\System32\KeyboardSystemToastIcon.contrast-white.png
[MD5.3DF873E16CCEA9B42857FB5FA085CB00] - |A| - [07/12/2019 11:08:05] - (. - .) - [0.51 Ko] - (0.0.0.0) - C:\Windows\System32\KeyboardSystemToastIcon.png
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [10192.95 Ko] - C:\Windows\System32\Keywords
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [235 Ko] - C:\Windows\System32\ko-KR
[MD5.9451D4436E2EA67EB33FCC764E4AABED] - |A| - [07/12/2019 11:08:39] - (. - .) - [186.29 Ko] - (0.0.0.0) - C:\Windows\System32\LaptopPlugInToastImg.gif
[MD5.F0CC83E1BA7E24F9B3292160C28AECD7] - |A| - [07/12/2019 11:08:07] - (. - .) - [145.56 Ko] - (0.0.0.0) - C:\Windows\System32\LargeRoom.bin
[MD5.14BE6A1C21780D85AD3F1D09283C56DA] - |A| - [13/05/2021 18:09:29] - (. - .) - [1647.5 Ko] - (3.0.2.0) - C:\Windows\System32\libcrypto.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [625.17 Ko] - C:\Windows\System32\Licenses
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [29772.58 Ko] - C:\Windows\System32\LogFiles
[MD5.00000000000000000000000000000000] - |D| - [27/04/2021 18:29:02] - [128 Ko] - C:\Windows\System32\Logs
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [246.5 Ko] - C:\Windows\System32\lt-LT
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [247.5 Ko] - C:\Windows\System32\lv-LV
[MD5.00000000000000000000000000000000] - |D| - [27/04/2021 16:02:54] - [0.06 Ko] - C:\Windows\System32\lxss
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:52:05] - [32.68 Ko] - C:\Windows\System32\MailContactsCalendarSync
[MD5.65735234BE6F70E5BA10F12364B1041B] - |A| - [13/05/2021 18:09:11] - (. - .) - [1136.5 Ko] - (0.0.0.0) - C:\Windows\System32\MBR2GPT.EXE
[MD5.F23EB28468FC8B62AF941308EC30387F] - |A| - [07/12/2019 11:08:05] - (. - .) - [1.25 Ko] - (0.0.0.0) - C:\Windows\System32\MediaSystemToastIcon.contrast-white.png
[MD5.6E27512E38D598E0A60F8E5ADCF032CD] - |A| - [07/12/2019 11:08:05] - (. - .) - [0.83 Ko] - (0.0.0.0) - C:\Windows\System32\MediaSystemToastIcon.png
[MD5.69D04DE701CF1E8CE69C65D1671D2B3F] - |A| - [07/12/2019 11:08:07] - (. - .) - [107.46 Ko] - (0.0.0.0) - C:\Windows\System32\MediumRoom.bin
[MD5.00000000000000000000000000000000] - |SD| - [19/11/2020 00:28:49] - [3.25 Ko] - C:\Windows\System32\Microsoft
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5596.75 Ko] - C:\Windows\System32\migration
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [45343.36 Ko] - C:\Windows\System32\migwiz
[MD5.08749DCC252AE1148E3BEA32B3FFFBFC] - |A| - [07/12/2019 11:10:11] - (. - .) - [0.11 Ko] - (0.0.0.0) - C:\Windows\System32\MixedRealityRuntime.json
[MD5.C8BF077B236ED2803347BD95DE29BF68] - |A| - [07/12/2019 11:14:56] - (. - .) - [3.03 Ko] - (0.0.0.0) - C:\Windows\System32\mmc.exe.config
[MD5.B43E43FFFDD0F06A6925C7C89594042B] - |A| - [07/12/2019 11:08:05] - (. - .) - [1.35 Ko] - (0.0.0.0) - C:\Windows\System32\MouseSystemToastIcon.contrast-white.png
[MD5.5D2F0D3E50BF1129D260AC1405FF2A18] - |A| - [07/12/2019 11:08:05] - (. - .) - [1.06 Ko] - (0.0.0.0) - C:\Windows\System32\MouseSystemToastIcon.png
[MD5.00000000000000000000000000000000] - |D| - [27/04/2021 19:05:57] - [0 Ko] - C:\Windows\System32\MRT
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [45.5 Ko] - C:\Windows\System32\MSDRM
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [4148.28 Ko] - C:\Windows\System32\MsDtc
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [21.37 Ko] - C:\Windows\System32\MUI
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [45.64 Ko] - C:\Windows\System32\my-mm
[MD5.74FDEEAC0C0C0F62F4D0D484A36DA23A] - |A| - [07/12/2019 11:08:44] - (. - .) - [30.09 Ko] - (0.0.0.0) - C:\Windows\System32\NarratorControlTemplates.xml
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [314.5 Ko] - C:\Windows\System32\nb-NO
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\System32\NDF
[MD5.C146E873B22C3B300B21A859FE66C27A] - |A| - [07/12/2019 11:09:48] - (. - .) - [21.15 Ko] - (0.0.0.0) - C:\Windows\System32\NetTrace.PLA.Diagnostics.xml
[MD5.0E2D5DA1C7A1A97E46172AC33AD354EC] - |A| - [07/12/2019 11:09:48] - (. - .) - [70.5 Ko] - (0.0.0.0) - C:\Windows\System32\nettraceex.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [51 Ko] - C:\Windows\System32\networklist
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [338.5 Ko] - C:\Windows\System32\nl-NL
[MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [3781.5 Ko] - C:\Windows\System32\Nui
[MD5.83BC4671DF80ED4E24327FAFF975E865] - |A| - [23/05/2021 11:19:49] - (. - .) - [85.12 Ko] - (0.0.0.0) - C:\Windows\System32\nvinfo.pb
[MD5.0219FFEA7CF0602DCEDEB9C47AEA929A] - |A| - [23/05/2021 11:19:49] - (. - .) - [698.77 Ko] - (0.0.0.0) - C:\Windows\System32\nvofapi64.dll
[MD5.D55B689DF6269B40E170EAFBCC0C34C4] - |A| - [07/12/2019 16:53:03] - (. - .) - [20.42 Ko] - (0.0.0.0) - C:\Windows\System32\OEMDefaultAssociations.xml
[MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [07/12/2019 11:08:39] - (. - .) - [0.41 Ko] - (0.0.0.0) - C:\Windows\System32\OkDone_80.contrast-black.png
[MD5.BFE1CCA08FEFC8A3422F7DA615567D75] - |A| - [07/12/2019 11:08:39] - (. - .) - [0.43 Ko] - (0.0.0.0) - C:\Windows\System32\OkDone_80.contrast-white.png
[MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [07/12/2019 11:08:39] - (. - .) - [0.41 Ko] - (0.0.0.0) - C:\Windows\System32\OkDone_80.png
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [15046.86 Ko] - C:\Windows\System32\oobe
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:51:03] - [3625 Ko] - C:\Windows\System32\OpenSSH
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [3.81 Ko] - C:\Windows\System32\osa-Osge-001
[MD5.459FB33AA2114A28C5932FEAA115B072] - |A| - [07/12/2019 11:08:07] - (. - .) - [45.82 Ko] - (0.0.0.0) - C:\Windows\System32\OutdoorAudioEnvironment.bin
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1724.83 Ko] - C:\Windows\System32\PerceptionSimulation
[MD5.4E21E2C19F0FBBDF0601F2134ED5B825] - |A| - [07/12/2019 11:17:25] - (. - .) - [130.28 Ko] - (0.0.0.0) - C:\Windows\System32\perfc009.dat
[MD5.4598B569CE0AB658B84111F3E1F1DC78] - |A| - [07/12/2019 16:49:57] - (. - .) - [146.57 Ko] - (0.0.0.0) - C:\Windows\System32\perfc00C.dat
[MD5.1E60BC5E525063B96078DF17FBD3C4E1] - |A| - [07/12/2019 11:17:25] - (. - .) - [32.64 Ko] - (0.0.0.0) - C:\Windows\System32\perfd009.dat
[MD5.9F9AF8517189B0D61B2615007E071084] - |A| - [07/12/2019 16:49:57] - (. - .) - [39.74 Ko] - (0.0.0.0) - C:\Windows\System32\perfd00C.dat
[MD5.15E3EA233E86DF59C3436E9FA0DD5F5B] - |A| - [07/12/2019 11:17:25] - (. - .) - [685.12 Ko] - (0.0.0.0) - C:\Windows\System32\perfh009.dat
[MD5.E7D00111ED320F14AC2FE4D81F0C29DB] - |A| - [07/12/2019 16:49:57] - (. - .) - [773.36 Ko] - (0.0.0.0) - C:\Windows\System32\perfh00C.dat
[MD5.2AE1076D4541727722D17F0D10C8B470] - |A| - [27/04/2021 15:56:43] - (. - .) - [1730.07 Ko] - (0.0.0.0) - C:\Windows\System32\PerfStringBackup.INI
[MD5.79D34E3B62076D4C875C748F5BE71ECA] - |A| - [07/12/2019 11:08:05] - (. - .) - [2.21 Ko] - (0.0.0.0) - C:\Windows\System32\PhoneSystemToastIcon.contrast-white.png
[MD5.4D9495349D00D9AD907F227FF51F289F] - |A| - [07/12/2019 11:08:05] - (. - .) - [1.92 Ko] - (0.0.0.0) - C:\Windows\System32\PhoneSystemToastIcon.png
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [338.5 Ko] - C:\Windows\System32\pl-PL
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [456 Ko] - C:\Windows\System32\PointOfService
[MD5.7700A1F5ECACFB07A92C5960448AFAB8] - |A| - [07/12/2019 11:08:28] - (. - .) - [43 Ko] - (0.0.0.0) - C:\Windows\System32\pospaymentsworker.exe
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [420.74 Ko] - C:\Windows\System32\Printing_Admin_Scripts
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\System32\ProximityToast
[MD5.007893E8374C766471239EB291BA8C17] - |A| - [07/12/2019 11:08:19] - (. - .) - [4.05 Ko] - (0.0.0.0) - C:\Windows\System32\psmodulediscoveryprovider.mof
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [331.5 Ko] - C:\Windows\System32\pt-BR
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [335 Ko] - C:\Windows\System32\pt-PT
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [23.75 Ko] - C:\Windows\System32\ras
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\System32\RasToast
[MD5.1CCB256CE262988EEAB04CC5C337DF35] - |A| - [07/12/2019 11:09:45] - (. - .) - [2315 Ko] - (1.0.1908.26001) - C:\Windows\System32\rdpnano.dll
[MD5.42577ED1BA5199ADD53E1186EC4E28A4] - |A| - [27/04/2021 18:40:40] - (. - .) - [72.5 Ko] - (0.0.0.0) - C:\Windows\System32\rdsxvmaudio.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1.08 Ko] - C:\Windows\System32\Recovery
[MD5.826549DF7B1333179BA8CA939B12DAD3] - |A| - [07/12/2019 11:08:05] - (. - .) - [1.58 Ko] - (0.0.0.0) - C:\Windows\System32\RemoteSystemToastIcon.contrast-white.png
[MD5.B4DEEC96F9DF6961D5DE054F11BF9C2B] - |A| - [07/12/2019 11:08:05] - (. - .) - [1.1 Ko] - (0.0.0.0) - C:\Windows\System32\RemoteSystemToastIcon.png
[MD5.19B5EEEC29F044451D5E8E89B1BE6F5E] - |A| - [07/12/2019 11:09:33] - (. - .) - [110.5 Ko] - (0.0.0.0) - C:\Windows\System32\ResBParser.dll
[MD5.31924C8E78CDBD81DA7905E87B185387] - |A| - [07/12/2019 11:09:54] - (. - .) - [9.35 Ko] - (0.0.0.0) - C:\Windows\System32\ResPriHMImageList
[MD5.5504F7F27D0AB178346D643D444A612C] - |A| - [07/12/2019 11:09:54] - (. - .) - [8.98 Ko] - (0.0.0.0) - C:\Windows\System32\ResPriHMImageListLowCost
[MD5.85CF16AF388AE12AAE3E48A883C17A06] - |A| - [07/12/2019 11:09:54] - (. - .) - [8.77 Ko] - (0.0.0.0) - C:\Windows\System32\ResPriImageList
[MD5.1391FB4E005C208A35E77DF6F3F055E2] - |A| - [07/12/2019 11:09:54] - (. - .) - [8.49 Ko] - (0.0.0.0) - C:\Windows\System32\ResPriImageListLowCost
[MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [07/12/2019 11:08:39] - (. - .) - [0.74 Ko] - (0.0.0.0) - C:\Windows\System32\RestartNowPower_80.contrast-black.png
[MD5.DF286186041C6BF73C5DC21CEEEFFED5] - |A| - [07/12/2019 11:08:39] - (. - .) - [0.77 Ko] - (0.0.0.0) - C:\Windows\System32\RestartNowPower_80.contrast-white.png
[MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [07/12/2019 11:08:39] - (. - .) - [0.74 Ko] - (0.0.0.0) - C:\Windows\System32\RestartNowPower_80.png
[MD5.AE9FE55FED83149715734CB83339055A] - |A| - [07/12/2019 11:08:39] - (. - .) - [1.07 Ko] - (0.0.0.0) - C:\Windows\System32\RestartTonight_80.png
[MD5.AE9FE55FED83149715734CB83339055A] - |A| - [07/12/2019 11:08:39] - (. - .) - [1.07 Ko] - (0.0.0.0) - C:\Windows\System32\RestartTonight_80_contrast-black.png
[MD5.891AD355AB777A95695FC8A8A623A614] - |A| - [07/12/2019 11:08:39] - (. - .) - [0.98 Ko] - (0.0.0.0) - C:\Windows\System32\RestartTonight_80_contrast-white.png
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.07 Ko] - C:\Windows\System32\restore
[MD5.E6EEEF05B6B5825BD325FDBB33439382] - |A| - [13/05/2021 18:09:06] - (. - .) - [59.5 Ko] - (0.0.0.0) - C:\Windows\System32\runexehelper.exe
[MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [07/12/2019 11:10:32] - (. - .) - [10.18 Ko] - (0.0.0.0) - C:\Windows\System32\ScavengeSpace.xml
[MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [07/12/2019 11:08:39] - (. - .) - [0.53 Ko] - (0.0.0.0) - C:\Windows\System32\ScheduleTime_80.contrast-black.png
[MD5.E72B1B6800DE45AA9AE7E10F899E5999] - |A| - [07/12/2019 11:08:39] - (. - .) - [0.54 Ko] - (0.0.0.0) - C:\Windows\System32\ScheduleTime_80.contrast-white.png
[MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [07/12/2019 11:08:39] - (. - .) - [0.53 Ko] - (0.0.0.0) - C:\Windows\System32\ScheduleTime_80.png
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [4.85 Ko] - C:\Windows\System32\SecureBootUpdates
[MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |A| - [07/12/2019 11:08:41] - (. - .) - [8 Ko] - (0.0.0.0) - C:\Windows\System32\settings.dat
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [78.59 Ko] - C:\Windows\System32\Sgrm
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1839 Ko] - C:\Windows\System32\ShellExperiences
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [23.7 Ko] - C:\Windows\System32\si-lk
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [254.5 Ko] - C:\Windows\System32\sk-SK
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [251.5 Ko] - C:\Windows\System32\sl-SI
[MD5.00000000000000000000000000000000] - |D| - [19/11/2020 00:28:50] - [32852.68 Ko] - C:\Windows\System32\SleepStudy
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [52.14 Ko] - C:\Windows\System32\slmgr
[MD5.DAC275ABAAD2B689D7BB3685E4032072] - |A| - [07/12/2019 11:08:07] - (. - .) - [68.15 Ko] - (0.0.0.0) - C:\Windows\System32\SmallRoom.bin
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:03:44] - [13433.02 Ko] - C:\Windows\System32\SMI
[MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [07/12/2019 11:08:39] - (. - .) - [0.9 Ko] - (0.0.0.0) - C:\Windows\System32\Snooze_80.contrast-black.png
[MD5.E30B7D226E7B5B0EC2B9FC2316694ECC] - |A| - [07/12/2019 11:08:39] - (. - .) - [0.88 Ko] - (0.0.0.0) - C:\Windows\System32\Snooze_80.contrast-white.png
[MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [07/12/2019 11:08:39] - (. - .) - [0.9 Ko] - (0.0.0.0) - C:\Windows\System32\Snooze_80.png
[MD5.DE3EAAF17BC934C77C4FC0C626EEA03B] - |A| - [07/12/2019 11:08:05] - (. - .) - [1.48 Ko] - (0.0.0.0) - C:\Windows\System32\SpeakersSystemToastIcon.contrast-white.png
[MD5.3308374DB8D20CFDA4D4204E2B5E559E] - |A| - [07/12/2019 11:08:05] - (. - .) - [0.88 Ko] - (0.0.0.0) - C:\Windows\System32\SpeakersSystemToastIcon.png
[MD5.6DB032025BD266E5A3A52259F57F9247] - |A| - [07/12/2019 11:09:51] - (. - .) - [40 Ko] - (0.0.0.0) - C:\Windows\System32\SpectrumSyncClient.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [7701.8 Ko] - C:\Windows\System32\Speech
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [14217.8 Ko] - C:\Windows\System32\Speech_OneCore
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [45160.07 Ko] - C:\Windows\System32\spool
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [6218.44 Ko] - C:\Windows\System32\spp
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [23.6 Ko] - C:\Windows\System32\sppui
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [253.5 Ko] - C:\Windows\System32\sr-Latn-RS
[MD5.BA7D4E5FAE64BD0403C7F7E91CD93F77] - |A| - [07/12/2019 11:09:54] - (. - .) - [11.03 Ko] - (0.0.0.0) - C:\Windows\System32\srms-apr-v.dat
[MD5.DC9450258D80F46AEF8EF063A7C629B0] - |A| - [07/12/2019 11:09:54] - (. - .) - [19.03 Ko] - (0.0.0.0) - C:\Windows\System32\srms-apr.dat
[MD5.67894C70461ABD4EF6C116637EBB218A] - |A| - [07/12/2019 11:09:45] - (. - .) - [58.16 Ko] - (0.0.0.0) - C:\Windows\System32\srms.dat
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [28248 Ko] - C:\Windows\System32\sru
[MD5.862E9C75593E9BB1A90961975276F7FE] - |A| - [27/04/2021 18:40:37] - (. - .) - [444.5 Ko] - (0.0.0.0) - C:\Windows\System32\ssdm.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [320 Ko] - C:\Windows\System32\sv-SE
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1417.51 Ko] - C:\Windows\System32\Sysprep
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [938.28 Ko] - C:\Windows\System32\SystemResetPlatform
[MD5.91A578E2822436E185117C0A8CEEFE46] - |A| - [24/03/2020 10:11:22] - (.Copyright (c) 2013 - 2020 Advanced Micro Devices, Inc. - amdpsp sys.) - [423.52 Ko] - (4.13.0.0) - C:\Windows\System32\t-base_client_api.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [8.16 Ko] - C:\Windows\System32\ta-in
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [10.73 Ko] - C:\Windows\System32\ta-lk
[MD5.4D188B08E9274E1360062B22E88A2F3F] - |A| - [07/12/2019 11:09:34] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [52 Ko] - (3.3.2.0) - C:\Windows\System32\tar.exe
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [669.75 Ko] - C:\Windows\System32\Tasks
[MD5.A0140826A682DBE4CF3CDAA8EBD2729A] - |A| - [24/03/2020 10:11:22] - (.Copyright (c) 2013 - 2018 Advanced Micro Devices, Inc. - tbaseregistry dll.) - [471.02 Ko] - (4.6.1.1) - C:\Windows\System32\tbaseregistry64.dll
[MD5.D602CA245CC6774A0981B607F0675609] - |A| - [07/12/2019 11:09:05] - (. - .) - [58.71 Ko] - (0.0.0.0) - C:\Windows\System32\tcpmon.ini
[MD5.911465F081B49450A5E2671A3A7951D1] - |A| - [27/04/2021 18:41:22] - (. - .) - [2208 Ko] - (0.0.0.0) - C:\Windows\System32\TextInputMethodFormatter.dll
[MD5.74B20E14C597763501A603ED2DA2AD65] - |A| - [27/04/2021 18:41:21] - (. - .) - [690.45 Ko] - (0.0.0.0) - C:\Windows\System32\TextShaping.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [240 Ko] - C:\Windows\System32\th-TH
[MD5.CF7677327BE3C6395B9F3333CC0F1C15] - |A| - [27/04/2021 18:41:46] - (. - .) - [1.34 Ko] - (0.0.0.0) - C:\Windows\System32\ThirdPartyNoticesBySHS.txt
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5.97 Ko] - C:\Windows\System32\ti-et
[MD5.8F62B9FD83E2B04251560B55760F32E2] - |A| - [07/12/2019 11:08:13] - (. - .) - [266 Ko] - (0.0.0.0) - C:\Windows\System32\TpmTool.exe
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [308 Ko] - C:\Windows\System32\tr-TR
[MD5.B88B8D017386A00D7724519F475317A0] - |A| - [07/12/2019 11:08:13] - (. - .) - [10.33 Ko] - (0.0.0.0) - C:\Windows\System32\TransformPPSToWlan.xslt
[MD5.2F05390B798363D51EBE65D6320CD45E] - |A| - [07/12/2019 11:08:13] - (. - .) - [1.65 Ko] - (0.0.0.0) - C:\Windows\System32\TransformPPSToWlanCredentials.xslt
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [249 Ko] - C:\Windows\System32\uk-UA
[MD5.8CDD866E0707A71952FBA8BE899B7512] - |A| - [19/11/2020 04:49:26] - (. - .) - [63.04 Ko] - (0.0.0.0) - C:\Windows\System32\umpdc.dll
[MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [2196.59 Ko] - C:\Windows\System32\UNP
[MD5.8ADD5935D83D0A425C39E369520C4095] - |A| - [07/12/2019 11:08:37] - (. - .) - [48 Ko] - (0.0.0.0) - C:\Windows\System32\UsbPmApi.dll
[MD5.46A6DF60907700A148D42CCF1219522E] - |A| - [07/12/2019 11:08:39] - (. - .) - [38.5 Ko] - (0.0.0.0) - C:\Windows\System32\usocoreps.dll
[MD5.1E630731AFDFC63DEC4074301D342E4B] - |A| - [07/12/2019 11:08:09] - (. - .) - [36.5 Ko] - (0.0.0.0) - C:\Windows\System32\VhfUm.dll
[MD5.A10725A4632FFFEAE250E09ADA553F94] - |A| - [27/04/2021 18:43:32] - (. - .) - [93.5 Ko] - (0.0.0.0) - C:\Windows\System32\VirtualMonitorManager.dll
[MD5.AB69C66B14B76BDAD9F557BF07986197] - |A| - [23/05/2021 11:19:53] - (.Copyright (C) 2015-2020 - Vulkan Loader.) - [1069.2 Ko] - (1.2.162.0) - C:\Windows\System32\vulkan-1-999-0-0-0.dll
[MD5.AB69C66B14B76BDAD9F557BF07986197] - |A| - [23/05/2021 11:19:53] - (.Copyright (C) 2015-2020 - Vulkan Loader.) - [1069.2 Ko] - (1.2.162.0) - C:\Windows\System32\vulkan-1.dll
[MD5.2A6C0EFD50621C6D256F357E451820FE] - |A| - [23/05/2021 11:19:53] - (.Copyright (C) 2015-2020 - Vulkan Info.) - [1811.7 Ko] - (1.2.162.0) - C:\Windows\System32\vulkaninfo-1-999-0-0-0.exe
[MD5.2A6C0EFD50621C6D256F357E451820FE] - |A| - [23/05/2021 11:19:53] - (.Copyright (C) 2015-2020 - Vulkan Info.) - [1811.7 Ko] - (1.2.162.0) - C:\Windows\System32\vulkaninfo.exe
[MD5.FA4FE1506802961E49D31486A3A9AAFA] - |A| - [27/04/2021 16:30:59] - (.Copyright ÃÂ© 1998 - 2021 Wacom Co. Ltd. - Wacom Mutli-Touch API.) - [2323.55 Ko] - (1.0.1.2) - C:\Windows\System32\WacomMT.dll
[MD5.DA06922B8C7C2394E210D6D8D3D892F1] - |A| - [27/04/2021 16:30:59] - (.Copyright ÃÂ© 1998 - 2021 Wacom Co. Ltd. - WINTAB32.) - [2473.05 Ko] - (6.3.42.2) - C:\Windows\System32\Wacom_Tablet.dll
[MD5.4B49689BA4A02D8662652D8425E799F2] - |A| - [27/04/2021 16:30:59] - (.Copyright ÃÂ© 1998 - 2021 Wacom Co. Ltd. - WINTAB32.) - [2466.55 Ko] - (6.3.42.2) - C:\Windows\System32\Wacom_Touch_Tablet.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [83518.64 Ko] - C:\Windows\System32\wbem
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [0 Ko] - C:\Windows\System32\WCN
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [129379.06 Ko] - C:\Windows\System32\WDI
[MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [07/12/2019 11:08:46] - (. - .) - [0.6 Ko] - (0.0.0.0) - C:\Windows\System32\WdsUnattendTemplate.xml
[MD5.1D64ACF3675288CC086E6361EAC748C4] - |A| - [07/12/2019 11:08:52] - (. - .) - [144.51 Ko] - (0.0.0.0) - C:\Windows\System32\Win32AppSettingsProvider.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1.12 Ko] - C:\Windows\System32\WinBioDatabase
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [50263.29 Ko] - C:\Windows\System32\WinBioPlugIns
[MD5.0F3E3F74BDEE538D4A2E38C297EBEA9D] - |A| - [27/04/2021 18:41:24] - (. - .) - [628 Ko] - (0.0.0.0) - C:\Windows\System32\WindowManagementAPI.dll
[MD5.63CA1C622CC1F4B2520E61BB393C718A] - |A| - [28/04/2021 12:24:17] - (.Copyright Â© 2021 - Java(TM) Platform SE binary.) - [187.28 Ko] - (8.0.2910.10) - C:\Windows\System32\WindowsAccessBridge-64.dll
[MD5.E9CA21D71E952448B75C45B2467E4DE7] - |A| - [07/12/2019 11:08:27] - (. - .) - [123 Ko] - (0.0.0.0) - C:\Windows\System32\WindowsDefaultHeatProcessor.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [10576.1 Ko] - C:\Windows\System32\WindowsPowerShell
[MD5.28E98ED0B6B08B7F1D163FFD184B28AF] - |A| - [07/12/2019 11:08:41] - (. - .) - [0.74 Ko] - (0.0.0.0) - C:\Windows\System32\WindowsSecurityIcon.png
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [179212 Ko] - C:\Windows\System32\winevt
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [6278.84 Ko] - C:\Windows\System32\WinMetadata
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [107.56 Ko] - C:\Windows\System32\winrm
[MD5.B6427C95812EC0CDEFFA57F55325C323] - |A| - [27/04/2021 16:30:59] - (.Copyright ÃÂ© 1998 - 2021 Wacom Co. Ltd. - Wintab Coordinator.) - [2294.55 Ko] - (1.0.5.10) - C:\Windows\System32\Wintab32.dll
[MD5.F92C9F9F9FF08AE25A3CFA99329457B3] - |A| - [27/04/2010 16:57:18] - (.Â© 1999-2010 Logitech.  - Logitech Force Feedback Driver.) - [321.07 Ko] - (5.9.129.0) - C:\Windows\System32\WmJoyFrc.dll
[MD5.1B46E2E85D401A629966A8F62D9B0775] - |A| - [07/12/2019 11:08:12] - (. - .) - [9.91 Ko] - (0.0.0.0) - C:\Windows\System32\wpcatltoast.png
[MD5.C30C621748C66CE751B19B2788559A3E] - |A| - [07/12/2019 11:08:12] - (. - .) - [4.58 Ko] - (0.0.0.0) - C:\Windows\System32\wpcmon.png
[MD5.69FEC1494F4C454E994D27CA6750832B] - |A| - [07/12/2019 11:08:49] - (. - .) - [0.71 Ko] - (0.0.0.0) - C:\Windows\System32\wpr.config.xml
[MD5.C8A7EAA0B83E05DDD11F37A833F754AC] - |A| - [07/12/2019 11:08:21] - (. - .) - [83 Ko] - (0.0.0.0) - C:\Windows\System32\xboxgipsynthetic.dll
[MD5.F7B865265606C41B0E07779D3317E0A8] - |A| - [07/12/2019 11:08:39] - (. - .) - [0.61 Ko] - (0.0.0.0) - C:\Windows\System32\X_80.contrast-black.png
[MD5.6FF92221AF9D6CDF0966C4E44C367975] - |A| - [07/12/2019 11:08:39] - (. - .) - [0.57 Ko] - (0.0.0.0) - C:\Windows\System32\X_80.contrast-white.png
[MD5.F7B865265606C41B0E07779D3317E0A8] - |A| - [07/12/2019 11:08:39] - (. - .) - [0.61 Ko] - (0.0.0.0) - C:\Windows\System32\X_80.png
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [234.99 Ko] - C:\Windows\System32\zh-CN
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [204.5 Ko] - C:\Windows\System32\zh-TW
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [0 Ko] - C:\Windows\SysWOW64\0409
[MD5.D6F8DD9F561B8A67FFAC2BAD7E989770] - |A| - [07/12/2019 11:09:21] - (. - .) - [0.23 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@AppHelpToast.png
[MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [07/12/2019 11:09:21] - (. - .) - [0.3 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@AudioToastIcon.png
[MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [07/12/2019 11:09:26] - (. - .) - [0.32 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@EnrollmentToastIcon.png
[MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [07/12/2019 11:09:32] - (. - .) - [0.39 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@VpnToastIcon.png
[MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [07/12/2019 11:09:15] - (. - .) - [0.67 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@WirelessDisplayToast.png
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1864.83 Ko] - C:\Windows\SysWOW64\AdvancedInstallers
[MD5.E556115BD4E751178310F842E457CA22] - |A| - [27/04/2021 18:42:16] - (. - .) - [10.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\agentactivationruntimestarter.exe
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\AppLocker
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [97.5 Ko] - C:\Windows\SysWOW64\ar-SA
[MD5.DDE41441FE1A8A540354DA849E3FBC79] - |A| - [07/12/2019 11:09:57] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [519.5 Ko] - (3.3.2.0) - C:\Windows\SysWOW64\archiveint.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [58.5 Ko] - C:\Windows\SysWOW64\bg-BG
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.1 Ko] - C:\Windows\SysWOW64\Bthprops
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\catroot
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [316.5 Ko] - C:\Windows\SysWOW64\Com
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [3.01 Ko] - C:\Windows\SysWOW64\config
[MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [53.11 Ko] - C:\Windows\SysWOW64\Configuration
[MD5.6545DE4EF5217AA2FFC7FFD27725A971] - |A| - [27/04/2021 18:42:16] - (. - .) - [235 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\CoreMas.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [118.5 Ko] - C:\Windows\SysWOW64\cs-CZ
[MD5.4329254E74AD91D047E3CEDCC7C138C3] - |A| - [07/12/2019 11:09:57] - (.Â© 1996 - 2017 Daniel Stenberg, <daniel@haxx.se>. - The curl executable.) - [377.5 Ko] - (7.55.1.0) - C:\Windows\SysWOW64\curl.exe
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [119.5 Ko] - C:\Windows\SysWOW64\da-DK
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [131 Ko] - C:\Windows\SysWOW64\de-DE
[MD5.C1684AACAAD62889ACFCA988AA46562D] - |A| - [07/12/2019 11:09:15] - (. - .) - [28.83 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\DefaultAccountTile.png
[MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [188 Ko] - C:\Windows\SysWOW64\DiagSvcs
[MD5.00000000000000000000000000000000] - |D| - [28/04/2021 11:46:42] - [0 Ko] - C:\Windows\SysWOW64\directx
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [7592.54 Ko] - C:\Windows\SysWOW64\Dism
[MD5.7F9B18A31938D9F80C6210736D34922C] - |A| - [27/04/2021 16:03:50] - (. - .) - [63.36 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\FvSDK_x86.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:51:10] - [0 Ko] - C:\Windows\SysWOW64\FxsTmp
[MD5.B873A5ABCFBC42B1BAC9EBE8741C6162] - |A| - [07/12/2019 16:50:56] - (.Copyright (C) 2019 - Gracenote SDK component.) - [244 Ko] - (3.9.511.0) - C:\Windows\SysWOW64\gnsdk_fp.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicy
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicyUsers
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [93 Ko] - C:\Windows\SysWOW64\he-IL
[MD5.DF0C9C776F8367E213210FB256AC30EC] - |A| - [27/04/2021 18:42:27] - (. - .) - [230 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\HeatCore.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [55.5 Ko] - C:\Windows\SysWOW64\hr-HR
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [123 Ko] - C:\Windows\SysWOW64\hu-HU
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [36.27 Ko] - C:\Windows\SysWOW64\icsxml
[MD5.8DFBAF2E92AAC3D4D94EE60406230ED5] - |RA| - [07/12/2019 11:09:18] - (. Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html  - ICU Combined Library.) - [1820.5 Ko] - (64.2.0.0) - C:\Windows\SysWOW64\icu.dll
[MD5.FB475B41189AACF1C607C1E9DC0EBB0B] - |RA| - [07/12/2019 11:09:18] - (. Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html  - ICU I18N Forwarder DLL.) - [24 Ko] - (64.2.0.0) - C:\Windows\SysWOW64\icuin.dll
[MD5.B17445D0DF2C22C924899B5DF8E84475] - |RA| - [07/12/2019 11:09:18] - (. Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html  - ICU Common Forwarder DLL.) - [28.5 Ko] - (64.2.0.0) - C:\Windows\SysWOW64\icuuc.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [21642.16 Ko] - C:\Windows\SysWOW64\IME
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\inetsrv
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [215 Ko] - C:\Windows\SysWOW64\InputMethod
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1160 Ko] - C:\Windows\SysWOW64\InstallShield
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\Ipmi
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [125 Ko] - C:\Windows\SysWOW64\it-IT
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [89 Ko] - C:\Windows\SysWOW64\ja-JP
[MD5.21414FD81773E61D9B16A2F6AAF899C1] - |A| - [27/04/2021 16:14:54] - (. - .) - [0.16 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\log.txt
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\LogFiles
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [56.5 Ko] - C:\Windows\SysWOW64\lt-LT
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [56 Ko] - C:\Windows\SysWOW64\lv-LV
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:52:05] - [32.68 Ko] - C:\Windows\SysWOW64\MailContactsCalendarSync
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [2819.09 Ko] - C:\Windows\SysWOW64\migration
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [816.8 Ko] - C:\Windows\SysWOW64\migwiz
[MD5.08749DCC252AE1148E3BEA32B3FFFBFC] - |A| - [07/12/2019 11:10:14] - (. - .) - [0.11 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\MixedRealityRuntime.json
[MD5.C8BF077B236ED2803347BD95DE29BF68] - |A| - [07/12/2019 11:15:00] - (. - .) - [3.03 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\mmc.exe.config
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [45.5 Ko] - C:\Windows\SysWOW64\MSDRM
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [52.28 Ko] - C:\Windows\SysWOW64\Msdtc
[MD5.DF252F37880142ED5574C2BE4DADF5A7] - |A| - [28/04/2021 11:51:58] - (. - .) - [206 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\msvcrt10.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [21.37 Ko] - C:\Windows\SysWOW64\MUI
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [116 Ko] - C:\Windows\SysWOW64\nb-NO
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\NDF
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [51 Ko] - C:\Windows\SysWOW64\networklist
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [122 Ko] - C:\Windows\SysWOW64\nl-NL
[MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [3781.5 Ko] - C:\Windows\SysWOW64\Nui
[MD5.524C2E28C6BB3EC38B6ACAF016D85D80] - |A| - [23/05/2021 11:19:49] - (. - .) - [562.27 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\nvofapi.dll
[MD5.B3B9C8925432FDA674ACCA908FE3CFDE] - |A| - [07/12/2019 11:10:14] - (. - .) - [36.79 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\OneDrive.ico
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [761.33 Ko] - C:\Windows\SysWOW64\oobe
[MD5.00000000000000000000000000000000] - |D| - [27/04/2021 16:22:26] - [81876.35 Ko] - C:\Windows\SysWOW64\pack
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [79.5 Ko] - C:\Windows\SysWOW64\PerceptionSimulation
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [124 Ko] - C:\Windows\SysWOW64\pl-PL
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [420.74 Ko] - C:\Windows\SysWOW64\Printing_Admin_Scripts
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [121.5 Ko] - C:\Windows\SysWOW64\pt-BR
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [123 Ko] - C:\Windows\SysWOW64\pt-PT
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [23.75 Ko] - C:\Windows\SysWOW64\ras
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\RasToast
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.82 Ko] - C:\Windows\SysWOW64\Recovery
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\restore
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [57.5 Ko] - C:\Windows\SysWOW64\ro-RO
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [121.5 Ko] - C:\Windows\SysWOW64\ru-RU
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [57 Ko] - C:\Windows\SysWOW64\sk-SK
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [57 Ko] - C:\Windows\SysWOW64\sl-SI
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [52.14 Ko] - C:\Windows\SysWOW64\slmgr
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\SMI
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [4039.32 Ko] - C:\Windows\SysWOW64\Speech
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [8761.1 Ko] - C:\Windows\SysWOW64\Speech_OneCore
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1308.09 Ko] - C:\Windows\SysWOW64\spp
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [23.6 Ko] - C:\Windows\SysWOW64\sppui
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [56.5 Ko] - C:\Windows\SysWOW64\sr-Latn-RS
[MD5.BA7D4E5FAE64BD0403C7F7E91CD93F77] - |A| - [07/12/2019 11:10:05] - (. - .) - [11.03 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\srms-apr-v.dat
[MD5.DC9450258D80F46AEF8EF063A7C629B0] - |A| - [07/12/2019 11:10:05] - (. - .) - [19.03 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\srms-apr.dat
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\sru
[MD5.BDC53957962AFBEBE6A25EF941C261B3] - |A| - [27/04/2021 18:42:16] - (. - .) - [323 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ssdm.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [117 Ko] - C:\Windows\SysWOW64\sv-SE
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [0 Ko] - C:\Windows\SysWOW64\sysprep
[MD5.3044E62934C1CDD27CB085BD1B910A73] - |A| - [24/03/2020 10:11:20] - (.Copyright (c) 2013 - 2020 Advanced Micro Devices, Inc. - amdpsp sys.) - [339.02 Ko] - (4.13.0.0) - C:\Windows\SysWOW64\t-base_client_api.dll
[MD5.4B26D4CD5CD5F7B074E31793979F17C5] - |A| - [07/12/2019 11:09:57] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [42.5 Ko] - (3.3.2.0) - C:\Windows\SysWOW64\tar.exe
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\Tasks
[MD5.B1D4864D3AAC15E212A50E462A7FDE51] - |A| - [24/03/2020 10:11:22] - (.Copyright (c) 2013 - 2018 Advanced Micro Devices, Inc. - tbaseregistry dll.) - [375.02 Ko] - (4.6.1.1) - C:\Windows\SysWOW64\tbaseregistry32.dll
[MD5.5C678F08A307A26636D2A00E49E76FF3] - |A| - [27/04/2021 18:42:28] - (. - .) - [1302.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\TextInputMethodFormatter.dll
[MD5.9CEDDB7AB658F4AC4C4F1757098278C3] - |A| - [27/04/2021 18:42:27] - (. - .) - [597.61 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\TextShaping.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [50.5 Ko] - C:\Windows\SysWOW64\th-TH
[MD5.321E99EF65F37E5F7DFC40D1E95684F5] - |A| - [07/12/2019 11:09:13] - (. - .) - [218.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\TpmTool.exe
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [115 Ko] - C:\Windows\SysWOW64\tr-TR
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [57 Ko] - C:\Windows\SysWOW64\uk-UA
[MD5.7E0273A51BDD51DFB58F905C8F501061] - |A| - [19/11/2020 04:50:27] - (. - .) - [46.36 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\umpdc.dll
[MD5.29D23AA2128DCF5D71C9324DB055D16B] - |A| - [23/05/2021 11:19:53] - (.Copyright (C) 2015-2020 - Vulkan Loader.) - [926.73 Ko] - (1.2.162.0) - C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
[MD5.29D23AA2128DCF5D71C9324DB055D16B] - |A| - [23/05/2021 11:19:53] - (.Copyright (C) 2015-2020 - Vulkan Loader.) - [926.73 Ko] - (1.2.162.0) - C:\Windows\SysWOW64\vulkan-1.dll
[MD5.4F88CF5CD143B4307E4C7FF76764893F] - |A| - [23/05/2021 11:19:53] - (.Copyright (C) 2015-2020 - Vulkan Info.) - [1402.23 Ko] - (1.2.162.0) - C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
[MD5.4F88CF5CD143B4307E4C7FF76764893F] - |A| - [23/05/2021 11:19:53] - (.Copyright (C) 2015-2020 - Vulkan Info.) - [1402.23 Ko] - (1.2.162.0) - C:\Windows\SysWOW64\vulkaninfo.exe
[MD5.6BE595BB086B466427BC160CCB1BEBE3] - |A| - [27/04/2021 16:30:59] - (.Copyright ÃÂ© 1998 - 2021 Wacom Co. Ltd. - Wacom Mutli-Touch API.) - [1882.55 Ko] - (1.0.1.2) - C:\Windows\SysWOW64\WacomMT.dll
[MD5.A43579B41FEBAD452E749A5952220FA3] - |A| - [27/04/2021 16:30:59] - (.Copyright ÃÂ© 1998 - 2021 Wacom Co. Ltd. - WINTAB32.) - [2033.05 Ko] - (6.3.42.2) - C:\Windows\SysWOW64\Wacom_Tablet.dll
[MD5.17B53E7FB40433A9DDBBE5D21959B040] - |A| - [27/04/2021 16:30:59] - (.Copyright ÃÂ© 1998 - 2021 Wacom Co. Ltd. - WINTAB32.) - [2026.05 Ko] - (6.3.42.2) - C:\Windows\SysWOW64\Wacom_Touch_Tablet.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [15757.56 Ko] - C:\Windows\SysWOW64\wbem
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [0 Ko] - C:\Windows\SysWOW64\WCN
[MD5.7C4123BBFCDFB64C4FFE4872AB8B341E] - |A| - [27/04/2021 18:42:31] - (. - .) - [445 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\WindowManagementAPI.dll
[MD5.BEDEDB102316C696D36F0D4331E1C2AE] - |A| - [07/12/2019 11:09:17] - (. - .) - [104.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\WindowsDefaultHeatProcessor.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [9338.44 Ko] - C:\Windows\SysWOW64\WindowsPowerShell
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [6278.98 Ko] - C:\Windows\SysWOW64\WinMetadata
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [107.56 Ko] - C:\Windows\SysWOW64\winrm
[MD5.9047A029ABBB39E5393E53E13DFC26BA] - |A| - [27/04/2021 16:30:59] - (.Copyright ÃÂ© 1998 - 2021 Wacom Co. Ltd. - Wintab Coordinator.) - [1850.55 Ko] - (1.0.5.10) - C:\Windows\SysWOW64\Wintab32.dll
[MD5.B5CD782B6F7F477C615464E900B16909] - |A| - [27/04/2010 14:02:12] - (.Â© 1999-2010 Logitech.  - Logitech Force Feedback Driver.) - [249.57 Ko] - (5.9.129.0) - C:\Windows\SysWOW64\WmJoyF32.dll
[MD5.7A015A6F199516A06C5AFB56FEE7AC51] - |A| - [07/12/2019 11:09:17] - (. - .) - [59 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\xboxgipsynthetic.dll
[MD5.00000000000000000000000000000000] - |D| - [30/04/2021 13:14:00] - [10.16 Ko] - C:\Windows\SysWOW64\XPSViewer
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [82 Ko] - C:\Windows\SysWOW64\zh-CN
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [82 Ko] - C:\Windows\SysWOW64\zh-TW

---------- | [alex-]

[27/04/2021 16:32:13] - |D| - [10] - C:\Users\alex-\.android
[22/05/2021 15:57:33] - |D| - [223] - C:\Users\alex-\.mputils
[27/04/2021 15:58:08] - |RD| - [298] - C:\Users\alex-\3D Objects
[06/05/2021 02:02:56] - |D| - [0] - C:\Users\alex-\ansel
[27/04/2021 15:54:52] - |HD| - [13549553514] - C:\Users\alex-\AppData
[27/04/2021 15:54:52] - |SHD| - [0] - C:\Users\alex-\Application Data
[27/04/2021 15:58:08] - |RD| - [412] - C:\Users\alex-\Contacts
[27/04/2021 15:54:52] - |SHD| - [0] - C:\Users\alex-\Cookies
[20/05/2021 21:41:18] - |D| - [0] - C:\Users\alex-\curseforge
[27/04/2021 15:54:52] - |RD| - [4974389111] - C:\Users\alex-\Desktop
[27/04/2021 15:54:52] - |RD| - [718279824] - C:\Users\alex-\Documents
[27/04/2021 15:54:52] - |RD| - [687313690] - C:\Users\alex-\Downloads
[27/04/2021 15:54:52] - |RD| - [690] - C:\Users\alex-\Favorites
[27/04/2021 15:54:52] - |RD| - [1953] - C:\Users\alex-\Links
[27/04/2021 15:54:52] - |SHD| - [0] - C:\Users\alex-\Local Settings
[27/04/2021 15:54:52] - |SHD| - [0] - C:\Users\alex-\Menu DÃ©marrer
[27/04/2021 15:54:52] - |SHD| - [0] - C:\Users\alex-\Mes documents
[27/04/2021 15:54:52] - |SHD| - [0] - C:\Users\alex-\ModÃ¨les
[27/04/2021 15:54:52] - |RD| - [504] - C:\Users\alex-\Music
[27/04/2021 15:54:52] - |AH| - [2097152] - C:\Users\alex-\NTUSER.DAT
[27/04/2021 15:54:52] - |ASH| - [524288] - C:\Users\alex-\ntuser.dat.LOG1
[27/04/2021 15:54:52] - |ASH| - [679936] - C:\Users\alex-\ntuser.dat.LOG2
[27/04/2021 15:54:52] - |ASH| - [65536] - C:\Users\alex-\NTUSER.DAT{53b39e88-18c4-11ea-a811-000d3aa4692b}.TM.blf
[27/04/2021 15:54:52] - |ASH| - [524288] - C:\Users\alex-\NTUSER.DAT{53b39e88-18c4-11ea-a811-000d3aa4692b}.TMContainer00000000000000000001.regtrans-ms
[27/04/2021 15:54:52] - |ASH| - [524288] - C:\Users\alex-\NTUSER.DAT{53b39e88-18c4-11ea-a811-000d3aa4692b}.TMContainer00000000000000000002.regtrans-ms
[27/04/2021 15:54:52] - |SH| - [20] - C:\Users\alex-\ntuser.ini
[27/04/2021 15:59:37] - |RAD| - [184] - C:\Users\alex-\OneDrive
[27/04/2021 15:54:52] - |RD| - [165855] - C:\Users\alex-\Pictures
[27/04/2021 15:54:52] - |SHD| - [0] - C:\Users\alex-\Recent
[27/04/2021 15:54:52] - |RD| - [282] - C:\Users\alex-\Saved Games
[27/04/2021 15:58:08] - |RD| - [1879] - C:\Users\alex-\Searches
[27/04/2021 15:54:52] - |SHD| - [0] - C:\Users\alex-\SendTo
[27/04/2021 15:54:52] - |RD| - [694] - C:\Users\alex-\Videos
[27/04/2021 15:54:52] - |SHD| - [0] - C:\Users\alex-\Voisinage d'impression
[27/04/2021 15:54:52] - |SHD| - [0] - C:\Users\alex-\Voisinage rÃ©seau
[27/04/2021 15:54:52] - |D| - [10952656557] - C:\Users\alex-\AppData\Local
[27/04/2021 15:54:52] - |D| - [117044880] - C:\Users\alex-\AppData\LocalLow
[27/04/2021 15:54:52] - |D| - [2479852077] - C:\Users\alex-\AppData\Roaming
[13/05/2021 21:45:14] - |D| - [518] - C:\Users\alex-\AppData\Local\Adobe
[27/04/2021 16:10:43] - |D| - [21086] - C:\Users\alex-\AppData\Local\AMD_Common
[27/04/2021 15:54:52] - |SHD| - [0] - C:\Users\alex-\AppData\Local\Application Data
[27/04/2021 16:41:48] - |D| - [243244376] - C:\Users\alex-\AppData\Local\badpanda-react-updater
[20/05/2021 16:02:26] - |D| - [217044] - C:\Users\alex-\AppData\Local\BarnFinders
[27/04/2021 22:05:37] - |D| - [1] - C:\Users\alex-\AppData\Local\BattlEye
[27/04/2021 16:11:03] - |D| - [121287] - C:\Users\alex-\AppData\Local\cache
[27/04/2021 16:30:54] - |D| - [3623499] - C:\Users\alex-\AppData\Local\CEF
[27/04/2021 16:01:48] - |D| - [21788163] - C:\Users\alex-\AppData\Local\Comms
[27/04/2021 15:58:07] - |D| - [6111518] - C:\Users\alex-\AppData\Local\ConnectedDevicesPlatform
[27/04/2021 17:12:54] - |D| - [708022377] - C:\Users\alex-\AppData\Local\CrashDumps
[27/04/2021 16:09:16] - |D| - [532480] - C:\Users\alex-\AppData\Local\D3DSCache
[27/04/2021 17:37:27] - |D| - [0] - C:\Users\alex-\AppData\Local\DBG
[27/04/2021 16:24:27] - |D| - [336695728] - C:\Users\alex-\AppData\Local\Discord
[08/05/2021 22:01:43] - |D| - [0] - C:\Users\alex-\AppData\Local\e2eSoft
[15/05/2021 17:34:04] - |D| - [278051] - C:\Users\alex-\AppData\Local\ElevatedDiagnostics
[16/05/2021 15:36:13] - |D| - [17626551] - C:\Users\alex-\AppData\Local\Epic Games
[16/05/2021 15:01:53] - |D| - [55594576] - C:\Users\alex-\AppData\Local\EpicGamesLauncher
[01/05/2021 19:38:37] - |D| - [3011664] - C:\Users\alex-\AppData\Local\FluxSoftware
[27/04/2021 16:04:38] - |D| - [1134898771] - C:\Users\alex-\AppData\Local\Google
[27/04/2021 15:54:52] - |SHD| - [0] - C:\Users\alex-\AppData\Local\Historique
[30/04/2021 00:45:47] - |AH| - [93074] - C:\Users\alex-\AppData\Local\IconCache.db
[01/05/2021 01:34:38] - |D| - [0] - C:\Users\alex-\AppData\Local\INetHistory
[09/05/2021 21:39:53] - |D| - [2310] - C:\Users\alex-\AppData\Local\Logitech
[30/04/2021 22:31:34] - |D| - [15791611] - C:\Users\alex-\AppData\Local\Mega Limited
[30/04/2021 22:31:28] - |D| - [80340016] - C:\Users\alex-\AppData\Local\MEGAsync
[27/04/2021 15:54:52] - |D| - [234546728] - C:\Users\alex-\AppData\Local\Microsoft
[29/04/2021 13:20:22] - |D| - [1097484084] - C:\Users\alex-\AppData\Local\Mozilla
[29/04/2021 22:12:38] - |D| - [38492] - C:\Users\alex-\AppData\Local\NVIDIA
[30/04/2021 00:25:05] - |D| - [1116728] - C:\Users\alex-\AppData\Local\NVIDIA Corporation
[27/04/2021 16:33:37] - |D| - [23020] - C:\Users\alex-\AppData\Local\OneDrive
[20/05/2021 21:38:17] - |D| - [120324201] - C:\Users\alex-\AppData\Local\Overwolf
[27/04/2021 15:58:07] - |D| - [6116502763] - C:\Users\alex-\AppData\Local\Packages
[27/04/2021 16:14:53] - |D| - [0] - C:\Users\alex-\AppData\Local\PackageStaging
[27/04/2021 16:00:17] - |D| - [302627] - C:\Users\alex-\AppData\Local\PlaceholderTileLogoFolder
[27/04/2021 16:38:34] - |D| - [0] - C:\Users\alex-\AppData\Local\Programs
[27/04/2021 15:58:15] - |D| - [2517577] - C:\Users\alex-\AppData\Local\Publishers
[27/04/2021 16:10:36] - |D| - [127344] - C:\Users\alex-\AppData\Local\RadeonInstaller
[05/05/2021 17:33:13] - |D| - [162590] - C:\Users\alex-\AppData\Local\Rocket League
[30/04/2021 13:02:55] - |D| - [507447] - C:\Users\alex-\AppData\Local\Rockstar Games
[27/04/2021 22:05:49] - |D| - [0] - C:\Users\alex-\AppData\Local\SCE
[27/04/2021 16:11:03] - |D| - [442660] - C:\Users\alex-\AppData\Local\setup
[29/04/2021 01:16:50] - |D| - [940] - C:\Users\alex-\AppData\Local\speech
[27/04/2021 16:24:27] - |D| - [6275] - C:\Users\alex-\AppData\Local\SquirrelTemp
[27/04/2021 16:30:53] - |D| - [115192322] - C:\Users\alex-\AppData\Local\Steam
[29/04/2021 23:03:50] - |D| - [552571379] - C:\Users\alex-\AppData\Local\T2GP Launcher
[27/04/2021 15:54:52] - |D| - [82774625] - C:\Users\alex-\AppData\Local\Temp
[27/04/2021 15:54:52] - |SHD| - [0] - C:\Users\alex-\AppData\Local\Temporary Internet Files
[16/05/2021 15:01:53] - |D| - [54] - C:\Users\alex-\AppData\Local\UnrealEngine
[16/05/2021 15:01:55] - |D| - [0] - C:\Users\alex-\AppData\Local\UnrealEngineLauncher
[27/04/2021 15:58:07] - |D| - [0] - C:\Users\alex-\AppData\Local\VirtualStore
[06/05/2021 02:02:53] - |D| - [0] - C:\Users\alex-\AppData\Local\WarThunder
[13/05/2021 21:45:58] - |D| - [0] - C:\Users\alex-\AppData\LocalLow\Adobe
[20/05/2021 03:37:01] - |D| - [103921] - C:\Users\alex-\AppData\LocalLow\BeardedBrothersGames
[29/04/2021 23:13:54] - |D| - [749747] - C:\Users\alex-\AppData\LocalLow\LaRuina
[27/04/2021 15:58:08] - |SD| - [449880] - C:\Users\alex-\AppData\LocalLow\Microsoft
[29/04/2021 13:20:23] - |D| - [0] - C:\Users\alex-\AppData\LocalLow\Mozilla
[30/04/2021 22:14:52] - |D| - [16485] - C:\Users\alex-\AppData\LocalLow\Noble Empire
[28/04/2021 12:23:59] - |D| - [18683] - C:\Users\alex-\AppData\LocalLow\Sun
[20/05/2021 03:10:28] - |D| - [525944] - C:\Users\alex-\AppData\LocalLow\Team 17 Digital ltd_
[30/04/2021 22:14:55] - |D| - [115180220] - C:\Users\alex-\AppData\LocalLow\Unity
[18/05/2021 00:01:05] - |D| - [651740851] - C:\Users\alex-\AppData\Roaming\.minecraft
[27/04/2021 15:58:08] - |D| - [216] - C:\Users\alex-\AppData\Roaming\Adobe
[13/05/2021 21:47:21] - |A| - [132] - C:\Users\alex-\AppData\Roaming\Adobe PNG Format CS5 Prefs
[27/04/2021 16:13:45] - |D| - [319791714] - C:\Users\alex-\AppData\Roaming\AMD
[10/05/2021 01:24:48] - |D| - [0] - C:\Users\alex-\AppData\Roaming\Apple Computer
[27/04/2021 16:39:30] - |D| - [39343490] - C:\Users\alex-\AppData\Roaming\bakkesmod
[09/05/2021 00:07:07] - |D| - [5338] - C:\Users\alex-\AppData\Roaming\CoolerMaster
[09/05/2021 00:06:22] - |D| - [2141524] - C:\Users\alex-\AppData\Roaming\CoolerMaster Portal
[27/04/2021 16:24:33] - |D| - [414283595] - C:\Users\alex-\AppData\Roaming\discord
[01/05/2021 18:06:10] - |D| - [0] - C:\Users\alex-\AppData\Roaming\DMCache
[20/05/2021 21:41:36] - |D| - [0] - C:\Users\alex-\AppData\Roaming\Downloads
[30/04/2021 13:12:42] - |D| - [3125] - C:\Users\alex-\AppData\Roaming\DS4Windows
[01/05/2021 23:31:46] - |D| - [0] - C:\Users\alex-\AppData\Roaming\Easeware
[06/05/2021 02:02:39] - |D| - [4931692] - C:\Users\alex-\AppData\Roaming\EasyAntiCheat
[29/04/2021 23:09:55] - |D| - [2806] - C:\Users\alex-\AppData\Roaming\FiraxisLive
[20/05/2021 16:02:26] - |D| - [37] - C:\Users\alex-\AppData\Roaming\Goldberg SteamEmu Saves
[01/05/2021 18:06:10] - |D| - [10794] - C:\Users\alex-\AppData\Roaming\IDM
[20/05/2021 21:41:36] - |D| - [565383036] - C:\Users\alex-\AppData\Roaming\Install
[20/05/2021 21:41:36] - |D| - [328479613] - C:\Users\alex-\AppData\Roaming\Instances
[09/05/2021 21:38:03] - |D| - [3625] - C:\Users\alex-\AppData\Roaming\Logishrd
[09/05/2021 21:38:03] - |D| - [0] - C:\Users\alex-\AppData\Roaming\Logitech
[27/04/2021 15:54:52] - |SD| - [1690159] - C:\Users\alex-\AppData\Roaming\Microsoft
[29/04/2021 13:20:23] - |D| - [51750070] - C:\Users\alex-\AppData\Roaming\Mozilla
[08/05/2021 22:02:04] - |D| - [0] - C:\Users\alex-\AppData\Roaming\NVIDIA
[11/05/2021 00:10:53] - |D| - [82369323] - C:\Users\alex-\AppData\Roaming\obs-studio
[28/04/2021 12:24:21] - |D| - [0] - C:\Users\alex-\AppData\Roaming\Sun
[29/04/2021 23:03:50] - |D| - [16920606] - C:\Users\alex-\AppData\Roaming\T2GP Launcher
[20/05/2021 21:37:35] - |D| - [0] - C:\Users\alex-\AppData\Roaming\twitch-desktop-electron-platform
[29/04/2021 13:25:07] - |D| - [101825] - C:\Users\alex-\AppData\Roaming\vlc
[25/05/2021 22:08:55] - |D| - [2142] - C:\Users\alex-\AppData\Roaming\Wargaming.net
[10/05/2021 01:23:16] - |D| - [2268] - C:\Users\alex-\AppData\Roaming\WindSolutions
[27/04/2021 16:38:23] - |D| - [12] - C:\Users\alex-\AppData\Roaming\WinRAR
[13/05/2021 21:46:01] - |D| - [0] - C:\Users\alex-\AppData\Roaming\WPersistent
[27/04/2021 16:32:09] - |D| - [894084] - C:\Users\alex-\AppData\Roaming\WTablet
[27/04/2021 15:58:08] - |SH| - [174] - C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
[27/04/2021 15:54:52] - |SHD| - [0] - C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
[27/04/2021 15:54:52] - |RD| - [43034] - C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
[27/04/2021 15:54:52] - |RD| - [3888] - C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[27/04/2021 15:54:52] - |RD| - [1678] - C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[27/04/2021 15:58:08] - |RD| - [174] - C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[27/04/2021 15:54:52] - |SH| - [264] - C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
[27/04/2021 16:24:33] - |D| - [2245] - C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
[01/05/2021 19:38:39] - |A| - [2160] - C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
[27/04/2021 15:54:52] - |D| - [170] - C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[30/04/2021 22:31:30] - |D| - [4571] - C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
[20/05/2021 21:39:48] - |D| - [3406] - C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
[30/04/2021 13:02:52] - |D| - [616] - C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[27/04/2021 15:58:08] - |RD| - [2350] - C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[27/04/2021 16:35:16] - |D| - [1440] - C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[27/04/2021 15:54:52] - |RD| - [4913] - C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[20/05/2021 21:37:29] - |A| - [1109] - C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch.lnk
[25/05/2021 22:08:50] - |D| - [4395] - C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
[27/04/2021 15:54:52] - |D| - [5078] - C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
[27/04/2021 16:38:03] - |D| - [4577] - C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[27/04/2021 15:58:08] - |SH| - [174] - C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
[30/04/2021 22:31:58] - |A| - [1113] - C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk
[20/05/2021 21:37:29] - |A| - [1063] - C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk

---------- | [Public]

[19/11/2020 01:32:39] - |RHD| - [82507] - C:\Users\Public\AccountPictures
[07/12/2019 11:14:52] - |RHD| - [174] - C:\Users\Public\Desktop
[07/12/2019 11:14:54] - |ASH| - [174] - C:\Users\Public\desktop.ini
[07/12/2019 11:14:52] - |RD| - [46116] - C:\Users\Public\Documents
[07/12/2019 11:14:52] - |RD| - [174] - C:\Users\Public\Downloads
[07/12/2019 11:14:52] - |RHD| - [1174] - C:\Users\Public\Libraries
[07/12/2019 11:14:52] - |RD| - [380] - C:\Users\Public\Music
[07/12/2019 11:14:52] - |RD| - [380] - C:\Users\Public\Pictures
[07/12/2019 11:14:52] - |RD| - [380] - C:\Users\Public\Videos

---------- | C:\ProgramData

[13/05/2021 21:45:16] - |D| - [7724] - C:\ProgramData\Adobe
[27/04/2021 16:10:36] - |D| - [1019] - C:\ProgramData\AMD
[28/04/2021 12:36:11] - |D| - [0] - C:\ProgramData\AMD AutoUpdate
[08/05/2021 22:01:38] - |D| - [120911382] - C:\ProgramData\Apple
[27/04/2021 15:50:31] - |SHD| - [0] - C:\ProgramData\Application Data
[27/04/2021 15:50:31] - |SHD| - [0] - C:\ProgramData\Bureau
[27/04/2021 15:50:31] - |SHD| - [0] - C:\ProgramData\Documents
[27/04/2021 16:06:05] - |D| - [2270172] - C:\ProgramData\DriversCloud.com
[16/05/2021 15:01:30] - |D| - [101969404] - C:\ProgramData\Epic
[01/05/2021 18:06:10] - |D| - [0] - C:\ProgramData\IDM
[27/04/2021 15:50:31] - |SHD| - [0] - C:\ProgramData\Menu DÃ©marrer
[07/12/2019 11:14:52] - |SD| - [693348137] - C:\ProgramData\Microsoft
[19/11/2020 01:33:49] - |D| - [25] - C:\ProgramData\Microsoft OneDrive
[27/04/2021 15:50:31] - |SHD| - [0] - C:\ProgramData\ModÃ¨les
[29/04/2021 13:20:20] - |D| - [16207] - C:\ProgramData\Mozilla
[29/04/2021 18:46:53] - |D| - [424830] - C:\ProgramData\NVIDIA
[29/04/2021 18:46:45] - |D| - [1052122026] - C:\ProgramData\NVIDIA Corporation
[11/05/2021 00:10:51] - |D| - [422402] - C:\ProgramData\obs-studio-hook
[28/04/2021 12:24:05] - |D| - [82551976] - C:\ProgramData\Oracle
[20/05/2021 21:39:41] - |D| - [321766936] - C:\ProgramData\Overwolf
[27/04/2021 16:03:33] - |D| - [56796471] - C:\ProgramData\Package Cache
[19/11/2020 01:32:42] - |D| - [106496] - C:\ProgramData\Packages
[13/05/2021 21:45:51] - |D| - [1717] - C:\ProgramData\regid.1986-12.com.adobe
[07/12/2019 11:14:52] - |D| - [999] - C:\ProgramData\regid.1991-06.com.microsoft
[30/04/2021 13:02:50] - |D| - [128523] - C:\ProgramData\Rockstar Games
[07/12/2019 11:14:52] - |D| - [0] - C:\ProgramData\SoftwareDistribution
[19/11/2020 04:55:01] - |D| - [0] - C:\ProgramData\ssh
[09/05/2021 18:46:40] - |D| - [63572549] - C:\ProgramData\TruckersMP
[20/05/2021 21:37:37] - |D| - [4199232] - C:\ProgramData\Twitch
[07/12/2019 11:14:52] - |D| - [8130560] - C:\ProgramData\USOPrivate
[07/12/2019 11:14:52] - |D| - [8433664] - C:\ProgramData\USOShared
[25/05/2021 22:07:56] - |D| - [310444446] - C:\ProgramData\Wargaming.net
[06/05/2021 02:02:53] - |D| - [0] - C:\ProgramData\WarThunder
[07/12/2019 16:53:03] - |D| - [0] - C:\ProgramData\WindowsHolographicDevices
[10/05/2021 01:20:11] - |D| - [12813] - C:\ProgramData\WindSolutions

---------- | C:\ProgramData\Microsoft\Windows\Start Menu

[07/12/2019 11:14:54] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini
[27/04/2021 15:50:31] - |SHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes
[07/12/2019 11:14:52] - |RD| - [104443] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs

---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs

[07/12/2019 11:14:52] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
[07/12/2019 11:14:52] - |RD| - [14467] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
[07/12/2019 11:14:52] - |RD| - [22956] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[28/04/2021 12:36:12] - |D| - [2182] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD
[27/04/2021 16:39:15] - |A| - [877] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BakkesMod.lnk
[20/05/2021 03:35:59] - |D| - [1872] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Biker Garage Mechanic Simulator Customization
[09/05/2021 22:48:39] - |D| - [963] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[09/05/2021 00:06:21] - |D| - [7566] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cooler Master
[07/12/2019 11:14:54] - |ASH| - [400] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
[27/04/2021 16:06:05] - |D| - [2922] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com
[16/05/2021 15:01:36] - |A| - [1270] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
[29/04/2021 13:20:21] - |A| - [1005] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
[27/04/2021 16:05:06] - |A| - [2245] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoogleÂ Chrome.lnk
[07/12/2019 11:10:31] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk
[28/04/2021 12:24:17] - |D| - [6752] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[09/05/2021 21:38:21] - |D| - [2679] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[07/12/2019 11:14:52] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
[19/11/2020 01:31:27] - |A| - [2442] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
[18/05/2021 00:00:34] - |D| - [1207] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Launcher
[29/04/2021 18:47:18] - |D| - [1465] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[11/05/2021 00:05:44] - |D| - [2134] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
[11/05/2021 00:17:42] - |D| - [791] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\obs-ios-camera-source
[29/04/2021 14:20:07] - |D| - [935] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
[07/12/2019 11:14:52] - |RD| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
[27/04/2021 16:29:49] - |D| - [1112] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[07/12/2019 11:14:52] - |RD| - [1458] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
[27/04/2021 16:31:12] - |RD| - [4262] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablette Wacom
[09/05/2021 18:46:36] - |D| - [948] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TruckersMP Launcher
[13/05/2021 12:37:32] - |D| - [1166] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrucksBook Client
[29/04/2021 13:25:01] - |D| - [5850] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[27/04/2021 17:37:24] - |D| - [905] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
[07/12/2019 16:52:28] - |RD| - [2800] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
[27/04/2021 16:38:04] - |D| - [4505] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

[07/12/2019 11:14:54] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

---------- | C:\Program Files (x86)

[27/04/2021 16:14:03] - |D| - [117535483] - C:\Program Files (x86)\AMD
[11/05/2021 00:16:52] - |D| - [631713] - C:\Program Files (x86)\Bonjour
[07/12/2019 11:14:52] - |D| - [227141322] - C:\Program Files (x86)\Common Files
[09/05/2021 00:06:20] - |D| - [123690077] - C:\Program Files (x86)\Cooler Master
[07/12/2019 11:14:54] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini
[06/05/2021 02:02:38] - |D| - [3201088] - C:\Program Files (x86)\EasyAntiCheat
[16/05/2021 15:01:30] - |D| - [982456273] - C:\Program Files (x86)\Epic Games
[27/04/2021 16:04:40] - |D| - [11574848] - C:\Program Files (x86)\Google
[27/04/2021 16:22:33] - |HD| - [19859041] - C:\Program Files (x86)\InstallShield Installation Information
[01/05/2021 18:05:56] - |D| - [0] - C:\Program Files (x86)\Internet Download Manager
[07/12/2019 11:14:52] - |D| - [1984071] - C:\Program Files (x86)\Internet Explorer
[19/11/2020 01:30:55] - |D| - [893495268] - C:\Program Files (x86)\Microsoft
[07/12/2019 11:14:52] - |D| - [23935] - C:\Program Files (x86)\Microsoft.NET
[18/05/2021 00:00:34] - |D| - [335006455] - C:\Program Files (x86)\Minecraft Launcher
[29/04/2021 13:20:21] - |D| - [344130] - C:\Program Files (x86)\Mozilla Maintenance Service
[30/04/2021 13:13:56] - |D| - [25757] - C:\Program Files (x86)\MSBuild
[27/04/2021 16:03:04] - |D| - [292650229] - C:\Program Files (x86)\NVIDIA Corporation
[20/05/2021 21:39:44] - |D| - [321924389] - C:\Program Files (x86)\Overwolf
[27/04/2021 16:22:33] - |D| - [10882485] - C:\Program Files (x86)\Realtek
[30/04/2021 13:13:56] - |D| - [38479105] - C:\Program Files (x86)\Reference Assemblies
[30/04/2021 13:03:30] - |D| - [158902314] - C:\Program Files (x86)\Rockstar Games
[27/04/2021 16:29:48] - |D| - [21130859836] - C:\Program Files (x86)\Steam
[27/04/2021 16:22:32] - |HD| - [0] - C:\Program Files (x86)\Temp
[13/05/2021 12:37:30] - |D| - [6698440] - C:\Program Files (x86)\TrucksBook Client
[07/12/2019 11:14:52] - |D| - [1823008] - C:\Program Files (x86)\Windows Defender
[07/12/2019 11:14:52] - |D| - [625664] - C:\Program Files (x86)\Windows Mail
[07/12/2019 16:53:03] - |D| - [3237741] - C:\Program Files (x86)\Windows Media Player
[07/12/2019 16:53:03] - |D| - [40232] - C:\Program Files (x86)\Windows Multimedia Platform
[07/12/2019 11:14:52] - |D| - [6080856] - C:\Program Files (x86)\Windows NT
[07/12/2019 16:53:03] - |D| - [5261760] - C:\Program Files (x86)\Windows Photo Viewer
[07/12/2019 16:53:03] - |D| - [40232] - C:\Program Files (x86)\Windows Portable Devices
[07/12/2019 11:14:52] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar
[07/12/2019 11:14:52] - |D| - [2250695] - C:\Program Files (x86)\WindowsPowerShell

---------- | C:\Program Files

[27/04/2021 16:10:36] - |D| - [291577452] - C:\Program Files\AMD
[27/04/2021 16:39:14] - |D| - [18833090] - C:\Program Files\BakkesMod
[11/05/2021 00:16:52] - |D| - [615066] - C:\Program Files\Bonjour
[09/05/2021 22:48:33] - |D| - [70430448] - C:\Program Files\CCleaner
[07/12/2019 11:14:52] - |D| - [225107947] - C:\Program Files\Common Files
[07/12/2019 11:14:54] - |ASH| - [174] - C:\Program Files\desktop.ini
[27/04/2021 16:06:05] - |D| - [21627579] - C:\Program Files\DriversCloud.com
[16/05/2021 15:04:53] - |D| - [15532118672] - C:\Program Files\Epic Games
[27/04/2021 15:50:31] - |SHD| - [0] - C:\Program Files\Fichiers communs
[27/04/2021 16:04:58] - |D| - [509600964] - C:\Program Files\Google
[07/12/2019 11:14:52] - |D| - [2661458] - C:\Program Files\Internet Explorer
[28/04/2021 12:24:04] - |D| - [213488297] - C:\Program Files\Java
[09/05/2021 21:38:20] - |D| - [14782557] - C:\Program Files\Logitech
[27/04/2021 18:29:02] - |D| - [2086984] - C:\Program Files\Microsoft Update Health Tools
[07/12/2019 11:14:52] - |D| - [0] - C:\Program Files\ModifiableWindowsApps
[07/05/2021 01:52:15] - |D| - [221314654] - C:\Program Files\Mozilla Firefox
[30/04/2021 13:13:56] - |D| - [25757] - C:\Program Files\MSBuild
[27/04/2021 15:55:52] - |D| - [768664682] - C:\Program Files\NVIDIA Corporation
[11/05/2021 00:10:40] - |D| - [292079652] - C:\Program Files\obs-studio
[30/04/2021 13:13:56] - |D| - [36883625] - C:\Program Files\Reference Assemblies
[30/04/2021 13:03:24] - |D| - [194735295] - C:\Program Files\Rockstar Games
[29/04/2021 14:20:06] - |D| - [16053936] - C:\Program Files\Speccy
[27/04/2021 16:30:39] - |D| - [106848688] - C:\Program Files\Tablet
[09/05/2021 18:46:36] - |D| - [1506651] - C:\Program Files\TruckersMP Launcher
[19/11/2020 01:29:20] - |HD| - [0] - C:\Program Files\Uninstall Information
[29/04/2021 13:24:48] - |D| - [176322134] - C:\Program Files\VideoLAN
[27/04/2021 17:37:23] - |D| - [33725087] - C:\Program Files\WhoCrashed
[07/12/2019 11:14:52] - |D| - [13853406] - C:\Program Files\Windows Defender
[07/12/2019 11:14:52] - |D| - [639488] - C:\Program Files\Windows Mail
[07/12/2019 16:53:03] - |D| - [4601233] - C:\Program Files\Windows Media Player
[07/12/2019 16:53:03] - |D| - [48536] - C:\Program Files\Windows Multimedia Platform
[07/12/2019 11:14:52] - |D| - [6435160] - C:\Program Files\Windows NT
[07/12/2019 16:53:03] - |D| - [6179784] - C:\Program Files\Windows Photo Viewer
[07/12/2019 16:53:03] - |D| - [48528] - C:\Program Files\Windows Portable Devices
[07/12/2019 11:14:52] - |D| - [111709] - C:\Program Files\Windows Security
[07/12/2019 11:14:52] - |SHD| - [0] - C:\Program Files\Windows Sidebar
[07/12/2019 11:14:52] - |HD| - [3217972207] - C:\Program Files\WindowsApps
[07/12/2019 11:14:52] - |D| - [2545983] - C:\Program Files\WindowsPowerShell
[27/04/2021 16:38:02] - |D| - [8233079] - C:\Program Files\WinRAR

---------- | C:\Program Files (x86)\Common Files

[13/05/2021 21:45:14] - |D| - [0] - C:\Program Files (x86)\Common Files\Adobe
[10/05/2021 01:22:27] - |D| - [150363263] - C:\Program Files (x86)\Common Files\Apple
[27/04/2021 22:05:38] - |D| - [17812176] - C:\Program Files (x86)\Common Files\BattlEye
[28/04/2021 12:24:33] - |D| - [2223312] - C:\Program Files (x86)\Common Files\Java
[07/12/2019 11:14:52] - |D| - [17117522] - C:\Program Files (x86)\Common Files\Microsoft Shared
[28/04/2021 12:24:17] - |D| - [2011840] - C:\Program Files (x86)\Common Files\Oracle
[20/05/2021 21:39:44] - |D| - [2043008] - C:\Program Files (x86)\Common Files\Overwolf
[07/12/2019 11:14:52] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services
[27/04/2021 16:29:49] - |D| - [25994240] - C:\Program Files (x86)\Common Files\Steam
[07/12/2019 11:14:52] - |D| - [9573259] - C:\Program Files (x86)\Common Files\System

---------- | C:\Program Files\Common files

[11/05/2021 00:16:38] - |D| - [170796974] - C:\Program Files\Common files\Apple
[09/05/2021 21:38:20] - |D| - [1506543] - C:\Program Files\Common files\Logitech
[07/12/2019 11:14:52] - |D| - [42219829] - C:\Program Files\Common files\microsoft shared
[07/12/2019 11:14:52] - |D| - [2702] - C:\Program Files\Common files\Services
[07/12/2019 11:14:52] - |D| - [10581899] - C:\Program Files\Common files\System

---------- | Links to files

C:\Program Files\Bonjour\Ã propos de Bonjour.lnk -> C:\Program Files\Bonjour\Bonjour.Resources\fr.lproj\About Bonjour.rtf - Status : OK
C:\Program Files (x86)\Bonjour\Ã propos de Bonjour.lnk -> C:\Program Files (x86)\Bonjour\Bonjour.Resources\fr.lproj\About Bonjour.rtf - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\system32\notepad.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\system32\mspaint.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\system32\quickassist.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\system32\mstsc.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\system32\SnippingTool.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\system32\psr.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\system32\charmap.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\system32\WFS.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\system32\comexp.msc - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\system32\compmgmt.msc - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\system32\dfrgui.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\system32\cleanmgr.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\system32\eventvwr.msc - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\system32\iscsicpl.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\system32\MdSched.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\syswow64\odbcad32.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\system32\odbcad32.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\system32\perfmon.msc - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\system32\RecoveryDrive.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\system32\perfmon.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\system32\services.msc - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\system32\msconfig.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\system32\msinfo32.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\system32\taskschd.msc - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\system32\WF.msc - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD\StoreMI\StoreMI.lnk -> C:\Program Files\AMD\StoreMI\bin\AMD StoreMI.EXE - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BakkesMod.lnk -> C:\Program Files\BakkesMod\BakkesMod.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Biker Garage Mechanic Simulator Customization\Biker Garage Mechanic Simulator Customization.lnk -> D:\Games\Biker Garage Mechanic Simulator Customization\BikerGarage.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Biker Garage Mechanic Simulator Customization\Uninstall Biker Garage Mechanic Simulator Customization.lnk -> D:\Games\Biker Garage Mechanic Simulator Customization\unins000.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cooler Master\CK550_CK552\CK550_CK552.lnk -> C:\Program Files (x86)\Cooler Master\CK550_CK552\CK550_CK552.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cooler Master\CK550_CK552\Uninstall CK550_CK552.lnk -> C:\Windows\uninsCK550_CK552.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cooler Master\Cooler Master Portal\Cooler Master Portal.lnk -> C:\Program Files (x86)\Cooler Master\Cooler Master Portal\Cooler Master Portal.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cooler Master\Cooler Master Portal\Uninstall Cooler Master Portal.lnk -> C:\Windows\uninsCooler Master Portal.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com\Desinstaller.lnk -> C:\Windows\System32\msiexec.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com\DriversCloud.com - DÃ©marrer la dÃ©tection.lnk -> C:\Program Files\DriversCloud.com\DriversCloud.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com\DriversCloud.html.lnk -> C:\Program Files\DriversCloud.com\DriversCloud.html - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk -> C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoogleÂ Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\Control.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\A propos de Java.lnk -> C:\Program Files\Java\jre1.8.0_291\bin\javacpl.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configurer Java.lnk -> C:\Program Files\Java\jre1.8.0_291\bin\javacpl.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Rechercher les mises Ã  jour.lnk -> C:\Program Files\Java\jre1.8.0_291\bin\javacpl.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Launch Gaming Software Profiler.lnk -> C:\Windows\Installer\{1444D2EE-C7AD-44A8-844F-2634B49353D1}\NewShortcut1_7E69263C626D4C569CA13522D79FEB7F.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Launcher\Minecraft Launcher.lnk -> C:\Program Files (x86)\Minecraft Launcher\MinecraftLauncher.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\OBS Studio (64bit).lnk -> C:\Program Files\obs-studio\bin\64bit\obs64.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\Uninstall.lnk -> C:\Program Files\obs-studio\uninstall.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\obs-ios-camera-source\Uninstall obs-ios-camera-source.lnk -> C:\obs-studio\unins000.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy\Speccy.lnk -> C:\Program Files\Speccy\Speccy64.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\system32\taskmgr.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablette Wacom\PropriÃ©tÃ©s de la tablette Wacom.lnk -> C:\Program Files\Tablet\Wacom\Professional_CPL.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablette Wacom\Wacom Desktop Center.lnk -> C:\Program Files\Tablet\Wacom\32\WacomDesktopCenter.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TruckersMP Launcher\TruckersMP.lnk -> C:\Program Files\TruckersMP Launcher\Launcher.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrucksBook Client\TrucksBook Client.lnk -> C:\Program Files (x86)\TrucksBook Client\TB Client.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files\VideoLAN\VLC\Documentation.url - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files\VideoLAN\VLC\NEWS.txt - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files\VideoLAN\VLC\VideoLAN Website.url - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed\WhoCrashed.lnk -> C:\Program Files\WhoCrashed\WhoCrashedEx.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\syswow64\WindowsPowerShell\v1.0\PowerShell_ISE.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Aide de WinRAR.lnk -> C:\Program Files\WinRAR\winrar.chm - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Manuel de la console RAR.lnk -> C:\Program Files\WinRAR\Rar.txt - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Quelles sont les nouveautÃ©s de la derniÃ¨re version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt - Status : OK
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe - Status : OK
C:\Users\alex-\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe - Status : OK
C:\Users\alex-\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe - Status : OK
C:\Users\alex-\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe - Status : OK
C:\Users\alex-\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe - Status : OK
C:\Users\alex-\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk ->  - Status : OK
C:\Users\alex-\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\system32\taskmgr.exe - Status : OK
C:\Users\alex-\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK
C:\Users\alex-\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK
C:\Users\alex-\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK
C:\Users\alex-\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK
C:\Users\alex-\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\system32\compmgmt.msc - Status : OK
C:\Users\alex-\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\system32\diskmgmt.msc - Status : OK
C:\Users\alex-\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk ->  - Status : OK
C:\Users\alex-\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\system32\control.exe - Status : OK
C:\Users\alex-\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk ->  - Status : OK
C:\Users\alex-\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\system32\eventvwr.exe - Status : OK
C:\Users\alex-\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk ->  - Status : OK
C:\Users\alex-\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\system32\mblctr.exe - Status : OK
C:\Users\alex-\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GoogleÂ Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Discord.lnk -> C:\Users\alex-\AppData\Local\Discord\Update.exe - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GoogleÂ Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\osu!.lnk -> D:\osu!\osu!.exe - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\.minecraft.lnk -> C:\Users\alex-\AppData\Roaming\.minecraft - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\1.12 (2).lnk -> C:\Users\alex-\Desktop\1.12.rar - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\1.12.lnk -> C:\Users\alex-\Desktop\1.12.zip - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\1.lnk -> C:\Users\alex-\Desktop\1.PNG - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\16-01-2019 09-56-00.lnk -> C:\Users\alex-\Desktop\16-01-2019 09-56-00.jpg - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\161556-logo-france-2-kanaele-tv-multimedia.lnk -> C:\Users\alex-\Desktop\Dossier\161556-logo-france-2-kanaele-tv-multimedia.gif - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\2.lnk -> C:\Users\alex-\Desktop\2.PNG - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\2489923276_1000_eversax_s_dribble_challenge_made_by_gidek.lnk -> C:\Users\alex-\Desktop\2489923276_1000_eversax_s_dribble_challenge_made_by_gidek.zip - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\3x (1).lnk -> C:\Users\alex-\Desktop\Dossier\Peepo\3x (1).gif - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\3x (2).lnk -> C:\Users\alex-\Desktop\Dossier\Peepo\3x (2).gif - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\3x.lnk -> C:\Users\alex-\Desktop\Dossier\Peepo\3x.gif - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\4pyCuDxjHJZl6kSR1.lnk -> C:\Users\alex-\Desktop\Dossier\tout\4pyCuDxjHJZl6kSR1.mp4 - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\522044b0864a5467b9c072932ea285b3.lnk -> C:\Users\alex-\Desktop\Dossier\tout\522044b0864a5467b9c072932ea285b3.gif - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\AA.lnk -> C:\Users\alex-\Desktop\Dossier\tout\AA.PNG - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Afficher l'Ã©tat et la gestion du rÃ©seau.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Afficher les ordinateurs et les pÃ©riphÃ©riques rÃ©seau.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Afficher les pÃ©riphÃ©riques et imprimantes.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\AFRIQUE.lnk -> C:\Users\alex-\Desktop\Dossier\tout\AFRIQUE.mp4 - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Ajouter un pÃ©riphÃ©rique.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\akaruu.lnk -> C:\Users\alex-\Desktop\akaruu.png - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\AkaruuU.lnk -> C:\Users\alex-\Desktop\Dossier\AkaruuU.png - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\alpha_sounds_1.16.4_1.6.lnk -> C:\Users\alex-\Desktop\alpha_sounds_1.16.4_1.6.zip - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Barn.Finders.Build.16469-GoldBerg.lnk -> D:\Barn.Finders.Build.16469-GoldBerg.zip - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\BIGMAC.lnk -> C:\Users\alex-\Desktop\Dossier\tout\BIGMAC.mp4 - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\BOUCLED.lnk -> C:\Users\alex-\Desktop\Dossier\BOUCLED.PNG - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Bras tendu.lnk -> C:\Users\alex-\Desktop\Dossier\tout\Bras tendu.mp4 - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Britney.lnk -> C:\Users\alex-\Desktop\Dossier\Britney.jpg - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Bureau.lnk -> C:\Users\alex-\Desktop - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Capture.lnk -> C:\Users\alex-\Desktop\Capture.PNG - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\catjam.lnk -> C:\Users\alex-\Desktop\Dossier\catjam.gif - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Ce PC.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Centre RÃ©seau et partage.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Charles_Martel_Jmen_vais_vous_bouter_hors_du_Royaume_France_sarrasins__-_-_Abd_al-Rahman_.lnk -> C:\Users\alex-\Desktop\Dossier\tout\Charles_Martel_Jmen_vais_vous_bouter_hors_du_Royaume_France_sarrasins__-_-_Abd_al-Rahman_.mp4 - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Claqued.lnk -> C:\Users\alex-\Desktop\Claqued.mp4 - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\CopyTransDriversInstallerv2.049.lnk -> C:\Users\alex-\Desktop\CopyTransDriversInstallerv2.049.zip - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\davste0816s Nostalgic Resource Pack.lnk -> C:\Users\alex-\Desktop\davste0816s Nostalgic Resource Pack.zip - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Default 1.12.lnk -> C:\Users\alex-\Desktop\Default 1.12.zip - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Dossier.lnk -> C:\Users\alex-\Desktop\Dossier - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Dribbling Challenge 8m05.lnk -> D:\Dribbling Challenge 8m05.jpg - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\DÃ©sinstaller un programme.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\EnragÃ©.lnk -> D:\FILM\pas vu\EnragÃ©.mkv - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Euro Truck Simulator 2.lnk -> C:\Users\alex-\Documents\Euro Truck Simulator 2 - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\EversaxDribbleChallenge.udk.lnk -> C:\Users\alex-\Desktop\Workshop\EversaxDribbleChallenge.udk - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\F32-1.12.2 (1).lnk -> C:\Users\alex-\Desktop\F32-1.12.2 (1).zip - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\FAM.lnk -> C:\Users\alex-\Desktop\Dossier\tout\FAM.gif - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\felicitation-p.lnk -> C:\Users\alex-\Desktop\Dossier\tout\felicitation-p.mp4 - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\ff52e3be6b762353ac08dc8af70b1efe.lnk -> C:\Users\alex-\Desktop\Dossier\tout\ff52e3be6b762353ac08dc8af70b1efe.png - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\FILM.lnk -> D:\FILM - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Gestionnaire de pÃ©riphÃ©riques.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\getvideobot.com-tCkqBBNXnlj63dRu.lnk -> C:\Users\alex-\Desktop\Dossier\tout\getvideobot.com-tCkqBBNXnlj63dRu.mp4 - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\giphy.lnk -> C:\Users\alex-\Desktop\Dossier\tout\giphy.gif - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Gravity (2013).MULTi.VF2.2160p.10bit.4KLight.HDR10.BluRay.x265.AC3.5.1.Portos.lnk -> C:\Users\alex-\Videos\pas vu\Gravity (2013).MULTi.VF2.2160p.10bit.4KLight.HDR10.BluRay.x265.AC3.5.1.Portos.mkv - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\How_to_trick_a_monkey.lnk -> C:\Users\alex-\Desktop\Dossier\tout\How_to_trick_a_monkey.png - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\hs_err_pid12300.lnk -> C:\Users\alex-\AppData\Roaming\.minecraft\hs_err_pid12300.log - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\https--adsjumbo.com-.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\https--go.microsoft.com-fwlink-linkid=2132062.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\https--www.microsoft.com-en-us-p-app-9nzg3c8t9wnv.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\ICHRE5517.lnk -> C:\Users\alex-\Desktop\ICHRE5517.MOV - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Inception (2010) MULTi VFF 2160p 10bit 4KLight HDR BluRay x265 DTS 5.1 - QTZ.lnk -> D:\FILM\pas vu\Inception (2010) MULTi VFF 2160p 10bit 4KLight HDR BluRay x265 DTS 5.1 - QTZ.mkv - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\input-overlay.v4.8b.win32.64.lnk -> C:\Users\alex-\Desktop\input-overlay.v4.8b.win32.64.zip - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Install_Win10_10049_05212021 (1).lnk -> C:\Users\alex-\Desktop\Install_Win10_10049_05212021 (1).zip - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Install_Win10_10049_05212021.lnk -> C:\Users\alex-\Desktop\Install_Win10_10049_05212021.zip - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Internet (2).lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Internet.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Jack Reacher Never Go Back.2016.2160p.UHD.BLURAY.HDR.HEVC.Multi.VFF.TrueHD+Atmos-AZAZE.lnk -> C:\Users\alex-\Videos\pas vu\Jack Reacher Never Go Back.2016.2160p.UHD.BLURAY.HDR.HEVC.Multi.VFF.TrueHD+Atmos-AZAZE.mkv - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Jeas faithful64x_main.lnk -> C:\Users\alex-\Desktop\Jeas faithful64x_main.zip - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\La danse.lnk -> C:\Users\alex-\Desktop\Dossier\tout\La danse.mp4 - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Launch-backup-2021.05.16-15.05.10.lnk -> C:\Users\alex-\Documents\My Games\Rocket League\TAGame\Logs\Launch-backup-2021.05.16-15.05.10.log - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Launch.lnk -> C:\Users\alex-\Documents\My Games\Rocket League\TAGame\Logs\Launch.log - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Le_Flic_de_Beverly_Hills_III.1994.MULTI.1080p.lnk -> D:\FILM\pas vu\Le_Flic_de_Beverly_Hills_III.1994.MULTI.1080p.mkv - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\live_streams.lnk -> C:\Users\alex-\Documents\Euro Truck Simulator 2\live_streams.sii - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Logs.lnk -> C:\Users\alex-\Documents\My Games\Rocket League\TAGame\Logs - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\luckyped.lnk -> C:\Users\alex-\Desktop\Dossier\tout\luckyped.PNG - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\MarkC_Windows_10+8.x+7_MouseFix.lnk -> C:\Users\alex-\Desktop\MarkC_Windows_10+8.x+7_MouseFix.zip - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\MatÃ©riel et audio.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\mcnazi.lnk -> C:\Users\alex-\Desktop\Dossier\tout\mcnazi.mp4 - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Minecraft Beta Sounds Fix.lnk -> C:\Users\alex-\Desktop\Minecraft Beta Sounds Fix.zip - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Minecraft Launcher.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Launcher - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\mmh.lnk -> C:\Users\alex-\Desktop\mmh.PNG - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--kglcheck-.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\ms-settingssavelocations.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\ms-settingssound.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\ms-settingswindowsupdate.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\ms-settingswindowsupdatewinsettingshome.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\ms-windows-store--pdp-productId=9N1C8MJCM631&productFamily=Games.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\ms-windows-store--pdp-productId=9P7PX702J5NH&productFamily=Games.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\ms-windows-store--review-ProductId=9n1c8mjcm631.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\msxbox--- (2).lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\msxbox--- (3).lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\msxbox--- (4).lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\msxbox--- (5).lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\msxbox---.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\naif.lnk -> C:\Users\alex-\Desktop\Dossier\tout\naif.PNG - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Nouveau dossier.lnk -> C:\Users\alex-\Desktop\Nouveau dossier - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\obs.lnk -> C:\Users\alex-\Desktop\Dossier\OBS\obs - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\oh-comme-cest-bizarre.lnk -> C:\Users\alex-\Desktop\Dossier\tout\oh-comme-cest-bizarre.mp4 - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\OldClassicMinecraft-1.16-v1.lnk -> C:\Users\alex-\Desktop\OldClassicMinecraft-1.16-v1.zip - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\oo.lnk -> C:\Users\alex-\Desktop\oo - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Options dÂalimentation.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Options Internet.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Original-0.lnk -> C:\Users\alex-\Desktop\Dossier\tout\Original-0.gif - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\original.lnk -> C:\Users\alex-\Desktop\Dossier\tout\original.gif - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\OSS 117 Le Caire nid d espions 2006 French AC3 1080p HDLight x264.GHT.lnk -> D:\FILM\pas vu\OSS 117 Le Caire nid d espions 2006 French AC3 1080p HDLight x264.GHT.mkv - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\OSS 117 Rio ne repond plus 2009 French AC3 1080p HDLight x264.GHT.lnk -> D:\FILM\pas vu\OSS 117 Rio ne repond plus 2009 French AC3 1080p HDLight x264.GHT.mkv - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\oui.lnk -> C:\Users\alex-\Desktop\Dossier\oui.txt - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\pas vu.lnk -> D:\FILM\pas vu - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Peepo.lnk -> C:\Users\alex-\Desktop\Dossier\Peepo - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\peepoBear.lnk -> C:\Users\alex-\Desktop\Dossier\Peepo\peepoBear.png - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\peepofat.lnk -> C:\Users\alex-\Desktop\Dossier\Peepo\peepofat.png - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\plaza-biker.garage.mechanic.simulator.customization.lnk -> D:\plaza-biker.garage.mechanic.simulator.customization.iso - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Predestination.2014.MULTi.VFF.Bluray.1080p.DTS.HDMA.x264-Poney.lnk -> D:\FILM\pas vu\Predestination.2014.MULTi.VFF.Bluray.1080p.DTS.HDMA.x264-Poney.mkv - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\PROFIL (2).lnk -> D:\OBS PROFIL\PROFIL - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\PROFIL.lnk -> D:\OBS PROFIL\PROFIL - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\PureBDcraft 128x MC116.lnk -> C:\Users\alex-\Desktop\PureBDcraft 128x MC116.zip - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\PÃ©riphÃ©riques et imprimantes.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Roaming.lnk -> C:\Users\alex-\AppData\Roaming - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\robinet gros.lnk -> C:\Users\alex-\Desktop\Dossier\tout\robinet gros.txt - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\RÃ©seau et Internet.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\salamipeepo.lnk -> C:\Users\alex-\Desktop\Dossier\Peepo\salamipeepo.gif - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Sans nom.lnk -> C:\Users\alex-\Desktop\Dossier\OBS\Sans nom - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Sans titre.lnk -> C:\Users\alex-\Desktop\Sans titre.png - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\sardouche-la-salle-noire.lnk -> C:\Users\alex-\Desktop\Dossier\tout\sardouche-la-salle-noire.mp4 - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\sardouche-nique.lnk -> C:\Users\alex-\Desktop\Dossier\tout\sardouche-nique.mp4 - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Sardouche.lnk -> C:\Users\alex-\Desktop\Dossier\tout\Sardouche.PNG - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\SCENE.json.lnk -> C:\Users\alex-\Desktop\SCENE.json - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\SEGAAA.lnk -> C:\Users\alex-\Desktop\Dossier\tout\SEGAAA.mp4 - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Shuwpa don.lnk -> C:\Users\alex-\Desktop\Dossier\tout\Shuwpa don.mp4 - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Shuwpa table.lnk -> C:\Users\alex-\Desktop\Dossier\tout\Shuwpa table.mp4 - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Shuwpa.lnk -> C:\Users\alex-\Desktop\Dossier\tout\Shuwpa.mp4 - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Skyscraper (2018).MULTi.VF2.2160p.10bit.4KLight.HDR10.BluRay.x265.AC3.5.1.Portos.lnk -> D:\FILM\pas vu\Skyscraper (2018).MULTi.VF2.2160p.10bit.4KLight.HDR10.BluRay.x265.AC3.5.1.Portos.mkv - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Son.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Souris.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Stockage (D) (2).lnk -> D:\ - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Stockage (D).lnk -> D:\ - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\TB_Client_1_3_8.lnk -> C:\Users\alex-\Desktop\TB_Client_1_3_8.zip - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\tenor (1).lnk -> C:\Users\alex-\Desktop\Dossier\tout\tenor (1).gif - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\tenor.lnk -> C:\Users\alex-\Desktop\Dossier\tout\tenor.gif - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\The.Marksman.2021.REPACK.MULTi.1080p.BluRay.REMUX.AVC.AC3.5.1-NoTAG.lnk -> D:\FILM\pas vu\The.Marksman.2021.REPACK.MULTi.1080p.BluRay.REMUX.AVC.AC3.5.1-NoTAG.mkv - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\The.Wolf.Of.Wall.Street.2013.MULTi.1080p.BluRay.x264-ROUGH.lnk -> D:\FILM\pas vu\The.Wolf.Of.Wall.Street.2013.MULTi.1080p.BluRay.x264-ROUGH.mkv - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\tout.lnk -> C:\Users\alex-\Desktop\Dossier\tout - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Toutes les tÃ¢ches.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\TOZ.lnk -> C:\Users\alex-\Desktop\Dossier\tout\TOZ.jpg - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\truck-brutally-crashes-into-pole.lnk -> C:\Users\alex-\Desktop\Dossier\tout\truck-brutally-crashes-into-pole.mp4 - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\TwitchCam4.lnk -> C:\Users\alex-\Desktop\Dossier\TwitchCam4 - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\unknown.lnk -> C:\Users\alex-\Desktop\unknown.png - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\video0 (1).lnk -> C:\Users\alex-\Desktop\Dossier\tout\video0 (1).mov - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\video0.lnk -> C:\Users\alex-\Desktop\Dossier\tout\video0.mp4 - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\WAYTOODANK.lnk -> C:\Users\alex-\Desktop\Dossier\WAYTOODANK.mp4 - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\widepeepoBear (2).lnk -> C:\Users\alex-\Desktop\Dossier\Peepo\widepeepoBear.png - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\widepeepoBear.lnk -> C:\Users\alex-\Desktop\Dossier\Peepo\widepeepoBear - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\widepeepoHappy.lnk -> C:\Users\alex-\Desktop\Dossier\Peepo\widepeepoHappy.png - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Workshop.lnk -> C:\Users\alex-\Desktop\Workshop - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\WOW.lnk -> C:\Users\alex-\Desktop\Dossier\Peepo\WOW.gif - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\wsh.lnk -> C:\Users\alex-\Desktop\Dossier\wsh.txt - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\Zemmour2.lnk -> C:\Users\alex-\Desktop\Dossier\tout\Zemmour2.PNG - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Recent\[Game3rb.com] Call of Duty - Black Ops [FitGirl Repack].lnk -> D:\[Game3rb.com] Call of Duty - Black Ops [FitGirl Repack].rar - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\system32\WFS.exe - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\SendTo\Transfert de fichiers Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\system32\magnify.exe - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\system32\narrator.exe - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\system32\osk.exe - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc\Discord.lnk -> C:\Users\alex-\AppData\Local\Discord\Update.exe - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk -> C:\Users\alex-\AppData\Local\FluxSoftware\Flux\flux.exe - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync\MEGA Website.lnk -> C:\Users\alex-\AppData\Local\MEGAsync\MEGA Website.url - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync\MEGAsync.lnk -> C:\Users\alex-\AppData\Local\MEGAsync\MEGAsync.exe - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync\Uninstall.lnk -> C:\Users\alex-\AppData\Local\MEGAsync\uninst.exe - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf\CurseForge.lnk -> C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf\Overwolf.lnk -> C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games\Rockstar Games Launcher.lnk -> D:\Launcher\LauncherPatcher.exe - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk -> C:\Users\alex-\AppData\Local\MEGAsync\MEGAsync.exe - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk -> C:\Users\alex-\AppData\Roaming\Twitch\Bin\Twitch.exe - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\system32\control.exe - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk ->  - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch.lnk -> C:\Users\alex-\AppData\Roaming\Twitch\Bin\Twitch.exe - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net\Wargaming.net Game Center.lnk -> C:\ProgramData\Wargaming.net\GameCenter\wgc.exe - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net\World_of_Warships\DÃ©sinstaller World_of_Warships.lnk -> D:\World_of_Warships\wgc_api.exe - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net\World_of_Warships\World_of_Warships.lnk -> D:\World_of_Warships\wgc_api.exe - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Aide de WinRAR.lnk -> C:\Program Files\WinRAR\winrar.chm - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Manuel de la console RAR.lnk -> C:\Program Files\WinRAR\Rar.txt - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Quelles sont les nouveautÃ©s de la derniÃ¨re version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt - Status : OK
C:\Users\alex-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe - Status : OK
C:\Users\alex-\Desktop\Dossier\BakkesMod.lnk -> C:\Program Files\BakkesMod\BakkesMod.exe - Status : OK
C:\Users\alex-\Desktop\Dossier\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe - Status : OK
C:\Users\alex-\Desktop\Dossier\CK550_CK552.lnk -> C:\Program Files (x86)\Cooler Master\CK550_CK552\CK550_CK552.exe - Status : OK
C:\Users\alex-\Desktop\Dossier\Cooler Master Portal.lnk -> C:\Program Files (x86)\Cooler Master\Cooler Master Portal\Cooler Master Portal.exe - Status : OK
C:\Users\alex-\Desktop\Dossier\Epic Games Launcher.lnk -> C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe - Status : OK
C:\Users\alex-\Desktop\Dossier\Game Center.lnk -> C:\ProgramData\Wargaming.net\GameCenter\wgc.exe - Status : OK
C:\Users\alex-\Desktop\Dossier\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe - Status : OK
C:\Users\alex-\Desktop\Dossier\Minecraft Launcher.lnk -> C:\Program Files (x86)\Minecraft Launcher\MinecraftLauncher.exe - Status : OK
C:\Users\alex-\Desktop\Dossier\OBS Studio.lnk -> C:\Program Files\obs-studio\bin\64bit\obs64.exe - Status : OK
C:\Users\alex-\Desktop\Dossier\Origin - Raccourci.lnk -> C:\Program Files (x86)\Origin\Origin.exe - Status : OK
C:\Users\alex-\Desktop\Dossier\PC Building Simulator.lnk -> D:\PC Building Simulator\PCBS.exe - Status : OK
C:\Users\alex-\Desktop\Dossier\PhotoShop CS6\PhotoshopCS6Portable - Raccourci.lnk -> D:\photoshop cs6\AdobePhotoshopCS6Portable\PhotoshopCS6Portable.exe - Status : OK
C:\Users\alex-\Desktop\Dossier\TruckersMP.lnk -> C:\Program Files\TruckersMP Launcher\Launcher.exe - Status : OK
C:\Users\alex-\Desktop\Dossier\World_of_Warships.lnk -> D:\World_of_Warships\wgc_api.exe - Status : OK
C:\Users\alex-\Documents\Euro Truck Simulator 2\readme.rtf.lnk -> D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\readme.rtf - Status : OK
C:\Users\alex-\Links\Desktop.lnk -> C:\Users\alex-\Desktop - Status : OK
C:\Users\alex-\Links\Downloads.lnk -> C:\Users\alex-\Downloads - Status : OK
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe - Status : OK
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe - Status : OK
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe - Status : OK
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe - Status : OK
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk ->  - Status : OK
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\system32\taskmgr.exe - Status : OK
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\system32\compmgmt.msc - Status : OK
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\system32\diskmgmt.msc - Status : OK
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk ->  - Status : OK
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\system32\control.exe - Status : OK
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk ->  - Status : OK
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\system32\eventvwr.exe - Status : OK
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk ->  - Status : OK
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\system32\mblctr.exe - Status : OK
C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk ->  - Status : OK
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk ->  - Status : OK
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk ->  - Status : OK
C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\system32\WFS.exe - Status : OK
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\system32\magnify.exe - Status : OK
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\system32\narrator.exe - Status : OK
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\system32\osk.exe - Status : OK
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\OneDrive\OneDrive.exe - Status : OK
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\system32\control.exe - Status : OK
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk ->  - Status : OK
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk ->  - Status : OK
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk ->  - Status : OK
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk ->  - Status : OK
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe - Status : OK
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk ->  - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\system32\taskmgr.exe - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\system32\compmgmt.msc - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\system32\diskmgmt.msc - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk ->  - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\system32\control.exe - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk ->  - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\system32\eventvwr.exe - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk ->  - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\system32\mblctr.exe - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk ->  - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk ->  - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk ->  - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\SendTo\Destinataire de tÃ©lÃ©copie.lnk -> C:\Windows\System32\WFS.exe - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\system32\WFS.exe - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\system32\magnify.exe - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\system32\narrator.exe - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\system32\osk.exe - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\system32\notepad.exe - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\OneDrive\OneDrive.exe - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\system32\control.exe - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk ->  - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk ->  - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk ->  - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk ->  - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe - Status : OK
C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk ->  - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\system32\taskmgr.exe - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\system32\compmgmt.msc - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\system32\diskmgmt.msc - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk ->  - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\system32\control.exe - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk ->  - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\system32\eventvwr.exe - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk ->  - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\system32\mblctr.exe - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk ->  - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk ->  - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk ->  - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\SendTo\Destinataire de tÃ©lÃ©copie.lnk -> C:\Windows\System32\WFS.exe - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\system32\WFS.exe - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\system32\magnify.exe - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\system32\narrator.exe - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\system32\osk.exe - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\system32\notepad.exe - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\OneDrive\OneDrive.exe - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\system32\control.exe - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk ->  - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk ->  - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk ->  - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk ->  - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe - Status : OK
C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - Status : OK
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe - Status : OK
C:\Windows\WinSxS\amd64_eventviewersettings_31bf3856ad364e35_10.0.19041.1_none_aae8e58aa310aa7d\Event Viewer.lnk -> C:\Windows\system32\eventvwr.msc - Status : OK
C:\Windows\WinSxS\amd64_microsoft-hyper-v-management-clients_31bf3856ad364e35_10.0.19041.1_none_a87cce111f2d21d5\Hyper-V Manager.lnk -> C:\Windows\System32\mmc.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-a..roblemstepsrecorder_31bf3856ad364e35_10.0.19041.1_none_90e29eafea574969\Steps Recorder.lnk -> C:\Windows\system32\psr.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-a..roblemstepsrecorder_31bf3856ad364e35_10.0.19041.746_none_b8eadbf8a9c907b3\Steps Recorder.lnk -> C:\Windows\system32\psr.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-advancedtaskmanager_31bf3856ad364e35_10.0.19041.546_none_8ce021e04a4e9bbd\Task Manager.lnk -> C:\Windows\system32\taskmgr.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-advancedtaskmanager_31bf3856ad364e35_10.0.19041.844_none_8cde26fe4a506084\Task Manager.lnk -> C:\Windows\system32\taskmgr.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-c..-disposableclientvm_31bf3856ad364e35_10.0.19041.488_none_c36691fe3aaefd93\Windows Sandbox.lnk -> C:\Windows\system32\WindowsSandbox.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-c..-disposableclientvm_31bf3856ad364e35_10.0.19041.928_none_c3a77b043a7e47b0\Windows Sandbox.lnk -> C:\Windows\system32\WindowsSandbox.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-c..-disposableclientvm_31bf3856ad364e35_10.0.19041.985_none_c3639a9e3ab1a351\Windows Sandbox.lnk -> C:\Windows\system32\WindowsSandbox.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-c..s-admin-compsvclink_31bf3856ad364e35_10.0.19041.1_none_88835f4d79d6a242\Component Services.lnk -> C:\Windows\system32\comexp.msc - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-c..termanagementsnapin_31bf3856ad364e35_10.0.19041.1_none_01072daf15b480b0\Computer Management.lnk -> C:\Windows\system32\compmgmt.msc - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-c..termanagementsnapin_31bf3856ad364e35_10.0.19041.746_none_290f6af7d5263efa\Computer Management.lnk -> C:\Windows\system32\compmgmt.msc - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-charmap_31bf3856ad364e35_10.0.19041.1_none_a84acae243b8ad63\Character Map.lnk -> C:\Windows\system32\charmap.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-cleanmgr_31bf3856ad364e35_10.0.19041.1_none_233543e4fce957ae\Disk Cleanup.lnk -> C:\Windows\system32\cleanmgr.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-cleanmgr_31bf3856ad364e35_10.0.19041.906_none_4b68c4a9bc3aa082\Disk Cleanup.lnk -> C:\Windows\system32\cleanmgr.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-commandprompt-shortcut_31bf3856ad364e35_10.0.19041.1_none_efaf63248e6d4479\Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-d..-tools-mmc-adsiedit_31bf3856ad364e35_10.0.19041.1_none_69177721793455d7\ADSIEdit.lnk -> C:\Windows\system32\adsiedit.msc - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-d..-tools-mmc-adsiedit_31bf3856ad364e35_10.0.19041.746_none_911fb46a38a61421\ADSIEdit.lnk -> C:\Windows\system32\adsiedit.msc - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-d..mc-sitesandservices_31bf3856ad364e35_10.0.19041.1_none_552d95dd08a0b731\Active Directory Sites and Services.lnk -> C:\Windows\system32\dssite.msc - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-d..mc-sitesandservices_31bf3856ad364e35_10.0.19041.746_none_7d35d325c812757b\Active Directory Sites and Services.lnk -> C:\Windows\system32\dssite.msc - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-d..services-adam-setup_31bf3856ad364e35_10.0.19041.1_none_f216454a1d7f48de\ADAM Install.lnk -> C:\Windows\ADAM\adaminstall.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-d..services-adam-setup_31bf3856ad364e35_10.0.19041.746_none_1a1e8292dcf10728\ADAM Install.lnk -> C:\Windows\ADAM\adaminstall.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-defrag-adminui_31bf3856ad364e35_10.0.19041.746_none_770f598aef14382e\dfrgui.lnk -> C:\Windows\system32\dfrgui.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-defrag-adminui_31bf3856ad364e35_10.0.19041.84_none_90b92bf6be625d1b\dfrgui.lnk -> C:\Windows\system32\dfrgui.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-e..er-server-shortcuts_31bf3856ad364e35_10.0.19041.1_none_5e85a7ed6f490164\Administrative Tools.lnk -> C:\Windows\system32\control.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\01 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\01a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\02 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\02a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\03 - Computer Management.lnk -> C:\Windows\system32\compmgmt.msc - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\04 - Disk Management.lnk -> C:\Windows\system32\diskmgmt.msc - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\04-1 - NetworkStatus.lnk ->  - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\05 - Device Manager.lnk -> C:\Windows\system32\control.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\06 - SystemAbout.lnk ->  - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\07 - Event Viewer.lnk -> C:\Windows\system32\eventvwr.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\08 - PowerAndSleep.lnk ->  - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\09 - Mobility Center.lnk -> C:\Windows\system32\mblctr.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\1 - Desktop.lnk -> C:\Windows\explorer.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\1 - Run.lnk -> C:\Windows\explorer.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\10 - AppsAndFeatures.lnk ->  - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\2 - Search.lnk -> C:\Windows\explorer.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\4 - Control Panel.lnk ->  - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\5 - Task Manager.lnk -> C:\Windows\system32\taskmgr.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\computer.lnk ->  - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\Control Panel.lnk ->  - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\File Explorer.lnk ->  - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\Run.lnk ->  - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\Shows Desktop.lnk ->  - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\Window Switcher.lnk ->  - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-f..client-applications_31bf3856ad364e35_10.0.19041.508_none_572033ab87137242\Fax Recipient.lnk -> C:\Windows\system32\WFS.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-f..client-applications_31bf3856ad364e35_10.0.19041.508_none_572033ab87137242\Windows Fax and Scan.lnk -> C:\Windows\system32\WFS.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-f..client-applications_31bf3856ad364e35_10.0.19041.746_none_56f2f7338735a9a6\Fax Recipient.lnk -> C:\Windows\system32\WFS.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-f..client-applications_31bf3856ad364e35_10.0.19041.746_none_56f2f7338735a9a6\Windows Fax and Scan.lnk -> C:\Windows\system32\WFS.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-i..ntrolpanel.appxmain_31bf3856ad364e35_10.0.19041.610_none_f8d1c156f5c41e39\Immersive Control Panel.lnk -> C:\Windows\System32\Control.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-i..ntrolpanel.appxmain_31bf3856ad364e35_10.0.19041.844_none_f8b55686f5d8d1b6\Immersive Control Panel.lnk -> C:\Windows\System32\Control.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-i..ntrolpanel.appxmain_31bf3856ad364e35_10.0.19041.964_none_f89fb894f5e906bf\Immersive Control Panel.lnk -> C:\Windows\System32\Control.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-iis-clientshortcuts_31bf3856ad364e35_10.0.19041.1_none_9f9e4023b60d2433\IIS Client Manager.lnk -> C:\Windows\system32\inetsrv\InetMgr.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-iis-legacysnapin_31bf3856ad364e35_10.0.19041.1_none_3711e18b51638445\IIS6 Manager.lnk -> C:\Windows\system32\inetsrv\InetMgr6.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-iis-legacysnapin_31bf3856ad364e35_10.0.19041.906_none_5f45625010b4cd19\IIS6 Manager.lnk -> C:\Windows\system32\inetsrv\InetMgr6.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-iis-managementconsole_31bf3856ad364e35_10.0.19041.1_none_3dc4aae45a75023d\IIS Manager.lnk -> C:\Windows\system32\inetsrv\InetMgr.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-iis-managementconsole_31bf3856ad364e35_10.0.19041.906_none_65f82ba919c64b11\IIS Manager.lnk -> C:\Windows\system32\inetsrv\InetMgr.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-iscsi_initiator_ui_31bf3856ad364e35_10.0.19041.1_none_8ddc3834fb6f659f\iSCSI Initiator.lnk -> C:\Windows\system32\iscsicpl.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-m..-odbc-administrator_31bf3856ad364e35_10.0.19041.1_none_fa40f4e1dd1492a8\ODBC Data Sources (64-bit).lnk -> C:\Windows\system32\odbcad32.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-m..diagnostic-schedule_31bf3856ad364e35_10.0.19041.1_none_49c7a9c019150ac4\Memory Diagnostics Tool.lnk -> C:\Windows\system32\MdSched.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-magnify_31bf3856ad364e35_10.0.19041.746_none_4c272238f77f2488\Magnify.lnk -> C:\Windows\system32\magnify.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-magnify_31bf3856ad364e35_10.0.19041.84_none_65d0f4a4c6cd4975\Magnify.lnk -> C:\Windows\system32\magnify.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-mediaplayer-shortcut_31bf3856ad364e35_10.0.19041.1_none_64c27fc7ed12e401\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-msconfig-exe_31bf3856ad364e35_10.0.19041.1_none_906b4c073d1d970c\System Configuration.lnk -> C:\Windows\system32\msconfig.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-msinfo32-exe_31bf3856ad364e35_10.0.19041.1_none_61cd745a990bcfb3\System Information.lnk -> C:\Windows\system32\msinfo32.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-mspaint_31bf3856ad364e35_10.0.19041.1_none_440e94288def3f95\Paint.lnk -> C:\Windows\system32\mspaint.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-mspaint_31bf3856ad364e35_10.0.19041.746_none_6c16d1714d60fddf\Paint.lnk -> C:\Windows\system32\mspaint.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-narrator_31bf3856ad364e35_10.0.19041.388_none_9beddd0902a6ead4\Narrator.lnk -> C:\Windows\system32\narrator.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-narrator_31bf3856ad364e35_10.0.19041.789_none_9beee4eb02a5f8c7\Narrator.lnk -> C:\Windows\system32\narrator.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-nfs-adminmmc_31bf3856ad364e35_10.0.19041.1_none_9da8f6be034114e3\Services For Network File System.lnk -> C:\Windows\system32\nfsmgmt.msc - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-notepad_31bf3856ad364e35_10.0.19041.488_none_4cea9379ceedab35\Notepad.lnk -> C:\Windows\system32\notepad.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-notepad_31bf3856ad364e35_10.0.19041.746_none_4d13d847cecf0038\Notepad.lnk -> C:\Windows\system32\notepad.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-osk_31bf3856ad364e35_10.0.19041.1_none_60ade0eff94c37fc\On-Screen Keyboard.lnk -> C:\Windows\system32\osk.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-performancetoolsgui_31bf3856ad364e35_10.0.19041.329_none_7a1ba215ffb0545c\Performance Monitor.lnk -> C:\Windows\system32\perfmon.msc - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-performancetoolsgui_31bf3856ad364e35_10.0.19041.329_none_7a1ba215ffb0545c\Resource Monitor.lnk -> C:\Windows\system32\perfmon.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-performancetoolsgui_31bf3856ad364e35_10.0.19041.746_none_7a0308f7ffc334d5\Performance Monitor.lnk -> C:\Windows\system32\perfmon.msc - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-performancetoolsgui_31bf3856ad364e35_10.0.19041.746_none_7a0308f7ffc334d5\Resource Monitor.lnk -> C:\Windows\system32\perfmon.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-powershell-ise_31bf3856ad364e35_10.0.19041.1_none_1ed6cb15a1b51b10\Windows PowerShell ISE (x86).lnk -> C:\Windows\syswow64\WindowsPowerShell\v1.0\PowerShell_ISE.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-powershell-ise_31bf3856ad364e35_10.0.19041.1_none_1ed6cb15a1b51b10\Windows PowerShell ISE.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-quickassist_31bf3856ad364e35_10.0.19041.1_none_b3f1d9ff0e206c99\Quick Assist.lnk -> C:\Windows\system32\quickassist.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-quickassist_31bf3856ad364e35_10.0.19041.746_none_dbfa1747cd922ae3\Quick Assist.lnk -> C:\Windows\system32\quickassist.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-quickassist_31bf3856ad364e35_10.0.19041.964_none_dbe27aa7cda42a65\Quick Assist.lnk -> C:\Windows\system32\quickassist.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-recoverydrive_31bf3856ad364e35_10.0.19041.572_none_06678725ea98addd\RecoveryDrive.lnk -> C:\Windows\system32\RecoveryDrive.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-recoverydrive_31bf3856ad364e35_10.0.19041.746_none_068bfbddea7cb9b4\RecoveryDrive.lnk -> C:\Windows\system32\RecoveryDrive.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_10.0.19041.1_none_aa1fc2e87b362d12\Registry Editor.lnk -> C:\Windows\regedit.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_10.0.19041.746_none_d22800313aa7eb5c\Registry Editor.lnk -> C:\Windows\regedit.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-s..ment-policytools-ex_31bf3856ad364e35_10.0.19041.1_none_0f506321e073254e\Security Configuration Management.lnk -> C:\Windows\system32\secpol.msc - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_10.0.19041.1_none_8554f027e5186b5e\services.lnk -> C:\Windows\system32\services.msc - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-snippingtool-app_31bf3856ad364e35_10.0.19041.1_none_4fb50fb329007a5d\Snipping Tool.lnk -> C:\Windows\system32\SnippingTool.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-snippingtool-app_31bf3856ad364e35_10.0.19041.746_none_77bd4cfbe87238a7\Snipping Tool.lnk -> C:\Windows\system32\SnippingTool.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-speech-userexperience_31bf3856ad364e35_10.0.19041.423_none_fa15d41faa8e6925\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-speech-userexperience_31bf3856ad364e35_10.0.19041.746_none_fa033ad7aa9be481\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-t..etpc-mathinputpanel_31bf3856ad364e35_10.0.19041.329_none_a8b36702afa7d5bc\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-t..etpc-mathinputpanel_31bf3856ad364e35_10.0.19041.746_none_a89acde4afbab635\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_10.0.19041.423_none_2be831a97fd95967\Remote Desktop Connection.lnk -> C:\Windows\system32\mstsc.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_10.0.19041.746_none_2bd598617fe6d4c3\Remote Desktop Connection.lnk -> C:\Windows\system32\mstsc.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-wordpad_31bf3856ad364e35_10.0.19041.488_none_0b8a7f31cbd37483\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft-windows-wordpad_31bf3856ad364e35_10.0.19041.844_none_0bb1c551cbb693ff\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft.windows.powershell.common_31bf3856ad364e35_10.0.19041.1_none_e6d05ddbba96a35b\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe - Status : OK
C:\Windows\WinSxS\amd64_microsoft.windows.powershell.common_31bf3856ad364e35_10.0.19041.1_none_e6d05ddbba96a35b\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - Status : OK
C:\Windows\WinSxS\amd64_multipoint-logcollector_31bf3856ad364e35_10.0.19041.1_none_56138d203a7fc4cf\MultiPoint Log Collector.lnk -> C:\Program Files\Windows MultiPoint Server\LogCollector.exe - Status : OK
C:\Windows\WinSxS\amd64_multipoint-wmsmanager_31bf3856ad364e35_10.0.19041.1_none_d1ffdc3927836528\MultiPoint Manager.lnk -> C:\Program Files\Windows MultiPoint Server\WmsManager.exe - Status : OK
C:\Windows\WinSxS\amd64_networking-mpssvc-shortcut_31bf3856ad364e35_10.0.19041.1_none_3b48028dac22b3be\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\system32\WF.msc - Status : OK
C:\Windows\WinSxS\amd64_taskschedulersettings_31bf3856ad364e35_10.0.19041.1_none_00dc114da3ba6b01\Task Scheduler.lnk -> C:\Windows\system32\taskschd.msc - Status : OK
C:\Windows\WinSxS\msil_hyperv-ux-ui-vmcreate_31bf3856ad364e35_10.0.19041.1_none_8d387dde0a6c6d14\VMCreate.lnk -> C:\Program Files\Hyper-V\VMCreate.exe - Status : OK
C:\Windows\WinSxS\msil_multipoint-wmsdashboard_31bf3856ad364e35_10.0.19041.1_none_061d84508b376f80\MultiPoint Dashboard.lnk -> C:\Program Files\Windows MultiPoint Server\WmsDashboard.exe - Status : OK
C:\Windows\WinSxS\wow64_microsoft-windows-m..-odbc-administrator_31bf3856ad364e35_10.0.19041.1_none_04959f34117554a3\ODBC Data Sources (32-bit).lnk -> C:\Windows\syswow64\odbcad32.exe - Status : OK
C:\Windows\WinSxS\wow64_microsoft-windows-onedrive-setup_31bf3856ad364e35_10.0.19041.1_none_e585f901f9ce93e6\OneDrive.lnk -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\OneDrive\OneDrive.exe - Status : OK
D:\$RECYCLE.BIN\S-1-5-21-972061504-3174242785-361741747-1001\$R81HTPH\AOMEI Backupper Trial.lnk -> C:\Program Files (x86)\AOMEI\AOMEI Backupper 5.8.0\Backupper.exe - Status : OK
D:\$RECYCLE.BIN\S-1-5-21-972061504-3174242785-361741747-1001\$R81HTPH\Assistant Mise Ã  jour de Windows 10.lnk -> C:\Windows10Upgrade\Windows10UpgraderApp.exe - Status : OK
D:\$RECYCLE.BIN\S-1-5-21-972061504-3174242785-361741747-1001\$R81HTPH\Barn Finders.lnk -> D:\Games\Barn Finders\BarnFinders.exe - Status : OK
D:\$RECYCLE.BIN\S-1-5-21-972061504-3174242785-361741747-1001\$R81HTPH\Battle.net.lnk -> C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe - Status : OK
D:\$RECYCLE.BIN\S-1-5-21-972061504-3174242785-361741747-1001\$R81HTPH\Call of Duty Modern Warfare.lnk -> D:\Call of Duty Modern Warfare\Modern Warfare Launcher.exe - Status : OK
D:\$RECYCLE.BIN\S-1-5-21-972061504-3174242785-361741747-1001\$R81HTPH\CLIP STUDIO.lnk -> C:\Program Files\CELSYS\CLIP STUDIO 1.5\CLIP STUDIO\CLIPStudio.exe - Status : OK
D:\$RECYCLE.BIN\S-1-5-21-972061504-3174242785-361741747-1001\$R81HTPH\CPUID HWMonitor.lnk -> C:\Program Files\CPUID\HWMonitor\HWMonitor.exe - Status : OK
D:\$RECYCLE.BIN\S-1-5-21-972061504-3174242785-361741747-1001\$R81HTPH\FiveM Singleplayer.lnk -> C:\Users\alex-\AppData\Local\FiveM\FiveM.exe - Status : OK
D:\$RECYCLE.BIN\S-1-5-21-972061504-3174242785-361741747-1001\$R81HTPH\FiveM.lnk -> C:\Users\alex-\AppData\Local\FiveM\FiveM.exe - Status : OK
D:\$RECYCLE.BIN\S-1-5-21-972061504-3174242785-361741747-1001\$R81HTPH\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe - Status : OK
D:\$RECYCLE.BIN\S-1-5-21-972061504-3174242785-361741747-1001\$R81HTPH\Gif Your Game.lnk -> C:\Users\alex-\AppData\Local\Programs\badpanda-react\Gif Your Game.exe - Status : OK
D:\$RECYCLE.BIN\S-1-5-21-972061504-3174242785-361741747-1001\$R81HTPH\Gyazo GIF.lnk -> C:\Program Files (x86)\Gyazo\GyazoGIF.exe - Status : OK
D:\$RECYCLE.BIN\S-1-5-21-972061504-3174242785-361741747-1001\$R81HTPH\Gyazo Replay.lnk -> C:\Program Files (x86)\Gyazo\GyazoReplay.exe - Status : OK
D:\$RECYCLE.BIN\S-1-5-21-972061504-3174242785-361741747-1001\$R81HTPH\Gyazo.lnk -> C:\Program Files (x86)\Gyazo\Gyazowin.exe - Status : OK
D:\$RECYCLE.BIN\S-1-5-21-972061504-3174242785-361741747-1001\$R81HTPH\House Flipper On the Moon.lnk -> D:\Games\House Flipper On the Moon\HouseFlipper.exe - Status : OK
D:\$RECYCLE.BIN\S-1-5-21-972061504-3174242785-361741747-1001\$R81HTPH\IC Launcher.lnk -> C:\Program Files\IC Launcher\launcher\IC Launcher.exe - Status : OK
D:\$RECYCLE.BIN\S-1-5-21-972061504-3174242785-361741747-1001\$R81HTPH\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe - Status : OK
D:\$RECYCLE.BIN\S-1-5-21-972061504-3174242785-361741747-1001\$R81HTPH\osu-trainer.lnk -> C:\Users\alex-\Desktop\osu-trainer-v1.3\osu-trainer.exe - Status : OK
D:\$RECYCLE.BIN\S-1-5-21-972061504-3174242785-361741747-1001\$R81HTPH\PhotoshopCS6Portable.exe - Raccourci.lnk -> C:\Users\alex-\Desktop\Dossier\Documents\Dossier\cle\PhotoShop CS6\PhotoshopCS6Portable.exe - Status : OK
D:\$RECYCLE.BIN\S-1-5-21-972061504-3174242785-361741747-1001\$R81HTPH\Process Lasso.lnk -> C:\Program Files\Process Lasso\ProcessLassoLauncher.exe - Status : OK
D:\$RECYCLE.BIN\S-1-5-21-972061504-3174242785-361741747-1001\$R81HTPH\Reset Browser Settings.lnk -> C:\Program Files\Trojan Killer\tk.exe - Status : OK
D:\$RECYCLE.BIN\S-1-5-21-972061504-3174242785-361741747-1001\$R81HTPH\RogueKiller.lnk -> C:\Program Files\RogueKiller\RogueKiller64.exe - Status : OK
D:\$RECYCLE.BIN\S-1-5-21-972061504-3174242785-361741747-1001\$R81HTPH\Trojan Killer.lnk -> C:\Program Files\Trojan Killer\tk.exe - Status : OK
D:\$RECYCLE.BIN\S-1-5-21-972061504-3174242785-361741747-1001\$R81HTPH\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe - Status : OK
D:\Dossier\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe - Status : OK
D:\Dossier\Cooler Master Portal.lnk -> C:\Program Files (x86)\Cooler Master\Cooler Master Portal\Cooler Master Portal.exe - Status : OK
D:\Dossier\CrystalDiskInfo.lnk -> C:\Program Files\CrystalDiskInfo\DiskInfo64.exe - Status : OK
D:\Dossier\FACEIT AC.lnk -> C:\Program Files\FACEIT AC\faceitclient.exe - Status : OK
D:\Dossier\FACEIT.lnk -> C:\Users\alex-\AppData\Local\FACEITApp\FACEIT.exe - Status : OK
D:\Dossier\Forza Horizon 4.lnk ->  - Status : OK
D:\Dossier\FTB App.lnk -> C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe - Status : OK
D:\Dossier\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe - Status : OK
D:\Dossier\OBS Studio.lnk -> C:\Program Files\obs-studio\bin\64bit\obs64.exe - Status : OK
D:\Dossier\Origin - Raccourci.lnk -> C:\Program Files (x86)\Origin\Origin.exe - Status : OK
D:\Dossier\PC Building Simulator.lnk -> D:\PC Building Simulator\PCBS.exe - Status : OK
D:\Dossier\PhotoShop CS6\PhotoshopCS6Portable - Raccourci.lnk -> D:\photoshop cs6\AdobePhotoshopCS6Portable\PhotoshopCS6Portable.exe - Status : OK
D:\Dossier\PhotoshopCS6Portable.exe - Raccourci.lnk -> C:\Users\alex-\Desktop\Dossier\Documents\PhotoShop CS6\PhotoshopCS6Portable.exe - Status : OK
D:\Dossier\Super Seducer 3.lnk -> D:\SuperSeducer3\SuperSeducer3.exe - Status : OK
D:\Dossier\Super Seducer Enhanced.lnk -> D:\Super Seducer Enhanced\SuperSeducer.exe - Status : OK
D:\Dossier\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe - Status : OK
D:\Dossier\TruckersMP.lnk -> C:\Program Files\TruckersMP Launcher\Launcher.exe - Status : OK
D:\osu!\repair osu!.lnk -> C:\Users\alex-\AppData\Local\osu!\osu!.exe - Status : OK
D:\PC Building Simulator\Launch PC Building Simulator.lnk -> D:\PC Building Simulator\PCBS.exe - Status : OK
D:\SteamLibrary\steamapps\common\PAYDAY 2\mods\Crashlog.lnk -> C:\Users\alex-\AppData\local\PAYDAY 2\crash.txt - Status : OK

---------- | Tasks

[MD5.C541BE7347FC54A2A5C738F5EBACB377] - [28/04/2021 11:53:29] - |A| - [214] - C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
[MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [19/11/2020 01:29:03] - |AH| - [6] - C:\Windows\Tasks\SA.DAT
[MD5.726E433B6AAC6FB5BE3F7B1F65BEEA9C] - [28/04/2021 12:36:11] - |A| - [3484] - C:\Windows\System32\Tasks\AMDAutoUpdate         :   "C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe"
[MD5.8830A5E7CEB812FB093B63C6A8A9A804] - [09/05/2021 22:48:39] - |A| - [3936] - C:\Windows\System32\Tasks\CCleaner Update         :   C:\Program Files\CCleaner\CCUpdate.exe
[MD5.AA77CCABE7928A1D9C053D386E26E407] - [09/05/2021 22:48:40] - |A| - [2888] - C:\Windows\System32\Tasks\CCleanerSkipUAC         :   "C:\Program Files\CCleaner\CCleaner.exe"
[MD5.1F92D77817265E79F0F844B34FB4A27D] - [27/04/2021 16:04:46] - |A| - [3464] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore         :   C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.F74DB24E4A9E9D939DC0C0AC50EE71C8] - [27/04/2021 16:04:46] - |A| - [3588] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA         :   C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.00000000000000000000000000000000] - [30/04/2021 22:31:35] - |D| - [3828] - C:\Windows\System32\Tasks\MEGA
[MD5.00000000000000000000000000000000] - [07/12/2019 11:14:52] - |D| - [602678] - C:\Windows\System32\Tasks\Microsoft
[MD5.137361EE8F3AA45A78D9018B787BB1FA] - [19/11/2020 01:31:00] - |A| - [3510] - C:\Windows\System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore         :   C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
[MD5.148245D0247E0F7EC1025C0A10CFBAF5] - [19/11/2020 01:31:00] - |A| - [3634] - C:\Windows\System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA         :   C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
[MD5.00000000000000000000000000000000] - [08/05/2021 21:52:12] - |D| - [4862] - C:\Windows\System32\Tasks\Mozilla
[MD5.3FCF5E0D7D1D01D2FDE412AC20D2ED17] - [27/04/2021 16:03:45] - |A| - [4106] - C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}         :   C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
[MD5.3A7F88B71F9F6898A760B0B66B70537F] - [27/04/2021 16:03:45] - |A| - [4308] - C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}         :   C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
[MD5.F55B2F72E563AB4B2C6F011BD0C0A3BC] - [27/04/2021 16:03:50] - |A| - [3976] - C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}         :   "C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"
[MD5.9200A7AEAD4C78C61F5CA9964667C70D] - [27/04/2021 16:03:50] - |A| - [3940] - C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}         :   C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe
[MD5.C37E1FFFA5D12E7CCBEC07EB8B9545E9] - [27/04/2021 16:03:31] - |A| - [3894] - C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}         :   C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
[MD5.4C1943F7A098FE04B84E9B3BDC3715BF] - [27/04/2021 16:03:31] - |A| - [3654] - C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}         :   C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
[MD5.A0F1DF714A916D6CA8A4108140FA324A] - [27/04/2021 16:03:45] - |A| - [3858] - C:\Windows\System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}         :   C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
[MD5.3AF25A418A410AA8093C816404827BEC] - [27/04/2021 16:03:45] - |A| - [3858] - C:\Windows\System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}         :   C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
[MD5.DAB43C466C9F42568ECE9F3C82697427] - [27/04/2021 16:03:45] - |A| - [3858] - C:\Windows\System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}         :   C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
[MD5.25830D5D8D45392F164C798888A19828] - [27/04/2021 16:03:45] - |A| - [3858] - C:\Windows\System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}         :   C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
[MD5.7E26D26ED797C0B1C1EE9B7CE6162247] - [19/11/2020 01:36:28] - |A| - [3396] - C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1038550290-3477332594-2832121129-500         :   %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
[MD5.BF3FB95531C7EC5E1BB889A76076D604] - [27/04/2021 15:48:42] - |A| - [2858] - C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2423402792-3554856681-1955181387-500         :   %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
[MD5.E9B7394F31F5BF76EC0F5C19556BA87F] - [20/05/2021 21:39:48] - |A| - [4384] - C:\Windows\System32\Tasks\Overwolf Updater Task         :   C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
[MD5.00000000000000000000000000000000] - [07/12/2019 11:14:52] - |D| - [0] - C:\Windows\Syswow64\Tasks\Microsoft

---------- | Firewall

[HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules]
"WiFiDirect-KM-Driver-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=System|Name=@wlansvc.dll,-37378|Desc=@wlansvc.dll,-37890|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver|
"WiFiDirect-KM-Driver-Out-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=System|Name=@wlansvc.dll,-37379|Desc=@wlansvc.dll,-37891|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver|
"WiFiDirect-KM-Driver-In-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=System|Name=@wlansvc.dll,-37380|Desc=@wlansvc.dll,-37892|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver|
"WiFiDirect-KM-Driver-Out-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=System|Name=@wlansvc.dll,-37381|Desc=@wlansvc.dll,-37893|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver|
"DeliveryOptimization-TCP-In"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE|
"DeliveryOptimization-UDP-In"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE|
"WirelessDisplay-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay|
"WirelessDisplay-Out-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay|
"WirelessDisplay-Out-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay|
"WirelessDisplay-Infra-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7250|App=%systemroot%\system32\CastSrv.exe|Name=@wifidisplay.dll,-10206|Desc=@wifidisplay.dll,-10207|EmbedCtxt=@wifidisplay.dll,-100|
"{B04578E1-E707-4206-9817-264933DA9A07}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-2423402792-3554856681-1955181387-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ|
"{E7679062-3CED-438C-BFBE-FA1579428C44}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=UX.Client.ST|Desc=UX.Client.ST|LUOwn=S-1-5-21-2423402792-3554856681-1955181387-500|AppPkgId=S-1-15-2-283421221-3183566570-1718213290-751554359-3541592344-2312209569-3374928651|EmbedCtxt=UX.Client.ST|Platform=2:6:2|Platform2=GTEQ|
"{BF1BA332-7711-4D16-ACB7-4A2B6F15F89B}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=NcsiUwpApp|Desc=NcsiUwpApp|LUOwn=S-1-5-21-2423402792-3554856681-1955181387-500|AppPkgId=S-1-15-2-138780814-3997110584-2874353029-2041838810-3659441231-3169655024-3643974355|EmbedCtxt=NcsiUwpApp|Platform=2:6:2|Platform2=GTEQ|
"{3F997199-9629-4225-8880-7B78D2A46971}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\DriversCloud.com\DriversCloud.exe|Name=DriversCloud|
"{51CF866C-CB8C-4EAB-BECD-B3B665FE2247}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\DriversCloud.com\DriversCloud.exe|Name=DriversCloud|
"{8CB1E7C4-1547-47F4-ABC0-10418BB56939}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Pay|Desc=Microsoft Pay|LUOwn=S-1-5-21-2423402792-3554856681-1955181387-1001|AppPkgId=S-1-15-2-567501097-281763132-502764112-1855211022-3143306454-2372101908-561929011|EmbedCtxt=Microsoft Pay|Platform=2:6:2|Platform2=GTEQ|
"{7FA01A9E-2AC4-43C0-B940-31CF8C9C7E23}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-2423402792-3554856681-1955181387-1001|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ|
"{D6339805-7DBD-4346-A47A-485CE03492D5}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-2423402792-3554856681-1955181387-1001|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{7AD6BF8C-36E6-4266-A9AF-E0774F211BD2}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox Game Bar Plugin|Desc=Xbox Game Bar Plugin|LUOwn=S-1-5-21-2423402792-3554856681-1955181387-1001|AppPkgId=S-1-15-2-1823635404-1364722122-2170562666-1762391777-2399050872-3465541734-3732476201|EmbedCtxt=Xbox Game Bar Plugin|Platform=2:6:2|Platform2=GTEQ|
"{445BF633-335C-42CD-B865-3623CC6EE0BE}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox TCUI|Desc=Xbox TCUI|LUOwn=S-1-5-21-2423402792-3554856681-1955181387-1001|AppPkgId=S-1-15-2-2603511428-3224021693-1028932517-3941269705-3349582775-2312504883-4057327947|EmbedCtxt=Xbox TCUI|Platform=2:6:2|Platform2=GTEQ|
"{E1FFC40C-CD93-4E21-AF67-47B9D230D5CC}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Cortana|Desc=Cortana|LUOwn=S-1-5-21-2423402792-3554856681-1955181387-1001|AppPkgId=S-1-15-2-1880626798-2296700190-2192216202-2581987570-949377748-777141861-2889999867|EmbedCtxt=Cortana|Platform=2:6:2|Platform2=GTEQ|
"{DD52EB45-070D-42C2-AD0F-A45D27E2AD23}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Cortana|Desc=Cortana|LUOwn=S-1-5-21-2423402792-3554856681-1955181387-1001|AppPkgId=S-1-15-2-1880626798-2296700190-2192216202-2581987570-949377748-777141861-2889999867|EmbedCtxt=Cortana|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"TCP Query User{826A9A26-144F-4ABA-98CB-28D0BFEFCFAE}D:\grand theft auto v\gta5.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\grand theft auto v\gta5.exe|Name=Grand Theft Auto V|Desc=Grand Theft Auto V|Defer=User|
"UDP Query User{8D84DFE3-0D20-48CB-9779-5931637DC673}D:\grand theft auto v\gta5.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\grand theft auto v\gta5.exe|Name=Grand Theft Auto V|Desc=Grand Theft Auto V|Defer=User|
"{F5BF8896-A4D3-4D04-B3B8-D43F5732AA43}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=OneNote for Windows 10|Desc=OneNote for Windows 10|LUOwn=S-1-5-21-2423402792-3554856681-1955181387-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote for Windows 10|Platform=2:6:2|Platform2=GTEQ|
"{52421DBC-81EB-46FB-A3C4-0DDB9E0B9638}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote for Windows 10|Desc=OneNote for Windows 10|LUOwn=S-1-5-21-2423402792-3554856681-1955181387-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote for Windows 10|Platform=2:6:2|Platform2=GTEQ|
"TCP Query User{E5E92638-9D27-4848-8197-20E40D40472D}C:\program files\e2esoft\ivcam\ivcam.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\e2esoft\ivcam\ivcam.exe|Name=e2eSoft iVCam|Desc=e2eSoft iVCam|Defer=User|
"UDP Query User{7C6E4A30-DD6C-46BC-BA20-70DBE0CB33CF}C:\program files\e2esoft\ivcam\ivcam.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\e2esoft\ivcam\ivcam.exe|Name=e2eSoft iVCam|Desc=e2eSoft iVCam|Defer=User|
"{4382C468-5DCD-4256-B99F-E5BF14170556}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\Program Files\e2eSoft\iVCam\iVCam.exe|Name=e2eSoft iVCam|Desc=e2eSoft iVCam Exception|
"{487E6F3C-3075-49D7-BD22-2DBC7341B989}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\Program Files\e2eSoft\iVCam\iVCam.exe|Name=e2eSoft iVCam|Desc=e2eSoft iVCam Exception|
"{920C0026-196C-49AD-92A4-39F8276C8625}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files\Google\Chrome\Application\chrome.exe|Name=GoogleÂ Chrome (mDNS-In)|Desc=RÃ¨gle de trafic entrant pour GoogleÂ Chrome autorisant le trafic mDNS|EmbedCtxt=GoogleÂ Chrome|
"{36A47364-582C-4AB3-84FE-8358C199C415}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe|Name=Apple Push Service|Edge=TRUE|
"{79FB6D13-111A-46B3-A30A-8E794525CA2E}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour|
"{B358475F-6B8D-44D7-9CF4-FD2F8C0AB8FB}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour|
"{E86E517E-DC5A-4153-9264-1ACA53E5A050}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour|
"{B3F84FF0-A786-4F63-B2BB-30B4F521093D}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour|
"{C7ECE925-C3E0-4B32-B2BC-2DE7C3481E5A}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox Game Bar|Desc=Xbox Game Bar|LUOwn=S-1-5-21-2423402792-3554856681-1955181387-1001|AppPkgId=S-1-15-2-1714399563-1326177402-2048222277-143663168-2151391019-765408921-4098702777|EmbedCtxt=Xbox Game Bar|Platform=2:6:2|Platform2=GTEQ|
"{02BA82CC-6DBE-4B62-A930-292F533417F6}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox Game Bar|Desc=Xbox Game Bar|LUOwn=S-1-5-21-2423402792-3554856681-1955181387-1001|AppPkgId=S-1-15-2-1714399563-1326177402-2048222277-143663168-2151391019-765408921-4098702777|EmbedCtxt=Xbox Game Bar|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{8BA8500F-C7C0-4BDB-A2F7-03CCB0C26F64}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Edge|Desc=Microsoft Edge|LUOwn=S-1-5-21-2423402792-3554856681-1955181387-1001|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=Microsoft Edge|Platform=2:6:2|Platform2=GTEQ|
"{B05235A2-28E4-4A96-BC9C-EC1791426AFC}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Edge|Desc=Microsoft Edge|LUOwn=S-1-5-21-2423402792-3554856681-1955181387-1001|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=Microsoft Edge|Platform=2:6:2|Platform2=GTEQ|
"{C572F69D-E4FB-418C-8A99-0E3F952485E2}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Windows Feature Experience Pack|Desc=Windows Feature Experience Pack|LUOwn=S-1-5-21-2423402792-3554856681-1955181387-1001|AppPkgId=S-1-15-2-283421221-3183566570-1718213290-751554359-3541592344-2312209569-3374928651|EmbedCtxt=Windows Feature Experience Pack|Platform=2:6:2|Platform2=GTEQ|
"{F518C77B-3B66-4374-959F-F9E676F8CA86}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=NcsiUwpApp|Desc=NcsiUwpApp|LUOwn=S-1-5-21-2423402792-3554856681-1955181387-1001|AppPkgId=S-1-15-2-138780814-3997110584-2874353029-2041838810-3659441231-3169655024-3643974355|EmbedCtxt=NcsiUwpApp|Platform=2:6:2|Platform2=GTEQ|
"TCP Query User{252F897A-BC7F-4021-A036-7235592A3FF2}C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe|Name=Rocket League|Desc=Rocket League|Defer=User|
"UDP Query User{89CA3DDB-126B-40BC-B36F-151A701B155F}C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\epic games\rocketleague\binaries\win64\rocketleague.exe|Name=Rocket League|Desc=Rocket League|Defer=User|
"TCP Query User{A1AD1F7A-3592-461A-B796-B9C070796F87}C:\program files\epic games\theescapists2\theescapists2.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\epic games\theescapists2\theescapists2.exe|Name=theescapists2|Desc=theescapists2|Defer=User|
"UDP Query User{940AEABA-0ECD-4578-BE25-5065B067FC06}C:\program files\epic games\theescapists2\theescapists2.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\epic games\theescapists2\theescapists2.exe|Name=theescapists2|Desc=theescapists2|Defer=User|
"TCP Query User{18F57F94-3B1B-499B-BC32-52ED0093B6B4}D:\barn finders\barnfinders\binaries\win64\barnfinders-win64-shipping.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\barn finders\barnfinders\binaries\win64\barnfinders-win64-shipping.exe|Name=UE4Game|Desc=UE4Game|Defer=User|
"UDP Query User{69C61F1C-FB6C-41E5-9C9D-A1325A479D59}D:\barn finders\barnfinders\binaries\win64\barnfinders-win64-shipping.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\barn finders\barnfinders\binaries\win64\barnfinders-win64-shipping.exe|Name=UE4Game|Desc=UE4Game|Defer=User|
"{BE27D6BA-F1AB-442F-A5A2-763A5D53C6F1}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Overwolf\0.170.0.13\OverwolfBrowser.exe|Name=OverwolfBrowser|
"{7545C36A-A389-4B66-8A96-3AB7FEEFA71E}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Overwolf\0.170.0.13\OverwolfBrowser.exe|Name=OverwolfBrowser|
"{8C950D37-6B06-4D9A-A4FE-DD7C8466AC28}"=v2.30|Action=Block|Active=FALSE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Overwolf\0.170.0.13\OverwolfBrowser.exe|Name=OverwolfBrowser|
"{67803F6A-89CE-4948-BA9E-96CDABA8FAEC}"=v2.30|Action=Block|Active=FALSE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Overwolf\0.170.0.13\OverwolfBrowser.exe|Name=OverwolfBrowser|
"{878BD9EA-D2A7-4F93-A9C9-6D302312CD84}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe|Name=Microsoft Edge (mDNS-In)|Desc=RÃ¨gle de trafic entrant pour Microsoft Edge pour autoriser le trafic mDNS.|EmbedCtxt=Microsoft Edge|
"{5DA8C54C-A5C3-4004-9CFF-4FC697435F92}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.66\msedgewebview2.exe|Name=Microsoft Edge (mDNS-In)|Desc=RÃ¨gle de trafic entrant pour Microsoft Edge pour autoriser le trafic mDNS.|EmbedCtxt=Microsoft Edge WebView2 Runtime|
"{35FBE726-5543-4701-ADB8-3F34F091107E}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-2423402792-3554856681-1955181387-1001|AppPkgId=S-1-15-2-1723189366-2159580849-2248400763-1481059666-1951766778-2756563051-3565589001|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|
"{06A70A01-D34B-48F4-A4CF-859592F8280D}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-2423402792-3554856681-1955181387-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ|
"{E2407A60-FDB7-4CF9-BD65-28C446456093}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-2423402792-3554856681-1955181387-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ|
"{9F1E6D5A-89CD-4CF9-BDD9-CA5A984BDC33}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4371-4379|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.714.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}|
"{E471609B-0B68-49E7-9299-BECAC8840C43}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4381-4389|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.714.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}|
"{8AA281BD-7497-420A-B639-93B328B90E07}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.714.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}|
"{A4B2582C-2221-47C2-8E94-16CF666689C8}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.714.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}|
"{7D944964-6F76-4F4D-9C15-E4DB0859F3EC}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=57621|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.714.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}|
"{CD7E6E53-6E21-4ADB-B196-6BC4015639EB}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=57621-57631|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.714.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}|
"{08275E81-678E-45DA-A454-ACF463381148}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.714.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}|
"{08E82240-CC9D-4ADC-B3DD-5E91475727A3}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.159.714.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}|
"TCP Query User{454EF470-7A40-4F18-AADF-5064B19C5D5E}C:\users\alex-\appdata\roaming\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\alex-\appdata\roaming\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe|Name=javaw|Desc=javaw|Defer=User|
"UDP Query User{36CDDBE2-EF86-4766-AFBC-9B30EFEFC19A}C:\users\alex-\appdata\roaming\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\alex-\appdata\roaming\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe|Name=javaw|Desc=javaw|Defer=User|
"{AED5C7DF-5280-4568-B74D-D4239516F477}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Spotify Music|Desc=Spotify Music|LUOwn=S-1-5-21-2423402792-3554856681-1955181387-1001|AppPkgId=S-1-15-2-557819504-3144503769-3460048582-2468406004-2969798954-3397036932-4166026031|EmbedCtxt=Spotify Music|Platform=2:6:2|Platform2=GTEQ|
"{AA65AF25-86C7-432F-91A0-87E20137DFD7}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Minesweeper Simple|Desc=Minesweeper Simple|LUOwn=S-1-5-21-2423402792-3554856681-1955181387-1001|AppPkgId=S-1-15-2-4259309139-4177586248-1989662422-3942184312-3215748965-1964058170-4278520250|EmbedCtxt=Minesweeper Simple|Platform=2:6:2|Platform2=GTEQ|
"{6BE79BD7-0ABC-4990-B520-F7797C2E7147}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Minesweeper 2019|Desc=Minesweeper 2019|LUOwn=S-1-5-21-2423402792-3554856681-1955181387-1001|AppPkgId=S-1-15-2-2736316822-3855291229-2021932643-237872090-2285376828-2468111849-3453774494|EmbedCtxt=Minesweeper 2019|Platform=2:6:2|Platform2=GTEQ|
"TCP Query User{1870A5C3-D0C8-4FC3-9D71-02CB8767C319}C:\programdata\wargaming.net\gamecenter\wgc.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\programdata\wargaming.net\gamecenter\wgc.exe|Name=Wargaming.net Game Center|Desc=Wargaming.net Game Center|Edge=TRUE|Defer=App|
"UDP Query User{C3B51D8B-C9B4-4651-A5AB-4CDCA7303E60}C:\programdata\wargaming.net\gamecenter\wgc.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\programdata\wargaming.net\gamecenter\wgc.exe|Name=Wargaming.net Game Center|Desc=Wargaming.net Game Center|Edge=TRUE|Defer=App|





---------- | Control\Class

[HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) []  -> @dc1-controller.inf,%ClassName%;Xbox Peripherals
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760f-a5c8-4bfe-b314-d56a7b44a362}] : (DXGKrnl) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) []  -> @remoteposdrv.inf,%ClassName%;POS Remote Device
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) []  -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) []  -> @printqueue.inf,%ClassName%;Print queues
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) []  -> @%SystemRoot%\System32\SysClass.Dll,-3026
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (SecurityAccelerator) []  -> @c_sslaccel.inf,%ClassName%;Security accelerators
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) []  -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{2db15374-706e-4131-a0c7-d7c78eb0289a}] : (SystemRecovery) []  -> @c_fssystemrecovery.inf,%ClassDesc%;FS System recovery filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{2ea9b43f-3045-43b5-80f2-fd06c55fbb90}] : (vhdmp) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163c566-d381-4467-87bc-a65a18d5b648}] : (fvevol) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163c566-d381-4467-87bc-a65a18d5b649}] : (fvevol) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) []  -> @%SystemRoot%\System32\SysClass.Dll,-3025
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{3e3f0674-c83c-4558-bb26-9820e1eba5c5}] : (ContentScreener) []  -> @c_fscontentscreener.inf,%ClassDesc%;FS Content screener filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{3f966bd9-fa04-4ec5-991c-d326973b5128}] : (AndroidUsbDeviceClass) []  -> @oem34.inf,%ClassName%;Android Devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) []  -> @c_mcx.inf,%ClassDesc%;Media Center Extenders
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) []  -> @%SystemRoot%\system32\ntprint.dll,-1300
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) []  -> @%SystemRoot%\system32\sysclass.dll,-3023
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{48d3ebc4-4cf8-48ff-b869-9c68ad42eb9f}] : (Replication) []  -> @c_fsreplication.inf,%ClassDesc%;FS Replication filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) []  -> @%SystemRoot%\system32\sysclass.dll,-3024
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) []  -> @%SystemRoot%\System32\StorProp.dll,-17001
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) []  -> @%SystemRoot%\System32\SysClass.dll,-3000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) []  -> @c_diskdrive.inf,%ClassDesc%;Disk drives
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) []  -> @c_display.inf,%ClassDesc%;Display adapters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (FDC) []  -> @%SystemRoot%\System32\SysClass.Dll,-3013
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (HDC) []  -> @%SystemRoot%\System32\SysClass.Dll,-3001
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) []  -> @%SystemRoot%\System32\SysClass.Dll,-3002
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) []  -> @c_media.inf,%ClassDesc%;Sound, video and game controllers
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) []  -> @%SystemRoot%\System32\mdminst.dll,-14100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) []  -> @c_monitor.inf,%ClassDesc%;Monitors
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) []  -> @%SystemRoot%\System32\SysClass.Dll,-3004
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) []  -> @%SystemRoot%\System32\SysClass.Dll,-3021
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) []  -> @%SystemRoot%\System32\SysClass.Dll,-3014
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) []  -> @%SystemRoot%\System32\NetCfgx.dll,-1502
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) []  -> @%SystemRoot%\System32\NetCfgx.dll,-1504
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) []  -> @%SystemRoot%\System32\NetCfgx.dll,-1505
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) []  -> @%SystemRoot%\System32\NetCfgx.dll,-1503
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) []  -> @%SystemRoot%\System32\SysClass.Dll,-3010
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) []  -> @%SystemRoot%\System32\msports.dll,-10000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) []  -> @%SystemRoot%\system32\ntprint.dll,-1004
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) []  -> @%SystemRoot%\System32\SysClass.Dll,-3005
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) []  -> @%SystemRoot%\System32\SysClass.Dll,-3008
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) []  -> @%SystemRoot%\System32\SysClass.Dll,-3009
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) []  -> @%SystemRoot%\System32\SysClass.Dll,-3015
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4fc9541c-0fe6-4480-a4f6-9495a0d17cd2}] : (HidLineDisplay) []  -> @c_linedisplay.inf,%ClassName%;POS Line Display
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) []  -> @c_processor.inf,%ClassDesc%;Processors
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) []  -> @%SystemRoot%\system32\sysclass.dll,-3022
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) []  -> @%SystemRoot%\System32\SysClass.Dll,-3018
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) []  -> @%SystemRoot%\System32\StorProp.dll,-17002
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) []  -> @%SystemRoot%\system32\SensorsCpl.dll,-10000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) []  -> @%SystemRoot%\System32\SysClass.Dll,-3011
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53487c23-680f-4585-acc3-1f10d6777e82}] : (SmrDisk) []  -> @c_smrdisk.inf,%ClassDesc%;Shingled magnetic recording disks
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53966cb1-4d46-4166-bf23-c522403cd495}] : (ScmDisk) []  -> @c_scmdisk.inf,%ClassDesc%;Persistent memory disks
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53b3cf03-8f5a-4788-91b6-d19ed9fcccbf}] : (SmrVolume) []  -> @c_smrvolume.inf,%ClassDesc%;Shingled magnetic recording volumes
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53ccb149-e543-4c84-b6e0-bce4f6b7e806}] : (ScmVolume) []  -> @c_scmvolume.inf,%ClassDesc%;Storage Class Memory volumes
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) []  -> @%SystemRoot%\System32\SysClass.DLL,-3028
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) []  -> @c_proximity.inf,%ClassDesc%;Proximity devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5989fce8-9cd0-467d-8a6a-5419e31529d4}] : (AudioProcessingObject) []  -> @c_apo.inf,%ClassDesc%;Audio Processing Objects (APOs)
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5aea001d-9372-4ed7-97f3-b79bf15a53c5}] : (OposLegacyDevice) []  -> @oposdrv.inf,%ClassName%;OPOS Legacy Device
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5c4c3332-344d-483c-8739-259e934c9cc8}] : (SoftwareComponent) []  -> @c_swcomponent.inf,%ClassDesc%;Software components
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5d1b9aaa-01e2-46af-849f-272b3f324c46}] : (FSFilterSystem) []  -> @c_fssystem.inf,%ClassDesc%;FS System filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) []  -> @c_swdevice.inf,%ClassDesc%;Software devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{645ad99b-1344-4316-837a-08a3e73db222}] : (PerceptionSimulation) []  -> @PerceptionSimulationSixDof.inf,%ClassName%;Perception Simulation Controllers
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6a0a8e78-bba6-4fc4-a709-1e33cd09d67e}] : (PhysicalQuotaManagement) []  -> @c_fsphysicalquotamgmt.inf,%ClassDesc%;FS Physical quota management filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) []  -> @%SystemRoot%\System32\SysClass.Dll,-3016
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) []  -> @%SystemRoot%\System32\NetCfgx.dll,-1501
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) []  -> @%SystemRoot%\system32\sti_ci.dll,-52
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d3963a7-0f27-4d42-a63b-671f74fbddc9}] : (WacomMultitouch) []  -> @oem32.inf,%WacMT.ClassName%;Wacom Multitouch
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) []  -> @%SystemRoot%\System32\SysClass.Dll,-3006
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6fae73b7-b735-4b50-a0da-0dc2484b1f1a}] : (HyperVideo) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) []  -> @c_volume.inf,%ClassDesc%;Storage volumes
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{71aa14f8-6fad-4622-ad77-92bb9d7e6947}] : (ContinuousBackup) []  -> @c_fscontinuousbackup.inf,%ClassDesc%;FS Continuous backup filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) []  -> @%SystemRoot%\system32\powrprof.dll,-611
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) []  -> @%SystemRoot%\System32\hid.dll,-101
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) []  -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) []  -> @%SystemRoot%\System32\SysClass.Dll,-3019
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{81c87465-de07-4efc-9d93-61e891d52fd2}] : (RdpVideoMiniport) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{8503c911-a6c7-4919-8f79-5028f5866b0c}] : (QuotaManagement) []  -> @c_fsquotamgmt.inf,%ClassDesc%;FS Quota management filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{87ef9ad1-8f70-49ee-b215-ab1fcadcbe3c}] : (NetDriver) []  -> @c_netdriver.inf,%ClassDesc%;Universal Network Drivers
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) []  -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) []  -> @%SystemRoot%\System32\SysClass.Dll,-3029
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{89786ff1-9c12-402f-9c9e-17753c7f4375}] : (CopyProtection) []  -> @c_fscopyprotection.inf,%ClassDesc%;FS Copy protection filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) []  -> @%SystemRoot%\System32\SysClass.Dll,-3003
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) []  -> @%SystemRoot%\System32\SysClass.DLL,-3031
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) []  -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) []  -> @%SystemRoot%\System32\SysClass.Dll,-3012
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a701c0-a511-42ff-aa6c-06dc0395576f}] : (Encryption) []  -> @c_fsencryption.inf,%ClassDesc%;FS Encryption filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{a3e32dba-ba89-4f17-8386-2d0127fbd4cc}] : (rdpbus) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{a73c93f1-9727-4d1d-ace1-0e333ba4e7db}] : (nvlddmkm) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{aa018edf-4915-415e-9c17-d7ebec8917d2}] : (NvModuleTracker) []  -> @oem15.inf,%ClassName%;NvModuleTracker
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{b1d1a169-c54f-4379-81db-bee7d88d7454}] : (AntiVirus) []  -> @c_fsantivirus.inf,%ClassDesc%;FS Anti-virus filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{b2728d24-ac56-42db-9e02-8edaf5db652f}] : (RDCamera) []  -> @rdcameradriver.inf,%ClassName%;Remote Desktop Camera devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{b86dff51-a31e-4bac-b3cf-e8cfe75c9fc2}] : (ActivityMonitor) []  -> @c_fsactivitymonitor.inf,%ClassDesc%;FS Activity monitor filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{b95b836b-234e-4857-a1f8-d0d9a9bec1c5}] : (vmbus) []  -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) []  -> @%SystemRoot%\System32\SysClass.Dll,-3030
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) []  -> @%SystemRoot%\System32\SysClass.Dll,-3027
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) []  -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) []  -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) []  -> @wsdprint.inf,%ClassName%;WSD Print Provider
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) []  -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{ca3e7ab9-b4c3-4ae6-8251-579ef933890f}] : (Camera) []  -> @c_camera.inf,%ClassDesc%;Cameras
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{cdcf0939-b75b-4630-bf76-80f7ba655884}] : (CFSMetadataServer) []  -> @c_fscfsmetadataserver.inf,%ClassDesc%;FS CFS metadata server filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) []  -> @%SystemRoot%\System32\StorProp.dll,-17003
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d02bc3da-0c8e-4945-9bd5-f1883c226c8c}] : (SecurityEnhancer) []  -> @c_fssecurityenhancer.inf,%ClassDesc%;FS Security enhancer filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) []  -> @miradisp.inf,%ClassName%;Miracast display devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) []  -> @%SystemRoot%\System32\SysClass.Dll,-3017
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d546500a-2aeb-45f6-9482-f4b1799c3177}] : (HSM) []  -> @c_fshsm.inf,%ClassDesc%;FS HSM filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d612553d-06b1-49ca-8938-e39ef80eb16f}] : (Holographic) []  -> @c_holographic.inf,%ClassName%;Mixed Reality devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) []  -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) []  -> @%SystemRoot%\System32\SysClass.Dll,-3020
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) []  -> @%SystemRoot%\System32\SysClass.DLL,-3032
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) []  -> @%SystemRoot%\system32\bthci.dll,-4001
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) []  -> @c_extension.inf,%ClassDesc%;Extensions
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{e55fa6f9-128c-4d04-abab-630c74b1453a}] : (Infrastructure) []  -> @c_fsinfrastructure.inf,%ClassDesc%;FS Infrastructure filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{e6f1aa1c-7f3b-4473-b2e8-c97d8ac71d53}] : (UCM) []  -> @c_ucm.inf,%ClassDesc%;USB Connector Managers
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) []  -> @%SystemRoot%\System32\wpd_ci.dll,-101
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{f01a9d53-3ff6-48d2-9f97-c8a7004be10c}] : (ComputeAccelerator) []  -> @c_computeaccelerator.inf,%ClassDesc%;Compute accelerators
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) []  -> @c_firmware.inf,%ClassDesc%;Firmware
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{f3586baf-b5aa-49b5-8d6c-0569284c639f}] : (Compression) []  -> @c_fscompression.inf,%ClassDesc%;FS Compression filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{f75a86c0-10d8-4c3a-b233-ed60e4cdfaac}] : (Virtualization) []  -> @c_fsvirtualization.inf,%ClassDesc%;FS Virtualization filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{f8ecafa6-66d1-41a5-899b-66585d7216b7}] : (OpenFileBackup) []  -> @c_fsopenfilebackup.inf,%ClassDesc%;FS Open file backup filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{fe8f1572-c67a-48c0-bbac-0b5c6d66cafb}] : (Undelete) []  -> @c_fsundelete.inf,%ClassDesc%;FS Undelete filters
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2]  -> ElsLad.dll (Copyright (c) Microsoft Corporation.)
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5]  -> elstrans.dll (Copyright (c) Microsoft Corporation.)
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1]  -> ElsLad.dll (Copyright (c) Microsoft Corporation.)

---------- | Loaded modules (whitelist)

[03/03/2021 22:26:58] - (9.4.0.36) - (AMD, Inc. - AMD-RAID rcbottom) - C:\Windows\System32\drivers\rcbottom.sys
[03/03/2021 22:26:56] - (9.4.0.36) - (AMD, Inc. - AMD-RAID StorPort) - C:\Windows\System32\drivers\rcraid.sys
[27/04/2021 18:41:29] - (0.0.0.0) - ( - ) - C:\Windows\System32\Drivers\CimFS.SYS
[03/03/2021 22:27:00] - (9.4.0.36) - (AMD, Inc. - AMD-RAID Configuration driver) - C:\Windows\System32\drivers\rccfg.sys
[23/05/2021 11:19:49] - (27.21.14.6647) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 466.47 ) - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d71d3f5ea7618cbb\nvlddmkm.sys
[29/04/2021 18:45:15] - (4.13.0.0) - (NVIDIA Corporation - NVIDIA Virtual Audio Driver) - C:\Windows\system32\drivers\nvvad64v.sys
[29/04/2021 18:45:15] - (100.0.0.0) - (NVIDIA Corporation - Process and module monitoring driver) - C:\Windows\System32\drivers\NvModuleTracker.sys
[29/04/2021 18:45:15] - (304.0.0.0) - (NVIDIA Corporation - Virtual USB Host Controller driver) - C:\Windows\System32\drivers\nvvhci.sys
[30/04/2021 13:12:57] - (1.0.0.103) - (Scarlet.Crush Productions - Scp Virtual Bus Driver) - C:\Windows\System32\drivers\ScpVBus.sys
[29/04/2021 18:45:15] - (1.3.38.60) - (NVIDIA Corporation - NVIDIA HDMI Audio Driver) - C:\Windows\system32\drivers\nvhda64v.sys

---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service

S0 - [Kernel Driver] - 3ware (3ware) -> C:\Windows\system32\drivers\3ware.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R0 - [Kernel Driver] - ACPI (Pilote ACPI Microsoft) -> C:\Windows\system32\drivers\ACPI.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> C:\Windows\system32\Drivers\acpiex.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
S0 - [Kernel Driver] - ADP80XX (ADP80XX) -> C:\Windows\system32\drivers\ADP80XX.SYS - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R0 - [Kernel Driver] - amdpsp (AMD PSP Service) -> C:\Windows\system32\drivers\amdpsp.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
S0 - [Kernel Driver] - amdsata (amdsata) -> C:\Windows\system32\drivers\amdsata.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - amdsbs (amdsbs) -> C:\Windows\system32\drivers\amdsbs.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - amdxata (amdxata) -> C:\Windows\system32\drivers\amdxata.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - arcsas (Pilote miniport Storport Adaptec SAS/SATA-II RAID) -> C:\Windows\system32\drivers\arcsas.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - atapi (Canal IDE) -> C:\Windows\system32\drivers\atapi.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - b06bdrv (Carte rÃ©seau QLogic VBD) -> C:\Windows\system32\drivers\bxvbda.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - bttflt (Filtre Microsoft Hyper-V VHDPMEM BTT) -> C:\Windows\system32\drivers\bttflt.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - cht4iscsi (cht4iscsi) -> C:\Windows\system32\drivers\cht4sx64.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R0 - [Kernel Driver] - CLFS (Common Log (CLFS)) -> C:\Windows\system32\drivers\CLFS.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R0 - [Kernel Driver] - CNG (CNG) -> C:\Windows\system32\Drivers\cng.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R0 - [Kernel Driver] - disk (Pilote de disque) -> C:\Windows\system32\drivers\disk.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
S0 - [Kernel Driver] - ebdrv (Carte QLogic 10 Gigabit Ethernet VBD) -> C:\Windows\system32\drivers\evbda.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R0 - [Kernel Driver] - EhStorClass (Enhanced Storage Filter Driver) -> C:\Windows\system32\drivers\EhStorClass.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
S0 - [Kernel Driver] - EhStorTcgDrv (Pilote Microsoft pour dispositif de stockage prenant en charge les protocoles IEEE 1667 et TCG) -> C:\Windows\system32\drivers\EhStorTcgDrv.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R0 - [File System Driver] - FileInfo (File Information FS MiniFilter) -> C:\Windows\system32\drivers\fileinfo.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R0 - [File System Driver] - FltMgr (FltMgr) -> C:\Windows\system32\drivers\fltmgr.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R0 - [Kernel Driver] - fvevol (Pilote de filtre de chiffrement de lecteur BitLocker) -> C:\Windows\system32\DRIVERS\fvevol.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
S0 - [Kernel Driver] - HpSAMD (HpSAMD) -> C:\Windows\system32\drivers\HpSAMD.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - hwpolicy (Hardware Policy Driver) -> C:\Windows\system32\drivers\hwpolicy.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - iaStorAVC (ContrÃ´leur RAID SATA de circuit microprogrammÃ© Intel) -> C:\Windows\system32\drivers\iaStorAVC.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - iaStorV (ContrÃ´leur RAID Intel WindowsÂ 7) -> C:\Windows\system32\drivers\iaStorV.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - intelide (intelide) -> C:\Windows\system32\drivers\intelide.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R0 - [Kernel Driver] - intelpep (Pilote de plug-in du moteur dÂalimentation Intel(R)) -> C:\Windows\system32\drivers\intelpep.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R0 - [Kernel Driver] - iorate (Pilote du filtre du taux dÂE/S du disque) -> C:\Windows\system32\drivers\iorate.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
S0 - [Kernel Driver] - isapnp (isapnp) -> C:\Windows\system32\drivers\isapnp.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - ItSas35i (ItSas35i) -> C:\Windows\system32\drivers\ItSas35i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R0 - [Kernel Driver] - KSecDD (KSecDD) -> C:\Windows\system32\Drivers\ksecdd.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R0 - [Kernel Driver] - KSecPkg (KSecPkg) -> C:\Windows\system32\Drivers\ksecpkg.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
S0 - [Kernel Driver] - LSI_SAS (LSI_SAS) -> C:\Windows\system32\drivers\lsi_sas.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - LSI_SAS2i (LSI_SAS2i) -> C:\Windows\system32\drivers\lsi_sas2i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - LSI_SAS3i (LSI_SAS3i) -> C:\Windows\system32\drivers\lsi_sas3i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - LSI_SSS (LSI_SSS) -> C:\Windows\system32\drivers\lsi_sss.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - megasas (megasas) -> C:\Windows\system32\drivers\megasas.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - megasas2i (megasas2i) -> C:\Windows\system32\drivers\MegaSas2i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - megasas35i (megasas35i) -> C:\Windows\system32\drivers\megasas35i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - megasr (megasr) -> C:\Windows\system32\drivers\megasr.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R0 - [Kernel Driver] - mountmgr (Gestionnaire des points de montage) -> C:\Windows\system32\drivers\mountmgr.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R0 - [Kernel Driver] - msisadrv (msisadrv) -> C:\Windows\system32\drivers\msisadrv.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R0 - [File System Driver] - Mup (Mup) -> C:\Windows\system32\Drivers\mup.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
S0 - [Kernel Driver] - mvumis (mvumis) -> C:\Windows\system32\drivers\mvumis.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R0 - [Kernel Driver] - NDIS (Pilote systÃ¨me NDIS) -> C:\Windows\system32\drivers\ndis.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
S0 - [Kernel Driver] - nvdimm (Pilote de pÃ©riphÃ©rique NVDIMM Microsoft) -> C:\Windows\system32\drivers\nvdimm.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - nvraid (nvraid) -> C:\Windows\system32\drivers\nvraid.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - nvstor (nvstor) -> C:\Windows\system32\drivers\nvstor.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R0 - [Kernel Driver] - partmgr (Gestionnaire de partitions) -> C:\Windows\system32\drivers\partmgr.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R0 - [Kernel Driver] - pci (Pilote de bus PCI) -> C:\Windows\system32\drivers\pci.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
S0 - [Kernel Driver] - pciide (pciide) -> C:\Windows\system32\drivers\pciide.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - pcmcia (pcmcia) -> C:\Windows\system32\drivers\pcmcia.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> C:\Windows\system32\drivers\pcw.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R0 - [Kernel Driver] - pdc (CDP) -> C:\Windows\system32\drivers\pdc.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
S0 - [Kernel Driver] - percsas2i (percsas2i) -> C:\Windows\system32\drivers\percsas2i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - percsas3i (percsas3i) -> C:\Windows\system32\drivers\percsas3i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - pmem (Pilote de disque de mÃ©moire persistante Microsoft) -> C:\Windows\system32\drivers\pmem.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - Ramdisk (Windows RAM Disk Driver) -> C:\Windows\system32\DRIVERS\ramdisk.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R0 - [Kernel Driver] - rcbottom (StoreMI Bottom Service) -> C:\Windows\system32\drivers\rcbottom.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R0 - [Kernel Driver] - rcraid (rcraid) -> C:\Windows\system32\drivers\rcraid.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> C:\Windows\system32\drivers\rdyboost.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
S0 - [Kernel Driver] - sbp2port (Pilote de bus de transport/protocole SBP-2) -> C:\Windows\system32\drivers\sbp2port.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - scmbus (Pilote de bus de mÃ©moire de classe stockage Microsoft) -> C:\Windows\system32\drivers\scmbus.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R0 - [Kernel Driver] - SgrmAgent (System Guard Runtime Monitor Agent) -> C:\Windows\system32\drivers\SgrmAgent.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
S0 - [Kernel Driver] - SiSRaid2 (SiSRaid2) -> C:\Windows\system32\drivers\SiSRaid2.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - SiSRaid4 (SiSRaid4) -> C:\Windows\system32\drivers\sisraid4.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - SmartSAMD (SmartSAMD) -> C:\Windows\system32\drivers\SmartSAMD.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R0 - [Kernel Driver] - spaceport (Pilote des espaces de stockage) -> C:\Windows\system32\drivers\spaceport.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
S0 - [Kernel Driver] - stexstor (stexstor) -> C:\Windows\system32\drivers\stexstor.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - storahci (Lecteur AHCI SATA Microsoft standard) -> C:\Windows\system32\drivers\storahci.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - storflt (AccÃ©lÃ©rateur de stockage Microsoft Hyper-V) -> C:\Windows\system32\drivers\vmstorfl.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - stornvme (Pilote NVM Express standard de Microsoft) -> C:\Windows\system32\drivers\stornvme.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - storufs (Pilote Universal Flash Storage (UFS) Microsoft) -> C:\Windows\system32\drivers\storufs.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - storvsc (storvsc) -> C:\Windows\system32\drivers\storvsc.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R0 - [Kernel Driver] - Tcpip (Pilote pour protocole TCP/IP) -> C:\Windows\system32\drivers\tcpip.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R0 - [Kernel Driver] - Telemetry (Service de tÃ©lÃ©mÃ©trie Intel(R)) -> C:\Windows\system32\drivers\IntelTA.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R0 - [Kernel Driver] - vdrvroot (ÃnumÃ©rateur de lecteur virtuel Microsoft) -> C:\Windows\system32\drivers\vdrvroot.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
S0 - [Kernel Driver] - vmbus (Bus VMBus) -> C:\Windows\system32\drivers\vmbus.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R0 - [Kernel Driver] - volmgr (Pilote du gestionnaire de volumes) -> C:\Windows\system32\drivers\volmgr.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R0 - [Kernel Driver] - volmgrx (Gestionnaire de volumes dynamiques) -> C:\Windows\system32\drivers\volmgrx.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R0 - [Kernel Driver] - volsnap (Pilote de clichÃ© instantanÃ© du volume) -> C:\Windows\system32\drivers\volsnap.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R0 - [Kernel Driver] - volume (Pilote de volume) -> C:\Windows\system32\drivers\volume.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
S0 - [Kernel Driver] - vpci (Bus PCI virtuel Microsoft Hyper-V) -> C:\Windows\system32\drivers\vpci.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - vsmraid (vsmraid) -> C:\Windows\system32\drivers\vsmraid.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - VSTXRAID (Pilote Windows du contrÃ´leur RAID de stockage VIA StorX) -> C:\Windows\system32\drivers\vstxraid.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S0 - [Kernel Driver] - WdBoot (Pilote de dÃ©marrage de lÂantivirus Microsoft Defender) -> C:\Windows\system32\drivers\wd\WdBoot.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R0 - [Kernel Driver] - Wdf01000 (Service Infrastructure de pilote en mode noyau) -> C:\Windows\system32\drivers\Wdf01000.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R0 - [File System Driver] - WdFilter (Pilote du mini-filtre de lÂantivirus Microsoft Defender) -> C:\Windows\system32\drivers\wd\WdFilter.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R0 - [Kernel Driver] - WFPLWFS (Plateforme de filtrage Microsoft Windows) -> C:\Windows\system32\drivers\wfplwfs.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R0 - [Kernel Driver] - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> C:\Windows\system32\drivers\WindowsTrustedRT.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R0 - [Kernel Driver] - WindowsTrustedRTProxy (Service sÃ©curisÃ© d'exÃ©cution approuvÃ©e Microsoft Windows) -> C:\Windows\system32\drivers\WindowsTrustedRTProxy.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R0 - [File System Driver] - Wof (Windows Overlay File System Filter Driver) -> C:\Windows\system32\drivers\Wof.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R1 - [Kernel Driver] - AFD (Pilote de fonction connexe pour Winsock) -> C:\Windows\system32\drivers\afd.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R1 - [Kernel Driver] - afunix (afunix) -> C:\Windows\system32\drivers\afunix.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R1 - [Kernel Driver] - ahcache (Application Compatibility Cache) -> C:\Windows\system32\DRIVERS\ahcache.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R1 - [Kernel Driver] - bam (Background Activity Moderator Driver) -> C:\Windows\system32\drivers\bam.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R1 - [Kernel Driver] - BasicDisplay (BasicDisplay) -> C:\Windows\system32\DriverStore\FileRepository\basicdisplay.inf_amd64_65ab9a260dbf7467\BasicDisplay.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R1 - [Kernel Driver] - BasicRender (BasicRender) -> C:\Windows\system32\DriverStore\FileRepository\basicrender.inf_amd64_df49c4daa6251397\BasicRender.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R1 - [Kernel Driver] - Beep (Beep) -> C:\Windows\system32\drivers\Beep.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R1 - [Kernel Driver] - cdrom (Pilote de CD-ROM) -> C:\Windows\system32\drivers\cdrom.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R1 - [File System Driver] - CimFS (CimFS) -> C:\Windows\system32\drivers\CimFS.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
S1 - [Kernel Driver] - dam (Desktop Activity Moderator Driver) -> C:\Windows\system32\drivers\dam.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R1 - [File System Driver] - Dfsc (Pilote du client de lÂespace de noms DFS) -> C:\Windows\system32\Drivers\dfsc.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R1 - [Kernel Driver] - DXGKrnl (LDDM Graphics Subsystem) -> C:\Windows\system32\drivers\dxgkrnl.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R1 - [File System Driver] - FileCrypt (FileCrypt) -> C:\Windows\system32\drivers\filecrypt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R1 - [Kernel Driver] - GpuEnergyDrv (GPU Energy Driver) -> C:\Windows\system32\drivers\gpuenergydrv.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R1 - [File System Driver] - Msfs (Msfs) -> C:\Windows\system32\drivers\Msfs.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R1 - [Kernel Driver] - mssmbios (Microsoft System Management BIOS Driver) -> C:\Windows\system32\drivers\mssmbios.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R1 - [Kernel Driver] - NdisCap (Capture NDIS Microsoft) -> C:\Windows\system32\drivers\ndiscap.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R1 - [File System Driver] - NetBIOS (NetBIOS Interface) -> C:\Windows\system32\drivers\netbios.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R1 - [Kernel Driver] - NetBT (NetBT) -> C:\Windows\system32\DRIVERS\netbt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R1 - [File System Driver] - Npfs (Npfs) -> C:\Windows\system32\drivers\Npfs.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R1 - [Kernel Driver] - npsvctrig (Named pipe service trigger provider) -> C:\Windows\system32\drivers\npsvctrig.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R1 - [Kernel Driver] - nsiproxy (NSI Proxy Service Driver) -> C:\Windows\system32\drivers\nsiproxy.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R1 - [Kernel Driver] - Null (Null) -> C:\Windows\system32\drivers\Null.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R1 - [Kernel Driver] - Psched (Planificateur de paquets QoS) -> C:\Windows\system32\drivers\pacer.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R1 - [File System Driver] - rdbss (Sous-systÃ¨me de mise en mÃ©moire tampon redirigÃ©e) -> C:\Windows\system32\DRIVERS\rdbss.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R1 - [Kernel Driver] - tdx (Pilote de prise en charge TDI hÃ©ritÃ©e NetIO) -> C:\Windows\system32\DRIVERS\tdx.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R1 - [Kernel Driver] - Vid (Vid) -> C:\Windows\system32\drivers\Vid.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R1 - [Kernel Driver] - vwififlt (Virtual WiFi Filter Driver) -> C:\Windows\system32\drivers\vwififlt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [File System Driver] - bindflt (Windows Bind Filter Driver) -> C:\Windows\system32\drivers\bindflt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Own Process] - Apple Mobile Device Service (Apple Mobile Device Service) -> "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - AudioEndpointBuilder (GÃ©nÃ©rateur de points de terminaison du service Audio Windows) -> C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Own Process] - Audiosrv (Audio Windows) -> C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - BFE (Moteur de filtrage de base) -> C:\Windows\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - BITS (Service de transfert intelligent en arriÃ¨re-plan) -> C:\Windows\System32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Own Process] - Bonjour Service (Service Bonjour) -> "C:\Program Files\Bonjour\mDNSResponder.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - BrokerInfrastructure (Service dÂinfrastructure des tÃ¢ches en arriÃ¨re-plan) -> C:\Windows\system32\svchost.exe -k DcomLaunch -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R2 - [Share Process] - CDPSvc (Service de plateforme des appareils connectÃ©s) -> C:\Windows\system32\svchost.exe -k LocalService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - CoreMessagingRegistrar (CoreMessaging) -> C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R2 - [Share Process] - CryptSvc (Services de chiffrement) -> C:\Windows\system32\svchost.exe -k NetworkService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - DcomLaunch (Lanceur de processus serveur DCOM) -> C:\Windows\system32\svchost.exe -k DcomLaunch -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R2 - [Share Process] - Dhcp (Client DHCP) -> C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Own Process] - DiagTrack (ExpÃ©riences des utilisateurs connectÃ©s et tÃ©lÃ©mÃ©trie) -> C:\Windows\System32\svchost.exe -k utcsvc -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - DispBrokerDesktopSvc (Service de stratÃ©gie d'affichage) -> C:\Windows\system32\svchost.exe -k LocalService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - Dnscache (Client DNS) -> C:\Windows\system32\svchost.exe -k NetworkService -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R2 - [Share Process] - DPS (Service de stratÃ©gie de diagnostic) -> C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Own Process] - DusmSvc (Consommation des donnÃ©es) -> C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
S2 - [Own Process] - edgeupdate (Service Mise Ã  jour de Microsoft Edge (edgeupdate)) -> "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R2 - [Share Process] - EventLog (Journal dÂÃ©vÃ©nements Windows) -> C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - EventSystem (SystÃ¨me dÂÃ©vÃ©nement COM+) -> C:\Windows\system32\svchost.exe -k LocalService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - FontCache (Service de cache de police Windows) -> C:\Windows\system32\svchost.exe -k LocalService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Unknown] - GamingServices (Gaming Services) -> C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17002.0_x64__8wekyb3d8bbwe\GamingServices.exe - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Unknown] - GamingServicesNet (Gaming Services) -> C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17002.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe - AcceptPause : False - AcceptStop : True - DesktopInteract : False
S2 - [Share Process] - gpsvc (Client de stratÃ©gie de groupe) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S2 - [Own Process] - gupdate (Service Google Update (gupdate)) -> "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R2 - [Share Process] - IKEEXT (Modules de gÃ©nÃ©ration de clÃ©s IKE et AuthIP) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - iphlpsvc (Assistance IP) -> C:\Windows\System32\svchost.exe -k NetSvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [File System Driver] - CldFlt (Windows Cloud Files Filter Driver) -> C:\Windows\system32\drivers\cldflt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - LanmanServer (Serveur) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - LanmanWorkstation (Station de travail) -> C:\Windows\System32\svchost.exe -k NetworkService -p - AcceptPause : True - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - LSM (Gestionnaire de session locale) -> C:\Windows\system32\svchost.exe -k DcomLaunch -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False
S2 - [Own Process] - MapsBroker (Gestionnaire des cartes tÃ©lÃ©chargÃ©es) -> C:\Windows\System32\svchost.exe -k NetworkService -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R2 - [Share Process] - mpssvc (Pare-feu Windows Defender) -> C:\Windows\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R2 - [Share Process] - NlaSvc (Connaissance des emplacements rÃ©seau) -> C:\Windows\System32\svchost.exe -k NetworkService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - nsi (Service Interface du magasin rÃ©seau) -> C:\Windows\system32\svchost.exe -k LocalService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Own Process] - NVDisplay.ContainerLocalSystem (NVIDIA Display Container LS) -> C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d71d3f5ea7618cbb\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d71d3f5ea7618cbb\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - Power (Alimentation) -> C:\Windows\system32\svchost.exe -k DcomLaunch -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R2 - [Share Process] - ProfSvc (Service de profil utilisateur) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - RasMan (Gestionnaire des connexions dÂaccÃ¨s Ã  distance) -> C:\Windows\System32\svchost.exe -k netsvcs - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - RpcEptMapper (Mappeur de point de terminaison RPC) -> C:\Windows\system32\svchost.exe -k RPCSS -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R2 - [Share Process] - RpcSs (Appel de procÃ©dure distante (RPC)) -> C:\Windows\system32\svchost.exe -k rpcss -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R2 - [Own Process] - RtkAudioUniversalService (Realtek Audio Universal Service) -> "C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c51a65fb5ec70f9d\RtkAudUService64.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - SamSs (Gestionnaire de comptes de sÃ©curitÃ©) -> C:\Windows\system32\lsass.exe - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R2 - [Share Process] - Schedule (Planificateur de tÃ¢ches) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - SENS (Service de notification dÂÃ©vÃ©nements systÃ¨me) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Own Process] - SgrmBroker (Service Broker du moniteur d'exÃ©cution System Guard) -> C:\Windows\system32\SgrmBroker.exe - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R2 - [Kernel Driver] - lltdio (Pilote E/S de mappage de dÃ©couverte de topologie de la couche de liaison) -> C:\Windows\system32\drivers\lltdio.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [File System Driver] - luafv (Virtualisation de fichier UAC) -> C:\Windows\system32\drivers\luafv.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Kernel Driver] - MMCSS (Multimedia Class Scheduler) -> C:\Windows\system32\drivers\mmcss.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Kernel Driver] - MsLldp (Protocole LLDP (Link Layer Discovery Protocol) Microsoft) -> C:\Windows\system32\drivers\mslldp.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - ShellHWDetection (DÃ©tection matÃ©riel noyau) -> C:\Windows\System32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Own Process] - Spooler (Spouleur dÂimpression) -> C:\Windows\System32\spoolsv.exe - AcceptPause : False - AcceptStop : True - DesktopInteract : True
S2 - [Own Process] - sppsvc (Protection logicielle) -> C:\Windows\system32\sppsvc.exe - AcceptPause : False - AcceptStop : False - DesktopInteract : False
R2 - [Own Process] - stisvc (Acquisition dÂimage Windows (WIA)) -> C:\Windows\system32\svchost.exe -k imgsvc - AcceptPause : True - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - StorSvc (Service de stockage) -> C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - SysMain (SysMain) -> C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - SystemEventsBroker (Service Broker des Ã©vÃ©nements systÃ¨me) -> C:\Windows\system32\svchost.exe -k DcomLaunch -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - Themes (ThÃ¨mes) -> C:\Windows\System32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - TrkWks (Client de suivi de lien distribuÃ©) -> C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - UserManager (Gestionnaire des utilisateurs) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - UsoSvc (Mettre Ã  jour le service Orchestrator) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Kernel Driver] - Ndu (Windows Network Data Usage Monitoring Driver) -> C:\Windows\system32\drivers\Ndu.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> C:\Windows\system32\drivers\peauth.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Kernel Driver] - rspndr (RÃ©pondeur de dÃ©couverte de la topologie de la couche de liaison) -> C:\Windows\system32\drivers\rspndr.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [File System Driver] - storqosflt (Pilote de filtre de qualitÃ© de service de stockage) -> C:\Windows\system32\drivers\storqosflt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> C:\Windows\system32\drivers\tcpipreg.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Own Process] - Wcmsvc (Gestionnaire des connexions Windows) -> C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Own Process] - WinDefend (Service antivirus Microsoft Defender) -> "C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - Winmgmt (Infrastructure de gestion Windows) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : True - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - WpnService (Service du systÃ¨me de notifications Push Windows) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Share Process] - wscsvc (Centre de sÃ©curitÃ©) -> C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Own Process] - WSearch (Windows Search) -> C:\Windows\system32\SearchIndexer.exe /Embedding - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Own Process] - WTabletServicePro (Wacom Professional Service) -> "C:\Program Files\Tablet\Wacom\WTabletServicePro.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Unknown] - CDPUserSvc_72a882 (Service pour utilisateur de plateforme dÂappareils connectÃ©s_72a882) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Unknown] - OneSyncSvc_72a882 (HÃ´te de synchronisation_72a882) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Unknown] - WpnUserService_72a882 (Service utilisateur de notifications Push Windows_72a882) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [Kernel Driver] - wanarp (Pilote ARP IP dÂaccÃ¨s Ã  distance) -> C:\Windows\system32\DRIVERS\wanarp.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False
R2 - [File System Driver] - wcifs (Windows Container Isolation) -> C:\Windows\system32\drivers\wcifs.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False

---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted)


---------- | Uninstall (Whitelist)

[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Discord] : (Discord.-.Discord Inc.) -> C:\Users\alex-\AppData\Local\Discord\Update.exe --uninstall
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Flux] : (f.lux.-.f.lux Software LLC) -> "C:\Users\alex-\AppData\Local\FluxSoftware\Flux\uninstall.exe"
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Wargaming.net Game Center] : (Wargaming.net Game Center.-.Wargaming.net) -> "C:\ProgramData\Wargaming.net\GameCenter\setup.exe" /IU
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WOWS.WW.PRODUCTION] : (World_of_Warships.-.Wargaming.net) -> "D:\World_of_Warships\wgc_api.exe" --uninstall
[HKU\S-1-5-21-2423402792-3554856681-1955181387-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}] : (Twitch.-.Twitch Interactive, Inc.) -> "C:\Users\alex-\AppData\Roaming\Twitch\Bin\UninstallTwitch.exe" /X{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> 
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AMD_StoreMI] : (AMD StoreMI.-.Advanced Micro Devices, Inc.) -> C:\Program Files\AMD\StoreMI\Qt_Dependancies\Setup.exe /U {03554C1E-FCBE-4CC3-8EC9-D2FD236842FC}
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CCleaner] : (CCleaner.-.Piriform) -> "C:\Program Files\CCleaner\uninst.exe"
----------[{Hidden}][HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> 
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> 
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> 
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> 
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> 
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> 
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> 
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> 
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Microsoft Edge] : (.-.) -> 
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> 
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Mozilla Firefox 88.0.1 (x64 fr)] : (Mozilla Firefox 88.0.1 (x64 fr).-.Mozilla) -> "C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MozillaMaintenanceService] : (Mozilla Maintenance Service.-.Mozilla) -> "C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> 
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> 
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Speccy] : (Speccy.-.Piriform) -> "C:\Program Files\Speccy\uninst.exe"
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 227300] : (Euro Truck Simulator 2.-.SCS Software) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/227300
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 252950] : (Rocket League.-.Psyonix LLC) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/252950
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VLC media player] : (VLC media player.-.VideoLAN) -> "C:\Program Files\VideoLAN\VLC\uninstall.exe"
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Wacom Tablet Driver] : (Tablette Wacom.-.Wacom Technology Corp.) -> C:\Program Files\Tablet\Wacom\32\Remove.exe /u
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WhoCrashed_is1] : (WhoCrashed 6.70.-.Resplendence Software Projects Sp.) -> "C:\Program Files\WhoCrashed\unins000.exe"
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> 
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WinRAR archiver] : (WinRAR 6.01 (64-bit).-.win.rar GmbH) -> C:\Program Files\WinRAR\uninstall.exe
----------[{Hidden}][HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{03554C1E-FCBE-4CC3-8EC9-D2FD236842FC}] : (AMD StoreMI.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{03554C1E-FCBE-4CC3-8EC9-D2FD236842FC}
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1444D2EE-C7AD-44A8-844F-2634B49353D1}] : (Logitech Gaming Software 5.10.-.Logitech) -> MsiExec.exe /X{1444D2EE-C7AD-44A8-844F-2634B49353D1}
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F64180291F0}] : (Java 8 Update 291 (64-bit).-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F64180291F0}
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}] : (Bonjour.-.Apple Inc.) -> MsiExec.exe /X{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8345D0DF-6F2B-42B5-BEA4-9D7B0F532294}] : (DriversCloud.com (64 bits).-.Cybelsoft) -> MsiExec.exe /X{8345D0DF-6F2B-42B5-BEA4-9D7B0F532294}
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1] : (TruckersMP Launcher 1.0.0.4.-.TruckersMP Team) -> "C:\Program Files\TruckersMP Launcher\unins000.exe"
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver] : (NVIDIA Pilote graphique 466.47.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience] : (NVIDIA GeForce Experience 3.22.0.32.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience
----------[{Hidden}][HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus] : (NVIDIA Optimus Update 38.0.7.0.-.NVIDIA Corporation) -> 
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX] : (NVIDIA Logiciel systÃ¨me PhysX 9.19.0218.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX
----------[{Hidden}][HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] : (Mises Ã  jour NVIDIA 38.0.7.0.-.NVIDIA Corporation) -> 
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk] : (NVIDIA FrameView SDK 1.1.4923.29781331.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage FrameViewSdk
----------[{Hidden}][HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv] : (NVIDIA SHIELD Streaming.-.NVIDIA Corporation) -> 
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver] : (NVIDIA Pilote audio HD : 1.3.38.60.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage HDAudio.Driver
----------[{Hidden}][HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] : (NVIDIA Install Application.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvAbHub] : (NVIDIA ABHub.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend] : (NVIDIA Backend.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer] : (NVIDIA Container.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ContainerTelemetryApiHelper] : (NVIDIA TelemetryApi helper for NvContainer.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem] : (NVIDIA LocalSystem Container.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus] : (NVIDIA Message Bus for NvContainer.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor] : (NVAPI Monitor plugin for NvContainer.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ServiceUser] : (NVIDIA NetworkService Container.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session] : (NVIDIA Session Container.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User] : (NVIDIA User Container.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver] : (NvModuleTracker.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs] : (NVIDIA NodeJS.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog] : (NVIDIA Watchdog Plugin for NvContainer.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry] : (NVIDIA Telemetry Client.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvVHCI] : (NVIDIA Virtual Host Controller.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC] : (Nvidia Share.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay] : (NVIDIA ShadowPlay 3.22.0.32.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController] : (NVIDIA SHIELD Wireless Controller Driver.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core] : (NVIDIA Update Core.-.NVIDIA Corporation) -> 
----------[{Hidden}][HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver] : (NVIDIA Virtual Audio 4.13.0.0.-.NVIDIA Corporation) -> 
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{BF029534-4334-4CFC-B771-50B7EE54346F}_is1] : (BakkesMod version 3.0.-.BakkesMod) -> "C:\Program Files\BakkesMod\unins000.exe"
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C788AE25-3D4E-4D18-811B-3219F778487E}] : (Apple Mobile Device Support.-.Apple Inc.) -> MsiExec.exe /I{C788AE25-3D4E-4D18-811B-3219F778487E}
[HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D39B163A-9E12-442C-95E9-33FA5746AB21}] : (Apple Application Support (64 bits).-.Apple Inc.) -> MsiExec.exe /I{D39B163A-9E12-442C-95E9-33FA5746AB21}
----------[{Hidden}][HKLM64\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}] : (Epic Games Launcher Prerequisites (x64).-.Epic Games, Inc.) -> MsiExec.exe /X{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AMD_Chipset_IODrivers] : (AMD Chipset Software.-.Advanced Micro Devices, Inc.) -> "C:\Program Files (x86)\AMD\Chipset_IODrivers\Setup.exe" /U {40c19864-e557-4855-95ee-075689dfcf8e}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Biker Garage Mechanic Simulator Customization_is1] : (Biker Garage Mechanic Simulator Customization.-.) -> "D:\Games\Biker Garage Mechanic Simulator Customization\unins000.exe"
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Google Chrome] : (GoogleÂ Chrome.-.GoogleÂ LLC) -> "C:\Program Files\Google\Chrome\Application\90.0.4430.212\Installer\setup.exe" --uninstall --channel --system-level --verbose-logging
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MEGAsync] : (MEGAsync.-.Mega Limited) -> C:\Users\alex-\AppData\Local\MEGAsync\uninst.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Microsoft Edge Update] : (Microsoft Edge Update.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\OBS Studio] : (OBS Studio.-.OBS Project) -> C:\Program Files\obs-studio\uninstall.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Overwolf] : (Overwolf.-.Overwolf Ltd.) -> "C:\Program Files (x86)\Overwolf\\OWUninstaller.exe" /S
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Rockstar Games Launcher] : (Rockstar Games Launcher.-.Rockstar Games) -> "D:\Launcher\uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Rockstar Games Social Club] : (Rockstar Games Social Club.-.Rockstar Games) -> C:\Program Files\Rockstar Games\Social Club\uninstallRGSCRedistributable.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam] : (Steam.-.Valve Corporation) -> C:\Program Files (x86)\Steam\uninstall.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 252950] : (.-.Psyonix, Inc) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\TrucksBook Client_is1] : (TrucksBook Client version 1.3.8.-.TrucksBook) -> "C:\Program Files (x86)\TrucksBook Client\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0B736177-814A-4ADE-81D1-66A0FDD55BB4}] : (Epic Online Services.-.Epic Games, Inc.) -> MsiExec.exe /X{0B736177-814A-4ADE-81D1-66A0FDD55BB4}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{11C4575B-4B32-44D2-A097-D59A00BA60DE}] : (Apple Application Support (32 bits).-.Apple Inc.) -> MsiExec.exe /I{11C4575B-4B32-44D2-A097-D59A00BA60DE}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1A3E3EA7-5A7C-4292-8A13-B0DE1BF49E13}_CK550_CK552] : (CK550_CK552 Settings software.-.Cooler Master) -> C:\Windows\uninsCK550_CK552.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1A3E3EA7-5A7C-4292-8A13-B0DE1BF49E13}_COOLER_MASTER_PORTAL] : (Cooler Master Portal Settings software.-.Cooler Master) -> C:\Windows\uninsCooler Master Portal.exe
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{40c19864-e557-4855-95ee-075689dfcf8e}] : (AMD_Chipset_Drivers.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{40c19864-e557-4855-95ee-075689dfcf8e}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{43a03b9c-4770-409c-a999-587b60700b63}] : (Launcher Prerequisites (x64).-.Epic Games, Inc.) -> "C:\ProgramData\Package Cache\{43a03b9c-4770-409c-a999-587b60700b63}\LauncherPrereqSetup_x64.exe"  /uninstall
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5EFC6C07-6B87-43FC-9524-F9E967241741}] : (Grand Theft Auto V.-.Rockstar Games) -> "D:\Launcher\Launcher.exe" -enableFullMode -uninstall=gta5
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{733C3ACB-432D-4880-B0E1-660000D7974D}] : (Minecraft Launcher.-.Mojang) -> MsiExec.exe /X{733C3ACB-432D-4880-B0E1-660000D7974D}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}] : (AMD PCI Driver.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{80EC3CEE-2940-42A1-A776-B5D810D39F1E}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}] : (Realtek Ethernet Controller Driver.-.Realtek) -> "C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe" -runfromtemp -removeonly
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{988F14B8-79A8-475D-BAC7-83F96AD3D821}] : (AMD PSP Driver.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{988F14B8-79A8-475D-BAC7-83F96AD3D821}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}] : (AMD Ryzen Balanced Driver.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}] : (AMD SBxxx SMBus Driver Alpha.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}] : (Promontory_GPIO Driver.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C83D4B4A-C7D0-4C01-995E-17081DAE5CEF}] : (Epic Games Launcher.-.Epic Games, Inc.) -> MsiExec.exe /X{C83D4B4A-C7D0-4C01-995E-17081DAE5CEF}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{d083a60d-8bf1-47cb-abdc-4c600e90ec6a}] : (osu!.-.ppy Pty Ltd) -> D:\osu!\osu!.exe -uninstall
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}] : (AMD GPIO2 Driver.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EFCC1549-F2CF-4540-B258-EB26A30237D2}_is1] : (obs-ios-camera-source version git.-.Will Townsend) -> "C:\obs-studio\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] : (Realtek Audio Driver.-.Realtek Semiconductor Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -runfromtemp  -removeonly

---------- | Ports 


---------- | Installer

[HKCR\Installer\Products\023D171AC24CB3F42A8D6C0AF97688CC] : AMD Ryzen Balanced Driver -> C:\Windows\Installer\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\46891c04755e558459ee706598fdfce8] : AMD_Chipset_Drivers -> C:\Windows\Installer\{40c19864-e557-4855-95ee-075689dfcf8e}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\499C5C9F9B6F57D43B7EDA108B04379E] : Epic Games Launcher Prerequisites (x64) -> C:\Windows\Installer\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}\UnrealEngineLauncher.ico
[HKCR\Installer\Products\4EA42A62D9304AC4784BF2468120190F] : Java 8 Update 291 (64-bit) -> C:\Program Files\Java\jre1.8.0_291\\bin\javaws.exe
[HKCR\Installer\Products\52EA887CE4D381D418B123917F8784E7] : Apple Mobile Device Support -> C:\Windows\Installer\{C788AE25-3D4E-4D18-811B-3219F778487E}\Installer.ico
[HKCR\Installer\Products\771637B0A418EDA4181D660ADF5DB54B] : Epic Online Services -> C:\Windows\Installer\{0B736177-814A-4ADE-81D1-66A0FDD55BB4}\Installer.ico
[HKCR\Installer\Products\8B41F8898A97D574AB7C389FA63D8D12] : AMD PSP Driver -> C:\Windows\Installer\{988F14B8-79A8-475D-BAC7-83F96AD3D821}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\8BFDDD6597F70844985D521E5FA22BF8] : Bonjour -> C:\Windows\Installer\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}\Bonjour.ico
[HKCR\Installer\Products\A361B93D21E9C244599E33AF7564BA12] : Apple Application Support (64 bits) -> C:\Windows\Installer\{D39B163A-9E12-442C-95E9-33FA5746AB21}\WinInstall.ico
[HKCR\Installer\Products\A4B4D38C0D7C10C499E57180D1EAC5FE] : Epic Games Launcher -> C:\Windows\Installer\{C83D4B4A-C7D0-4C01-995E-17081DAE5CEF}\Installer.ico
[HKCR\Installer\Products\B5754C1123B42D440A795DA900AB06ED] : Apple Application Support (32 bits) -> C:\Windows\Installer\{11C4575B-4B32-44D2-A097-D59A00BA60DE}\WinInstall.ico
[HKCR\Installer\Products\BCA3C337D23408840B1E6600007D79D4] : Minecraft Launcher -> C:\Windows\Installer\{733C3ACB-432D-4880-B0E1-660000D7974D}\minecraft.ico
[HKCR\Installer\Products\CCB2155BDC4F9514684A2BDAD783FF9A] : Promontory_GPIO Driver -> C:\Windows\Installer\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\D72E0EAAA88CAB94785177DADC24683A] : AMD SBxxx SMBus Driver Alpha -> C:\Windows\Installer\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\E1C45530EBCF3CC4E89C2DDF328624CF] : AMD StoreMI -> C:\Windows\Installer\{03554C1E-FCBE-4CC3-8EC9-D2FD236842FC}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\EE2D4441DA7C8A4448F462434B39351D] : Logitech Gaming Software 5.10 -> C:\Windows\Installer\{1444D2EE-C7AD-44A8-844F-2634B49353D1}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\EEC3CE0804921A247A675B8D013DF9E1] : AMD PCI Driver -> C:\Windows\Installer\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater
[HKCR\Installer\Products\F993DD9E3A12E9747AFD6DFCB4A2BD3F] : AMD GPIO2 Driver -> C:\Windows\Installer\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\FD0D5438B2F65B24EB4AD9B7F0352249] : DriversCloud.com (64 bits) -> C:\Windows\Installer\{8345D0DF-6F2B-42B5-BEA4-9D7B0F532294}\maconfico

---------- | UserSettings