--------------- QuickDiag | g3n-h@ckm@n | V7.076.21.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 17/05/2021 14:25:37 Updated 17/03/2021 | 19:20 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [Antonio (Administrator)] - [ANTONIO] (S-1-5-21-3211553782-380890847-3588550373) System: Microsoft Windows 10 Professionnel - - (10.0.19042) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> (2009) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Professionnel|C:\WINDOWS|\Device\Harddisk1\Partition3 Boot : Normal boot PC: All Series - ASUS - IdNumber: System Serial Number - UUID: 8BCCD5E0-D7DA-11DD-8E6C-40167EAD36BB Processor : X64 - 4000 Mhz - Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz 3503 - en|US|iso8859-1 - American Megatrends Inc. - S/N: System Serial Number - 3503 - ALASKA - 1072009 CoreTemp : 29.8 Celsius ----------| Quick ---------- | SoundDevice Razer Kraken 7.1 V2 - Status: OK - Manufacturer: Razer Inc. - PNPDeviceID: USB\VID_1532&PID_0510&MI_00\6&331C2FDE&0&0000 NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0099&SUBSYS_1462375A&REV_1001\5&3B20E8E5&0&0001 Périphérique High Definition Audio - Status: OK - Manufacturer: Microsoft - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0900&SUBSYS_10438602&REV_1000\4&186B835&0&0001 NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: ROOT\UNNAMED_DEVICE\0000 Oculus Virtual Audio Device - Status: OK - Manufacturer: Oculus - PNPDeviceID: ROOT\MEDIA\0000 Voicemod Virtual Audio Device (WDM) - Status: OK - Manufacturer: Voicemod S.L. - PNPDeviceID: ROOT\MEDIA\0001 DroidCam Virtual Audio - Status: OK - Manufacturer: Dev47Apps.com - PNPDeviceID: ROOT\MEDIA\0003 ---------- | Video NVIDIA GeForce GTX 1660 Ti - Resolution: 1366x768 - Colors: 4294967296 - RefreshRate: 59 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a494df49ba2f9f36\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a494df49ba2f9f36\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a494df49ba2f9f36\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a494df49ba2f9f36\nvldumdx.dll - PNPDeviceID: PCI\VEN_10DE&DEV_2182&SUBSYS_375A1462&REV_A1\4&3834D97&0&0008 - AdapterCompatibility: NVIDIA - RAM: -1048576 Inegrated Video Chipset DeviceName: NVIDIA GeForce GTX 1660 Ti - DriverVersion: 27.21.14.6627 - SpecificationVersion: 1025 ---------- | Codecs C:\WINDOWS\system32\MSADP32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34600 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\L3CODECA.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 93184 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK C:\WINDOWS\system32\VP6VFW.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 438272 - Manufacturer: On2.com - Status: OK C:\WINDOWS\system32\MCDVD_32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 261632 - Manufacturer: MainConcept - Status: OK C:\WINDOWS\system32\TSBYUV.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\X264VFW64.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 3799552 - Manufacturer: x264vfw project - Status: OK C:\WINDOWS\system32\XVIDVFW.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 251392 - Manufacturer: - Status: OK C:\WINDOWS\system32\VCT3216.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 82944 - Manufacturer: Voxware, Inc. - Status: OK C:\WINDOWS\system32\LAME.AX - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 245760 - Manufacturer: - Status: OK C:\WINDOWS\system32\MSGSM32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42904 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\MSVIDC32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 39936 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\MSYUV.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 27648 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\MPG4C32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 413760 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\DIVX.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 638976 - Manufacturer: DivXNetworks, Inc. - Status: OK C:\WINDOWS\system32\AC3ACM.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 180736 - Manufacturer: fccHandler - Status: OK C:\WINDOWS\system32\SCG726.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 13239 - Manufacturer: SHARP Corporation - Status: OK C:\WINDOWS\system32\MSG711.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25824 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\MSRLE32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 18432 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\ALF2CD.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 - Manufacturer: NCT Company - Status: OK C:\WINDOWS\system32\LAGARITH.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 148992 - Manufacturer: - Status: OK C:\WINDOWS\system32\IMAADP32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 37440 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\IYUV_32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 - Manufacturer: Microsoft Corporation - Status: OK ---------- | Memory Pagefile = Total (MB) : 27955 | Free (MB) : 14057 Virtual = Total (MB) : 4194 | Free (MB) : 3916 Physical Memory (MB) -------------------- Total: 16324 Available: 6153 Cached: 6739 Free: 912 System ------ Handles: 105948 Processes: 218 Threads: 3250 ---------- | SID Users Administrateur : [S-1-5-21-3211553782-380890847-3588550373-500] Antonio : [S-1-5-21-3211553782-380890847-3588550373] DefaultAccount : [S-1-5-21-3211553782-380890847-3588550373-503] Invité : [S-1-5-21-3211553782-380890847-3588550373-501] WDAGUtilityAccount : [S-1-5-21-3211553782-380890847-3588550373-504] Administrateurs : [S-1-5-32-544] Administrateurs Hyper-V : [S-1-5-32-578] Duplicateurs : [S-1-5-32-552] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] Opérateurs d'assistance de contrôle d'accès : [S-1-5-32-579] Opérateurs de chiffrement : [S-1-5-32-569] Opérateurs de configuration réseau : [S-1-5-32-556] Opérateurs de sauvegarde : [S-1-5-32-551] System Managed Accounts Group : [S-1-5-32-581] Utilisateurs : [S-1-5-32-545] Utilisateurs avec pouvoir : [S-1-5-32-547] Utilisateurs de gestion à distance : [S-1-5-32-580] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du Bureau à distance : [S-1-5-32-555] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] __vmware__ : [S-1-5-21-3211553782-380890847-3588550373-1003] OVRLibraryService : [S-1-5-80-3238277391-1891473654-1195688043-4149050645-2494734967] ---------- | Drives C:\ -> [Fixed] | [] | Total : 110.71 Go | Free : 8.19 Go -> NTFS (SSD) [SATA] D:\ -> [Fixed] | [Réservé au système] | Total : 0.34 Go | Free : 0.29 Go -> NTFS [SATA] E:\ -> [Fixed] | [DD 1.81 TO] | Total : 1862.98 Go | Free : 148.74 Go -> NTFS [USB] G:\ -> [Fixed] | [Disque principal ] | Total : 1862.67 Go | Free : 303.49 Go -> NTFS [SATA] Drive: 0 Cylinders: 243201 Tracks per Cylinder: 255 Sectors per Track: 63 Bytes per Sector: 512 Total Space: 2000398934016 bytes Drive: 1 Cylinders: 14593 Tracks per Cylinder: 255 Sectors per Track: 63 Bytes per Sector: 512 Total Space: 120034123776 bytes Drive: 2 Cylinders: 243197 Tracks per Cylinder: 255 Sectors per Track: 63 Bytes per Sector: 512 Total Space: 2000365289472 bytes ---------- | Windows updates - Activation - License W.A.T : :) Test 1 : Windows Is Activated Volume License ---------- | Browsers IE : 11.0.19041.1 (© Microsoft Corporation. Tous droits réservés.) GC : 90.0.4430.212 (Copyright 2020 Google LLC.) Default : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" ---------- | FlashPlayer FlashPlayer Plugin : 32.0.0.371 ---------- | Security AS : Windows Defender Enabled FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Auto(2)] = Running AS: Windows Defender [Auto(2)] = Running WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 492 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.19041.964) = C:\Windows\System32\smss.exe [14/05/2021 03:31:59] CPU Usage:0 % 652 | [Owner : Système | Parent : 644() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.19041.546) = C:\Windows\System32\csrss.exe [26/10/2020 01:16:34] CPU Usage:0 % 748 | [Owner : Système | Parent : 644() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.19041.662) = C:\Windows\System32\wininit.exe [11/12/2020 12:20:08] CPU Usage:0 % 756 | [Owner : Système | Parent : 736() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.19041.546) = C:\Windows\System32\csrss.exe [26/10/2020 01:16:34] CPU Usage:0 % 848 | [Owner : Système | Parent : 736() | 12.09 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.19041.906) = C:\Windows\System32\winlogon.exe [14/04/2021 01:52:55] CPU Usage:0 % 988 | [Owner : Système | Parent : 748(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.19041.928) = C:\Windows\System32\services.exe [14/04/2021 01:52:44] CPU Usage:0 % 1004 | [Owner : Système | Parent : 748(wininit.exe) | 26.43 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.19041.906) = C:\Windows\System32\lsass.exe [14/04/2021 01:52:44] CPU Usage:0 % 768 | [Owner : Système | Parent : 988(services.exe) | 29.14 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 860 | [Owner : UMFD-0 | Parent : 748(wininit.exe) | 3.91 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.19041.906) = C:\Windows\System32\fontdrvhost.exe [14/04/2021 01:52:55] CPU Usage:0 % 920 | [Owner : UMFD-1 | Parent : 848(winlogon.exe) | 43.7 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.19041.906) = C:\Windows\System32\fontdrvhost.exe [14/04/2021 01:52:55] CPU Usage:0 % 600 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 8.51 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.19041.1) = C:\Windows\System32\WUDFHost.exe [07/12/2019 11:08:58] CPU Usage:0 % 1048 | [Owner : SERVICE RÉSEAU | Parent : 988(services.exe) | 18.25 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 1092 | [Owner : Système | Parent : 988(services.exe) | 8.63 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 1132 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 6.09 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.19041.1) = C:\Windows\System32\WUDFHost.exe [07/12/2019 11:08:58] CPU Usage:0 % 1216 | [Owner : DWM-1 | Parent : 848(winlogon.exe) | 97.9 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (10.0.19041.746) = C:\Windows\System32\dwm.exe [13/01/2021 02:49:13] CPU Usage:0 % 1312 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 5.05 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 1372 | [Owner : Système | Parent : 988(services.exe) | 10.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 1380 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 11.86 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 1448 | [Owner : Système | Parent : 988(services.exe) | 16.32 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 1472 | [Owner : Système | Parent : 988(services.exe) | 6.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 1504 | [Owner : Système | Parent : 988(services.exe) | 13.66 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 1572 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 18.36 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 1676 | [Owner : Système | Parent : 988(services.exe) | 9.89 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 1696 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 11.53 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 1704 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 9.25 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 1792 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 9.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 1840 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 7.43 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 1848 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 8.35 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.19041.1) = C:\Windows\System32\WUDFHost.exe [07/12/2019 11:08:58] CPU Usage:0 % 1968 | [Owner : SERVICE RÉSEAU | Parent : 988(services.exe) | 12.7 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 2040 | [Owner : Système | Parent : 988(services.exe) | 7.71 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 1644 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 9.61 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 2148 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 9.29 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 2208 | [Owner : Système | Parent : 988(services.exe) | 21.41 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 2248 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 7.01 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 2296 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 7.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 2348 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 9.81 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 2384 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 7.55 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 2408 | [Owner : Système | Parent : 988(services.exe) | 18.38 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.28.2851.9944) = C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a494df49ba2f9f36\Display.NvContainer\NVDisplay.Container.exe [30/04/2021 20:18:52] CPU Usage:0 % 2484 | [Owner : SERVICE RÉSEAU | Parent : 988(services.exe) | 10.23 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 2608 | [Owner : Système | Parent : 988(services.exe) | 5.55 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 2616 | [Owner : Système | Parent : 988(services.exe) | 9.52 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 2672 | [Owner : Système | Parent : 988(services.exe) | 8.67 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 2680 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 14.34 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 2952 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 5.91 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 3004 | [Owner : Système | Parent : 2408(NVDisplay.Container.exe) | 75.1 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.28.2851.9944) = C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a494df49ba2f9f36\Display.NvContainer\NVDisplay.Container.exe [30/04/2021 20:18:52] CPU Usage:0 % 3012 | [Owner : Système | Parent : 988(services.exe) | 6.54 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 2104 | [Owner : SERVICE LOCAL | Parent : 3012(svchost.exe) | 19.49 Mo] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.19041.1) = C:\Windows\System32\dasHost.exe [07/12/2019 11:08:37] CPU Usage:0 % 2928 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 7.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 3104 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 15.54 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 3188 | [Owner : Antonio | Parent : 1676(svchost.exe) | 29.32 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.19041.746) = C:\Windows\System32\sihost.exe [13/01/2021 02:49:03] CPU Usage:0 % 3204 | [Owner : Antonio | Parent : 988(services.exe) | 36.33 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 3304 | [Owner : Antonio | Parent : 988(services.exe) | 49.05 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 3360 | [Owner : Système | Parent : 768(svchost.exe) | 10.46 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.19041.546) = C:\Windows\System32\wbem\WmiPrvSE.exe [26/10/2020 01:16:28] CPU Usage:0 % 3372 | [Owner : Système | Parent : 988(services.exe) | 18.31 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 3540 | [Owner : Antonio | Parent : 1448(svchost.exe) | 15.82 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.19041.906) = C:\Windows\System32\taskhostw.exe [14/04/2021 01:52:57] CPU Usage:0 % 3568 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 27.61 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 3620 | [Owner : Système | Parent : 988(services.exe) | 15.73 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 3704 | [Owner : Antonio | Parent : 1448(svchost.exe) | 2.95 Mo] - (.MSI - Windows Host Process.) - (1.0.0.1) = C:\Windows\SysWOW64\muachost.exe [16/04/2020 18:10:00] CPU Usage:0 % 3736 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 9.38 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 3744 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 6.51 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 3488 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 7.7 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 3884 | [Owner : Système | Parent : 988(services.exe) | 7.99 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 4176 | [Owner : Système | Parent : 988(services.exe) | 15.97 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 4188 | [Owner : Système | Parent : 988(services.exe) | 10.82 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 4264 | [Owner : Antonio | Parent : 3884(svchost.exe) | 34.98 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.19041.1) = C:\Windows\System32\ctfmon.exe [07/12/2019 11:09:00] CPU Usage:0 % 4396 | [Owner : Système | Parent : 988(services.exe) | 14.53 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 4476 | [Owner : Système | Parent : 988(services.exe) | 5.79 Mo] - (.ASUSTek Computer Inc. - ASLDR Service.) - (1.0.104.3) = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [04/09/2019 09:55:26] CPU Usage:0 % 4900 | [Owner : Système | Parent : 988(services.exe) | 11.52 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 5008 | [Owner : Système | Parent : 988(services.exe) | 17.48 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.19041.964) = C:\Windows\System32\spoolsv.exe [14/05/2021 03:31:48] CPU Usage:0 % 5104 | [Owner : Antonio | Parent : 768(svchost.exe) | 10.66 Mo] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (10.0.19041.746) = C:\Windows\System32\rundll32.exe [13/01/2021 02:49:21] CPU Usage:0 % 4272 | [Owner : SERVICE RÉSEAU | Parent : 988(services.exe) | 8.14 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 5144 | [Owner : Système | Parent : 988(services.exe) | 9.28 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 5216 | [Owner : Système | Parent : 988(services.exe) | 42.14 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 5232 | [Owner : SERVICE RÉSEAU | Parent : 988(services.exe) | 14.41 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 5240 | [Owner : Système | Parent : 988(services.exe) | 7.79 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 5248 | [Owner : Système | Parent : 988(services.exe) | 12.61 Mo] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [23/03/2018 10:46:36] CPU Usage:0 % 5256 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 45.55 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 5272 | [Owner : Système | Parent : 988(services.exe) | 7.59 Mo] - (.LogMeIn, Inc. - LMIGuardianSvc.) - (10.1.0.1742) = C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [27/05/2016 14:04:16] CPU Usage:0 % 5288 | [Owner : Système | Parent : 988(services.exe) | 14.44 Mo] - (.Adobe Systems, Incorporated - Adobe Genuine Software Service.) - (7.3.0.157) = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [04/03/2020 13:18:28] CPU Usage:0 % 5304 | [Owner : Système | Parent : 988(services.exe) | 14.1 Mo] - (.Adobe Systems, Incorporated - Adobe Genuine Software Integrity Service.) - (7.3.0.157) = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [16/03/2020 02:50:54] CPU Usage:0 % 5384 | [Owner : Système | Parent : 988(services.exe) | 15.9 Mo] - (.Micro-Star Int'l Co., Ltd. - MSI Central Service.) - (1.0.0.48) = C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [24/09/2020 23:22:10] CPU Usage:0 % 5440 | [Owner : Système | Parent : 988(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 5516 | [Owner : Système | Parent : 988(services.exe) | 41.37 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.27.2835.6155) = C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [16/04/2020 17:56:46] CPU Usage:0 % 5548 | [Owner : Système | Parent : 988(services.exe) | 6.42 Mo] - (.-.) - (0.0.0.0) = C:\Windows\SysWOW64\PnkBstrA.exe [07/09/2019 18:38:29] CPU Usage:0 % 5556 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 6.45 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 5636 | [Owner : Système | Parent : 988(services.exe) | 8.98 Mo] - (.Razer Inc. - Razer Chroma SDK REST Server.) - (1.2.0.8) = C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [24/07/2019 07:37:30] CPU Usage:0 % 5648 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 8.25 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 5656 | [Owner : Système | Parent : 988(services.exe) | 5.33 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 5664 | [Owner : Système | Parent : 988(services.exe) | 19.48 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 5676 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 5.17 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 5684 | [Owner : Système | Parent : 988(services.exe) | 81.23 Mo] - (.Intel(R) Corporation - XtuService.) - (6.5.2.40) = C:\Windows\SysWOW64\XtuService.exe [06/05/2020 11:57:48] CPU Usage:0 % 5700 | [Owner : Système | Parent : 988(services.exe) | 9.12 Mo] - (.Razer Inc. - Razer Chroma SDK Service.) - (2.0.6.3) = C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [24/07/2019 07:37:30] CPU Usage:0 % 5712 | [Owner : SERVICE RÉSEAU | Parent : 988(services.exe) | 7.26 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 5720 | [Owner : Système | Parent : 988(services.exe) | ?????] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.18.2104.14) = C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe [15/05/2021 01:23:17] CPU Usage:0 % 5732 | [Owner : Système | Parent : 988(services.exe) | 9.78 Mo] - (.Reason Software Company Inc. - Unchecky Service.) - (1.2.0.0) = C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [03/08/2020 10:10:43] CPU Usage:0 % 5976 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 13.5 Mo] - (.Electronic Arts - OriginWebHelperService.) - (10.5.98.47688) = G:\Origin\OriginWebHelperService.exe [11/05/2021 21:17:26] CPU Usage:0 % 6216 | [Owner : SERVICE RÉSEAU | Parent : 988(services.exe) | 13.32 Mo] - (.Microsoft Corporation - Message Queuing Service.) - (5.0.1.1) = C:\Windows\System32\mqsvc.exe [07/12/2019 11:10:08] CPU Usage:0 % 6304 | [Owner : Antonio | Parent : 5732(unchecky_svc.exe) | 11.56 Mo] - (.Reason Software Company Inc. - Unchecky Background Process.) - (1.2.0.0) = C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe [03/08/2020 10:10:43] CPU Usage:0 % 6452 | [Owner : Système | Parent : 768(svchost.exe) | 6.74 Mo] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (10.0.19041.844) = C:\Windows\System32\wbem\unsecapp.exe [13/03/2021 00:08:13] CPU Usage:0 % 6704 | [Owner : Système | Parent : 988(services.exe) | 13.23 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 6932 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 17.95 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 4572 | [Owner : Système | Parent : 5516(nvcontainer.exe) | 6.65 Mo] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (10.0.19041.746) = C:\Windows\System32\rundll32.exe [13/01/2021 02:49:21] CPU Usage:0 % 7268 | [Owner : Système | Parent : 988(services.exe) | 12.07 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 7756 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 4.88 Mo] - (.Microsoft Corporation - GamingServices.) - (10.0.19041.6075) = C:\Program Files\WindowsApps\Microsoft.GamingServices_2.52.13001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe [23/04/2021 21:59:18] CPU Usage:0 % 7788 | [Owner : Système | Parent : 988(services.exe) | 27.02 Mo] - (.Microsoft Corporation - GamingServices.) - (10.0.19041.6075) = C:\Program Files\WindowsApps\Microsoft.GamingServices_2.52.13001.0_x64__8wekyb3d8bbwe\GamingServices.exe [23/04/2021 21:59:18] CPU Usage:0 % 7896 | [Owner : Antonio | Parent : 7832() | 184.02 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.19041.964) = C:\Windows\explorer.exe [14/05/2021 03:31:49] CPU Usage:0 % 7212 | [Owner : Antonio | Parent : 988(services.exe) | 31.33 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 8092 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 8.43 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 8480 | [Owner : Système | Parent : 988(services.exe) | 7.83 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 8508 | [Owner : Système | Parent : 988(services.exe) | 4.22 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 8580 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 10.02 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 8788 | [Owner : Système | Parent : 988(services.exe) | 11.62 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 7080 | [Owner : Antonio | Parent : 5516(nvcontainer.exe) | 113.89 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.27.2835.6155) = C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [16/04/2020 17:56:46] CPU Usage:1 % 8420 | [Owner : Antonio | Parent : 5516(nvcontainer.exe) | 100.72 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.27.2835.6155) = C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [16/04/2020 17:56:46] CPU Usage:0 % 8536 | [Owner : Système | Parent : 5384(MSI_Central_Service.exe) | 34.48 Mo] - (.Micro-Star Int'l Co., Ltd. - MSI.CentralServer.) - (1.0.0.57) = C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe [24/09/2020 23:22:10] CPU Usage:0 % 8568 | [Owner : Système | Parent : 8536(MSI.CentralServer.exe) | 10.86 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.19041.964) = C:\Windows\System32\conhost.exe [14/05/2021 03:31:58] CPU Usage:0 % 9004 | [Owner : Antonio | Parent : 768(svchost.exe) | 87.3 Mo] - (.-.) - (0.0.0.0) = C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe [11/11/2020 23:33:29] CPU Usage:0 % 9536 | [Owner : Antonio | Parent : 768(svchost.exe) | 25.19 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe [13/01/2021 02:48:59] CPU Usage:0 % 9720 | [Owner : Antonio | Parent : 768(svchost.exe) | 212.6 Mo] - (.Microsoft Corporation - Search application.) - (10.0.19041.964) = C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe [14/05/2021 03:32:21] CPU Usage:0 % 9772 | [Owner : Système | Parent : 988(services.exe) | 46.65 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.19041.844) = C:\Windows\System32\SearchIndexer.exe [13/03/2021 00:08:18] CPU Usage:0 % 9928 | [Owner : Antonio | Parent : 768(svchost.exe) | 57.42 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe [13/01/2021 02:48:59] CPU Usage:0 % 10184 | [Owner : Antonio | Parent : 768(svchost.exe) | 35.3 Mo] - (.Microsoft Corporation - YourPhone.) - (1.20101.97.0) = C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20101.97.0_x64__8wekyb3d8bbwe\YourPhone.exe [09/11/2020 21:56:24] CPU Usage:0 % 10248 | [Owner : Antonio | Parent : 768(svchost.exe) | 5.35 Mo] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.19041.746) = C:\Windows\System32\SettingSyncHost.exe [13/01/2021 02:49:21] CPU Usage:0 % 10320 | [Owner : Antonio | Parent : 768(svchost.exe) | 43.37 Mo] - (.Microsoft Corporation - LockApp.exe.) - (10.0.19041.844) = C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe [13/03/2021 00:08:29] CPU Usage:0 % 10680 | [Owner : Antonio | Parent : 768(svchost.exe) | 23.8 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe [13/01/2021 02:48:59] CPU Usage:0 % 10736 | [Owner : Antonio | Parent : 7896(explorer.exe) | 12.97 Mo] - (.Microsoft Corporation - Windows Security notification icon.) - (10.0.19041.1) = C:\Windows\System32\SecurityHealthSystray.exe [07/12/2019 11:08:41] CPU Usage:0 % 10908 | [Owner : Système | Parent : 988(services.exe) | ?????] - (.Microsoft Corporation - Windows Security Health Service.) - (4.18.1907.16384) = C:\Windows\System32\SecurityHealthService.exe [14/05/2021 03:31:58] CPU Usage:0 % 11020 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 11.36 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 11108 | [Owner : Antonio | Parent : 3600() | 42.3 Mo] - (.Node.js - NVIDIA Web Helper Service.) - (11.13.0.0) = C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe [16/04/2020 17:56:48] CPU Usage:0 % 11128 | [Owner : Antonio | Parent : 11108(NVIDIA Web Helper.exe) | 1.52 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.19041.964) = C:\Windows\System32\conhost.exe [14/05/2021 03:31:58] CPU Usage:0 % 10080 | [Owner : Antonio | Parent : 7896(explorer.exe) | 26.57 Mo] - (.Unified Intents AB - Unified Remote.) - (3.6.1.2342) = C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [13/11/2018 22:54:07] CPU Usage:0 % 9980 | [Owner : Système | Parent : 3680() | 1.73 Mo] - (.Google LLC - Google Crash Handler.) - (1.3.36.81) = C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe [21/04/2021 01:31:42] CPU Usage:0 % 11136 | [Owner : Système | Parent : 3680() | 0.6 Mo] - (.Google LLC - Google Crash Handler.) - (1.3.36.81) = C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe [21/04/2021 01:31:42] CPU Usage:0 % 11632 | [Owner : Antonio | Parent : 768(svchost.exe) | 20.23 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe [13/01/2021 02:48:59] CPU Usage:0 % 11604 | [Owner : Antonio | Parent : 7896(explorer.exe) | 176.15 Mo] - (.Electronic Arts - Origin.) - (10.5.98.47688) = G:\Origin\Origin.exe [11/05/2021 21:17:26] CPU Usage:0 % 12204 | [Owner : Antonio | Parent : 768(svchost.exe) | 14.1 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe [13/01/2021 02:48:59] CPU Usage:0 % 12140 | [Owner : Antonio | Parent : 768(svchost.exe) | 16.49 Mo] - (.-.) - (1.20101.97.0) = C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20101.97.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe [09/11/2020 21:56:24] CPU Usage:0 % 11768 | [Owner : Antonio | Parent : 5516(nvcontainer.exe) | 13.6 Mo] - (.NVIDIA Corporation - NVIDIA ShadowPlay Helper.) - (3.22.0.32) = C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe [16/04/2020 17:56:50] CPU Usage:0 % 11464 | [Owner : Antonio | Parent : 7080(nvcontainer.exe) | 77.74 Mo] - (.NVIDIA Corporation - NVIDIA Share.) - (73.3683.1933.5) = C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [16/04/2020 17:56:50] CPU Usage:0 % 9748 | [Owner : Antonio | Parent : 11464(NVIDIA Share.exe) | 59.12 Mo] - (.NVIDIA Corporation - NVIDIA Share.) - (73.3683.1933.5) = C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [16/04/2020 17:56:50] CPU Usage:0 % 11560 | [Owner : Antonio | Parent : 768(svchost.exe) | 53.56 Mo] - (.Microsoft Corporation -.) - (2001.22012.0.2020) = C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe [14/05/2021 03:32:20] CPU Usage:0 % 13184 | [Owner : SERVICE LOCAL | Parent : 3104(svchost.exe) | 56.11 Mo] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (10.0.19041.906) = C:\Windows\System32\audiodg.exe [14/04/2021 01:52:19] CPU Usage:0 % 13208 | [Owner : Antonio | Parent : 11464(NVIDIA Share.exe) | 95.58 Mo] - (.NVIDIA Corporation - NVIDIA Share.) - (73.3683.1933.5) = C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [16/04/2020 17:56:50] CPU Usage:0 % 7836 | [Owner : Système | Parent : 988(services.exe) | 59.42 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 2012 | [Owner : Système | Parent : 988(services.exe) | 22.14 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 2524 | [Owner : Antonio | Parent : 11604(Origin.exe) | 41.56 Mo] - (.-.) - (0.0.0.0) = G:\Origin\QtWebEngineProcess.exe [11/05/2021 21:17:27] CPU Usage:0 % 13924 | [Owner : Antonio | Parent : 11604(Origin.exe) | 163.16 Mo] - (.-.) - (0.0.0.0) = G:\Origin\QtWebEngineProcess.exe [11/05/2021 21:17:27] CPU Usage:0 % 12460 | [Owner : Système | Parent : 988(services.exe) | 6.73 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 12284 | [Owner : Antonio | Parent : 11604(Origin.exe) | 18.97 Mo] - (.Electronic Arts - OriginClientService.) - (10.5.98.47688) = G:\Origin\OriginClientService.exe [11/05/2021 21:17:26] CPU Usage:0 % 12644 | [Owner : Système | Parent : 988(services.exe) | 16.73 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 12776 | [Owner : Antonio | Parent : 988(services.exe) | 22.44 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 9224 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 13.85 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 14076 | [Owner : Système | Parent : 988(services.exe) | ?????] - (.Microsoft Corporation - Service Broker du moniteur d'exécution System Guard.) - (10.0.19041.546) = C:\Windows\System32\SgrmBroker.exe [26/10/2020 01:16:55] CPU Usage:0 % 3836 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 6948 | [Owner : Antonio | Parent : 768(svchost.exe) | 1.65 Mo] - (.Microsoft Corporation - Xbox Game Bar.) - (5.320.6242.0) = C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.320.6242.0_x64__8wekyb3d8bbwe\GameBar.exe [27/07/2020 21:29:38] CPU Usage:0 % 3148 | [Owner : Antonio | Parent : 768(svchost.exe) | 13.48 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.19041.546) = C:\Windows\System32\dllhost.exe [26/10/2020 01:16:32] CPU Usage:0 % 7424 | [Owner : Antonio | Parent : 6160() | 182.95 Mo] - (.Discord Inc. - Discord.) - (1.0.9001.0) = C:\Users\Antonio\AppData\Local\Discord\app-1.0.9001\Discord.exe [17/04/2021 17:55:48] CPU Usage:0 % 1340 | [Owner : Antonio | Parent : 7424(Discord.exe) | 103.9 Mo] - (.Discord Inc. - Discord.) - (1.0.9001.0) = C:\Users\Antonio\AppData\Local\Discord\app-1.0.9001\Discord.exe [17/04/2021 17:55:48] CPU Usage:0 % 7020 | [Owner : Antonio | Parent : 7424(Discord.exe) | 130.16 Mo] - (.Discord Inc. - Discord.) - (1.0.9001.0) = C:\Users\Antonio\AppData\Local\Discord\app-1.0.9001\Discord.exe [17/04/2021 17:55:48] CPU Usage:0 % 7728 | [Owner : Antonio | Parent : 7424(Discord.exe) | 111.78 Mo] - (.Discord Inc. - Discord.) - (1.0.9001.0) = C:\Users\Antonio\AppData\Local\Discord\app-1.0.9001\Discord.exe [17/04/2021 17:55:48] CPU Usage:0 % 13384 | [Owner : Antonio | Parent : 7424(Discord.exe) | 489.2 Mo] - (.Discord Inc. - Discord.) - (1.0.9001.0) = C:\Users\Antonio\AppData\Local\Discord\app-1.0.9001\Discord.exe [17/04/2021 17:55:48] CPU Usage:0 % 7628 | [Owner : Antonio | Parent : 7424(Discord.exe) | 108.13 Mo] - (.Discord Inc. - Discord.) - (1.0.9001.0) = C:\Users\Antonio\AppData\Local\Discord\app-1.0.9001\Discord.exe [17/04/2021 17:55:48] CPU Usage:0 % 552 | [Owner : Antonio | Parent : 7896(explorer.exe) | 129.15 Mo] - (.Valve Corporation - Steam.) - (6.48.43.99) = G:\Steam\steam.exe [15/04/2021 17:58:32] CPU Usage:0 % 3212 | [Owner : Antonio | Parent : 552(steam.exe) | 80.38 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (6.48.43.99) = G:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [15/04/2021 17:58:31] CPU Usage:0 % 13952 | [Owner : Antonio | Parent : 3212(steamwebhelper.exe) | 19.06 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (6.48.43.99) = G:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [15/04/2021 17:58:31] CPU Usage:0 % 13108 | [Owner : Système | Parent : 988(services.exe) | 15.36 Mo] - (.Valve Corporation - Steam Client Service.) - (6.48.43.99) = C:\Program Files (x86)\Common Files\Steam\SteamService.exe [23/03/2018 11:25:13] CPU Usage:0 % 3392 | [Owner : Antonio | Parent : 3212(steamwebhelper.exe) | 304.28 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (6.48.43.99) = G:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [15/04/2021 17:58:31] CPU Usage:0 % 7684 | [Owner : Antonio | Parent : 3212(steamwebhelper.exe) | 39.82 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (6.48.43.99) = G:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [15/04/2021 17:58:31] CPU Usage:0 % 4004 | [Owner : SERVICE LOCAL | Parent : 988(services.exe) | 7.63 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 2476 | [Owner : Antonio | Parent : 3212(steamwebhelper.exe) | 247.63 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (6.48.43.99) = G:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [15/04/2021 17:58:31] CPU Usage:0 % 4288 | [Owner : Antonio | Parent : 3212(steamwebhelper.exe) | 212.38 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (6.48.43.99) = G:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [15/04/2021 17:58:31] CPU Usage:0 % 2096 | [Owner : Antonio | Parent : 768(svchost.exe) | 90.67 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.19041.610) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [11/11/2020 23:33:52] CPU Usage:0 % 12560 | [Owner : Antonio | Parent : 768(svchost.exe) | 28.26 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe [13/01/2021 02:48:59] CPU Usage:0 % 4232 | [Owner : Antonio | Parent : 768(svchost.exe) | 9.34 Mo] - (.Microsoft Corporation - Component Package Support Server.) - (10.0.19041.746) = C:\Windows\System32\CompPkgSrv.exe [13/01/2021 02:48:50] CPU Usage:0 % 7540 | [Owner : Antonio | Parent : 9632() | 501.16 Mo] - (.Mozilla Corporation - Firefox.) - (88.0.1.7794) = C:\Program Files\Mozilla Firefox\firefox.exe [23/03/2018 10:45:39] CPU Usage:0 % 9356 | [Owner : Antonio | Parent : 7540(firefox.exe) | 677.17 Mo] - (.Mozilla Corporation - Firefox.) - (88.0.1.7794) = C:\Program Files\Mozilla Firefox\firefox.exe [23/03/2018 10:45:39] CPU Usage:0 % 7904 | [Owner : Antonio | Parent : 7540(firefox.exe) | 106.9 Mo] - (.Mozilla Corporation - Firefox.) - (88.0.1.7794) = C:\Program Files\Mozilla Firefox\firefox.exe [23/03/2018 10:45:39] CPU Usage:0 % 2128 | [Owner : Antonio | Parent : 7540(firefox.exe) | 264.21 Mo] - (.Mozilla Corporation - Firefox.) - (88.0.1.7794) = C:\Program Files\Mozilla Firefox\firefox.exe [23/03/2018 10:45:39] CPU Usage:0 % 4084 | [Owner : Antonio | Parent : 7540(firefox.exe) | 182.85 Mo] - (.Mozilla Corporation - Firefox.) - (88.0.1.7794) = C:\Program Files\Mozilla Firefox\firefox.exe [23/03/2018 10:45:39] CPU Usage:0 % 14988 | [Owner : Antonio | Parent : 7540(firefox.exe) | 66.9 Mo] - (.Mozilla Corporation - Firefox.) - (88.0.1.7794) = C:\Program Files\Mozilla Firefox\firefox.exe [23/03/2018 10:45:39] CPU Usage:2 % 14464 | [Owner : Antonio | Parent : 7540(firefox.exe) | 1778.67 Mo] - (.Mozilla Corporation - Firefox.) - (88.0.1.7794) = C:\Program Files\Mozilla Firefox\firefox.exe [23/03/2018 10:45:39] CPU Usage:8 % 13788 | [Owner : Antonio | Parent : 3212(steamwebhelper.exe) | 93.79 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (6.48.43.99) = G:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [15/04/2021 17:58:31] CPU Usage:0 % 3024 | [Owner : Antonio | Parent : 12848() | 189.23 Mo] - (.Ubisoft - Ubisoft Connect.) - (121.0.0.10451) = G:\Ubisoft Game Launcher\upc.exe [15/05/2021 16:19:56] CPU Usage:0 % 3920 | [Owner : Antonio | Parent : 3024(upc.exe) | 180.25 Mo] - (.Ubisoft - Ubisoft Connect WebCore.) - (121.0.10451.0) = G:\Ubisoft Game Launcher\UplayWebCore.exe [15/05/2021 16:19:56] CPU Usage:0 % 14844 | [Owner : Antonio | Parent : 1448(svchost.exe) | 20.38 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.19041.906) = C:\Windows\System32\taskhostw.exe [14/04/2021 01:52:57] CPU Usage:0 % 15504 | [Owner : Système | Parent : 988(services.exe) | 15.02 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 11084 | [Owner : Antonio | Parent : 15088() | 188.2 Mo] - (.Epic Games, Inc. - EpicGamesLauncher.) - (12.2.2.0) = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [24/09/2019 21:22:11] CPU Usage:0 % 272 | [Owner : Antonio | Parent : 11084(EpicGamesLauncher.exe) | 59.18 Mo] - (.Epic Games, Inc. - EpicWebHelper.) - (4.23.0.0) = C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe [17/12/2020 16:29:12] CPU Usage:0 % 11940 | [Owner : Antonio | Parent : 11084(EpicGamesLauncher.exe) | 34.36 Mo] - (.Epic Games, Inc. - EpicWebHelper.) - (4.23.0.0) = C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe [17/12/2020 16:29:12] CPU Usage:0 % 16336 | [Owner : Antonio | Parent : 11084(EpicGamesLauncher.exe) | 37.48 Mo] - (.Epic Games, Inc. - EpicWebHelper.) - (4.23.0.0) = C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe [17/12/2020 16:29:12] CPU Usage:0 % 15176 | [Owner : Antonio | Parent : 7540(firefox.exe) | 210.43 Mo] - (.Mozilla Corporation - Firefox.) - (88.0.1.7794) = C:\Program Files\Mozilla Firefox\firefox.exe [23/03/2018 10:45:39] CPU Usage:0 % 9120 | [Owner : Antonio | Parent : 768(svchost.exe) | 46.6 Mo] - (.Microsoft Corporation - Application Frame Host.) - (10.0.19041.746) = C:\Windows\System32\ApplicationFrameHost.exe [13/01/2021 02:49:10] CPU Usage:0 % 4132 | [Owner : Antonio | Parent : 7896(explorer.exe) | 20.44 Mo] - (.Microsoft Corporation - Mélangeur de volume.) - (10.0.19041.746) = C:\Windows\System32\SndVol.exe [13/01/2021 02:49:11] CPU Usage:0 % 7632 | [Owner : Antonio | Parent : 768(svchost.exe) | 81.3 Mo] - (.Microsoft Corporation - Paramètres.) - (10.0.19041.789) = C:\Windows\ImmersiveControlPanel\SystemSettings.exe [05/02/2021 14:23:36] CPU Usage:0 % 504 | [Owner : Antonio | Parent : 768(svchost.exe) | 17.5 Mo] - (.Microsoft Corporation - Gamebar Presence Writer.) - (10.0.19041.746) = C:\Windows\System32\GameBarPresenceWriter.exe [13/01/2021 02:49:37] CPU Usage:0 % 1020 | [Owner : Système | Parent : 768(svchost.exe) | 16.76 Mo] - (.Microsoft Corporation - MoUSO Core Worker Process.) - (10.0.19041.964) = C:\Windows\System32\MoUsoCoreWorker.exe [14/05/2021 03:31:54] CPU Usage:0 % 3788 | [Owner : Antonio | Parent : 988(services.exe) | 14.12 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 3560 | [Owner : Système | Parent : 988(services.exe) | 11.53 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 2436 | [Owner : Système | Parent : 988(services.exe) | 17.62 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 740 | [Owner : Système | Parent : 988(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 16000 | [Owner : Antonio | Parent : 7540(firefox.exe) | 305.1 Mo] - (.Mozilla Corporation - Firefox.) - (88.0.1.7794) = C:\Program Files\Mozilla Firefox\firefox.exe [23/03/2018 10:45:39] CPU Usage:0 % 7708 | [Owner : Antonio | Parent : 768(svchost.exe) | 71.57 Mo] - (.Microsoft Corporation - Windows Defender application.) - (10.0.19041.844) = C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe [13/03/2021 00:08:24] CPU Usage:0 % 11592 | [Owner : Antonio | Parent : 768(svchost.exe) | 11.01 Mo] - (.Microsoft Corporation - Windows Security Health Host.) - (4.18.1907.16384) = C:\Windows\System32\SecurityHealthHost.exe [14/05/2021 03:31:58] CPU Usage:0 % 16124 | [Owner : Antonio | Parent : 768(svchost.exe) | 27.58 Mo] - (.Microsoft Corporation - Windows Defender SmartScreen.) - (10.0.19041.844) = C:\Windows\System32\smartscreen.exe [13/03/2021 00:08:16] CPU Usage:0 % 13396 | [Owner : Système | Parent : 988(services.exe) | 8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 15740 | [Owner : Système | Parent : 988(services.exe) | 12.82 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 2280 | [Owner : Antonio | Parent : 768(svchost.exe) | 8.64 Mo] - (.Microsoft Corporation - Windows Security Health Host.) - (4.18.1907.16384) = C:\Windows\System32\SecurityHealthHost.exe [14/05/2021 03:31:58] CPU Usage:0 % 13652 | [Owner : Antonio | Parent : 7896(explorer.exe) | 61.54 Mo] - (.SosVirus - QuickDiag.) - (7.76.21.1) = C:\Users\Antonio\Desktop\QuickDiag.exe [17/05/2021 14:25:12] CPU Usage:0 % 15460 | [Owner : Système | Parent : 988(services.exe) | 6.76 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [26/10/2020 01:16:31] CPU Usage:0 % 15540 | [Owner : SERVICE RÉSEAU | Parent : 768(svchost.exe) | 12.34 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.19041.546) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [26/10/2020 01:16:44] CPU Usage:0 % ---------- | Locked Applications ---------- | Policy Restrictions ---------- | Explorer.exe Modules (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\WINDOWS\SYSTEM32\UMPDC.dll (..-..) - (0.0.0.0) -- C:\WINDOWS\SYSTEM32\TextShaping.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\WindowManagementAPI.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\VirtualMonitorManager.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\Windows.Internal.UI.Shell.WindowTabManager.dll (.NVIDIA Corporation.-.NVIDIA Driver Loader, Version 466.27.) - (27.21.14.6627) -- C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a494df49ba2f9f36\nvldumdx.dll (.NVIDIA Corporation.-.NVIDIA D3D10 Driver, Version 466.27.) - (27.21.14.6627) -- C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a494df49ba2f9f36\nvwgf2umx_cfg.dll (..-..) - (0.0.0.0) -- C:\Users\Antonio\AppData\Local\MEGAsync\ShellExtX64.dll (..-.Core Sync.) - (2.4.6.84) -- C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll (..-..) - (14.0.7226.5000) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf (..-..) - (0.0.0.0) -- C:\Windows\ShellExperiences\TileControl.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellComponents\TaskFlowUI.dll (.NVIDIA Corporation.-.NVIDIA Display Shell Extension.) - (1.2.0.1) -- C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a494df49ba2f9f36\nvshext.dll (.Alexander Roshal.-.WinRAR shell extension.) - (5.71.0.0) -- C:\Program Files\WinRAR\rarext.dll (..-.ShellHandler for Notepad++ (64 bit).) - (0.1.0.0) -- C:\Program Files\Notepad++\NppShell_06.dll (.NVIDIA Corporation.-.NVIDIA Shell Extensions.) - (6.14.14.6627) -- C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a494df49ba2f9f36\nv3dappshext.dll (.NVIDIA Corporation.-.NVIDIA NVAPI Library, Version 466.27.) - (27.21.14.6627) -- C:\WINDOWS\SYSTEM32\nvapi64.dll (.The ICU Project.-.ICU Combined Library.) - (64.2.0.0) -- C:\Windows\System32\icu.dll ---------- | Winlogon.exe Modules (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\WINDOWS\system32\UMPDC.dll ---------- | svchost.exe Modules (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- c:\windows\system32\UMPDC.dll (..-..) - (0.0.0.0) -- c:\windows\system32\TextShaping.dll (.SQLite Development Team.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.29.0.0) -- c:\windows\system32\winsqlite3.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\WindowManagementAPI.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\usocoreps.dll (..-..) - (0.0.0.0) -- C:\WINDOWS\SYSTEM32\WINBIOPLUGINS\FACEBOOTSTRAPADAPTER.DLL ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU MEGAsync - (MEGAsync.lnk [Startup]) - User: ANTONIO\Antonio OneNote 2010 - Capture d’écran et lancement - (OneNote 2010 - Capture d’écran et lancement.lnk [Startup]) - User: ANTONIO\Antonio Unified Remote V3 - ("C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe" [HKU\S-1-5-21-3211553782-380890847-3588550373-1001\SOFTWARE\...\Run]) - User: ANTONIO\Antonio EADM - ("G:\Origin\Origin.exe" -AutoStart [HKU\S-1-5-21-3211553782-380890847-3588550373-1001\SOFTWARE\...\Run]) - User: ANTONIO\Antonio CCXProcess - ("C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe" [HKU\S-1-5-21-3211553782-380890847-3588550373-1001\SOFTWARE\...\Run]) - User: ANTONIO\Antonio f.lux - ("C:\Users\Antonio\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow [HKU\S-1-5-21-3211553782-380890847-3588550373-1001\SOFTWARE\...\Run]) - User: ANTONIO\Antonio CCleaner Smart Cleaning - ("C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [HKU\S-1-5-21-3211553782-380890847-3588550373-1001\SOFTWARE\...\Run]) - User: ANTONIO\Antonio Voicemod - ("C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe" [HKU\S-1-5-21-3211553782-380890847-3588550373-1001\SOFTWARE\...\Run]) - User: ANTONIO\Antonio Discord - (C:\Users\Antonio\AppData\Local\Discord\Update.exe --processStart Discord.exe [HKU\S-1-5-21-3211553782-380890847-3588550373-1001\SOFTWARE\...\Run]) - User: ANTONIO\Antonio OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-80-3238277391-1891473654-1195688043-4149050645-2494734967\SOFTWARE\...\Run]) - User: NT SERVICE\OVRLibraryService SteelSeries Engine 3 - (C:\PROGRA~1\STEELS~1\STEELS~1\STEELS~1.EXE -dataPath="C:\ProgramData\SteelSeries\SteelSeries Engine 3" -dbEnv=production -auto=true [Common Startup]) - User: Public SecurityHealth - (%windir%\system32\SecurityHealthSystray.exe [HKLM\SOFTWARE\...\Run]) - User: Public R.A.T.TE - (C:\Program Files\Mad Catz\R.A.T.TE\RAT_TE_Profiler.exe [HKLM\SOFTWARE\...\Run]) - User: Public AdobeGCInvoker-1.0 - ("C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe" [HKLM\SOFTWARE\...\Run]) - User: Public Riot Vanguard - ("C:\Program Files\Riot Vanguard\vgtray.exe" [HKLM\SOFTWARE\...\Run]) - User: Public [HKLM\Software\Microsoft\Command Processor] "DefaultColor"=0 "EnableExtensions"=1 "CompletionChar"=64 "PathCompletionChar"=64 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "SecurityHealth"=%windir%\system32\SecurityHealthSystray.exe "R.A.T.TE"=C:\Program Files\Mad Catz\R.A.T.TE\RAT_TE_Profiler.exe [11/02/2014 18:07:56] "AdobeGCInvoker-1.0"="C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe" "Riot Vanguard"="C:\Program Files\Riot Vanguard\vgtray.exe" [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "SecurityHealth"=0x060000000000000000000000 "CL-23-1A7AF2ED-77E8-493D-8259-AFE297B1BEA2"=0x020000000000000000000000 "Eraser"=0x03000000F0668CB9775BD501 "R.A.T.TE"=0x03000000815C4DFE66D0D601 "NetWorx"=0x030000008330DD508DE1D401 "SoftEther VPN Client UI Helper"=0x03000000735502390E31D501 "AdobeGCInvoker-1.0"=0x030000008EB8E7586CA2D601 "Riot Vanguard"=0x0300000010687CDA3441D701 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32] "Razer Synapse"=0x030000002AC45B0181BAD501 "IJNetworkScannerSelectorEX"=0x03000000F169772C6911D401 "CanonQuickMenu"=0x030000008B90962A6911D401 "StereoLinksInstall"=0x020000000000000000000000 "APSDaemon"=0x03000000A036DD7970A4D401 "Adobe Reader Speed Launcher"=0x030000003051F54370A4D401 "Kraken0510Helper"=0x03000000107C8A9FC6FAD601 "vmware-tray.exe"=0x03000000B0B0FC0AD8A3D401 "LogMeIn Hamachi Ui"=0x03000000905CB71FCF72D401 "BCSSync"=0x03000000900FDD7970A4D401 "Dropbox"=0x03000000F6980715CA34D501 "Adobe Creative Cloud"=0x03000000FD757B663E0BD601 "AdobeGCInvoker-1.0"=0x0300000000558A9FC6FAD601 "Genshin Impact Beta_Launcher"=0x0300000000558A9FC6FAD601 "R.A.T.TE"=0x0300000020A38A9FC6FAD601 "SecurityHealth"=0x0300000030CA8A9FC6FAD601 "SunJavaUpdateSched"=0x03000000D07A769FB6FBD601 [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 "Win32kLastWriteTime"=1D74860EC0F1AF9 [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "Adobe Reader Speed Launcher"="E:\Bordel\Reader\Reader_sl.exe" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices "Razer Synapse"="C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe" "LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Win.ini : ---------- | System.ini : ---------- | Tasks List AdobeGCInvoker-1.0 ATK Package 36D18D69AFC3 ATK Package A22126881260 BlueStacksHelper CCleaner Update CCleanerSkipUAC CreateExplorerShellUnelevatedTask fermeture voc GoogleUpdateTaskMachineCore GoogleUpdateTaskMachineUA MicrosoftEdgeUpdateTaskMachineCore MicrosoftEdgeUpdateTaskMachineUA MSI Task Host - Detect_Monitor MSI Task Host - DisplayID MSI Task Host - MSI.True Color MSISW_Host NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} ---------- | Startings up registry ¦ Folder ---------- | Control - lsa - SecurityProviders - Session Manager - Terminal Server [HKLM\System\CurrentControlSet\Control] "BootDriverFlags"=28 "CurrentUser"=USERNAME "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM AppIdSvc "PreshutdownOrder"=DeviceInstall UsoSvc gpsvc trustedinstaller "SvcHostSplitThresholdInKB"=3670016 "WaitToKillServiceTimeout"=2000 "SystemStartOptions"= NOEXECUTE=OPTIN "SystemBootDevice"=multi(0)disk(0)rdisk(2)partition(3) "FirmwareBootDevice"=multi(0)disk(0)rdisk(2)partition(1) "LastBootSucceeded"=1 "LastBootShutdown"=1 "DirtyShutdownCount"=38 [HKLM\System\CurrentControlSet\Control\lsa] "auditbasedirectories"=0 "auditbaseobjects"=0 "Bounds"=0x0030000000200000 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Security Packages"="" [23/03/2018 10:39:58] "Notification Packages"=scecli "Authentication Packages"=msv1_0 SshdPinAuthLsa "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "LsaCfgFlagsDefault"=0 "LsaPid"=1004 "ProductType"=6 "restrictanonymous"=0 "restrictanonymoussam"=1 "SamConnectedAccountsExist"=1 "SecureBoot"=1 [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Session Manager] "AutoChkTimeout"=8 "BootExecute"=autocheck autochk /p \??\E: autocheck autochk * "BootShell"=%SystemRoot%\system32\bootim.exe "CriticalSectionTimeout"=2592000 "ExcludeFromKnownDlls"= "GlobalFlag"=0 "GlobalFlag2"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "InitConsoleFlags"=0 "NumberOfInitialSessions"=2 "ObjectDirectories"=\Windows \RPC Control "ProcessorControl"=2 "ProtectionMode"=1 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager "SETUPEXECUTE"= "ResourceTimeoutCount"=648000 "AutoChkSkipSystemPartition"=0 [HKLM\System\CurrentControlSet\Control\Terminal Server] "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "DeleteTempDirsOnExit"=1 "fDenyTSConnections"=1 "fSingleSessionPerUser"=1 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "ProductVersion"=5.1 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "StartRCM"=0 "TSUserEnabled"=0 "RailShowallNotifyIcons"=1 "RDPVGCInstalled"=1 "InstanceID"=97897dab-6be4-4983-b8ad-7fb98c7 "GlassSessionId"=1 ---------- | .LNK with Arguments ---------- | AppCertDlls ---------- | Dnsapi.dll C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=0 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{26AFDB68-5ABA-49CB-9207-F4B7FCDBC980}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{26AFDB68-5ABA-49CB-9207-F4B7FCDBC980}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "AccessDeniedDialog"={100B4FC8-74C1-470F-B1B7-DD7B6BAE79BD} "SmartScreenEnabled"=Warn "GlobalAssocChangedCounter"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=0 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "AccessDeniedDialog"={100B4FC8-74C1-470F-B1B7-DD7B6BAE79BD} "GlobalAssocChangedCounter"=151 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "DisableBackButton"=1 "EnableSIHostIntegration"=1 "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "ReportBootOk"=1 "Shell"=explorer.exe "ShellCritical"=0 "ShellInfrastructure"=sihost.exe "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "VMApplet"=SystemPropertiesPerformance.exe /pagefile "WinStationsDisabled"=0 "scremoveoption"=0 "LastLogOffEndTimePerfCounter"=98136821196 "ShutdownFlags"=2147483691 "Userinit"=C:\Windows\system32\userinit.exe, "DisableCad"=1 "DisableLockWorkstation"=0 "EnableFirstLogonAnimation"=1 "AutoLogonSID"=S-1-5-21-3211553782-380890847-3588550373 "LastUsedUsername"=Antonio [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultDomainName"= "DefaultUserName"= "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell"=explorer.exe "ShellCritical"=0 "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "Userinit"=C:\WINDOWS\system32\userinit.exe [07/12/2019 11:08:49] ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\Classes\Folder] ""=Folder "AppUserModelID"=Microsoft.Windows.Explorer "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\WOW6432Node\Classes\Folder] ""=Folder "AppUserModelID"=Microsoft.Windows.Explorer "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [07/12/2019 16:51:18] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\Clients\StartMenuInternet\Microsoft Edge\Shell\open\Command] ""="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" [HKLM\Software\Clients\StartMenuInternet\Microsoft Edge\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [07/12/2019 16:51:18] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Microsoft Edge\Shell\open\Command] ""="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Microsoft Edge\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --make-default-browser ---------- | AppcompatFlags ---------- | IFEO ---------- | Mountpoints2 ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=132402747579824333 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "DisableAntiSpyware"=0 "RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe "ProductType"=2 "ManagedDefenderProductType"=0 "ProductStatus"=0 "InstallTime"=0xA57AE3FF81C2D301 "InstallLocation"=C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\ "OOBEInstallTime"=0x470691FB9863D601 "BackupLocation"=C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.10-0 "DisableAntiVirus"=0 "LastEnabledTime"=0xCC2A5C037E5BD501 "PUAProtection"=0 "IsServiceRunning"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CBDHSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MsQuic] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NgcCtnrSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NgcSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] ---------- | Winsock (Whitelist) ---------- | Hosts 127.0.0.1 localhost 127.0.0.1 fitgirl-repacks.website # unchecky_begin # These rules were added by the Unchecky program in order to block advertising software modules 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 api.recommendedsw.com 0.0.0.0 rp.yefeneri2.com 0.0.0.0 os.yefeneri2.com 0.0.0.0 os2.yefeneri2.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 0.0.0.0 cdn.montiera.com 0.0.0.0 cdn.msdwnld.com 0.0.0.0 cdn.mypcbackup.com [45] More lines ---------- | Ping Envoi d'une requ?te 'ping' sur google.com [2a00:1450:4007:819::200e] avec 32 octets de donn?es?: R?ponse de 2a00:1450:4007:819::200e?: temps=37 ms R?ponse de 2a00:1450:4007:819::200e?: temps=20 ms R?ponse de 2a00:1450:4007:819::200e?: temps=19 ms R?ponse de 2a00:1450:4007:819::200e?: temps=19 ms Statistiques Ping pour 2a00:1450:4007:819::200e: Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%), Dur?e approximative des boucles en millisecondes : Minimum = 19ms, Maximum = 37ms, Moyenne = 23ms ---------- | @ [HKLM\Software\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "Start Page"=about:blank "DisableRandomFlighting"=0 "EnableLegacyEdgeSwitching"=1 "Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157 [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings] "CallLegacyWCMPolicies"=0 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\SysWOW64\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\CurrentVersion\Internet Settings] "CallLegacyWCMPolicies"=0 ---------- | Proxy ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | Execution FileExts ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending)] - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} -- C:\Users\Antonio\AppData\Local\MEGAsync\ShellExtX64.dll [19/06/2019 07:26:46] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced)] - {05B38830-F4E9-4329-978B-1DD28605D202} -- C:\Users\Antonio\AppData\Local\MEGAsync\ShellExtX64.dll [19/06/2019 07:26:46] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing)] - {0596C850-7BDD-4C9D-AFDF-873BE6890637} -- C:\Users\Antonio\AppData\Local\MEGAsync\ShellExtX64.dll [19/06/2019 07:26:46] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco1] - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} -- C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [05/03/2018 19:47:04] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco2] - {853B7E05-C47D-4985-909A-D0DC5C6D7303} -- C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [05/03/2018 19:47:04] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco3] - {42D38F2E-98E9-4382-B546-E24E4D6D04BB} -- C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [05/03/2018 19:47:04] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- C:\Windows\System32\EhStorShell.dll [13/01/2021 02:49:15] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7} -- C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [19/12/2013 01:44:34] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} -- C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [19/12/2013 01:44:34] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399} -- C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [19/12/2013 01:44:34] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619} -- C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [19/12/2013 01:44:34] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} -- C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [19/12/2013 01:44:34] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81} -- %SystemRoot%\System32\cscui.dll [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending)] - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} -- C:\Users\Antonio\AppData\Local\MEGAsync\ShellExtX32.dll [19/06/2019 07:26:42] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced)] - {05B38830-F4E9-4329-978B-1DD28605D202} -- C:\Users\Antonio\AppData\Local\MEGAsync\ShellExtX32.dll [19/06/2019 07:26:42] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing)] - {0596C850-7BDD-4C9D-AFDF-873BE6890637} -- C:\Users\Antonio\AppData\Local\MEGAsync\ShellExtX32.dll [19/06/2019 07:26:42] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7} -- C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [19/12/2013 01:41:02] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} -- C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [19/12/2013 01:41:02] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399} -- C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [19/12/2013 01:41:02] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619} -- C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [19/12/2013 01:41:02] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} -- C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [19/12/2013 01:41:02] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=Groove GFS Stub Execution Hook [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=Groove GFS Stub Execution Hook ---------- | Toolbar [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ---------- | Extensions [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (&Envoyer à OneNote) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (Notes &liées OneNote) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (&Envoyer à OneNote) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (Notes &liées OneNote) - [] ---------- | SearchScopes [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}] -> (IEToEdge BHO) : C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.62\BHO\ie_to_edge_bho.dll [16/05/2021 05:37:20] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] -> (Groove GFS Browser Helper) : C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [19/12/2013 01:41:02] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> () : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] -> (Office Document Cache Handler) : C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [06/03/2013 08:37:48] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> () : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] -> (Adobe PDF Link Helper) : C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [11/06/2008 22:33:16] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}] -> (IEToEdge BHO) : C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.62\BHO\ie_to_edge_bho.dll [16/05/2021 05:37:20] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] -> (Groove GFS Browser Helper) : C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [19/12/2013 01:41:02] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> () : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] -> (Office Document Cache Handler) : C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [06/03/2013 08:37:48] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> () : ---------- | Chrome C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Profile 1\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Profile 1\extensions\aegnopegbbhjeeiganiajffnalhlkkjb = : __MSG_extShortDesc__ - short_name: Safe Torrent Scanner - https://clients2.google.com/service/update2/crx C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Profile 1\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Profile 1\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Profile 1\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Profile 1\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Profile 1\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Profile 1\extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh = : __MSG_extensionDescription__ - short_name: __MSG_extensionShortName__ - https://clients2.google.com/service/update2/crx C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Profile 1\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Profile 1\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail - Google & co - [*://mail.google.com/mail] - https://clients2.google.com/service/update2/crx C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Profile 1\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = : Provider for discovery and services for mirroring of Chrome Media Router - Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb] ---------- | Opera ---------- | Firefox C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\9iv36p3h.default\Extensions\firefox@tampermonkey.net.xpi C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\9iv36p3h.default\Extensions\{3ba5d6aa-51f0-4be9-91d8-0c69cf0e133c}.xpi C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\9iv36p3h.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\9iv36p3h.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\r5q3xrre.default-1582210355117\Extensions\2.0@disconnect.me.xpi C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\r5q3xrre.default-1582210355117\Extensions\addon@darkreader.org.xpi C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\r5q3xrre.default-1582210355117\Extensions\firefox@tampermonkey.net.xpi C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\r5q3xrre.default-1582210355117\Extensions\https-everywhere@eff.org.xpi C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\r5q3xrre.default-1582210355117\Extensions\languagetool-webextension@languagetool.org.xpi C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\r5q3xrre.default-1582210355117\Extensions\uBlock0@raymondhill.net.xpi C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\r5q3xrre.default-1582210355117\Extensions\{219c6fc1-39cb-44ca-a776-ea8e61dc0f92}.xpi C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\r5q3xrre.default-1582210355117\Extensions\{42d43c7b-e473-404d-83d0-44cd87b81854}.xpi C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\r5q3xrre.default-1582210355117\Extensions\{cb04b1a6-4c4e-4121-ab13-663e38028979}.xpi [HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 32.0.0.371 Plugin) : C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_371.dll [HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf] - () : [HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.291.2] - (Java™ Deployment Toolkit) : C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.291.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] - (Office Authorization plug-in for NPAPI browsers) : C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.1] - (VLC Multimedia Plugin) : G:\VLC\npvlc.dll [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.10] - (VLC Multimedia Plugin) : G:\VLC\npvlc.dll [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.11] - (VLC Multimedia Plugin) : G:\VLC\npvlc.dll [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.7.1] - (VLC Multimedia Plugin) : G:\VLC\npvlc.dll [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.8] - (VLC Multimedia Plugin) : G:\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 32.0.0.371 Plugin) : C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_371.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf] - () : [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.281.2] - (Java™ Deployment Toolkit) : C:\Program Files (x86)\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.281.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files (x86)\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] - (Office Authorization plug-in for NPAPI browsers) : C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\9iv36p3h.default\Prefs.js user_pref("browser.startup.homepage_override.buildID", "20190409155332"); user_pref("browser.startup.homepage_override.mstone", "66.0.3"); user_pref("devtools.webextensions.{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.enabled", true); user_pref("extensions.blocklist.lastModified", "Thu, 02 May 2019 10:59:06 GMT"); user_pref("extensions.blocklist.pingCountTotal", 364); user_pref("extensions.blocklist.pingCountVersion", 21); user_pref("extensions.databaseSchema", 28); user_pref("extensions.getAddons.cache.lastUpdate", 1556804742); user_pref("extensions.getAddons.databaseSchema", 5); user_pref("extensions.lastAppBuildId", "20190409155332"); user_pref("extensions.lastAppVersion", "66.0.3"); user_pref("extensions.lastPlatformVersion", "66.0.3"); user_pref("extensions.pendingOperations", false); user_pref("extensions.pocket.settings.test.panelSignUp", "control"); user_pref("extensions.systemAddonSet", "{\"schema\":1,\"directory\":\"{fe4b938a-1299-4987-833f-2c3728d314db}\",\"addons\":{\"fxmonitor@mozilla.org\":{\"version\":\"2.8\"}}}"); user_pref("extensions.ui.dictionary.hidden", true); user_pref("extensions.ui.experiment.hidden", true); user_pref("extensions.ui.lastCategory", "addons://list/plugin"); user_pref("extensions.ui.locale.hidden", true); user_pref("extensions.webcompat.perform_injections", true); user_pref("extensions.webcompat.perform_ua_overrides", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.firefox@tampermonkey.net", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.{e4a8a97b-f2ed-450b-b12d-ee082ba24781}", true); user_pref("extensions.webextensions.uuids", "{\"firefox@tampermonkey.net\":\"05f9d3b2-587a-4890-b427-9aba61f13439\",\"formautofill@mozilla.org\":\"ca79a385-4f24-4997-8a29-790a3b7e11b0\",\"fxmonitor@mozilla.org\":\"ff2db5a3-f8dc-4e69-bd1a-b9781064c01d\",\"screenshots@mozilla.org\":\"a2b27ba9-ddc3-46c0-9605-62a4941e9827\",\"webcompat-reporter@mozilla.org\":\"a6cf7749-3b98-43af-b2f1-60881cc8b84f\",\"webcompat@mozilla.org\":\"8a798841-c007-4235-aba2-3578cedc3a90\",\"{3ba5d6aa-51f0-4be9-91d8-0c69cf0e133c}\":\"2e624151-8d31-406f-ba78-5ffa570fee63\",\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":\"733b2b1f-7e22-4ebd-9c94-606b0173497c\",\"{e4a8a97b-f2ed-450b-b12d-ee082ba24781}\":\"a8d9200c-fb49-4ab5-9c64-39edff972739\"}"); user_pref("services.sync.extension-storage.lastSync", "0"); user_pref("services.sync.extension-storage.lastSyncLocal", "0"); C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\r5q3xrre.default-1582210355117\Prefs.js user_pref("app.normandy.startupRolloutPrefs.extensions.formautofill.creditCards.available", true); user_pref("app.normandy.startupRolloutPrefs.extensions.formautofill.creditCards.enabled", true); user_pref("app.normandy.startupRolloutPrefs.extensions.formautofill.creditCards.hideui", false); user_pref("browser.startup.homepage_override.buildID", "20210504152106"); user_pref("browser.startup.homepage_override.mstone", "88.0.1"); user_pref("browser.uiCustomization.state", "{\"placements\":{\"widget-overflow-fixed-list\":[],\"nav-bar\":[\"back-button\",\"forward-button\",\"stop-reload-button\",\"home-button\",\"customizableui-special-spring1\",\"urlbar-container\",\"customizableui-special-spring2\",\"downloads-button\",\"library-button\",\"sidebar-button\",\"fxa-toolbar-menu-button\",\"trackmenot_mrl_nyu_edu-browser-action\",\"firefox_tampermonkey_net-browser-action\",\"_d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d_-browser-action\",\"ublock0_raymondhill_net-browser-action\",\"2_0_disconnect_me-browser-action\",\"https-everywhere_eff_org-browser-action\",\"addon_darkreader_org-browser-action\",\"languagetool-webextension_languagetool_org-browser-action\"],\"toolbar-menubar\":[\"menubar-items\"],\"TabsToolbar\":[\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\"],\"PersonalToolbar\":[\"personal-bookmarks\",\"managed-bookmarks\"]},\"seen\":[\"developer-button\",\"trackmenot_mrl_nyu_edu-browser-action\",\"firefox_tampermonkey_net-browser-action\",\"_d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d_-browser-action\",\"ublock0_raymondhill_net-browser-action\",\"2_0_disconnect_me-browser-action\",\"https-everywhere_eff_org-browser-action\",\"addon_darkreader_org-browser-action\",\"languagetool-webextension_languagetool_org-browser-action\"],\"dirtyAreaCache\":[\"nav-bar\",\"toolbar-menubar\",\"TabsToolbar\",\"PersonalToolbar\"],\"currentVersion\":16,\"newElementCount\":2}"); user_pref("browser.urlbar.resultBuckets", "{\"children\":[{\"maxResultCount\":1,\"children\":[{\"group\":\"heuristicTest\"},{\"group\":\"heuristicExtension\"},{\"group\":\"heuristicSearchTip\"},{\"group\":\"heuristicOmnibox\"},{\"group\":\"heuristicUnifiedComplete\"},{\"group\":\"heuristicAutofill\"},{\"group\":\"heuristicTokenAliasEngine\"},{\"group\":\"heuristicFallback\"}]},{\"group\":\"extension\",\"maxResultCount\":5},{\"flexChildren\":true,\"children\":[{\"flexChildren\":true,\"children\":[{\"flex\":2,\"group\":\"formHistory\"},{\"flex\":4,\"group\":\"remoteSuggestion\"},{\"flex\":0,\"group\":\"tailSuggestion\"}],\"flex\":2},{\"group\":\"general\",\"flex\":1}]}]}"); user_pref("devtools.webextensions.{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.enabled", true); user_pref("extensions.activeThemeID", "{219c6fc1-39cb-44ca-a776-ea8e61dc0f92}"); user_pref("extensions.blocklist.pingCountVersion", -1); user_pref("extensions.databaseSchema", 33); user_pref("extensions.fxmonitor.firstAlertShown", true); user_pref("extensions.getAddons.cache.lastUpdate", 1621237261); user_pref("extensions.getAddons.databaseSchema", 6); user_pref("extensions.incognito.migrated", true); user_pref("extensions.lastAppBuildId", "20210504152106"); user_pref("extensions.lastAppVersion", "88.0.1"); user_pref("extensions.lastPlatformVersion", "88.0.1"); user_pref("extensions.pendingOperations", false); user_pref("extensions.pictureinpicture.enable_picture_in_picture_overrides", true); user_pref("extensions.pocket.settings.test.panelSignUp", "control"); user_pref("extensions.reset_default_search.runonce.1", true); user_pref("extensions.reset_default_search.runonce.3", false); user_pref("extensions.systemAddonSet", "{\"schema\":1,\"addons\":{}}"); user_pref("extensions.ui.dictionary.hidden", true); user_pref("extensions.ui.lastCategory", "addons://list/extension"); user_pref("extensions.ui.locale.hidden", true); user_pref("extensions.webcompat.enable_picture_in_picture_overrides", true); user_pref("extensions.webcompat.enable_shims", true); user_pref("extensions.webcompat.perform_injections", true); user_pref("extensions.webcompat.perform_ua_overrides", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.addon@darkreader.org", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.doh-rollout@mozilla.org", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.firefox@tampermonkey.net", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.https-everywhere@eff.org", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.languagetool-webextension@languagetool.org", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.screenshots@mozilla.org", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.uBlock0@raymondhill.net", true); user_pref("extensions.webextensions.uuids", "{\"doh-rollout@mozilla.org\":\"5df0fdfa-ca39-469d-afba-f2c3f2b88ec5\",\"formautofill@mozilla.org\":\"0bac637f-48db-4149-984a-bdc249b07608\",\"screenshots@mozilla.org\":\"f3c0d882-aebc-49d5-8b5e-19cb5ab179af\",\"webcompat-reporter@mozilla.org\":\"594af14f-b8d3-4834-b052-0bb4f9c446cc\",\"webcompat@mozilla.org\":\"ffa78d0b-9dec-413b-8698-54f40d3192c0\",\"default-theme@mozilla.org\":\"780fd967-de5e-438c-948a-5363de481f50\",\"google@search.mozilla.org\":\"a826e243-6f48-495e-ba80-13dd7c8b9ba8\",\"bing@search.mozilla.org\":\"9aa3d7e1-8f68-430e-a6a6-a7345524e1c3\",\"amazon@search.mozilla.org\":\"2bbfd99a-c026-4efa-90e4-911e1df6f15f\",\"ddg@search.mozilla.org\":\"ec5f254a-f670-4ccf-8df8-73b89c72511a\",\"ebay@search.mozilla.org\":\"ee542dc8-147a-44ff-acbe-3a42c79b96dc\",\"qwant@search.mozilla.org\":\"140ccb43-5600-4a09-b485-def24102c46c\",\"wikipedia@search.mozilla.org\":\"c00e148e-6761-46c2-a148-0f9617741ddb\",\"{42d43c7b-e473-404d-83d0-44cd87b81854}\":\"1a787040-4f39-48c3-815d-132f14022c5a\",\"firefox@tampermonkey.net\":\"c6483801-0dbb-4e12-9485-0106f002b426\",\"{219c6fc1-39cb-44ca-a776-ea8e61dc0f92}\":\"f584c2bd-b7f6-4af2-b7bc-8f080c6865fe\",\"uBlock0@raymondhill.net\":\"ad97492b-30d9-4c23-b7d5-213c7fce990c\",\"2.0@disconnect.me\":\"345416cf-044e-4d11-8bf9-6d70d894dec4\",\"https-everywhere@eff.org\":\"15d6f4cc-df6e-4a61-91cd-2bf1fe29f1a4\",\"addon@darkreader.org\":\"41c353f7-fd40-4564-a10c-141b435eece5\",\"languagetool-webextension@languagetool.org\":\"9a3cff25-847e-4c97-b661-a65c3062b4dd\",\"reset-search-defaults@mozilla.com\":\"71e94bb9-345d-43f4-9626-effdcc0964be\",\"yourmove@official\":\"c8af87e6-4188-44f5-a7a5-193c17ad10de\",\"{e4a8a97b-f2ed-450b-b12d-ee082ba24781}\":\"d34cba26-e7a2-4bd9-9a0c-f5ce0c19d892\",\"pictureinpicture@mozilla.org\":\"49b60d68-6dae-413a-b9d7-a0c2b1aef141\"}"); user_pref("services.sync.extension-storage.lastSync", "0"); [Profile0] - Name=default -> Profiles/r5q3xrre.default-1582210355117 ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{08d5947d-78a3-400a-91d9-7d8cdcfe54b2}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{11b188e2-6b8c-4c44-a4d3-a27a07f2a23f}] "DhcpNameServer"=192.168.42.129 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{4492d497-92ad-4d20-b5ba-88b66e8017b7}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{08d5947d-78a3-400a-91d9-7d8cdcfe54b2}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{11b188e2-6b8c-4c44-a4d3-a27a07f2a23f}] "DhcpNameServer"=192.168.42.129 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{4492d497-92ad-4d20-b5ba-88b66e8017b7}] "DhcpNameServer"=192.168.1.1 ---------- | Applications [HKLM\SOFTWARE\Classes\Applications\csgo.exe] : "g:\steam\steamapps\common\counter-strike global offensive\csgo.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\firefox.exe] : "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" [HKLM\SOFTWARE\Classes\Applications\gimp-2.10.exe] : "E:\GIMP 2\bin\gimp-2.10.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\hl2.exe] : "e:\steam\steamapps\common\garrysmod\hl2.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\ois.exe] : C:\PROGRA~2\MICROS~3\Office14\OIS.EXE /shellOpen "%1" [HKLM\SOFTWARE\Classes\Applications\titanfall2.exe] : "e:\games\titanfall2\titanfall2.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "G:\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\Classes\Applications\VSLauncher.exe] : "C:\Program Files (x86)\Common Files\Microsoft Shared\MSEnv\VSLauncher.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\csgo.exe] : "g:\steam\steamapps\common\counter-strike global offensive\csgo.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\firefox.exe] : "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\gimp-2.10.exe] : "E:\GIMP 2\bin\gimp-2.10.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\hl2.exe] : "e:\steam\steamapps\common\garrysmod\hl2.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ois.exe] : C:\PROGRA~2\MICROS~3\Office14\OIS.EXE /shellOpen "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\titanfall2.exe] : "e:\games\titanfall2\titanfall2.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "G:\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\VSLauncher.exe] : "C:\Program Files (x86)\Common Files\Microsoft Shared\MSEnv\VSLauncher.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | SvcHost (Whitelist) [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=Power LSM BrokerInfrastructure PlugPlay DcomLaunch SystemEventsBroker DeviceInstall "rdxgroup"=RetailDemo "Camera"=FrameS "LocalServiceNoNetworkFirewall"=BFE mpssvc "diagnostics"=DiagSvc "AarSvcGroup"=AarSvc "PrintWorkflow"=PrintWorkflowUserSvc "wusvcs"=WaaSMedicSvc "BcastDVRUserService"=BcastDVRUserService "GraphicsPerfSvcGroup"=GraphicsPerfSvc "autoTimeSvc"=autoTimeSvc "ClipboardSvcGroup"=cbdhsvc "BthAppGroup"=BluetoothUserService "smbsvcs"=lanmanserver "UdkSvcGroup"=UdkUserSvc "DevicesFlow"=DeviceAssociationBrokerSvc DevicesFlowUserSvc ConsentUxUserSvc DevicePickerUserSvc "PeerDist"=PeerDistSvc "AssignedAccessManagerSvc"=AssignedAccessManagerSvc "SshBrokerGroup"=SshdBroker "DevToolsGroup"=debugregsvc "osrss"=osrss "DialogBlockingService"=DialogBlockingService [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=DcomLaunch DeviceInstall "PrintWorkflow"=PrintWorkflowUserSvc "AarSvcGroup"=AarSvc "DevicesFlow"=DeviceAssociationBrokerSvc "smbsvcs"=lanmanserver ---------- | SvcHost - Netsvcs (Whitelist) ---------- | Software [HKLM\Software\AGEIA Technologies] [HKLM\Software\Apple Inc.] [HKLM\Software\AutoHotkey] [HKLM\Software\BlueStacks] [HKLM\Software\BlueStacksInstaller] [HKLM\Software\Canon] [HKLM\Software\Caphyon] [HKLM\Software\cFos] [HKLM\Software\Clients] [HKLM\Software\CPUID] [HKLM\Software\CVSM] [HKLM\Software\CyberGhost] [HKLM\Software\DefaultUserEnvironment] [HKLM\Software\Dell] [HKLM\Software\Disc Soft] [HKLM\Software\dotnet] [HKLM\Software\DroidCam] [HKLM\Software\EA Games] [HKLM\Software\ej-technologies] [HKLM\Software\FlashIntegro] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\GIMP 2.10] [HKLM\Software\GitForWindows] [HKLM\Software\GNU] [HKLM\Software\Google] [HKLM\Software\Icaros] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\KDiff3] [HKLM\Software\Khronos] [HKLM\Software\Locktime Software] [HKLM\Software\LogMeIn, Inc.] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes] [HKLM\Software\Martin Prikryl] [HKLM\Software\Matrox] [HKLM\Software\MegaTrainerUltimate] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\mozilla.org] [HKLM\Software\MozillaPlugins] [HKLM\Software\MRAC] [HKLM\Software\NCH Swift Sound] [HKLM\Software\Nefarius Software Solutions e.U.] [HKLM\Software\Node.js] [HKLM\Software\Notepad++] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\Oculus] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\OpenSSH] [HKLM\Software\Oracle] [HKLM\Software\paint.net] [HKLM\Software\Partner] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Pozzum] [HKLM\Software\Razer] [HKLM\Software\RegisteredApplications] [HKLM\Software\Respawn] [HKLM\Software\Rockstar Games] [HKLM\Software\SoftEther Project] [HKLM\Software\Sony Creative Software] [HKLM\Software\SteelSeries] [HKLM\Software\sysinternals] [HKLM\Software\TeamSpeak 3 Client] [HKLM\Software\Tracker Software] [HKLM\Software\VB-Audio] [HKLM\Software\VideoLAN] [HKLM\Software\Voicemod] [HKLM\Software\Windows] [HKLM\Software\WinRAR] [HKLM\Software\WOW6432Node] [HKLM\SOFTWARE\Microsoft\.NETFramework] [HKLM\SOFTWARE\Microsoft\AccountsControl] [HKLM\SOFTWARE\Microsoft\Active Setup] [HKLM\SOFTWARE\Microsoft\ActiveSync] [HKLM\SOFTWARE\Microsoft\ADs] [HKLM\SOFTWARE\Microsoft\Advanced INF Setup] [HKLM\SOFTWARE\Microsoft\ALG] [HKLM\SOFTWARE\Microsoft\AllUserInstallAgent] [HKLM\SOFTWARE\Microsoft\AMSI] [HKLM\SOFTWARE\Microsoft\Analog] [HKLM\SOFTWARE\Microsoft\AOMEI] [HKLM\SOFTWARE\Microsoft\AppServiceProtocols] [HKLM\SOFTWARE\Microsoft\AppV] [HKLM\SOFTWARE\Microsoft\ASP.NET] [HKLM\SOFTWARE\Microsoft\ASP.NET Core] [HKLM\SOFTWARE\Microsoft\Assistance] [HKLM\SOFTWARE\Microsoft\AudioCompressionManager] [HKLM\SOFTWARE\Microsoft\AuthHost] [HKLM\SOFTWARE\Microsoft\Avalon.Graphics] [HKLM\SOFTWARE\Microsoft\BidInterface] [HKLM\SOFTWARE\Microsoft\BitLockerCsp] [HKLM\SOFTWARE\Microsoft\CallAndMessagingEnhancement] [HKLM\SOFTWARE\Microsoft\Cellular] [HKLM\SOFTWARE\Microsoft\Chkdsk] [HKLM\SOFTWARE\Microsoft\Clipboard] [HKLM\SOFTWARE\Microsoft\ClipboardServer] [HKLM\SOFTWARE\Microsoft\CloudManagedUpdate] [HKLM\SOFTWARE\Microsoft\COM3] [HKLM\SOFTWARE\Microsoft\Command Processor] [HKLM\SOFTWARE\Microsoft\CommsAPHost] [HKLM\SOFTWARE\Microsoft\Composition] [HKLM\SOFTWARE\Microsoft\CoreShell] [HKLM\SOFTWARE\Microsoft\Cryptography] [HKLM\SOFTWARE\Microsoft\CTF] [HKLM\SOFTWARE\Microsoft\DataAccess] [HKLM\SOFTWARE\Microsoft\DataCollection] [HKLM\SOFTWARE\Microsoft\DataMarketplace] [HKLM\SOFTWARE\Microsoft\DataSharing] [HKLM\SOFTWARE\Microsoft\DDDS] [HKLM\SOFTWARE\Microsoft\DevDiv] [HKLM\SOFTWARE\Microsoft\Device Association Framework] [HKLM\SOFTWARE\Microsoft\DeviceReg] [HKLM\SOFTWARE\Microsoft\Dfrg] [HKLM\SOFTWARE\Microsoft\DFS] [HKLM\SOFTWARE\Microsoft\DiagnosticLogCSP] [HKLM\SOFTWARE\Microsoft\DirectDraw] [HKLM\SOFTWARE\Microsoft\DirectInput] [HKLM\SOFTWARE\Microsoft\DirectMusic] [HKLM\SOFTWARE\Microsoft\DirectPlay8] [HKLM\SOFTWARE\Microsoft\DirectPlayNATHelp] [HKLM\SOFTWARE\Microsoft\DirectShow] [HKLM\SOFTWARE\Microsoft\DirectX] [HKLM\SOFTWARE\Microsoft\DownloadManager] [HKLM\SOFTWARE\Microsoft\Driver Signing] [HKLM\SOFTWARE\Microsoft\DRM] [HKLM\SOFTWARE\Microsoft\DusmSvc] [HKLM\SOFTWARE\Microsoft\DVDNavigator] [HKLM\SOFTWARE\Microsoft\DVR] [HKLM\SOFTWARE\Microsoft\DXP] [HKLM\SOFTWARE\Microsoft\EAPSIMMethods] [HKLM\SOFTWARE\Microsoft\Edge] [HKLM\SOFTWARE\Microsoft\Enrollment] [HKLM\SOFTWARE\Microsoft\Enrollments] [HKLM\SOFTWARE\Microsoft\EnterpriseCertificates] [HKLM\SOFTWARE\Microsoft\EnterpriseDataProtection] [HKLM\SOFTWARE\Microsoft\EnterpriseResourceManager] [HKLM\SOFTWARE\Microsoft\EventSounds] [HKLM\SOFTWARE\Microsoft\EventSystem] [HKLM\SOFTWARE\Microsoft\F12] [HKLM\SOFTWARE\Microsoft\FamilyStore] [HKLM\SOFTWARE\Microsoft\Fax] [HKLM\SOFTWARE\Microsoft\FaxServer] [HKLM\SOFTWARE\Microsoft\Feeds] [HKLM\SOFTWARE\Microsoft\FilePicker] [HKLM\SOFTWARE\Microsoft\FilterDS] [HKLM\SOFTWARE\Microsoft\FingerKB] [HKLM\SOFTWARE\Microsoft\FTH] [HKLM\SOFTWARE\Microsoft\Function Discovery] [HKLM\SOFTWARE\Microsoft\Fusion] [HKLM\SOFTWARE\Microsoft\FuzzyDS] [HKLM\SOFTWARE\Microsoft\GameOverlay] [HKLM\SOFTWARE\Microsoft\GamingRuntime] [HKLM\SOFTWARE\Microsoft\GamingServices] [HKLM\SOFTWARE\Microsoft\HTMLHelp] [HKLM\SOFTWARE\Microsoft\Hvsi] [HKLM\SOFTWARE\Microsoft\IdentityCRL] [HKLM\SOFTWARE\Microsoft\IdentityStore] [HKLM\SOFTWARE\Microsoft\IHDS] [HKLM\SOFTWARE\Microsoft\ImageTimeSettings] [HKLM\SOFTWARE\Microsoft\IMAPI] [HKLM\SOFTWARE\Microsoft\IME] [HKLM\SOFTWARE\Microsoft\IMEJP] [HKLM\SOFTWARE\Microsoft\IMEKR] [HKLM\SOFTWARE\Microsoft\IMETC] [HKLM\SOFTWARE\Microsoft\InProcLogger] [HKLM\SOFTWARE\Microsoft\Input] [HKLM\SOFTWARE\Microsoft\InputMethod] [HKLM\SOFTWARE\Microsoft\InputPersonalization] [HKLM\SOFTWARE\Microsoft\Internet Account Manager] [HKLM\SOFTWARE\Microsoft\Internet Domains] [HKLM\SOFTWARE\Microsoft\Internet Explorer] [HKLM\SOFTWARE\Microsoft\IsoBurn] [HKLM\SOFTWARE\Microsoft\KGL] [HKLM\SOFTWARE\Microsoft\LanguageOverlay] [HKLM\SOFTWARE\Microsoft\LexiconUpdate] [HKLM\SOFTWARE\Microsoft\Managed Desktop] [HKLM\SOFTWARE\Microsoft\MdmCommon] [HKLM\SOFTWARE\Microsoft\MdmDiagnostics] [HKLM\SOFTWARE\Microsoft\MediaEngine] [HKLM\SOFTWARE\Microsoft\MediaPlayer] [HKLM\SOFTWARE\Microsoft\MemoryDiagnostic] [HKLM\SOFTWARE\Microsoft\Messaging] [HKLM\SOFTWARE\Microsoft\MessengerService] [HKLM\SOFTWARE\Microsoft\Microsoft Camera Codec Pack] [HKLM\SOFTWARE\Microsoft\Microsoft Visual Studio 15.0 Tools for Unity] [HKLM\SOFTWARE\Microsoft\MiracastReceiver] [HKLM\SOFTWARE\Microsoft\MMC] [HKLM\SOFTWARE\Microsoft\Mobile] [HKLM\SOFTWARE\Microsoft\MpSigStub] [HKLM\SOFTWARE\Microsoft\MSBuild] [HKLM\SOFTWARE\Microsoft\MSDE] [HKLM\SOFTWARE\Microsoft\MSDRM] [HKLM\SOFTWARE\Microsoft\MSDTC] [HKLM\SOFTWARE\Microsoft\MSF] [HKLM\SOFTWARE\Microsoft\MSIME] [HKLM\SOFTWARE\Microsoft\MSLicensing] [HKLM\SOFTWARE\Microsoft\MSMQ] [HKLM\SOFTWARE\Microsoft\MSN Apps] [HKLM\SOFTWARE\Microsoft\MTF] [HKLM\SOFTWARE\Microsoft\MTFFuzzyFactors] [HKLM\SOFTWARE\Microsoft\MTFInputType] [HKLM\SOFTWARE\Microsoft\MTFKeyboardMappings] [HKLM\SOFTWARE\Microsoft\Multimedia] [HKLM\SOFTWARE\Microsoft\Multivariant] [HKLM\SOFTWARE\Microsoft\NET Framework Setup] [HKLM\SOFTWARE\Microsoft\NetSh] [HKLM\SOFTWARE\Microsoft\Network] [HKLM\SOFTWARE\Microsoft\Non-Driver Signing] [HKLM\SOFTWARE\Microsoft\Notepad] [HKLM\SOFTWARE\Microsoft\ODBC] [HKLM\SOFTWARE\Microsoft\OEM] [HKLM\SOFTWARE\Microsoft\Office] [HKLM\SOFTWARE\Microsoft\OfficeCSP] [HKLM\SOFTWARE\Microsoft\OfficeSoftwareProtectionPlatform] [HKLM\SOFTWARE\Microsoft\Ole] [HKLM\SOFTWARE\Microsoft\OneDrive] [HKLM\SOFTWARE\Microsoft\OnlineProviders] [HKLM\SOFTWARE\Microsoft\Outlook Express] [HKLM\SOFTWARE\Microsoft\Palm] [HKLM\SOFTWARE\Microsoft\Personalization] [HKLM\SOFTWARE\Microsoft\Phone] [HKLM\SOFTWARE\Microsoft\Photos] [HKLM\SOFTWARE\Microsoft\PIM] [HKLM\SOFTWARE\Microsoft\PLA] [HKLM\SOFTWARE\Microsoft\PlayReady] [HKLM\SOFTWARE\Microsoft\PlayToReceiver] [HKLM\SOFTWARE\Microsoft\PointOfService] [HKLM\SOFTWARE\Microsoft\Policies] [HKLM\SOFTWARE\Microsoft\PolicyManager] [HKLM\SOFTWARE\Microsoft\Poom] [HKLM\SOFTWARE\Microsoft\PowerShell] [HKLM\SOFTWARE\Microsoft\Print] [HKLM\SOFTWARE\Microsoft\Provisioning] [HKLM\SOFTWARE\Microsoft\PushRouter] [HKLM\SOFTWARE\Microsoft\RADAR] [HKLM\SOFTWARE\Microsoft\Ras] [HKLM\SOFTWARE\Microsoft\RAS AutoDial] [HKLM\SOFTWARE\Microsoft\RcsPresence] [HKLM\SOFTWARE\Microsoft\Reliability Analysis] [HKLM\SOFTWARE\Microsoft\Remediation] [HKLM\SOFTWARE\Microsoft\RemovalTools] [HKLM\SOFTWARE\Microsoft\rempl] [HKLM\SOFTWARE\Microsoft\RendezvousApps] [HKLM\SOFTWARE\Microsoft\Router] [HKLM\SOFTWARE\Microsoft\Rpc] [HKLM\SOFTWARE\Microsoft\SchedulingAgent] [HKLM\SOFTWARE\Microsoft\Schema Library] [HKLM\SOFTWARE\Microsoft\SDDS] [HKLM\SOFTWARE\Microsoft\Security Center] [HKLM\SOFTWARE\Microsoft\SecurityManager] [HKLM\SOFTWARE\Microsoft\SEMgr] [HKLM\SOFTWARE\Microsoft\Sensors] [HKLM\SOFTWARE\Microsoft\ServerManager] [HKLM\SOFTWARE\Microsoft\ServicesForNFS] [HKLM\SOFTWARE\Microsoft\Settings] [HKLM\SOFTWARE\Microsoft\Shared] [HKLM\SOFTWARE\Microsoft\Shared Tools] [HKLM\SOFTWARE\Microsoft\Shared Tools Location] [HKLM\SOFTWARE\Microsoft\Shell] [HKLM\SOFTWARE\Microsoft\SideShow] [HKLM\SOFTWARE\Microsoft\sih] [HKLM\SOFTWARE\Microsoft\Silverlight] [HKLM\SOFTWARE\Microsoft\Siuf] [HKLM\SOFTWARE\Microsoft\SoftGrid] [HKLM\SOFTWARE\Microsoft\Software] [HKLM\SOFTWARE\Microsoft\Speech] [HKLM\SOFTWARE\Microsoft\Speech_OneCore] [HKLM\SOFTWARE\Microsoft\SQMClient] [HKLM\SOFTWARE\Microsoft\StrongName] [HKLM\SOFTWARE\Microsoft\Symbol Server] [HKLM\SOFTWARE\Microsoft\Sync Framework] [HKLM\SOFTWARE\Microsoft\Sysprep] [HKLM\SOFTWARE\Microsoft\SystemCertificates] [HKLM\SOFTWARE\Microsoft\SystemSettings] [HKLM\SOFTWARE\Microsoft\TableTextService] [HKLM\SOFTWARE\Microsoft\TabletTip] [HKLM\SOFTWARE\Microsoft\TaskFlowDataEngine] [HKLM\SOFTWARE\Microsoft\Tcpip] [HKLM\SOFTWARE\Microsoft\TelemetryClient] [HKLM\SOFTWARE\Microsoft\Terminal Server Client] [HKLM\SOFTWARE\Microsoft\TermServLicensing] [HKLM\SOFTWARE\Microsoft\TouchPrediction] [HKLM\SOFTWARE\Microsoft\TPG] [HKLM\SOFTWARE\Microsoft\Tpm] [HKLM\SOFTWARE\Microsoft\Tracing] [HKLM\SOFTWARE\Microsoft\Transaction Server] [HKLM\SOFTWARE\Microsoft\TV System Services] [HKLM\SOFTWARE\Microsoft\uDRM] [HKLM\SOFTWARE\Microsoft\UEV] [HKLM\SOFTWARE\Microsoft\Unified Store] [HKLM\SOFTWARE\Microsoft\Unistore] [HKLM\SOFTWARE\Microsoft\UNP] [HKLM\SOFTWARE\Microsoft\UPnP Control Point] [HKLM\SOFTWARE\Microsoft\UPnP Device Host] [HKLM\SOFTWARE\Microsoft\UserData] [HKLM\SOFTWARE\Microsoft\UserManager] [HKLM\SOFTWARE\Microsoft\Virtual Machine] [HKLM\SOFTWARE\Microsoft\Visual JSharp Setup] [HKLM\SOFTWARE\Microsoft\VisualStudio] [HKLM\SOFTWARE\Microsoft\WAB] [HKLM\SOFTWARE\Microsoft\Wallet] [HKLM\SOFTWARE\Microsoft\Wbem] [HKLM\SOFTWARE\Microsoft\WcmSvc] [HKLM\SOFTWARE\Microsoft\WebManagement] [HKLM\SOFTWARE\Microsoft\WIMMount] [HKLM\SOFTWARE\Microsoft\Windows] [HKLM\SOFTWARE\Microsoft\Windows Advanced Threat Protection] [HKLM\SOFTWARE\Microsoft\Windows Defender] [HKLM\SOFTWARE\Microsoft\Windows Defender Security Center] [HKLM\SOFTWARE\Microsoft\Windows Desktop Search] [HKLM\SOFTWARE\Microsoft\Windows Embedded] [HKLM\SOFTWARE\Microsoft\Windows Live] [HKLM\SOFTWARE\Microsoft\Windows Mail] [HKLM\SOFTWARE\Microsoft\Windows Media Device Manager] [HKLM\SOFTWARE\Microsoft\Windows Media Foundation] [HKLM\SOFTWARE\Microsoft\Windows Media Player NSS] [HKLM\SOFTWARE\Microsoft\Windows Messaging Subsystem] [HKLM\SOFTWARE\Microsoft\Windows NT] [HKLM\SOFTWARE\Microsoft\Windows Performance Toolkit] [HKLM\SOFTWARE\Microsoft\Windows Phone] [HKLM\SOFTWARE\Microsoft\Windows Photo Viewer] [HKLM\SOFTWARE\Microsoft\Windows Portable Devices] [HKLM\SOFTWARE\Microsoft\Windows Script Host] [HKLM\SOFTWARE\Microsoft\Windows Search] [HKLM\SOFTWARE\Microsoft\Windows Security Health] [HKLM\SOFTWARE\Microsoft\Windows10Upgrader] [HKLM\SOFTWARE\Microsoft\WindowsMitigation] [HKLM\SOFTWARE\Microsoft\WindowsRuntime] [HKLM\SOFTWARE\Microsoft\WindowsSelfHost] [HKLM\SOFTWARE\Microsoft\WindowsStore] [HKLM\SOFTWARE\Microsoft\WindowsUpdate] [HKLM\SOFTWARE\Microsoft\Wisp] [HKLM\SOFTWARE\Microsoft\WlanSvc] [HKLM\SOFTWARE\Microsoft\Wlpasvc] [HKLM\SOFTWARE\Microsoft\Wow64] [HKLM\SOFTWARE\Microsoft\WSDAPI] [HKLM\SOFTWARE\Microsoft\WwanSvc] [HKLM\SOFTWARE\Microsoft\XAML] [HKLM\SOFTWARE\Microsoft\XboxGameSaveStorage] [HKLM\SOFTWARE\Microsoft\XboxLive] [HKLM\SOFTWARE\Microsoft\XGameSaveStorage] [HKLM\Software\Microsoft\Windows\AssignedAccessConfiguration] [HKLM\Software\Microsoft\Windows\AssignedAccessCsp] [HKLM\Software\Microsoft\Windows\Autopilot] [HKLM\Software\Microsoft\Windows\ClickNote] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\Dwm] [HKLM\Software\Microsoft\Windows\DynamicManagement] [HKLM\Software\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\Microsoft\Windows\Heat] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\NcsiUwpApp] [HKLM\Software\Microsoft\Windows\Notepad] [HKLM\Software\Microsoft\Windows\PrivacySettingsBeforeCreatorsUpdate] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\UpdateApi] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AarSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AssignedAccessManagerSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\autotimesvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BcastDVRUserService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\btagservice] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BthAppGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\Camera] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ClipboardSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\DevicesFlow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\diagnostics] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\DialogBlockingService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GraphicsPerfSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\rdxgroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\RmSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UdkSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs] [HKLM\Software\WOW6432Node\Activision] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\AGEIA Technologies] [HKLM\Software\WOW6432Node\Apple Computer, Inc.] [HKLM\Software\WOW6432Node\Apple Inc.] [HKLM\Software\WOW6432Node\ASUS] [HKLM\Software\WOW6432Node\bethesda softworks] [HKLM\Software\WOW6432Node\BioWare] [HKLM\Software\WOW6432Node\Blizzard Entertainment] [HKLM\Software\WOW6432Node\bohemia interactive] [HKLM\Software\WOW6432Node\Canon] [HKLM\Software\WOW6432Node\Caphyon] [HKLM\Software\WOW6432Node\CD Projekt Red] [HKLM\Software\WOW6432Node\CDDB] [HKLM\Software\WOW6432Node\dotnet] [HKLM\Software\WOW6432Node\DroidCam] [HKLM\Software\WOW6432Node\DropboxUpdate] [HKLM\Software\WOW6432Node\EA Games] [HKLM\Software\WOW6432Node\EasyAntiCheat] [HKLM\Software\WOW6432Node\EasyAntiCheat_EOS] [HKLM\Software\WOW6432Node\electronic arts] [HKLM\Software\WOW6432Node\Epic Games] [HKLM\Software\WOW6432Node\EpicGames] [HKLM\Software\WOW6432Node\GNU] [HKLM\Software\WOW6432Node\GOG.com] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\HiRez Studios] [HKLM\Software\WOW6432Node\Icaros] [HKLM\Software\WOW6432Node\IllFonic] [HKLM\Software\WOW6432Node\InstallShield] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\KDiff3] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\KLCodecPack] [HKLM\Software\WOW6432Node\Lame For Audacity] [HKLM\Software\WOW6432Node\LAV] [HKLM\Software\WOW6432Node\Locktime Software] [HKLM\Software\WOW6432Node\LogMeIn Hamachi] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Magix] [HKLM\Software\WOW6432Node\Malwarebytes] [HKLM\Software\WOW6432Node\Martin Prikryl] [HKLM\Software\WOW6432Node\MC2] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Mojang] [HKLM\Software\WOW6432Node\monolith productions] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\Mr DJ] [HKLM\Software\WOW6432Node\MSI] [HKLM\Software\WOW6432Node\Nanoleaf] [HKLM\Software\WOW6432Node\NoteBurner Spotify Music Converter] [HKLM\Software\WOW6432Node\NVIDIA Corporation] [HKLM\Software\WOW6432Node\OBS Studio] [HKLM\Software\WOW6432Node\Oculus VR, LLC] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\OpenAL] [HKLM\Software\WOW6432Node\OpenOffice] [HKLM\Software\WOW6432Node\Oracle] [HKLM\Software\WOW6432Node\Origin] [HKLM\Software\WOW6432Node\Origin Games] [HKLM\Software\WOW6432Node\Overwolf] [HKLM\Software\WOW6432Node\Pingman Tools] [HKLM\Software\WOW6432Node\Pingman Tools, LLC] [HKLM\Software\WOW6432Node\Prince of Codes] [HKLM\Software\WOW6432Node\Python] [HKLM\Software\WOW6432Node\Razer] [HKLM\Software\WOW6432Node\Razer Chroma SDK] [HKLM\Software\WOW6432Node\Respawn] [HKLM\Software\WOW6432Node\Revive] [HKLM\Software\WOW6432Node\Riot Games, Inc] [HKLM\Software\WOW6432Node\Rockstar Games] [HKLM\Software\WOW6432Node\Screaming Bee] [HKLM\Software\WOW6432Node\Sims] [HKLM\Software\WOW6432Node\SoftEther Project] [HKLM\Software\WOW6432Node\SolarWinds] [HKLM\Software\WOW6432Node\Sony Creative Software] [HKLM\Software\WOW6432Node\SplitmediaLabs] [HKLM\Software\WOW6432Node\Team17 Software Ltd.] [HKLM\Software\WOW6432Node\TeamViewer] [HKLM\Software\WOW6432Node\Telerik] [HKLM\Software\WOW6432Node\ThinPrint] [HKLM\Software\WOW6432Node\timegate studios] [HKLM\Software\WOW6432Node\Ubi Soft] [HKLM\Software\WOW6432Node\Ubisoft] [HKLM\Software\WOW6432Node\Unchecky] [HKLM\Software\WOW6432Node\Valve] [HKLM\Software\WOW6432Node\VMware, Inc.] [HKLM\Software\WOW6432Node\Volatile] [HKLM\Software\WOW6432Node\WafCX] [HKLM\Software\WOW6432Node\WasntAFairFight] [HKLM\Software\WOW6432Node\wb games] [HKLM\Software\WOW6432Node\WOW6432Node] [HKLM\Software\WOW6432Node\Xamarin] [HKLM\Software\WOW6432Node\Xvid Team] [HKLM\Software\WOW6432Node\Zenimax_Online] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Even Balance] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\.NET Framework Platform] [HKLM\Software\WOW6432Node\Microsoft\.NETFramework] [HKLM\Software\WOW6432Node\Microsoft\Active Setup] [HKLM\Software\WOW6432Node\Microsoft\ADs] [HKLM\Software\WOW6432Node\Microsoft\Advanced INF Setup] [HKLM\Software\WOW6432Node\Microsoft\AMSI] [HKLM\Software\WOW6432Node\Microsoft\AOMEI] [HKLM\Software\WOW6432Node\Microsoft\AppServiceProtocols] [HKLM\Software\WOW6432Node\Microsoft\AppV] [HKLM\Software\WOW6432Node\Microsoft\ASP.NET] [HKLM\Software\WOW6432Node\Microsoft\ASP.NET Core] [HKLM\Software\WOW6432Node\Microsoft\Assistance] [HKLM\Software\WOW6432Node\Microsoft\AudioCompressionManager] [HKLM\Software\WOW6432Node\Microsoft\AuthHost] [HKLM\Software\WOW6432Node\Microsoft\Avalon.Graphics] [HKLM\Software\WOW6432Node\Microsoft\BidInterface] [HKLM\Software\WOW6432Node\Microsoft\BitLockerCsp] [HKLM\Software\WOW6432Node\Microsoft\ClipboardServer] [HKLM\Software\WOW6432Node\Microsoft\Command Processor] [HKLM\Software\WOW6432Node\Microsoft\Cryptography] [HKLM\Software\WOW6432Node\Microsoft\CTF] [HKLM\Software\WOW6432Node\Microsoft\DataAccess] [HKLM\Software\WOW6432Node\Microsoft\DDConfig] [HKLM\Software\WOW6432Node\Microsoft\DevDiv] [HKLM\Software\WOW6432Node\Microsoft\Device Association Framework] [HKLM\Software\WOW6432Node\Microsoft\Direct3D] [HKLM\Software\WOW6432Node\Microsoft\DirectDraw] [HKLM\Software\WOW6432Node\Microsoft\DirectInput] [HKLM\Software\WOW6432Node\Microsoft\DirectMusic] [HKLM\Software\WOW6432Node\Microsoft\DirectPlay] [HKLM\Software\WOW6432Node\Microsoft\DirectPlay8] [HKLM\Software\WOW6432Node\Microsoft\DirectPlayNATHelp] [HKLM\Software\WOW6432Node\Microsoft\DirectShow] [HKLM\Software\WOW6432Node\Microsoft\DirectX] [HKLM\Software\WOW6432Node\Microsoft\DownloadManager] [HKLM\Software\WOW6432Node\Microsoft\DRM] [HKLM\Software\WOW6432Node\Microsoft\DVDNavigator] [HKLM\Software\WOW6432Node\Microsoft\DVR] [HKLM\Software\WOW6432Node\Microsoft\EAPSIMMethods] [HKLM\Software\WOW6432Node\Microsoft\Edge] [HKLM\Software\WOW6432Node\Microsoft\EdgeUpdate] [HKLM\Software\WOW6432Node\Microsoft\ENROLLMENTS] [HKLM\Software\WOW6432Node\Microsoft\EnterpriseResourceManager] [HKLM\Software\WOW6432Node\Microsoft\Exchange] [HKLM\Software\WOW6432Node\Microsoft\F12] [HKLM\Software\WOW6432Node\Microsoft\Fax] [HKLM\Software\WOW6432Node\Microsoft\Feeds] [HKLM\Software\WOW6432Node\Microsoft\FilePicker] [HKLM\Software\WOW6432Node\Microsoft\Function Discovery] [HKLM\Software\WOW6432Node\Microsoft\Fusion] [HKLM\Software\WOW6432Node\Microsoft\GameOverlay] [HKLM\Software\WOW6432Node\Microsoft\HTMLHelp] [HKLM\Software\WOW6432Node\Microsoft\IdentityCRL] [HKLM\Software\WOW6432Node\Microsoft\IdentityStore] [HKLM\Software\WOW6432Node\Microsoft\IMAPI] [HKLM\Software\WOW6432Node\Microsoft\IME] [HKLM\Software\WOW6432Node\Microsoft\IMEJP] [HKLM\Software\WOW6432Node\Microsoft\IMEKR] [HKLM\Software\WOW6432Node\Microsoft\IMETC] [HKLM\Software\WOW6432Node\Microsoft\InputMethod] [HKLM\Software\WOW6432Node\Microsoft\InputPersonalization] [HKLM\Software\WOW6432Node\Microsoft\Internet Account Manager] [HKLM\Software\WOW6432Node\Microsoft\Internet Domains] [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer] [HKLM\Software\WOW6432Node\Microsoft\IsoBurn] [HKLM\Software\WOW6432Node\Microsoft\Jet] [HKLM\Software\WOW6432Node\Microsoft\Loki] [HKLM\Software\WOW6432Node\Microsoft\MediaEngine] [HKLM\Software\WOW6432Node\Microsoft\MediaPlayer] [HKLM\Software\WOW6432Node\Microsoft\MessengerService] [HKLM\Software\WOW6432Node\Microsoft\Microsoft Camera Codec Pack] [HKLM\Software\WOW6432Node\Microsoft\microsoft games] [HKLM\Software\WOW6432Node\Microsoft\Microsoft Reference] [HKLM\Software\WOW6432Node\Microsoft\Microsoft SDKs] [HKLM\Software\WOW6432Node\Microsoft\Microsoft SQL Server Compact Edition] [HKLM\Software\WOW6432Node\Microsoft\Microsoft Sync Framework] [HKLM\Software\WOW6432Node\Microsoft\Microsoft Visual Studio 15.0 Tools for Unity] [HKLM\Software\WOW6432Node\Microsoft\MiracastReceiver] [HKLM\Software\WOW6432Node\Microsoft\MMC] [HKLM\Software\WOW6432Node\Microsoft\MSBuild] [HKLM\Software\WOW6432Node\Microsoft\MSDE] [HKLM\Software\WOW6432Node\Microsoft\MSDRM] [HKLM\Software\WOW6432Node\Microsoft\MSDTC] [HKLM\Software\WOW6432Node\Microsoft\MSF] [HKLM\Software\WOW6432Node\Microsoft\MSLicensing] [HKLM\Software\WOW6432Node\Microsoft\MSN Apps] [HKLM\Software\WOW6432Node\Microsoft\MSOSOAP] [HKLM\Software\WOW6432Node\Microsoft\MSSearch36] [HKLM\Software\WOW6432Node\Microsoft\MTF] [HKLM\Software\WOW6432Node\Microsoft\Multimedia] [HKLM\Software\WOW6432Node\Microsoft\NET Framework Setup] [HKLM\Software\WOW6432Node\Microsoft\NetSh] [HKLM\Software\WOW6432Node\Microsoft\Network] [HKLM\Software\WOW6432Node\Microsoft\Notepad] [HKLM\Software\WOW6432Node\Microsoft\ODBC] [HKLM\Software\WOW6432Node\Microsoft\OEM] [HKLM\Software\WOW6432Node\Microsoft\Office] [HKLM\Software\WOW6432Node\Microsoft\Office Server] [HKLM\Software\WOW6432Node\Microsoft\OfficeSoftwareProtectionPlatform] [HKLM\Software\WOW6432Node\Microsoft\OnlineProviders] [HKLM\Software\WOW6432Node\Microsoft\Outlook Express] [HKLM\Software\WOW6432Node\Microsoft\Palm] [HKLM\Software\WOW6432Node\Microsoft\Personalization] [HKLM\Software\WOW6432Node\Microsoft\Photos] [HKLM\Software\WOW6432Node\Microsoft\PLA] [HKLM\Software\WOW6432Node\Microsoft\Policies] [HKLM\Software\WOW6432Node\Microsoft\PowerShell] [HKLM\Software\WOW6432Node\Microsoft\Print] [HKLM\Software\WOW6432Node\Microsoft\Provisioning] [HKLM\Software\WOW6432Node\Microsoft\RADAR] [HKLM\Software\WOW6432Node\Microsoft\RendezvousApps] [HKLM\Software\WOW6432Node\Microsoft\RFC1156Agent] [HKLM\Software\WOW6432Node\Microsoft\RSSearch] [HKLM\Software\WOW6432Node\Microsoft\SchedulingAgent] [HKLM\Software\WOW6432Node\Microsoft\Schema Library] [HKLM\Software\WOW6432Node\Microsoft\Security Center] [HKLM\Software\WOW6432Node\Microsoft\Sensors] [HKLM\Software\WOW6432Node\Microsoft\ServerManager] [HKLM\Software\WOW6432Node\Microsoft\Shared] [HKLM\Software\WOW6432Node\Microsoft\Shared Tools] [HKLM\Software\WOW6432Node\Microsoft\Shared Tools Location] [HKLM\Software\WOW6432Node\Microsoft\Silverlight] [HKLM\Software\WOW6432Node\Microsoft\SnippingTool] [HKLM\Software\WOW6432Node\Microsoft\Software] [HKLM\Software\WOW6432Node\Microsoft\SPEECH] [HKLM\Software\WOW6432Node\Microsoft\Speech_OneCore] [HKLM\Software\WOW6432Node\Microsoft\SQMClient] [HKLM\Software\WOW6432Node\Microsoft\StrongName] [HKLM\Software\WOW6432Node\Microsoft\Sync Framework] [HKLM\Software\WOW6432Node\Microsoft\SystemSettings] [HKLM\Software\WOW6432Node\Microsoft\TableTextService] [HKLM\Software\WOW6432Node\Microsoft\TabletTip] [HKLM\Software\WOW6432Node\Microsoft\Tcpip] [HKLM\Software\WOW6432Node\Microsoft\Terminal Server Client] [HKLM\Software\WOW6432Node\Microsoft\TouchPrediction] [HKLM\Software\WOW6432Node\Microsoft\TPG] [HKLM\Software\WOW6432Node\Microsoft\Tpm] [HKLM\Software\WOW6432Node\Microsoft\Tracing] [HKLM\Software\WOW6432Node\Microsoft\TV System Services] [HKLM\Software\WOW6432Node\Microsoft\uDRM] [HKLM\Software\WOW6432Node\Microsoft\UEV] [HKLM\Software\WOW6432Node\Microsoft\Updates] [HKLM\Software\WOW6432Node\Microsoft\UPnP Control Point] [HKLM\Software\WOW6432Node\Microsoft\UPnP Device Host] [HKLM\Software\WOW6432Node\Microsoft\VBA] [HKLM\Software\WOW6432Node\Microsoft\Visual JSharp Setup] [HKLM\Software\WOW6432Node\Microsoft\VisualStudio] [HKLM\Software\WOW6432Node\Microsoft\VisualStudio_bf1a40e2] [HKLM\Software\WOW6432Node\Microsoft\VSCommon] [HKLM\Software\WOW6432Node\Microsoft\VSTA] [HKLM\Software\WOW6432Node\Microsoft\VSTA Runtime Setup] [HKLM\Software\WOW6432Node\Microsoft\VSTAHost] [HKLM\Software\WOW6432Node\Microsoft\VSTAHostConfig] [HKLM\Software\WOW6432Node\Microsoft\VSTO Runtime Setup] [HKLM\Software\WOW6432Node\Microsoft\WAB] [HKLM\Software\WOW6432Node\Microsoft\WBEM] [HKLM\Software\WOW6432Node\Microsoft\WIMMount] [HKLM\Software\WOW6432Node\Microsoft\Windows] [HKLM\Software\WOW6432Node\Microsoft\Windows CE Services] [HKLM\Software\WOW6432Node\Microsoft\Windows Defender] [HKLM\Software\WOW6432Node\Microsoft\Windows Desktop Search] [HKLM\Software\WOW6432Node\Microsoft\Windows Kits] [HKLM\Software\WOW6432Node\Microsoft\Windows Live] [HKLM\Software\WOW6432Node\Microsoft\Windows Mail] [HKLM\Software\WOW6432Node\Microsoft\Windows Media Device Manager] [HKLM\Software\WOW6432Node\Microsoft\Windows Media Foundation] [HKLM\Software\WOW6432Node\Microsoft\Windows Messaging Subsystem] [HKLM\Software\WOW6432Node\Microsoft\Windows NT] [HKLM\Software\WOW6432Node\Microsoft\Windows Phone] [HKLM\Software\WOW6432Node\Microsoft\Windows Photo Viewer] [HKLM\Software\WOW6432Node\Microsoft\Windows Portable Devices] [HKLM\Software\WOW6432Node\Microsoft\Windows Script Host] [HKLM\Software\WOW6432Node\Microsoft\WindowsRuntime] [HKLM\Software\WOW6432Node\Microsoft\WindowsUpdate] [HKLM\Software\WOW6432Node\Microsoft\Wisp] [HKLM\Software\WOW6432Node\Microsoft\WlanSvc] [HKLM\Software\WOW6432Node\Microsoft\WSDAPI] [HKLM\Software\WOW6432Node\Microsoft\XNA] [HKLM\Software\WOW6432Node\Microsoft\Cellular] [HKLM\Software\WOW6432Node\Microsoft\COM3] [HKLM\Software\WOW6432Node\Microsoft\DeviceReg] [HKLM\Software\WOW6432Node\Microsoft\DFS] [HKLM\Software\WOW6432Node\Microsoft\Driver Signing] [HKLM\Software\WOW6432Node\Microsoft\EnterpriseCertificates] [HKLM\Software\WOW6432Node\Microsoft\EventSystem] [HKLM\Software\WOW6432Node\Microsoft\FingerKB] [HKLM\Software\WOW6432Node\Microsoft\FuzzyDS] [HKLM\Software\WOW6432Node\Microsoft\Input] [HKLM\Software\WOW6432Node\Microsoft\LanguageOverlay] [HKLM\Software\WOW6432Node\Microsoft\Messaging] [HKLM\Software\WOW6432Node\Microsoft\MSMQ] [HKLM\Software\WOW6432Node\Microsoft\MTFFuzzyFactors] [HKLM\Software\WOW6432Node\Microsoft\MTFInputType] [HKLM\Software\WOW6432Node\Microsoft\MTFKeyboardMappings] [HKLM\Software\WOW6432Node\Microsoft\Non-Driver Signing] [HKLM\Software\WOW6432Node\Microsoft\Ole] [HKLM\Software\WOW6432Node\Microsoft\Phone] [HKLM\Software\WOW6432Node\Microsoft\Pim] [HKLM\Software\WOW6432Node\Microsoft\Poom] [HKLM\Software\WOW6432Node\Microsoft\Ras] [HKLM\Software\WOW6432Node\Microsoft\Rpc] [HKLM\Software\WOW6432Node\Microsoft\SecurityManager] [HKLM\Software\WOW6432Node\Microsoft\Semgr] [HKLM\Software\WOW6432Node\Microsoft\Shell] [HKLM\Software\WOW6432Node\Microsoft\SystemCertificates] [HKLM\Software\WOW6432Node\Microsoft\TermServLicensing] [HKLM\Software\WOW6432Node\Microsoft\Transaction Server] [HKLM\Software\WOW6432Node\Microsoft\Unified Store] [HKLM\Software\WOW6432Node\Microsoft\UserData] [HKLM\Software\WOW6432Node\Microsoft\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\XAML] [HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\Dwm] [HKLM\Software\WOW6432Node\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\WOW6432Node\Microsoft\Windows\Heat] [HKLM\Software\WOW6432Node\Microsoft\Windows\Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\UpdateApi] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\AarSvc] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs] ---------- | Drives D: E: [23/07/2018 13:54:06] - |AH| - (.Copyright (C) 2000-2014 FFmpeg Project - FFmpeg utility library.) - [346912] - (52.94.100.0) - E:\avutil-52.dll [11/11/2019 01:22:01] - |A| - (.Copyright © 1999-2009 - BASS.) - [98872] - (2.4.5.0) - E:\bass.dll [11/11/2019 01:22:02] - |A| - (.Copyright © 2004-2009 - BASSFLAC.) - [25152] - (2.4.1.0) - E:\bassflac.dll [11/11/2019 01:22:02] - |A| - (.-.) - [23170] - (0.0.0.0) - E:\bassm4a.dll [11/11/2019 01:22:02] - |A| - (.Copyright © 2002-2010 - BASSWMA.) - [17472] - (2.4.4.0) - E:\basswma.dll [11/11/2019 01:22:02] - |A| - (.Copyright © 2007-2010 - BASSWV.) - [28224] - (2.4.2.0) - E:\basswv.dll [11/11/2019 01:22:01] - |A| - (.2003-2006, MaresWEB - Advanced Audio Coding and MPEG-4 add-on for the BASS library.) - [151416] - (2.4.2.0) - E:\bass_aac.dll [11/11/2019 01:22:02] - |A| - (.2003-2006, MaresWEB - Apple Lossless Audio Codec add-on for the BASS library.) - [12488] - (2.4.1.0) - E:\bass_alac.dll [11/11/2019 01:22:02] - |A| - (.-.) - [144896] - (0.0.0.0) - E:\hge.dll [23/07/2018 13:54:10] - |AH| - (.-.) - [90400] - (1.0.0.0) - E:\Interop.VHMediaCOMLib.dll [09/01/2016 19:24:00] - |AH| - (.Copyright © toe_head2001 - Jigsaw Puzzle Plugin for Paint.NET.) - [15872] - (2.1.0.0) - E:\JigsawPuzzle.dll [15/12/2015 16:10:34] - |AH| - (.Copyright Apple Inc. 1989-2016 - QuickTime Control.) - [895280] - (7.79.80.95) - E:\QTOControl.dll [15/12/2015 16:10:34] - |AH| - (.Copyright Apple Inc. 1989-2016 - QuickTime Library.) - [821552] - (7.79.80.95) - E:\QTOLibrary.dll [15/12/2015 16:10:34] - |AH| - (.Copyright Apple Inc. 1989-2016 - QuickTime UI Panel Control.) - [366896] - (7.79.80.95) - E:\QTUIPanelControl.dll [15/12/2015 16:10:34] - |AH| - (.Copyright Apple Inc. 1989-2016 - QuickTime Player.) - [9287984] - (7.79.80.95) - E:\QuickTimePlayer.dll [11/11/2019 01:22:03] - |A| - (.-.) - [23552] - (0.0.0.0) - E:\spray_api.dll [23/07/2018 13:54:11] - |AH| - (.Copyright (C) 2000-2014 FFmpeg Project - FFmpeg audio resampling library.) - [105248] - (0.19.100.0) - E:\swresample-0.dll [11/11/2019 01:22:02] - |A| - (.- Tags BASS add-on.) - [16816] - (0.0.16.0) - E:\tags.dll [23/07/2018 13:54:13] - |AH| - (.Copyright © 2009-2018 - UnhandledException.) - [92960] - (3.4.1806.1401) - E:\UnhandledException.dll [23/07/2018 13:54:15] - |AH| - (.2009-2018 (c) SplitmediaLabs Limited - VHMediaLib COM implementation.) - [3633440] - (2.0.1806.405) - E:\VHMediaCOM.dll [23/07/2018 13:54:16] - |AH| - (.Copyright © 2016-2018 - XSplit Common Utility.) - [238368] - (3.4.1805.3101) - E:\XSplit.CommonUtils.dll [23/07/2018 13:54:18] - |AH| - (.Copyright © 2009-2018 - XSplit.ControlLibrary.) - [3191072] - (3.4.1806.1201) - E:\XSplit.ControlLibrary.dll [07/03/2021 23:50:15] - |A| - (.Copyright (c) 2020 Discord Inc. - Discord - https://discord.com/.) - [68822328] - (0.0.53.0) - E:\DiscordSetup.exe [15/12/2015 16:13:42] - |AH| - (.Copyright Apple Inc. 1989-2016 - QuickTime Player.) - [1235264] - (7.79.80.95) - E:\QuickTimePlayer.exe [23/07/2018 13:53:17] - |AH| - (.Copyright © 2009-2018 - XSplit Game Source 32-bit Hook.) - [413328] - (3.4.1806.701) - E:\XGS32.exe [23/07/2018 13:53:25] - |AH| - (.Copyright © 2009-2018 - XSplitRegSrc.) - [207648] - (3.4.1806.2229) - E:\XSplitRegSrc.exe [03/02/2020 13:42:58] - |RSH| - (.-.) - [181] - (0.0.0.0) - E:\desktop.ini [31/08/2018 18:08:57] - |AH| - (.-.) - [364] - (0.0.0.0) - E:\xsplit_updater.ini G: [04/05/2021 23:16:24] - |A| - (.-.) - [533] - (0.0.0.0) - G:\Disque local (I) - Raccourci.lnk [20/05/2017 17:00:29] - |AH| - (.Copyright BugSplat, LLC (C) 2015 - Crash reporting module, BugSplat.DLL.) - [303568] - (3.3.1.0) - G:\BugSplat.dll [20/05/2017 17:00:29] - |AH| - (.Copyright BugSplat, LLC (C) 2003 - Crash reporting module, BugSplatRc.) - [198784] - (1.0.0.1) - G:\BugSplatRc.dll [20/05/2017 17:00:29] - |AH| - (.© Microsoft Corporation. - Microsoft® Concurrency Runtime Library.) - [243016] - (14.10.25008.0) - G:\concrt140.dll [07/11/2007 09:03:18] - |AH| - (.(C) Microsoft Corporation. - UI Wrapper Resource DLL.) - [76304] - (9.0.21022.8) - G:\install.res.1028.dll [07/11/2007 09:03:18] - |AH| - (.© Microsoft Corporation. Alle Rechte vorbehalten. - Ressourcen-DLL für UI-Wrapper.) - [96272] - (9.0.21022.8) - G:\install.res.1031.dll [07/11/2007 09:03:18] - |AH| - (.© Microsoft Corporation. - UI Wrapper Resource DLL.) - [91152] - (9.0.21022.8) - G:\install.res.1033.dll [07/11/2007 09:03:18] - |AH| - (.© Microsoft Corporation. Tous droits réservés. - UI Wrapper Resource DLL.) - [97296] - (9.0.21022.8) - G:\install.res.1036.dll [07/11/2007 09:03:18] - |AH| - (.© Microsoft Corporation. Tutti i diritti riservati. - DLL di risorse del wrapper dell'interfaccia utente.) - [95248] - (9.0.21022.8) - G:\install.res.1040.dll [07/11/2007 09:03:18] - |AH| - (.(C) Copyright Microsoft Corporation. - UI Wrapper Resource DLL.) - [81424] - (9.0.21022.8) - G:\install.res.1041.dll [07/11/2007 09:03:18] - |AH| - (.(C) Microsoft Corporation. - UI ?? ??? DLL.) - [79888] - (9.0.21022.8) - G:\install.res.1042.dll [07/11/2007 09:03:18] - |AH| - (.(C) Microsoft Corporation???????? - ???????? DLL.) - [75792] - (9.0.21022.8) - G:\install.res.2052.dll [07/11/2007 09:03:18] - |AH| - (.© Microsoft Corporation. Reservados todos los derechos. - Archivo DLL de recursos del contenedor de la interfaz de usuario.) - [96272] - (9.0.21022.8) - G:\install.res.3082.dll [20/05/2017 17:00:29] - |AH| - (.-.) - [128640] - (0.0.0.0) - G:\yaml.dll [20/05/2017 17:00:29] - |AH| - (.-.) - [108672] - (0.0.0.0) - G:\zlib.dll [09/03/2017 22:21:33] - |H| - (.(C) 1995-2003 Jean-loup Gailly & Mark Adler - zlib data compression library.) - [55808] - (1.2.1.0) - G:\zlib1.dll [20/05/2017 17:00:29] - |AH| - (.Copyright BugSplat, LLC (C) 2015 - Crash reporting Send Utility, BsSndRpt.exe.) - [324048] - (3.3.1.0) - G:\BsSndRpt.exe [12/05/2017 19:47:04] - |H| - (.Copyright (C) 2014 - zosSteamStarter.) - [27384] - (1.0.3.8) - G:\zosSteamStarter.exe [07/11/2007 09:00:40] - |AH| - (.-.) - [843] - (0.0.0.0) - G:\install.ini ---------- | C: [20/07/2020 16:35:40] - |HDC| - [20696] - C:\$GetCurrent [31/07/2015 00:42:06] - |SHD| - [52753] - C:\$Recycle.Bin [23/07/2020 18:55:43] - |HDC| - [493834] - C:\$SysReset [26/07/2020 23:18:45] - |HDC| - [352839] - C:\$Windows.~WS [06/08/2020 11:37:43] - |HDC| - [0] - C:\$WinREAgent [07/07/2019 02:25:19] - |DC| - [2420] - C:\.android [MD5.5D334EACF7174A8611547F0214AD361E] - [19/02/2020 20:01:56] - |HC| - (.-.) - [1024] - (0.0.0.0) - C:\AMTAG.BIN [17/02/2020 18:43:21] - |DC| - [1757096] - C:\AtIXpSkegyl [30/10/2018 17:25:34] - |RASHD| - [2] - C:\autorun.inf [MD5.CDF075B70E5F612B4399A54B25D55192] - [31/07/2015 00:48:29] - |RASH| - (.-.) - [395268] - (0.0.0.0) - C:\bootmgr [MD5.93B885ADFE0DA089CDF634904FD59F71] - [31/07/2015 00:48:30] - |ASHC| - (.-.) - [1] - (0.0.0.0) - C:\BOOTNXT [08/06/2020 00:12:12] - |SHDC| - [919776] - C:\Config.Msi [09/01/2020 13:32:17] - |DC| - [0] - C:\CPY_SAVES [30/07/2015 23:51:49] - |SHD| - [0] - C:\Documents and Settings [MD5.4B6833E173F3E460A2F7F71DC5785624] - [23/03/2018 10:36:01] - |A| - (.-.) - [581633] - (0.0.0.0) - C:\DUMP5071.tmp [MD5.B88DDB416D88DB6E415C6437C36C93D7] - [20/07/2020 17:28:23] - |ASH| - (.-.) - [8192] - (0.0.0.0) - C:\DumpStack.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [20/07/2020 17:28:23] - |ASH| - (.-.) - [8192] - (0.0.0.0) - C:\DumpStack.log.tmp [20/07/2020 16:41:43] - |DC| - [670822092] - C:\ESD [28/05/2020 23:06:03] - |DC| - [6306462] - C:\Hypno [07/04/2020 19:05:20] - |DC| - [37224] - C:\Intel [03/08/2020 10:09:26] - |DC| - [0] - C:\KPRM [10/09/2015 07:56:11] - |D| - [13975552] - C:\Logs [16/04/2020 18:09:57] - |DC| - [7950] - C:\MSI [25/10/2018 20:23:07] - |RHD| - [1054567396] - C:\MSOCache [03/02/2021 16:54:37] - |DC| - [1822272] - C:\nncqqevpzCC [30/01/2021 22:43:56] - |DC| - [1822272] - C:\nTwDDfEfvWi [MD5.D41D8CD98F00B204E9800998ECF8427E] - [26/07/2020 23:58:54] - |ASH| - (.-.) - [8429203456] - (0.0.0.0) - C:\pagefile.sys [07/12/2019 11:14:52] - |D| - [0] - C:\PerfLogs [07/12/2019 11:14:52] - |RD| - [72428742994] - C:\Program Files [07/12/2019 11:14:52] - |RD| - [9173659979] - C:\Program Files (x86) [07/12/2019 11:14:52] - |HD| - [10542249794] - C:\ProgramData [17/05/2021 14:25:26] - |DC| - [34] - C:\QuickDiag [MD5.1481ECB0343CD75C9350C2F2B20FFEB7] - [17/05/2021 14:25:37] - |AC| - (.-.) - [195380] - (0.0.0.0) - C:\QuickDiag.txt [27/07/2020 00:05:59] - |SHDC| - [0] - C:\Recovery [20/07/2020 23:10:28] - |DC| - [0] - C:\Riot Games [22/05/2019 00:46:24] - |RDC| - [136036776] - C:\Sandbox [MD5.D41D8CD98F00B204E9800998ECF8427E] - [26/07/2020 23:58:54] - |ASH| - (.-.) - [16777216] - (0.0.0.0) - C:\swapfile.sys [26/07/2019 15:02:50] - |DC| - [11558912] - C:\SYMBOLS [23/03/2018 10:36:01] - |SHD| - [0] - C:\System Volume Information [05/04/2020 13:55:57] - |HDC| - [7002856] - C:\temp [MD5.F2346AC7FD2E02FE376C0ADE075841BA] - [14/12/2019 07:48:22] - |AC| - (.Copyright 2014-2018 Epic Games, Inc. - UE4 Prerequisites (x64).) - [41562088] - (1.0.13.0) - C:\UE4PrereqSetup_x64.exe [07/12/2019 11:03:44] - |RD| - [53710710423] - C:\Users [13/09/2019 00:15:24] - |DC| - [0] - C:\Version [30/10/2019 22:02:58] - |DC| - [0] - C:\version.bin [17/02/2020 19:17:08] - |DC| - [1757096] - C:\VGjTHrzaxPqC [30/01/2021 22:59:22] - |DC| - [1822272] - C:\wbZiORU [07/12/2019 11:03:44] - |D| - [32803189998] - C:\Windows [06/08/2020 11:39:01] - |DC| - [1805728] - C:\XZYzXdrpcF [06/08/2020 11:58:02] - |DC| - [1805728] - C:\YSjbHM ---------- | C:\WINDOWS [07/12/2019 16:51:43] - |D| - [802] - C:\WINDOWS\addins [MD5.B5DB13FD0D898531A42C80A39E4F1004] - [16/05/2021 15:12:47] - |A| - (.-.) - [2201168] - (0.0.0.0) - C:\WINDOWS\ampa.exe [07/12/2019 11:14:52] - |D| - [20747083] - C:\WINDOWS\appcompat [07/12/2019 11:14:52] - |D| - [10240482] - C:\WINDOWS\apppatch [07/12/2019 11:14:52] - |D| - [0] - C:\WINDOWS\AppReadiness [07/12/2019 11:14:52] - |RSD| - [1982659799] - C:\WINDOWS\assembly [07/12/2019 11:14:52] - |D| - [785153] - C:\WINDOWS\bcastdvr [MD5.862251351EC170BB3BD59CB219491811] - [13/01/2021 02:48:50] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [77824] - (10.0.19041.746) - C:\WINDOWS\bfsvc.exe [07/12/2019 16:53:51] - |SHD| - [578547] - C:\WINDOWS\BitLockerDiscoveryVolumeContents [07/12/2019 11:14:52] - |D| - [40901996] - C:\WINDOWS\Boot [MD5.6CB844F1ECB3F78691996B73817D412A] - [27/07/2020 00:55:00] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat.dat [07/12/2019 11:14:52] - |D| - [2458640] - C:\WINDOWS\Branding [07/12/2019 11:03:44] - |D| - [0] - C:\WINDOWS\CbsTemp [07/12/2019 11:14:52] - |D| - [65853228] - C:\WINDOWS\Containers [23/03/2018 10:38:16] - |D| - [0] - C:\WINDOWS\CSC [07/12/2019 11:14:52] - |D| - [11501377] - C:\WINDOWS\Cursors [MD5.D51EA7FE5A74E919E5DF9CD55EBFC1A7] - [16/05/2021 15:12:50] - |A| - (.-.) - [1305680] - (0.0.0.0) - C:\WINDOWS\ddmmain.exe [07/12/2019 11:14:52] - |D| - [1855437] - C:\WINDOWS\debug [MD5.0E359EF178B73AAAE2C6D6AC11B4FE15] - [27/07/2020 00:05:42] - |A| - (.-.) - [11433] - (0.0.0.0) - C:\WINDOWS\diagerr.xml [07/12/2019 11:14:52] - |D| - [4281458] - C:\WINDOWS\diagnostics [07/12/2019 11:14:52] - |D| - [1701843] - C:\WINDOWS\DiagTrack [MD5.0E359EF178B73AAAE2C6D6AC11B4FE15] - [27/07/2020 00:05:42] - |A| - (.-.) - [11433] - (0.0.0.0) - C:\WINDOWS\diagwrn.xml [07/12/2019 16:50:20] - |D| - [0] - C:\WINDOWS\DigitalLocker [07/12/2019 11:14:52] - |SD| - [65] - C:\WINDOWS\Downloaded Program Files [07/12/2019 11:14:52] - |HD| - [66600] - C:\WINDOWS\ELAMBKUP [02/05/2018 21:46:48] - |D| - [116936] - C:\WINDOWS\en [07/12/2019 16:50:20] - |D| - [98816] - C:\WINDOWS\en-US [MD5.B4A06F510852291734D8B0ADED65818B] - [07/04/2020 17:14:38] - |A| - (.Copyright 2000-2007, eSellerate Inc. - eSellerateEngine.) - [360580] - (3.6.5.0) - C:\WINDOWS\eSellerateEngine.dll [MD5.F5883F210AF1795C1868AE570FCB7185] - [14/05/2021 03:31:49] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4826160] - (10.0.19041.964) - C:\WINDOWS\explorer.exe [07/12/2019 11:14:52] - |RSD| - [420361438] - C:\WINDOWS\Fonts [07/12/2019 16:50:20] - |D| - [111616] - C:\WINDOWS\fr-FR [07/12/2019 11:14:52] - |D| - [0] - C:\WINDOWS\GameBarPresenceWriter [07/12/2019 11:14:52] - |D| - [75077612] - C:\WINDOWS\Globalization [07/12/2019 11:14:52] - |D| - [1893706] - C:\WINDOWS\Help [MD5.86AE3BE50DF246C646DA76E7223A968E] - [14/04/2021 01:53:21] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [1076736] - (10.0.19041.906) - C:\WINDOWS\HelpPane.exe [MD5.2C8FE78D53C8CA27523A71DFD2938241] - [07/12/2019 11:09:39] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [18432] - (10.0.19041.1) - C:\WINDOWS\hh.exe [07/12/2019 11:14:52] - |D| - [30327] - C:\WINDOWS\IdentityCRL [07/12/2019 11:14:52] - |D| - [28825030] - C:\WINDOWS\IME [07/12/2019 11:14:52] - |RD| - [8172248] - C:\WINDOWS\ImmersiveControlPanel [07/12/2019 11:13:02] - |D| - [79661221] - C:\WINDOWS\INF [12/04/2018 01:38:21] - |D| - [0] - C:\WINDOWS\InfusedApps [07/12/2019 11:14:52] - |D| - [38193580] - C:\WINDOWS\InputMethod [07/12/2019 11:14:52] - |SHDC| - [5032891404] - C:\WINDOWS\Installer [15/03/2020 04:40:41] - |D| - [115406414] - C:\WINDOWS\jre [07/12/2019 11:14:52] - |D| - [109650] - C:\WINDOWS\L2Schemas [07/12/2019 11:14:52] - |HD| - [0] - C:\WINDOWS\LanguageOverlayCache [07/12/2019 11:14:52] - |D| - [526233600] - C:\WINDOWS\LiveKernelReports [07/12/2019 11:14:52] - |D| - [119147366] - C:\WINDOWS\Logs [07/12/2019 11:14:52] - |RSD| - [20094600] - C:\WINDOWS\Media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [07/12/2019 11:08:58] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\WINDOWS\mib.bin [07/12/2019 11:14:52] - |RD| - [866588523] - C:\WINDOWS\Microsoft.NET [07/12/2019 11:14:52] - |D| - [3323] - C:\WINDOWS\Migration [07/09/2020 13:18:23] - |D| - [0] - C:\WINDOWS\Minidump [07/12/2019 11:14:52] - |D| - [0] - C:\WINDOWS\ModemLogs [18/02/2019 18:48:15] - |D| - [40960] - C:\WINDOWS\MRLH [MD5.423D3ADE2F14572C5BD5F546973EB493] - [13/01/2021 02:50:09] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [202240] - (10.0.19041.746) - C:\WINDOWS\notepad.exe [07/12/2019 16:52:32] - |D| - [419226] - C:\WINDOWS\OCR [07/12/2019 11:14:52] - |RD| - [65] - C:\WINDOWS\Offline Web Pages [27/12/2020 02:58:25] - |D| - [288231] - C:\WINDOWS\Panther [07/12/2019 11:14:52] - |D| - [416695] - C:\WINDOWS\Performance [MD5.595377D5F393CB7154E26129569093DE] - [03/01/2019 21:41:49] - |A| - (.-.) - [325206] - (0.0.0.0) - C:\WINDOWS\PFRO.log [07/12/2019 11:14:52] - |D| - [1283900] - C:\WINDOWS\PLA [07/12/2019 11:14:52] - |D| - [10282960] - C:\WINDOWS\PolicyDefinitions [26/07/2020 23:58:52] - |D| - [514357] - C:\WINDOWS\Prefetch [07/12/2019 11:14:52] - |RD| - [2234382] - C:\WINDOWS\PrintDialog [MD5.C186EF70E6825D333E0077831C58BAAA] - [07/12/2019 16:54:16] - |A| - (.-.) - [30831] - (0.0.0.0) - C:\WINDOWS\Professional.xml [MD5.09394999ADB19901C665454EE964B13C] - [23/03/2018 19:04:37] - |A| - (.-.) - [36] - (0.0.0.0) - C:\WINDOWS\progress.ini [07/12/2019 11:14:52] - |D| - [6016999] - C:\WINDOWS\Provisioning [25/08/2019 21:03:48] - |D| - [106496] - C:\WINDOWS\pss [MD5.D9CBE9D6914CF0EA6F1A3CB217E3B75C] - [25/03/2019 21:28:04] - |A| - (.Copyright © 2001-2016 Python Software Foundation. Copyright © 2000 BeOpen.com. Copyright © 1995-2001 CNRI. Copyright © 1991-1995 SMC. - Python.) - [907792] - (3.7.3150.1013) - C:\WINDOWS\py.exe [MD5.B606E3224774596569B87F6A4A11AB08] - [25/03/2019 21:30:38] - |A| - (.Copyright © 2001-2016 Python Software Foundation. Copyright © 2000 BeOpen.com. Copyright © 1995-2001 CNRI. Copyright © 1991-1995 SMC. - Python.) - [60944] - (3.7.3150.1013) - C:\WINDOWS\pyshellext.amd64.dll [MD5.DC0FCC514A8BDFFC2F4F7022BEC7E600] - [25/03/2019 21:28:04] - |A| - (.Copyright © 2001-2016 Python Software Foundation. Copyright © 2000 BeOpen.com. Copyright © 1995-2001 CNRI. Copyright © 1991-1995 SMC. - Python.) - [908304] - (3.7.3150.1013) - C:\WINDOWS\pyw.exe [MD5.999A30979F6195BF562068639FFC4426] - [13/01/2021 02:49:45] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [370176] - (10.0.19041.746) - C:\WINDOWS\regedit.exe [07/12/2019 11:14:52] - |D| - [1117876] - C:\WINDOWS\registration [07/12/2019 16:53:51] - |D| - [0] - C:\WINDOWS\RemotePackages [07/12/2019 11:14:52] - |D| - [13909840] - C:\WINDOWS\rescache [07/12/2019 11:14:52] - |D| - [4565847] - C:\WINDOWS\Resources [MD5.77B3E32A87FD7158182F039CBB9EA767] - [08/08/2019 05:53:19] - |A| - (.-.) - [1800] - (0.0.0.0) - C:\WINDOWS\Sandboxie.ini [07/12/2019 11:14:52] - |D| - [0] - C:\WINDOWS\SchCache [07/12/2019 11:14:52] - |D| - [195539] - C:\WINDOWS\schemas [07/12/2019 11:14:52] - |D| - [1158977] - C:\WINDOWS\security [27/07/2020 00:54:41] - |D| - [475860009] - C:\WINDOWS\ServiceProfiles [07/12/2019 11:14:52] - |D| - [4096] - C:\WINDOWS\ServiceState [07/12/2019 11:03:44] - |D| - [2845557112] - C:\WINDOWS\servicing [07/12/2019 11:18:25] - |D| - [34807] - C:\WINDOWS\Setup [MD5.86EF76081AF2ADB0C50F6A3C31F4C26A] - [08/05/2021 07:26:51] - |A| - (.-.) - [704] - (0.0.0.0) - C:\WINDOWS\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [08/05/2021 07:26:51] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\setuperr.log [07/12/2019 11:14:52] - |D| - [5500416] - C:\WINDOWS\ShellComponents [07/12/2019 11:14:52] - |D| - [39474176] - C:\WINDOWS\ShellExperiences [25/10/2018 20:23:17] - |D| - [96114] - C:\WINDOWS\SHELLNEW [07/12/2019 11:14:52] - |D| - [6828144] - C:\WINDOWS\SKB [27/07/2020 01:03:42] - |D| - [715797824] - C:\WINDOWS\SoftwareDistribution [23/03/2018 10:38:12] - |D| - [74482033] - C:\WINDOWS\SoftwareDistribution.old [07/12/2019 11:14:52] - |D| - [86040257] - C:\WINDOWS\Speech [07/12/2019 11:14:52] - |D| - [116961176] - C:\WINDOWS\Speech_OneCore [MD5.D037F0B45155C32F25C26937A30C809B] - [13/01/2021 02:48:51] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [136192] - (10.0.19041.746) - C:\WINDOWS\splwow64.exe [MD5.2664EEEE55F34BC4FAAA8EE41393D2CD] - [31/07/2015 00:25:21] - |A| - (.-.) - [31856] - (0.0.0.0) - C:\WINDOWS\Starter.xml [07/12/2019 11:14:52] - |D| - [2257535] - C:\WINDOWS\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [31/07/2015 00:42:09] - |A| - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\system.ini [07/12/2019 11:03:44] - |D| - [6431386123] - C:\WINDOWS\System32 [07/12/2019 11:14:52] - |D| - [151194823] - C:\WINDOWS\SystemApps [07/12/2019 11:14:52] - |D| - [160540721] - C:\WINDOWS\SystemResources [07/12/2019 11:14:52] - |D| - [1306749501] - C:\WINDOWS\SysWOW64 [07/12/2019 11:14:52] - |D| - [0] - C:\WINDOWS\TAPI [07/12/2019 11:14:52] - |D| - [6] - C:\WINDOWS\Tasks [07/12/2019 11:14:52] - |D| - [45390839] - C:\WINDOWS\Temp [19/03/2019 06:52:46] - |D| - [13786112] - C:\WINDOWS\TextInput [07/12/2019 11:14:52] - |D| - [0] - C:\WINDOWS\tracing [07/12/2019 11:14:52] - |D| - [16484842] - C:\WINDOWS\twain_32 [MD5.AFE119DD4E17891B227684F38AA25D4D] - [07/12/2019 11:10:00] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [65024] - (1.7.1.3) - C:\WINDOWS\twain_32.dll [22/08/2018 22:07:19] - |D| - [355] - C:\WINDOWS\Ubisoft [MD5.AA7F5022A9DBEE09D19D4FECA961B583] - [19/05/2020 03:36:33] - |A| - (.-.) - [10830] - (0.0.0.0) - C:\WINDOWS\unins000.dat [MD5.20BE63B78503A4EB235E0852163D38D9] - [19/05/2020 03:36:33] - |A| - (.- Setup/Uninstall.) - [1207319] - (51.1052.0.0) - C:\WINDOWS\unins000.exe [24/03/2018 08:06:37] - |D| - [0] - C:\WINDOWS\UpdateAssistant [MD5.55A54008AD1BA589AA210D2629C1DF41] - [07/05/2020 11:14:28] - |A| - (.-.) - [1] - (0.0.0.0) - C:\WINDOWS\vgkbootstatus.dat [07/12/2019 11:14:52] - |D| - [12420] - C:\WINDOWS\Vss [07/12/2019 11:14:52] - |D| - [33188] - C:\WINDOWS\WaaS [07/12/2019 11:14:52] - |D| - [16568315] - C:\WINDOWS\Web [27/07/2020 00:49:26] - |RD| - [1250343] - C:\WINDOWS\WebManagement [MD5.DAA6AAD525D12F8985695B882301336F] - [31/07/2015 00:42:09] - |A| - (.-.) - [167] - (0.0.0.0) - C:\WINDOWS\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [07/12/2019 11:09:09] - |RAH| - (.-.) - [670] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest [MD5.2CC83D93DD1DDE691158CF5E9882420B] - [05/05/2021 01:49:31] - |A| - (.-.) - [276] - (0.0.0.0) - C:\WINDOWS\WindowsUpdate.log [MD5.0629E6D130F226C009EA9AB329F37ACC] - [07/12/2019 11:10:00] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [11776] - (10.0.19041.1) - C:\WINDOWS\winhlp32.exe [27/07/2020 01:02:15] - |D| - [0] - C:\WINDOWS\Winstore [07/12/2019 11:03:44] - |D| - [10756542303] - C:\WINDOWS\WinSxS [MD5.907AE50A03DEEC4CFFDC70EA3D5AD4D8] - [31/03/2014 21:34:22] - |A| - (.© 2012 Microsoft Corporation. - Photo Gallery Screen Saver.) - [322248] - (16.4.3528.331) - C:\WINDOWS\WLXPGSS.SCR [MD5.EA3ECB92A2EA3A42273CB3B308CA1A5B] - [12/02/2021 21:16:01] - |A| - (.-.) - [156910] - (0.0.0.0) - C:\WINDOWS\WMSysPr8.prx [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [07/12/2019 11:10:11] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx [MD5.B947CCA7F485F6C1156F4D02E8C9874F] - [07/12/2019 16:52:57] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.19041.1) - C:\WINDOWS\write.exe [MD5.C82DE0BC9A3A08E351B9BFA960F8757A] - [03/11/2019 20:18:54] - |A| - (.Copyright (c) 2006-2013 Wellbia.com Co., Ltd. - XIGNCODE3 System Guard.) - [74552] - (3.4.2.150) - C:\WINDOWS\xhunter1.sys ---------- | C:\WINDOWS\System32\GroupPolicy [05/02/2021 14:02:43] - |D| - [8] - C:\WINDOWS\System32\GroupPolicy\Machine [04/09/2019 02:15:37] - |D| - [0] - C:\WINDOWS\System32\GroupPolicy\User ---------- | Systemroot\System [19/05/2020 03:36:33] - |A| - [210944] - C:\WINDOWS\System\msvcrt10.dll () - () [19/05/2020 03:36:33] - |A| - [53248] - C:\WINDOWS\System\plugin.dll (© 1990-2002 Adobe Systems Inc.) - (Photoshop Plugin Utilities) [19/05/2020 03:36:33] - |A| - [935632] - C:\WINDOWS\System\vb40016.dll (Copyright © 1987-1995 Microsoft Corp.) - (Visual Basic 4.0 runtime library) [19/05/2020 03:36:33] - |A| - [271264] - C:\WINDOWS\System\vbrun100.dll () - () [19/05/2020 03:36:33] - |A| - [356992] - C:\WINDOWS\System\vbrun200.dll (Copyright © 1987-1992 Microsoft Corp) - (Visual Basic 2.0 runtime library) [19/05/2020 03:36:33] - |A| - [398416] - C:\WINDOWS\System\vbrun300.dll (Copyright © 1987-1993 Microsoft Corp) - (Visual Basic 3.0 runtime library) ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [09/10/2018 23:30:00] - C:\WINDOWS\Installer\16ede5ae.msi : (Prerequisites - Prince of Codes) [Header ok : D0CF11E0A1B11AE10000000000000000] [25/03/2019 21:30:46] - C:\WINDOWS\Installer\17853c7.msi : (Python Launcher - Python Software Foundation) [Header ok : D0CF11E0A1B11AE10000000000000000] [30/12/2019 12:44:28] - C:\WINDOWS\Installer\195cebd0.msi : (NBTExplorer - Justin Aquadro) [Header ok : D0CF11E0A1B11AE10000000000000000] [12/06/2016 23:54:22] - C:\WINDOWS\Installer\1964932.msi : (Resanance - WasntAFairFight) [Header ok : D0CF11E0A1B11AE10000000000000000] [12/06/2017 23:06:35] - C:\WINDOWS\Installer\1a9c334e.msi : (MSVCRT Redists - MAGIX Computer Products Intl. Co.) [Header ok : D0CF11E0A1B11AE10000000000000000] [24/06/2018 18:28:18] - C:\WINDOWS\Installer\1a9c3356.msi : (VEGAS Pro 14.0 (64-bit) - VEGAS) [Header ok : D0CF11E0A1B11AE10000000000000000] [05/01/2016 01:17:55] - C:\WINDOWS\Installer\1ca5eec3.msi : (MorphVOX Pro - Screaming Bee Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [08/12/2015 16:43:26] - C:\WINDOWS\Installer\2102ba98.msi : (Apple Software Update Installer - Apple Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [04/02/2021 13:39:50] - C:\WINDOWS\Installer\2af41a1.msi : (LogMeIn Hamachi Installer - LogMeIn, Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [23/07/2018 14:01:17] - C:\WINDOWS\Installer\2cb90f9f.msi : (XSplit Broadcaster - SplitmediaLabs) [Header ok : D0CF11E0A1B11AE10000000000000000] [28/03/2021 12:41:09] - C:\WINDOWS\Installer\2f247.msi : (Nefarius Virtual Gamepad Emulation Bus Driver - Nefarius Software Solutions e.U.) [Header ok : D0CF11E0A1B11AE10000000000000000] [01/05/2018 14:23:31] - C:\WINDOWS\Installer\3b9436.msi : (Minecraft - Mojang) [Header ok : D0CF11E0A1B11AE10000000000000000] [21/06/2018 11:06:10] - C:\WINDOWS\Installer\3bc5e.msi : ( - ASUSTeK COMPUTER INC.) [Header ok : D0CF11E0A1B11AE10000000000000000] [04/09/2019 04:07:28] - C:\WINDOWS\Installer\3bc61.msi : ( - ASUSTeK COMPUTER INC.) [Header ok : D0CF11E0A1B11AE10000000000000000] [28/04/2021 20:57:37] - C:\WINDOWS\Installer\498b785f.msi : (Java Auto Updater - Oracle Corporation) [Header ok : D0CF11E0A1B11AE10000000000000000] [08/08/2019 08:41:13] - C:\WINDOWS\Installer\55c944.msi : (Progress® Telerik® JustDecompile 2019.1.118.0 Installer - Telerik) [Header ok : D0CF11E0A1B11AE10000000000000000] [13/10/2018 18:08:01] - C:\WINDOWS\Installer\62742bb.msi : (WrestlePlus - Pozzum) [Header ok : D0CF11E0A1B11AE10000000000000000] [11/02/2014 20:08:06] - C:\WINDOWS\Installer\63a8a1c.msi : (R.A.T.TE - Mad Catz Inc) [Header ok : D0CF11E0A1B11AE10000000000000000] [14/06/2016 14:44:32] - C:\WINDOWS\Installer\75b94ae.msi : (Fantasy Voices Installer - Screaming Bee Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [12/06/2008 12:04:10] - C:\WINDOWS\Installer\854394f.msi : (ADOBER~1.0|Adobe Reader 9 - Adobe Systems Incorporated) [Header ok : D0CF11E0A1B11AE10000000000000000] [25/05/2019 20:40:12] - C:\WINDOWS\Installer\bdafd2.msi : (Minecraft Launcher - Mojang) [Header ok : D0CF11E0A1B11AE10000000000000000] [12/12/2017 05:24:08] - C:\WINDOWS\Installer\cb9af8b.msi : (OpenOffice 4.1.5 - OpenOffice) [Header ok : D0CF11E0A1B11AE10000000000000000] [16/01/2017 15:54:46] - C:\WINDOWS\Installer\d1ff355.msi : (Python 3.5.3 Core Interpreter (32-bit) - Python Software Foundation) [Header ok : D0CF11E0A1B11AE10000000000000000] [16/01/2017 15:55:06] - C:\WINDOWS\Installer\d1ff35c.msi : (Python 3.5.3 Development Libraries (32-bit) - Python Software Foundation) [Header ok : D0CF11E0A1B11AE10000000000000000] [16/01/2017 15:55:20] - C:\WINDOWS\Installer\d1ff363.msi : (Python 3.5.3 Executables (32-bit) - Python Software Foundation) [Header ok : D0CF11E0A1B11AE10000000000000000] [16/01/2017 15:56:34] - C:\WINDOWS\Installer\d1ff36a.msi : (Python 3.5.3 Standard Library (32-bit) - Python Software Foundation) [Header ok : D0CF11E0A1B11AE10000000000000000] [16/01/2017 15:58:46] - C:\WINDOWS\Installer\d1ff371.msi : (Python 3.5.3 Test Suite (32-bit) - Python Software Foundation) [Header ok : D0CF11E0A1B11AE10000000000000000] [16/01/2017 15:55:16] - C:\WINDOWS\Installer\d1ff378.msi : (Python 3.5.3 Documentation (32-bit) - Python Software Foundation) [Header ok : D0CF11E0A1B11AE10000000000000000] [16/01/2017 15:59:00] - C:\WINDOWS\Installer\d1ff37f.msi : (Python 3.5.3 Utility Scripts (32-bit) - Python Software Foundation) [Header ok : D0CF11E0A1B11AE10000000000000000] [16/01/2017 15:57:30] - C:\WINDOWS\Installer\d1ff386.msi : (Python 3.5.3 Tcl/Tk Support (32-bit) - Python Software Foundation) [Header ok : D0CF11E0A1B11AE10000000000000000] [16/01/2017 15:57:06] - C:\WINDOWS\Installer\d1ff38d.msi : (Python 3.5.3 pip Bootstrap (32-bit) - Python Software Foundation) [Header ok : D0CF11E0A1B11AE10000000000000000] [16/01/2017 15:57:02] - C:\WINDOWS\Installer\d1ff394.msi : (Python 3.5.3 Add to Path (32-bit) - Python Software Foundation) [Header ok : D0CF11E0A1B11AE10000000000000000] [29/01/2020 14:21:46] - C:\WINDOWS\Installer\eb01be0.msi : (UE4 Prerequisites (x64) - Epic Games, Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [24/07/2020 13:44:18] - [753664] - (.().-. - ()) - C:\WINDOWS\Installer\10538565.msp [24/07/2020 13:43:50] - [761856] - (.().-. - ()) - C:\WINDOWS\Installer\1053856e.msp [17/07/2020 20:17:18] - [18599936] - (.().-. - ()) - C:\WINDOWS\Installer\14a6811e.msp [25/03/2020 20:01:16] - [7880704] - (.().-. - ()) - C:\WINDOWS\Installer\19a261.msp [15/02/2019 17:37:00] - [2928640] - (.().-. - ()) - C:\WINDOWS\Installer\1dc34274.msp [15/02/2019 17:37:42] - [1355776] - (.().-. - ()) - C:\WINDOWS\Installer\1dc342a5.msp [14/10/2020 14:21:08] - [1503232] - (.().-. - ()) - C:\WINDOWS\Installer\2145fd8e.msp [14/10/2020 14:11:14] - [3596288] - (.().-. - ()) - C:\WINDOWS\Installer\2145fdf1.msp [28/06/2011 22:27:28] - [4028928] - (.().-. - ()) - C:\WINDOWS\Installer\227486bb.msp [16/11/2020 19:09:02] - [8949760] - (.().-. - ()) - C:\WINDOWS\Installer\410ee6b.msp [16/11/2020 19:16:08] - [17825792] - (.().-. - ()) - C:\WINDOWS\Installer\410ee83.msp [16/11/2020 19:07:58] - [1880064] - (.().-. - ()) - C:\WINDOWS\Installer\410eec8.msp [28/06/2013 05:36:48] - [11634176] - (.().-. - ()) - C:\WINDOWS\Installer\5221f5.msp [28/06/2013 04:57:48] - [6578688] - (.().-. - ()) - C:\WINDOWS\Installer\522208.msp [28/06/2013 05:29:22] - [1220096] - (.().-. - ()) - C:\WINDOWS\Installer\522388.msp [28/06/2013 05:44:04] - [2466304] - (.().-. - ()) - C:\WINDOWS\Installer\522395.msp [28/06/2013 05:14:16] - [17591808] - (.().-. - ()) - C:\WINDOWS\Installer\5223a3.msp [28/06/2013 04:45:06] - [15785984] - (.().-. - ()) - C:\WINDOWS\Installer\5223c8.msp [28/06/2013 04:52:32] - [1220096] - (.().-. - ()) - C:\WINDOWS\Installer\52241e.msp [28/06/2013 05:24:56] - [15849472] - (.().-. - ()) - C:\WINDOWS\Installer\52242c.msp [28/06/2013 05:42:24] - [15716864] - (.().-. - ()) - C:\WINDOWS\Installer\522437.msp [28/06/2013 05:04:24] - [5651456] - (.().-. - ()) - C:\WINDOWS\Installer\522464.msp [28/06/2013 05:25:06] - [3651584] - (.().-. - ()) - C:\WINDOWS\Installer\5224b7.msp [28/06/2013 05:31:54] - [6607872] - (.().-. - ()) - C:\WINDOWS\Installer\5224c9.msp [28/06/2013 05:31:26] - [11771392] - (.().-. - ()) - C:\WINDOWS\Installer\5224d8.msp [14/08/2013 03:42:00] - [27648] - (.().-. - ()) - C:\WINDOWS\Installer\5224ef.msp [24/07/2013 09:21:48] - [1097728] - (.().-. - ()) - C:\WINDOWS\Installer\522520.msp [14/08/2013 03:37:10] - [390144] - (.().-. - ()) - C:\WINDOWS\Installer\522538.msp [07/09/2013 00:07:02] - [11534336] - (.().-. - ()) - C:\WINDOWS\Installer\5225b6.msp [25/10/2013 18:42:58] - [1649664] - (.().-. - ()) - C:\WINDOWS\Installer\5225ce.msp [18/12/2013 19:07:20] - [2656256] - (.().-. - ()) - C:\WINDOWS\Installer\5225f4.msp [18/12/2013 19:07:08] - [18188288] - (.().-. - ()) - C:\WINDOWS\Installer\52265a.msp [17/04/2014 17:09:20] - [1133568] - (.().-. - ()) - C:\WINDOWS\Installer\5226be.msp [03/10/2014 18:01:22] - [449024] - (.().-. - ()) - C:\WINDOWS\Installer\5249a92.msp [12/11/2014 01:00:14] - [1543168] - (.().-. - ()) - C:\WINDOWS\Installer\5249aaa.msp [12/11/2014 00:59:58] - [2994688] - (.().-. - ()) - C:\WINDOWS\Installer\5249ac5.msp [17/02/2015 18:43:02] - [1053696] - (.().-. - ()) - C:\WINDOWS\Installer\5249b11.msp [17/02/2015 18:43:46] - [905728] - (.().-. - ()) - C:\WINDOWS\Installer\5249b1b.msp [23/03/2015 00:32:02] - [949248] - (.().-. - ()) - C:\WINDOWS\Installer\5249b50.msp [23/03/2015 00:31:58] - [885248] - (.().-. - ()) - C:\WINDOWS\Installer\5249b67.msp [14/05/2015 17:09:16] - [1469952] - (.().-. - ()) - C:\WINDOWS\Installer\5249bbe.msp [24/06/2015 02:19:12] - [2925056] - (.().-. - ()) - C:\WINDOWS\Installer\5249bd6.msp [16/07/2015 09:20:48] - [1110528] - (.().-. - ()) - C:\WINDOWS\Installer\5249bee.msp [16/07/2015 09:19:40] - [387584] - (.().-. - ()) - C:\WINDOWS\Installer\5249c06.msp [13/08/2015 07:16:46] - [298496] - (.().-. - ()) - C:\WINDOWS\Installer\5249c27.msp [05/09/2015 00:34:06] - [534016] - (.().-. - ()) - C:\WINDOWS\Installer\5249c3f.msp [05/09/2015 00:32:46] - [5976064] - (.().-. - ()) - C:\WINDOWS\Installer\5249c58.msp [14/10/2015 10:45:46] - [83456] - (.().-. - ()) - C:\WINDOWS\Installer\5249c79.msp [11/12/2015 16:05:58] - [978432] - (.().-. - ()) - C:\WINDOWS\Installer\5249caf.msp [09/02/2016 23:45:14] - [336384] - (.().-. - ()) - C:\WINDOWS\Installer\5249ce9.msp [09/02/2016 23:44:16] - [5276160] - (.().-. - ()) - C:\WINDOWS\Installer\5249d03.msp [17/05/2016 18:56:42] - [2978304] - (.().-. - ()) - C:\WINDOWS\Installer\5249d25.msp [17/05/2016 18:56:04] - [4758016] - (.().-. - ()) - C:\WINDOWS\Installer\5249d3f.msp [12/07/2016 22:26:00] - [594432] - (.().-. - ()) - C:\WINDOWS\Installer\5249d60.msp [12/07/2016 22:25:18] - [13164544] - (.().-. - ()) - C:\WINDOWS\Installer\5249d84.msp [12/07/2016 22:25:28] - [588288] - (.().-. - ()) - C:\WINDOWS\Installer\5249d97.msp [05/06/2017 16:00:28] - [468992] - (.().-. - ()) - C:\WINDOWS\Installer\5249ddf.msp [05/06/2017 16:14:00] - [13250048] - (.().-. - ()) - C:\WINDOWS\Installer\5249def.msp [05/06/2017 16:14:14] - [13788160] - (.().-. - ()) - C:\WINDOWS\Installer\5249dff.msp [05/06/2017 16:14:20] - [8766464] - (.().-. - ()) - C:\WINDOWS\Installer\5249e0e.msp [05/06/2017 16:14:02] - [9611264] - (.().-. - ()) - C:\WINDOWS\Installer\5249e1e.msp [05/06/2017 16:13:24] - [4305408] - (.().-. - ()) - C:\WINDOWS\Installer\5249e28.msp [25/08/2017 18:58:18] - [619008] - (.().-. - ()) - C:\WINDOWS\Installer\5249e35.msp [25/08/2017 18:57:50] - [619008] - (.().-. - ()) - C:\WINDOWS\Installer\5249e42.msp [27/08/2017 12:25:28] - [638976] - (.().-. - ()) - C:\WINDOWS\Installer\5249e5a.msp [31/12/2017 17:25:38] - [9728] - (.().-. - ()) - C:\WINDOWS\Installer\5249e68.msp [31/12/2017 17:23:50] - [9728] - (.().-. - ()) - C:\WINDOWS\Installer\5249e71.msp [27/06/2018 09:11:14] - [1417216] - (.().-. - ()) - C:\WINDOWS\Installer\5249f35.msp [26/06/2018 13:14:54] - [2527232] - (.().-. - ()) - C:\WINDOWS\Installer\5249f5d.msp [28/08/2018 16:08:26] - [237568] - (.().-. - ()) - C:\WINDOWS\Installer\5249f8c.msp [20/10/2018 15:18:40] - [774144] - (.().-. - ()) - C:\WINDOWS\Installer\5249fa4.msp [30/11/2018 14:32:46] - [2023424] - (.().-. - ()) - C:\WINDOWS\Installer\5249fd4.msp [18/12/2018 10:48:32] - [847872] - (.().-. - ()) - C:\WINDOWS\Installer\524a024.msp [28/12/2018 21:30:46] - [380928] - (.().-. - ()) - C:\WINDOWS\Installer\524a038.msp [28/12/2018 21:31:10] - [425984] - (.().-. - ()) - C:\WINDOWS\Installer\524a048.msp [22/01/2019 17:39:00] - [7778304] - (.().-. - ()) - C:\WINDOWS\Installer\524a0cc.msp [22/01/2019 17:39:08] - [3702784] - (.().-. - ()) - C:\WINDOWS\Installer\524a11d.msp [18/06/2019 14:52:28] - [5652480] - (.().-. - ()) - C:\WINDOWS\Installer\539e946.msp [19/05/2013 09:44:32] - [5496832] - (.().-. - ()) - C:\WINDOWS\Installer\5af3aff.msp [17/06/2015 16:23:30] - [432128] - (.().-. - ()) - C:\WINDOWS\Installer\5b4fce.msp [05/06/2017 16:14:30] - [6406656] - (.().-. - ()) - C:\WINDOWS\Installer\5b50c5.msp [12/07/2016 22:24:40] - [3458560] - (.().-. - ()) - C:\WINDOWS\Installer\5b99d81.msp [18/06/2019 14:53:26] - [1900544] - (.().-. - ()) - C:\WINDOWS\Installer\5ea0b.msp [18/06/2019 14:53:00] - [1875968] - (.().-. - ()) - C:\WINDOWS\Installer\5ea14.msp [14/03/2019 11:49:40] - [425984] - (.().-. - ()) - C:\WINDOWS\Installer\a705b70.msp ---------- | %System%\*.in* [07/12/2019 11:09:39] - [3329] - C:\WINDOWS\System32\ieuinit.inf [27/07/2020 00:10:07] - [1775142] - C:\WINDOWS\System32\PerfStringBackup.INI [07/12/2019 11:09:05] - [60124] - C:\WINDOWS\System32\tcpmon.ini [07/12/2019 11:08:46] - [2404] - C:\WINDOWS\System32\WimBootCompress.ini [07/12/2019 11:10:00] - [3329] - C:\WINDOWS\Syswow64\ieuinit.inf [04/10/2018 15:11:59] - [1795012] - C:\WINDOWS\Syswow64\PerfStringBackup.INI [07/12/2019 11:09:22] - [2404] - C:\WINDOWS\Syswow64\WimBootCompress.ini ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\AppPatch\Custom\Custom64 [MD5.5AD96B87B9DBD4BF1823842B0FE1F85A] - |A| - [25/08/2019 21:03:48] - (.-.) - [40 Ko] - (0.0.0.0) - C:\WINDOWS\PSS\boot.backup [MD5.7065830F99FC3EE77115786496D1D9F8] - |ASH| - [25/08/2019 21:03:48] - (.-.) - [64 Ko] - (0.0.0.0) - C:\WINDOWS\PSS\boot.backup.LOG [MD5.D41D8CD98F00B204E9800998ECF8427E] - |ASH| - [25/08/2019 21:03:48] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\PSS\boot.backup.LOG1 [MD5.D41D8CD98F00B204E9800998ECF8427E] - |ASH| - [25/08/2019 21:03:48] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\PSS\boot.backup.LOG2 [MD5.5199ADE1CB30F5D445E8DD8E70A93820] - |A| - [11/05/2021 21:16:40] - (.-.) - [1667.46 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\.unicode_cache_11a31789.dat [MD5.00000000000000000000000000000000] - |D| - [15/05/2021 01:23:08] - [0 Ko] - C:\WINDOWS\Temp\72576AFC-FCF7-4BDD-BB94-E55CDF4D567B-Sigs [MD5.975A017857027E8B79E51D749896004E] - |A| - [05/02/2021 11:08:13] - (.-.) - [6630.89 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc.log [MD5.374EBA14F76DDD82978B08A42D116022] - |A| - [08/04/2021 11:35:48] - (.-.) - [17.32 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\catalog.json [MD5.4E9AF33BC02136ED24D0069210CD84D3] - |A| - [12/05/2021 23:38:35] - (.-.) - [13.96 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\chrome_installer.log [MD5.809210C505346449876479C4AC99DEF5] - |A| - [15/05/2021 03:26:57] - (.-.) - [12.33 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CompatibilityList.xml [MD5.00000000000000000000000000000000] - |D| - [12/05/2021 23:38:35] - [0.04 Ko] - C:\WINDOWS\Temp\Crashpad [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [15/05/2021 03:03:35] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\FXSAPIDebugLogFile.txt [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [15/05/2021 03:03:34] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\FXSTIFFDebugLogFile.txt [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [17/05/2021 08:16:00] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-13624.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [16/05/2021 05:37:38] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-1464.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [13/05/2021 16:14:31] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-14732.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [10/05/2021 12:14:32] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-14864.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [14/05/2021 23:18:10] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-14888.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [12/05/2021 15:14:31] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-15156.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [14/05/2021 17:14:31] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-1660.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [11/05/2021 14:14:31] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-17132.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [16/05/2021 05:37:38] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-8480.log [MD5.A6938E293B0B95BD9412E273EB8746EE] - |A| - [14/05/2021 03:20:42] - (.-.) - [34.95 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.408_(x64)_20210514032042.log [MD5.F5CD093F171627AA29BEB692487F6496] - |A| - [14/05/2021 03:20:43] - (.-.) - [307.13 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.408_(x64)_20210514032042_000_AspNetCoreSharedFramework_x64.log [MD5.400513568F1D5A528D6DF5AACF3527DC] - |A| - [14/05/2021 03:20:44] - (.-.) - [2946.36 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.408_(x64)_20210514032042_001_dotnet_sdk_internal_3.1.408_win_x64.msi.log [MD5.C726EE7A57C71177364522FD24423FE4] - |A| - [14/05/2021 03:20:51] - (.-.) - [97.28 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.408_(x64)_20210514032042_002_dotnet_31templates_3.1.408_servicing_015681_win_x64.msi.log [MD5.030F3EA7B7643BF8AF200DB51315073F] - |A| - [14/05/2021 03:20:52] - (.-.) - [96.92 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.408_(x64)_20210514032042_003_dotnet_apphost_pack_3.1.14_win_x64_arm64.msi.log [MD5.FAB0D7B922A29207B7A53B3169385F16] - |A| - [14/05/2021 03:20:52] - (.-.) - [96.77 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.408_(x64)_20210514032042_004_dotnet_apphost_pack_3.1.14_win_x64_arm.msi.log [MD5.41B126AC28152C03A68F1301B2974038] - |A| - [14/05/2021 03:20:52] - (.-.) - [96.76 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.408_(x64)_20210514032042_005_dotnet_apphost_pack_3.1.14_win_x64_x86.msi.log [MD5.4374BC64FA92D409A645699B9F11459F] - |A| - [14/05/2021 03:20:52] - (.-.) - [96.68 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.408_(x64)_20210514032042_006_dotnet_apphost_pack_3.1.14_win_x64.msi.log [MD5.B2FFBA99B48B38D5B24AD6079AEA0DD0] - |A| - [14/05/2021 03:20:52] - (.-.) - [530.66 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.408_(x64)_20210514032042_007_windowsdesktop_runtime_3.1.14_win_x64.msi.log [MD5.90F678200BDB9150FBBFDD58E7F75355] - |A| - [14/05/2021 03:20:54] - (.-.) - [87.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.408_(x64)_20210514032042_008_dotnet_host_3.1.14_win_x64.msi.log [MD5.1A57DD47CEA15A242FB093F49B9A848D] - |A| - [14/05/2021 03:20:54] - (.-.) - [86 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.408_(x64)_20210514032042_009_dotnet_hostfxr_3.1.14_win_x64.msi.log [MD5.AE158CB97D6EFA538138CD82B2E226D6] - |A| - [14/05/2021 03:20:54] - (.-.) - [444.69 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.408_(x64)_20210514032042_010_dotnet_runtime_3.1.14_win_x64.msi.log [MD5.3BE21CB44492B034D7C6EE0CFDFEDBFF] - |A| - [14/05/2021 03:21:13] - (.-.) - [35.02 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.408_(x86)_20210514032113.log [MD5.BDA8ACF1AF287A70D286A74AED9AB888] - |A| - [14/05/2021 03:21:13] - (.-.) - [378.95 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.408_(x86)_20210514032113_000_AspNetCoreSharedFramework_x86.log [MD5.8487AED1A6517F3AB7C78645288431ED] - |A| - [14/05/2021 03:21:14] - (.-.) - [3697.67 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.408_(x86)_20210514032113_001_dotnet_sdk_internal_3.1.408_win_x86.msi.log [MD5.A2F60A4E4A778338894EFF8BF468E4A7] - |A| - [14/05/2021 03:21:22] - (.-.) - [102.94 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.408_(x86)_20210514032113_002_dotnet_31templates_3.1.408_servicing_015681_win_x86.msi.log [MD5.78E58CA078BA37B245B428E95ED331D5] - |A| - [14/05/2021 03:21:22] - (.-.) - [101.32 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.408_(x86)_20210514032113_003_dotnet_apphost_pack_3.1.14_win_x86_arm64.msi.log [MD5.32FA7BE539EAFADA2AC29575B0AC60EC] - |A| - [14/05/2021 03:21:22] - (.-.) - [101.12 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.408_(x86)_20210514032113_004_dotnet_apphost_pack_3.1.14_win_x86_arm.msi.log [MD5.4C06157B0024A08B7D1B24929A62D340] - |A| - [14/05/2021 03:21:22] - (.-.) - [101.12 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.408_(x86)_20210514032113_005_dotnet_apphost_pack_3.1.14_win_x86_x64.msi.log [MD5.11934DE79FB44550935E1183628E300B] - |A| - [14/05/2021 03:21:23] - (.-.) - [101.04 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.408_(x86)_20210514032113_006_dotnet_apphost_pack_3.1.14_win_x86.msi.log [MD5.F16B7B3C5AF7F0EFCCFAD1E614E57F87] - |A| - [14/05/2021 03:21:23] - (.-.) - [672.88 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.408_(x86)_20210514032113_007_windowsdesktop_runtime_3.1.14_win_x86.msi.log [MD5.1FDA4A66CB12CADCF25D39ADF152BDEC] - |A| - [14/05/2021 03:21:24] - (.-.) - [87.07 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.408_(x86)_20210514032113_008_dotnet_host_3.1.14_win_x86.msi.log [MD5.E9A3F58CFBC2BF3A0AFEBE11D7D76C44] - |A| - [14/05/2021 03:21:24] - (.-.) - [86.38 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.408_(x86)_20210514032113_009_dotnet_hostfxr_3.1.14_win_x86.msi.log [MD5.655FC0FA56B187E57119B1E92F11C1D3] - |A| - [14/05/2021 03:21:25] - (.-.) - [557.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.408_(x86)_20210514032113_010_dotnet_runtime_3.1.14_win_x86.msi.log [MD5.69450AF561457BF25EA17673339792EE] - |A| - [14/05/2021 03:20:20] - (.-.) - [37.63 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.409_(x64)_20210514032020.log [MD5.67E1AEFB7BF356344E98FCB9E6FD497F] - |A| - [14/05/2021 03:20:22] - (.-.) - [545.81 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.409_(x64)_20210514032020_000_dotnet_runtime_3.1.15_win_x64.msi.log [MD5.BD30B0B080CB6E98D34D440220B9BDDF] - |A| - [14/05/2021 03:20:24] - (.-.) - [95.63 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.409_(x64)_20210514032020_001_dotnet_hostfxr_3.1.15_win_x64.msi.log [MD5.50AA2E6ED3AF74781AD4381FBF954959] - |A| - [14/05/2021 03:20:24] - (.-.) - [101.55 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.409_(x64)_20210514032020_002_dotnet_host_3.1.15_win_x64.msi.log [MD5.F288763BC00CEED8E6F316C7FF3AA3AB] - |A| - [14/05/2021 03:20:24] - (.-.) - [112.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.409_(x64)_20210514032020_003_dotnet_apphost_pack_3.1.15_win_x64.msi.log [MD5.39BFD154A877730EAA9C6301132979E4] - |A| - [14/05/2021 03:20:24] - (.-.) - [112.96 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.409_(x64)_20210514032020_004_dotnet_apphost_pack_3.1.15_win_x64_x86.msi.log [MD5.7E0E9E102C91F9BD6AB88464A20AC858] - |A| - [14/05/2021 03:20:25] - (.-.) - [112.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.409_(x64)_20210514032020_005_dotnet_apphost_pack_3.1.15_win_x64_arm.msi.log [MD5.A55013B10F9ED1C575EEBF4A09A5E91A] - |A| - [14/05/2021 03:20:25] - (.-.) - [113.3 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.409_(x64)_20210514032020_006_dotnet_apphost_pack_3.1.15_win_x64_arm64.msi.log [MD5.F5FAF288AC92B26679AB8CCD5B422C04] - |A| - [14/05/2021 03:20:25] - (.-.) - [801.74 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.409_(x64)_20210514032020_007_windowsdesktop_runtime_3.1.15_win_x64.msi.log [MD5.6A4F0B7B730418117283A6EF9D6D41DF] - |A| - [14/05/2021 03:20:27] - (.-.) - [113.67 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.409_(x64)_20210514032020_008_dotnet_31templates_3.1.409_servicing_015716_win_x64.msi.log [MD5.1CEFCF868BD2A351ACEF25528B577450] - |A| - [14/05/2021 03:20:27] - (.-.) - [4287.53 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.409_(x64)_20210514032020_009_dotnet_sdk_internal_3.1.409_win_x64.msi.log [MD5.42BF03B9725355D887F72070432B6424] - |A| - [14/05/2021 03:20:42] - (.-.) - [380.95 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.409_(x64)_20210514032020_010_AspNetCoreSharedFramework_x64.log [MD5.B5A4B525C9697E625A6E55FD8A0FA4DB] - |A| - [14/05/2021 03:20:58] - (.-.) - [37.04 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.409_(x86)_20210514032058.log [MD5.952F39C31B11C888E51B5478054F8A31] - |A| - [14/05/2021 03:20:59] - (.-.) - [664.54 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.409_(x86)_20210514032058_000_dotnet_runtime_3.1.15_win_x86.msi.log [MD5.135D6C2370A18DB4A2F9C08C1FBF62EC] - |A| - [14/05/2021 03:21:00] - (.-.) - [96.56 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.409_(x86)_20210514032058_001_dotnet_hostfxr_3.1.15_win_x86.msi.log [MD5.61701F70D010A857E96F44D2C035C2C8] - |A| - [14/05/2021 03:21:01] - (.-.) - [106.69 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.409_(x86)_20210514032058_002_dotnet_host_3.1.15_win_x86.msi.log [MD5.95F3D82A8F7C0DA7AC7D36B3C5F92FC3] - |A| - [14/05/2021 03:21:01] - (.-.) - [117.26 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.409_(x86)_20210514032058_003_dotnet_apphost_pack_3.1.15_win_x86.msi.log [MD5.672CCD2858FCA439ECC1129C110B9A5C] - |A| - [14/05/2021 03:21:01] - (.-.) - [117.45 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.409_(x86)_20210514032058_004_dotnet_apphost_pack_3.1.15_win_x86_x64.msi.log [MD5.AF17AFBD47ADCB3D7F0A9CC7CA3F2754] - |A| - [14/05/2021 03:21:02] - (.-.) - [117.46 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.409_(x86)_20210514032058_005_dotnet_apphost_pack_3.1.15_win_x86_arm.msi.log [MD5.D540DF6FBD7BB01A1AE1526361FE65D9] - |A| - [14/05/2021 03:21:02] - (.-.) - [117.84 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.409_(x86)_20210514032058_006_dotnet_apphost_pack_3.1.15_win_x86_arm64.msi.log [MD5.73E4104803031CC1E0DA25277BDFC2AF] - |A| - [14/05/2021 03:21:02] - (.-.) - [952.42 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.409_(x86)_20210514032058_007_windowsdesktop_runtime_3.1.15_win_x86.msi.log [MD5.1516B17B6A00FE5EA612A1099D3BAF2C] - |A| - [14/05/2021 03:21:03] - (.-.) - [119.53 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.409_(x86)_20210514032058_008_dotnet_31templates_3.1.409_servicing_015716_win_x86.msi.log [MD5.C436BFA189BF40679AE9F690886AE80D] - |A| - [14/05/2021 03:21:04] - (.-.) - [5078.93 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.409_(x86)_20210514032058_009_dotnet_sdk_internal_3.1.409_win_x86.msi.log [MD5.A3C1ED4B22BD2C9C89FA34DF1EA3D029] - |A| - [14/05/2021 03:21:12] - (.-.) - [456.31 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_.NET_Core_SDK_3.1.409_(x86)_20210514032058_010_AspNetCoreSharedFramework_x86.log [MD5.62506F5F0CE68B29D915D84C6735DF79] - |A| - [14/05/2021 03:21:33] - (.-.) - [14.69 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_Windows_Desktop_Runtime_-_5.0.5_(x64)_20210514032133.log [MD5.99A40B5257542C512E9D3CDA413074F2] - |A| - [14/05/2021 03:21:33] - (.-.) - [557.85 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_Windows_Desktop_Runtime_-_5.0.5_(x64)_20210514032133_000_windowsdesktop_runtime_5.0.5_win_x64.msi.log [MD5.BE8F356A2FC5CEB1EFB638179345829D] - |A| - [14/05/2021 03:21:35] - (.-.) - [88.04 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_Windows_Desktop_Runtime_-_5.0.5_(x64)_20210514032133_001_dotnet_host_5.0.5_win_x64.msi.log [MD5.92369E7EFE329B8E3F5299E67F4642B9] - |A| - [14/05/2021 03:21:35] - (.-.) - [86.27 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_Windows_Desktop_Runtime_-_5.0.5_(x64)_20210514032133_002_dotnet_hostfxr_5.0.5_win_x64.msi.log [MD5.FB56A83759FB65E5C7ED2BE08BC0CB22] - |A| - [14/05/2021 03:21:35] - (.-.) - [446.27 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_Windows_Desktop_Runtime_-_5.0.5_(x64)_20210514032133_003_dotnet_runtime_5.0.5_win_x64.msi.log [MD5.D2B867563C2B1EBFD170E54301E9F346] - |A| - [14/05/2021 03:21:28] - (.-.) - [16.44 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_Windows_Desktop_Runtime_-_5.0.6_(x64)_20210514032128.log [MD5.ED24BBC02E3BDFE20F5D4D9CC8FBE321] - |A| - [14/05/2021 03:21:29] - (.-.) - [546.44 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_Windows_Desktop_Runtime_-_5.0.6_(x64)_20210514032128_000_dotnet_runtime_5.0.6_win_x64.msi.log [MD5.A48FABF07804FEBD9407E8CF11C6E647] - |A| - [14/05/2021 03:21:31] - (.-.) - [95.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_Windows_Desktop_Runtime_-_5.0.6_(x64)_20210514032128_001_dotnet_hostfxr_5.0.6_win_x64.msi.log [MD5.2556E00F4D380F544B713F3A6FCB014D] - |A| - [14/05/2021 03:21:31] - (.-.) - [105.94 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_Windows_Desktop_Runtime_-_5.0.6_(x64)_20210514032128_002_dotnet_host_5.0.6_win_x64.msi.log [MD5.3736A19A920AE2FD073152BF0D231FBF] - |A| - [14/05/2021 03:21:31] - (.-.) - [847.15 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\Microsoft_Windows_Desktop_Runtime_-_5.0.6_(x64)_20210514032128_003_windowsdesktop_runtime_5.0.6_win_x64.msi.log [MD5.D56A879365711691B28D75F66DF20BD8] - |A| - [05/02/2021 11:18:16] - (.-.) - [960.84 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpCmdRun.log [MD5.6565FEA73771B50B668F0B61CF5CBB38] - |A| - [05/02/2021 14:03:43] - (.-.) - [718.54 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpSigStub.log [MD5.00000000000000000000000000000000] - |D| - [08/05/2021 02:15:24] - [0.17 Ko] - C:\WINDOWS\Temp\MsEdgeCrashpad [MD5.2602686C61E792623B6B6B3F19E704B3] - |A| - [08/05/2021 02:15:24] - (.-.) - [61.75 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\msedge_installer.log [MD5.00000000000000000000000000000000] - |D| - [15/05/2021 09:18:07] - [5615.41 Ko] - C:\WINDOWS\Temp\VPN_D754 [MD5.995C1FE15C42A73A716CC816EE5F6BF3] - |A| - [13/05/2021 03:26:57] - (.-.) - [9.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\VSIXInstaller_7aa15ac6-0906-42e2-a8c4-9fe54842849b.log [MD5.ADE3B7D4BB6D1967EC83197B92F58818] - |A| - [12/05/2021 03:26:57] - (.-.) - [9.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\VSIXInstaller_9a8dadcf-faa4-4f5e-8d2e-f39f3b6c3fb9.log [MD5.C0CD479DAF6BE95DA514C3713747B501] - |A| - [10/05/2021 03:26:56] - (.-.) - [9.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\VSIXInstaller_9f89d582-90f5-44e8-befd-040c05100729.log [MD5.783A044F63145E4AAE1DCC1D7E13EBD1] - |A| - [16/05/2021 05:39:52] - (.-.) - [9.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\VSIXInstaller_a898cf11-73d9-4dec-bddf-d4d5c15cc31b.log [MD5.8DD0FE8A55C908AF4736BB964843E420] - |A| - [11/05/2021 03:26:56] - (.-.) - [9.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\VSIXInstaller_ad685008-ed4a-41c1-83f0-58afa9da68f8.log [MD5.0C6C6162808284DE4FD990E1E0BB684F] - |A| - [14/05/2021 03:26:57] - (.-.) - [9.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\VSIXInstaller_c04479c8-a7a5-4abb-890f-df89b57b575f.log [MD5.775611A5C88B349AE2A68046880CE2E0] - |A| - [15/05/2021 03:26:56] - (.-.) - [10.07 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\VSIXInstaller_df9fcdad-7f6a-403f-b21e-450244ca51e5.log [MD5.E3E4EE0CACCC592D4D145A0CA9C52D4F] - |A| - [17/05/2021 08:16:01] - (.-.) - [9.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\VSIXInstaller_ee6e8250-c31d-4984-a895-9d7c1d579e01.log [MD5.00000000000000000000000000000000] - |D| - [06/02/2021 04:26:58] - [12.33 Ko] - C:\WINDOWS\Temp\VSRemoteControl [MD5.00000000000000000000000000000000] - |D| - [16/05/2021 18:42:11] - [0 Ko] - C:\WINDOWS\Temp\WinSAT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:50:21] - [0 Ko] - C:\WINDOWS\System32\0409 [MD5.C652A5EA6545C98CE71684018E0640E7] - |A| - [07/12/2019 11:09:00] - (.-.) - [3.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AdvancedKeySettingsNotification.png [MD5.D6F8DD9F561B8A67FFAC2BAD7E989770] - |A| - [07/12/2019 11:08:44] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AppHelpToast.png [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [07/12/2019 11:08:45] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AudioToastIcon.png [MD5.8E4B25CC8E98F63DBD54176DFAB539E0] - |A| - [07/12/2019 11:08:21] - (.-.) - [0.44 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@BackgroundAccessToastIcon.png [MD5.3937359E324E15F6A7A7092D4DAEBD64] - |A| - [07/12/2019 11:08:52] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@bitlockertoastimage.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [07/12/2019 11:08:52] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@EnrollmentToastIcon.png [MD5.C2A332DE50FE519DA21AFB8BD6E134F4] - |A| - [07/12/2019 11:08:58] - (.-.) - [0.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@language_notification_icon.png [MD5.A119D69B4C29845D3F8CE2E5638C8E65] - |A| - [07/12/2019 11:09:45] - (.-.) - [0.47 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@optionalfeatures.png [MD5.A3437673F5766635A8378F67645B81C0] - |A| - [07/12/2019 11:09:37] - (.-.) - [0.35 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@StorageSenseToastIcon.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [07/12/2019 11:09:07] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@VpnToastIcon.png [MD5.79166EAF65485F1432DD72B72870026B] - |A| - [07/12/2019 11:09:32] - (.-.) - [190.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@windows-hello-V4.1.gif [MD5.13EF2C8D799F7B6E9D8E3D6BACB9C779] - |A| - [07/12/2019 11:09:32] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsHelloFaceToastIcon.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.contrast-black.png [MD5.DAD405CBDE259DE527EBF71BCC28099C] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.contrast-white.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [07/12/2019 11:08:19] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WirelessDisplayToast.png [MD5.147B047B46B79A91CC34499D4F89119E] - |A| - [07/12/2019 11:09:05] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WLOGO_48x48.png [MD5.D0FCF781D0801ABF5F74B54E98076A5B] - |A| - [19/03/2019 06:44:12] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WwanNotificationIcon.png [MD5.85D91E478AF18125007C531227FF6E59] - |A| - [19/03/2019 06:44:12] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WwanSimLockIcon.png [MD5.F99FFEB543186BDD81DC090CCCE60EA0] - |A| - [29/06/2018 03:13:27] - (.Copyright © 2003-2012 by fccHandler - AC-3 ACM Codec.) - [176.5 Ko] - (2.2.0.0) - C:\WINDOWS\System32\ac3acm.acm [MD5.31A16C523B62500F83C82217F056A538] - |A| - [07/12/2019 11:08:39] - (.-.) - [8.13 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ActiveHours.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [2786.8 Ko] - C:\WINDOWS\System32\AdvancedInstallers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\af-ZA [MD5.A49C26AA0CADD994DE158F51CB7EEFBC] - |A| - [14/05/2021 03:31:48] - (.-.) - [13 Ko] - (0.0.0.0) - C:\WINDOWS\System32\agentactivationruntimestarter.exe [MD5.1AB94286FDD666ECFFEFD6D5E967E7C5] - |A| - [19/05/2020 03:36:34] - (.(C) 2014-2017 Sereby.org - General Runtimes Version Information.) - [128 Ko] - (1.0.5.1) - C:\WINDOWS\System32\AiORuntimes.dll [MD5.8210141840CE237FBF40B6E26E2DD11D] - |A| - [12/02/2021 21:16:01] - (.NCT Company Copyright 1999 - 2001 - NCT ALF2CD Audio CODEC.) - [38 Ko] - (2.3.1.0) - C:\WINDOWS\System32\alf2cd.acm [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5.97 Ko] - C:\WINDOWS\System32\am-et [MD5.D0C50C113FE59C21AD59932E6B9C202F] - |A| - [16/05/2021 15:12:47] - (.-.) - [37.42 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ampa.sys [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [16 Ko] - C:\WINDOWS\System32\AppLocker [MD5.00000000000000000000000000000000] - |D| - [03/01/2019 21:38:14] - [0 Ko] - C:\WINDOWS\System32\appmgmt [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [2808.41 Ko] - C:\WINDOWS\System32\appraiser [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 16:53:51] - [287.49 Ko] - C:\WINDOWS\System32\AppV [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [356 Ko] - C:\WINDOWS\System32\ar-SA [MD5.C9486151C26D64A4933B95BA10BF730A] - |A| - [07/12/2019 11:09:34] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [614 Ko] - (3.3.2.0) - C:\WINDOWS\System32\archiveint.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\as-IN [MD5.C4E526D30AA8F2534BBCEDA89D8F9820] - |A| - [13/03/2021 00:08:52] - (.-.) - [469 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AssignedAccessCsp.dll [MD5.C7C510C30A9B3433F90F413ADD155954] - |A| - [19/05/2020 03:36:33] - (.©1999-2015 Jonathan Bennett & AutoIt Team - AutoIt v3 ActiveX Control.) - [445.32 Ko] - (3.3.14.0) - C:\WINDOWS\System32\autoitx3.dll [MD5.C03F0062C0749CDB59A4D60862C3E83E] - |A| - [07/12/2019 11:08:07] - (.-.) - [134.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AverageRoom.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\az-Latn-AZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\be-BY [MD5.00000000000000000000000000000000] - |D| - [27/07/2020 00:45:35] - [14.04 Ko] - C:\WINDOWS\System32\BestPractices [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [347.5 Ko] - C:\WINDOWS\System32\bg-BG [MD5.705628497C0012302212A46ADD463E6E] - |A| - [07/12/2019 11:08:05] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-black.png [MD5.F63C615733A3337BF2BEA96C6EE9B568] - |A| - [07/12/2019 11:08:05] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-high.png [MD5.705628497C0012302212A46ADD463E6E] - |A| - [07/12/2019 11:08:05] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-white.png [MD5.DAF1DCB4AEE839A1965F4CC160C49A53] - |A| - [07/12/2019 11:08:05] - (.-.) - [8.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.png [MD5.28ECA83D7F9D10D69E969675D1FF6725] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothSystemToastIcon.contrast-white.png [MD5.A620186FF1CDE4EE117FC4CAD648B9CC] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.2 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\bn-BD [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\bn-IN [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [6041.63 Ko] - C:\WINDOWS\System32\Boot [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\bs-Latn-BA [MD5.3149A16CF39B9A49BD9A1EF98A1C527B] - |A| - [13/01/2021 02:49:11] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [186.5 Ko] - (1.0.0.1) - C:\WINDOWS\System32\BthpanContextHandler.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.1 Ko] - C:\WINDOWS\System32\Bthprops [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ca-ES [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ca-ES-valencia [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:03:44] - [81339.42 Ko] - C:\WINDOWS\System32\CatRoot [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [57969.49 Ko] - C:\WINDOWS\System32\catroot2 [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\chr-CHER-US [MD5.A9EB01310B0EE8BCE5CB70E0D9E5E0B8] - |A| - [13/06/2018 18:19:19] - (.Copyright CANON INC. 2000-2015 - IJ Language Monitor.) - [397 Ko] - (0.3.0.1) - C:\WINDOWS\System32\CNMLMCT.DLL [MD5.979E3B4EDEF1C35F104C238D8E5032C8] - |A| - [13/06/2018 18:19:40] - (.Copyright CANON INC. 2003-2015 - Canon IJ Network 64bit comm Module.) - [366.5 Ko] - (3.7.0.90) - C:\WINDOWS\System32\CNMN6PPM.DLL [MD5.859E77E7F1314272F5773FF329540E5F] - |A| - [13/06/2018 18:19:40] - (.Copyright CANON INC. 2003-2015 - Canon IJ Network 64bit UI Module.) - [38.5 Ko] - (3.7.0.90) - C:\WINDOWS\System32\CNMN6UI.DLL [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [20.62 Ko] - C:\WINDOWS\System32\CodeIntegrity [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [382.5 Ko] - C:\WINDOWS\System32\Com [MD5.535884123FABC2C15AA7DEC9834B55D4] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ComputerToastIcon.contrast-white.png [MD5.89F92266DFC6F93961DFFBB2D6C61A15] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.38 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ComputerToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:03:44] - [361709.07 Ko] - C:\WINDOWS\System32\config [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [86.84 Ko] - C:\WINDOWS\System32\Configuration [MD5.C113EC3ABF481A1B41F99BD721B513C3] - |A| - [14/04/2021 01:52:33] - (.-.) - [225.83 Ko] - (0.0.0.0) - C:\WINDOWS\System32\containerdevicemanagement.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.34 Ko] - C:\WINDOWS\System32\ContainerSettingsProviders [MD5.D28333B58305A94157F38D961F032930] - |A| - [11/12/2020 12:19:57] - (.-.) - [280.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\CoreMas.dll [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [07/09/2020 13:19:14] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\System32\courgette.log [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [410 Ko] - C:\WINDOWS\System32\cs-CZ [MD5.1C3645EBDDBE2DA6A32A5F9FB43A3C23] - |A| - [07/12/2019 11:09:34] - (.© 1996 - 2017 Daniel Stenberg, . - The curl executable.) - [411.5 Ko] - (7.55.1.0) - C:\WINDOWS\System32\curl.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\cy-GB [MD5.69464E435DB1DAD7C472D3E6D033E661] - |A| - [19/05/2020 03:36:34] - (.Copyright © Cygwin Authors 1996-2017 - Cygwin POSIX Emulation DLL.) - [3369.74 Ko] - (2008.0.0.0) - C:\WINDOWS\System32\cygwin1.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [413.5 Ko] - C:\WINDOWS\System32\da-DK [MD5.C071699F4F21B82606C72BAE2A430E1D] - |A| - [14/05/2021 03:31:50] - (.-.) - [162 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DataStoreCacheDumpTool.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [271.02 Ko] - C:\WINDOWS\System32\DDFs [MD5.DF6465F349C9CBDF3FCEB3F198E8FCB6] - |A| - [16/05/2021 15:12:50] - (.-.) - [34.92 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ddmdrv.sys [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [461.5 Ko] - C:\WINDOWS\System32\de-DE [MD5.C1684AACAAD62889ACFCA988AA46562D] - |A| - [07/12/2019 11:08:21] - (.-.) - [28.83 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultAccountTile.png [MD5.057C75B5735EEF2A75ABF8F6770BCA34] - |A| - [27/07/2020 00:51:55] - (.-.) - [4128.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultHrtfs.bin [MD5.664AA698FC0106A2B075A641E8DC6302] - |A| - [07/12/2019 11:14:56] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultQuestions.json [MD5.BC568D41D1A2BA78E61552477145E180] - |A| - [05/07/2018 00:31:31] - (.-.) - [16 Ko] - (0.0.0.0) - C:\WINDOWS\System32\defltbase.jfm [MD5.49C6F149C5D29E5E1F173A9F1B45F4D3] - |A| - [05/07/2018 00:31:31] - (.-.) - [1024 Ko] - (0.0.0.0) - C:\WINDOWS\System32\defltbase.sdb [MD5.041A7B079E9776721847031A7CF533E1] - |A| - [07/12/2019 11:09:34] - (.-.) - [15.97 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DeliveryOptimizationMIProv.mof [MD5.59D5500F74109D59522F5A9457B8D9A2] - |A| - [07/12/2019 11:09:34] - (.-.) - [0.89 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DeliveryOptimizationMIProvUninstall.mof [MD5.B924F1A7DE5ED8331B3375A778B3FE38] - |A| - [07/12/2019 11:08:52] - (.-.) - [35.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\deploymentcsphelper.exe [MD5.1E4EA9942EC6A8E6672A0DC59AA59D19] - |A| - [23/03/2018 10:39:57] - (.-.) - [15.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DESKTOP-BK7IV0M_defaultuser0_HistoryPrediction.bin [MD5.46BBA24DEED94A68F244D5DBA4161948] - |A| - [30/07/2015 23:55:12] - (.-.) - [15.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DESKTOP-VRKVT78_Administrator_HistoryPrediction.bin [MD5.851A9305E14B348CA0D9C7FB75391FDB] - |A| - [07/12/2019 11:08:39] - (.-.) - [272.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DesktopKeepOnToastImg.gif [MD5.4A6FA3C0EFD237F104E09A22883D9388] - |A| - [07/12/2019 11:08:43] - (.-.) - [3.85 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DetailedReading-Default.xml [MD5.3B5BFF2D6826956AB7D71D61FBA8EC48] - |A| - [07/12/2019 11:10:18] - (.-.) - [131.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DeviceUpdateCenterCsp.dll [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [885 Ko] - C:\WINDOWS\System32\DiagSvcs [MD5.037DF43BCC9F9A4DF6548FED8F4503AF] - |A| - [07/12/2019 11:08:37] - (.-.) - [82.96 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DiskSnapshot.conf [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [10152.79 Ko] - C:\WINDOWS\System32\Dism [MD5.6AB2B935BF38EB13CFCB9506223FD6E7] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplaySystemToastIcon.contrast-white.png [MD5.FF004E0B30E5E4EC747B3D8EF6E3B89E] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplaySystemToastIcon.png [MD5.902179013800F311AFF57CD5F29BE346] - |A| - [12/02/2021 21:16:01] - (.Copyright (C) DivXNetworks 2001-2003 - DivX Video for Windows Codec.) - [624 Ko] - (5.0.5.830) - C:\WINDOWS\System32\divx.dll [MD5.EFF71E68DD8F9DC0BBD89CD83153C336] - |A| - [12/02/2021 21:16:01] - (.Copyright © DivXNetworks, 2001-2003 - DivX (TM) Decoder Filter.) - [216.03 Ko] - (5.0.5.830) - C:\WINDOWS\System32\divxdec.ax [MD5.4F64D6564C2C2D8A04AE3F37BA94C85D] - |A| - [09/01/2018 05:38:42] - (.Copyright © 2016 Razer Inc. All rights reserved - Installation Helper Custom Actions for wix.) - [73.97 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DriverInstallCA.dll [MD5.68FAE95FB58893420FC9A0ECE5844200] - |A| - [09/01/2018 05:38:44] - (.Copyright © 2016 Razer Inc. All rights reserved - Razer CA installation for drivers.) - [245.97 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DriverInstallCACMD.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:17] - [134489.95 Ko] - C:\WINDOWS\System32\drivers [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\System32\DriverState [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:03:44] - [1765245.09 Ko] - C:\WINDOWS\System32\DriverStore [MD5.DD10A73D328FF799FE3E5129F5C88A7D] - |A| - [14/02/2020 04:33:42] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth1.bin [MD5.E6D9FAF738CA18CCA40BA377E7B5BFDA] - |A| - [14/02/2020 04:33:42] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth10.bin [MD5.64F20037290D71047A1AD7D623B9C5A4] - |A| - [14/02/2020 04:33:42] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth11.bin [MD5.45B6332023D98EAC5440175653D59F7E] - |A| - [14/02/2020 04:33:42] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth12.bin [MD5.2B9CF3378C1E53E6CFF607D62ED2214C] - |A| - [14/02/2020 04:33:42] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth2.bin [MD5.4625CE19CBBEC5FB9E7404678D9D1F70] - |A| - [14/02/2020 04:33:42] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth3.bin [MD5.9910FE7D30E9CAC265182E90ED5BB74F] - |A| - [14/02/2020 04:33:42] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth4.bin [MD5.C870F06EB9EA4FA5A6D311788708C9CE] - |A| - [14/02/2020 04:33:42] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth5.bin [MD5.2332FD6A737F371147D076B46B16C6F6] - |A| - [14/02/2020 04:33:42] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth6.bin [MD5.ACA4C5D68DFB4D5A1CFD3DBAC4BD1D3C] - |A| - [14/02/2020 04:33:42] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth7.bin [MD5.D9847A45991808F986D4D5A9F4E2DC74] - |A| - [14/02/2020 04:33:42] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth8.bin [MD5.C99CEC38021B6D29C126E2974DE2AAEC] - |A| - [14/02/2020 04:33:42] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth9.bin [MD5.5E11A46BEB9134C860E125582311F64B] - |A| - [14/05/2021 03:32:07] - (.-.) - [11.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuthTxt.wim [MD5.00000000000000000000000000000000] - |DC| - [04/10/2018 15:12:06] - [623.84 Ko] - C:\WINDOWS\System32\DRVSTORE [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [214.5 Ko] - C:\WINDOWS\System32\dsc [MD5.64E652DC979CB9EF1AEE91DBD4F8C624] - |A| - [13/01/2021 02:49:13] - (.-.) - [2201.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\dwmscene.dll [MD5.DF84EB7B44D1414284BA384F0061D1DC] - |A| - [07/12/2019 11:08:07] - (.-.) - [728.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicLong.bin [MD5.346870077DFD18867A9693C7A59AA3E6] - |A| - [07/12/2019 11:08:07] - (.-.) - [503.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicMedium.bin [MD5.2BEC13D68312ADE8C0065D8BCC146D2F] - |A| - [07/12/2019 11:08:07] - (.-.) - [315.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicShort.bin [MD5.D5F2BE5B35EDA786EB1B27884174A3CB] - |A| - [08/08/2019 06:54:03] - (.Copyright © EasyAntiCheat Oy 2018 - EasyAntiCheat UserMode.) - [19.22 Ko] - (1.0.0.0) - C:\WINDOWS\System32\eac_usermode_16657882514877.dll [MD5.97EB9A496F6A2C81B5A3BF99F165A411] - |A| - [22/10/2020 22:33:12] - (.Copyright ? EasyAntiCheat Oy 2018 - EasyAntiCheat UserMode.) - [22.3 Ko] - (1.0.0.0) - C:\WINDOWS\System32\eac_usermode_185813982021507.dll [MD5.D5F2BE5B35EDA786EB1B27884174A3CB] - |A| - [16/07/2019 22:40:20] - (.Copyright © EasyAntiCheat Oy 2018 - EasyAntiCheat UserMode.) - [19.22 Ko] - (1.0.0.0) - C:\WINDOWS\System32\eac_usermode_2061875379545017.dll [MD5.D5F2BE5B35EDA786EB1B27884174A3CB] - |A| - [17/07/2019 17:05:05] - (.Copyright © EasyAntiCheat Oy 2018 - EasyAntiCheat UserMode.) - [19.22 Ko] - (1.0.0.0) - C:\WINDOWS\System32\eac_usermode_2205997360270.dll [MD5.D5F2BE5B35EDA786EB1B27884174A3CB] - |A| - [26/07/2019 15:03:03] - (.Copyright © EasyAntiCheat Oy 2018 - EasyAntiCheat UserMode.) - [19.22 Ko] - (1.0.0.0) - C:\WINDOWS\System32\eac_usermode_336676597653457.dll [MD5.D5F2BE5B35EDA786EB1B27884174A3CB] - |A| - [26/07/2019 15:22:08] - (.Copyright © EasyAntiCheat Oy 2018 - EasyAntiCheat UserMode.) - [19.22 Ko] - (1.0.0.0) - C:\WINDOWS\System32\eac_usermode_3640152048380.dll [MD5.F5BD52344D92301AAD5C616935DEC34A] - |A| - [18/12/2018 21:29:28] - (.Copyright © EasyAntiCheat Oy 2018 - EasyAntiCheat UserMode.) - [19.23 Ko] - (1.0.0.0) - C:\WINDOWS\System32\eac_usermode_63629358998302.dll [MD5.D5F2BE5B35EDA786EB1B27884174A3CB] - |A| - [24/07/2019 12:52:01] - (.Copyright © EasyAntiCheat Oy 2018 - EasyAntiCheat UserMode.) - [19.22 Ko] - (1.0.0.0) - C:\WINDOWS\System32\eac_usermode_808257334025041.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [467 Ko] - C:\WINDOWS\System32\el-GR [MD5.E5C5E1872129A78A2F89903F8337A94E] - |A| - [24/03/2018 13:16:14] - (.-.) - [22.66 Ko] - (0.0.0.0) - C:\WINDOWS\System32\emptyregdb.dat [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:50:21] - [3455 Ko] - C:\WINDOWS\System32\en [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [326.5 Ko] - C:\WINDOWS\System32\en-GB [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [43675.61 Ko] - C:\WINDOWS\System32\en-US [MD5.C70C135619F7DD91695977C08FF2CE41] - |A| - [24/07/2020 15:48:04] - (.Copyright (C) 2019 - SteelSeries Engine CoInstaller.) - [306.02 Ko] - (1.0.0.0) - C:\WINDOWS\System32\engineco.dll [MD5.1D0A840D731A2C1F2E1FB5B8596B4C34] - |A| - [13/01/2021 02:49:11] - (.-.) - [148.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\EoAExperiences.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [441.5 Ko] - C:\WINDOWS\System32\es-ES [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [361.5 Ko] - C:\WINDOWS\System32\es-MX [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [320 Ko] - C:\WINDOWS\System32\et-EE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\eu-ES [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [16806.64 Ko] - C:\WINDOWS\System32\F12 [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\fa-IR [MD5.4DED57BD7ACB9B0EBBE82034EC44645A] - |A| - [07/12/2019 11:08:41] - (.-.) - [43.22 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FeatureToastBulldogImg.png [MD5.7F65C93283F31EB39E311DDDC00DFBA6] - |A| - [10/07/2020 20:15:41] - (.-.) - [16.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FeatureToastDlpImg.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [7.11 Ko] - C:\WINDOWS\System32\ff-Adlm-SN [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [419 Ko] - C:\WINDOWS\System32\fi-FI [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\fil-PH [MD5.18984831188FC07BE8AC6F7053CF6E8E] - |A| - [26/07/2020 23:58:54] - (.-.) - [491.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:50:21] - [3490.5 Ko] - C:\WINDOWS\System32\fr [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [372 Ko] - C:\WINDOWS\System32\fr-CA [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [48144.01 Ko] - C:\WINDOWS\System32\fr-FR [MD5.F5CA01AB732F8723CEB0118923F1AD32] - |A| - [14/05/2021 03:32:12] - (.-.) - [684.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FsNVSDeviceSource.dll [MD5.F755D5BD38F3110AFE3927B573BE4389] - |A| - [30/10/2020 07:25:29] - (.-.) - [72.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FvSDK_x64.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:51:43] - [0 Ko] - C:\WINDOWS\System32\FxsTmp [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ga-IE [MD5.41FD64AE28A0C932CA7B2A250993D675] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameSystemToastIcon.contrast-white.png [MD5.6DC77FD8B062264AF1C6DA325ABB7010] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.11 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameSystemToastIcon.png [MD5.2E6AF4D5BF6E31E728F409984C3045D4] - |A| - [07/12/2019 11:09:48] - (.-.) - [86.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\gatherNetworkInfo.vbs [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\gd-GB [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [07/04/2020 19:05:20] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GfxValDisplayLog.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\gl-ES [MD5.00000000000000000000000000000000] - |HD| - [15/03/2019 22:21:03] - [0.01 Ko] - C:\WINDOWS\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [15/03/2019 22:21:03] - [0 Ko] - C:\WINDOWS\System32\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\gu-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ha-Latn-NG [MD5.EA99A87E98D995DE6E280CF85CEAD413] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HandwritingSystemToastIcon.contrast-white.png [MD5.B8E586ED92DB703FFA480E254996160E] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.89 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HandwritingSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [329.5 Ko] - C:\WINDOWS\System32\he-IL [MD5.6E9E9D56B192B2995493E529CFF2BBFE] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadphoneSystemToastIcon.contrast-white.png [MD5.7F1E9502267F778F3A8139C35A352190] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadphoneSystemToastIcon.png [MD5.202A07E4526B050E22624328E64E0470] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.52 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadsetSystemToastIcon.contrast-white.png [MD5.1892ACC10CAC009BCAC146AD650ABA58] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.17 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadsetSystemToastIcon.png [MD5.031713BFD5F30E63336D3CA5D2767BE9] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HealthSystemToastIcon.contrast-white.png [MD5.C1BD7976C99830E33A713D02374054EC] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.62 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HealthSystemToastIcon.png [MD5.6D2BA2902199292D57806E3C53C587BF] - |A| - [13/01/2021 02:49:01] - (.-.) - [299.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\hi-IN [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [337 Ko] - C:\WINDOWS\System32\hr-HR [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [419 Ko] - C:\WINDOWS\System32\hu-HU [MD5.B6037A4AD99A567A34F7A014F8B42069] - |A| - [13/01/2021 02:49:58] - (.-.) - [134.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HvsiManagementApi.dll [MD5.871CA2345825E86D1D2D2A2E9E475D4F] - |A| - [26/10/2020 01:17:01] - (.-.) - [44.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HvSocket.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\hy-AM [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:53:51] - [149.55 Ko] - C:\WINDOWS\System32\Hydrogen [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5.36 Ko] - C:\WINDOWS\System32\ias [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [36.27 Ko] - C:\WINDOWS\System32\icsxml [MD5.061462282D516227FAB40231BAE93F1A] - |A| - [26/10/2020 01:16:24] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Combined Library.) - [2207.5 Ko] - (64.2.0.0) - C:\WINDOWS\System32\icu.dll [MD5.A7B574704574F326B92DCEA872F1E9E1] - |A| - [26/10/2020 01:16:24] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N Forwarder DLL.) - [24.5 Ko] - (64.2.0.0) - C:\WINDOWS\System32\icuin.dll [MD5.4A85A9DEA3D47D95CEF5525586756EA6] - |A| - [26/10/2020 01:16:24] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common Forwarder DLL.) - [29 Ko] - (64.2.0.0) - C:\WINDOWS\System32\icuuc.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\id-ID [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ig-NG [MD5.388BE35F952EC7F057CDD79E8EDF9A18] - |A| - [11/11/2020 23:33:22] - (.-.) - [193 Ko] - (0.0.0.0) - C:\WINDOWS\System32\IHDS.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [26862.43 Ko] - C:\WINDOWS\System32\IME [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\System32\inetsrv [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [6943 Ko] - C:\WINDOWS\System32\InputMethod [MD5.8DE9AE82152650C178BF1E24014E8503] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputSystemToastIcon.contrast-white.png [MD5.0B9FBD6F3ED617CD36D042D3422F1C2B] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\System32\Ipmi [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\is-IS [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [442 Ko] - C:\WINDOWS\System32\it-IT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [331.34 Ko] - C:\WINDOWS\System32\ja-jp [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ka-GE [MD5.23AC7515B6D8A794BCC01B582F044078] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\KeyboardSystemToastIcon.contrast-white.png [MD5.3DF873E16CCEA9B42857FB5FA085CB00] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\KeyboardSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [10192.95 Ko] - C:\WINDOWS\System32\Keywords [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\kk-KZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\km-KH [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\kn-IN [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [302.5 Ko] - C:\WINDOWS\System32\ko-KR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\kok-IN [MD5.AC2FAA135B5FA5B29455F689B5A2BF89] - |A| - [13/09/2016 16:47:26] - (.Copyright © 2014 Razer Inc. All rights reserved - Kraken 7.1 V2 APO lfx dll.) - [4651.76 Ko] - (6.2.9200.20557) - C:\WINDOWS\System32\Kraken0510lfx.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ku-Arab-IQ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ky-KG [MD5.69A0628BBE1A404B1BA0B6DCA7610A06] - |A| - [12/02/2021 21:16:01] - (.Copyright (C) 1997 Fraunhofer IIS - MPEG Layer-3 Audio Decoder.) - [96 Ko] - (1.9.0.311) - C:\WINDOWS\System32\L3CODECX.AX [MD5.EE6407670B4CA47CCC9AF5ED41A19150] - |A| - [29/06/2018 03:13:27] - (.Copyright © 2011 - Lagarith.) - [145.5 Ko] - (1.3.27.0) - C:\WINDOWS\System32\lagarith.dll [MD5.5E6F49F657A509D079C60D08A2EE33A7] - |A| - [12/02/2021 21:16:01] - (.Copyright © 2005 Elecard Ltd. - LAME Audio Encoder.) - [240 Ko] - (1.0.54.50801) - C:\WINDOWS\System32\lame.ax [MD5.9451D4436E2EA67EB33FCC764E4AABED] - |A| - [07/12/2019 11:08:39] - (.-.) - [186.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LaptopPlugInToastImg.gif [MD5.F0CC83E1BA7E24F9B3292160C28AECD7] - |A| - [07/12/2019 11:08:07] - (.-.) - [145.56 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LargeRoom.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\lb-LU [MD5.14BE6A1C21780D85AD3F1D09283C56DA] - |A| - [14/05/2021 03:32:19] - (.-.) - [1647.5 Ko] - (3.0.2.0) - C:\WINDOWS\System32\libcrypto.dll [MD5.DF542AB13944F6EFF23F98F035A9B5F2] - |A| - [19/05/2020 03:36:34] - (.Copyright © 1998-2005 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. - OpenSSL Shared Library.) - [1236 Ko] - (1.0.2.11) - C:\WINDOWS\System32\libeay32.dll [MD5.A885D3776B14B6EF7E24D0E04DF69F86] - |A| - [19/05/2020 03:36:34] - (.Copyright (C) 1999-2007 - LGPLed libiconv for Windows NT/2000/XP/Vista and Windows 95/98/ME.) - [1030.93 Ko] - (1.13.1.0) - C:\WINDOWS\System32\libiconv2.dll [MD5.D202BAA425176287017FFE1FB5D1B77C] - |A| - [19/05/2020 03:36:34] - (.© 2005 Free Software Foundation - GetText: library and tools for native language support.) - [101 Ko] - (0.14.4.1952) - C:\WINDOWS\System32\libintl3.dll [MD5.6DCFA4BB657ABE4BC90789F55F5FC893] - |A| - [19/05/2020 03:36:34] - (.© 1998-2004 Glenn Randers-Pehrson et al. - PNG image compression library.) - [158.5 Ko] - (1.2.31.0) - C:\WINDOWS\System32\libpng13.dll [MD5.44480C7CADF2A46B6173B6BA2E493286] - |A| - [19/05/2020 03:36:34] - (.© 1998-2009 Glenn Randers-Pehrson et al. - PNG image compression library.) - [135.5 Ko] - (1.5.10.0) - C:\WINDOWS\System32\libpng15.dll [MD5.AD7E91250A27EDA87F109BD94050CC2B] - |A| - [19/05/2020 03:36:34] - (.Copyright © 1998-2005 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. - OpenSSL Shared Library.) - [268.5 Ko] - (1.0.2.11) - C:\WINDOWS\System32\libssl32.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [625.17 Ko] - C:\WINDOWS\System32\Licenses [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\lo-LA [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [38132.11 Ko] - C:\WINDOWS\System32\LogFiles [MD5.00000000000000000000000000000000] - |D| - [22/02/2021 13:53:55] - [256 Ko] - C:\WINDOWS\System32\Logs [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [335.5 Ko] - C:\WINDOWS\System32\lt-LT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [333.5 Ko] - C:\WINDOWS\System32\lv-LV [MD5.00000000000000000000000000000000] - |D| - [03/04/2021 07:50:43] - [0.06 Ko] - C:\WINDOWS\System32\lxss [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [28096.21 Ko] - C:\WINDOWS\System32\Macromed [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:52:40] - [32.68 Ko] - C:\WINDOWS\System32\MailContactsCalendarSync [MD5.7A495CA1402C2F9F5D035092AD808669] - |A| - [07/12/2019 11:10:41] - (.-.) - [0.85 Ko] - (0.0.0.0) - C:\WINDOWS\System32\manage-bde.wsf [MD5.65735234BE6F70E5BA10F12364B1041B] - |A| - [14/05/2021 03:32:03] - (.-.) - [1136.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MBR2GPT.EXE [MD5.521F1463E9733FD867E097727DD90177] - |A| - [12/02/2021 21:16:01] - (.Main Concept Ltd. 1999-2001 - MainConcept DV Codec.) - [255.5 Ko] - (2.0.0.0) - C:\WINDOWS\System32\mcdvd_32.dll [MD5.F23EB28468FC8B62AF941308EC30387F] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediaSystemToastIcon.contrast-white.png [MD5.6E27512E38D598E0A60F8E5ADCF032CD] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.83 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediaSystemToastIcon.png [MD5.69D04DE701CF1E8CE69C65D1671D2B3F] - |A| - [07/12/2019 11:08:07] - (.-.) - [107.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediumRoom.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\mi-NZ [MD5.00000000000000000000000000000000] - |D| - [27/07/2020 00:54:41] - [1124.61 Ko] - C:\WINDOWS\System32\Microsoft [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [6801.08 Ko] - C:\WINDOWS\System32\migration [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [45350.86 Ko] - C:\WINDOWS\System32\migwiz [MD5.08749DCC252AE1148E3BEA32B3FFFBFC] - |A| - [07/12/2019 11:10:11] - (.-.) - [0.11 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MixedRealityRuntime.json [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\mk-MK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ml-IN [MD5.C8BF077B236ED2803347BD95DE29BF68] - |A| - [07/12/2019 11:14:56] - (.-.) - [3.03 Ko] - (0.0.0.0) - C:\WINDOWS\System32\mmc.exe.config [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\mn-MN [MD5.B43E43FFFDD0F06A6925C7C89594042B] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.35 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MouseSystemToastIcon.contrast-white.png [MD5.5D2F0D3E50BF1129D260AC1405FF2A18] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.06 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MouseSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\mr-IN [MD5.56B0EC005E5EDB0FB720954DAF594A46] - |A| - [11/11/2019 17:55:40] - (.Copyright (C) 2019 LLC Mail.Ru - Mail.Ru AntiCheat Service.) - [18552.65 Ko] - (2.70.1.0) - C:\WINDOWS\System32\mracsvc.exe [MD5.00000000000000000000000000000000] - |D| - [23/03/2018 16:23:14] - [0 Ko] - C:\WINDOWS\System32\MRT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ms-MY [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [45.5 Ko] - C:\WINDOWS\System32\MSDRM [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 01:38:21] - [4388.28 Ko] - C:\WINDOWS\System32\MsDtc [MD5.52740EC47A2BF00469B2B8517DD5F306] - |A| - [12/02/2021 21:16:04] - (.Copyright (c) Multilab LLC, 2011-2020. - mslvddsfilter5 ActiveX DLL.) - [81.16 Ko] - (5.0.1.73) - C:\WINDOWS\System32\mslvddsfilter5.ax [MD5.00000000000000000000000000000000] - |D| - [27/07/2020 00:45:35] - [6147.69 Ko] - C:\WINDOWS\System32\msmq [MD5.18403DE4979A328F21279DECB2E4298F] - |A| - [07/12/2019 11:10:08] - (.-.) - [3.32 Ko] - (0.0.0.0) - C:\WINDOWS\System32\msmqpub.mof [MD5.E0640DE5407EEE4C6E16D839243B71F9] - |A| - [07/12/2019 11:10:08] - (.-.) - [8.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\msmqtrc.mof [MD5.3ED9AC3EE11EE2C16E2E41F0DC4BAD42] - |A| - [07/12/2019 11:10:08] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\WINDOWS\System32\msmqtrcRemove.mof [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\mt-MT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [21.37 Ko] - C:\WINDOWS\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [45.64 Ko] - C:\WINDOWS\System32\my-mm [MD5.74FDEEAC0C0C0F62F4D0D484A36DA23A] - |A| - [07/12/2019 11:08:44] - (.-.) - [30.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NarratorControlTemplates.xml [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [408.5 Ko] - C:\WINDOWS\System32\nb-NO [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [2176 Ko] - C:\WINDOWS\System32\NDF [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ne-NP [MD5.D52221684B1F280E46154817F19649C7] - |A| - [24/03/2018 13:12:31] - (.-.) - [979.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetSetupMig.log [MD5.C146E873B22C3B300B21A859FE66C27A] - |A| - [07/12/2019 11:09:48] - (.-.) - [21.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetTrace.PLA.Diagnostics.xml [MD5.0E2D5DA1C7A1A97E46172AC33AD354EC] - |A| - [07/12/2019 11:09:48] - (.-.) - [70.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nettraceex.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [51 Ko] - C:\WINDOWS\System32\networklist [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [436.5 Ko] - C:\WINDOWS\System32\nl-NL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\nn-NO [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\nso-ZA [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [3781.5 Ko] - C:\WINDOWS\System32\Nui [MD5.E6AFEC5BD0D309524A8C91080FD8C6FA] - |A| - [30/04/2021 20:18:48] - (.-.) - [85.12 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvinfo.pb [MD5.7770E2BF9C2B69C3BB599179617965A4] - |A| - [30/04/2021 20:18:48] - (.-.) - [698.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvofapi64.dll [MD5.D55B689DF6269B40E170EAFBCC0C34C4] - |A| - [07/12/2019 16:53:51] - (.-.) - [20.42 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OEMDefaultAssociations.xml [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-black.png [MD5.BFE1CCA08FEFC8A3422F7DA615567D75] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-white.png [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [26081.87 Ko] - C:\WINDOWS\System32\oobe [MD5.663A319D105E14548DBA4C72201876B1] - |A| - [16/04/2020 19:04:29] - (.Copyright (C) 2000-2006 - Standard OpenAL(TM) Implementation.) - [106.59 Ko] - (6.14.357.25) - C:\WINDOWS\System32\openal32.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:51:31] - [5446.67 Ko] - C:\WINDOWS\System32\OpenSSH [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\or-IN [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [3.81 Ko] - C:\WINDOWS\System32\osa-Osge-001 [MD5.459FB33AA2114A28C5932FEAA115B072] - |A| - [07/12/2019 11:08:07] - (.-.) - [45.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OutdoorAudioEnvironment.bin [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\pa-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\pa-IN [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1743.23 Ko] - C:\WINDOWS\System32\PerceptionSimulation [MD5.BCD00CEDA959F8D7837ED3C5E88891BA] - |A| - [07/12/2019 11:17:25] - (.-.) - [131.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc009.dat [MD5.96496EEC65D1C70BDA513D51AF868986] - |A| - [07/12/2019 16:50:23] - (.-.) - [146.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc00C.dat [MD5.1E60BC5E525063B96078DF17FBD3C4E1] - |A| - [07/12/2019 11:17:25] - (.-.) - [32.64 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd009.dat [MD5.9F9AF8517189B0D61B2615007E071084] - |A| - [07/12/2019 16:50:23] - (.-.) - [39.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd00C.dat [MD5.8C317631F63CCBD7F20777E1324B82DC] - |A| - [07/12/2019 11:17:25] - (.-.) - [687.62 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh009.dat [MD5.055E2DD57C07164FDDE207C02023CD05] - |A| - [07/12/2019 16:50:23] - (.-.) - [773.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh00C.dat [MD5.E1492A683ED2FE07534504B2CF05624D] - |A| - [27/07/2020 00:10:07] - (.-.) - [1733.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PerfStringBackup.INI [MD5.79D34E3B62076D4C875C748F5BE71ECA] - |A| - [07/12/2019 11:08:05] - (.-.) - [2.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PhoneSystemToastIcon.contrast-white.png [MD5.4D9495349D00D9AD907F227FF51F289F] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.92 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PhoneSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [436 Ko] - C:\WINDOWS\System32\pl-PL [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [464.5 Ko] - C:\WINDOWS\System32\PointOfService [MD5.7700A1F5ECACFB07A92C5960448AFAB8] - |A| - [07/12/2019 11:08:28] - (.-.) - [43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\pospaymentsworker.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:50:21] - [969.13 Ko] - C:\WINDOWS\System32\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\System32\ProximityToast [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\prs-AF [MD5.007893E8374C766471239EB291BA8C17] - |A| - [07/12/2019 11:08:19] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\psmodulediscoveryprovider.mof [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [429.5 Ko] - C:\WINDOWS\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [432 Ko] - C:\WINDOWS\System32\pt-PT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\quc-Latn-GT [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\quz-PE [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [23.75 Ko] - C:\WINDOWS\System32\ras [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\System32\RasToast [MD5.CE281EAD88F106D2F87A70137DAC9829] - |A| - [06/11/2016 19:03:16] - (.Copyright © 2014 Razer Inc. All rights reserved - RazerCoinstaller.) - [83.16 Ko] - (0.0.0.5) - C:\WINDOWS\System32\RazerCoinstaller.dll [MD5.1CCB256CE262988EEAB04CC5C337DF35] - |A| - [07/12/2019 11:09:45] - (.-.) - [2315 Ko] - (1.0.1908.26001) - C:\WINDOWS\System32\rdpnano.dll [MD5.42577ED1BA5199ADD53E1186EC4E28A4] - |A| - [13/01/2021 02:48:50] - (.-.) - [72.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\rdsxvmaudio.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [2.17 Ko] - C:\WINDOWS\System32\Recovery [MD5.826549DF7B1333179BA8CA939B12DAD3] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RemoteSystemToastIcon.contrast-white.png [MD5.B4DEEC96F9DF6961D5DE054F11BF9C2B] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RemoteSystemToastIcon.png [MD5.19B5EEEC29F044451D5E8E89B1BE6F5E] - |A| - [07/12/2019 11:09:33] - (.-.) - [110.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResBParser.dll [MD5.31924C8E78CDBD81DA7905E87B185387] - |A| - [07/12/2019 11:09:54] - (.-.) - [9.35 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriHMImageList [MD5.5504F7F27D0AB178346D643D444A612C] - |A| - [07/12/2019 11:09:54] - (.-.) - [8.98 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriHMImageListLowCost [MD5.85CF16AF388AE12AAE3E48A883C17A06] - |A| - [07/12/2019 11:09:54] - (.-.) - [8.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriImageList [MD5.1391FB4E005C208A35E77DF6F3F055E2] - |A| - [07/12/2019 11:09:54] - (.-.) - [8.49 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriImageListLowCost [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-black.png [MD5.DF286186041C6BF73C5DC21CEEEFFED5] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-white.png [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.png [MD5.AE9FE55FED83149715734CB83339055A] - |A| - [07/12/2019 11:08:39] - (.-.) - [1.07 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartTonight_80.png [MD5.AE9FE55FED83149715734CB83339055A] - |A| - [07/12/2019 11:08:39] - (.-.) - [1.07 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartTonight_80_contrast-black.png [MD5.891AD355AB777A95695FC8A8A623A614] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.98 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartTonight_80_contrast-white.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.07 Ko] - C:\WINDOWS\System32\restore [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [352 Ko] - C:\WINDOWS\System32\ro-RO [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [427 Ko] - C:\WINDOWS\System32\ru-RU [MD5.E6EEEF05B6B5825BD325FDBB33439382] - |A| - [14/05/2021 03:31:58] - (.-.) - [59.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\runexehelper.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\rw-RW [MD5.4EE4F60D5DD3F439A5486982E31B5543] - |A| - [24/07/2019 07:37:30] - (.Copyright (c) 2011-2018 Razer Inc. - Razer Chroma SDK.) - [126.63 Ko] - (2.9.0.12) - C:\WINDOWS\System32\RzChromaSDK64.dll [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [08/05/2018 15:15:59] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RzSurroundVADAudioDeviceManager_log.txt [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [07/12/2019 11:10:32] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScavengeSpace.xml [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-black.png [MD5.E72B1B6800DE45AA9AE7E10F899E5999] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-white.png [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\sd-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [4.85 Ko] - C:\WINDOWS\System32\SecureBootUpdates [MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |A| - [07/12/2019 11:08:41] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\settings.dat [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [78.59 Ko] - C:\WINDOWS\System32\Sgrm [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1839 Ko] - C:\WINDOWS\System32\ShellExperiences [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [23.7 Ko] - C:\WINDOWS\System32\si-lk [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [341 Ko] - C:\WINDOWS\System32\sk-SK [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [337.5 Ko] - C:\WINDOWS\System32\sl-SI [MD5.00000000000000000000000000000000] - |D| - [26/07/2020 23:58:56] - [200568.65 Ko] - C:\WINDOWS\System32\SleepStudy [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:50:21] - [98.06 Ko] - C:\WINDOWS\System32\slmgr [MD5.DAC275ABAAD2B689D7BB3685E4032072] - |A| - [07/12/2019 11:08:07] - (.-.) - [68.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SmallRoom.bin [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:03:44] - [13385.02 Ko] - C:\WINDOWS\System32\SMI [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-black.png [MD5.E30B7D226E7B5B0EC2B9FC2316694ECC] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-white.png [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.png [MD5.DE3EAAF17BC934C77C4FC0C626EEA03B] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.48 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpeakersSystemToastIcon.contrast-white.png [MD5.3308374DB8D20CFDA4D4204E2B5E559E] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpeakersSystemToastIcon.png [MD5.6DB032025BD266E5A3A52259F57F9247] - |A| - [07/12/2019 11:09:51] - (.-.) - [40 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpectrumSyncClient.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [7747.8 Ko] - C:\WINDOWS\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [12692.73 Ko] - C:\WINDOWS\System32\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [117163.85 Ko] - C:\WINDOWS\System32\spool [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [16200.82 Ko] - C:\WINDOWS\System32\spp [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [23.6 Ko] - C:\WINDOWS\System32\sppui [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\sq-AL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\sr-Cyrl-BA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\sr-Cyrl-RS [MD5.00000000000000000000000000000000] - |D| - [31/07/2015 00:42:06] - [0 Ko] - C:\WINDOWS\System32\sr-Latn-CS [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [339 Ko] - C:\WINDOWS\System32\sr-Latn-RS [MD5.BA7D4E5FAE64BD0403C7F7E91CD93F77] - |A| - [07/12/2019 11:09:54] - (.-.) - [11.03 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms-apr-v.dat [MD5.DC9450258D80F46AEF8EF063A7C629B0] - |A| - [07/12/2019 11:09:54] - (.-.) - [19.03 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms-apr.dat [MD5.67894C70461ABD4EF6C116637EBB218A] - |A| - [07/12/2019 11:09:45] - (.-.) - [58.16 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms.dat [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [96472 Ko] - C:\WINDOWS\System32\sru [MD5.862E9C75593E9BB1A90961975276F7FE] - |A| - [13/01/2021 02:48:49] - (.-.) - [444.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ssdm.dll [MD5.AD7E91250A27EDA87F109BD94050CC2B] - |A| - [19/05/2020 03:36:34] - (.Copyright © 1998-2005 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. - OpenSSL Shared Library.) - [268.5 Ko] - (1.0.2.11) - C:\WINDOWS\System32\ssleay32.dll [MD5.00000000000000000000000000000000] - |D| - [13/06/2018 18:19:40] - [161.5 Ko] - C:\WINDOWS\System32\STRING [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [415 Ko] - C:\WINDOWS\System32\sv-SE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\sw-KE [MD5.20C4FE2B130D9F0C92D7629E71AFBB66] - |A| - [07/12/2019 11:10:18] - (.-.) - [1.68 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SyncAppvPublishingServer.vbs [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1427.24 Ko] - C:\WINDOWS\System32\Sysprep [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [945.78 Ko] - C:\WINDOWS\System32\SystemResetPlatform [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [10.73 Ko] - C:\WINDOWS\System32\ta-in [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [10.73 Ko] - C:\WINDOWS\System32\ta-lk [MD5.4D188B08E9274E1360062B22E88A2F3F] - |A| - [07/12/2019 11:09:34] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [52 Ko] - (3.3.2.0) - C:\WINDOWS\System32\tar.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [779.73 Ko] - C:\WINDOWS\System32\Tasks [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [750.39 Ko] - C:\WINDOWS\System32\Tasks_Migrated [MD5.D602CA245CC6774A0981B607F0675609] - |A| - [07/12/2019 11:09:05] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\tcpmon.ini [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\te-IN [MD5.911465F081B49450A5E2671A3A7951D1] - |A| - [13/01/2021 02:49:02] - (.-.) - [2208 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TextInputMethodFormatter.dll [MD5.74B20E14C597763501A603ED2DA2AD65] - |A| - [13/03/2021 00:08:17] - (.-.) - [690.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TextShaping.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\tg-Cyrl-TJ [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [318.5 Ko] - C:\WINDOWS\System32\th-TH [MD5.CF7677327BE3C6395B9F3333CC0F1C15] - |A| - [11/12/2020 12:20:07] - (.-.) - [1.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ThirdPartyNoticesBySHS.txt [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5.97 Ko] - C:\WINDOWS\System32\ti-et [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\tk-TM [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\tn-ZA [MD5.8F62B9FD83E2B04251560B55760F32E2] - |A| - [07/12/2019 11:08:13] - (.-.) - [266 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TpmTool.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [398.5 Ko] - C:\WINDOWS\System32\tr-TR [MD5.B88B8D017386A00D7724519F475317A0] - |A| - [07/12/2019 11:08:13] - (.-.) - [10.33 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlan.xslt [MD5.2F05390B798363D51EBE65D6320CD45E] - |A| - [07/12/2019 11:08:13] - (.-.) - [1.65 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlanCredentials.xslt [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\tt-RU [MD5.D200497DD3A24F138123F0EB6C385D1D] - |A| - [07/12/2019 11:10:19] - (.-.) - [0.14 Ko] - (0.0.0.0) - C:\WINDOWS\System32\UevAppMonitor.exe.config [MD5.4AAEE8D86EC81DA2A1514ABC77E71F57] - |A| - [07/12/2019 11:10:19] - (.-.) - [3.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\UevCustomActionTypes.tlb [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ug-CN [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [337 Ko] - C:\WINDOWS\System32\uk-UA [MD5.8CDD866E0707A71952FBA8BE899B7512] - |A| - [26/10/2020 01:16:11] - (.-.) - [63.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\umpdc.dll [MD5.FDF110398716B944572C55785A8F21A6] - |A| - [23/04/2021 21:01:00] - (.Copyright (c) 2009. All Rights Reserved - UniFairy_x64 NT Driver.) - [808.73 Ko] - (1.2.6100.217) - C:\WINDOWS\System32\UniFairy.sys [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [2196.59 Ko] - C:\WINDOWS\System32\UNP [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\ur-PK [MD5.8ADD5935D83D0A425C39E369520C4095] - |A| - [07/12/2019 11:08:37] - (.-.) - [48 Ko] - (0.0.0.0) - C:\WINDOWS\System32\UsbPmApi.dll [MD5.46A6DF60907700A148D42CCF1219522E] - |A| - [07/12/2019 11:08:39] - (.-.) - [38.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\usocoreps.dll [MD5.8F2BB1C3E83DC8A2FEB8D00025F36CAE] - |A| - [14/05/2021 03:32:17] - (.-.) - [150 Ko] - (0.0.0.0) - C:\WINDOWS\System32\uwfcfgmgmt.dll [MD5.F10D7687066575AA6947720F4EDCCB2A] - |A| - [14/05/2021 03:32:17] - (.-.) - [153.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\uwfcsp.dll [MD5.C2C9BB5DD8F2A32DEE6CCA87447DDD67] - |A| - [07/12/2019 11:10:21] - (.-.) - [31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\uwfservicingapi.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\uz-Latn-UZ [MD5.83A083A42F97BCF3F8E016820178DDE2] - |A| - [12/02/2021 21:16:01] - (.Copyright © 1998, Voxware, Inc. - Voxware Audio Compression Manager Driver.) - [81 Ko] - (1.6.0.17) - C:\WINDOWS\System32\vct3216.acm [MD5.1E630731AFDFC63DEC4074301D342E4B] - |A| - [07/12/2019 11:08:09] - (.-.) - [36.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\VhfUm.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\vi-VN [MD5.A10725A4632FFFEAE250E09ADA553F94] - |A| - [13/01/2021 02:50:03] - (.-.) - [93.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\VirtualMonitorManager.dll [MD5.8137722F723D54C9E4A5E183237A2D6C] - |A| - [19/09/2018 04:16:36] - (.Copyright © 1998-2014 VMware, Inc. - VMware bridge notify DLL (64-bit).) - [79.19 Ko] - (4.2.3.0) - C:\WINDOWS\System32\vmnetbridge.dll [MD5.2AD149A9E61965FC543551FA49F98580] - |A| - [04/10/2018 15:12:22] - (.Copyright © 1998-2014 VMware, Inc. - VMware network adapter install library (64-bit version).) - [48.69 Ko] - (4.2.3.0) - C:\WINDOWS\System32\vnetinst.dll [MD5.13B57E9E4575F5F6E36730D420467236] - |A| - [04/10/2018 15:12:21] - (.Copyright © 1998-2016 VMware, Inc. - VMware network install library.) - [912.19 Ko] - (12.1.1.6932) - C:\WINDOWS\System32\vnetlib64.dll [MD5.FAC0D5B16EFA7376CA81047490187D0D] - |A| - [12/02/2021 21:16:01] - (.Copyright © 2000-3 ON2 Technologies - VP6 VIDEO FOR WINDOWS CODEC.) - [428 Ko] - (6.4.2.0) - C:\WINDOWS\System32\vp6vfw.dll [MD5.7471330D863E302A97ACE7D2F7FB2684] - |A| - [01/07/2019 23:59:35] - (.Copyright (C) 2012-2020 SoftEther VPN Project. - SoftEther VPN.) - [140.3 Ko] - (4.34.0.9745) - C:\WINDOWS\System32\vpncmd.exe [MD5.C2C107802DA78B2152141044741CE01C] - |A| - [04/10/2018 15:12:35] - (.Copyright © 1998-2018 VMware, Inc. - VSockets Library.) - [45.38 Ko] - (9.8.12.0) - C:\WINDOWS\System32\vsocklib.dll [MD5.5450A69087D2F6955A253CB2BF86503C] - |A| - [09/12/2017 00:24:44] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [906.8 Ko] - (1.0.65.1) - C:\WINDOWS\System32\vulkan-1-1-0-65-1.dll [MD5.7312181C448D66DDDC3D27E43A8DB279] - |A| - [30/04/2021 20:18:49] - (.Copyright (C) 2015-2020 - Vulkan Loader.) - [1069.22 Ko] - (1.2.162.0) - C:\WINDOWS\System32\vulkan-1-999-0-0-0.dll [MD5.7312181C448D66DDDC3D27E43A8DB279] - |A| - [30/04/2021 20:18:49] - (.Copyright (C) 2015-2020 - Vulkan Loader.) - [1069.22 Ko] - (1.2.162.0) - C:\WINDOWS\System32\vulkan-1.dll [MD5.95253BF8F996BEA19BFA974F61277E87] - |A| - [09/12/2017 00:24:32] - (.-.) - [577.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\vulkaninfo-1-1-0-65-1.exe [MD5.C5667E286E6151DC246B14099583D69A] - |A| - [30/04/2021 20:18:49] - (.Copyright (C) 2015-2020 - Vulkan Info.) - [1811.71 Ko] - (1.2.162.0) - C:\WINDOWS\System32\vulkaninfo-1-999-0-0-0.exe [MD5.C5667E286E6151DC246B14099583D69A] - |A| - [30/04/2021 20:18:49] - (.Copyright (C) 2015-2020 - Vulkan Info.) - [1811.71 Ko] - (1.2.162.0) - C:\WINDOWS\System32\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [202425.22 Ko] - C:\WINDOWS\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:50:22] - [0 Ko] - C:\WINDOWS\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [109041.06 Ko] - C:\WINDOWS\System32\WDI [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [07/12/2019 11:08:46] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WdsUnattendTemplate.xml [MD5.00000000000000000000000000000000] - |D| - [31/07/2015 00:42:06] - [0 Ko] - C:\WINDOWS\System32\wfp [MD5.39B36FC36B577FDD2CDCDDD1C6D1D422] - |A| - [10/09/2015 07:58:39] - (.-.) - [15.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WIN-QRM73VC4CP6_Administrator_HistoryPrediction.bin [MD5.1D64ACF3675288CC086E6361EAC748C4] - |A| - [07/12/2019 11:08:52] - (.-.) - [144.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Win32AppSettingsProvider.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1688.66 Ko] - C:\WINDOWS\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [50263.29 Ko] - C:\WINDOWS\System32\WinBioPlugIns [MD5.0F3E3F74BDEE538D4A2E38C297EBEA9D] - |A| - [13/01/2021 02:49:04] - (.-.) - [628 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WindowManagementAPI.dll [MD5.63CA1C622CC1F4B2520E61BB393C718A] - |A| - [28/04/2021 20:57:17] - (.Copyright © 2021 - Java(TM) Platform SE binary.) - [187.28 Ko] - (8.0.2910.10) - C:\WINDOWS\System32\WindowsAccessBridge-64.dll [MD5.E9CA21D71E952448B75C45B2467E4DE7] - |A| - [07/12/2019 11:08:27] - (.-.) - [123 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |RSD| - [27/07/2020 00:49:26] - [638.69 Ko] - C:\WINDOWS\System32\WindowsDevicePortal [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [12449.98 Ko] - C:\WINDOWS\System32\WindowsPowerShell [MD5.28E98ED0B6B08B7F1D163FFD184B28AF] - |A| - [07/12/2019 11:08:41] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WindowsSecurityIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [316396 Ko] - C:\WINDOWS\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [6278.84 Ko] - C:\WINDOWS\System32\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:50:22] - [207.67 Ko] - C:\WINDOWS\System32\winrm [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\wo-SN [MD5.1B46E2E85D401A629966A8F62D9B0775] - |A| - [07/12/2019 11:08:12] - (.-.) - [9.91 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpcatltoast.png [MD5.C30C621748C66CE751B19B2788559A3E] - |A| - [07/12/2019 11:08:12] - (.-.) - [4.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpcmon.png [MD5.69FEC1494F4C454E994D27CA6750832B] - |A| - [07/12/2019 11:08:49] - (.-.) - [0.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpr.config.xml [MD5.DB08CF76449D2EB521DFB71A58DAF62D] - |A| - [16/04/2020 19:04:29] - (.Copyright © 2008 - OpenAL32.) - [434.59 Ko] - (2.2.0.7) - C:\WINDOWS\System32\wrap_oal.dll [MD5.BC1F19DFEF56D14AE742CE46951F83A2] - |A| - [29/06/2018 03:13:27] - (.Copyright (C) 2003-2017 x264vfw project - x264vfw - H.264/MPEG-4 AVC codec.) - [3710.5 Ko] - (44.2851.44825.0) - C:\WINDOWS\System32\x264vfw64.dll [MD5.C8A7EAA0B83E05DDD11F37A833F754AC] - |A| - [07/12/2019 11:08:21] - (.-.) - [83 Ko] - (0.0.0.0) - C:\WINDOWS\System32\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\xh-ZA [MD5.0A992EA04445D8F0CD93201C7EF77A51] - |A| - [13/11/2020 00:12:14] - (.-.) - [168 Ko] - (0.0.0.0) - C:\WINDOWS\System32\xvid.ax [MD5.124A2BF9B1F0584DCE12E8FDAFFCB1A0] - |A| - [13/11/2020 00:12:15] - (.-.) - [693.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\xvidcore.dll [MD5.04625DF947AA0B35339D0C6836273461] - |A| - [13/11/2020 00:12:15] - (.-.) - [245.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\xvidvfw.dll [MD5.F7B865265606C41B0E07779D3317E0A8] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.61 Ko] - (0.0.0.0) - C:\WINDOWS\System32\X_80.contrast-black.png [MD5.6FF92221AF9D6CDF0966C4E44C367975] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.57 Ko] - (0.0.0.0) - C:\WINDOWS\System32\X_80.contrast-white.png [MD5.F7B865265606C41B0E07779D3317E0A8] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.61 Ko] - (0.0.0.0) - C:\WINDOWS\System32\X_80.png [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\yo-NG [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [291.99 Ko] - C:\WINDOWS\System32\zh-CN [MD5.00000000000000000000000000000000] - |D| - [31/07/2015 00:42:06] - [0 Ko] - C:\WINDOWS\System32\zh-HK [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [262 Ko] - C:\WINDOWS\System32\zh-TW [MD5.B8A9E91134E7C89440A0F95470D5E47B] - |A| - [19/05/2020 03:36:34] - (.(C) 1995-2013 Jean-loup Gailly & Mark Adler - zlib data compression library.) - [105 Ko] - (1.2.8.0) - C:\WINDOWS\System32\zlib1.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\System32\zu-ZA [MD5.5C5A797761421CF9B72087F3BC8A5259] - |A| - [07/04/2020 19:05:19] - (.-.) - [0.18 Ko] - (0.0.0.0) - C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat [MD5.1373F6562D5E4C715D5D3583E350093E] - |A| - [07/04/2020 19:05:19] - (.-.) - [0.2 Ko] - (0.0.0.0) - C:\WINDOWS\System32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat [MD5.9875D5A1B67C80432B8A7FD7EAA05CD3] - |A| - [04/10/2018 15:12:04] - (.-.) - [1 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\%TMP% [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:50:22] - [0 Ko] - C:\WINDOWS\SysWOW64\0409 [MD5.D6F8DD9F561B8A67FFAC2BAD7E989770] - |A| - [07/12/2019 11:09:21] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@AppHelpToast.png [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [07/12/2019 11:09:21] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@AudioToastIcon.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [07/12/2019 11:09:26] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@EnrollmentToastIcon.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [07/12/2019 11:09:32] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@VpnToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [07/12/2019 11:09:15] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@WirelessDisplayToast.png [MD5.FC726DD94F4DD4028A976FCC4DBF0C43] - |A| - [29/06/2018 03:13:27] - (.Copyright © 2003-2012 by fccHandler - AC-3 ACM Codec.) - [120 Ko] - (2.2.0.0) - C:\WINDOWS\SysWOW64\ac3acm.acm [MD5.F76E1461807291997B309BF34CCC59E2] - |A| - [11/11/2019 02:46:21] - (.Copyright c 2002-2007 by Alexander Vigovsky - ac3filter.) - [660 Ko] - (1.3.1.0) - C:\WINDOWS\SysWOW64\ac3filter.ax [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1864.83 Ko] - C:\WINDOWS\SysWOW64\AdvancedInstallers [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\af-ZA [MD5.E556115BD4E751178310F842E457CA22] - |A| - [11/12/2020 12:20:13] - (.-.) - [10.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\am-ET [MD5.D0C50C113FE59C21AD59932E6B9C202F] - |A| - [16/05/2021 15:12:56] - (.-.) - [37.42 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ampa.sys [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\AppLocker [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [174 Ko] - C:\WINDOWS\SysWOW64\ar-SA [MD5.DDE41441FE1A8A540354DA849E3FBC79] - |A| - [07/12/2019 11:09:57] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [519.5 Ko] - (3.3.2.0) - C:\WINDOWS\SysWOW64\archiveint.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\as-IN [MD5.8128B54EAA48F9C06B19A86C87752996] - |A| - [23/03/2018 10:46:36] - (.Copyright (C) 2010 - AsIO DLL.) - [28 Ko] - (1.0.0.4) - C:\WINDOWS\SysWOW64\AsIO.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\az-Latn-AZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\be-BY [MD5.00000000000000000000000000000000] - |D| - [27/07/2020 00:45:35] - [14.04 Ko] - C:\WINDOWS\SysWOW64\BestPractices [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [147.5 Ko] - C:\WINDOWS\SysWOW64\bg-BG [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\bn-BD [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\bn-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\bs-Latn-BA [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.1 Ko] - C:\WINDOWS\SysWOW64\Bthprops [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ca-ES [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ca-ES-valencia [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\catroot [MD5.57741342CB514072D26EF56B9EF95C86] - |A| - [02/09/2016 15:13:20] - (.Copyright 1999 - 2007 - CDDBControl Core Module.) - [777.49 Ko] - (2.5.0.104) - C:\WINDOWS\SysWOW64\CDDBControl.dll [MD5.99A44759C589DF319376B29724DFBAEB] - |A| - [02/09/2016 15:13:20] - (.Copyright © 2003-2007 - CddbLangDE.) - [101.49 Ko] - (2.5.0.104) - C:\WINDOWS\SysWOW64\CddbLangDE.dll [MD5.889293D30D3F7A459EA4C00FAF006B1B] - |A| - [02/09/2016 15:13:20] - (.Copyright © 2003-2007 - CddbLangES.) - [101.49 Ko] - (2.5.0.104) - C:\WINDOWS\SysWOW64\CddbLangES.dll [MD5.C69B5427BCCA7BD1ABEE933B9CD41989] - |A| - [02/09/2016 15:13:20] - (.Copyright © 2003-2007 - CddbLangFR.) - [101.49 Ko] - (2.5.0.104) - C:\WINDOWS\SysWOW64\CddbLangFR.dll [MD5.1E4ADA579CF04AAE901F14970604078E] - |A| - [02/09/2016 15:13:20] - (.Copyright © 2003-2007 - CddbLangJA.) - [81.49 Ko] - (2.5.0.104) - C:\WINDOWS\SysWOW64\CddbLangJA.dll [MD5.CDF4D8D1717F22F9BD5DFA9E44842757] - |A| - [02/09/2016 15:13:20] - (.Copyright © 2003-2007 - CddbLangRU.) - [165.49 Ko] - (2.5.0.104) - C:\WINDOWS\SysWOW64\CddbLangRU.dll [MD5.F525176D64D23A4C4B27DD6BCCD96F4E] - |A| - [02/09/2016 15:13:20] - (.Copyright 2001 - 2007 - CDDBUIControl Module.) - [789.49 Ko] - (2.5.0.104) - C:\WINDOWS\SysWOW64\CDDBUI.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\chr-CHER-US [MD5.1F562AEEF82F43257FEF70035D6AF1F9] - |A| - [13/06/2018 18:19:52] - (.-.) - [87 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CNC178AD.TBL [MD5.BDB23D5C5B7640F6DA0FDD8D68E0064A] - |A| - [13/06/2018 18:19:52] - (.Copyright CANON INC. 2014 - LLD.) - [345.5 Ko] - (1.0.0.0) - C:\WINDOWS\SysWOW64\CNC_CTL.dll [MD5.D16CF34B17899F90A8FCF2A3F77B4A27] - |A| - [13/06/2018 18:19:52] - (.Copyright CANON INC. 2007-2008 All Rights Reserved - Canon Device Dependent Informations for Scanner Library.) - [15.5 Ko] - (1.4.1.1) - C:\WINDOWS\SysWOW64\CNHMCA.dll [MD5.2D50232613CF16202A8DDFDFE391F6D0] - |A| - [13/06/2018 18:19:40] - (.Copyright CANON INC. 2003-2015 - Canon IJ Network 32bit comm Module.) - [372 Ko] - (3.7.0.90) - C:\WINDOWS\SysWOW64\CNMNPPM.DLL [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [321.5 Ko] - C:\WINDOWS\SysWOW64\Com [MD5.6545DE4EF5217AA2FFC7FFD27725A971] - |A| - [11/12/2020 12:20:13] - (.-.) - [235 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CoreMas.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [206 Ko] - C:\WINDOWS\SysWOW64\cs-CZ [MD5.4329254E74AD91D047E3CEDCC7C138C3] - |A| - [07/12/2019 11:09:57] - (.© 1996 - 2017 Daniel Stenberg, . - The curl executable.) - [377.5 Ko] - (7.55.1.0) - C:\WINDOWS\SysWOW64\curl.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\cy-GB [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [207 Ko] - C:\WINDOWS\SysWOW64\da-DK [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [229 Ko] - C:\WINDOWS\SysWOW64\de-DE [MD5.F27AF652E37010C6C9BCF2FA8369437B] - |A| - [21/08/2019 22:27:52] - (.-.) - [1.46 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\debug.log [MD5.C1684AACAAD62889ACFCA988AA46562D] - |A| - [07/12/2019 11:09:15] - (.-.) - [28.83 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\DefaultAccountTile.png [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [188 Ko] - C:\WINDOWS\SysWOW64\DiagSvcs [MD5.00000000000000000000000000000000] - |D| - [13/01/2021 00:08:18] - [0 Ko] - C:\WINDOWS\SysWOW64\directx [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [7860.54 Ko] - C:\WINDOWS\SysWOW64\Dism [MD5.49663CFE390597A595C17B9B86B5EE8A] - |A| - [27/04/2007 10:43:58] - (.-.) - [117.38 Ko] - (3.7.0.12) - C:\WINDOWS\SysWOW64\DLLDEV32i.dll [MD5.0902754B4F3041FD31673CB63B34012D] - |A| - [02/07/2020 11:10:47] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\dllhost.exe.config [MD5.0554D656B9DCAE7E3DA72659DFACB67A] - |A| - [29/06/2018 03:13:27] - (.Copyright © 2002-2013 - ffdshow VFW.) - [109.5 Ko] - (1.3.4533.0) - C:\WINDOWS\SysWOW64\ff_vfw.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [208 Ko] - C:\WINDOWS\SysWOW64\fi-FI [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\fil-PH [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:50:22] - [3150 Ko] - C:\WINDOWS\SysWOW64\fr [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [153.5 Ko] - C:\WINDOWS\SysWOW64\fr-CA [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [9184.26 Ko] - C:\WINDOWS\SysWOW64\fr-FR [MD5.7F9B18A31938D9F80C6210736D34922C] - |A| - [30/10/2020 07:25:29] - (.-.) - [63.36 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\FvSDK_x86.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:51:43] - [0 Ko] - C:\WINDOWS\SysWOW64\FxsTmp [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ga-IE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\gd-GB [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\gl-ES [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicyUsers [MD5.019A6D1D79DC95E2AF598624CC40ACB6] - |A| - [11/11/2019 02:56:07] - (.2005-2014 - Generic Service.) - [434.22 Ko] - (3.0.4.0) - C:\WINDOWS\SysWOW64\GSService.exe [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\gu-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ha-Latn-NG [MD5.DF0C9C776F8367E213210FB256AC30EC] - |A| - [13/01/2021 02:49:27] - (.-.) - [230 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\hi-IN [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [142.5 Ko] - C:\WINDOWS\SysWOW64\hr-HR [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [212.5 Ko] - C:\WINDOWS\SysWOW64\hu-HU [MD5.AD15BB3A8973A1118386B87289E22322] - |A| - [13/01/2021 02:50:00] - (.-.) - [99.32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\HvsiManagementApi.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\hy-AM [MD5.60AFBD58F9DFAF558003BD13E60F6BB3] - |A| - [11/11/2019 02:46:22] - (.Copyright (C) 1999-2003 - LGPLed libiconv for Windows NT/2000/XP and Windows 95/98/ME.) - [872 Ko] - (1.9.0.0) - C:\WINDOWS\SysWOW64\iconv.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [36.27 Ko] - C:\WINDOWS\SysWOW64\icsxml [MD5.8DFBAF2E92AAC3D4D94EE60406230ED5] - |RA| - [07/12/2019 11:09:18] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Combined Library.) - [1820.5 Ko] - (64.2.0.0) - C:\WINDOWS\SysWOW64\icu.dll [MD5.FB475B41189AACF1C607C1E9DC0EBB0B] - |RA| - [07/12/2019 11:09:18] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N Forwarder DLL.) - [24 Ko] - (64.2.0.0) - C:\WINDOWS\SysWOW64\icuin.dll [MD5.B17445D0DF2C22C924899B5DF8E84475] - |RA| - [07/12/2019 11:09:18] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common Forwarder DLL.) - [28.5 Ko] - (64.2.0.0) - C:\WINDOWS\SysWOW64\icuuc.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\id-ID [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ig-NG [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [21642.16 Ko] - C:\WINDOWS\SysWOW64\IME [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\inetsrv [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [215 Ko] - C:\WINDOWS\SysWOW64\InputMethod [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1160 Ko] - C:\WINDOWS\SysWOW64\InstallShield [MD5.FA425C74CE2EB719B2A77A7A2ADDAE32] - |A| - [29/06/2018 03:13:27] - (.Copyright © 2011 - Lagarith.) - [211 Ko] - (1.3.27.0) - C:\WINDOWS\SysWOW64\lagarith.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\lb-LU [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [625.17 Ko] - C:\WINDOWS\SysWOW64\Licenses [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\lo-LA [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\LogFiles [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [145.5 Ko] - C:\WINDOWS\SysWOW64\lt-LT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [142 Ko] - C:\WINDOWS\SysWOW64\lv-LV [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [25782.26 Ko] - C:\WINDOWS\SysWOW64\Macromed [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:52:40] - [32.68 Ko] - C:\WINDOWS\SysWOW64\MailContactsCalendarSync [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\mi-NZ [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [2825.59 Ko] - C:\WINDOWS\SysWOW64\migration [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [816.8 Ko] - C:\WINDOWS\SysWOW64\migwiz [MD5.08749DCC252AE1148E3BEA32B3FFFBFC] - |A| - [07/12/2019 11:10:14] - (.-.) - [0.11 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\MixedRealityRuntime.json [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\mk-MK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ml-IN [MD5.C8BF077B236ED2803347BD95DE29BF68] - |A| - [07/12/2019 11:15:00] - (.-.) - [3.03 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\mmc.exe.config [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\mn-MN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\mr-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ms-MY [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [45.5 Ko] - C:\WINDOWS\SysWOW64\MSDRM [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [52.28 Ko] - C:\WINDOWS\SysWOW64\Msdtc [MD5.18403DE4979A328F21279DECB2E4298F] - |A| - [07/12/2019 11:10:08] - (.-.) - [3.32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\msmqpub.mof [MD5.E0640DE5407EEE4C6E16D839243B71F9] - |A| - [07/12/2019 11:10:08] - (.-.) - [8.88 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\msmqtrc.mof [MD5.3ED9AC3EE11EE2C16E2E41F0DC4BAD42] - |A| - [07/12/2019 11:10:08] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\msmqtrcRemove.mof [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\mt-MT [MD5.B9966F800D2A3A1522B1825077785C40] - |A| - [16/04/2020 18:10:00] - (.Copyright (c) 2015 Micro-Star INT'L CO.,LTD. - Windows Host Process.) - [1653.16 Ko] - (1.0.0.1) - C:\WINDOWS\SysWOW64\muachost.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [21.37 Ko] - C:\WINDOWS\SysWOW64\MUI [MD5.816A781E36CF3614CE74B72F1C188DAC] - |A| - [24/12/2018 14:50:16] - (.-.) - [0.65 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\nativelog.txt [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [205.5 Ko] - C:\WINDOWS\SysWOW64\nb-NO [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\NDF [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ne-NP [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [51 Ko] - C:\WINDOWS\SysWOW64\networklist [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [215.5 Ko] - C:\WINDOWS\SysWOW64\nl-NL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\nn-NO [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\nso-ZA [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [3781.5 Ko] - C:\WINDOWS\SysWOW64\Nui [MD5.ED1BF4E3E7B0269B67B8D2E8A8326041] - |A| - [30/04/2021 20:18:48] - (.-.) - [562.27 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\nvofapi.dll [MD5.B3B9C8925432FDA674ACCA908FE3CFDE] - |A| - [07/12/2019 11:10:14] - (.-.) - [36.79 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\OneDrive.ico [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [764.33 Ko] - C:\WINDOWS\SysWOW64\oobe [MD5.235355A8DD26903E75D5E812ECF50E53] - |A| - [16/04/2020 19:04:29] - (.Copyright (C) 2000-2006 - Standard OpenAL(TM) Implementation.) - [106.52 Ko] - (6.14.357.24) - C:\WINDOWS\SysWOW64\OpenAL32.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\or-IN [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\pa-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\pa-IN [MD5.8240EDCD8C2498240411AF51F04E4505] - |A| - [07/09/2019 18:38:29] - (.-.) - [3151.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\pbsvc.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [79.5 Ko] - C:\WINDOWS\SysWOW64\PerceptionSimulation [MD5.664B3A2B852743B20A4DFA5A300B2533] - |A| - [04/10/2018 15:11:59] - (.-.) - [1752.94 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\PerfStringBackup.INI [MD5.3A2E85F7D90D15460C337CE80C2E3B29] - |A| - [07/09/2019 18:38:29] - (.-.) - [75.09 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\PnkBstrA.exe [MD5.B393797C7D28A589267EBDECC7B23300] - |A| - [07/09/2019 18:38:30] - (.-.) - [291.05 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\PnkBstrB.ex0 [MD5.B393797C7D28A589267EBDECC7B23300] - |A| - [07/09/2019 18:38:30] - (.-.) - [291.05 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\PnkBstrB.exe [MD5.B393797C7D28A589267EBDECC7B23300] - |A| - [07/09/2019 18:39:01] - (.-.) - [291.05 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\PnkBstrB.xtr [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:50:22] - [974.02 Ko] - C:\WINDOWS\SysWOW64\Printing_Admin_Scripts [MD5.1A1AE105DA02C5EB444DB55F928DCE0C] - |A| - [07/08/2019 17:58:10] - (.-.) - [18.32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\QQVistaHelper.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\quc-Latn-GT [MD5.A142DF8B5D6A08765F6F3C2E7668F826] - |A| - [24/03/2017 05:06:30] - (.Copyright © 2017 Razer Inc. All rights reserved - Razer Audio Manager.) - [633.46 Ko] - (1.0.55.1) - C:\WINDOWS\SysWOW64\rzaudiodll.dll [MD5.EEBA3EF5AC3E9F9D140FEE0405A8C44F] - |A| - [31/01/2017 08:05:18] - (.Copyright © 2017 Razer Inc. All rights reserved - Razer RzBtle Manager.) - [96.96 Ko] - (1.0.54.0) - C:\WINDOWS\SysWOW64\RzBTLE.dll [MD5.253B75E2076352A3C17AB0FFB2C1EED9] - |A| - [24/07/2019 07:37:30] - (.Copyright (c) 2011-2018 Razer Inc. - Razer Chroma SDK.) - [108.63 Ko] - (2.9.0.12) - C:\WINDOWS\SysWOW64\RzChromaSDK.dll [MD5.2B26BBA2F4F39D13247776D56BDFCA7F] - |A| - [17/02/2017 09:53:46] - (.Copyright © 2017 Razer Inc. All rights reserved - Razer RzDeviceDLL Manager.) - [1465.96 Ko] - (1.0.54.2) - C:\WINDOWS\SysWOW64\rzdevicedll.dll [MD5.FBEB5A1B7DC7D151EA594DCABECB2D82] - |A| - [31/01/2017 08:05:18] - (.Copyright © 2017 Razer Inc. All rights reserved - Razer RzDeviceDLL Manager.) - [95.96 Ko] - (1.0.54.0) - C:\WINDOWS\SysWOW64\rzdevinfo.dll [MD5.9777AF9E9F0D2AF6AE62EAF055979AB1] - |A| - [31/01/2017 08:05:18] - (.Copyright © 2017 Razer Inc. All rights reserved - Razer RzDisplayDLL Manager.) - [120.46 Ko] - (1.0.54.0) - C:\WINDOWS\SysWOW64\rzdisplaydll.dll [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [08/05/2018 15:15:59] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\RzSurroundVADAudioDeviceManager_log.txt [MD5.9BAF56BC315229110E9F0D14C2C2A3D2] - |A| - [31/01/2017 08:05:20] - (.Copyright © 2017 Razer Inc. All rights reserved - Razer RzTouchDll.) - [158.46 Ko] - (1.0.54.0) - C:\WINDOWS\SysWOW64\rztouchdll.dll [MD5.4E1F309FF550BF0A083608480D6C97DE] - |A| - [03/03/2017 04:44:14] - (.Copyright © 2017 Razer Inc. All rights reserved - Razer RzVirtualDev Manager.) - [128.96 Ko] - (1.0.54.3) - C:\WINDOWS\SysWOW64\rzvirtualdev.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\sd-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\si-LK [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [143.5 Ko] - C:\WINDOWS\SysWOW64\sk-SK [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [143 Ko] - C:\WINDOWS\SysWOW64\sl-SI [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:50:22] - [98.06 Ko] - C:\WINDOWS\SysWOW64\slmgr [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\SMI [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [4078.32 Ko] - C:\WINDOWS\SysWOW64\Speech [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [8913.72 Ko] - C:\WINDOWS\SysWOW64\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1939.64 Ko] - C:\WINDOWS\SysWOW64\spp [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [23.6 Ko] - C:\WINDOWS\SysWOW64\sppui [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\sq-AL [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\sr-Cyrl-BA [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\sr-Cyrl-RS [MD5.00000000000000000000000000000000] - |D| - [31/07/2015 00:42:06] - [0 Ko] - C:\WINDOWS\SysWOW64\sr-Latn-CS [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [142 Ko] - C:\WINDOWS\SysWOW64\sr-Latn-RS [MD5.BA7D4E5FAE64BD0403C7F7E91CD93F77] - |A| - [07/12/2019 11:10:05] - (.-.) - [11.03 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\srms-apr-v.dat [MD5.DC9450258D80F46AEF8EF063A7C629B0] - |A| - [07/12/2019 11:10:05] - (.-.) - [19.03 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\srms-apr.dat [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\sru [MD5.BDC53957962AFBEBE6A25EF941C261B3] - |A| - [13/01/2021 02:49:23] - (.-.) - [323 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [207.5 Ko] - C:\WINDOWS\SysWOW64\sv-SE [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\sw-KE [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:50:22] - [0 Ko] - C:\WINDOWS\SysWOW64\sysprep [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ta-IN [MD5.4B26D4CD5CD5F7B074E31793979F17C5] - |A| - [07/12/2019 11:09:57] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [42.5 Ko] - (3.3.2.0) - C:\WINDOWS\SysWOW64\tar.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\Tasks [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\te-IN [MD5.5C678F08A307A26636D2A00E49E76FF3] - |A| - [13/01/2021 02:49:29] - (.-.) - [1302.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll [MD5.9CEDDB7AB658F4AC4C4F1757098278C3] - |A| - [13/03/2021 00:08:35] - (.-.) - [597.61 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\TextShaping.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\tg-Cyrl-TJ [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [129 Ko] - C:\WINDOWS\SysWOW64\th-TH [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ti-ET [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\tk-TM [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\tn-ZA [MD5.321E99EF65F37E5F7DFC40D1E95684F5] - |A| - [07/12/2019 11:09:13] - (.-.) - [218.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\TpmTool.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [201 Ko] - C:\WINDOWS\SysWOW64\tr-TR [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\tt-RU [MD5.1C4DFF257563CCC9D1F146019895577D] - |A| - [25/04/2013 09:32:14] - (.Copyright (C) 1997 - 2012 TENCENT Inc. All Rights Reserved - ScreenCapture Control.) - [308 Ko] - (1.0.1.54) - C:\WINDOWS\SysWOW64\TXGYMailActiveX.dll [MD5.E5D8F83EDC36D89621BB93438444EF72] - |A| - [25/04/2013 09:31:52] - (.Copyright (C) 1998 - 2012 TENCENT Inc. All Rights Reserved - CameraDll DLL.) - [384 Ko] - (7.3.0.20) - C:\WINDOWS\SysWOW64\TXGYMailCamera.dll [MD5.01E96A85B337B702AE2BC7F838AE7B65] - |A| - [07/12/2019 11:10:22] - (.-.) - [3.34 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\UevCustomActionTypes.tlb [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ug-CN [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [145 Ko] - C:\WINDOWS\SysWOW64\uk-UA [MD5.7E0273A51BDD51DFB58F905C8F501061] - |A| - [26/10/2020 01:16:49] - (.-.) - [46.36 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\umpdc.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\ur-PK [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\uz-Latn-UZ [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\vi-VN [MD5.21189E3D6E45A0537D326E2A41A31936] - |A| - [04/10/2018 15:12:22] - (.Copyright © 1998-2016 VMware, Inc. - VMware NAT Service.) - [383.69 Ko] - (12.1.1.6932) - C:\WINDOWS\SysWOW64\vmnat.exe [MD5.D845AD2EF17354B85A9C2564EFCBE692] - |A| - [04/10/2018 15:12:26] - (.Copyright © 1998-2016 VMware, Inc. - VMware VMnet DHCP service.) - [349.69 Ko] - (12.1.1.6932) - C:\WINDOWS\SysWOW64\vmnetdhcp.exe [MD5.120F95A5235A4B744C6C6F47CB1BB51F] - |A| - [04/10/2018 15:12:35] - (.Copyright © 1998-2018 VMware, Inc. - VSockets Library.) - [41.38 Ko] - (9.8.12.0) - C:\WINDOWS\SysWOW64\vsocklib.dll [MD5.ECAD282D3035068CFB021D159C91B514] - |A| - [09/12/2017 00:25:12] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [779.8 Ko] - (1.0.65.1) - C:\WINDOWS\SysWOW64\vulkan-1-1-0-65-1.dll [MD5.F79774ABA83AA0E194FC23FB573B300D] - |A| - [30/04/2021 20:18:49] - (.Copyright (C) 2015-2020 - Vulkan Loader.) - [926.71 Ko] - (1.2.162.0) - C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll [MD5.F79774ABA83AA0E194FC23FB573B300D] - |A| - [30/04/2021 20:18:49] - (.Copyright (C) 2015-2020 - Vulkan Loader.) - [926.71 Ko] - (1.2.162.0) - C:\WINDOWS\SysWOW64\vulkan-1.dll [MD5.35065D5FFEFB6886F77AA6A7E5DF901B] - |A| - [09/12/2017 00:25:00] - (.-.) - [479.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-65-1.exe [MD5.352775F826A197B3C5EF7C733AE84FFB] - |A| - [30/04/2021 20:18:49] - (.Copyright (C) 2015-2020 - Vulkan Info.) - [1402.21 Ko] - (1.2.162.0) - C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe [MD5.352775F826A197B3C5EF7C733AE84FFB] - |A| - [30/04/2021 20:18:49] - (.Copyright (C) 2015-2020 - Vulkan Info.) - [1402.21 Ko] - (1.2.162.0) - C:\WINDOWS\SysWOW64\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [23418.21 Ko] - C:\WINDOWS\SysWOW64\wbem [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:50:22] - [0 Ko] - C:\WINDOWS\SysWOW64\WCN [MD5.7C4123BBFCDFB64C4FFE4872AB8B341E] - |A| - [13/01/2021 02:49:30] - (.-.) - [445 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\WindowManagementAPI.dll [MD5.BEDEDB102316C696D36F0D4331E1C2AE] - |A| - [07/12/2019 11:09:17] - (.-.) - [104.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |RSD| - [27/07/2020 00:49:26] - [0 Ko] - C:\WINDOWS\SysWOW64\WindowsDevicePortal [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [11105.12 Ko] - C:\WINDOWS\SysWOW64\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [6278.98 Ko] - C:\WINDOWS\SysWOW64\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:50:22] - [207.67 Ko] - C:\WINDOWS\SysWOW64\winrm [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\wo-SN [MD5.322D4F8DE36072729993E855CF240544] - |A| - [01/01/2020 13:01:00] - (.2002-2020 - Panoramic Images Screen Saver.) - [2030.5 Ko] - (12.1.1.1248) - C:\WINDOWS\SysWOW64\WPanorama.scr [MD5.D494267BC169604FAC5E3679B9A97FED] - |A| - [16/04/2020 19:04:29] - (.Copyright © 2008 - OpenAL32.) - [434.52 Ko] - (2.2.0.5) - C:\WINDOWS\SysWOW64\wrap_oal.dll [MD5.EEBA34D386EABA21DD998FEDC1A81D73] - |A| - [29/06/2018 03:13:27] - (.Copyright (C) 2003-2017 x264vfw project - x264vfw - H.264/MPEG-4 AVC codec.) - [3760 Ko] - (44.2851.44825.0) - C:\WINDOWS\SysWOW64\x264vfw.dll [MD5.7A015A6F199516A06C5AFB56FEE7AC51] - |A| - [07/12/2019 11:09:17] - (.-.) - [59 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\xh-ZA [MD5.00000000000000000000000000000000] - |D| - [27/07/2020 00:45:35] - [10.16 Ko] - C:\WINDOWS\SysWOW64\XPSViewer [MD5.0682BE1F6FADE90D189ECAEA7C7CAC81] - |A| - [13/11/2020 00:12:14] - (.-.) - [145 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xvid.ax [MD5.BC9B48C322260A2F01A1063AFBF46E76] - |A| - [13/11/2020 00:12:14] - (.-.) - [621.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xvidcore.dll [MD5.2EF15DCD18FCCCDC19832773DFD26700] - |A| - [13/11/2020 00:12:14] - (.-.) - [230 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xvidvfw.dll [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\yo-NG [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [135.5 Ko] - C:\WINDOWS\SysWOW64\zh-CN [MD5.00000000000000000000000000000000] - |D| - [31/07/2015 00:42:06] - [0 Ko] - C:\WINDOWS\SysWOW64\zh-HK [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [136 Ko] - C:\WINDOWS\SysWOW64\zh-TW [MD5.00000000000000000000000000000000] - |D| - [12/04/2018 18:23:27] - [0 Ko] - C:\WINDOWS\SysWOW64\zu-ZA ---------- | [Antonio] [23/09/2018 12:53:54] - |D| - [3005] - C:\Users\Antonio\.android [15/06/2019 00:36:50] - |A| - [2678] - C:\Users\Antonio\.bash_history [25/06/2019 22:29:44] - |D| - [0] - C:\Users\Antonio\.BigNox [04/06/2018 02:18:09] - |D| - [1284811] - C:\Users\Antonio\.cache [06/06/2019 02:03:11] - |D| - [151] - C:\Users\Antonio\.config [13/07/2020 20:09:49] - |D| - [2885] - C:\Users\Antonio\.dotnet [15/06/2019 00:27:29] - |A| - [209] - C:\Users\Antonio\.gitconfig [20/06/2020 20:32:01] - |D| - [432] - C:\Users\Antonio\.gnutls [18/03/2020 02:09:46] - |D| - [0] - C:\Users\Antonio\.insomniac [21/03/2020 22:30:10] - |A| - [2255] - C:\Users\Antonio\.kdiff3rc [06/06/2019 01:54:17] - |A| - [660] - C:\Users\Antonio\.node_repl_history [07/12/2018 05:52:33] - |D| - [0] - C:\Users\Antonio\.Origin [07/12/2018 05:52:34] - |D| - [0] - C:\Users\Antonio\.QtWebEngineProcess [24/02/2020 02:30:11] - |D| - [0] - C:\Users\Antonio\.thumbnails [24/03/2018 13:18:06] - |RD| - [43719332] - C:\Users\Antonio\3D Objects [22/09/2018 08:26:48] - |D| - [0] - C:\Users\Antonio\ansel [27/07/2020 00:00:19] - |HD| - [30120577638] - C:\Users\Antonio\AppData [27/07/2020 00:00:19] - |SHD| - [0] - C:\Users\Antonio\Application Data [07/02/2021 13:13:16] - |D| - [35258] - C:\Users\Antonio\BrawlhallaRenders [24/06/2019 20:38:58] - |D| - [14305543] - C:\Users\Antonio\BrawlhallaReplays [02/11/2019 18:02:44] - |D| - [11798] - C:\Users\Antonio\Cheathappens [23/03/2018 10:39:59] - |RD| - [4098] - C:\Users\Antonio\Contacts [27/07/2020 00:00:19] - |SHD| - [0] - C:\Users\Antonio\Cookies [29/03/2020 00:32:16] - |RD| - [1277] - C:\Users\Antonio\Creative Cloud Files [23/03/2018 10:39:58] - |RD| - [3631949372] - C:\Users\Antonio\Desktop [02/06/2019 18:54:20] - |A| - [238] - C:\Users\Antonio\discord_backup_codes.txt [23/03/2018 10:39:58] - |RD| - [6368798174] - C:\Users\Antonio\Documents [23/03/2018 10:39:58] - |RD| - [139277297] - C:\Users\Antonio\Downloads [23/03/2018 10:39:58] - |RD| - [690] - C:\Users\Antonio\Favorites [13/01/2020 23:56:54] - |D| - [68270727] - C:\Users\Antonio\FutureXGame [30/04/2021 20:07:48] - |D| - [10290] - C:\Users\Antonio\Heaven [23/09/2018 12:53:56] - |A| - [66] - C:\Users\Antonio\inittk.ini [23/09/2018 12:53:30] - |A| - [41] - C:\Users\Antonio\inst.ini [15/03/2020 04:39:05] - |HD| - [0] - C:\Users\Antonio\InstallAnywhere [07/04/2020 19:05:21] - |SHD| - [25308] - C:\Users\Antonio\IntelGraphicsProfiles [23/03/2018 10:39:58] - |RD| - [3357] - C:\Users\Antonio\Links [27/07/2020 00:00:19] - |SHD| - [0] - C:\Users\Antonio\Local Settings [27/07/2020 00:00:19] - |SHD| - [0] - C:\Users\Antonio\Menu Démarrer [27/07/2020 00:00:19] - |SHD| - [0] - C:\Users\Antonio\Mes documents [24/03/2018 13:18:27] - |HD| - [4732956] - C:\Users\Antonio\MicrosoftEdgeBackups [27/07/2020 00:00:19] - |SHD| - [0] - C:\Users\Antonio\Modèles [23/03/2018 10:39:58] - |RD| - [149920213] - C:\Users\Antonio\Music [17/10/2020 04:06:35] - |D| - [344360866] - C:\Users\Antonio\New Unity Project [20/06/2019 18:10:07] - |D| - [77003190] - C:\Users\Antonio\node_modules [23/09/2018 12:53:37] - |D| - [0] - C:\Users\Antonio\Nox_share [27/07/2020 00:00:19] - |AH| - [14155776] - C:\Users\Antonio\NTUSER.DAT [27/07/2020 00:00:19] - |ASH| - [3550208] - C:\Users\Antonio\ntuser.dat.LOG1 [27/07/2020 00:00:19] - |ASH| - [3544064] - C:\Users\Antonio\ntuser.dat.LOG2 [27/07/2020 00:00:19] - |ASH| - [65536] - C:\Users\Antonio\NTUSER.DAT{53b39e88-18c4-11ea-a811-000d3aa4692b}.TM.blf [27/07/2020 00:00:19] - |ASH| - [524288] - C:\Users\Antonio\NTUSER.DAT{53b39e88-18c4-11ea-a811-000d3aa4692b}.TMContainer00000000000000000001.regtrans-ms [27/07/2020 00:00:19] - |ASH| - [524288] - C:\Users\Antonio\NTUSER.DAT{53b39e88-18c4-11ea-a811-000d3aa4692b}.TMContainer00000000000000000002.regtrans-ms [27/07/2020 00:06:14] - |SH| - [20] - C:\Users\Antonio\ntuser.ini [23/09/2018 12:53:30] - |A| - [45] - C:\Users\Antonio\nuuid.ini [23/03/2018 10:41:30] - |RAD| - [63] - C:\Users\Antonio\OneDrive [08/12/2019 03:36:48] - |A| - [32927] - C:\Users\Antonio\package-lock.json [29/03/2020 01:40:57] - |A| - [1405460] - C:\Users\Antonio\Panorama sans titre-1.png [27/07/2020 00:00:19] - |SHD| - [0] - C:\Users\Antonio\Recent [23/03/2018 10:39:58] - |RD| - [1405006587] - C:\Users\Antonio\Saved Games [23/03/2018 10:39:59] - |RD| - [4407] - C:\Users\Antonio\Searches [27/07/2020 00:00:19] - |SHD| - [0] - C:\Users\Antonio\SendTo [27/08/2020 05:47:56] - |D| - [0] - C:\Users\Antonio\source [25/06/2019 22:02:07] - |A| - [53] - C:\Users\Antonio\useruid.ini [06/02/2021 10:23:56] - |RD| - [124117] - C:\Users\Antonio\Videos [23/09/2018 12:53:19] - |D| - [50804] - C:\Users\Antonio\vmlogs [27/07/2020 00:00:19] - |SHD| - [0] - C:\Users\Antonio\Voisinage d'impression [27/07/2020 00:00:19] - |SHD| - [0] - C:\Users\Antonio\Voisinage réseau [04/02/2021 17:52:23] - |A| - [3480712] - C:\Users\Antonio\ZHPSuite.exe [15/06/2019 00:14:48] - |A| - [198] - C:\Users\Antonio\_netrc [27/07/2020 00:00:19] - |D| - [19186678249] - C:\Users\Antonio\AppData\Local [23/03/2018 10:39:58] - |D| - [4214176718] - C:\Users\Antonio\AppData\LocalLow [27/07/2020 00:00:19] - |D| - [6719722671] - C:\Users\Antonio\AppData\Roaming [27/08/2020 05:47:48] - |D| - [27895] - C:\Users\Antonio\AppData\Local\.IdentityService [02/05/2020 05:45:18] - |D| - [108348] - C:\Users\Antonio\AppData\Local\9343b833-e7af-42ea-8a61-31bc41eefe2b [27/01/2021 01:52:09] - |D| - [1003913] - C:\Users\Antonio\AppData\Local\9d14b62e03b1765e91a68dcdbff8c94d [20/06/2018 17:12:20] - |D| - [209189] - C:\Users\Antonio\AppData\Local\Adobe [02/12/2020 01:13:26] - |D| - [3538] - C:\Users\Antonio\AppData\Local\Agrou [29/08/2019 15:12:51] - |D| - [2682435] - C:\Users\Antonio\AppData\Local\Ancestors [20/05/2018 11:47:17] - |D| - [562] - C:\Users\Antonio\AppData\Local\antimicro [05/07/2018 00:48:32] - |D| - [0] - C:\Users\Antonio\AppData\Local\Apple Computer [27/07/2020 00:00:19] - |SHD| - [0] - C:\Users\Antonio\AppData\Local\Application Data [30/08/2019 17:33:17] - |D| - [0] - C:\Users\Antonio\AppData\Local\Apps [02/06/2019 20:50:15] - |D| - [5164] - C:\Users\Antonio\AppData\Local\Archon [01/07/2019 21:53:39] - |D| - [224240] - C:\Users\Antonio\AppData\Local\Astro [01/03/2019 00:39:51] - |D| - [0] - C:\Users\Antonio\AppData\Local\Audacity [05/06/2018 15:31:00] - |D| - [1768864] - C:\Users\Antonio\AppData\Local\AVGame [04/04/2020 12:23:52] - |D| - [7534] - C:\Users\Antonio\AppData\Local\babl-0.1 [01/03/2020 00:07:55] - |D| - [82935] - C:\Users\Antonio\AppData\Local\badoink [21/09/2018 08:33:54] - |D| - [2575601] - C:\Users\Antonio\AppData\Local\BANDAI NAMCO Entertainment [04/07/2020 16:34:35] - |D| - [605670] - C:\Users\Antonio\AppData\Local\BarnFinders [31/07/2020 03:12:02] - |D| - [2354911] - C:\Users\Antonio\AppData\Local\BASS2 [05/10/2018 23:13:32] - |D| - [140370160] - C:\Users\Antonio\AppData\Local\Battle.net [20/06/2020 17:51:11] - |D| - [0] - C:\Users\Antonio\AppData\Local\Battlefield V [23/10/2019 01:34:19] - |D| - [0] - C:\Users\Antonio\AppData\Local\Battlestate Games [01/07/2018 02:56:05] - |D| - [4] - C:\Users\Antonio\AppData\Local\BattlEye [12/03/2020 19:08:55] - |D| - [44656245] - C:\Users\Antonio\AppData\Local\beatdrop-updater [22/03/2021 22:10:36] - |D| - [16071] - C:\Users\Antonio\AppData\Local\BeBee [23/11/2018 03:57:00] - |D| - [46336085] - C:\Users\Antonio\AppData\Local\Bethesda.net Launcher [05/02/2021 18:10:15] - |D| - [221583] - C:\Users\Antonio\AppData\Local\BitTorrentHelper [26/03/2018 20:18:33] - |D| - [0] - C:\Users\Antonio\AppData\Local\Black_Tree_Gaming [09/05/2020 18:45:50] - |D| - [132965507] - C:\Users\Antonio\AppData\Local\blitz-updater [05/10/2018 23:04:52] - |D| - [570321] - C:\Users\Antonio\AppData\Local\Blizzard [05/10/2018 23:13:39] - |D| - [13482445] - C:\Users\Antonio\AppData\Local\Blizzard Entertainment [15/06/2020 23:50:44] - |D| - [457752] - C:\Users\Antonio\AppData\Local\Bluestacks [02/10/2018 21:33:30] - |D| - [238737] - C:\Users\Antonio\AppData\Local\cache [13/05/2019 23:50:39] - |D| - [1877] - C:\Users\Antonio\AppData\Local\Carnac [10/12/2020 07:59:28] - |D| - [14267003] - C:\Users\Antonio\AppData\Local\CD Projekt Red [23/03/2018 10:57:53] - |D| - [6429598] - C:\Users\Antonio\AppData\Local\CEF [08/02/2021 15:37:47] - |D| - [7110182] - C:\Users\Antonio\AppData\Local\CefSharp [14/03/2020 21:53:41] - |D| - [164634] - C:\Users\Antonio\AppData\Local\ChernobylGame [22/05/2020 03:24:25] - |D| - [156811448] - C:\Users\Antonio\AppData\Local\com.liberty.jaxx-updater [23/03/2018 11:06:29] - |D| - [45847992] - C:\Users\Antonio\AppData\Local\Comms [13/10/2018 02:48:20] - |D| - [1573422] - C:\Users\Antonio\AppData\Local\Conarium [24/03/2018 13:18:04] - |D| - [12799584] - C:\Users\Antonio\AppData\Local\ConnectedDevicesPlatform [23/03/2018 12:00:07] - |D| - [506721687] - C:\Users\Antonio\AppData\Local\CrashDumps [16/08/2019 13:52:11] - |D| - [785781] - C:\Users\Antonio\AppData\Local\CrashReportClient [24/03/2018 22:22:24] - |D| - [91340] - C:\Users\Antonio\AppData\Local\CrashRpt [29/01/2021 03:28:30] - |D| - [6942] - C:\Users\Antonio\AppData\Local\cuisine_royale [30/05/2018 15:54:38] - |D| - [182084512] - C:\Users\Antonio\AppData\Local\D3DSCache [09/01/2021 13:13:57] - |D| - [3691641] - C:\Users\Antonio\AppData\Local\Daedalic Entertainment [29/04/2020 06:22:45] - |D| - [1765256] - C:\Users\Antonio\AppData\Local\Daedalic Entertainment GmbH [09/08/2020 10:07:04] - |D| - [782522] - C:\Users\Antonio\AppData\Local\Darksiders3 [09/07/2018 16:46:58] - |D| - [14071630] - C:\Users\Antonio\AppData\Local\Darwin [14/06/2020 22:44:01] - |D| - [224747] - C:\Users\Antonio\AppData\Local\DBFighterZ [21/09/2018 23:32:35] - |D| - [0] - C:\Users\Antonio\AppData\Local\DBG [23/03/2018 11:55:14] - |D| - [14922117] - C:\Users\Antonio\AppData\Local\DeadByDaylight [28/07/2020 21:45:25] - |D| - [1013853] - C:\Users\Antonio\AppData\Local\DH [04/05/2018 23:52:26] - |D| - [0] - C:\Users\Antonio\AppData\Local\Diagnostics [12/07/2018 17:27:47] - |D| - [7462] - C:\Users\Antonio\AppData\Local\DigitalEntitlements [07/03/2021 23:52:47] - |D| - [478814726] - C:\Users\Antonio\AppData\Local\Discord [20/07/2020 17:49:52] - |D| - [1512761] - C:\Users\Antonio\AppData\Local\DiscordCanary [17/08/2018 15:29:23] - |D| - [5046] - C:\Users\Antonio\AppData\Local\Disc_Soft_Ltd [16/06/2018 03:28:56] - |D| - [11237] - C:\Users\Antonio\AppData\Local\DOSBox [13/10/2018 18:08:01] - |D| - [2718208] - C:\Users\Antonio\AppData\Local\Downloaded Installations [30/09/2018 11:11:03] - |D| - [13451434] - C:\Users\Antonio\AppData\Local\DR [21/02/2020 14:11:12] - |D| - [150] - C:\Users\Antonio\AppData\Local\Dreamdeck [24/06/2020 19:49:22] - |D| - [4775] - C:\Users\Antonio\AppData\Local\Driver Store Explorer [11/11/2019 02:56:21] - |D| - [8284] - C:\Users\Antonio\AppData\Local\DrmRemoval [21/04/2020 21:16:36] - |D| - [146527] - C:\Users\Antonio\AppData\Local\DrugDealerSimulator [15/07/2020 23:11:45] - |D| - [7171375] - C:\Users\Antonio\AppData\Local\Dungeons [18/12/2019 00:54:10] - |D| - [433] - C:\Users\Antonio\AppData\Local\Electronic Arts [19/05/2018 15:09:11] - |D| - [707336] - C:\Users\Antonio\AppData\Local\ElevatedDiagnostics [31/01/2020 14:34:13] - |D| - [0] - C:\Users\Antonio\AppData\Local\enchant [31/01/2020 09:34:41] - |D| - [30036350] - C:\Users\Antonio\AppData\Local\Epic Games [24/09/2019 21:18:29] - |D| - [379132176] - C:\Users\Antonio\AppData\Local\EpicGamesLauncher [02/11/2018 18:57:36] - |D| - [5121] - C:\Users\Antonio\AppData\Local\Eraser 6 [02/11/2020 10:00:55] - |D| - [2216] - C:\Users\Antonio\AppData\Local\EscapeRoom [10/04/2021 11:31:51] - |D| - [16979853] - C:\Users\Antonio\AppData\Local\Evil Genius 2 [08/11/2020 14:30:41] - |D| - [74034] - C:\Users\Antonio\AppData\Local\FactoryGame [23/04/2020 01:59:31] - |D| - [252796] - C:\Users\Antonio\AppData\Local\Falcon [30/08/2018 01:16:44] - |D| - [5808] - C:\Users\Antonio\AppData\Local\Fallout4 [08/04/2018 02:52:48] - |D| - [1717] - C:\Users\Antonio\AppData\Local\FBProject [16/11/2018 12:43:11] - |D| - [2645016] - C:\Users\Antonio\AppData\Local\FBS [25/04/2021 15:36:23] - |D| - [51009061] - C:\Users\Antonio\AppData\Local\FCT [22/04/2020 21:57:27] - |D| - [144455] - C:\Users\Antonio\AppData\Local\Fernbus [30/04/2021 20:07:24] - |A| - [1065984] - C:\Users\Antonio\AppData\Local\file__0.localstorage [04/05/2021 21:22:21] - |D| - [2959532659] - C:\Users\Antonio\AppData\Local\FiveM [29/02/2020 22:10:42] - |D| - [611869] - C:\Users\Antonio\AppData\Local\FLiNGTrainer [11/06/2018 19:43:21] - |D| - [1090737] - C:\Users\Antonio\AppData\Local\FLT [21/03/2020 23:14:56] - |D| - [25100] - C:\Users\Antonio\AppData\Local\FluidGame [23/06/2018 00:48:07] - |D| - [3401796] - C:\Users\Antonio\AppData\Local\FluxSoftware [19/10/2019 06:37:08] - |D| - [126242012] - C:\Users\Antonio\AppData\Local\FortniteGame [20/04/2020 19:25:54] - |D| - [2190] - C:\Users\Antonio\AppData\Local\Frontier Developments [13/09/2020 15:39:19] - |D| - [12048217] - C:\Users\Antonio\AppData\Local\g3 [20/11/2018 15:50:55] - |D| - [2703728] - C:\Users\Antonio\AppData\Local\Game Dev Tycoon - Steam [19/02/2019 18:14:50] - |D| - [149392] - C:\Users\Antonio\AppData\Local\GameAnalytics [04/04/2020 12:23:52] - |D| - [0] - C:\Users\Antonio\AppData\Local\gegl-0.4 [04/04/2020 12:23:53] - |D| - [0] - C:\Users\Antonio\AppData\Local\GIMP [17/02/2021 18:52:43] - |D| - [349220852] - C:\Users\Antonio\AppData\Local\GitHubDesktop [24/03/2018 02:25:44] - |D| - [1045293] - C:\Users\Antonio\AppData\Local\GOG.com [11/06/2018 02:47:22] - |D| - [956392676] - C:\Users\Antonio\AppData\Local\Google [11/02/2021 17:47:35] - |D| - [1474718] - C:\Users\Antonio\AppData\Local\Helios [06/10/2018 18:10:53] - |D| - [26886] - C:\Users\Antonio\AppData\Local\HideandShriek [27/07/2020 00:00:19] - |SHD| - [0] - C:\Users\Antonio\AppData\Local\Historique [21/07/2019 19:34:32] - |D| - [3327] - C:\Users\Antonio\AppData\Local\HJLC [21/02/2020 11:22:42] - |D| - [199568468] - C:\Users\Antonio\AppData\Local\Home2 [26/12/2020 20:24:13] - |D| - [875] - C:\Users\Antonio\AppData\Local\HomeDev [07/05/2021 00:14:56] - |D| - [700765] - C:\Users\Antonio\AppData\Local\Hood [09/03/2021 17:48:51] - |D| - [12763] - C:\Users\Antonio\AppData\Local\HorrorBar [05/02/2021 11:07:10] - |AH| - [128778] - C:\Users\Antonio\AppData\Local\IconCache.db [04/01/2019 22:43:10] - |AH| - [84464] - C:\Users\Antonio\AppData\Local\IconCache.db.backup [18/09/2018 23:44:51] - |D| - [2176] - C:\Users\Antonio\AppData\Local\id Software [27/10/2019 15:57:20] - |D| - [7829] - C:\Users\Antonio\AppData\Local\Indiana [17/12/2020 21:19:32] - |D| - [0] - C:\Users\Antonio\AppData\Local\INetHistory [23/08/2020 04:44:01] - |D| - [1576254] - C:\Users\Antonio\AppData\Local\Injustice2 [24/02/2020 05:35:17] - |D| - [809] - C:\Users\Antonio\AppData\Local\install [06/08/2020 14:10:28] - |D| - [1762] - C:\Users\Antonio\AppData\Local\Intel Telemetry [23/01/2021 21:57:38] - |D| - [0] - C:\Users\Antonio\AppData\Local\IO Interactive [25/02/2019 14:44:06] - |D| - [5103] - C:\Users\Antonio\AppData\Local\IsolatedStorage [03/03/2020 21:56:33] - |D| - [213962177] - C:\Users\Antonio\AppData\Local\JDownloader 2.0 [08/08/2019 08:51:11] - |D| - [113807254] - C:\Users\Antonio\AppData\Local\JetBrains [09/07/2020 00:35:00] - |D| - [2024320] - C:\Users\Antonio\AppData\Local\JUMP_FORCE [09/08/2020 00:33:32] - |D| - [2728225] - C:\Users\Antonio\AppData\Local\Kalypso Media [08/11/2020 14:53:33] - |D| - [0] - C:\Users\Antonio\AppData\Local\Klei [20/02/2021 21:59:10] - |D| - [735987] - C:\Users\Antonio\AppData\Local\KnockoutCityBeta [03/11/2018 09:08:57] - |D| - [15121185] - C:\Users\Antonio\AppData\Local\LastYear [07/11/2020 12:39:44] - |D| - [2639527] - C:\Users\Antonio\AppData\Local\LittleHope [02/12/2020 15:45:35] - |D| - [5268701] - C:\Users\Antonio\AppData\Local\LOA [15/10/2018 06:37:47] - |D| - [0] - C:\Users\Antonio\AppData\Local\LogMeIn [04/02/2021 13:40:24] - |D| - [1757] - C:\Users\Antonio\AppData\Local\LogMeIn Hamachi [03/04/2021 07:37:49] - |D| - [1939948918] - C:\Users\Antonio\AppData\Local\Madness [04/09/2019 23:06:37] - |D| - [3271495] - C:\Users\Antonio\AppData\Local\ManOfMedan [30/10/2018 17:11:43] - |D| - [3715868] - C:\Users\Antonio\AppData\Local\mbam [30/10/2018 17:21:47] - |D| - [235676] - C:\Users\Antonio\AppData\Local\mbamtray [29/01/2021 22:43:16] - |D| - [82695161] - C:\Users\Antonio\AppData\Local\Medium [22/08/2018 02:43:02] - |D| - [7595245] - C:\Users\Antonio\AppData\Local\Mega Limited [15/10/2020 01:04:47] - |D| - [28979676] - C:\Users\Antonio\AppData\Local\MegaDev [22/08/2018 02:42:59] - |D| - [101522390] - C:\Users\Antonio\AppData\Local\MEGAsync [27/07/2020 00:00:19] - |D| - [608853588] - C:\Users\Antonio\AppData\Local\Microsoft [25/10/2018 20:23:13] - |D| - [145976] - C:\Users\Antonio\AppData\Local\Microsoft Help [23/03/2018 10:43:05] - |D| - [65906] - C:\Users\Antonio\AppData\Local\MicrosoftEdge [10/10/2020 00:36:16] - |D| - [8541254] - C:\Users\Antonio\AppData\Local\miHoYo [08/02/2020 12:23:53] - |D| - [174469185] - C:\Users\Antonio\AppData\Local\MK11 [09/03/2020 01:45:47] - |D| - [7385] - C:\Users\Antonio\AppData\Local\ModAssistant [21/02/2020 11:29:09] - |D| - [1146] - C:\Users\Antonio\AppData\Local\MontereySetup [12/06/2020 21:16:23] - |D| - [3296887] - C:\Users\Antonio\AppData\Local\MoonsOfMadness [16/05/2019 18:18:48] - |D| - [7131327] - C:\Users\Antonio\AppData\Local\Mordhau [23/03/2018 10:45:42] - |D| - [733644853] - C:\Users\Antonio\AppData\Local\Mozilla [09/09/2019 15:53:03] - |D| - [4265] - C:\Users\Antonio\AppData\Local\My Games [30/12/2019 12:47:42] - |D| - [1244] - C:\Users\Antonio\AppData\Local\NBTExplorer [06/08/2018 00:09:49] - |D| - [0] - C:\Users\Antonio\AppData\Local\New Technology Studio [13/02/2021 00:59:59] - |D| - [2949] - C:\Users\Antonio\AppData\Local\Nightmare [22/12/2020 03:15:23] - |D| - [337] - C:\Users\Antonio\AppData\Local\NitroxLauncher [28/04/2019 23:25:49] - |D| - [233602] - C:\Users\Antonio\AppData\Local\NordVPN [24/09/2018 21:07:35] - |D| - [0] - C:\Users\Antonio\AppData\Local\Notepad++ [23/09/2018 12:52:28] - |D| - [5837354] - C:\Users\Antonio\AppData\Local\Nox [25/06/2019 22:07:01] - |D| - [90] - C:\Users\Antonio\AppData\Local\NoxPopup [25/06/2019 22:02:07] - |D| - [77] - C:\Users\Antonio\AppData\Local\NoxSrv [08/08/2019 08:57:11] - |D| - [3679869] - C:\Users\Antonio\AppData\Local\NuGet [28/03/2019 17:52:48] - |D| - [850476722] - C:\Users\Antonio\AppData\Local\NVIDIA [28/03/2019 17:52:46] - |D| - [54772610] - C:\Users\Antonio\AppData\Local\NVIDIA Corporation [20/02/2020 04:18:34] - |D| - [75824205] - C:\Users\Antonio\AppData\Local\Oculus [05/03/2021 20:12:02] - |A| - [0] - C:\Users\Antonio\AppData\Local\oobelibMkey.log [21/02/2020 15:04:12] - |D| - [229] - C:\Users\Antonio\AppData\Local\openvr [24/04/2021 16:08:31] - |D| - [0] - C:\Users\Antonio\AppData\Local\Opera Software [07/12/2018 05:52:29] - |D| - [258811230] - C:\Users\Antonio\AppData\Local\Origin [19/10/2018 19:53:46] - |D| - [2014847] - C:\Users\Antonio\AppData\Local\OTWD [15/06/2019 00:47:20] - |D| - [23004824] - C:\Users\Antonio\AppData\Local\Package Cache [23/03/2018 10:39:58] - |D| - [529347165] - C:\Users\Antonio\AppData\Local\Packages [21/01/2019 15:57:44] - |D| - [0] - C:\Users\Antonio\AppData\Local\PackageStaging [24/03/2018 23:52:47] - |D| - [98887] - C:\Users\Antonio\AppData\Local\paint.net [29/03/2021 16:31:14] - |D| - [36] - C:\Users\Antonio\AppData\Local\PajdaPanel [10/05/2020 23:11:53] - |D| - [190099] - C:\Users\Antonio\AppData\Local\PAYDAY 2 [05/04/2018 00:32:50] - |D| - [11213] - C:\Users\Antonio\AppData\Local\PeaceDeath [21/09/2018 23:32:43] - |D| - [0] - C:\Users\Antonio\AppData\Local\PeerDistRepub [20/09/2020 23:24:40] - |D| - [4093] - C:\Users\Antonio\AppData\Local\Phantom [06/01/2020 00:27:58] - |D| - [281263] - C:\Users\Antonio\AppData\Local\PingPlotter 5 [15/06/2019 00:49:16] - |D| - [20560406] - C:\Users\Antonio\AppData\Local\pip [24/03/2018 13:20:38] - |D| - [387053] - C:\Users\Antonio\AppData\Local\PlaceholderTileLogoFolder [15/10/2020 01:02:44] - |D| - [111499960] - C:\Users\Antonio\AppData\Local\plitch-updater [10/11/2019 17:15:25] - |D| - [215995] - C:\Users\Antonio\AppData\Local\Police [21/12/2019 16:41:50] - |D| - [3637456] - C:\Users\Antonio\AppData\Local\Postal4 [26/09/2018 21:32:28] - |D| - [585945594] - C:\Users\Antonio\AppData\Local\Programs [08/08/2019 08:39:46] - |D| - [1183] - C:\Users\Antonio\AppData\Local\Progress_Software_Corpora [09/04/2021 12:04:51] - |D| - [235017755] - C:\Users\Antonio\AppData\Local\Prospect [23/03/2018 10:40:04] - |D| - [830221] - C:\Users\Antonio\AppData\Local\Publishers [25/10/2020 10:22:00] - |D| - [148620] - C:\Users\Antonio\AppData\Local\PumpkinJack [07/09/2019 18:38:57] - |D| - [437784] - C:\Users\Antonio\AppData\Local\PunkBuster [05/07/2018 19:51:53] - |D| - [3170371] - C:\Users\Antonio\AppData\Local\QuantumBreak [08/05/2020 17:50:59] - |D| - [11613490] - C:\Users\Antonio\AppData\Local\Quill [23/02/2020 23:19:26] - |D| - [2692] - C:\Users\Antonio\AppData\Local\rad [24/06/2020 19:49:19] - |D| - [2307] - C:\Users\Antonio\AppData\Local\Rapr [23/03/2018 11:48:01] - |D| - [22422] - C:\Users\Antonio\AppData\Local\Razer [04/01/2019 21:30:55] - |D| - [855] - C:\Users\Antonio\AppData\Local\RCW [04/04/2020 12:33:40] - |A| - [879] - C:\Users\Antonio\AppData\Local\recently-used.xbel [10/12/2020 07:58:53] - |D| - [31154185] - C:\Users\Antonio\AppData\Local\REDEngine [08/08/2019 08:57:07] - |D| - [0] - C:\Users\Antonio\AppData\Local\RefSrcSymbols [08/10/2019 04:27:08] - |D| - [1784817] - C:\Users\Antonio\AppData\Local\Remedy [15/07/2020 20:41:33] - |D| - [5804367] - C:\Users\Antonio\AppData\Local\Remnant [27/10/2020 20:00:00] - |D| - [10752] - C:\Users\Antonio\AppData\Local\Remothered [27/10/2020 12:15:21] - |D| - [120830] - C:\Users\Antonio\AppData\Local\Remothered2 [29/03/2018 12:54:46] - |A| - [7632] - C:\Users\Antonio\AppData\Local\Resmon.ResmonCfg [26/09/2020 00:06:05] - |D| - [17464] - C:\Users\Antonio\AppData\Local\Revive [23/09/2020 14:29:17] - |D| - [47540] - C:\Users\Antonio\AppData\Local\ReviveOverlay [16/10/2019 18:11:27] - |D| - [20178803] - C:\Users\Antonio\AppData\Local\Riot Games [28/09/2019 20:56:52] - |D| - [1590] - C:\Users\Antonio\AppData\Local\RisingHub! [05/03/2019 03:00:22] - |D| - [1814007] - C:\Users\Antonio\AppData\Local\RiverGame [15/04/2021 20:31:34] - |D| - [342649517] - C:\Users\Antonio\AppData\Local\Roblox [22/02/2020 02:45:53] - |D| - [520640] - C:\Users\Antonio\AppData\Local\RoboRecall [27/06/2018 02:10:11] - |D| - [252110] - C:\Users\Antonio\AppData\Local\Rockstar Games [08/08/2018 01:38:50] - |D| - [591392] - C:\Users\Antonio\AppData\Local\Sega [24/02/2020 02:03:25] - |D| - [32] - C:\Users\Antonio\AppData\Local\ServiceHub [22/08/2018 13:28:17] - |D| - [5476653] - C:\Users\Antonio\AppData\Local\Seven [03/11/2019 20:18:58] - |D| - [59465] - C:\Users\Antonio\AppData\Local\ShadowTrackerExtra [29/01/2020 05:38:07] - |D| - [334465] - C:\Users\Antonio\AppData\Local\Shenmue3 [07/05/2020 11:12:28] - |D| - [37223259] - C:\Users\Antonio\AppData\Local\ShooterGame [16/10/2019 16:39:05] - |D| - [0] - C:\Users\Antonio\AppData\Local\SKIDROW [10/01/2020 00:20:18] - |D| - [67584] - C:\Users\Antonio\AppData\Local\SkinSoft [02/06/2018 19:59:42] - |D| - [13454] - C:\Users\Antonio\AppData\Local\Skyrim [06/03/2020 20:13:55] - |D| - [256176800] - C:\Users\Antonio\AppData\Local\slobs-client-updater [02/12/2018 23:24:34] - |D| - [1555] - C:\Users\Antonio\AppData\Local\SmartTechnology [10/01/2020 02:41:32] - |D| - [5011275] - C:\Users\Antonio\AppData\Local\SnakeBite [31/08/2018 19:28:19] - |D| - [394315] - C:\Users\Antonio\AppData\Local\Sniper3 [24/06/2018 18:32:14] - |D| - [1804] - C:\Users\Antonio\AppData\Local\Sony [04/04/2018 23:32:18] - |D| - [20539818] - C:\Users\Antonio\AppData\Local\SOS [29/10/2018 14:27:54] - |D| - [532017] - C:\Users\Antonio\AppData\Local\SoulcaliburVI [24/04/2020 21:10:49] - |D| - [674663] - C:\Users\Antonio\AppData\Local\SpaceFish [15/06/2018 00:38:03] - |D| - [51700] - C:\Users\Antonio\AppData\Local\speech [24/05/2018 23:02:19] - |D| - [18308157] - C:\Users\Antonio\AppData\Local\SplitMediaLabs [11/11/2019 02:08:58] - |D| - [633] - C:\Users\Antonio\AppData\Local\spotdl [08/10/2020 23:35:32] - |D| - [172515980] - C:\Users\Antonio\AppData\Local\Spotify [06/05/2018 20:57:53] - |D| - [5336655] - C:\Users\Antonio\AppData\Local\SpyParty [02/07/2020 17:48:34] - |D| - [22351] - C:\Users\Antonio\AppData\Local\SQEX [02/07/2020 17:28:45] - |D| - [452749408] - C:\Users\Antonio\AppData\Local\SquareEnix [23/03/2018 10:59:45] - |D| - [169331724] - C:\Users\Antonio\AppData\Local\SquirrelTemp [25/11/2019 18:34:17] - |D| - [0] - C:\Users\Antonio\AppData\Local\STAR WARS Battlefront II [23/03/2018 11:35:56] - |D| - [428756079] - C:\Users\Antonio\AppData\Local\Steam [15/11/2020 19:47:59] - |A| - [32] - C:\Users\Antonio\AppData\Local\steamapikey.txt [02/10/2018 21:33:30] - |D| - [13964752] - C:\Users\Antonio\AppData\Local\SteamCrack [21/02/2020 15:21:14] - |D| - [133128022] - C:\Users\Antonio\AppData\Local\SteamVR [01/10/2020 23:29:34] - |D| - [2605521] - C:\Users\Antonio\AppData\Local\Styx2 [01/06/2018 16:31:11] - |D| - [33658648] - C:\Users\Antonio\AppData\Local\SummerCamp [18/03/2020 02:10:12] - |D| - [334728] - C:\Users\Antonio\AppData\Local\Sunset [22/11/2019 20:23:39] - |D| - [7663] - C:\Users\Antonio\AppData\Local\SwGame [12/07/2019 16:19:33] - |D| - [94673] - C:\Users\Antonio\AppData\Local\SWTOR [10/07/2019 18:59:45] - |D| - [65] - C:\Users\Antonio\AppData\Local\SWTORPerf [08/08/2019 08:57:07] - |D| - [0] - C:\Users\Antonio\AppData\Local\SymbolSourceSymbols [03/12/2018 09:08:14] - |D| - [28672] - C:\Users\Antonio\AppData\Local\TeamViewer [27/07/2020 00:00:19] - |D| - [67376352] - C:\Users\Antonio\AppData\Local\Temp [27/07/2020 00:00:19] - |SHD| - [0] - C:\Users\Antonio\AppData\Local\Temporary Internet Files [23/11/2020 21:26:03] - |D| - [13776] - C:\Users\Antonio\AppData\Local\Textorcist [01/04/2020 06:56:41] - |D| - [226] - C:\Users\Antonio\AppData\Local\The Witcher [20/02/2021 05:13:46] - |D| - [9003368] - C:\Users\Antonio\AppData\Local\TheBeastInside [18/03/2020 22:49:12] - |D| - [843173] - C:\Users\Antonio\AppData\Local\TheBlackoutClub [17/08/2018 23:42:08] - |D| - [10623286] - C:\Users\Antonio\AppData\Local\TheExit [23/06/2018 13:25:56] - |D| - [2428296] - C:\Users\Antonio\AppData\Local\TheObserver [23/03/2018 10:39:58] - |D| - [11541517] - C:\Users\Antonio\AppData\Local\TileDataLayer [21/02/2020 11:34:36] - |D| - [595] - C:\Users\Antonio\AppData\Local\TouchNUX [31/01/2020 09:34:38] - |D| - [411782] - C:\Users\Antonio\AppData\Local\Towers [24/04/2020 02:29:25] - |D| - [520972] - C:\Users\Antonio\AppData\Local\Trover [21/01/2020 01:19:39] - |D| - [7443531] - C:\Users\Antonio\AppData\Local\TSCGame [07/06/2018 01:28:09] - |D| - [58424578] - C:\Users\Antonio\AppData\Local\TslGame [22/02/2020 20:13:56] - |D| - [2162397] - C:\Users\Antonio\AppData\Local\TWD [17/07/2019 17:03:36] - |D| - [7339447] - C:\Users\Antonio\AppData\Local\Uber Entertainment [23/03/2018 11:42:15] - |D| - [7164] - C:\Users\Antonio\AppData\Local\Ubisoft Game Launcher [11/05/2018 01:40:52] - |D| - [4680] - C:\Users\Antonio\AppData\Local\UNDERTALE [17/10/2020 03:18:52] - |D| - [72575568] - C:\Users\Antonio\AppData\Local\unityhub-updater [14/12/2019 01:52:58] - |D| - [537] - C:\Users\Antonio\AppData\Local\UnityModManagerNet [23/03/2018 11:46:59] - |D| - [1203] - C:\Users\Antonio\AppData\Local\UnrealEngine [14/02/2019 16:23:32] - |D| - [291] - C:\Users\Antonio\AppData\Local\UnrealEngineLauncher [23/03/2018 11:04:53] - |A| - [424] - C:\Users\Antonio\AppData\Local\UserProducts.xml [29/03/2020 01:13:17] - |D| - [1816362] - C:\Users\Antonio\AppData\Local\UXP [02/06/2020 12:41:28] - |D| - [35621665] - C:\Users\Antonio\AppData\Local\VALORANT [24/06/2018 18:28:53] - |D| - [6325776] - C:\Users\Antonio\AppData\Local\VEGAS [24/06/2018 18:32:10] - |D| - [6805035] - C:\Users\Antonio\AppData\Local\VEGAS Pro [23/03/2018 10:39:58] - |D| - [25482] - C:\Users\Antonio\AppData\Local\VirtualStore [09/01/2021 13:13:56] - |D| - [190] - C:\Users\Antonio\AppData\Local\VisionaireStudio [24/04/2020 21:52:45] - |D| - [55218] - C:\Users\Antonio\AppData\Local\Vivox [04/10/2018 15:13:27] - |D| - [15592] - C:\Users\Antonio\AppData\Local\VMware [08/02/2021 16:24:13] - |D| - [2285639641] - C:\Users\Antonio\AppData\Local\Voicemod [19/09/2019 23:13:04] - |D| - [86704713] - C:\Users\Antonio\AppData\Local\Vortex [23/01/2020 03:03:43] - |D| - [51579] - C:\Users\Antonio\AppData\Local\Warner Bros. Interactive Entertainment [26/05/2019 21:16:20] - |D| - [1289] - C:\Users\Antonio\AppData\Local\Wasntafairfight [03/06/2018 15:18:36] - |D| - [12685464] - C:\Users\Antonio\AppData\Local\WB Games [09/10/2019 12:40:35] - |D| - [435355344] - C:\Users\Antonio\AppData\Local\WeMod [23/03/2018 11:46:59] - |D| - [16963] - C:\Users\Antonio\AppData\Local\WitchIt [06/03/2020 22:31:07] - |D| - [3803] - C:\Users\Antonio\AppData\Local\WKND [22/01/2020 02:36:34] - |D| - [1809] - C:\Users\Antonio\AppData\Local\WMD [12/03/2020 14:07:51] - |D| - [247346] - C:\Users\Antonio\AppData\Local\WrathGame [05/10/2020 07:32:07] - |D| - [164404] - C:\Users\Antonio\AppData\Local\WWEPlaygrounds [22/01/2020 23:32:15] - |D| - [51401007] - C:\Users\Antonio\AppData\Local\zaap-updater [07/06/2019 10:34:28] - |D| - [4075] - C:\Users\Antonio\AppData\Local\Zerebos [15/05/2021 14:59:12] - |D| - [214881] - C:\Users\Antonio\AppData\Local\ZHP [02/03/2021 04:17:00] - |D| - [41946118] - C:\Users\Antonio\AppData\Local\Zombie Army 4 [17/08/2019 12:30:05] - |D| - [5874895] - C:\Users\Antonio\AppData\Local\ZoneUE4 [23/08/2018 20:55:01] - |D| - [7202] - C:\Users\Antonio\AppData\Local\__SHARED [17/07/2020 15:13:45] - |D| - [2985129] - C:\Users\Antonio\AppData\LocalLow\10 Chambers Collective [06/03/2021 08:57:31] - |D| - [106339] - C:\Users\Antonio\AppData\LocalLow\7th Beat Games [01/04/2018 00:41:25] - |D| - [1927] - C:\Users\Antonio\AppData\LocalLow\8floor [14/01/2020 02:21:10] - |D| - [388380] - C:\Users\Antonio\AppData\LocalLow\Abyte Entertainment [17/01/2020 06:30:07] - |D| - [27648] - C:\Users\Antonio\AppData\LocalLow\Adobe [14/05/2020 20:04:05] - |D| - [168525] - C:\Users\Antonio\AppData\LocalLow\Affable Games [23/05/2020 00:17:48] - |D| - [7262398] - C:\Users\Antonio\AppData\LocalLow\Against Gravity [05/01/2021 18:25:44] - |D| - [5144203] - C:\Users\Antonio\AppData\LocalLow\Algorock [10/01/2021 15:02:49] - |D| - [449426] - C:\Users\Antonio\AppData\LocalLow\Alt Shift [29/10/2018 02:14:58] - |D| - [14682] - C:\Users\Antonio\AppData\LocalLow\Andrii Vintsevych [16/09/2020 01:05:47] - |D| - [32282] - C:\Users\Antonio\AppData\LocalLow\AntKarlovGames [05/07/2018 00:38:50] - |D| - [496] - C:\Users\Antonio\AppData\LocalLow\Apple Computer [18/09/2020 18:39:22] - |D| - [71498062] - C:\Users\Antonio\AppData\LocalLow\Artefacts Studio [16/01/2021 20:35:32] - |D| - [69605] - C:\Users\Antonio\AppData\LocalLow\Assemble Entertainment [04/07/2019 17:00:34] - |D| - [412857] - C:\Users\Antonio\AppData\LocalLow\Berserk Games [07/02/2021 10:03:21] - |D| - [245760] - C:\Users\Antonio\AppData\LocalLow\BitTorrent [21/01/2021 01:30:09] - |D| - [9480] - C:\Users\Antonio\AppData\LocalLow\Blackbird Interactive [07/01/2020 01:13:26] - |D| - [69966] - C:\Users\Antonio\AppData\LocalLow\Blizzard Entertainment [23/03/2018 11:47:18] - |D| - [182192] - C:\Users\Antonio\AppData\LocalLow\Bloober Team [18/03/2019 14:47:42] - |D| - [475620] - C:\Users\Antonio\AppData\LocalLow\Boneloaf [11/05/2020 19:07:43] - |D| - [627] - C:\Users\Antonio\AppData\LocalLow\Bossa Studios [17/03/2020 01:53:39] - |D| - [44556726] - C:\Users\Antonio\AppData\LocalLow\Brave At Night [09/10/2020 18:37:07] - |D| - [2701560] - C:\Users\Antonio\AppData\LocalLow\ComonGames [23/02/2021 06:11:15] - |D| - [788845] - C:\Users\Antonio\AppData\LocalLow\CrazyRocks [20/02/2021 04:16:27] - |D| - [2867] - C:\Users\Antonio\AppData\LocalLow\Creaky Corpse Ltd [06/09/2019 16:38:43] - |D| - [1415272] - C:\Users\Antonio\AppData\LocalLow\Creepy Jar [24/02/2020 20:16:58] - |D| - [47525] - C:\Users\Antonio\AppData\LocalLow\Crows Crows Crows [24/02/2020 02:42:29] - |D| - [91] - C:\Users\Antonio\AppData\LocalLow\DefaultCompany [25/04/2019 01:53:37] - |D| - [274886] - C:\Users\Antonio\AppData\LocalLow\Defiant Development [22/08/2020 04:25:13] - |D| - [39546] - C:\Users\Antonio\AppData\LocalLow\devotid [09/06/2020 01:31:51] - |D| - [1573248] - C:\Users\Antonio\AppData\LocalLow\Dodge Roll [27/09/2020 01:32:08] - |D| - [133769] - C:\Users\Antonio\AppData\LocalLow\DoMyBest [06/03/2020 00:21:29] - |D| - [65851368] - C:\Users\Antonio\AppData\LocalLow\Downpour Interactive [16/08/2020 22:32:10] - |D| - [103667] - C:\Users\Antonio\AppData\LocalLow\DrawMeAPixel [23/03/2018 12:29:11] - |D| - [39279] - C:\Users\Antonio\AppData\LocalLow\DryGin Studios [24/08/2020 05:08:49] - |D| - [288182] - C:\Users\Antonio\AppData\LocalLow\DualityGames [20/11/2018 17:56:27] - |D| - [13745] - C:\Users\Antonio\AppData\LocalLow\Dymchick1 [14/11/2019 20:17:50] - |D| - [1155] - C:\Users\Antonio\AppData\LocalLow\Edmund McMillen Games [22/09/2019 20:07:45] - |D| - [65725690] - C:\Users\Antonio\AppData\LocalLow\Eek [27/06/2018 22:48:07] - |D| - [2029373831] - C:\Users\Antonio\AppData\LocalLow\Empyrean [23/03/2021 05:07:31] - |D| - [1961222] - C:\Users\Antonio\AppData\LocalLow\Explosm [30/05/2020 17:20:52] - |D| - [1305] - C:\Users\Antonio\AppData\LocalLow\Fallen Planet Studios [14/09/2018 13:33:17] - |D| - [18569] - C:\Users\Antonio\AppData\LocalLow\Fearem [24/06/2020 04:38:20] - |D| - [87472] - C:\Users\Antonio\AppData\LocalLow\Fireproof Games [20/11/2018 14:43:07] - |D| - [3288671] - C:\Users\Antonio\AppData\LocalLow\Flamebait Games [21/02/2020 11:54:21] - |D| - [94755] - C:\Users\Antonio\AppData\LocalLow\Free Lives [06/06/2020 22:52:52] - |D| - [799536] - C:\Users\Antonio\AppData\LocalLow\Game Boom VR [27/02/2020 00:17:37] - |D| - [22981281] - C:\Users\Antonio\AppData\LocalLow\Game Labs [02/11/2020 09:34:11] - |D| - [478976] - C:\Users\Antonio\AppData\LocalLow\GexagonVR [12/05/2020 17:02:29] - |D| - [2121884] - C:\Users\Antonio\AppData\LocalLow\GhostShark Games [30/10/2018 04:01:25] - |D| - [1746349] - C:\Users\Antonio\AppData\LocalLow\Google [19/03/2019 20:02:11] - |D| - [121542] - C:\Users\Antonio\AppData\LocalLow\Groundshatter [12/08/2019 17:08:11] - |D| - [35632] - C:\Users\Antonio\AppData\LocalLow\Hologryph [08/10/2020 23:27:49] - |D| - [2556767] - C:\Users\Antonio\AppData\LocalLow\Hopoo Games, LLC [08/06/2020 00:13:22] - |D| - [106995] - C:\Users\Antonio\AppData\LocalLow\Hubert Moszka [12/03/2020 14:15:38] - |D| - [308479] - C:\Users\Antonio\AppData\LocalLow\Hyperbolic Magnetism [16/05/2020 00:41:00] - |D| - [46538] - C:\Users\Antonio\AppData\LocalLow\iNKStories [23/08/2020 00:55:29] - |D| - [441703] - C:\Users\Antonio\AppData\LocalLow\Innersloth [23/12/2020 22:49:39] - |D| - [3006] - C:\Users\Antonio\AppData\LocalLow\IronOak Games [31/07/2020 03:14:58] - |D| - [633798] - C:\Users\Antonio\AppData\LocalLow\Jo-Mei GmbH [08/05/2020 18:02:14] - |D| - [836] - C:\Users\Antonio\AppData\LocalLow\John Carline [12/10/2020 19:58:04] - |D| - [36564] - C:\Users\Antonio\AppData\LocalLow\Kinetic Games [08/11/2020 14:53:25] - |D| - [27171] - C:\Users\Antonio\AppData\LocalLow\Klei [01/03/2021 06:16:40] - |D| - [57274] - C:\Users\Antonio\AppData\LocalLow\Kubold [10/05/2020 21:14:34] - |D| - [5364174] - C:\Users\Antonio\AppData\LocalLow\Landfall Games [26/10/2020 16:02:19] - |D| - [22068946] - C:\Users\Antonio\AppData\LocalLow\Lazy Bear Games [17/06/2020 23:22:34] - |D| - [134640] - C:\Users\Antonio\AppData\LocalLow\Lighthouse Games Studio [23/03/2018 12:28:38] - |D| - [4458] - C:\Users\Antonio\AppData\LocalLow\Lince Works [31/10/2020 09:02:18] - |D| - [12137] - C:\Users\Antonio\AppData\LocalLow\M7 production _ Attrito [05/12/2019 21:08:11] - |D| - [23218669] - C:\Users\Antonio\AppData\LocalLow\MCC [23/03/2018 10:42:21] - |SD| - [16042888] - C:\Users\Antonio\AppData\LocalLow\Microsoft [10/10/2020 16:29:30] - |D| - [437458354] - C:\Users\Antonio\AppData\LocalLow\miHoYo [09/09/2020 17:58:25] - |D| - [11910933] - C:\Users\Antonio\AppData\LocalLow\MinskWorks [18/07/2019 19:10:21] - |D| - [391142] - C:\Users\Antonio\AppData\LocalLow\Mobius Digital [23/03/2018 10:45:42] - |D| - [5345280] - C:\Users\Antonio\AppData\LocalLow\Mozilla [19/05/2020 03:24:01] - |D| - [272] - C:\Users\Antonio\AppData\LocalLow\Nauticrawl [06/06/2020 23:05:59] - |D| - [117417] - C:\Users\Antonio\AppData\LocalLow\Neat Corporation [27/05/2018 05:36:09] - |D| - [16770] - C:\Users\Antonio\AppData\LocalLow\Necrophone Games [14/03/2020 00:54:22] - |D| - [864014] - C:\Users\Antonio\AppData\LocalLow\NextGen Reality [13/11/2019 22:56:41] - |D| - [608625] - C:\Users\Antonio\AppData\LocalLow\Night School Studio [07/06/2018 20:03:10] - |D| - [1407] - C:\Users\Antonio\AppData\LocalLow\NilsJakrins [11/11/2018 17:09:18] - |D| - [476707] - C:\Users\Antonio\AppData\LocalLow\Noble Muffins [05/02/2020 18:50:26] - |D| - [42897809] - C:\Users\Antonio\AppData\LocalLow\NotGames [01/08/2018 23:47:56] - |D| - [45083] - C:\Users\Antonio\AppData\LocalLow\Nuclear Tales [16/01/2021 21:57:44] - |D| - [61505] - C:\Users\Antonio\AppData\LocalLow\N_Fusion Interactive [21/02/2020 11:15:02] - |D| - [267903450] - C:\Users\Antonio\AppData\LocalLow\Oculus [25/04/2021 00:45:15] - |D| - [838397] - C:\Users\Antonio\AppData\LocalLow\Oddworld Inhabitants Inc [21/08/2018 16:20:35] - |D| - [1124352] - C:\Users\Antonio\AppData\LocalLow\Oracle [22/12/2019 09:23:04] - |D| - [272] - C:\Users\Antonio\AppData\LocalLow\OsmoticStudios [25/04/2020 18:54:15] - |D| - [24770] - C:\Users\Antonio\AppData\LocalLow\OtherOcean [21/02/2020 11:52:48] - |D| - [5776] - C:\Users\Antonio\AppData\LocalLow\Owlchemy Labs [07/01/2020 22:22:25] - |D| - [635483] - C:\Users\Antonio\AppData\LocalLow\Pajama Llama Games [28/02/2020 13:28:49] - |D| - [20381100] - C:\Users\Antonio\AppData\LocalLow\PanicBarn [01/02/2021 00:25:59] - |D| - [3099362] - C:\Users\Antonio\AppData\LocalLow\Pathea Entertainment [19/01/2019 03:09:46] - |D| - [805098701] - C:\Users\Antonio\AppData\LocalLow\Pathea Games [14/03/2020 18:23:49] - |D| - [10525192] - C:\Users\Antonio\AppData\LocalLow\PenduloStudios [23/05/2019 03:06:55] - |D| - [1505] - C:\Users\Antonio\AppData\LocalLow\Perfectly Paranormal [26/10/2018 00:34:38] - |D| - [120467] - C:\Users\Antonio\AppData\LocalLow\Piece of Cake studios [01/10/2019 21:28:12] - |D| - [2174450] - C:\Users\Antonio\AppData\LocalLow\Polyslash [19/05/2018 14:27:22] - |D| - [236769] - C:\Users\Antonio\AppData\LocalLow\Project_Moon [30/10/2020 15:13:10] - |D| - [13433] - C:\Users\Antonio\AppData\LocalLow\Ravenhood Games [22/10/2018 17:30:47] - |A| - [253] - C:\Users\Antonio\AppData\LocalLow\rbxcsettings.rbx [11/05/2020 19:01:43] - |D| - [884] - C:\Users\Antonio\AppData\LocalLow\RealGameMachine [09/08/2020 00:33:31] - |D| - [1906] - C:\Users\Antonio\AppData\LocalLow\Realmforge Studios GmbH [26/05/2018 03:30:07] - |D| - [20386] - C:\Users\Antonio\AppData\LocalLow\Redbeet Interactive [19/05/2018 21:03:57] - |D| - [7067] - C:\Users\Antonio\AppData\LocalLow\Reflect Studios [13/04/2021 23:16:38] - |D| - [700250] - C:\Users\Antonio\AppData\LocalLow\Rejected Games [06/08/2019 04:04:38] - |D| - [10404935] - C:\Users\Antonio\AppData\LocalLow\Robot Gentleman [03/12/2020 05:20:41] - |D| - [45489395] - C:\Users\Antonio\AppData\LocalLow\RomeroGames [13/03/2020 23:25:38] - |D| - [10187] - C:\Users\Antonio\AppData\LocalLow\Schell Games [15/10/2019 19:44:39] - |D| - [5573202] - C:\Users\Antonio\AppData\LocalLow\Serious Sim [04/07/2018 20:10:10] - |D| - [3438805] - C:\Users\Antonio\AppData\LocalLow\Shiver Games [21/07/2019 02:56:33] - |D| - [3718352] - C:\Users\Antonio\AppData\LocalLow\SKS [07/08/2018 23:37:24] - |D| - [2683] - C:\Users\Antonio\AppData\LocalLow\Smiling Buddha Games [01/10/2018 08:30:29] - |D| - [20672] - C:\Users\Antonio\AppData\LocalLow\SpaceBulletDynamicsCorporation [27/01/2021 01:20:37] - |A| - [573189] - C:\Users\Antonio\AppData\LocalLow\sqlite3.dll [08/10/2019 17:48:49] - |D| - [8064531] - C:\Users\Antonio\AppData\LocalLow\Statespace [12/05/2019 15:14:17] - |D| - [74635] - C:\Users\Antonio\AppData\LocalLow\Steel Crate Games [22/09/2020 02:49:55] - |D| - [5265] - C:\Users\Antonio\AppData\LocalLow\Story Fort [08/07/2018 19:42:46] - |D| - [6599510] - C:\Users\Antonio\AppData\LocalLow\Strange Loop Games [24/02/2020 21:20:45] - |D| - [92139] - C:\Users\Antonio\AppData\LocalLow\Stress Level Zero [12/05/2020 20:04:07] - |D| - [395908] - C:\Users\Antonio\AppData\LocalLow\StuckInAttic [22/01/2021 06:07:17] - |D| - [852976] - C:\Users\Antonio\AppData\LocalLow\Studio Seufz [18/07/2018 05:34:38] - |D| - [1645] - C:\Users\Antonio\AppData\LocalLow\Subterranean Games [01/05/2018 14:58:26] - |D| - [38555] - C:\Users\Antonio\AppData\LocalLow\Sun [04/07/2020 14:39:27] - |D| - [4066] - C:\Users\Antonio\AppData\LocalLow\SUPERHOT_Team [24/03/2021 01:33:13] - |D| - [106393] - C:\Users\Antonio\AppData\LocalLow\TavroxGames [23/12/2019 19:20:48] - |D| - [2159004] - C:\Users\Antonio\AppData\LocalLow\Team 17 Digital ltd_ [09/07/2018 05:53:36] - |D| - [356545] - C:\Users\Antonio\AppData\LocalLow\Team Cherry [22/06/2018 18:39:12] - |D| - [1956] - C:\Users\Antonio\AppData\LocalLow\Team HalfBeard [26/10/2020 06:19:47] - |D| - [2228881] - C:\Users\Antonio\AppData\LocalLow\Team17 Digital Ltd_ [24/01/2019 06:00:45] - |D| - [0] - C:\Users\Antonio\AppData\LocalLow\Temp [28/09/2018 00:10:47] - |D| - [269168] - C:\Users\Antonio\AppData\LocalLow\The Irregular Corp [19/08/2020 02:01:08] - |D| - [50292022] - C:\Users\Antonio\AppData\LocalLow\Thunder Lotus Games [05/03/2021 12:47:14] - |D| - [812] - C:\Users\Antonio\AppData\LocalLow\Toast VR [23/09/2020 14:01:50] - |D| - [18069] - C:\Users\Antonio\AppData\LocalLow\Twisted Pixel [30/08/2018 05:25:05] - |D| - [1442707] - C:\Users\Antonio\AppData\LocalLow\Two Point Studios [23/05/2020 05:20:51] - |D| - [78959] - C:\Users\Antonio\AppData\LocalLow\U-Play online [17/02/2021 23:32:36] - |D| - [53961] - C:\Users\Antonio\AppData\LocalLow\Ubisoft [12/05/2020 20:00:37] - |D| - [27637] - C:\Users\Antonio\AppData\LocalLow\Unbound Creations [24/02/2020 02:37:27] - |D| - [8889839] - C:\Users\Antonio\AppData\LocalLow\Unity [22/12/2020 03:14:18] - |D| - [3194242] - C:\Users\Antonio\AppData\LocalLow\Unknown Worlds [05/12/2019 21:08:11] - |D| - [27] - C:\Users\Antonio\AppData\LocalLow\UnrealEngine [21/02/2020 15:21:07] - |D| - [26579] - C:\Users\Antonio\AppData\LocalLow\Valve [03/10/2020 01:02:30] - |D| - [3953621] - C:\Users\Antonio\AppData\LocalLow\Volcanoid [27/01/2021 01:20:37] - |D| - [10013620] - C:\Users\Antonio\AppData\LocalLow\Wallets [27/02/2020 20:20:55] - |D| - [19674] - C:\Users\Antonio\AppData\LocalLow\WarpFrog [25/07/2019 01:15:21] - |D| - [13359] - C:\Users\Antonio\AppData\LocalLow\Wastelands Interactive [25/06/2018 02:20:48] - |D| - [1293094] - C:\Users\Antonio\AppData\LocalLow\Weappy [08/03/2020 00:17:05] - |D| - [26189] - C:\Users\Antonio\AppData\LocalLow\Wolf _ Wood Interactive Ltd [01/01/2021 10:55:52] - |D| - [17958900] - C:\Users\Antonio\AppData\LocalLow\ZAUM Studio [31/01/2021 02:37:35] - |D| - [6002174] - C:\Users\Antonio\AppData\LocalLow\Zulubo Productions [22/04/2021 15:12:07] - |D| - [495242787] - C:\Users\Antonio\AppData\Roaming\.minecraft [25/04/2019 01:53:50] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\.mono [07/08/2019 02:20:51] - |D| - [227] - C:\Users\Antonio\AppData\Roaming\11bitstudios [12/02/2020 15:56:14] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\A Plague Tale Innocence [23/03/2018 10:39:58] - |D| - [56692971] - C:\Users\Antonio\AppData\Roaming\Adobe [23/01/2020 13:10:34] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\AnkamaCertificates [13/06/2020 17:56:56] - |D| - [751326] - C:\Users\Antonio\AppData\Roaming\AnyDesk [07/07/2019 02:13:06] - |D| - [12068596] - C:\Users\Antonio\AppData\Roaming\Apowersoft [05/07/2018 00:48:20] - |D| - [24989] - C:\Users\Antonio\AppData\Roaming\Apple Computer [06/04/2018 00:42:24] - |D| - [64919] - C:\Users\Antonio\AppData\Roaming\audacity [05/10/2018 23:13:32] - |D| - [8275] - C:\Users\Antonio\AppData\Roaming\Battle.net [23/10/2019 01:34:19] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\Battlestate Games [11/11/2019 01:23:18] - |D| - [159] - C:\Users\Antonio\AppData\Roaming\Beat Hazard [12/03/2020 19:09:01] - |D| - [73932188] - C:\Users\Antonio\AppData\Roaming\beatdrop [14/11/2019 19:29:07] - |D| - [99704510] - C:\Users\Antonio\AppData\Roaming\BetterDiscord [05/02/2021 18:09:35] - |D| - [15333574] - C:\Users\Antonio\AppData\Roaming\BitTorrent [24/02/2020 02:30:45] - |D| - [129122] - C:\Users\Antonio\AppData\Roaming\Blender Foundation [29/01/2021 23:11:22] - |D| - [41147128] - C:\Users\Antonio\AppData\Roaming\Blitz [24/06/2019 13:21:52] - |D| - [5364] - C:\Users\Antonio\AppData\Roaming\BrawlhallaAir [13/11/2018 08:57:42] - |D| - [10443] - C:\Users\Antonio\AppData\Roaming\Bungie [14/06/2018 00:36:12] - |D| - [4080] - C:\Users\Antonio\AppData\Roaming\Canon [12/07/2018 19:56:18] - |D| - [12080] - C:\Users\Antonio\AppData\Roaming\CitizenFX [22/05/2020 03:24:28] - |D| - [10013620] - C:\Users\Antonio\AppData\Roaming\com.liberty.jaxx [24/04/2020 01:30:29] - |D| - [112853] - C:\Users\Antonio\AppData\Roaming\com.soundself.app [16/01/2019 15:50:38] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\CPY_SAVES [26/05/2018 03:30:07] - |D| - [249] - C:\Users\Antonio\AppData\Roaming\CreamAPI [23/01/2020 13:10:11] - |A| - [117] - C:\Users\Antonio\AppData\Roaming\D2Info0 [17/08/2018 15:28:56] - |D| - [80504] - C:\Users\Antonio\AppData\Roaming\DAEMON Tools Lite [06/04/2020 19:16:29] - |D| - [9309328] - C:\Users\Antonio\AppData\Roaming\DarkSoulsIII [19/10/2018 14:19:51] - |D| - [3208] - C:\Users\Antonio\AppData\Roaming\deblob [09/11/2020 13:03:04] - |D| - [469409330] - C:\Users\Antonio\AppData\Roaming\discord [23/01/2020 13:10:11] - |A| - [8] - C:\Users\Antonio\AppData\Roaming\DofusAppId0_1 [24/01/2020 17:10:45] - |A| - [8] - C:\Users\Antonio\AppData\Roaming\DofusAppId0_2 [24/01/2020 21:50:49] - |A| - [8] - C:\Users\Antonio\AppData\Roaming\DofusAppId0_3 [06/01/2020 00:27:08] - |D| - [43172352] - C:\Users\Antonio\AppData\Roaming\Downloaded Installations [28/03/2021 23:35:22] - |D| - [3122] - C:\Users\Antonio\AppData\Roaming\DS4Windows [17/11/2018 21:23:13] - |D| - [832] - C:\Users\Antonio\AppData\Roaming\dvdcss [16/05/2021 16:29:06] - |D| - [9648104] - C:\Users\Antonio\AppData\Roaming\EasyAntiCheat [29/03/2020 00:17:37] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\editeurpanovisu.EditeurPanovisu [17/06/2020 15:33:35] - |D| - [32944] - C:\Users\Antonio\AppData\Roaming\Eidos Montreal [02/03/2021 04:35:24] - |A| - [12288] - C:\Users\Antonio\AppData\Roaming\emp.bin [02/03/2021 04:16:08] - |D| - [846] - C:\Users\Antonio\AppData\Roaming\EMPRESS [30/01/2019 19:47:29] - |D| - [337] - C:\Users\Antonio\AppData\Roaming\Eusing [27/11/2018 04:49:34] - |D| - [1241] - C:\Users\Antonio\AppData\Roaming\Fallout2 [25/10/2020 01:26:11] - |D| - [2161230] - C:\Users\Antonio\AppData\Roaming\Fatshark [02/07/2020 10:08:17] - |D| - [92] - C:\Users\Antonio\AppData\Roaming\FFXV_Radio_Tuner [03/06/2018 23:37:04] - |D| - [2076847] - C:\Users\Antonio\AppData\Roaming\FiraxisLive [12/02/2021 21:16:25] - |D| - [6837155] - C:\Users\Antonio\AppData\Roaming\FlashIntegro [06/02/2019 00:05:02] - |D| - [94] - C:\Users\Antonio\AppData\Roaming\fltk.org [08/05/2020 16:06:52] - |D| - [95950] - C:\Users\Antonio\AppData\Roaming\FlyInside [04/04/2020 12:23:53] - |D| - [466614] - C:\Users\Antonio\AppData\Roaming\GIMP [05/06/2019 21:04:56] - |D| - [13652330] - C:\Users\Antonio\AppData\Roaming\GitHub Desktop [24/02/2020 21:21:24] - |D| - [1329993] - C:\Users\Antonio\AppData\Roaming\Goldberg SteamEmu Saves [11/08/2018 18:25:51] - |D| - [39653165] - C:\Users\Antonio\AppData\Roaming\Guild Wars 2 [17/05/2021 12:27:00] - |D| - [1096] - C:\Users\Antonio\AppData\Roaming\HD Tune Pro [04/03/2021 11:32:36] - |D| - [3680360] - C:\Users\Antonio\AppData\Roaming\HelloGames [31/01/2020 14:32:26] - |D| - [29754] - C:\Users\Antonio\AppData\Roaming\HexChat [19/08/2020 02:01:14] - |D| - [69] - C:\Users\Antonio\AppData\Roaming\HOODLUM [10/09/2020 17:08:19] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\Ice-Pick Lodge [02/04/2021 20:51:00] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\Identities [01/12/2018 06:32:40] - |D| - [17612707] - C:\Users\Antonio\AppData\Roaming\IO Interactive [08/08/2019 08:55:49] - |D| - [13138] - C:\Users\Antonio\AppData\Roaming\JetBrains [08/08/2019 08:43:50] - |D| - [167179] - C:\Users\Antonio\AppData\Roaming\JustDecompile [10/06/2018 20:50:33] - |D| - [441845] - C:\Users\Antonio\AppData\Roaming\Kalypso Media [17/05/2020 22:57:47] - |D| - [1804867] - C:\Users\Antonio\AppData\Roaming\L0yyFiles [12/08/2018 20:06:37] - |D| - [57344] - C:\Users\Antonio\AppData\Roaming\LambdaMenu [02/12/2018 23:49:32] - |D| - [9239] - C:\Users\Antonio\AppData\Roaming\Locktime [02/12/2018 23:48:41] - |D| - [1835008] - C:\Users\Antonio\AppData\Roaming\Locktime Software [27/05/2018 15:11:48] - |D| - [630452] - C:\Users\Antonio\AppData\Roaming\LucasArts [12/05/2018 20:41:59] - |D| - [1426] - C:\Users\Antonio\AppData\Roaming\Macromedia [10/09/2019 12:45:18] - |D| - [4836] - C:\Users\Antonio\AppData\Roaming\Mael Horz [22/06/2018 15:57:01] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\MAGIX [13/12/2019 11:06:27] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\MAGIX Computer Products Intl. Co [06/12/2020 09:03:54] - |D| - [265140138] - C:\Users\Antonio\AppData\Roaming\ManyCam [20/05/2020 00:45:03] - |D| - [29325] - C:\Users\Antonio\AppData\Roaming\MARSBAR [17/02/2021 19:54:55] - |A| - [257] - C:\Users\Antonio\AppData\Roaming\MelonLoader.Installer.cfg [27/07/2020 00:00:19] - |SD| - [19707202] - C:\Users\Antonio\AppData\Roaming\Microsoft [24/02/2020 02:03:24] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\Microsoft Visual Studio [30/09/2018 18:13:48] - |D| - [251] - C:\Users\Antonio\AppData\Roaming\Mobile Gamepad Server [03/06/2018 23:36:03] - |D| - [48912] - C:\Users\Antonio\AppData\Roaming\ModLauncherWPF [23/03/2018 10:45:42] - |D| - [468185299] - C:\Users\Antonio\AppData\Roaming\Mozilla [30/06/2018 12:49:59] - |D| - [91] - C:\Users\Antonio\AppData\Roaming\MPC-HC [14/08/2019 17:20:36] - |D| - [162554] - C:\Users\Antonio\AppData\Roaming\Mumble [31/05/2018 02:09:50] - |D| - [36935895] - C:\Users\Antonio\AppData\Roaming\Natural Selection 2 [08/02/2021 15:24:39] - |D| - [36400] - C:\Users\Antonio\AppData\Roaming\NCH Software [28/03/2021 12:33:27] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\Nefarius Software Solutions [18/09/2020 18:39:32] - |D| - [4] - C:\Users\Antonio\AppData\Roaming\NemirtingasEpicEmu [03/01/2019 05:39:35] - |D| - [6683622] - C:\Users\Antonio\AppData\Roaming\netify_jump [25/01/2019 01:51:24] - |D| - [1775] - C:\Users\Antonio\AppData\Roaming\Nidhogg [22/12/2020 03:14:15] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\Nitrox [11/11/2019 01:37:20] - |D| - [13617933] - C:\Users\Antonio\AppData\Roaming\NoteBurner Spotify Music Converter [06/05/2018 22:50:19] - |D| - [2700788] - C:\Users\Antonio\AppData\Roaming\Notepad++ [15/06/2019 00:37:35] - |D| - [23614433] - C:\Users\Antonio\AppData\Roaming\npm [06/06/2019 02:03:18] - |D| - [77222315] - C:\Users\Antonio\AppData\Roaming\npm-cache [08/08/2019 08:57:08] - |D| - [210] - C:\Users\Antonio\AppData\Roaming\NuGet [24/02/2021 01:11:44] - |D| - [780476] - C:\Users\Antonio\AppData\Roaming\NVIDIA [25/05/2018 19:58:16] - |D| - [21825056] - C:\Users\Antonio\AppData\Roaming\obs-studio [06/03/2020 20:14:09] - |D| - [1548184] - C:\Users\Antonio\AppData\Roaming\obs-studio-node-server [13/11/2020 00:10:53] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\Obsidium [20/02/2020 04:18:36] - |D| - [905861] - C:\Users\Antonio\AppData\Roaming\Oculus [20/02/2020 04:20:38] - |D| - [271637354] - C:\Users\Antonio\AppData\Roaming\OculusClient [08/08/2018 22:43:01] - |D| - [12452907] - C:\Users\Antonio\AppData\Roaming\OpenOffice [24/04/2021 16:06:54] - |D| - [27174976] - C:\Users\Antonio\AppData\Roaming\Opera Software [07/12/2018 05:52:32] - |D| - [1374875] - C:\Users\Antonio\AppData\Roaming\Origin [13/10/2018 18:09:35] - |D| - [1230] - C:\Users\Antonio\AppData\Roaming\Pozzum [09/10/2018 23:30:00] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\Prince of Codes [28/07/2019 06:12:51] - |D| - [11038] - C:\Users\Antonio\AppData\Roaming\Process Hacker 2 [08/08/2019 08:39:46] - |D| - [76] - C:\Users\Antonio\AppData\Roaming\Progress [25/02/2019 14:43:21] - |D| - [4084736] - C:\Users\Antonio\AppData\Roaming\ProtonVPN AG [04/10/2018 11:10:12] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\Publish Providers [19/06/2019 13:52:59] - |D| - [46969722] - C:\Users\Antonio\AppData\Roaming\Python [26/05/2019 21:16:06] - |D| - [281] - C:\Users\Antonio\AppData\Roaming\Resanance [06/03/2020 22:37:16] - |D| - [339] - C:\Users\Antonio\AppData\Roaming\Revive [14/06/2020 22:44:49] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\REVOLT [13/07/2019 15:21:53] - |D| - [81] - C:\Users\Antonio\AppData\Roaming\RobotSoft [08/06/2020 00:14:23] - |D| - [7960] - C:\Users\Antonio\AppData\Roaming\SCP Secret Laboratory [11/07/2018 02:57:36] - |D| - [8161864] - C:\Users\Antonio\AppData\Roaming\Screaming Bee [08/08/2018 01:38:49] - |D| - [5630810] - C:\Users\Antonio\AppData\Roaming\Sega [04/04/2019 01:21:32] - |D| - [11930448] - C:\Users\Antonio\AppData\Roaming\Sekiro [01/12/2020 11:27:17] - |D| - [4330] - C:\Users\Antonio\AppData\Roaming\SeriousBit [06/03/2020 20:14:07] - |D| - [443533118] - C:\Users\Antonio\AppData\Roaming\slobs-client [06/03/2020 20:14:10] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\slobs-plugins [05/04/2018 00:32:47] - |D| - [1276360] - C:\Users\Antonio\AppData\Roaming\SmartSteamEmu [24/06/2018 18:28:17] - |D| - [547324] - C:\Users\Antonio\AppData\Roaming\Sony [24/05/2018 23:00:14] - |D| - [346856477] - C:\Users\Antonio\AppData\Roaming\SplitmediaLabs [08/10/2020 23:34:28] - |D| - [226838653] - C:\Users\Antonio\AppData\Roaming\Spotify [11/11/2019 01:56:00] - |D| - [12940] - C:\Users\Antonio\AppData\Roaming\Spotydl [27/04/2020 22:09:36] - |D| - [1611427] - C:\Users\Antonio\AppData\Roaming\State of Mind_Uninstall [21/06/2018 19:58:03] - |D| - [322622] - C:\Users\Antonio\AppData\Roaming\Steam [19/09/2020 15:08:51] - |D| - [8640714] - C:\Users\Antonio\AppData\Roaming\steelseries-engine-3-client [28/04/2021 20:57:22] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\Sun [22/11/2018 03:42:15] - |D| - [346070] - C:\Users\Antonio\AppData\Roaming\TeamViewer [14/11/2018 22:59:30] - |D| - [5559250] - C:\Users\Antonio\AppData\Roaming\tor [22/01/2021 05:47:21] - |D| - [226] - C:\Users\Antonio\AppData\Roaming\Transformice [01/07/2018 20:44:23] - |D| - [129425679] - C:\Users\Antonio\AppData\Roaming\TS3Client [07/09/2019 18:38:56] - |D| - [2486339] - C:\Users\Antonio\AppData\Roaming\Ubisoft [13/11/2018 22:54:04] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\Unified Remote [24/02/2020 02:37:26] - |D| - [16871892] - C:\Users\Antonio\AppData\Roaming\Unity [17/10/2020 03:18:57] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\Unity Hub [17/10/2020 03:18:57] - |D| - [18894064] - C:\Users\Antonio\AppData\Roaming\UnityHub [06/11/2020 20:24:58] - |D| - [153762] - C:\Users\Antonio\AppData\Roaming\uplay [11/02/2021 16:45:39] - |D| - [25326543] - C:\Users\Antonio\AppData\Roaming\uTorrent [10/06/2020 18:24:56] - |D| - [218332] - C:\Users\Antonio\AppData\Roaming\Valve Corporation [24/06/2018 18:32:14] - |D| - [54] - C:\Users\Antonio\AppData\Roaming\VEGAS [24/06/2018 18:32:10] - |D| - [16007] - C:\Users\Antonio\AppData\Roaming\VEGAS Pro [24/02/2020 02:03:25] - |D| - [4788776] - C:\Users\Antonio\AppData\Roaming\Visual Studio Setup [23/03/2018 17:30:26] - |D| - [179433] - C:\Users\Antonio\AppData\Roaming\vlc [15/12/2018 15:50:01] - |D| - [2468] - C:\Users\Antonio\AppData\Roaming\VMware [23/10/2018 08:51:45] - |D| - [2449916254] - C:\Users\Antonio\AppData\Roaming\Vortex [24/02/2020 02:03:25] - |D| - [66] - C:\Users\Antonio\AppData\Roaming\vstelemetry [29/03/2020 05:40:30] - |D| - [1002] - C:\Users\Antonio\AppData\Roaming\W3ModMerger [23/01/2020 16:00:48] - |D| - [6878137] - C:\Users\Antonio\AppData\Roaming\Warner Bros. Interactive Entertainment [09/10/2019 12:40:44] - |D| - [82276714] - C:\Users\Antonio\AppData\Roaming\WeMod [23/11/2019 03:15:20] - |D| - [426562] - C:\Users\Antonio\AppData\Roaming\WinRAR [20/08/2019 21:33:59] - |D| - [89412240] - C:\Users\Antonio\AppData\Roaming\ZHP [16/11/2020 21:47:17] - |D| - [98810446] - C:\Users\Antonio\AppData\Roaming\Zoom [23/01/2020 13:10:15] - |D| - [5841] - C:\Users\Antonio\AppData\Roaming\[Worker].null [14/01/2020 02:19:57] - |A| - [44] - C:\Users\Antonio\AppData\Roaming\~SiMPLEX.ini [23/03/2018 10:39:59] - |SH| - [174] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [18/04/2021 17:02:38] - |A| - [1034] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Impulse Launcher.lnk [27/07/2020 00:00:19] - |SHD| - [0] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [23/03/2018 10:39:58] - |RD| - [101382] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [11/02/2021 16:45:40] - |A| - [878] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk [27/07/2020 00:00:19] - |RD| - [3888] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [27/07/2020 00:00:19] - |RD| - [1674] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [23/03/2018 10:39:59] - |RD| - [174] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [22/01/2020 23:32:15] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ankama [11/11/2019 01:22:04] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Beat Hazard Ultra [12/03/2020 19:08:57] - |A| - [826] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BeatDrop.lnk [24/11/2018 21:16:04] - |D| - [231] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bethesda.net Launcher [28/07/2019 20:58:09] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blitz Inc [29/01/2021 23:11:19] - |A| - [2255] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blitz.lnk [27/07/2020 00:00:19] - |SH| - [264] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [19/10/2018 01:37:45] - |D| - [968] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Games [23/03/2018 10:59:49] - |D| - [2251] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc [23/11/2019 03:13:34] - |D| - [2600] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DiskInternals [26/09/2018 21:12:07] - |D| - [3424] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam [06/12/2020 06:52:00] - |A| - [2166] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk [30/08/2018 01:25:12] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\F4SE [04/05/2021 21:22:21] - |A| - [2130] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiveM - Cfx.re Development Kit (FxDK).lnk [04/05/2021 21:22:21] - |A| - [2138] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiveM.lnk [23/03/2018 12:30:22] - |A| - [1047] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fonctionnalités optionnelles.lnk [05/06/2019 21:04:56] - |D| - [2375] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc [03/03/2020 21:59:30] - |D| - [6620] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader [08/08/2019 08:56:09] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JetBrains [27/07/2020 00:00:19] - |D| - [170] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [22/08/2018 02:43:01] - |D| - [4426] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync [24/04/2021 16:08:27] - |A| - [1434] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera GX.lnk [03/01/2019 05:38:56] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Netify Jump [11/11/2019 01:37:16] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Noteburner [15/06/2019 00:47:22] - |D| - [6729] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.5 [23/09/2020 14:29:16] - |D| - [1800] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revive [07/05/2020 10:56:09] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games [22/10/2018 17:31:05] - |D| - [2697] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox [16/10/2019 16:18:49] - |D| - [729] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games [08/01/2020 01:43:35] - |D| - [3466] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SnakeBite [08/10/2020 23:35:31] - |A| - [1846] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk [11/05/2019 19:51:04] - |A| - [797] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk [23/03/2018 10:39:59] - |RD| - [2638] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [21/09/2018 19:08:04] - |HD| - [1095] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled [12/10/2018 18:18:18] - |D| - [7780] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam [27/07/2020 00:00:19] - |RD| - [4913] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [01/07/2018 20:44:19] - |A| - [576] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk [15/03/2020 04:40:46] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls Online [06/12/2018 22:31:20] - |D| - [2231] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft [25/06/2019 22:09:35] - |D| - [2514] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VB Audio [09/10/2019 12:40:44] - |D| - [2177] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod [30/04/2021 17:28:04] - |D| - [1863] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat [27/07/2020 00:00:19] - |D| - [7844] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [23/11/2019 03:15:11] - |D| - [4577] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [29/03/2020 10:32:47] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPanorama [16/11/2020 21:47:37] - |D| - [4049] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom [07/08/2019 17:44:50] - |D| - [0] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ÌÚѶÈí¼þ [23/03/2018 10:39:59] - |SH| - [174] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [02/02/2019 03:17:11] - |A| - [1095] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [05/07/2019 22:05:58] - |A| - [1369] - C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 - Capture d’écran et lancement.lnk ---------- | [Public] [10/09/2015 07:56:21] - |RHD| - [62408] - C:\Users\Public\AccountPictures [25/06/2019 21:28:53] - |D| - [144] - C:\Users\Public\BlueStacks [31/07/2015 00:42:06] - |RHD| - [11106] - C:\Users\Public\Desktop [07/12/2019 11:14:54] - |ASH| - [174] - C:\Users\Public\desktop.ini [31/07/2015 00:42:06] - |RD| - [770911209] - C:\Users\Public\Documents [31/07/2015 00:42:06] - |RD| - [174] - C:\Users\Public\Downloads [07/12/2019 11:14:52] - |RHD| - [5295] - C:\Users\Public\Libraries [31/07/2015 00:42:06] - |RD| - [380] - C:\Users\Public\Music [31/07/2015 00:42:06] - |RD| - [380] - C:\Users\Public\Pictures [03/02/2020 13:42:43] - |ASH| - [0] - C:\Users\Public\Shared Files [31/07/2015 00:42:06] - |RD| - [380] - C:\Users\Public\Videos ---------- | C:\ProgramData [07/01/2020 01:13:34] - |D| - [0] - C:\ProgramData\.mono [27/01/2021 01:20:29] - |D| - [1907232] - C:\ProgramData\54 [27/01/2021 01:20:29] - |A| - [1564823] - C:\ProgramData\5461 [12/09/2018 04:03:07] - |D| - [533320] - C:\ProgramData\Adobe [02/07/2019 21:26:20] - |D| - [0] - C:\ProgramData\Age of Empires 3 [22/09/2018 20:02:21] - |A| - [46947] - C:\ProgramData\agent.1537639340.bdinstall.bin [03/01/2019 21:37:39] - |A| - [57656] - C:\ProgramData\agent.uninstall.1546544253.bdinstall.v2.bin [02/01/2019 20:13:59] - |A| - [76732] - C:\ProgramData\agent.update.1546452820.bdinstall.v2.bin [16/05/2021 15:12:53] - |D| - [51] - C:\ProgramData\AomeiBR [07/07/2019 02:16:03] - |D| - [14456] - C:\ProgramData\Apowersoft [05/07/2018 00:39:03] - |D| - [23726080] - C:\ProgramData\Apple [07/02/2019 00:05:32] - |D| - [28397568] - C:\ProgramData\Apple Computer [27/07/2020 00:05:59] - |SHD| - [0] - C:\ProgramData\Application Data [23/09/2018 19:39:51] - |D| - [0] - C:\ProgramData\Atc [17/12/2018 19:40:06] - |A| - [125] - C:\ProgramData\autoclickconfig.ini [05/10/2018 23:04:19] - |D| - [27393062] - C:\ProgramData\Battle.net [23/10/2019 01:34:19] - |D| - [0] - C:\ProgramData\Battlestate Games [05/10/2018 23:15:30] - |D| - [447885541] - C:\ProgramData\Blizzard Entertainment [24/02/2020 19:12:49] - |D| - [0] - C:\ProgramData\boost_interprocess [23/03/2018 10:37:51] - |SHD| - [0] - C:\ProgramData\Bureau [22/09/2018 19:42:50] - |D| - [0] - C:\ProgramData\Canon [13/06/2018 18:19:32] - |HD| - [34157691] - C:\ProgramData\CanonBJ [14/06/2018 00:36:13] - |HD| - [1764] - C:\ProgramData\CanonIJQuickMenu [13/06/2018 18:19:56] - |D| - [86797] - C:\ProgramData\CanonIJWSpt [28/04/2019 23:25:51] - |D| - [0] - C:\ProgramData\Caphyon [13/05/2019 23:49:32] - |D| - [1174] - C:\ProgramData\Carnac [16/04/2020 18:10:18] - |D| - [181407] - C:\ProgramData\cFos [21/07/2019 03:55:56] - |D| - [150016] - C:\ProgramData\CheatHappens Temp [23/09/2018 19:40:13] - |A| - [384540] - C:\ProgramData\cl.1537717039.bdinstall.bin [23/09/2018 19:40:13] - |A| - [46036] - C:\ProgramData\cl.kit.1537717038.bdinstall.bin [05/10/2018 00:59:39] - |A| - [185403] - C:\ProgramData\cl.uninstall.1538693824.bdinstall.bin [17/08/2018 15:28:30] - |D| - [3494] - C:\ProgramData\DAEMON Tools Lite [07/05/2020 00:36:45] - |D| - [0] - C:\ProgramData\dbg [28/03/2021 12:27:30] - |D| - [69076] - C:\ProgramData\Disc-Soft [27/07/2020 00:05:59] - |SHD| - [0] - C:\ProgramData\Documents [20/12/2020 02:58:23] - |A| - [288] - C:\ProgramData\droidcam-client-options-v1 [26/03/2018 18:34:31] - |A| - [97] - C:\ProgramData\droidcam-settings [20/12/2020 02:43:22] - |A| - [0] - C:\ProgramData\droidcam.log [05/07/2019 05:18:15] - |D| - [35106] - C:\ProgramData\Dropbox [24/01/2019 20:00:28] - |D| - [0] - C:\ProgramData\EA Core [24/01/2019 20:00:27] - |D| - [1944] - C:\ProgramData\EA Logs [17/03/2020 18:02:31] - |D| - [0] - C:\ProgramData\Elder Scrolls Online [08/12/2018 00:39:23] - |D| - [51008] - C:\ProgramData\Electronic Arts [24/09/2019 21:18:22] - |D| - [100527162] - C:\ProgramData\Epic [06/02/2019 00:05:02] - |D| - [94] - C:\ProgramData\fltk.org [07/04/2018 01:42:49] - |D| - [28746805] - C:\ProgramData\For Honor Data [20/04/2020 19:25:54] - |D| - [0] - C:\ProgramData\Frontier Developments [15/06/2019 00:25:22] - |D| - [178] - C:\ProgramData\Git [24/03/2018 02:25:39] - |D| - [1253203660] - C:\ProgramData\GOG.com [14/03/2020 21:43:32] - |D| - [2626582] - C:\ProgramData\Intel [06/08/2020 14:10:28] - |D| - [174] - C:\ProgramData\Intel Telemetry [27/01/2021 01:20:36] - |A| - [12] - C:\ProgramData\kaosdma.txt [02/12/2018 23:49:29] - |D| - [0] - C:\ProgramData\Locktime [15/10/2018 06:37:47] - |D| - [0] - C:\ProgramData\LogMeIn [04/10/2018 11:10:01] - |D| - [0] - C:\ProgramData\MAGIX [30/10/2018 16:57:25] - |D| - [280311242] - C:\ProgramData\Malwarebytes [06/12/2020 09:04:09] - |D| - [272473991] - C:\ProgramData\ManyCam [23/03/2018 10:37:51] - |SHD| - [0] - C:\ProgramData\Menu Démarrer [07/12/2019 11:14:52] - |SD| - [1937108919] - C:\ProgramData\Microsoft [25/10/2018 20:23:12] - |D| - [151938] - C:\ProgramData\Microsoft Help [27/07/2020 00:07:47] - |D| - [0] - C:\ProgramData\Microsoft OneDrive [24/02/2020 02:00:27] - |D| - [1104] - C:\ProgramData\Microsoft Visual Studio [25/10/2020 01:26:14] - |A| - [113] - C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc [10/10/2020 18:57:11] - |A| - [16] - C:\ProgramData\mntemp [23/03/2018 10:37:51] - |SHD| - [0] - C:\ProgramData\Modèles [06/02/2021 12:38:06] - |D| - [768275] - C:\ProgramData\Mount and Blade II Bannerlord [03/02/2019 13:51:07] - |D| - [40550] - C:\ProgramData\Mozilla [16/04/2020 18:10:52] - |D| - [66639] - C:\ProgramData\MSI [10/08/2020 18:00:43] - |D| - [0] - C:\ProgramData\Nefarius Software Solutions e.U [28/04/2019 23:25:50] - |D| - [119756] - C:\ProgramData\NordVpn [05/02/2021 11:08:12] - |RASH| - [8] - C:\ProgramData\ntuser.pol [23/03/2018 10:57:47] - |D| - [25528573] - C:\ProgramData\NVIDIA [23/03/2018 10:55:42] - |D| - [2974340364] - C:\ProgramData\NVIDIA Corporation [13/06/2020 22:11:57] - |D| - [428034] - C:\ProgramData\obs-studio-hook [20/02/2020 04:18:35] - |D| - [12320768] - C:\ProgramData\Oculus [01/05/2018 14:58:15] - |D| - [153550154] - C:\ProgramData\Oracle [07/12/2018 05:52:32] - |D| - [399109620] - C:\ProgramData\Origin [23/03/2018 10:57:45] - |D| - [682744877] - C:\ProgramData\Package Cache [20/06/2018 17:04:10] - |D| - [131072] - C:\ProgramData\Packages [06/01/2020 00:27:59] - |D| - [132] - C:\ProgramData\PingPlotter 5 [08/08/2019 08:40:48] - |D| - [12396546] - C:\ProgramData\Progress [03/11/2019 18:14:10] - |D| - [17110468] - C:\ProgramData\PUBG [23/03/2018 11:48:01] - |D| - [259391638] - C:\ProgramData\Razer [07/12/2019 11:14:52] - |D| - [2078] - C:\ProgramData\regid.1991-06.com.microsoft [21/10/2018 19:28:10] - |D| - [25308510] - C:\ProgramData\Riot Games [16/10/2019 16:18:47] - |D| - [1478610] - C:\ProgramData\Rockstar Games [08/05/2018 15:16:01] - |D| - [1586] - C:\ProgramData\RzSurroundVAD_1.1.63.0 [11/07/2018 02:57:36] - |D| - [1947] - C:\ProgramData\Screaming Bee [14/11/2020 23:13:47] - |D| - [38766629] - C:\ProgramData\SeriousBit [07/12/2019 11:14:52] - |D| - [0] - C:\ProgramData\SoftwareDistribution [30/01/2019 18:36:55] - |D| - [458325153] - C:\ProgramData\SolarWinds [24/05/2018 23:00:52] - |D| - [29161466] - C:\ProgramData\SplitMediaLabs [10/07/2020 20:19:03] - |D| - [0] - C:\ProgramData\ssh [22/05/2018 10:50:15] - |D| - [1553676] - C:\ProgramData\Steam [19/09/2020 15:06:00] - |D| - [112885643] - C:\ProgramData\SteelSeries [28/11/2019 22:34:48] - |D| - [4176] - C:\ProgramData\SystemAcCrux [17/01/2020 06:31:47] - |D| - [0] - C:\ProgramData\Tracker Software [19/11/2019 22:09:59] - |D| - [0] - C:\ProgramData\Ubisoft [03/08/2020 10:10:43] - |D| - [1343] - C:\ProgramData\Unchecky [13/11/2018 22:54:04] - |D| - [6718412] - C:\ProgramData\Unified Remote [24/02/2020 02:37:27] - |D| - [9897] - C:\ProgramData\Unity [31/01/2019 23:00:53] - |D| - [0] - C:\ProgramData\Unknown Worlds [07/12/2019 11:14:52] - |D| - [11608064] - C:\ProgramData\USOPrivate [07/12/2019 11:14:52] - |D| - [16764928] - C:\ProgramData\USOShared [24/06/2018 18:28:53] - |D| - [3194301] - C:\ProgramData\VEGAS [04/10/2018 11:10:14] - |D| - [0] - C:\ProgramData\VEGAS Pro [04/10/2018 15:11:53] - |D| - [6291815] - C:\ProgramData\VMware [08/02/2021 16:24:19] - |D| - [763366528] - C:\ProgramData\Voicemod [23/10/2018 08:51:44] - |D| - [86704544] - C:\ProgramData\Vortex [27/01/2021 01:20:20] - |HD| - [0] - C:\ProgramData\Windows Host [07/12/2019 16:53:51] - |D| - [0] - C:\ProgramData\WindowsHolographicDevices [04/04/2019 04:51:47] - |D| - [15318] - C:\ProgramData\X360CE ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [07/12/2019 11:14:54] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [20/02/2020 04:18:22] - |D| - [1880] - C:\ProgramData\Microsoft\Windows\Start Menu\Oculus [23/03/2018 10:37:51] - |SHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [07/12/2019 11:14:52] - |RD| - [397543] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs [26/05/2019 21:16:06] - |A| - [1916] - C:\ProgramData\Microsoft\Windows\Start Menu\Resanance.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [02/02/2019 19:19:45] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games [12/02/2020 15:31:36] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A Plague Tale Innocence [07/12/2019 11:14:52] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [07/12/2019 11:14:52] - |RD| - [14209] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [06/03/2021 15:54:56] - |D| - [1511] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accounting Plus [07/12/2019 11:14:52] - |RD| - [25497] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [12/09/2018 04:03:08] - |A| - [2457] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk [27/08/2020 04:43:27] - |D| - [1776] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Agatha Christie - The ABC Murders [GOG.com] [29/08/2019 14:59:11] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ancestors The Humankind Odyssey [20/05/2018 11:47:11] - |D| - [975] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntiMicro [16/05/2021 15:12:50] - |D| - [2597] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant [26/01/2021 04:38:41] - |D| - [3719] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apex Legends [07/07/2019 02:13:19] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft [05/07/2018 00:39:06] - |A| - [2535] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [08/04/2020 13:32:22] - |D| - [1199] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS [17/12/2018 16:44:08] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\auto-clicker [14/11/2020 23:15:02] - |D| - [6014] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey [24/03/2019 15:44:45] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Batman The Enemy Within Episode 5 [05/10/2018 23:12:48] - |D| - [495] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net [07/12/2018 17:26:06] - |D| - [3376] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield™ V [07/01/2019 05:18:40] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Beholder 2 [23/11/2018 03:52:54] - |D| - [1446] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda.net Launcher [01/03/2020 20:11:33] - |D| - [135] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BioShock Infinite [GOG.com] [02/09/2018 00:38:10] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black and White 2 Complete Collection [23/10/2018 08:51:45] - |D| - [2074] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Tree Gaming Ltd [15/03/2020 04:39:55] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blacksad Under the Skin [15/06/2020 23:54:43] - |A| - [1269] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks Multi-Instance Manager.lnk [15/06/2020 23:54:42] - |A| - [1576] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks.lnk [13/09/2019 00:28:03] - |D| - [4805] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Borderless Gaming [06/06/2020 20:27:09] - |D| - [1462] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Budget Cuts [06/06/2020 20:31:21] - |D| - [1678] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Budget Cuts 2 Mission Insolvency [22/04/2020 02:55:41] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab [22/10/2019 13:35:13] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Cthulhu [13/06/2018 18:19:54] - |D| - [8385] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities [31/05/2018 18:26:44] - |D| - [963] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [26/07/2019 15:01:28] - |D| - [8902] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.8.3 [24/11/2020 23:36:37] - |D| - [9540] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.2 [14/03/2020 18:19:23] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chernobylite [GOG.com] [24/07/2019 22:19:35] - |D| - [1519] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cooking Simulator [24/12/2020 01:07:51] - |D| - [5139] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID [27/08/2020 13:51:42] - |D| - [1446] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo [08/12/2020 04:39:54] - |D| - [1955] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyberpunk 2077 [GOG.com] [17/08/2018 15:28:56] - |D| - [944] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [07/12/2019 11:14:54] - |SH| - [400] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [07/11/2019 08:22:21] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III [04/01/2019 00:11:58] - |D| - [827] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diag [16/04/2020 20:27:36] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disaster Report 4 Summer Memories [01/04/2019 02:38:20] - |D| - [1019] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin [21/04/2020 20:00:11] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drug Dealer Simulator [13/09/2020 23:31:59] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dunk Lords [10/07/2019 18:58:00] - |D| - [1455] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA [13/06/2018 18:23:30] - |D| - [2156] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enregistrement utilisateur de Canon MG3600 series [24/09/2019 21:18:26] - |A| - [1270] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk [15/05/2020 20:16:59] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fire Escape [23/03/2018 10:45:41] - |A| - [1005] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk [16/11/2018 12:28:25] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fishing Barents Sea King Crab [12/02/2021 21:16:12] - |D| - [9762] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashIntegro [14/04/2021 12:25:50] - |D| - [1282] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [12/05/2020 16:21:48] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gibbous - A Cthulhu Adventure [GOG.com] [04/04/2020 12:23:42] - |A| - [694] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.18.lnk [19/06/2019 14:12:33] - |D| - [5338] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git [24/03/2018 02:25:43] - |D| - [1231] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com [17/08/2018 13:43:46] - |A| - [2299] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [17/05/2021 12:26:54] - |D| - [6870] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro [03/11/2019 12:14:22] - |D| - [431] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm [31/01/2020 14:32:11] - |D| - [1712] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HexChat [23/01/2021 21:31:08] - |D| - [1423] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hitman 3 [07/04/2020 17:14:38] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hot CPU Tester Pro 4 LE [02/04/2021 17:28:51] - |D| - [1324] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\House Flipper [GOG.com] [07/12/2019 11:10:31] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [05/08/2020 18:26:20] - |D| - [2703] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [28/04/2021 20:57:17] - |D| - [6752] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [25/10/2020 08:05:55] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Journey [31/01/2020 08:27:33] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Journey to the Savage Planet [16/01/2019 15:35:49] - |D| - [67] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Just Cause 4 [29/06/2018 03:13:27] - |D| - [20483] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [29/03/2020 05:30:56] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KDiff3 [11/04/2021 12:15:15] - |D| - [1762] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingdom Hearts HD 1 5 and 2 5 ReMIX [28/07/2019 10:10:04] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends [16/01/2021 21:23:51] - |D| - [1800] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Leisure Suit Larry Wet Dreams Dont Dry Epilogue [16/01/2021 19:19:26] - |D| - [1832] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Leisure Suit Larry Wet Dreams Dry Twice [04/02/2021 13:40:10] - |D| - [2681] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [07/12/2019 11:14:52] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [04/02/2021 10:46:29] - |A| - [2033] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk [24/01/2019 11:34:05] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 3 [16/04/2020 19:04:31] - |D| - [127] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Megaton Rainfall [GOG.com] [08/08/2020 19:04:51] - |A| - [2442] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk [25/10/2018 20:24:30] - |D| - [41592] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [19/05/2020 03:36:32] - |D| - [2302] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [24/02/2020 02:19:48] - |D| - [2865] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2017 Tools for Unity [01/05/2018 14:24:09] - |D| - [621] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft [25/05/2019 20:40:40] - |D| - [693] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Launcher [30/09/2018 18:13:46] - |D| - [3976] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Gamepad Server [02/05/2018 21:46:45] - |A| - [1378] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk [30/12/2019 12:44:45] - |D| - [2116] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NBTExplorer [23/03/2021 00:24:46] - |D| - [1624] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neurodeck - Psychological Deckbuilder [GOG.com] [11/09/2019 19:31:33] - |D| - [1423] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nier Automata [25/11/2020 22:30:37] - |D| - [4110] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js [28/02/2020 13:23:31] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Not Tonight One Love [06/05/2018 22:50:19] - |D| - [883] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ [14/01/2019 01:47:16] - |A| - [877] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk [16/04/2020 17:56:50] - |D| - [1461] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [25/05/2018 19:58:14] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio [18/07/2020 21:05:22] - |D| - [1452] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Octopath Traveler [22/05/2018 10:48:47] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oddworld Inhabitants [08/08/2018 21:56:25] - |SD| - [4361] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.5 [07/12/2018 06:05:18] - |D| - [1944] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin [04/11/2019 17:18:27] - |D| - [415] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch [05/12/2018 19:53:42] - |A| - [1140] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk [21/09/2020 15:55:31] - |D| - [1577] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PBE [01/01/2021 00:07:57] - |D| - [2018] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Building Simulator [02/05/2018 21:46:46] - |A| - [1447] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk [06/01/2020 00:27:54] - |D| - [4204] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PingPlotter 5 [04/09/2018 15:21:26] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pixologic [17/07/2019 17:03:36] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Planetary Annihilation TITANS [13/10/2018 18:08:14] - |D| - [1959] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pozzum [17/06/2020 23:15:32] - |D| - [67] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prey [30/09/2020 21:41:42] - |D| - [6928] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2 [27/04/2020 22:09:36] - |D| - [1887] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics [22/08/2018 22:06:32] - |D| - [128] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rayman 3 [GOG.com] [08/01/2021 14:50:26] - |D| - [2038] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer [11/06/2018 13:48:48] - |D| - [1842] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remember Me [27/10/2020 18:22:38] - |D| - [1659] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remothered Tormented Fathers HD [24/05/2020 22:18:15] - |D| - [3817] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resanance [12/03/2019 17:52:56] - |D| - [1498] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resident Evil 2 [31/10/2020 20:46:14] - |D| - [1625] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Richies Plank Experience [07/05/2020 10:56:09] - |D| - [3112] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games [28/09/2019 20:56:49] - |D| - [1249] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RisingHUB [24/05/2019 03:39:12] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee [07/05/2020 11:11:57] - |D| - [1247] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA [04/04/2019 01:14:12] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sekiro Shadows Die Twice [25/10/2018 20:24:30] - |D| - [2832] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint [29/10/2018 14:19:36] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOULCALIBUR VI [24/04/2020 01:30:11] - |D| - [1674] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoundSelf A Technodelic [07/04/2020 20:07:31] - |D| - [935] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy [23/04/2020 00:44:25] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyro Reignited Trilogy [23/11/2019 14:22:45] - |D| - [3043] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STAR WARS Battlefront II [07/12/2019 11:14:52] - |RD| - [2447] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [23/03/2018 11:25:13] - |D| - [624] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [18/03/2020 02:09:18] - |D| - [1380] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteamWorld Quest - Hand of Gilgamech [GOG.com] [19/09/2020 15:06:01] - |D| - [2269] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteelSeries [23/04/2020 23:56:21] - |A| - [1011] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs OBS.lnk [18/03/2020 02:00:16] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sunset Overdrive [15/04/2021 22:17:56] - |D| - [1469] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Hexagon [GOG.com] [25/12/2020 23:11:31] - |D| - [1596] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Meat Boy Forever [30/05/2020 16:17:01] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERHOT VR [21/09/2019 04:44:15] - |D| - [123] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SWAT 4 Gold Edition [GOG.com] [07/12/2019 11:14:52] - |RD| - [1458] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [08/08/2019 08:41:16] - |D| - [1429] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telerik [07/11/2020 12:15:47] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Dark Pictures Anthology Little Hope [20/01/2021 00:44:45] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Longing [GOG.com] [27/10/2019 15:51:00] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Outer Worlds [31/07/2020 03:37:59] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Persistence [06/07/2020 18:22:39] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Room Three [24/06/2020 04:37:40] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Room Two [06/01/2019 18:00:33] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 3 Complete Collection [21/01/2020 01:12:33] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sinking City [23/11/2020 21:23:15] - |D| - [1663] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Textorcist - The Story of Ray Bibbia [GOG.com] [26/03/2019 16:10:24] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Walking Dead A New Frontier Episode 5 [19/03/2020 23:36:58] - |D| - [1539] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 3 - Wild Hunt - Game of the Year Edition [GOG.com] [06/04/2020 16:47:40] - |D| - [3465] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher Enhanced Edition [GOG.com] [29/03/2020 00:34:31] - |D| - [1547] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher® 3 - Wild Hunt [GOG.com] [16/06/2018 02:52:56] - |D| - [118] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Theme Park [GOG.com] [16/08/2020 22:31:33] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\There Is No Game Wrong Dimension [11/11/2018 16:25:40] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thief Simulator [16/12/2018 17:39:55] - |D| - [2588] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titanfall™ 2 [05/11/2020 12:18:19] - |D| - [1930] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tropico 6 Lobbyistico [03/08/2020 10:10:43] - |D| - [2224] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky [13/11/2018 22:54:08] - |D| - [2496] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unified Remote 3 [24/02/2020 01:34:49] - |D| - [58] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2017.4.28f1 (64-bit) [17/10/2020 03:59:36] - |D| - [1603] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 2019.4.12f1 (64-bit) [09/06/2018 14:01:22] - |D| - [135] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vampire the Masquerade - Bloodlines [GOG.com] [05/06/2018 15:15:01] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vampyr [25/06/2019 22:09:36] - |D| - [2478] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Audio [24/06/2018 18:29:10] - |D| - [1263] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS [23/03/2018 17:29:41] - |D| - [3486] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [24/02/2020 02:12:11] - |D| - [3844] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017 [24/02/2020 02:06:01] - |A| - [1495] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2017.lnk [24/02/2020 02:03:27] - |A| - [1355] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Installer.lnk [04/10/2018 15:11:58] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware [08/02/2021 16:24:19] - |D| - [962] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Voicemod [17/07/2018 19:45:10] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\War for the Overworld Heart of Gold [21/01/2020 22:30:03] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Who Must Die [17/08/2018 15:31:28] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Who Wants To Be A Millionaire Special Editions [02/05/2018 21:46:37] - |D| - [2294] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker [07/12/2019 16:53:04] - |RD| - [2800] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [09/11/2018 21:34:33] - |D| - [49] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap [23/11/2019 03:15:11] - |D| - [4505] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [29/03/2020 05:22:31] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Witcher 3 Mod Tools [09/10/2018 19:23:38] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WWE 2K19 [30/10/2019 22:02:05] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WWE 2K20 [31/08/2018 18:08:53] - |D| - [555] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit [13/11/2020 00:12:15] - |D| - [10355] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [07/12/2019 11:14:54] - |SH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [19/09/2020 15:08:40] - |A| - [2273] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk ---------- | C:\Program Files (x86) [29/03/2020 00:28:02] - |D| - [152136666] - C:\Program Files (x86)\Adobe [11/11/2019 02:46:21] - |D| - [0] - C:\Program Files (x86)\Aimersoft [16/05/2021 15:12:45] - |D| - [131716011] - C:\Program Files (x86)\AOMEI Partition Assistant [02/07/2020 11:27:47] - |D| - [0] - C:\Program Files (x86)\Apowersoft [05/07/2018 00:39:06] - |D| - [2428606] - C:\Program Files (x86)\Apple Software Update [20/06/2018 22:32:31] - |D| - [1851396] - C:\Program Files (x86)\arcai.com [23/03/2018 10:46:36] - |D| - [16224316] - C:\Program Files (x86)\ASUS [28/01/2020 02:41:07] - |D| - [9333968] - C:\Program Files (x86)\Borderless Gaming [13/06/2018 18:12:55] - |D| - [49164492] - C:\Program Files (x86)\Canon [07/12/2019 11:14:52] - |D| - [1008573149] - C:\Program Files (x86)\Common Files [26/09/2018 21:32:33] - |D| - [11864] - C:\Program Files (x86)\CrystalDiskInfo [07/12/2019 11:14:54] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [23/11/2019 03:13:34] - |D| - [1320564] - C:\Program Files (x86)\DiskInternals [30/06/2020 05:19:58] - |D| - [787171430] - C:\Program Files (x86)\dotnet [26/03/2018 18:32:23] - |D| - [6285515] - C:\Program Files (x86)\DroidCam [28/11/2019 22:34:39] - |D| - [744445] - C:\Program Files (x86)\EaseUS [16/05/2021 14:37:01] - |D| - [3014016] - C:\Program Files (x86)\EasyAntiCheat [09/04/2021 12:04:26] - |D| - [2297992] - C:\Program Files (x86)\EasyAntiCheat_EOS [24/09/2019 21:18:22] - |D| - [969371501] - C:\Program Files (x86)\Epic Games [24/03/2018 02:25:39] - |D| - [380307316] - C:\Program Files (x86)\GOG Galaxy [11/06/2018 02:47:24] - |D| - [522624730] - C:\Program Files (x86)\Google [24/02/2020 01:38:16] - |D| - [71525874] - C:\Program Files (x86)\GtkSharp [17/05/2021 12:26:54] - |D| - [4495477] - C:\Program Files (x86)\HD Tune Pro [06/04/2020 16:28:27] - |HD| - [3776121] - C:\Program Files (x86)\InstallShield Installation Information [07/04/2020 19:05:24] - |D| - [69543975] - C:\Program Files (x86)\Intel [07/12/2019 11:14:52] - |D| - [1992279] - C:\Program Files (x86)\Internet Explorer [29/06/2018 03:13:15] - |D| - [170739550] - C:\Program Files (x86)\K-Lite Codec Pack [22/07/2018 06:17:45] - |D| - [1615220] - C:\Program Files (x86)\Lame For Audacity [04/02/2021 13:40:10] - |D| - [14881180] - C:\Program Files (x86)\LogMeIn Hamachi [20/01/2019 23:51:53] - |D| - [0] - C:\Program Files (x86)\ManyCam [01/02/2020 10:40:40] - |D| - [975512] - C:\Program Files (x86)\MegaDev [08/08/2020 19:04:38] - |D| - [895525244] - C:\Program Files (x86)\Microsoft [25/10/2018 20:23:17] - |D| - [40530747] - C:\Program Files (x86)\Microsoft Analysis Services [21/05/2020 20:44:24] - |D| - [749200] - C:\Program Files (x86)\Microsoft GameInput [25/10/2018 20:23:12] - |D| - [1283852498] - C:\Program Files (x86)\Microsoft Office [24/02/2020 02:12:35] - |D| - [26622147] - C:\Program Files (x86)\Microsoft SDKs [19/05/2020 03:36:08] - |D| - [42894550] - C:\Program Files (x86)\Microsoft Silverlight [02/05/2018 21:46:42] - |D| - [3635637] - C:\Program Files (x86)\Microsoft SQL Server Compact Edition [25/10/2018 20:24:12] - |D| - [793991] - C:\Program Files (x86)\Microsoft Sync Framework [25/10/2018 20:24:17] - |D| - [326800] - C:\Program Files (x86)\Microsoft Synchronization Services [24/02/2020 02:03:21] - |D| - [1020658535] - C:\Program Files (x86)\Microsoft Visual Studio [25/10/2018 20:23:26] - |D| - [1643319] - C:\Program Files (x86)\Microsoft Visual Studio 8 [24/02/2020 02:19:48] - |D| - [1222564] - C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity [20/06/2018 19:04:45] - |D| - [6076507] - C:\Program Files (x86)\Microsoft XNA [07/12/2019 11:14:52] - |D| - [8319271] - C:\Program Files (x86)\Microsoft.NET [30/09/2018 18:13:46] - |D| - [890932] - C:\Program Files (x86)\Mobile Gamepad Server [08/01/2020 04:36:18] - |D| - [7606] - C:\Program Files (x86)\Mozilla Maintenance Service [06/01/2019 05:09:25] - |D| - [39955202] - C:\Program Files (x86)\Mr DJ [27/07/2020 00:45:35] - |D| - [1007305] - C:\Program Files (x86)\MSBuild [24/09/2020 23:22:10] - |D| - [3220395] - C:\Program Files (x86)\MSI [30/12/2019 12:44:44] - |D| - [870018] - C:\Program Files (x86)\NBTExplorer [23/03/2018 10:57:47] - |D| - [294798949] - C:\Program Files (x86)\NVIDIA Corporation [16/04/2020 19:04:29] - |D| - [809496] - C:\Program Files (x86)\OpenAL [11/12/2018 08:03:48] - |D| - [0] - C:\Program Files (x86)\Origin Games [06/01/2020 00:27:54] - |D| - [39133851] - C:\Program Files (x86)\PingPlotter 5 [13/10/2018 18:08:14] - |D| - [3429815] - C:\Program Files (x86)\Pozzum [15/01/2020 00:01:40] - |D| - [26568058] - C:\Program Files (x86)\PSeMu3 [15/10/2018 07:30:59] - |D| - [144032876] - C:\Program Files (x86)\Razer [12/10/2018 13:24:46] - |D| - [12061936] - C:\Program Files (x86)\Razer Chroma SDK [27/07/2020 00:45:35] - |D| - [159425389] - C:\Program Files (x86)\Reference Assemblies [27/06/2018 02:10:04] - |D| - [158902314] - C:\Program Files (x86)\Rockstar Games [11/11/2019 01:55:58] - |D| - [8036864] - C:\Program Files (x86)\Spotydl [02/05/2018 18:17:44] - |D| - [9906] - C:\Program Files (x86)\Steam [23/04/2020 22:27:18] - |D| - [949146] - C:\Program Files (x86)\TeamViewer [03/08/2020 10:10:42] - |D| - [5239468] - C:\Program Files (x86)\Unchecky [13/11/2018 22:54:04] - |D| - [10497992] - C:\Program Files (x86)\Unified Remote 3 [24/03/2018 13:12:43] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information [25/06/2019 22:09:32] - |D| - [28133737] - C:\Program Files (x86)\VB [24/06/2018 18:28:53] - |D| - [68130832] - C:\Program Files (x86)\VEGAS [22/06/2018 19:37:36] - |D| - [1750535] - C:\Program Files (x86)\VulkanRT [07/12/2019 11:14:52] - |D| - [1876768] - C:\Program Files (x86)\Windows Defender [24/02/2020 02:12:35] - |D| - [3365076] - C:\Program Files (x86)\Windows Kits [02/05/2018 21:46:31] - |D| - [283501815] - C:\Program Files (x86)\Windows Live [07/12/2019 11:14:52] - |D| - [625664] - C:\Program Files (x86)\Windows Mail [02/05/2018 21:46:31] - |D| - [132907682] - C:\Program Files (x86)\Windows Movie Maker [07/12/2019 16:53:51] - |D| - [40232] - C:\Program Files (x86)\Windows Multimedia Platform [07/12/2019 11:14:52] - |D| - [6131544] - C:\Program Files (x86)\Windows NT [07/12/2019 16:53:51] - |D| - [5305792] - C:\Program Files (x86)\Windows Photo Viewer [07/12/2019 16:53:51] - |D| - [40232] - C:\Program Files (x86)\Windows Portable Devices [30/08/2019 17:35:38] - |D| - [389354] - C:\Program Files (x86)\Windows Resource Kits [07/12/2019 11:14:52] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar [07/12/2019 11:14:52] - |D| - [3279457] - C:\Program Files (x86)\WindowsPowerShell [09/11/2018 21:34:32] - |D| - [93944] - C:\Program Files (x86)\WinPcap [13/11/2020 00:12:13] - |D| - [11261322] - C:\Program Files (x86)\Xvid [15/03/2020 04:39:09] - |HD| - [4078] - C:\Program Files (x86)\Zero G Registry [04/01/2020 05:12:08] - |AH| - [48] - C:\Program Files (x86)\zhxyxhplzn.dat ---------- | C:\Program Files [29/03/2020 00:28:02] - |D| - [0] - C:\Program Files\Adobe [23/03/2018 10:46:36] - |D| - [3023535] - C:\Program Files\ASUS [14/11/2020 23:15:02] - |D| - [10678234] - C:\Program Files\AutoHotkey [23/10/2018 08:51:40] - |D| - [329366521] - C:\Program Files\Black Tree Gaming Ltd [13/07/2020 15:14:54] - |D| - [115346573] - C:\Program Files\BlueStacks [13/06/2018 18:22:21] - |D| - [13771952] - C:\Program Files\Canon [13/06/2018 18:19:02] - |HD| - [11807011] - C:\Program Files\CanonBJ [31/05/2018 18:26:44] - |D| - [70438700] - C:\Program Files\CCleaner [16/04/2020 18:10:36] - |D| - [40] - C:\Program Files\cFosSpeed [26/07/2019 15:01:26] - |D| - [49693881] - C:\Program Files\Cheat Engine 6.8.3 [05/07/2020 17:20:59] - |D| - [0] - C:\Program Files\Cheat Engine 7.1 [24/11/2020 23:36:34] - |D| - [70741455] - C:\Program Files\Cheat Engine 7.2 [07/12/2019 11:14:52] - |D| - [586985984] - C:\Program Files\Common Files [24/12/2020 01:07:51] - |D| - [8292840] - C:\Program Files\CPUID [17/08/2018 15:28:53] - |D| - [48082456] - C:\Program Files\DAEMON Tools Lite [07/12/2019 11:14:54] - |SH| - [174] - C:\Program Files\desktop.ini [13/07/2020 20:11:23] - |D| - [990921653] - C:\Program Files\dotnet [23/03/2018 10:37:51] - |SHD| - [0] - C:\Program Files\Fichiers communs [12/02/2021 21:16:01] - |D| - [242335162] - C:\Program Files\FlashIntegro [15/06/2019 00:25:06] - |D| - [646308034] - C:\Program Files\Git [19/07/2020 00:48:58] - |D| - [19905337] - C:\Program Files\Google [07/04/2020 19:05:18] - |D| - [0] - C:\Program Files\Intel [07/12/2019 11:14:52] - |D| - [2669666] - C:\Program Files\Internet Explorer [28/04/2021 20:57:02] - |D| - [213470509] - C:\Program Files\Java [02/12/2018 23:07:41] - |D| - [19472896] - C:\Program Files\Mad Catz [30/10/2018 17:11:15] - |D| - [237595584] - C:\Program Files\Malwarebytes [25/10/2018 20:23:21] - |D| - [32278673] - C:\Program Files\Microsoft Office [19/05/2020 03:36:08] - |D| - [55728894] - C:\Program Files\Microsoft Silverlight [22/02/2021 13:53:55] - |D| - [2086984] - C:\Program Files\Microsoft Update Health Tools [07/12/2019 11:14:52] - |D| - [0] - C:\Program Files\ModifiableWindowsApps [23/03/2018 10:45:39] - |D| - [221318704] - C:\Program Files\Mozilla Firefox [27/07/2020 00:45:35] - |D| - [25757] - C:\Program Files\MSBuild [28/03/2021 12:02:50] - |D| - [716798] - C:\Program Files\Nefarius Software Solutions [25/11/2020 22:30:37] - |D| - [79040345] - C:\Program Files\nodejs [06/05/2018 22:50:18] - |D| - [13905353] - C:\Program Files\Notepad++ [23/03/2018 10:55:38] - |D| - [808811072] - C:\Program Files\NVIDIA Corporation [05/12/2018 19:53:41] - |D| - [73759932] - C:\Program Files\paint.net [30/09/2020 21:41:41] - |D| - [6368649] - C:\Program Files\Process Hacker 2 [12/10/2018 13:24:46] - |D| - [171280] - C:\Program Files\Razer Chroma SDK [11/06/2019 09:02:40] - |D| - [0] - C:\Program Files\Recuva [27/07/2020 00:45:35] - |D| - [36883625] - C:\Program Files\Reference Assemblies [23/03/2018 10:49:49] - |D| - [36450920] - C:\Program Files\rempl [24/05/2020 22:18:15] - |D| - [4921278] - C:\Program Files\Resanance [23/09/2020 14:29:13] - |D| - [71912103] - C:\Program Files\Revive [07/05/2020 10:57:16] - |AD| - [29165165] - C:\Program Files\Riot Vanguard [27/06/2018 02:09:57] - |D| - [194735295] - C:\Program Files\Rockstar Games [22/05/2019 00:45:35] - |D| - [131224] - C:\Program Files\Sandboxie [23/11/2020 20:36:26] - |D| - [34929211] - C:\Program Files\SoftEther VPN Client [07/04/2020 20:07:30] - |D| - [15516312] - C:\Program Files\Speccy [19/09/2020 15:01:41] - |D| - [296198919] - C:\Program Files\SteelSeries [30/07/2015 23:52:28] - |HD| - [0] - C:\Program Files\Uninstall Information [05/02/2021 20:02:30] - |D| - [6553600] - C:\Program Files\UNP [26/05/2019 21:16:16] - |D| - [2716619] - C:\Program Files\VB [08/02/2021 15:56:27] - |D| - [228940820] - C:\Program Files\Voicemod Desktop [07/12/2019 11:14:52] - |D| - [14101942] - C:\Program Files\Windows Defender [07/12/2019 16:53:51] - |D| - [19528232] - C:\Program Files\Windows Defender Advanced Threat Protection [02/05/2018 21:46:47] - |D| - [52928] - C:\Program Files\Windows Live [07/12/2019 11:14:52] - |D| - [639488] - C:\Program Files\Windows Mail [07/12/2019 16:53:51] - |D| - [48536] - C:\Program Files\Windows Multimedia Platform [07/12/2019 11:14:52] - |D| - [6485848] - C:\Program Files\Windows NT [07/12/2019 16:53:51] - |D| - [6223816] - C:\Program Files\Windows Photo Viewer [07/12/2019 16:53:51] - |D| - [48528] - C:\Program Files\Windows Portable Devices [07/12/2019 11:14:52] - |D| - [111709] - C:\Program Files\Windows Security [07/12/2019 11:14:52] - |SHD| - [0] - C:\Program Files\Windows Sidebar [07/12/2019 11:14:52] - |HD| - [58157284418] - C:\Program Files\WindowsApps [07/12/2019 11:14:52] - |HD| - [8268970499] - C:\Program Files\WindowsApps.tmp [07/12/2019 11:14:52] - |D| - [3607571] - C:\Program Files\WindowsPowerShell [23/11/2019 03:15:06] - |D| - [7463750] - C:\Program Files\WinRAR ---------- | C:\Program Files (x86)\Common Files [12/09/2018 04:03:07] - |D| - [594340417] - C:\Program Files (x86)\Common Files\Adobe [05/07/2018 00:39:03] - |D| - [66304366] - C:\Program Files (x86)\Common Files\Apple [23/03/2018 11:52:12] - |D| - [55824416] - C:\Program Files (x86)\Common Files\BattlEye [10/07/2019 18:57:59] - |D| - [905552] - C:\Program Files (x86)\Common Files\BioWare [26/02/2019 19:30:38] - |D| - [99992] - C:\Program Files (x86)\Common Files\DESIGNER [04/01/2019 12:51:22] - |HD| - [986065] - C:\Program Files (x86)\Common Files\EAInstaller [12/09/2018 04:04:52] - |D| - [2904064] - C:\Program Files (x86)\Common Files\InstallShield [07/04/2020 19:05:17] - |D| - [0] - C:\Program Files (x86)\Common Files\Intel [28/04/2021 20:57:37] - |D| - [2223312] - C:\Program Files (x86)\Common Files\Java [07/12/2019 11:14:52] - |D| - [236114916] - C:\Program Files (x86)\Common Files\Microsoft Shared [30/10/2019 21:28:14] - |D| - [2782568] - C:\Program Files (x86)\Common Files\Oracle [11/07/2018 03:01:07] - |D| - [0] - C:\Program Files (x86)\Common Files\Screaming Bee [07/12/2019 11:14:52] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [23/03/2018 11:25:13] - |D| - [30837408] - C:\Program Files (x86)\Common Files\Steam [07/12/2019 11:14:52] - |D| - [10537099] - C:\Program Files (x86)\Common Files\System [04/10/2018 15:11:55] - |D| - [3783120] - C:\Program Files (x86)\Common Files\ThinPrint [04/10/2018 15:11:09] - |D| - [927152] - C:\Program Files (x86)\Common Files\VMware ---------- | C:\Program Files\Common files [29/03/2020 00:28:02] - |D| - [332395827] - C:\Program Files\Common files\Adobe [07/12/2018 17:26:06] - |HD| - [4984256] - C:\Program Files\Common files\EAInstaller [12/02/2021 21:16:01] - |D| - [128048808] - C:\Program Files\Common files\FlashIntegro [07/12/2019 11:14:52] - |D| - [107682056] - C:\Program Files\Common files\microsoft shared [07/12/2019 11:14:52] - |D| - [2702] - C:\Program Files\Common files\Services [07/12/2019 11:14:52] - |D| - [10855307] - C:\Program Files\Common files\System [03/11/2019 20:18:54] - |D| - [2097008] - C:\Program Files\Common files\Uncheater [04/10/2018 15:11:53] - |D| - [920020] - C:\Program Files\Common files\VMware ---------- | Tasks [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [27/07/2020 00:05:56] - |AH| - [6] - C:\WINDOWS\Tasks\SA.DAT [MD5.038F0E2B7EA3CA7688BA3E514BAF3E3E] - [27/07/2020 00:05:56] - |A| - [3522] - C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0 : C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [MD5.00000000000000000000000000000000] - [27/07/2020 00:05:56] - |D| - [2620] - C:\WINDOWS\System32\Tasks\Agent Activation Runtime [MD5.A35933C8CA4C33344FCE916C083B10DC] - [27/07/2020 00:05:56] - |A| - [2984] - C:\WINDOWS\System32\Tasks\ATK Package 36D18D69AFC3 : "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe" [MD5.AE15F8B67F332341C1C919506DA3D763] - [27/07/2020 00:05:56] - |A| - [2274] - C:\WINDOWS\System32\Tasks\ATK Package A22126881260 : "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe" [MD5.9D6C3FEFCFEC05EA925DD9C1629B258B] - [27/07/2020 00:05:56] - |A| - [3000] - C:\WINDOWS\System32\Tasks\BlueStacksHelper : E:\BlueStacks\Client\Helper\BlueStacksHelper.exe [MD5.CAC28CE09C2318438110A7001013545B] - [06/05/2021 12:24:50] - |A| - [3936] - C:\WINDOWS\System32\Tasks\CCleaner Update : C:\Program Files\CCleaner\CCUpdate.exe [MD5.33495297372413FCDE5C4D29A99F622B] - [05/02/2021 14:00:17] - |A| - [2236] - C:\WINDOWS\System32\Tasks\CCleanerSkipUAC : "C:\Program Files\CCleaner\CCleaner.exe" [MD5.8C498DDD0D11BDE55EA46E2B0D31703F] - [27/07/2020 00:05:56] - |A| - [2648] - C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask : C:\WINDOWS\explorer.exe [MD5.4D1424547885CACFBA32C34297E2EA19] - [21/10/2020 01:07:59] - |A| - [2278] - C:\WINDOWS\System32\Tasks\fermeture voc : "C:\Users\Antonio\Desktop\fermeture discord.bat" [MD5.D8B1140B7A167CF5DE10F50252DFED19] - [21/04/2021 01:31:45] - |A| - [3464] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.18C8D949D4BDCB869CAD7BE932F452ED] - [21/04/2021 01:31:45] - |A| - [3588] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] - [05/08/2020 18:26:18] - |D| - [4316] - C:\WINDOWS\System32\Tasks\Intel [MD5.00000000000000000000000000000000] - [27/07/2020 00:05:56] - |D| - [2810] - C:\WINDOWS\System32\Tasks\MEGA [MD5.00000000000000000000000000000000] - [07/12/2019 11:14:52] - |D| - [692682] - C:\WINDOWS\System32\Tasks\Microsoft [MD5.6E63ADD821098EAD688348E46B4D64FD] - [08/08/2020 19:04:43] - |A| - [3510] - C:\WINDOWS\System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore : C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [MD5.A8CC01F3F24A27DF1A35728139C2C0F1] - [08/08/2020 19:04:43] - |A| - [3634] - C:\WINDOWS\System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA : C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [MD5.00000000000000000000000000000000] - [06/05/2021 18:10:42] - |D| - [4850] - C:\WINDOWS\System32\Tasks\Mozilla [MD5.8306A902DA7215EA9268B61E79F71665] - [27/07/2020 00:05:56] - |A| - [3284] - C:\WINDOWS\System32\Tasks\MSI Task Host - Detect_Monitor : C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [MD5.8CF35F93C1E7D585A93E0B7B9EF95A0A] - [27/07/2020 00:05:56] - |A| - [3268] - C:\WINDOWS\System32\Tasks\MSI Task Host - DisplayID : C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [MD5.19DCDA2D5EC5936C9BE1C8345B62E914] - [27/07/2020 00:05:56] - |A| - [2306] - C:\WINDOWS\System32\Tasks\MSI Task Host - MSI.True Color : "C:\Program Files (x86)\MSI\One Dragon Center\True Color\MSI.True Color.exe" [MD5.46C6DA018FB2A9620EB718409386EB4E] - [27/07/2020 00:05:56] - |A| - [2148] - C:\WINDOWS\System32\Tasks\MSISW_Host : C:\WINDOWS\SysWOW64\muachost.exe [MD5.00000000000000000000000000000000] - [08/02/2021 15:24:57] - |D| - [0] - C:\WINDOWS\System32\Tasks\NCH Software [MD5.3FCF5E0D7D1D01D2FDE412AC20D2ED17] - [27/07/2020 00:05:56] - |A| - [4106] - C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [MD5.160B152F1C8DE05550302F1C1F7BEAD3] - [27/07/2020 00:05:56] - |A| - [4308] - C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [MD5.F55B2F72E563AB4B2C6F011BD0C0A3BC] - [27/07/2020 00:05:56] - |A| - [3976] - C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : "C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe" [MD5.9200A7AEAD4C78C61F5CA9964667C70D] - [27/07/2020 00:05:56] - |A| - [3940] - C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [MD5.749F8AC7134990C0819412D6A5EC8F07] - [27/07/2020 00:05:56] - |A| - [3894] - C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [MD5.4C1943F7A098FE04B84E9B3BDC3715BF] - [27/07/2020 00:05:56] - |A| - [3654] - C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [MD5.43ACAD1718EAD86AD09F690A65A36B84] - [27/07/2020 00:05:56] - |A| - [3858] - C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [MD5.0BB109040F0AB295B149DC6CD41DD4E8] - [27/07/2020 00:05:56] - |A| - [3858] - C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [MD5.BB5880CC8BC35304D0441B3D9340B85B] - [27/07/2020 00:05:56] - |A| - [3858] - C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [MD5.C6664842703405B54829B08BAC687108] - [27/07/2020 00:05:56] - |A| - [3858] - C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [MD5.00000000000000000000000000000000] - [27/07/2020 00:05:56] - |D| - [3776] - C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform [MD5.00000000000000000000000000000000] - [27/07/2020 00:05:57] - |D| - [0] - C:\WINDOWS\System32\Tasks\S-1-5-21-3211553782-380890847-3588550373-1001 [MD5.00000000000000000000000000000000] - [07/12/2019 11:14:52] - |D| - [0] - C:\WINDOWS\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "Netlogon-TCP-RPC-In"=v2.30|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010| "Netlogon-NamedPipe-In"=v2.30|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "OpenSSH-Server-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=22|App=%SystemRoot%\system32\OpenSSH\sshd.exe|Name=OpenSSH SSH Server (sshd)|Desc=Inbound rule for OpenSSH SSH Server (sshd)|EmbedCtxt=OpenSSH Server| "WirelessDisplay-Infra-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7250|App=%systemroot%\system32\CastSrv.exe|Name=@wifidisplay.dll,-10206|Desc=@wifidisplay.dll,-10207|EmbedCtxt=@wifidisplay.dll,-100| "WirelessDisplay-Out-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "DeliveryOptimization-UDP-In"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "DeliveryOptimization-TCP-In"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "WiFiDirect-KM-Driver-Out-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=System|Name=@wlansvc.dll,-37381|Desc=@wlansvc.dll,-37893|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-In-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=System|Name=@wlansvc.dll,-37380|Desc=@wlansvc.dll,-37892|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=System|Name=@wlansvc.dll,-37379|Desc=@wlansvc.dll,-37891|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=System|Name=@wlansvc.dll,-37378|Desc=@wlansvc.dll,-37890|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "{AF13CD14-3379-4A2C-BED0-C80EC2D5E2FB}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=G:\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe|Name=oculus-dash:dash\bin\OculusDash.exe|Desc=Firewall exception automatically added by Oculus.|EmbedCtxt=Oculus Core Software Firewall Exceptions| "{5AAF8379-5D32-404F-8ABC-C91431FB6A7D}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|App=G:\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe|Name=oculus-dash:dash\bin\OculusDash.exe Outbound|Desc=Firewall exception automatically added by Oculus.|EmbedCtxt=Oculus Core Software Firewall Exceptions| "{45DA7021-F3FD-4921-91F0-8F122C0AB282}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=G:\Oculus\Support\oculus-worlds\Engine\Binaries\Win64\UnrealCEFSubProcess.exe|Name=oculus-worlds:Engine\Binaries\Win64\UnrealCEFSubProcess.exe|Desc=Firewall exception automatically added by Oculus.|EmbedCtxt=Oculus Core Software Firewall Exceptions| "{CBB97B8F-5D7F-4DEC-95AF-01276D2F4467}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|App=G:\Oculus\Support\oculus-worlds\Engine\Binaries\Win64\UnrealCEFSubProcess.exe|Name=oculus-worlds:Engine\Binaries\Win64\UnrealCEFSubProcess.exe Outbound|Desc=Firewall exception automatically added by Oculus.|EmbedCtxt=Oculus Core Software Firewall Exceptions| "{F5025D57-9C81-452E-9050-8C02845F7D5A}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=G:\Oculus\Support\oculus-worlds\Home2.exe|Name=oculus-worlds:Home2.exe|Desc=Firewall exception automatically added by Oculus.|EmbedCtxt=Oculus Core Software Firewall Exceptions| "{7B62E1F7-579F-4BE7-A4DD-7C57712B52F6}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|App=G:\Oculus\Support\oculus-worlds\Home2.exe|Name=oculus-worlds:Home2.exe Outbound|Desc=Firewall exception automatically added by Oculus.|EmbedCtxt=Oculus Core Software Firewall Exceptions| "{AB8D7396-7090-4222-9C8D-B3003147699A}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=G:\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe|Name=oculus-worlds:Home2\Binaries\Win64\Home2-Win64-Shipping.exe|Desc=Firewall exception automatically added by Oculus.|EmbedCtxt=Oculus Core Software Firewall Exceptions| "{56962F92-33FE-4188-85FE-7215F4FEC62D}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|App=G:\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe|Name=oculus-worlds:Home2\Binaries\Win64\Home2-Win64-Shipping.exe Outbound|Desc=Firewall exception automatically added by Oculus.|EmbedCtxt=Oculus Core Software Firewall Exceptions| "TCP Query User{DA322899-E8D5-46AC-8A14-C1BA663C7C93}C:\users\antonio\appdata\roaming\spotify\spotify.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\antonio\appdata\roaming\spotify\spotify.exe|Name=spotify.exe|Desc=spotify.exe|Defer=User| "UDP Query User{1DE4EEB1-EF0D-4BA9-AD9E-35CE21774C5B}C:\users\antonio\appdata\roaming\spotify\spotify.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\antonio\appdata\roaming\spotify\spotify.exe|Name=spotify.exe|Desc=spotify.exe|Defer=User| "{E0EEA42D-5FF4-488F-97A4-EF062A61BFD8}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=G:\Apex legends\Apex\EasyAntiCheat_launcher.exe|Name=Apex Legends (Français) fr_FR| "{F58D0D6E-2770-4819-8F8D-86B5D9DD8D91}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=G:\Apex legends\Apex\EasyAntiCheat_launcher.exe|Name=Apex Legends (Français) fr_FR| "{845C17D8-9822-48D6-A08A-BBF48FF2F118}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Users\Antonio\AppData\Roaming\uTorrent\uTorrent.exe|Name=µTorrent (TCP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE| "{50DB94D6-ED2B-4D7E-AA70-11135AA6B05F}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Users\Antonio\AppData\Roaming\uTorrent\uTorrent.exe|Name=µTorrent (UDP-In)|Desc=Allow µTorrent network traffic with Edge Traversal|Edge=TRUE| "{3F0AB18B-8DFE-45EE-A9A8-3B588FF60EAA}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe|Name=VSDC Free Video Editor| "{46510D8B-260B-4AC2-A400-85970F3CC0F6}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe|Name=VSDC Free Video Editor| "{957A6CFF-BE08-463E-9EAB-E5480C633B69}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\FlashIntegro\VideoEditor\Activation.exe|Name=VSDC Free Video Editor Activater| "{27DE5A31-EFFD-4C51-B19C-C259708D6BD1}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\FlashIntegro\VideoEditor\Activation.exe|Name=VSDC Free Video Editor Activater| "{87CFB072-0B7E-48A1-ADEF-A55248AD02A4}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\FlashIntegro\VideoEditor\Updater.exe|Name=VSDC Free Video Editor Updater| "{BB089CB9-6683-499B-A74A-7ACCCDDC60CB}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\FlashIntegro\VideoEditor\Updater.exe|Name=VSDC Free Video Editor Updater| "TCP Query User{FA4071D4-1922-4F9D-9B2E-D399E6FBCCF4}G:\ubisoft game launcher\games\roller champions\roller.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=G:\ubisoft game launcher\games\roller champions\roller.exe|Name=roller|Desc=roller|Defer=User| "UDP Query User{0195BAC6-7188-4099-B42B-41EF72FE9FC9}G:\ubisoft game launcher\games\roller champions\roller.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=G:\ubisoft game launcher\games\roller champions\roller.exe|Name=roller|Desc=roller|Defer=User| "TCP Query User{BE9FDCC7-A4D8-4032-84B9-5D9B5580DD27}E:\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=E:\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe|Name=AVGame|Desc=AVGame|Defer=User| "UDP Query User{D2EBD972-81C1-4DE7-B3BA-8A789C17F3ED}E:\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=E:\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe|Name=AVGame|Desc=AVGame|Defer=User| "TCP Query User{D586EF70-FD35-4424-BFC1-4E12E7F3E902}E:\zombie army 4 - dead war\bin\za4_vulkan.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=E:\zombie army 4 - dead war\bin\za4_vulkan.exe|Name=ZA4 Vulkan_Retail_Submission_Epic|Desc=ZA4 Vulkan_Retail_Submission_Epic|Defer=User| "UDP Query User{EFB97616-90D4-4529-93FF-84F406C54A68}E:\zombie army 4 - dead war\bin\za4_vulkan.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=E:\zombie army 4 - dead war\bin\za4_vulkan.exe|Name=ZA4 Vulkan_Retail_Submission_Epic|Desc=ZA4 Vulkan_Retail_Submission_Epic|Defer=User| "TCP Query User{A41199E2-9665-4A23-979C-FECBB484A515}E:\half.life.alyx-goldberg\half-life alyx\game\bin\win64\hlvr.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=E:\half.life.alyx-goldberg\half-life alyx\game\bin\win64\hlvr.exe|Name=hlvr|Desc=hlvr|Defer=User| "UDP Query User{06CCF423-6EF4-415A-84AB-DA34C025888F}E:\half.life.alyx-goldberg\half-life alyx\game\bin\win64\hlvr.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=E:\half.life.alyx-goldberg\half-life alyx\game\bin\win64\hlvr.exe|Name=hlvr|Desc=hlvr|Defer=User| "TCP Query User{A5A441F2-865E-4A34-A892-751BE36A79F2}E:\games\titanfall2\titanfall2.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=E:\games\titanfall2\titanfall2.exe|Name=Titanfall 2|Desc=Titanfall 2|Defer=User| "UDP Query User{73785341-30B1-4D06-9CD1-AB0D9EB4D60C}E:\games\titanfall2\titanfall2.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=E:\games\titanfall2\titanfall2.exe|Name=Titanfall 2|Desc=Titanfall 2|Defer=User| "TCP Query User{F5824D6E-66F2-4448-B4DA-8B459DD3FF5D}G:\horror bar\horrorbar\binaries\win64\horrorbar-win64-shipping.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=G:\horror bar\horrorbar\binaries\win64\horrorbar-win64-shipping.exe|Name=HorrorBar|Desc=HorrorBar|Defer=User| "UDP Query User{1CF8A70D-5BEF-441D-8634-08F4B74EC38C}G:\horror bar\horrorbar\binaries\win64\horrorbar-win64-shipping.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=G:\horror bar\horrorbar\binaries\win64\horrorbar-win64-shipping.exe|Name=HorrorBar|Desc=HorrorBar|Defer=User| "TCP Query User{49DB9C6E-612E-4D11-AF57-79024592FD33}C:\users\antonio\appdata\roaming\utorrent\updates\3.5.5_45966.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\antonio\appdata\roaming\utorrent\updates\3.5.5_45966.exe|Name=3.5.5_45966.exe|Desc=3.5.5_45966.exe|Defer=User| "UDP Query User{8469890E-037D-4E49-8346-27E49DBE035D}C:\users\antonio\appdata\roaming\utorrent\updates\3.5.5_45966.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\antonio\appdata\roaming\utorrent\updates\3.5.5_45966.exe|Name=3.5.5_45966.exe|Desc=3.5.5_45966.exe|Defer=User| "{64156392-B971-462B-8BA8-86D6AF388818}"=v2.30|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\antonio\appdata\roaming\utorrent\updates\3.5.5_45966.exe|Name=3.5.5_45966.exe|Desc=3.5.5_45966.exe| "{1235DDB9-5060-4FF4-B0B2-F8467C71ADF0}"=v2.30|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\antonio\appdata\roaming\utorrent\updates\3.5.5_45966.exe|Name=3.5.5_45966.exe|Desc=3.5.5_45966.exe| "TCP Query User{847B4283-07B8-489D-A8EB-8DAFB48DCD32}E:\persona.5.strikers\p5s\game.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=E:\persona.5.strikers\p5s\game.exe|Name=Persona 5 Strikers|Desc=Persona 5 Strikers| "UDP Query User{26CFC6E6-C646-4012-A4C0-162B36B32CE2}E:\persona.5.strikers\p5s\game.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=E:\persona.5.strikers\p5s\game.exe|Name=Persona 5 Strikers|Desc=Persona 5 Strikers| "{8D9A4CB9-F0B2-4DC1-B9F0-E58D2E7DD72A}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|App=E:\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe|Name=The Cycle (AzaleaAlpha)| "{FD6F16D0-2CD0-47FA-B6C6-615A6B44537D}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|App=E:\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe|Name=The Cycle (AzaleaAlpha)| "{793C288B-32CB-4E31-92D3-6FEA9D53FCBD}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=E:\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe|Name=The Cycle (AzaleaAlpha)| "{BCF593FA-8C8F-4970-81F7-B96FCFBABA16}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=E:\TheCycleEarlyAccess\Prospect\Binaries\Win64\Prospect-Win64-Shipping.exe|Name=The Cycle (AzaleaAlpha)| "TCP Query User{7BF57E25-18DB-419F-B7B1-A1B03C12FA1C}C:\users\antonio\desktop\anydesk.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\antonio\desktop\anydesk.exe|Name=AnyDesk|Desc=AnyDesk|Defer=User| "UDP Query User{B559D0DB-8D2E-4F76-B804-F1CA5A3693DF}C:\users\antonio\desktop\anydesk.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\antonio\desktop\anydesk.exe|Name=AnyDesk|Desc=AnyDesk|Defer=User| "TCP Query User{7CAC5963-6B77-426E-8F6A-2D898D9E4AB5}G:\horizon - zero down ce\horizonzerodawn.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=G:\horizon - zero down ce\horizonzerodawn.exe|Name=HRZ-PCR 142/6118783 18:05 - Tue Nov 24 2020|Desc=HRZ-PCR 142/6118783 18:05 - Tue Nov 24 2020| "UDP Query User{DBE9CF26-C4F2-44CE-9101-71A04BC7E450}G:\horizon - zero down ce\horizonzerodawn.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=G:\horizon - zero down ce\horizonzerodawn.exe|Name=HRZ-PCR 142/6118783 18:05 - Tue Nov 24 2020|Desc=HRZ-PCR 142/6118783 18:05 - Tue Nov 24 2020| "TCP Query User{A8EC01E1-4352-4504-887B-4717CB7FDF73}E:\x64\xsplit.core.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=E:\x64\xsplit.core.exe|Name=XSplit Broadcaster|Desc=XSplit Broadcaster|Defer=User| "UDP Query User{9C6460B3-5586-4A01-A46A-C7D75B8EF92D}E:\x64\xsplit.core.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=E:\x64\xsplit.core.exe|Name=XSplit Broadcaster|Desc=XSplit Broadcaster|Defer=User| "TCP Query User{E2DF801A-76E1-45AB-89CC-2B2F2CC395EB}E:\the surge 2\bin\thesurge2.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=E:\the surge 2\bin\thesurge2.exe|Name=thesurge2|Desc=thesurge2| "UDP Query User{BE4EB9D4-3D8C-4184-A602-AD81529247C4}E:\the surge 2\bin\thesurge2.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=E:\the surge 2\bin\thesurge2.exe|Name=thesurge2|Desc=thesurge2| "TCP Query User{AAAA184A-9F98-4440-9C0C-F991399BE855}E:\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=E:\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "UDP Query User{5854D81C-675C-46AA-99F3-22B6D1EEBD24}E:\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=E:\minecraft\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "TCP Query User{F424BD27-9B7B-4B84-8960-C98D4D6C9B2B}C:\program files\java\jre1.8.0_291\bin\java.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files\java\jre1.8.0_291\bin\java.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "UDP Query User{E678C3FB-2B8B-48D5-A493-0619DDB821E3}C:\program files\java\jre1.8.0_291\bin\java.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files\java\jre1.8.0_291\bin\java.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "TCP Query User{4169D6B5-33C9-4845-8892-6B2EA0D3001A}C:\users\antonio\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\antonio\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe|Name=fivem_gtaprocess.exe|Desc=fivem_gtaprocess.exe|Defer=User| "UDP Query User{D9179377-DA52-4DDA-86D6-F6CFD909901F}C:\users\antonio\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\antonio\appdata\local\fivem\fivem.app\cache\subprocess\fivem_gtaprocess.exe|Name=fivem_gtaprocess.exe|Desc=fivem_gtaprocess.exe|Defer=User| "{2FD8F7A0-9D19-40F2-A7E7-5E14F3F85AFF}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome| "{CE9C52CE-5877-40EE-BEC3-EB0B367DE6D3}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.62\msedgewebview2.exe|Name=Microsoft Edge (mDNS-In)|Desc=Règle de trafic entrant pour Microsoft Edge pour autoriser le trafic mDNS.|EmbedCtxt=Microsoft Edge WebView2 Runtime| "{EF2C7DD6-0FF8-42C4-BC47-4757248347DC}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Edge|Desc=Microsoft Edge|LUOwn=S-1-5-21-3211553782-380890847-3588550373-1001|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=Microsoft Edge|Platform=2:6:2|Platform2=GTEQ| "{DBDF6929-A5D2-4D78-8082-9527E3A8AEA3}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Edge|Desc=Microsoft Edge|LUOwn=S-1-5-21-3211553782-380890847-3588550373-1001|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=Microsoft Edge|Platform=2:6:2|Platform2=GTEQ| "{B4A63A9E-CC15-4118-996E-F85F5074DE67}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Windows Feature Experience Pack|Desc=Windows Feature Experience Pack|LUOwn=S-1-5-21-3211553782-380890847-3588550373-1001|AppPkgId=S-1-15-2-283421221-3183566570-1718213290-751554359-3541592344-2312209569-3374928651|EmbedCtxt=Windows Feature Experience Pack|Platform=2:6:2|Platform2=GTEQ| "{9537B36D-324E-49DC-9892-65EA8B81FF5C}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=NcsiUwpApp|Desc=NcsiUwpApp|LUOwn=S-1-5-21-3211553782-380890847-3588550373-1001|AppPkgId=S-1-15-2-138780814-3997110584-2874353029-2041838810-3659441231-3169655024-3643974355|EmbedCtxt=NcsiUwpApp|Platform=2:6:2|Platform2=GTEQ| "{608D3912-A530-45CF-82AC-616D78390206}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=EdgeDevtoolsPlugin|Desc=EdgeDevtoolsPlugin|LUOwn=S-1-5-21-3211553782-380890847-3588550373-1001|AppPkgId=S-1-15-2-3221040779-10200146-4245217980-4102746306-394287551-3314955617-3332620926|EmbedCtxt=EdgeDevtoolsPlugin|Platform=2:6:2|Platform2=GTEQ| "{E9B7DD88-C1A8-4D8F-9F93-A317C7EC5526}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=EdgeDevtoolsPlugin|Desc=EdgeDevtoolsPlugin|LUOwn=S-1-5-21-3211553782-380890847-3588550373-1001|AppPkgId=S-1-15-2-3221040779-10200146-4245217980-4102746306-394287551-3314955617-3332620926|EmbedCtxt=EdgeDevtoolsPlugin|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{5CB2C420-8889-44D3-87A2-4B089135AFCB}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe|Name=Microsoft Edge (mDNS-In)|Desc=Règle de trafic entrant pour Microsoft Edge pour autoriser le trafic mDNS.|EmbedCtxt=Microsoft Edge| "{A8E1B528-2AC6-4824-B4BD-830A92C72289}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=32682|Name=One Dragon Center Bridge| "TCP Query User{A0331CD5-A47E-4407-9313-042BA711DEC1}G:\forhonor\forhonor.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=G:\forhonor\forhonor.exe|Name=ForHonor|Desc=ForHonor|Defer=User| "UDP Query User{EAF3FB37-92F2-4803-8056-D81D7E7B0BEF}G:\forhonor\forhonor.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=G:\forhonor\forhonor.exe|Name=ForHonor|Desc=ForHonor|Defer=User| ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760f-a5c8-4bfe-b314-d56a7b44a362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (SecurityAccelerator) [] -> @c_sslaccel.inf,%ClassName%;Security accelerators [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2db15374-706e-4131-a0c7-d7c78eb0289a}] : (SystemRecovery) [] -> @c_fssystemrecovery.inf,%ClassDesc%;FS System recovery filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163c566-d381-4467-87bc-a65a18d5b648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163c566-d381-4467-87bc-a65a18d5b649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3e3f0674-c83c-4558-bb26-9820e1eba5c5}] : (ContentScreener) [] -> @c_fscontentscreener.inf,%ClassDesc%;FS Content screener filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3f966bd9-fa04-4ec5-991c-d326973b5128}] : (AndroidUsbDeviceClass) [] -> @oem74.inf,%ClassName%;Oculus Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @c_mcx.inf,%ClassDesc%;Media Center Extenders [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48d3ebc4-4cf8-48ff-b869-9c68ad42eb9f}] : (Replication) [] -> @c_fsreplication.inf,%ClassDesc%;FS Replication filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @c_diskdrive.inf,%ClassDesc%;Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @c_display.inf,%ClassDesc%;Display adapters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (FDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (HDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @c_media.inf,%ClassDesc%;Sound, video and game controllers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4fc9541c-0fe6-4480-a4f6-9495a0d17cd2}] : (HidLineDisplay) [] -> @c_linedisplay.inf,%ClassName%;POS Line Display [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53487c23-680f-4585-acc3-1f10d6777e82}] : (SmrDisk) [] -> @c_smrdisk.inf,%ClassDesc%;Shingled magnetic recording disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53966cb1-4d46-4166-bf23-c522403cd495}] : (ScmDisk) [] -> @c_scmdisk.inf,%ClassDesc%;Persistent memory disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53b3cf03-8f5a-4788-91b6-d19ed9fcccbf}] : (SmrVolume) [] -> @c_smrvolume.inf,%ClassDesc%;Shingled magnetic recording volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53ccb149-e543-4c84-b6e0-bce4f6b7e806}] : (ScmVolume) [] -> @c_scmvolume.inf,%ClassDesc%;Storage Class Memory volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5989fce8-9cd0-467d-8a6a-5419e31529d4}] : (AudioProcessingObject) [] -> @c_apo.inf,%ClassDesc%;Audio Processing Objects (APOs) [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5aea001d-9372-4ed7-97f3-b79bf15a53c5}] : (OposLegacyDevice) [] -> @oposdrv.inf,%ClassName%;OPOS Legacy Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5c4c3332-344d-483c-8739-259e934c9cc8}] : (SoftwareComponent) [] -> @c_swcomponent.inf,%ClassDesc%;Software components [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5d1b9aaa-01e2-46af-849f-272b3f324c46}] : (FSFilterSystem) [] -> @c_fssystem.inf,%ClassDesc%;FS System filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{645ad99b-1344-4316-837a-08a3e73db222}] : (PerceptionSimulation) [] -> @PerceptionSimulationSixDof.inf,%ClassName%;Perception Simulation Controllers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{678dcf40-e2e6-11d5-8cd5-e960089ea00a}] : (Programming Support) [] -> @oem27.inf,%CLASSNAME%;Programming Support [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6a0a8e78-bba6-4fc4-a709-1e33cd09d67e}] : (PhysicalQuotaManagement) [] -> @c_fsphysicalquotamgmt.inf,%ClassDesc%;FS Physical quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6fae73b7-b735-4b50-a0da-0dc2484b1f1a}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @c_volume.inf,%ClassDesc%;Storage volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71aa14f8-6fad-4622-ad77-92bb9d7e6947}] : (ContinuousBackup) [] -> @c_fscontinuousbackup.inf,%ClassDesc%;FS Continuous backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8503c911-a6c7-4919-8f79-5028f5866b0c}] : (QuotaManagement) [] -> @c_fsquotamgmt.inf,%ClassDesc%;FS Quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87ef9ad1-8f70-49ee-b215-ab1fcadcbe3c}] : (NetDriver) [] -> @c_netdriver.inf,%ClassDesc%;Universal Network Drivers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{89786ff1-9c12-402f-9c9e-17753c7f4375}] : (CopyProtection) [] -> @c_fscopyprotection.inf,%ClassDesc%;FS Copy protection filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a701c0-a511-42ff-aa6c-06dc0395576f}] : (Encryption) [] -> @c_fsencryption.inf,%ClassDesc%;FS Encryption filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a2db2d36-9ca9-4dd8-9e46-3121a16063d2}] : (OculusVRDevs) [] -> @oem35.inf,%ClassName%;Oculus VR Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a3e32dba-ba89-4f17-8386-2d0127fbd4cc}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a73c93f1-9727-4d1d-ace1-0e333ba4e7db}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a8ba2d1f-894f-464a-b0ce-7a0c8fd65df1}] : (ViGEmBus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{aa018edf-4915-415e-9c17-d7ebec8917d2}] : (NvModuleTracker) [] -> @oem102.inf,%ClassName%;NvModuleTracker [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b1d1a169-c54f-4379-81db-bee7d88d7454}] : (AntiVirus) [] -> @c_fsantivirus.inf,%ClassDesc%;FS Anti-virus filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b2728d24-ac56-42db-9e02-8edaf5db652f}] : (RDCamera) [] -> @rdcameradriver.inf,%ClassName%;Remote Desktop Camera devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b86dff51-a31e-4bac-b3cf-e8cfe75c9fc2}] : (ActivityMonitor) [] -> @c_fsactivitymonitor.inf,%ClassDesc%;FS Activity monitor filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ca3e7ab9-b4c3-4ae6-8251-579ef933890f}] : (Camera) [] -> @c_camera.inf,%ClassDesc%;Cameras [HKLM\SYSTEM\CurrentControlSet\Control\Class\{cdcf0939-b75b-4630-bf76-80f7ba655884}] : (CFSMetadataServer) [] -> @c_fscfsmetadataserver.inf,%ClassDesc%;FS CFS metadata server filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d02bc3da-0c8e-4945-9bd5-f1883c226c8c}] : (SecurityEnhancer) [] -> @c_fssecurityenhancer.inf,%ClassDesc%;FS Security enhancer filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d546500a-2aeb-45f6-9482-f4b1799c3177}] : (HSM) [] -> @c_fshsm.inf,%ClassDesc%;FS HSM filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d612553d-06b1-49ca-8938-e39ef80eb16f}] : (Holographic) [] -> @c_holographic.inf,%ClassName%;Mixed Reality devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e55fa6f9-128c-4d04-abab-630c74b1453a}] : (Infrastructure) [] -> @c_fsinfrastructure.inf,%ClassDesc%;FS Infrastructure filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e6f1aa1c-7f3b-4473-b2e8-c97d8ac71d53}] : (UCM) [] -> @c_ucm.inf,%ClassDesc%;USB Connector Managers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f01a9d53-3ff6-48d2-9f97-c8a7004be10c}] : (ComputeAccelerator) [] -> @c_computeaccelerator.inf,%ClassDesc%;Compute accelerators [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f3586baf-b5aa-49b5-8d6c-0569284c639f}] : (Compression) [] -> @c_fscompression.inf,%ClassDesc%;FS Compression filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f75a86c0-10d8-4c3a-b233-ed60e4cdfaac}] : (Virtualization) [] -> @c_fsvirtualization.inf,%ClassDesc%;FS Virtualization filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f8ecafa6-66d1-41a5-899b-66585d7216b7}] : (OpenFileBackup) [] -> @c_fsopenfilebackup.inf,%ClassDesc%;FS Open file backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{fe8f1572-c67a-48c0-bbac-0b5c6d66cafb}] : (Undelete) [] -> @c_fsundelete.inf,%ClassDesc%;FS Undelete filters [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [04/10/2018 15:12:35] - (9.8.12.0) - (VMware, Inc. - VMware vSockets Service) - C:\WINDOWS\system32\DRIVERS\vsock.sys [07/05/2020 10:57:16] - (1.5.0.18) - (Riot Games, Inc. - Vanguard kernel-mode driver.) - C:\Program Files\Riot Vanguard\vgk.sys [13/03/2021 00:08:20] - (0.0.0.0) - ( -) - C:\WINDOWS\System32\Drivers\CimFS.SYS [01/07/2019 23:59:22] - (4.25.0.9658) - (SoftEther Corporation - SoftEther VPN) - C:\WINDOWS\system32\DRIVERS\SeLow_x64.sys [14/12/2020 15:52:24] - (1.17.333.0) - (Nefarius Software Solutions e.U. - Virtual Gamepad Emulation Framework Bus Driver) - C:\WINDOWS\System32\drivers\ViGEmBus.sys [23/03/2018 10:46:36] - (0.0.0.0) - ( -) - C:\WINDOWS\SysWow64\drivers\AsIO.sys [03/02/2017 11:03:34] - (7.0.60.6) - (Saitek - Smart Technology Helpers) - C:\WINDOWS\system32\drivers\SaiBus.sys [28/09/2020 23:39:26] - (4.25.0.9658) - (SoftEther Corporation - SoftEther VPN) - C:\WINDOWS\System32\drivers\Neo6_x64_VPN.sys [30/04/2021 20:18:48] - (27.21.14.6627) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 466.27) - C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_a494df49ba2f9f36\nvlddmkm.sys [30/04/2021 20:33:15] - (1.46.831.832) - (NVIDIA Corporation - NVIDIA PPC Function Driver.) - C:\WINDOWS\System32\DriverStore\FileRepository\nvppc.inf_amd64_25fb711132593303\UcmCxUcsiNvppc.sys [16/04/2020 17:56:44] - (4.13.0.0) - (NVIDIA Corporation - NVIDIA Virtual Audio Driver) - C:\WINDOWS\system32\drivers\nvvad64v.sys [10/07/2020 18:55:19] - (304.0.0.0) - (NVIDIA Corporation - Virtual USB Host Controller driver) - C:\WINDOWS\System32\drivers\nvvhci.sys [14/04/2021 14:11:57] - (100.0.0.0) - (NVIDIA Corporation - Process and module monitoring driver) - C:\WINDOWS\System32\drivers\NvModuleTracker.sys [17/08/2018 15:28:59] - (3.4.0.0) - (Disc Soft Ltd - DAEMON Tools Lite Virtual USB Bus Driver) - C:\WINDOWS\System32\drivers\dtliteusbbus.sys [02/05/2018 00:30:39] - (1.0.0.103) - (Scarlet.Crush Productions - Scp Virtual Bus Driver) - C:\WINDOWS\System32\drivers\ScpVBus.sys [20/02/2020 04:18:25] - (1.5.8.0) - (Facebook Inc. - Oculus Virtual Gamepad Emulation Bus Driver) - C:\WINDOWS\System32\drivers\Oculus_ViGEmBus.sys [23/12/2019 18:53:12] - (1.2.0.0) - (SteelSeries ApS - SteelSeries Device Factory Driver) - C:\WINDOWS\System32\drivers\ssdevfactory.sys [17/08/2018 15:28:57] - (5.28.0.0) - (Disc Soft Ltd - DAEMON Tools Lite Virtual SCSI Bus Driver) - C:\WINDOWS\System32\drivers\dtlitescsibus.sys [13/11/2018 22:54:08] - (6.1.7600.16385) - (Windows (R) Win 7 DDK provider - HID mini driver for Unified Virtual HID) - C:\WINDOWS\System32\drivers\uvhid.sys [19/09/2020 19:41:26] - (10.0.10011.16384) - (Windows (R) Win 7 DDK provider - Oculus Virtual Audio Driver) - C:\WINDOWS\System32\drivers\oculusvad.sys [08/02/2021 15:37:13] - (10.0.10011.16384) - (Windows (R) Win 7 DDK provider - Voicemod Virtual Audio Device (WDM)) - C:\WINDOWS\system32\drivers\vmdrv.sys [04/10/2020 03:25:48] - (6.3.9600.16384) - (Windows (R) Win 7 DDK provider - WDM Video Capture Driver) - C:\WINDOWS\System32\drivers\droidcamvideo.sys [10/04/2020 22:02:08] - (1.0.0.0) - (Dev47Apps - Virtual Audio Device) - C:\WINDOWS\System32\drivers\droidcam.sys [03/02/2017 11:03:36] - (7.0.60.6) - (Saitek - Saitek Magic Mini Driver) - C:\WINDOWS\System32\drivers\SaiMini.sys [27/01/2021 22:59:59] - (1.3.38.40) - (NVIDIA Corporation - NVIDIA HDMI Audio Driver) - C:\WINDOWS\system32\drivers\nvhda64v.sys [23/03/2018 10:46:01] - (2.7.1.0) - (SteelSeries ApS - SteelSeries HID Driver) - C:\WINDOWS\System32\drivers\sshid.sys [04/10/2018 15:12:22] - (4.2.4.0) - (VMware, Inc. - VMware network application interface driver (64-bit)) - C:\WINDOWS\system32\drivers\vmnetuserif.sys [19/09/2018 04:16:36] - (4.2.3.0) - (VMware, Inc. - VMware virtual network driver (64-bit)) - C:\WINDOWS\system32\drivers\VMNET.SYS [04/10/2018 15:12:35] - (12.1.1.6932) - (VMware, Inc. - VMware kernel driver) - C:\WINDOWS\system32\drivers\vmx86.sys [18/06/2020 13:13:31] - (2.1.24.17012) - (Bluestack System Inc. - Bluestacks Support Driver) - C:\Program Files\BlueStacks\BstkDrv_bgp.sys [04/10/2018 15:12:06] - (8.11.6.0) - (VMware, Inc. - VMware USB monitor) - C:\WINDOWS\system32\DRIVERS\hcmon.sys ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service S0 - [Kernel Driver] - 3ware () -> System32\drivers\3ware.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ADP80XX () -> System32\drivers\ADP80XX.SYS - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsata () -> System32\drivers\amdsata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsbs () -> System32\drivers\amdsbs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdxata () -> System32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;QLogic Network Adapter VBD) -> System32\drivers\bxvbda.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - bttflt (@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter) -> System32\drivers\bttflt.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - cht4iscsi () -> System32\drivers\cht4sx64.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - disk (@disk.inf,%disk_ServiceDesc%;Pilote de disque) -> System32\drivers\disk.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ebdrv (@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD) -> System32\drivers\evbda.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - EhStorTcgDrv (@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys - AcceptPause: False - AcceptStop: False R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - HpSAMD () -> System32\drivers\HpSAMD.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iaStorAVC (@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller) -> System32\drivers\iaStorAVC.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - intelide () -> System32\drivers\intelide.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - iorate (@%SystemRoot%\system32\drivers\iorate.sys,-101) -> system32\drivers\iorate.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - isapnp () -> System32\drivers\isapnp.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - ItSas35i () -> System32\drivers\ItSas35i.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - LSI_SAS () -> System32\drivers\lsi_sas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS2i () -> System32\drivers\lsi_sas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS3i () -> System32\drivers\lsi_sas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SSS () -> System32\drivers\lsi_sss.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - MbamElam (MbamElam) -> system32\DRIVERS\MbamElam.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas () -> System32\drivers\megasas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas2i () -> System32\drivers\MegaSas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas35i () -> System32\drivers\megasas35i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasr () -> System32\drivers\megasr.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msisadrv () -> System32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - MsSecFlt (@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001) -> system32\drivers\mssecflt.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - mvumis () -> System32\drivers\mvumis.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - nvdimm (@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver) -> System32\drivers\nvdimm.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - nvraid () -> System32\drivers\nvraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - nvstor () -> System32\drivers\nvstor.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pci (@pci.inf,%pci_svcdesc%;PCI Bus Driver) -> System32\drivers\pci.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - pciide () -> System32\drivers\pciide.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - pcmcia () -> System32\drivers\pcmcia.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - percsas2i () -> System32\drivers\percsas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - percsas3i () -> System32\drivers\percsas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - pmem (@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver) -> System32\drivers\pmem.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - Ramdisk (Windows RAM Disk Driver) -> system32\DRIVERS\ramdisk.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - scmbus (@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver) -> System32\drivers\scmbus.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - SgrmAgent (@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001) -> system32\drivers\SgrmAgent.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - SiSRaid2 () -> System32\drivers\SiSRaid2.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SiSRaid4 () -> System32\drivers\sisraid4.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SmartSAMD () -> System32\drivers\SmartSAMD.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - stexstor () -> System32\drivers\stexstor.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - storflt (@wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator) -> System32\drivers\vmstorfl.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storufs (@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver) -> System32\drivers\storufs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storvsc () -> System32\drivers\storvsc.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\drivers\tcpip.sys,-10001) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Telemetry (@intelta.inf,%Telemetry.SVCDESC%;Intel(R) Telemetry Service) -> System32\drivers\IntelTA.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vmbus (@wvmbus.inf,%vmbus.SVCDESC%;Virtual Machine Bus) -> System32\drivers\vmbus.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volsnap (@%SystemRoot%\system32\drivers\volsnap.sys,-100) -> System32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volume (@volume.inf,%VolumeServiceDesc%;Volume driver) -> System32\drivers\volume.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vpci (@wvpci.inf,%vpci.SVCDESC%;Microsoft Hyper-V Virtual PCI Bus) -> System32\drivers\vpci.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - vsmraid () -> System32\drivers\vsmraid.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - vsock (vSockets Virtual Machine Communication Interface Sockets driver) -> system32\DRIVERS\vsock.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - WdBoot (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390) -> system32\drivers\wd\WdBoot.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - WdFilter (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330) -> system32\drivers\wd\WdFilter.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> System32\drivers\wfplwfs.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> system32\drivers\WindowsTrustedRT.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRTProxy (@WindowsTrustedRTProxy.inf,%WindowsTrustedRTProxy.SVCDESC%;Microsoft Windows Trusted Runtime Secure Service) -> System32\drivers\WindowsTrustedRTProxy.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Wof (Windows Overlay File System Filter Driver) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - afunix (afunix) -> \SystemRoot\system32\drivers\afunix.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - bam (@%SystemRoot%\system32\drivers\bam.sys,-100) -> system32\drivers\bam.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicDisplay () -> \SystemRoot\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_65ab9a260dbf7467\BasicDisplay.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicRender () -> \SystemRoot\System32\DriverStore\FileRepository\basicrender.inf_amd64_df49c4daa6251397\BasicRender.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - CimFS () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - CSC (@%systemroot%\system32\cscsvc.dll,-202) -> system32\drivers\csc.sys - AcceptPause: False - AcceptStop: True S1 - [Kernel Driver] - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys - AcceptPause: False - AcceptStop: False R1 - [File System Driver] - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - DXGKrnl (LDDM Graphics Subsystem) -> \SystemRoot\System32\drivers\dxgkrnl.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - FileCrypt (@%systemroot%\system32\drivers\filecrypt.sys,-100) -> system32\drivers\filecrypt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - GpuEnergyDrv (@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100) -> System32\drivers\gpuenergydrv.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NdisCap (@%SystemRoot%\System32\drivers\ndiscap.sys,-5000) -> System32\drivers\ndiscap.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - NetBIOS (@%windir%\system32\drivers\netbios.sys,-503) -> system32\drivers\netbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Psched (@%windir%\System32\drivers\pacer.sys,-101) -> System32\drivers\pacer.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - SeLow (@oem66.inf,%SeLow_DisplayName%;SoftEther Lightweight Network Protocol) -> \SystemRoot\system32\DRIVERS\SeLow_x64.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - vgk (vgk) -> \??\C:\Program Files\Riot Vanguard\vgk.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Vid () -> \SystemRoot\System32\drivers\Vid.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ViGEmBus (@oem101.inf,%ViGEmBus.SVCDESC%;Nefarius Virtual Gamepad Emulation Service) -> \SystemRoot\System32\drivers\ViGEmBus.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> System32\drivers\vwififlt.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - bindflt (@%systemroot%\system32\drivers\bindflt.sys,-100) -> \SystemRoot\system32\drivers\bindflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - BlueStacksDrv (BlueStacks Hypervisor) -> \??\C:\Program Files\BlueStacks\BstkDrv_bgp.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - CldFlt (Windows Cloud Files Filter Driver) -> system32\drivers\cldflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - hcmon (VMware hcmon) -> \SystemRoot\system32\DRIVERS\hcmon.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MQAC (@mqutil.dll,-6101) -> system32\drivers\mqac.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - VMnetuserif (VMware Network Application Interface) -> \??\C:\WINDOWS\system32\drivers\vmnetuserif.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - vmx86 (VMware vmx86) -> \??\C:\WINDOWS\system32\drivers\vmx86.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - wanarp (@%systemroot%\system32\mprmsg.dll,-32011) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - wcifs (@%systemroot%\system32\drivers\wcifs.sys,-100) -> \SystemRoot\system32\drivers\wcifs.sys - AcceptPause: False - AcceptStop: True ---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted) ---------- | Uninstall (Whitelist) [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\029c4619-0385-5543-9426-46f9987161d9] : (Streamlabs OBS.-.General Workings, Inc.) -> "E:\Streamlabs\Streamlabs OBS\Uninstall Streamlabs OBS.exe" /allusers [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\57979c68-f490-55b8-8fed-8b017a5af2fe] : (Vortex.-.Black Tree Gaming Ltd.) -> "C:\Program Files\Black Tree Gaming Ltd\Vortex\Uninstall Vortex.exe" /allusers [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AutoHotkey] : (AutoHotkey 1.1.33.02.-.Lexikos) -> "C:\Program Files\AutoHotkey\AutoHotkey.exe" "C:\Program Files\AutoHotkey\Installer.ahk" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\BlueStacks] : (BlueStacks App Player.-.BlueStack Systems, Inc.) -> C:\Program Files\BlueStacks\BlueStacksUninstaller.exe -tmp [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CCleaner] : (CCleaner.-.Piriform) -> "C:\Program Files\CCleaner\uninst.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Cheat Engine 6.8.3_is1] : (Cheat Engine 6.8.3.-.Cheat Engine) -> "C:\Program Files\Cheat Engine 6.8.3\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CPUID CPU-Z_is1] : (CPUID CPU-Z 1.94.-.CPUID, Inc.) -> "C:\Program Files\CPUID\CPU-Z\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CPUID HWMonitor_is1] : (CPUID HWMonitor 1.44.-.CPUID, Inc.) -> "C:\Program Files\CPUID\HWMonitor\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CrystalDiskInfo_is1] : (CrystalDiskInfo 8.7.0.-.Crystal Dew World) -> "G:\CrystalDiskInfo\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DAEMON Tools Lite] : (DAEMON Tools Lite.-.Disc Soft Ltd) -> C:\Program Files\DAEMON Tools Lite\uninst.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\GIMP-2_is1] : (GIMP 2.10.18.-.The GIMP Team) -> "E:\GIMP 2\uninst\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Git_is1] : (Git version 2.22.0.windows.1.-.The Git Development Community) -> "C:\Program Files\Git\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\jdownloader2] : (JDownloader 2.-.AppWork GmbH) -> "C:\Users\Antonio\AppData\Local\JDownloader 2.0\Uninstall JDownloader.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Microsoft Edge] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Mozilla Firefox 88.0.1 (x64 fr)] : (Mozilla Firefox 88.0.1 (x64 fr).-.Mozilla) -> "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Notepad++] : (Notepad++ (64-bit x64).-.Notepad++ Team) -> C:\Program Files\Notepad++\uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Oculus] : (Oculus.-.Facebook Technologies, LLC) -> G:\Oculus\OculusSetup.exe /uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Prerequisites 2.0.0] : (K.G's Tools Prerequisites.-.Prince of Codes) -> msiexec.exe /x {6CE58733-E9B6-4432-BA1F-085EF8417E0B} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Process_Hacker2_is1] : (Process Hacker 2.39 (r124).-.wj32) -> "C:\Program Files\Process Hacker 2\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Riot Vanguard] : (Riot Vanguard.-.Riot Games, Inc.) -> "C:\Program Files\Riot Vanguard\uninstall.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Speccy] : (Speccy.-.Piriform) -> "C:\Program Files\Speccy\uninst.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 105450] : (Age of Empires® III: Complete Collection.-.Ensemble Studios) -> "G:\Steam\steam.exe" steam://uninstall/105450 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 1361000] : (In Silence.-.Ravenhood Games) -> "G:\Steam\steam.exe" steam://uninstall/1361000 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 1396240] : (Contraband Police: Prologue.-.Crazy Rocks) -> "G:\Steam\steam.exe" steam://uninstall/1396240 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 15700] : (Oddworld: Abe's Oddysee.-.Oddworld Inhabitants) -> "G:\Steam\steam.exe" steam://uninstall/15700 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 15710] : (Oddworld: Abe's Exoddus.-.Oddworld Inhabitants) -> "G:\Steam\steam.exe" steam://uninstall/15710 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 17390] : (Spore.-.Maxis™) -> "G:\Steam\steam.exe" steam://uninstall/17390 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 17440] : (Spore: Creepy & Cute Parts Pack.-.Maxis™) -> "G:\Steam\steam.exe" steam://uninstall/17440 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 207140] : (SpeedRunners.-.DoubleDutch Games) -> "G:\Steam\steam.exe" steam://uninstall/207140 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 223100] : (Homefront: The Revolution.-.Dambuster Studios) -> "G:\Steam\steam.exe" steam://uninstall/223100 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 238320] : (Outlast.-.Red Barrels) -> "G:\Steam\steam.exe" steam://uninstall/238320 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 240] : (Counter-Strike: Source.-.Valve) -> "G:\Steam\steam.exe" steam://uninstall/240 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 2400] : (The Ship.-.Outerlight Ltd.) -> "G:\Steam\steam.exe" steam://uninstall/2400 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 242760] : (The Forest.-.Endnight Games Ltd) -> "G:\Steam\steam.exe" steam://uninstall/242760 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 24720] : (Spore: Galactic Adventures.-.EA - Maxis) -> "G:\Steam\steam.exe" steam://uninstall/24720 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 250900] : (The Binding of Isaac: Rebirth.-.Nicalis, Inc.) -> "G:\Steam\steam.exe" steam://uninstall/250900 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 251830] : (Stick It To The Man!.-.Zoink Games) -> "G:\Steam\steam.exe" steam://uninstall/251830 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 252950] : (Rocket League.-.Psyonix LLC) -> "G:\Steam\steam.exe" steam://uninstall/252950 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 264710] : (Subnautica.-.Unknown Worlds Entertainment) -> "G:\Steam\steam.exe" steam://uninstall/264710 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 271590] : (Grand Theft Auto V.-.Rockstar North) -> "G:\Steam\steam.exe" steam://uninstall/271590 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 274940] : (Depth.-.Digital Confectioners) -> "G:\Steam\steam.exe" steam://uninstall/274940 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 275850] : (No Man's Sky.-.Hello Games) -> "G:\Steam\steam.exe" steam://uninstall/275850 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 286160] : (Tabletop Simulator.-.Berserk Games) -> "G:\Steam\steam.exe" steam://uninstall/286160 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 291550] : (Brawlhalla.-.Blue Mammoth Games) -> "G:\Steam\steam.exe" steam://uninstall/291550 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 318600] : (The Flame in the Flood.-.The Molasses Flood) -> "G:\Steam\steam.exe" steam://uninstall/318600 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 32360] : (The Secret of Monkey Island: Special Edition.-.LucasArts) -> "G:\Steam\steam.exe" steam://uninstall/32360 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 32460] : (Monkey Island 2: Special Edition.-.LucasArts) -> "G:\Steam\steam.exe" steam://uninstall/32460 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 356190] : (Middle-earth™: Shadow of War™.-.Monolith Productions) -> "G:\Steam\steam.exe" steam://uninstall/356190 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 365450] : (Hacknet.-.Team Fractal Alligator) -> "G:\Steam\steam.exe" steam://uninstall/365450 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 374320] : (DARK SOULS™ III.-.FromSoftware, Inc.) -> "G:\Steam\steam.exe" steam://uninstall/374320 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 381210] : (Dead by Daylight.-.Behaviour Interactive Inc.) -> "G:\Steam\steam.exe" steam://uninstall/381210 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 4000] : (Garry's Mod.-.Facepunch Studios) -> "G:\Steam\steam.exe" steam://uninstall/4000 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 413410] : (Danganronpa: Trigger Happy Havoc.-.Spike Chunsoft Co., Ltd.) -> "G:\Steam\steam.exe" steam://uninstall/413410 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 443810] : (This Is the Police.-.Weappy Studio) -> "G:\Steam\steam.exe" steam://uninstall/443810 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 460790] : (Bayonetta.-.PlatinumGames) -> "G:\Steam\steam.exe" steam://uninstall/460790 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 480] : (Spacewar.-.Valve) -> "G:\Steam\steam.exe" steam://uninstall/480 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 4920] : (Natural Selection 2.-.Unknown Worlds Entertainment) -> "G:\Steam\steam.exe" steam://uninstall/4920 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 521350] : (Use Your Words.-.Smiling Buddha Games, LLC) -> "G:\Steam\steam.exe" steam://uninstall/521350 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 602960] : (Barotrauma.-.FakeFish) -> "G:\Steam\steam.exe" steam://uninstall/602960 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 613100] : (House Flipper.-.Empyrean) -> "G:\Steam\steam.exe" steam://uninstall/613100 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 637650] : (FINAL FANTASY XV WINDOWS EDITION.-.Square Enix) -> "G:\Steam\steam.exe" steam://uninstall/637650 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 638970] : (Yakuza 0.-.SEGA) -> "G:\Steam\steam.exe" steam://uninstall/638970 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 648600] : (FINAL FANTASY XV WINDOWS EDITION MOD ORGANIZER.-.Square Enix) -> "G:\Steam\steam.exe" steam://uninstall/648600 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 680420] : (OUTRIDERS.-.People Can Fly) -> "G:\Steam\steam.exe" steam://uninstall/680420 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 730] : (Counter-Strike: Global Offensive.-.Valve) -> "G:\Steam\steam.exe" steam://uninstall/730 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 8260] : (Sam & Max 201: Ice Station Santa.-.Telltale Games) -> "G:\Steam\steam.exe" steam://uninstall/8260 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 8270] : (Sam & Max 202: Moai Better Blues.-.Telltale Games) -> "G:\Steam\steam.exe" steam://uninstall/8270 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 8280] : (Sam & Max 203: Night of the Raving Dead.-.Telltale Games) -> "G:\Steam\steam.exe" steam://uninstall/8280 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 927350] : (Hood: Outlaws & Legends.-.Sumo Digital) -> "G:\Steam\steam.exe" steam://uninstall/927350 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 953880] : (First Class Trouble.-.Invisible Walls) -> "G:\Steam\steam.exe" steam://uninstall/953880 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 955610] : (OpenVR Benchmark.-.Stonebrick Studios UG) -> "G:\Steam\steam.exe" steam://uninstall/955610 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SteelSeries Engine 3] : (SteelSeries Engine 3.18.8.-.SteelSeries ApS) -> C:\Program Files\SteelSeries\SteelSeries Engine 3\uninst.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VB:VBCABLE {87459874-1236-4469}] : (VBCABLE, The Virtual Audio Cable.-.VB-Audio Software) -> C:\Program Files\VB\CABLE\VBCABLE_Setup_x64.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VLC media player] : (VLC media player.-.VideoLAN) -> "G:\VLC\uninstall.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VSDC Free Video Editor_is1] : (VSDC Free Video Editor version 6.6.4.265.-.Flash-Integro LLC) -> "C:\Program Files\FlashIntegro\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VulkanRT1.0.65.1] : (Vulkan Run Time Libraries 1.0.65.1.-.LunarG, Inc.) -> C:\Program Files (x86)\VulkanRT\1.0.65.1\UninstallVulkanRT.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WinRAR archiver] : (WinRAR 5.71 (64-bit).-.win.rar GmbH) -> C:\Program Files\WinRAR\uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{07BB6181-E1D0-4283-87D0-BE4819535A3C}] : (Resanance.-.WasntAFairFight) -> MsiExec.exe /X{07BB6181-E1D0-4283-87D0-BE4819535A3C} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0BE3138E-CB5E-4C09-8E06-B09BA9FEF86B}] : (R.A.T.TE.-.Mad Catz Inc) -> MsiExec.exe /I{0BE3138E-CB5E-4C09-8E06-B09BA9FEF86B} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3600_series] : (Canon MG3600 series MP Drivers.-.Canon Inc.) -> "C:\Program Files\CanonBJ\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3600_series\DELDRV64.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3600_series /L0x000c [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1] : (Allgemeine Runtime Files (x86).-.Sereby Corporation) -> "C:\WINDOWS\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F64180291F0}] : (Java 8 Update 291 (64-bit).-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F64180291F0} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2DFAC857-A66A-4D1A-900C-B36DC56C2E76}] : (Node.js.-.Node.js Foundation) -> MsiExec.exe /I{2DFAC857-A66A-4D1A-900C-B36DC56C2E76} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1] : (Malwarebytes version 4.3.0.98.-.Malwarebytes) -> "C:\Program Files\Malwarebytes\Anti-Malware\mbuns.exe" /Uninstall ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6CE58733-E9B6-4432-BA1F-085EF8417E0B}] : (Prerequisites.-.Prince of Codes) -> MsiExec.exe /I{6CE58733-E9B6-4432-BA1F-085EF8417E0B} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8435A407-F778-4647-9CDB-46E5EC50BAD0}_is1] : (Voicemod.-.Voicemod S.L.) -> "C:\Program Files\Voicemod Desktop\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8C17D521-4FB0-11E7-A6E0-A9EF5249FCEF}] : (VEGAS Pro 14.0 (64-bit).-.VEGAS) -> MsiExec.exe /X{8C17D521-4FB0-11E7-A6E0-A9EF5249FCEF} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9075FF1E-4FB0-11E7-9C02-A9EF5249FCEF}] : (MSVCRT Redists.-.MAGIX Computer Products Intl. Co.) -> MsiExec.exe /I{9075FF1E-4FB0-11E7-9C02-A9EF5249FCEF} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{93D91F60-7C94-4A79-863F-EA713D2EB3F3}] : (Nefarius Virtual Gamepad Emulation Bus Driver.-.Nefarius Software Solutions e.U.) -> MsiExec.exe /X{93D91F60-7C94-4A79-863F-EA713D2EB3F3} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver] : (NVIDIA Pilote graphique 466.27.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience] : (NVIDIA GeForce Experience 3.22.0.32.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus] : (NVIDIA Optimus Update 38.0.7.0.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX] : (NVIDIA Logiciel système PhysX 9.19.0218.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] : (Mises à jour NVIDIA 38.0.7.0.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk] : (NVIDIA FrameView SDK 1.1.4923.29781331.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage FrameViewSdk ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv] : (NVIDIA SHIELD Streaming.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver] : (NVIDIA Pilote audio HD : 1.3.38.40.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage HDAudio.Driver ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] : (NVIDIA Install Application.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvAbHub] : (NVIDIA ABHub.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend] : (NVIDIA Backend.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer] : (NVIDIA Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ContainerTelemetryApiHelper] : (NVIDIA TelemetryApi helper for NvContainer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem] : (NVIDIA LocalSystem Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus] : (NVIDIA Message Bus for NvContainer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor] : (NVAPI Monitor plugin for NvContainer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ServiceUser] : (NVIDIA NetworkService Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session] : (NVIDIA Session Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User] : (NVIDIA User Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver] : (NvModuleTracker.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs] : (NVIDIA NodeJS.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog] : (NVIDIA Watchdog Plugin for NvContainer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry] : (NVIDIA Telemetry Client.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvVHCI] : (NVIDIA Virtual Host Controller.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC] : (Nvidia Share.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay] : (NVIDIA ShadowPlay 3.22.0.32.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController] : (NVIDIA SHIELD Wireless Controller Driver.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core] : (NVIDIA Update Core.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC] : (NVIDIA USBC Driver 1.46.831.832.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage USBC ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver] : (NVIDIA Virtual Audio 4.13.0.0.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{CA344FF7-3E03-49E4-836E-F46C321A4FDF}] : (WrestlePlus.-.Pozzum) -> MsiExec.exe /I{CA344FF7-3E03-49E4-836E-F46C321A4FDF} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D7B591D8-1091-4A00-A0B3-5301C45E5D51}] : (UE4 Prerequisites (x64).-.Epic Games, Inc.) -> MsiExec.exe /X{D7B591D8-1091-4A00-A0B3-5301C45E5D51} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E637E0EF-6EB3-44C4-97B8-6F9EA444D649}] : (paint.net.-.dotPDN LLC) -> MsiExec.exe /X{E637E0EF-6EB3-44C4-97B8-6F9EA444D649} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\1140907376_is1] : (House Flipper.-.GOG.com) -> "E:\House Flipper\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\1207658924_is1] : (The Witcher Enhanced Edition Director's Cut.-.GOG.com) -> "E:\The Witcher Enhanced Edition\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\1423049311_is1] : (Cyberpunk 2077.-.GOG.com) -> "E:\Cyberpunk 2077\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\1452691186_is1] : (Agatha Christie - The ABC Murders.-.GOG.com) -> "E:\Agatha Christie - The ABC Murders\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\1689378242_is1] : (HGTV Flipper.-.GOG.com) -> "E:\House Flipper\unins001.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\1833342145_is1] : (Garden Flipper.-.GOG.com) -> "E:\House Flipper\unins002.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AdobeGenuineService] : (Adobe Genuine Service.-.Adobe) -> C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeCleanUpUtility.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Amnesia: Rebirth_is1] : (Amnesia: Rebirth.-.) -> "G:\Amnesia - Rebirth\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Aomei Partition Assistant_is1] : (.-.) -> C:\Program Files (x86)\AOMEI Partition Assistant\unins000.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Battle.net] : (Battle.net.-.Blizzard Entertainment) -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=frFR --uid=battle.net --displayname="Battle.net" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Borderless Gaming_is1] : (Borderless Gaming.-.Andrew Sampson) -> "C:\Program Files (x86)\Borderless Gaming\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Budget Cuts 2 Mission Insolvency_is1] : (Budget Cuts 2 Mission Insolvency.-.) -> "E:\Games\Budget Cuts 2 Mission Insolvency\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Budget Cuts_is1] : (Budget Cuts.-.) -> "E:\Games\Budget Cuts\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\CANONIJPLM100] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\CanonMyPrinter] : (Canon My Printer.-.Canon Inc.) -> "C:\Program Files\Canon\MyPrinter\uninst.exe" /UninstallRemove C:\Program Files\Canon\MyPrinter\uninst.ini [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\CanonQuickMenu] : (Canon Quick Menu.-.Canon Inc.) -> "C:\Program Files (x86)\Canon\Quick Menu\uninst.exe" /UninstallRemove C:\Program Files (x86)\Canon\Quick Menu\uninst.ini [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Canon_IJ_Network_UTILITY] : (Canon IJ Network Tool.-.Canon Inc.) -> C:\Program Files (x86)\Canon\Canon IJ Network Tool\CNMNUU.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Canon_IJ_Scan_Utility] : (Canon IJ Scan Utility.-.Canon Inc.) -> "C:\Program Files (x86)\Canon\IJ Scan Utility\MAINT.exe" /UninstallRemove C:\Program Files (x86)\Canon\IJ Scan Utility\uninst.ini [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\CCXP_3_3_0_32] : (.-.Adobe Systems Incorporated) -> "C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HDBox\Uninstaller.exe" --uninstall=1 --sapCode=CCXP --productVersion=3.3.0 --productPlatform=win32 --productAdobeCode={CCXP-3.3.0-32-ADBEADBEADBEADBEADBEAD} --productName="CCX Process" --mode=1 ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Cooking Simulator_is1] : (Cooking Simulator.-.) -> "E:\Games\Cooking Simulator\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\COSY_4_3_14_32] : (.-.Adobe Systems Incorporated) -> "C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HDBox\Uninstaller.exe" --uninstall=1 --sapCode=COSY --productVersion=4.3.14 --productPlatform=win32 --productAdobeCode={COSY-4.3.14-32-ADBEADBEADBEADBEADBEA} --productName="CoreSync" --mode=1 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Diablo III] : (Diablo III.-.Blizzard Entertainment) -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=frFR --uid=diablo3 --displayname="Diablo III" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Dolphin] : (Dolphin.-.Dolphin Team) -> E:\Dolphin\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DroidCam] : (DroidCam Client.-.Dev47apps) -> "C:\Program Files (x86)\DroidCam\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Enregistrement utilisateur de Canon MG3600 series] : (Enregistrement utilisateur de Canon MG3600 series.-.?Canon Inc.) -> C:\Program Files (x86)\Canon\IJEREG\MG3600 series\UNINST.EXE [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fallout 76] : (Fallout 76.-.Bethesda Softworks) -> "e:\bethesda.net launcher\bethesdanetupdater.exe" bethesdanet://uninstall/20 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\GOGPACKSUPERHEXAGON_is1] : (Super Hexagon.-.GOG.com) -> "E:\Super Hexagon\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Google Chrome] : (Google Chrome.-.Google LLC) -> "C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.212\Installer\setup.exe" --uninstall --channel --system-level --verbose-logging [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Hades_is1] : (Hades.-.) -> "E:\Hades\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\HD Tune Pro_is1] : (HD Tune Pro 5.75.-.EFD Software) -> "C:\Program Files (x86)\HD Tune Pro\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Heroes of the Storm] : (Heroes of the Storm.-.Blizzard Entertainment) -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=frFR --uid=heroes --displayname="Heroes of the Storm" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Hitman 3_is1] : (Hitman 3.-.) -> "E:\Games\Hitman 3\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Horizon: Zero Down CE_is1] : (Horizon: Zero Down CE.-.) -> "G:\Horizon - Zero Down CE\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Kingdom Hearts HD 1 5 and 2 5 ReMIX_is1] : (Kingdom Hearts HD 1 5 and 2 5 ReMIX.-.) -> "E:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\KLiteCodecPack_is1] : (K-Lite Mega Codec Pack 13.8.4.-.KLCP) -> "C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\LAME_is1] : (LAME v3.99.3 (for Windows).-.) -> "C:\Program Files (x86)\Lame For Audacity\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\LIBS_3_6_1_32] : (.-.Adobe Systems Incorporated) -> "C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HDBox\Uninstaller.exe" --uninstall=1 --sapCode=LIBS --productVersion=3.6.1 --productPlatform=win32 --productAdobeCode={LIBS-3.6.1-32-ADBEADBEADBEADBEADBEAD} --productName="CC Library" --mode=1 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\LogMeIn Hamachi] : (LogMeIn Hamachi.-.LogMeIn, Inc.) -> C:\WINDOWS\SysWOW64\\msiexec.exe /i {ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7} REMOVE=ALL [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MEGAsync] : (MEGAsync.-.Mega Limited) -> C:\Users\Antonio\AppData\Local\MEGAsync\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Microsoft Edge Update] : (Microsoft Edge Update.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Mobile Gamepad Server] : (Mobile Gamepad Server 1.1.-.MMH Dev) -> C:\Program Files (x86)\Mobile Gamepad Server\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Oddworld: Soulstorm_is1] : (Oddworld: Soulstorm.-.) -> "G:\Oddworld - Soulstorm\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\One Piece - Pirate Warriors 4_is1] : (One Piece - Pirate Warriors 4.-.) -> "G:\One Piece - Pirate Warriors 4\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\OpenAL] : (OpenAL.-.) -> "C:\Program Files (x86)\OpenAL\oalinst.exe" /U [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Origin] : (Origin.-.Electronic Arts, Inc.) -> G:\Origin\OriginUninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Overwatch] : (Overwatch.-.Blizzard Entertainment) -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=frFR --uid=prometheus --displayname="Overwatch" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\PingPlotter 5 5.11.5.6618] : (PingPlotter 5.-.Pingman Tools, LLC) -> msiexec.exe /x {83DC9FBF-9FA4-4C32-B5B4-0D2B84BD1706} AI_UNINSTALLER_CTP=1 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Razer Chroma SDK] : (Razer Chroma SDK Core Components.-.Razer Inc.) -> C:\Program Files (x86)\Razer Chroma SDK\Razer_Chroma_SDK_Uninstaller.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Remember Me_is1] : (Remember Me.-.Capcom) -> "E:\Games\Remember Me\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Remothered Tormented Fathers HD_is1] : (Remothered Tormented Fathers HD.-.) -> "E:\Games\Remothered Tormented Fathers HD\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Remothered: Broken Porcelain_is1] : (Remothered: Broken Porcelain.-.) -> "G:\Remothered - Broken Porcelain\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Resident Evil 2_is1] : (Resident Evil 2.-.) -> "G:\Games\Resident Evil 2\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Revive] : (Revive Dashboard.-.) -> "C:\Program Files\Revive\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Richies Plank Experience_is1] : (Richies Plank Experience.-.) -> "E:\Games\Richies Plank Experience\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\RisingHUB_is1] : (RisingHUB version 1.0.13.0.-.RisingHUB) -> "E:\RisingHUB\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Rockstar Games Launcher] : (Rockstar Games Launcher.-.Rockstar Games) -> "E:\Rockstar\Launcher\Launcher.exe" -enableFullMode -uninstall=launcher [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Rockstar Games Social Club] : (Rockstar Games Social Club.-.Rockstar Games) -> C:\Program Files\Rockstar Games\Social Club\uninstallRGSCRedistributable.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SoundSelf A Technodelic_is1] : (SoundSelf A Technodelic.-.) -> "G:\Games\SoundSelf A Technodelic\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\State of Mind_R.G. Mechanics_is1] : (State of Mind.-.R.G. Mechanics, markfiter) -> "C:\Users\Antonio\AppData\Roaming\State of Mind_Uninstall\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam] : (Steam.-.Valve Corporation) -> G:\Steam\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 252950] : (.-.Psyonix, Inc) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Stubbs The Zombie In Rebel Without A Pulse] : (Stubbs The Zombie In Rebel Without A Pulse.-.TiNYiSO) -> E:\Stubbs The Zombie In Rebel Without A Pulse\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\The Surge 2_is1] : (The Surge 2.-.) -> "E:\The Surge 2\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Unchecky] : (Unchecky v1.2.-.Reason Software Company Inc.) -> "C:\Program Files (x86)\Unchecky\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Unity] : (Unity.-.Unity Technologies ApS) -> E:\2019.4.12f1\Editor\Uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Uplay] : (Ubisoft Connect.-.Ubisoft) -> G:\Ubisoft Game Launcher\Uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Uplay Install 11899] : (Roller Champions.-.Ubisoft) -> "G:\Ubisoft Game Launcher\upc.exe" uplay://uninstall/11899 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Uplay Install 13504] : (Assassin's Creed Valhalla.-.Ubisoft) -> "G:\Ubisoft Game Launcher\upc.exe" uplay://uninstall/13504 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Uplay Install 2688] : (WATCH_DOGS2.-.Ubisoft) -> "G:\Ubisoft Game Launcher\Uplay.exe" uplay://uninstall/2688 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Uplay Install 4932] : (Tom Clancy's The Division 2.-.Ubisoft) -> "G:\Ubisoft Game Launcher\upc.exe" uplay://uninstall/4932 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Uplay Install 569] : (ForHonor.-.Ubisoft) -> "G:\Ubisoft Game Launcher\Uplay.exe" uplay://uninstall/569 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Uplay Install 635] : (Tom Clancy's Rainbow Six Siege.-.Ubisoft Montreal) -> "G:\Ubisoft Game Launcher\upc.exe" uplay://uninstall/635 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Vampyr_is1] : (Vampyr.-.) -> "E:\Vampyr\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\VB:ASIOBridge {17359A74-1236-5467}] : (ASIO Bridge and Hi-Fi Cable.-.VB-Audio Software) -> C:\Program Files (x86)\VB\ASIOBridge\HiFiCableAsioBridgeSetup.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Xvid Video Codec 1.3.7] : (Xvid Video Codec.-.Xvid Team) -> C:\Program Files (x86)\Xvid\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Zombie Army 4: Dead War_is1] : (Zombie Army 4: Dead War.-.) -> "E:\Zombie Army 4 - Dead War\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1] : (AOMEI Partition Assistant 9.2.-.AOMEI International Network Limited.) -> "C:\Program Files (x86)\AOMEI Partition Assistant\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0960F1CA-B729-4B15-A10D-5B0CDB7F4E45}] : (Python 3.5.3 Documentation (32-bit).-.Python Software Foundation) -> MsiExec.exe /I{0960F1CA-B729-4B15-A10D-5B0CDB7F4E45} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}] : (Razer Synapse.-.Razer Inc.) -> MsiExec.exe /I{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}] : (UE4 Prerequisites (x64).-.Epic Games, Inc.) -> "C:\ProgramData\Package Cache\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}\UE4PrereqSetup_x64.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{155C4F2E-7381-4B80-B258-FD0600C9C46B}] : (OpenOffice 4.1.5.-.Apache Software Foundation) -> MsiExec.exe /I{155C4F2E-7381-4B80-B258-FD0600C9C46B} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}] : (Minecraft.-.Mojang) -> MsiExec.exe /X{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{24BB34B8-A1C3-4749-BD9A-FCD6158B877A}] : (Progress® Telerik® JustDecompile R1 2019.-.Progress Software Corporation) -> MsiExec.exe /I{24BB34B8-A1C3-4749-BD9A-FCD6158B877A} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2523CCCE-D2FA-47F7-B4DF-54C122222E6A}] : (Intel(R) Extreme Tuning Utility.-.Intel Corporation) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F32180281F0}] : (Java 8 Update 281.-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F32180281F0} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1] : (Bethesda.net Launcher.-.Bethesda Softworks) -> "E:\Bethesda.net Launcher\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{399dda39-e8db-4148-9315-905f194ecb5f}] : (MorphVOX Pro.-.Screaming Bee) -> "C:\ProgramData\Package Cache\{399dda39-e8db-4148-9315-905f194ecb5f}\setup.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}] : (Star Wars: The Old Republic.-.Electronic Arts, Inc.) -> C:\Program Files (x86)\Common Files\BioWare\Uninstall Star Wars - The Old Republic.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3B196FD3-F01D-436D-95B3-7B4231FA95CE}_is1] : (PC Building Simulator MULTi9 - ElAmigos version 1.9.7.-.The Irregular Corporation) -> "E:\PC Building Simulator\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3CC29C1A-B5FE-457B-1234-32A2557A92C7}}_is1] : (Windows Movie Maker 2017.-.winmoviemaker) -> "C:\Program Files (x86)\Windows Movie Maker\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3E4DC27C-450D-4E8E-AD0D-4BCD189A35A6}] : (Python 3.5.3 pip Bootstrap (32-bit).-.Python Software Foundation) -> MsiExec.exe /I{3E4DC27C-450D-4E8E-AD0D-4BCD189A35A6} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1] : (Unified Remote.-.Unified Intents AB) -> "C:\Program Files (x86)\Unified Remote 3\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{46F044A5-CE8B-4196-984E-5BD6525E361D}] : (Apple Application Support.-.Apple Inc.) -> MsiExec.exe /I{46F044A5-CE8B-4196-984E-5BD6525E361D} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{47D30E7E-2DC9-44E8-B951-D280173FCE73}] : (Python 3.5.3 Core Interpreter (32-bit).-.Python Software Foundation) -> MsiExec.exe /I{47D30E7E-2DC9-44E8-B951-D280173FCE73} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4BD80373-FEE7-45B6-8249-6E8E98717405}] : (Titanfall™ 2.-.Electronic Arts, Inc.) -> "C:\Program Files\Common Files\EAInstaller\Titanfall2\Cleanup.exe" uninstall_game -autologging ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4D6CEBE0-87AF-435A-B305-01EEA6DE795B}] : (Fantasy Voices.-.Screaming Bee Inc.) -> MsiExec.exe /X{4D6CEBE0-87AF-435A-B305-01EEA6DE795B} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{52CC87AA-645D-40FB-8411-510142191678}_is1] : (QModManager (Subnautica).-.QModManager) -> "E:\Steam\steamapps\common\Subnautica\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{584F5685-C0E5-4D84-B6F2-045B801A0BA1}] : (AntiMicro.-.AntiMicro) -> MsiExec.exe /I{584F5685-C0E5-4D84-B6F2-045B801A0BA1} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5B305D8D-5090-4038-B7A1-0BE0B132DAF2}] : (MorphVOX Pro.-.Screaming Bee) -> MsiExec.exe /I{5B305D8D-5090-4038-B7A1-0BE0B132DAF2} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6F5242CD-19B0-4632-AD56-75678C571B4D}] : (Python 3.5.3 Utility Scripts (32-bit).-.Python Software Foundation) -> MsiExec.exe /I{6F5242CD-19B0-4632-AD56-75678C571B4D} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7258BA11-600C-430E-A759-27E2C691A335}_is1] : (GOG Galaxy.-.GOG.com) -> "C:\Program Files (x86)\GOG Galaxy\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}] : (Apple Software Update.-.Apple Inc.) -> MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7F9A97E6-E666-11E5-B582-B88687E82322}] : (Hextech Repair Tool.-.Riot Games, Inc.) -> MsiExec.exe /I{7F9A97E6-E666-11E5-B582-B88687E82322} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{83DC9FBF-9FA4-4C32-B5B4-0D2B84BD1706}] : (PingPlotter 5.-.Pingman Tools, LLC) -> MsiExec.exe /I{83DC9FBF-9FA4-4C32-B5B4-0D2B84BD1706} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{86aac4fd-4cd3-48c5-825b-325c34aa5008}] : (Fantasy Voices for MorphVOX.-.Screaming Bee Inc.) -> "C:\ProgramData\Package Cache\{86aac4fd-4cd3-48c5-825b-325c34aa5008}\VP-Fantasy_Install.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8a882ce0-0c0b-4eb2-850c-28ebadab4f50}] : (STAR WARS™ Battlefront™ II.-.Electronic Arts) -> "C:\Program Files\Common Files\EAInstaller\STAR WARS Battlefront II\Cleanup.exe" uninstall_game -autologging [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8F21291E-0444-4B1D-B9F9-4370A73E346D}] : (WinFlash.-.ASUSTeK COMPUTER INC.) -> MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{94E2F806-A0F9-406E-9971-8F2F045F3153}] : (Python 3.5.3 Tcl/Tk Support (32-bit).-.Python Software Foundation) -> MsiExec.exe /I{94E2F806-A0F9-406E-9971-8F2F045F3153} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A28C27E4-A725-482A-9C65-61EDC0E4D583}] : (Python Launcher.-.Python Software Foundation) -> MsiExec.exe /X{A28C27E4-A725-482A-9C65-61EDC0E4D583} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}] : (ATK Package (ASUS Keyboard Hotkeys).-.ASUSTeK COMPUTER INC.) -> MsiExec.exe /X{AB5C933E-5C7D-4D30-B314-9C83A49B94BE} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1033-7B44-A90000000001}] : (Adobe Reader 9.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B2387FFE-D293-4A16-86C3-B81E4DD5CAFD}_is1] : (Octopath Traveler.-.Square Enix) -> "E:\Octopath Traveler\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}] : (Gtk# for .Net 2.12.26.-.Xamarin, Inc.) -> MsiExec.exe /X{BC25B808-A11C-4C9F-9C0A-6682E47AAB83} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C26AA108-615E-4186-A499-9F82FDC21F3A}] : (Epic Games Launcher.-.Epic Games, Inc.) -> MsiExec.exe /X{C26AA108-615E-4186-A499-9F82FDC21F3A} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}] : (Launcher Prerequisites (x64).-.Epic Games, Inc.) -> "C:\ProgramData\Package Cache\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}\LauncherPrereqSetup_x64.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CC7484BA-DCCC-45D8-8735-3161FDA534D3}] : (XSplit Broadcaster.-.SplitmediaLabs) -> MsiExec.exe /X{CC7484BA-DCCC-45D8-8735-3161FDA534D3} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CE8E2015-66B4-4461-836D-B112ADCE10D2}] : (Python 3.5.3 Executables (32-bit).-.Python Software Foundation) -> MsiExec.exe /I{CE8E2015-66B4-4461-836D-B112ADCE10D2} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D7FBF176-382D-484E-863A-DFD1124A2A1C}] : (Apex Legends.-.Electronic Arts, Inc.) -> "C:\Program Files\Common Files\EAInstaller\Apex\Cleanup.exe" uninstall_game -autologging [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DC1E9E1A-86BE-491B-8DF9-A86045902F48}] : (NBTExplorer.-.Justin Aquadro) -> MsiExec.exe /X{DC1E9E1A-86BE-491B-8DF9-A86045902F48} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{de963bf0-619d-461f-b689-7f4079c4ac42}] : (Intel(R) Extreme Tuning Utility.-.Intel Corporation) -> "C:\ProgramData\Package Cache\{de963bf0-619d-461f-b689-7f4079c4ac42}\XTUUISetup.exe" /modify ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DF6DC0C1-2B9E-43CB-9DDB-445F9239767F}] : (Python 3.5.3 Standard Library (32-bit).-.Python Software Foundation) -> MsiExec.exe /I{DF6DC0C1-2B9E-43CB-9DDB-445F9239767F} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E154B2C8-2F3E-4763-B3D5-E7D34AE39C6B}] : (Minecraft Launcher.-.Mojang) -> MsiExec.exe /X{E154B2C8-2F3E-4763-B3D5-E7D34AE39C6B} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E1596D3E-6EB2-480B-86A0-9FE174D33D1D}] : (Python 3.5.3 Add to Path (32-bit).-.Python Software Foundation) -> MsiExec.exe /I{E1596D3E-6EB2-480B-86A0-9FE174D33D1D} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E16ECE8F-1E16-4A7C-8B00-6029A269857A}] : (Python 3.5.3 Development Libraries (32-bit).-.Python Software Foundation) -> MsiExec.exe /I{E16ECE8F-1E16-4A7C-8B00-6029A269857A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{e26b382f-e945-4f70-9318-121b683f1d61}] : (Battlefield™ V.-.Electronic Arts) -> "C:\Program Files\Common Files\EAInstaller\Battlefield V\Cleanup.exe" uninstall_game -autologging ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}] : (LogMeIn Hamachi.-.LogMeIn, Inc.) -> MsiExec.exe /I{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1] : (MSI SDK.-.MSI) -> "C:\Program Files (x86)\MSI\One Dragon Center\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EF80EDF3-6B78-4E0A-8D19-F6F7AD81F545}] : (Python 3.5.3 Test Suite (32-bit).-.Python Software Foundation) -> MsiExec.exe /I{EF80EDF3-6B78-4E0A-8D19-F6F7AD81F545} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}] : (Intel(R) Processor Graphics.-.Intel Corporation) -> "C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe" -uninstall ---------- | Ports ---------- | Installer [HKCR\Installer\Products\06F19D3949C797A468F3AE17D3E23B3F] : Nefarius Virtual Gamepad Emulation Bus Driver -> C:\WINDOWS\Installer\{93D91F60-7C94-4A79-863F-EA713D2EB3F3}\ViGEm.ico [HKCR\Installer\Products\0EBEC6D4FA78A5343B5010EE6AED97B5] : Fantasy Voices [HKCR\Installer\Products\0EFF299C23CA9AF4CBA91F36B7E956D5] : Photo Gallery [HKCR\Installer\Products\125D71C80BF47E116A0E9AFE2594CFFE] : VEGAS Pro 14.0 (64-bit) -> C:\WINDOWS\Installer\{8C17D521-4FB0-11E7-A6E0-A9EF5249FCEF}\vegas.ico [HKCR\Installer\Products\1816BB700D1E3824780DEB849135A5C3] : Resanance -> C:\WINDOWS\Installer\{07BB6181-E1D0-4283-87D0-BE4819535A3C}\favicon2.exe [HKCR\Installer\Products\2EEB87D0FF8F8944FAA1F38FC1DEA86C] : Razer Synapse -> C:\WINDOWS\Installer\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}\ARPPRODUCTICON.exe [HKCR\Installer\Products\33785EC66B9E2344ABF180E58F14E7B0] : Prerequisites -> C:\WINDOWS\Installer\{6CE58733-E9B6-4432-BA1F-085EF8417E0B}\install_bg64.exe [HKCR\Installer\Products\33DA8B8679ECD3C4593866C9932DB15A] : vs_minshellmsi [HKCR\Installer\Products\358A0C4FB3AF404459B4972999BEA589] : VMware Workstation [HKCR\Installer\Products\3ACB61C11CBE6F946832F8FB9BCC8C27] : Minecraft -> C:\WINDOWS\Installer\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}\minecraft.ico [HKCR\Installer\Products\3F6DF3589CB0A41489B609FE35D8AB1A] : vs_minshellmsires [HKCR\Installer\Products\46B5A9879DD95AB419A50FCFA0B1B7EF] : Apple Software Update -> C:\WINDOWS\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\Installer.ico [HKCR\Installer\Products\4E72C82A527AA284C95616DE0C4E5D38] : Python Launcher -> C:\WINDOWS\Installer\{A28C27E4-A725-482A-9C65-61EDC0E4D583}\ARPIcon [HKCR\Installer\Products\4EA42A62D9304AC4784BF2468120190F] : Java 8 Update 291 (64-bit) -> C:\Program Files\Java\jre1.8.0_291\\bin\javaws.exe [HKCR\Installer\Products\5865F4855E0C48D46B2F40B508A1B01A] : AntiMicro [HKCR\Installer\Products\5A440F64B8EC691489E4B56D25E563D1] : Apple Application Support -> C:\WINDOWS\Installer\{46F044A5-CE8B-4196-984E-5BD6525E361D}\WinInstall.ico [HKCR\Installer\Products\65EC0961132295E409600A78D649E98A] : Tools for .Net 3.5 [HKCR\Installer\Products\68AB67CA7DA73301B7449A0000000010] : Adobe Reader 9 -> C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-A90000000001}\SC_Reader.exe [HKCR\Installer\Products\6E79A9F7666E5E115B288B68788E3222] : Hextech Repair Tool -> C:\WINDOWS\Installer\{7F9A97E6-E666-11E5-B582-B88687E82322}\Hextech_Repair_Tool_exe_icon [HKCR\Installer\Products\70AF0CCEE368CB44B8D1AD229FE6F57B] : LogMeIn Hamachi [HKCR\Installer\Products\758CAFD2A66AA1D409C03BD65CC6E267] : Node.js -> C:\WINDOWS\Installer\{2DFAC857-A66A-4D1A-900C-B36DC56C2E76}\NodeIcon [HKCR\Installer\Products\7BD4C90EC03660F46A13E87A329932FA] : D3DX10 [HKCR\Installer\Products\7FF443AC30E34E9438E64FC623A1F4FD] : WrestlePlus -> C:\WINDOWS\Installer\{CA344FF7-3E03-49E4-836E-F46C321A4FDF}\ARPPRODUCTICON.exe [HKCR\Installer\Products\801AA62CE51668144A99F928DF2CF1A3] : Epic Games Launcher -> C:\WINDOWS\Installer\{C26AA108-615E-4186-A499-9F82FDC21F3A}\Installer.ico [HKCR\Installer\Products\8B43BB423C1A9474DBA9CF6D51B878A7] : Progress® Telerik® JustDecompile R1 2019 -> C:\WINDOWS\Installer\{24BB34B8-A1C3-4749-BD9A-FCD6158B877A}\Product.ico [HKCR\Installer\Products\8C2B451EE3F236743B5D7E3DA43EC9B6] : Minecraft Launcher -> C:\WINDOWS\Installer\{E154B2C8-2F3E-4763-B3D5-E7D34AE39C6B}\minecraft.ico [HKCR\Installer\Products\8CDD41E806AE81E43B3E917301D4B5AD] : MSVCRT110 [HKCR\Installer\Products\8D195B7D190100A40A3B35104CE5D515] : UE4 Prerequisites (x64) -> C:\WINDOWS\Installer\{D7B591D8-1091-4A00-A0B3-5301C45E5D51}\Setup.ico [HKCR\Installer\Products\92C79717A083C2943BA55F4E7A5BB7CD] : vs_communitymsi [HKCR\Installer\Products\944B7D6AF4F89AF48BA0013154AA99A8] : VMware Workstation [HKCR\Installer\Products\96530F83636A3FC4DBED30C2C8523140] : Movie Maker [HKCR\Installer\Products\A1E9E1CDEB68B194D89F8A065409F284] : NBTExplorer -> C:\WINDOWS\Installer\{DC1E9E1A-86BE-491B-8DF9-A86045902F48}\I.MainIcon [HKCR\Installer\Products\A6C64DD86500CEF47BA082BB611A1FF1] : MSVCRT [HKCR\Installer\Products\A75F0AACC8AB8DA4AA303FB2E0F46532] : Photo Common [HKCR\Installer\Products\AB4847CCCCCD8D5478531316DF5A433D] : XSplit Broadcaster -> C:\WINDOWS\Installer\{CC7484BA-DCCC-45D8-8735-3161FDA534D3}\XSplit.Core.exe [HKCR\Installer\Products\B4EB76DD26E75124FA3A1F328A003A98] : Movie Maker [HKCR\Installer\Products\BFF2AFFB5901DDA43A256388602D14B2] : vs_devenvmsi [HKCR\Installer\Products\C14391870E75B2F47A64F8E39F79A192] : UpdateAssistant [HKCR\Installer\Products\D3AD87A34D8CD9245B63E6950A804815] : vs_minshellinteropmsi [HKCR\Installer\Products\D430EE3D29B555A4AA20E2D6A0A669EE] : Windows Resource Kit Tools - SubInAcl.exe [HKCR\Installer\Products\D549B7A12FCAF744FA559A53F1A207BA] : vs_communitymsires [HKCR\Installer\Products\D8D503B5090583047B1AB00E1B23AD2F] : MorphVOX Pro -> C:\WINDOWS\Installer\{5B305D8D-5090-4038-B7A1-0BE0B132DAF2}\Resources.exe [HKCR\Installer\Products\E0AD452A1A623C3459EBA7425D954937] : vs_filehandler_amd64 [HKCR\Installer\Products\E128CD23D7A48784EB8E33F71A357D2F] : Update for Windows 10 for x64-based Systems (KB4023057) [HKCR\Installer\Products\E19212F84440D1B49B9F34077AE343D6] : WinFlash -> C:\WINDOWS\Installer\{8F21291E-0444-4B1D-B9F9-4370A73E346D}\MyIcon [HKCR\Installer\Products\E1FF57090BF47E11C9209AFE2594CFFE] : MSVCRT Redists [HKCR\Installer\Products\E2F4C551183708B42B85DF60009C4CB6] : OpenOffice 4.1.5 -> C:\WINDOWS\Installer\{155C4F2E-7381-4B80-B258-FD0600C9C46B}\soffice.ico [HKCR\Installer\Products\E339C5BAD7C503D43B41C9384AB949EB] : ATK Package (ASUS Keyboard Hotkeys) -> C:\WINDOWS\Installer\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}\_6FEFF9B68218417F98F549.exe [HKCR\Installer\Products\E37A24F162FC76D4AB9757C25AB636F9] : vs_filehandler_x86 [HKCR\Installer\Products\E66BAA708174D2242981A4BFC329A217] : Photo Gallery [HKCR\Installer\Products\ECCC3252AF2D7F744BFD451C2222E2A6] : Intel(R) Extreme Tuning Utility -> C:\WINDOWS\Installer\{2523CCCE-D2FA-47F7-B4DF-54C122222E6A}\arp_icon.ico [HKCR\Installer\Products\EE26973C42EEF9E4A81415A4DC9771C7] : Tools for .Net 3.5 - FRA Lang Pack [HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater [HKCR\Installer\Products\F831E14AF3A5C3447BD259A79B49BFA5] : vs_FileTracker_Singleton [HKCR\Installer\Products\FBF9CD384AF923C45B4BD0B248DB7160] : PingPlotter 5 -> C:\WINDOWS\Installer\{83DC9FBF-9FA4-4C32-B5B4-0D2B84BD1706}\ext.exe [HKCR\Installer\Products\FE0E736E3BE64C44798BF6E94A446D94] : paint.net -> C:\WINDOWS\Installer\{E637E0EF-6EB3-44C4-97B8-6F9EA444D649}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\FE5C87DAFAAE7E21383A3B537AA9D31B] : GameInput Redistributable ---------- | UserSettings [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\0ce57e3e-484e-491e-bb2f-fc6a352555ef]~[Description] : @%SystemRoot%\system32\powrprof.dll,-18,Provides ultimate performance on higher end PCs. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\0ce57e3e-484e-491e-bb2f-fc6a352555ef]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-19,Ultimate Performance [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\381b4222-f694-41f0-9685-ff5bb260df2e]~[Description] : @%SystemRoot%\system32\powrprof.dll,-14,Automatically balances performance with energy consumption on capable hardware. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\381b4222-f694-41f0-9685-ff5bb260df2e]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-15,Balanced (recommended) [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\3af9B8d9-7c97-431d-ad78-34a8bfea439f]~[Description] : @%SystemRoot%\system32\powrprof.dll,-1400,Favor performance instead of energy savings. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\3af9B8d9-7c97-431d-ad78-34a8bfea439f]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-1401,High Performance Overlay [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c]~[Description] : @%SystemRoot%\system32\powrprof.dll,-12,Favors performance, but may use more energy. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-13,High Performance [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\961cc777-2547-4f9d-8174-7d86181b8a7a]~[Description] : @%SystemRoot%\system32\powrprof.dll,-1404,Favor energy savings over performance. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\961cc777-2547-4f9d-8174-7d86181b8a7a]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-1405,Better Battery-life Overlay [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\a1841308-3541-4fab-bc81-f71556f20b4a]~[Description] : @%SystemRoot%\system32\powrprof.dll,-10,Saves energy by reducing your computer performance where possible. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\a1841308-3541-4fab-bc81-f71556f20b4a]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-11,Power Saver [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\ded574b5-45a0-4f42-8737-46345c09c238]~[Description] : @%SystemRoot%\system32\powrprof.dll,-1402,Maximize bias towards performance instead of energy savings. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\ded574b5-45a0-4f42-8737-46345c09c238]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-1403,Max Performance Overlay [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\e9a42b02-d5df-448d-aa00-03f14749eb61]~[Description] : @%SystemRoot%\system32\powrprof.dll,-18,Provides ultimate performance on higher end PCs. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\e9a42b02-d5df-448d-aa00-03f14749eb61]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-19,Ultimate Performance [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\0ce57e3e-484e-491e-bb2f-fc6a352555ef]~[Description] : @%SystemRoot%\system32\powrprof.dll,-18,Provides ultimate performance on higher end PCs. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\0ce57e3e-484e-491e-bb2f-fc6a352555ef]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-19,Ultimate Performance [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\381b4222-f694-41f0-9685-ff5bb260df2e]~[Description] : @%SystemRoot%\system32\powrprof.dll,-14,Automatically balances performance with energy consumption on capable hardware. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\381b4222-f694-41f0-9685-ff5bb260df2e]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-15,Balanced (recommended) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\3af9B8d9-7c97-431d-ad78-34a8bfea439f]~[Description] : @%SystemRoot%\system32\powrprof.dll,-1400,Favor performance instead of energy savings. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\3af9B8d9-7c97-431d-ad78-34a8bfea439f]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-1401,High Performance Overlay [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c]~[Description] : @%SystemRoot%\system32\powrprof.dll,-12,Favors performance, but may use more energy. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-13,High Performance [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\961cc777-2547-4f9d-8174-7d86181b8a7a]~[Description] : @%SystemRoot%\system32\powrprof.dll,-1404,Favor energy savings over performance. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\961cc777-2547-4f9d-8174-7d86181b8a7a]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-1405,Better Battery-life Overlay [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\a1841308-3541-4fab-bc81-f71556f20b4a]~[Description] : @%SystemRoot%\system32\powrprof.dll,-10,Saves energy by reducing your computer performance where possible. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\a1841308-3541-4fab-bc81-f71556f20b4a]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-11,Power Saver [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\ded574b5-45a0-4f42-8737-46345c09c238]~[Description] : @%SystemRoot%\system32\powrprof.dll,-1402,Maximize bias towards performance instead of energy savings. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\ded574b5-45a0-4f42-8737-46345c09c238]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-1403,Max Performance Overlay [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\e9a42b02-d5df-448d-aa00-03f14749eb61]~[Description] : @%SystemRoot%\system32\powrprof.dll,-18,Provides ultimate performance on higher end PCs. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\e9a42b02-d5df-448d-aa00-03f14749eb61]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-19,Ultimate Performance ---------- | ADS ---------- | 20 LastEventLog Le marshaleur standard COM n'est pas parvenu à corriger la différence entre l'IID {618736E0-3C3D-11CF-810C-00AA00389B71} fourni par le serveur et l'IID {00020400-0000-0000-C000-000000000046} demandé par le client, avec le gestionnaire CLSID {00EB5084-39B8-750E-B919-F2748450EB00}. Le code d'erreur était 0x80010114. ------------ Nom de l’application défaillante Hood.exe, version : 0.0.0.0, horodatage : 0x609ad9b1 Nom du module défaillant : ntdll.dll, version : 10.0.19041.964, horodatage : 0xbd2c3c23 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000063416 ID du processus défaillant : 0x2f4 Heure de début de l’application défaillante : 0x01d74a62f4aeb206 Chemin d’accès de l’application défaillante : E:\Steam\steamapps\common\Hood\Hood\Binaries\Win64\Hood.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : eb973f8a-da2f-44eb-a000-e593c1f3b8e9 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Le programme explorer.exe version 10.0.19041.964 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance. ID de processus : 39bc Heure de début : 01d74a5ed838f85c Heure d'arrêt : 16 Chemin d'accès à l'application : C:\Windows\explorer.exe ID de rapport : 6358c722-050e-48f0-8fc0-576fe6dcaaf4 Nom complet du package défectueux : ID de l'application relative à un package défectueux : Type de blocage : Unknown ------------ Nom de l’application défaillante Hood.exe, version : 0.0.0.0, horodatage : 0x609ad9b1 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000029e061896b2 ID du processus défaillant : 0x22a0 Heure de début de l’application défaillante : 0x01d74a5fe1d6b065 Chemin d’accès de l’application défaillante : E:\Steam\steamapps\common\Hood\Hood\Binaries\Win64\Hood.exe Chemin d’accès du module défaillant: unknown ID de rapport : 7ebcd708-7ed5-419d-ac9d-d0fabff06c52 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Les notifications ne sont pas actives pour le volume E:\. Contexte : Application Windows Détails : Le journal de modification du volume n’est pas actif. (HRESULT : 0x8007049b) (0x8007049b) ------------ Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours. . ------------ Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours. ] ------------ Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours. . ------------ Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours. ] ------------ Windows ne peut pas accéder au fichier pour une des raisons suivantes : un problème s’est produit avec la connexion réseau, le disque sur lequel le fichier est enregistré, ou les pilotes de stockage installés sur cet ordinateur, ou le disque est manquant. Windows a fermé le programme Hood.exe en raison de cette erreur. Programme : Hood.exe Fichier : La valeur de l’erreur est affichée dans la section Données supplémentaires. Action utilisateur 1. Ouvrez à nouveau le fichier. Cette situation peut résulter d’un problème temporaire qui se corrigera de lui-même à la prochaine exécution du programme. 2. Si le fichier est toujours inaccessible et - Il se trouve sur le réseau : votre administrateur réseau devrait vérifier qu’il n’y a aucun problème avec le réseau et que le serveur peut être contacté. - Il se trouve sur un disque amovible, par exemple une disquette ou un CD-ROM : vérifiez que le disque est inséré correctement dans l’ordinateur. 3. Vérifiez et réparez le système de fichiers en exécutant CHKDSK. Pour exécuter CHKDSK, cliquez sur Démarrer, Exécuter, entrez CMD puis cliquez sur OK. À l’invite de commandes, entrez CHKDSK /F et appuyez sur Entrée. 4. Si le problème persiste, restaurez le fichier à partir d’une copie de sauvegarde. 5. Déterminez si d’autres fichiers du même disque peuvent être ouverts. Si ce n’est pas le cas, le disque est peut-être endommagé. S’il s’agit d’un disque dur, contactez votre administrateur ou le distributeur de votre ordinateur pour obtenir une assistance supplémentaire. Données supplémentaires Valeur de l’erreur : C000026E Type du disque : 0 ------------ Nom de l’application défaillante Hood.exe, version : 0.0.0.0, horodatage : 0x609ad9b1 Nom du module défaillant : ntdll.dll, version : 10.0.19041.964, horodatage : 0xbd2c3c23 Code d’exception : 0xc0000006 Décalage d’erreur : 0x0000000000030ee8 ID du processus défaillant : 0x1614 Heure de début de l’application défaillante : 0x01d74a4d99b0b85a Chemin d’accès de l’application défaillante : E:\Steam\steamapps\common\Hood\Hood\Binaries\Win64\Hood.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : 019c9202-0529-4143-bf38-122572cb7b64 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Windows ne peut pas accéder au fichier pour une des raisons suivantes : un problème s’est produit avec la connexion réseau, le disque sur lequel le fichier est enregistré, ou les pilotes de stockage installés sur cet ordinateur, ou le disque est manquant. Windows a fermé le programme Hood en raison de cette erreur. Programme : Hood Fichier : La valeur de l’erreur est affichée dans la section Données supplémentaires. Action utilisateur 1. Ouvrez à nouveau le fichier. Cette situation peut résulter d’un problème temporaire qui se corrigera de lui-même à la prochaine exécution du programme. 2. Si le fichier est toujours inaccessible et - Il se trouve sur le réseau : votre administrateur réseau devrait vérifier qu’il n’y a aucun problème avec le réseau et que le serveur peut être contacté. - Il se trouve sur un disque amovible, par exemple une disquette ou un CD-ROM : vérifiez que le disque est inséré correctement dans l’ordinateur. 3. Vérifiez et réparez le système de fichiers en exécutant CHKDSK. Pour exécuter CHKDSK, cliquez sur Démarrer, Exécuter, entrez CMD puis cliquez sur OK. À l’invite de commandes, entrez CHKDSK /F et appuyez sur Entrée. 4. Si le problème persiste, restaurez le fichier à partir d’une copie de sauvegarde. 5. Déterminez si d’autres fichiers du même disque peuvent être ouverts. Si ce n’est pas le cas, le disque est peut-être endommagé. S’il s’agit d’un disque dur, contactez votre administrateur ou le distributeur de votre ordinateur pour obtenir une assistance supplémentaire. Données supplémentaires Valeur de l’erreur : C000026E Type du disque : 0 ------------ Nom de l’application défaillante Hood.exe, version : 4.25.0.0, horodatage : 0x609ad9b1 Nom du module défaillant : ntdll.dll, version : 10.0.19041.964, horodatage : 0xbd2c3c23 Code d’exception : 0xc0000006 Décalage d’erreur : 0x0000000000030f64 ID du processus défaillant : 0x3408 Heure de début de l’application défaillante : 0x01d74a4b168640ba Chemin d’accès de l’application défaillante : E:\Steam\steamapps\common\Hood\Hood\Binaries\Win64\Hood.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : a4f8d9dd-5349-4f19-ac5e-1e0ae9b70ff9 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante ShadowOfWar.exe, version : 1.0.8874.0, horodatage : 0x5b7f5782 Nom du module défaillant : CELib_x64.dll, version : 6.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000000b48e ID du processus défaillant : 0x19b8 Heure de début de l’application défaillante : 0x01d74a36fc3330e9 Chemin d’accès de l’application défaillante : G:\Steam\steamapps\common\ShadowOfWar\x64\ShadowOfWar.exe Chemin d’accès du module défaillant: C:\Users\Antonio\AppData\Local\WeMod\app-7.0.19\resources\app.asar.unpacked\static\unpacked\trainerlib\CELib_x64.dll ID de rapport : 7507ae72-1b14-458e-9cf0-c07764a7147c Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante vegas140.exe, version : 14.0.0.161, horodatage : 0x57d865dd Nom du module défaillant : ntdll.dll, version : 10.0.19041.964, horodatage : 0xbd2c3c23 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000005124e ID du processus défaillant : 0x2378 Heure de début de l’application défaillante : 0x01d749897078c02b Chemin d’accès de l’application défaillante : E:\Games\vegas140.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : c2be177a-3606-45e7-9d2c-e05c61909cfc Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante vegas140.exe, version : 0.0.0.0, horodatage : 0x57d865dd Nom du module défaillant : ntdll.dll, version : 10.0.19041.964, horodatage : 0xbd2c3c23 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000005124e ID du processus défaillant : 0x32b4 Heure de début de l’application défaillante : 0x01d74989684edc0d Chemin d’accès de l’application défaillante : E:\Games\vegas140.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : 28a4ddea-a651-43e6-ad18-2c4f04225953 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante Unity.exe, version : 2019.4.12.24194, horodatage : 0x5f74079e Nom du module défaillant : ntdll.dll, version : 10.0.19041.964, horodatage : 0xbd2c3c23 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000005124e ID du processus défaillant : 0x30c8 Heure de début de l’application défaillante : 0x01d7498966fbe72d Chemin d’accès de l’application défaillante : E:\2019.4.12f1\Editor\Unity.exe Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll ID de rapport : c8353391-1a2c-4332-be5b-403de704411e Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours. . ------------ Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours. ] ------------ ----------( EOF)---------- - 6241 | 14:37:52