--------------- QuickDiag | g3n-h@ckm@n | V7.145.21.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 26/06/2021 14:37:43 Updated 25/05/2021 | 10:30 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [quent (Administrator)] - [DESKTOP-PJ213M8] (S-1-5-21-86999783-108695983-2164099147-1001) PC : Acer Predator PO3-600 x64-based PC System: Microsoft Windows 10 Famille - X64 - (10.0.19043) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> (21H1) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Famille|C:\Windows|\Device\Harddisk1\Partition3 Boot : Normal boot PC: Predator PO3-600 - Acer - IdNumber: DGE1BEF00Y00203ECC9600 - UUID: 387A691C-16C9-2020-0114-202934000000 Processor : Intel(R) Core(TM) i5-9400F CPU @ 2.90GHz (GenuineIntel) - Clock Speed : 2904 - Socket : U3E1 - Stauts : OK BIOS : American Megatrends Inc. R01-C1 - SN : DGE1BEF00Y00203ECC9600 - Status : OK - Version : ACRSYS - 1072009 - PrimaryBios : True - CurrentLanguage : en|US|iso8859-1 - OtherTargetOS : CoreTemp : 27.8 Celsius ----------| Quick ---------- | SoundDevice NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0094&SUBSYS_174BA548&REV_1001\5&7678653&0&0001 Realtek Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0662&SUBSYS_10251289&REV_1003\4&6DB8546&0&0001 Périphérique audio USB - Status: OK - Manufacturer: (USB Audio générique) - PNPDeviceID: USB\VID_0D8C&PID_0134&MI_00\6&9C0A6B8&0&0000 NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: ROOT\UNNAMED_DEVICE\0000 DroidCam Virtual Audio - Status: OK - Manufacturer: Dev47Apps.com - PNPDeviceID: ROOT\MEDIA\0001 ---------- | Video NVIDIA GeForce GTX 1650 - Resolution: 1920x1080 - Colors: 4294967296 - RefreshRate: 50 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: C:\Windows\System32\DriverStore\FileRepository\nvaei.inf_amd64_527ff2c3aff50f25\nvldumdx.dll,C:\Windows\System32\DriverStore\FileRepository\nvaei.inf_amd64_527ff2c3aff50f25\nvldumdx.dll,C:\Windows\System32\DriverStore\FileRepository\nvaei.inf_amd64_527ff2c3aff50f25\nvldumdx.dll,C:\Windows\System32\DriverStore\FileRepository\nvaei.inf_amd64_527ff2c3aff50f25\nvldumdx.dll - PNPDeviceID: PCI\VEN_10DE&DEV_1F82&SUBSYS_A548174B&REV_A1\4&A61F99C&0&0008 - AdapterCompatibility: NVIDIA - RAM: -1048576 Inegrated Video Chipset DeviceName: NVIDIA GeForce GTX 1650 - DriverVersion: 30.0.14.7111 - SpecificationVersion: 1025 ---------- | Codecs C:\Windows\system32\MSG711.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25824 - Manufacturer: Microsoft Corporation - Status: OK C:\Windows\system32\IMAADP32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 37440 - Manufacturer: Microsoft Corporation - Status: OK C:\Windows\system32\IYUV_32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 - Manufacturer: Microsoft Corporation - Status: OK C:\Windows\system32\L3CODECA.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 93184 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK C:\Windows\system32\TSBYUV.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK C:\Windows\system32\MSADP32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34600 - Manufacturer: Microsoft Corporation - Status: OK C:\Windows\system32\MSRLE32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 18432 - Manufacturer: Microsoft Corporation - Status: OK C:\Windows\system32\MSGSM32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42904 - Manufacturer: Microsoft Corporation - Status: OK C:\Windows\system32\MSVIDC32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 39936 - Manufacturer: Microsoft Corporation - Status: OK C:\Windows\system32\MSYUV.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 27648 - Manufacturer: Microsoft Corporation - Status: OK ---------- | Memory Pagefile = Total (MB) : 19315 | Free (MB) : 11872 Virtual = Total (MB) : 4194 | Free (MB) : 3913 Physical Memory (MB) -------------------- Total: 8109 Available: 3187 Cached: 3066 Free: 762 System ------ Handles: 85914 Processes: 207 Threads: 2789 ---------- | SID Users Administrateur : [S-1-5-21-86999783-108695983-2164099147-500] DefaultAccount : [S-1-5-21-86999783-108695983-2164099147-503] Invité : [S-1-5-21-86999783-108695983-2164099147-501] quent : [S-1-5-21-86999783-108695983-2164099147-1001] WDAGUtilityAccount : [S-1-5-21-86999783-108695983-2164099147-504] Administrateurs : [S-1-5-32-544] Administrateurs Hyper-V : [S-1-5-32-578] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] Propriétaires d'appareils : [S-1-5-32-583] System Managed Accounts Group : [S-1-5-32-581] Utilisateurs : [S-1-5-32-545] Utilisateurs de gestion à distance : [S-1-5-32-580] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] ---------- | Drives C:\ -> [Fixed] | [Acer] | Total : 237.35 Go | Free : 34.19 Go -> NTFS (SSD) [RAID] D:\ -> [Fixed] | [Data] | Total : 931.51 Go | Free : 368.93 Go -> NTFS [RAID] Drive: 0 Cylinders: 121601 Tracks per Cylinder: 255 Sectors per Track: 63 Bytes per Sector: 512 Total Space: 1000204886016 bytes Drive: 1 Cylinders: 31130 Tracks per Cylinder: 255 Sectors per Track: 63 Bytes per Sector: 512 Total Space: 256060514304 bytes ---------- | Windows updates - Activation - License W.A.T : :) Test 1 : Windows Is Activated Volume License ---------- | Browsers IE : 11.0.19041.1 (© Microsoft Corporation. Tous droits réservés.) Default : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" ---------- | FlashPlayer ---------- | Security AV : Windows Defender Enabled AS : FW : Bitdefender Pare-feu Enabled WMI : OK WU: Windows Update Service [Manual(3)] = Running AS: Windows Defender [Auto(2)] = Running WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 608 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.19041.964) = C:\Windows\System32\smss.exe [15/05/2021 16:48:15] CPU Usage:0 % 696 | [Owner : Système | Parent : 684() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.19041.546) = C:\Windows\System32\csrss.exe [23/12/2020 03:04:37] CPU Usage:0 % 792 | [Owner : Système | Parent : 684() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.19041.662) = C:\Windows\System32\wininit.exe [23/12/2020 03:04:36] CPU Usage:0 % 800 | [Owner : Système | Parent : 784(svchost.exe) | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.19041.546) = C:\Windows\System32\csrss.exe [23/12/2020 03:04:37] CPU Usage:3 % 864 | [Owner : Système | Parent : 792(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.19041.928) = C:\Windows\System32\services.exe [15/04/2021 20:52:39] CPU Usage:0 % 884 | [Owner : Système | Parent : 792(wininit.exe) | 22.82 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.19041.906) = C:\Windows\System32\lsass.exe [15/04/2021 20:52:39] CPU Usage:0 % 1012 | [Owner : Système | Parent : 864(services.exe) | 27.76 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 632 | [Owner : UMFD-0 | Parent : 792(wininit.exe) | 4.12 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.19041.1081) = C:\Windows\System32\fontdrvhost.exe [26/06/2021 02:53:37] CPU Usage:0 % 960 | [Owner : SERVICE RÉSEAU | Parent : 864(services.exe) | 15.84 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 1036 | [Owner : Système | Parent : 864(services.exe) | 8.4 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 1080 | [Owner : Système | Parent : 784(svchost.exe) | 11.9 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.19041.906) = C:\Windows\System32\winlogon.exe [15/04/2021 20:52:40] CPU Usage:0 % 1136 | [Owner : UMFD-1 | Parent : 1080(winlogon.exe) | 5.74 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.19041.1081) = C:\Windows\System32\fontdrvhost.exe [26/06/2021 02:53:37] CPU Usage:0 % 1212 | [Owner : DWM-1 | Parent : 1080(winlogon.exe) | 63.84 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (10.0.19041.746) = C:\Windows\System32\dwm.exe [15/01/2021 14:18:31] CPU Usage:0 % 1264 | [Owner : Système | Parent : 864(services.exe) | 7.82 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 1360 | [Owner : Système | Parent : 864(services.exe) | 16.13 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 1384 | [Owner : Système | Parent : 864(services.exe) | 10.74 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 1392 | [Owner : Système | Parent : 864(services.exe) | 13.75 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 1432 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | 8.44 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 1440 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | 23.78 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 1576 | [Owner : Système | Parent : 864(services.exe) | 10.13 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 1592 | [Owner : Système | Parent : 864(services.exe) | 6.64 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 1672 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | 9.24 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 1788 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | 6.15 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 1808 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | 7.83 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 1896 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | 11.96 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 1972 | [Owner : SERVICE RÉSEAU | Parent : 864(services.exe) | 12.88 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 1988 | [Owner : Système | Parent : 864(services.exe) | 18.44 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.33.2988.2648) = C:\Windows\System32\DriverStore\FileRepository\nvaei.inf_amd64_527ff2c3aff50f25\Display.NvContainer\NVDisplay.Container.exe [23/06/2021 14:58:18] CPU Usage:0 % 1724 | [Owner : Système | Parent : 864(services.exe) | 5.94 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 1848 | [Owner : Système | Parent : 864(services.exe) | 13.39 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 784 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | 7.86 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 2056 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | 9.72 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 2164 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | 7.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 2224 | [Owner : Système | Parent : 864(services.exe) | 8.43 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 2304 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | 7.93 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 2316 | [Owner : Système | Parent : 864(services.exe) | 8.47 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 2524 | [Owner : Système | Parent : 1988(NVDisplay.Container.exe) | 64.31 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.33.2988.2648) = C:\Windows\System32\DriverStore\FileRepository\nvaei.inf_amd64_527ff2c3aff50f25\Display.NvContainer\NVDisplay.Container.exe [23/06/2021 14:58:18] CPU Usage:0 % 2696 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | 14.58 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 2796 | [Owner : Système | Parent : 864(services.exe) | 29.69 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 2808 | [Owner : SERVICE RÉSEAU | Parent : 864(services.exe) | 9 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 2816 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | 10.4 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 2828 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | 6.97 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 2980 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | 7.68 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 2260 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | 8.89 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 2420 | [Owner : Système | Parent : 864(services.exe) | 19.2 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 3076 | [Owner : Système | Parent : 864(services.exe) | 14.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 3148 | [Owner : Système | Parent : 864(services.exe) | 18.72 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.19041.1052) = C:\Windows\System32\spoolsv.exe [11/06/2021 18:01:46] CPU Usage:0 % 3184 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | 21.08 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 3224 | [Owner : SERVICE RÉSEAU | Parent : 864(services.exe) | 8.46 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 3380 | [Owner : Système | Parent : 2420(svchost.exe) | 14.44 Mo] - (.Microsoft Corporation - Infrastructure d’extensibilité pour les services réseau Windows sans fil 802.11.) - (10.0.19041.1) = C:\Windows\System32\wlanext.exe [07/12/2019 11:08:13] CPU Usage:0 % 3388 | [Owner : Système | Parent : 3380(wlanext.exe) | 9.9 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.19041.964) = C:\Windows\System32\conhost.exe [15/05/2021 16:48:13] CPU Usage:0 % 3608 | [Owner : Système | Parent : 864(services.exe) | 7.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 3616 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | 17.17 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 3624 | [Owner : Système | Parent : 864(services.exe) | 6.22 Mo] - (.Acer Incorporated - ACCSvc.) - (4.0.3006.0) = C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [22/04/2019 10:44:46] CPU Usage:0 % 3632 | [Owner : Système | Parent : 864(services.exe) | 14.77 Mo] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - (20.80.1.0) = C:\Program Files\Intel\WiFi\bin\EvtEng.exe [18/08/2018 09:46:46] CPU Usage:0 % 3648 | [Owner : Système | Parent : 864(services.exe) | 25.34 Mo] - (.Scarlet.Crush Productions - ScpService.) - (1.2.2.175) = C:\Users\quent\Desktop\scp\ScpServer\bin\ScpService.exe [21/05/2021 08:06:53] CPU Usage:0 % 3656 | [Owner : Système | Parent : 864(services.exe) | 41.43 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 3664 | [Owner : SERVICE RÉSEAU | Parent : 864(services.exe) | 14.38 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 3676 | [Owner : Système | Parent : 864(services.exe) | 4.93 Mo] - (.Intel Corporation - Intel(R) Wireless Bluetooth(R) iBtSiva Service.) - (20.70.0.4) = C:\Windows\System32\ibtsiva.exe [06/07/2018 01:40:18] CPU Usage:0 % 3696 | [Owner : Système | Parent : 864(services.exe) | 8.22 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 3728 | [Owner : Système | Parent : 864(services.exe) | 28.88 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 3780 | [Owner : Système | Parent : 864(services.exe) | 9.34 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 3880 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | 6.91 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 3888 | [Owner : Système | Parent : 864(services.exe) | 39.12 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.33.2988.2648) = C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [15/01/2020 02:49:50] CPU Usage:0 % 3904 | [Owner : Système | Parent : 864(services.exe) | 11.25 Mo] - (.Razer Inc. - Razer Chroma SDK Service.) - (2.10.12.94) = C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [13/04/2021 08:36:54] CPU Usage:0 % 3912 | [Owner : Système | Parent : 864(services.exe) | 11.12 Mo] - (.Razer Inc. - Razer Chroma SDK REST Server.) - (1.8.0.104) = C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [28/04/2021 04:18:02] CPU Usage:0 % 3924 | [Owner : Système | Parent : 864(services.exe) | 35.16 Mo] - (.Razer Inc - GameManagerService.) - (2.0.159.80) = C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [22/03/2021 05:21:20] CPU Usage:0 % 3936 | [Owner : Système | Parent : 864(services.exe) | 159.06 Mo] - (.Razer Inc. - Razer Central Service.) - (7.3.32.173) = C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [29/01/2021 10:46:48] CPU Usage:0 % 3948 | [Owner : Système | Parent : 864(services.exe) | 9.78 Mo] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - (20.80.1.0) = C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [18/08/2018 09:46:42] CPU Usage:0 % 3992 | [Owner : Système | Parent : 864(services.exe) | 9.28 Mo] - (.Realtek Semiconductor - Realtek HD Audio Universal Service.) - (1.0.0.173) = C:\Windows\System32\RtkAudUService64.exe [15/01/2020 03:11:58] CPU Usage:0 % 4016 | [Owner : Système | Parent : 864(services.exe) | 5.78 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 4060 | [Owner : Système | Parent : 864(services.exe) | 6.36 Mo] - (.Intel Corporation - Intel(R) Rapid Storage Technology Management Service.) - (17.2.6.1027) = C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_210a1fe35426e7b5\RstMwService.exe [18/04/2019 04:24:02] CPU Usage:0 % 4068 | [Owner : Système | Parent : 864(services.exe) | 5.9 Mo] - (.Creative Technology Ltd -.) - (2.0.2.5) = C:\Windows\SysWOW64\Creative.UWPRPCService.exe [06/05/2019 02:08:02] CPU Usage:0 % 4088 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | 12.35 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 3404 | [Owner : Système | Parent : 864(services.exe) | ?????] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.18.2105.5) = C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe [12/06/2021 10:42:50] CPU Usage:0 % 3448 | [Owner : Système | Parent : 864(services.exe) | 21.35 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 4128 | [Owner : Système | Parent : 864(services.exe) | 48.91 Mo] - (.Intel(R) Corporation - XtuService.) - (6.5.1.371) = C:\Windows\SysWOW64\XtuService.exe [17/01/2019 16:06:04] CPU Usage:0 % 4156 | [Owner : Système | Parent : 864(services.exe) | 23.75 Mo] - (.Intel® Corporation - Intel® PROSet/Wireless Zero Configure Service.) - (20.80.1.0) = C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [18/08/2018 09:46:58] CPU Usage:0 % 4300 | [Owner : Système | Parent : 864(services.exe) | 11 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 4372 | [Owner : Système | Parent : 864(services.exe) | 5.86 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 4424 | [Owner : SERVICE LOCAL | Parent : 3608(svchost.exe) | 18.46 Mo] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.19041.1) = C:\Windows\System32\dasHost.exe [07/12/2019 11:08:37] CPU Usage:0 % 4696 | [Owner : Système | Parent : 864(services.exe) | 6.36 Mo] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (1.38.2020.805) = C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe [16/08/2020 06:51:30] CPU Usage:0 % 4704 | [Owner : Système | Parent : 864(services.exe) | 12.9 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 4732 | [Owner : Système | Parent : 864(services.exe) | 8.18 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 4860 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | 5.58 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 5200 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | 10.35 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 5500 | [Owner : Système | Parent : 1012(svchost.exe) | 7.95 Mo] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (10.0.19041.1081) = C:\Windows\System32\wbem\unsecapp.exe [26/06/2021 02:53:26] CPU Usage:0 % 5548 | [Owner : Système | Parent : 3888(nvcontainer.exe) | 7.36 Mo] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (10.0.19041.746) = C:\Windows\System32\rundll32.exe [15/01/2021 14:18:38] CPU Usage:0 % 5560 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | 9.69 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 5616 | [Owner : Système | Parent : 1012(svchost.exe) | 14.92 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.19041.546) = C:\Windows\System32\wbem\WmiPrvSE.exe [23/12/2020 03:04:32] CPU Usage:0 % 5620 | [Owner : SERVICE RÉSEAU | Parent : 1012(svchost.exe) | 21.74 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.19041.546) = C:\Windows\System32\wbem\WmiPrvSE.exe [23/12/2020 03:04:32] CPU Usage:0 % 6332 | [Owner : Système | Parent : 864(services.exe) | 112.32 Mo] - (.Razer Inc. - Razer Synapse Service.) - (1.0.0.0) = C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [12/05/2021 09:35:30] CPU Usage:0 % 6892 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | 5.42 Mo] - (.Microsoft Corporation - GamingServices.) - (10.0.19041.7259) = C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17003.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe [19/05/2021 16:48:45] CPU Usage:0 % 6900 | [Owner : Système | Parent : 864(services.exe) | 25.43 Mo] - (.Microsoft Corporation - GamingServices.) - (10.0.19041.7259) = C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17003.0_x64__8wekyb3d8bbwe\GamingServices.exe [19/05/2021 16:48:45] CPU Usage:0 % 6912 | [Owner : SERVICE RÉSEAU | Parent : 3608(svchost.exe) | 4.63 Mo] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.19041.1) = C:\Windows\System32\dasHost.exe [07/12/2019 11:08:37] CPU Usage:0 % 6944 | [Owner : Système | Parent : 864(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 2596 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | ?????] - (.Microsoft Corporation - Microsoft Network Realtime Inspection Service.) - (4.18.2105.5) = C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe [12/06/2021 10:42:50] CPU Usage:0 % 7204 | [Owner : Système | Parent : 864(services.exe) | 4.55 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 7456 | [Owner : Système | Parent : 864(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 7704 | [Owner : Système | Parent : 864(services.exe) | 9.4 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 7904 | [Owner : Système | Parent : 864(services.exe) | 11.32 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 7376 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | 5.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 1912 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | 8.63 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 1916 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | 7.42 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 7292 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | 10.15 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 8324 | [Owner : quent | Parent : 1576(svchost.exe) | 29.29 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.19041.746) = C:\Windows\System32\sihost.exe [15/01/2021 14:18:21] CPU Usage:0 % 8336 | [Owner : quent | Parent : 3888(nvcontainer.exe) | 85.56 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.33.2988.2648) = C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [15/01/2020 02:49:50] CPU Usage:0 % 8376 | [Owner : quent | Parent : 864(services.exe) | 27.63 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 8388 | [Owner : Système | Parent : 864(services.exe) | 9.99 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 8412 | [Owner : quent | Parent : 3888(nvcontainer.exe) | 48.38 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.33.2988.2648) = C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [15/01/2020 02:49:50] CPU Usage:0 % 8468 | [Owner : quent | Parent : 864(services.exe) | 31.95 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 8572 | [Owner : Système | Parent : 1360(svchost.exe) | 1.63 Mo] - (.BraveSoftware Inc. - BraveSoftware Update.) - (1.3.101.0) = C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [07/06/2021 16:53:23] CPU Usage:0 % 8580 | [Owner : quent | Parent : 1360(svchost.exe) | 16.9 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.19041.906) = C:\Windows\System32\taskhostw.exe [15/04/2021 20:52:41] CPU Usage:0 % 8628 | [Owner : Système | Parent : 864(services.exe) | 29.14 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 8768 | [Owner : Système | Parent : 864(services.exe) | 8.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 8776 | [Owner : Système | Parent : 864(services.exe) | 21.73 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 8880 | [Owner : quent | Parent : 8768(svchost.exe) | 20.61 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.19041.1) = C:\Windows\System32\ctfmon.exe [07/12/2019 11:09:00] CPU Usage:0 % 9072 | [Owner : Système | Parent : 864(services.exe) | 69.48 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 9196 | [Owner : quent | Parent : 9144() | 175.56 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.19041.1081) = C:\Windows\explorer.exe [26/06/2021 02:53:26] CPU Usage:0 % 8228 | [Owner : Système | Parent : 864(services.exe) | 12.2 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 8332 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | 17.08 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 8824 | [Owner : Système | Parent : 864(services.exe) | 18.16 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 9288 | [Owner : quent | Parent : 864(services.exe) | 18.49 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 10056 | [Owner : quent | Parent : 1012(svchost.exe) | 9.28 Mo] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.19041.746) = C:\Windows\System32\SettingSyncHost.exe [15/01/2021 14:18:38] CPU Usage:0 % 10184 | [Owner : quent | Parent : 6332(Razer Synapse Service.exe) | 52.12 Mo] - (.- Razer Synapse Service Process.) - (1.0.0.0) = C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe [12/05/2021 09:35:42] CPU Usage:0 % 9620 | [Owner : Système | Parent : 8548() | 1.11 Mo] - (.Google LLC - Google Crash Handler.) - (1.3.36.81) = C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe [21/04/2021 16:24:39] CPU Usage:0 % 9948 | [Owner : Système | Parent : 8548() | 0.88 Mo] - (.Google LLC - Google Crash Handler.) - (1.3.36.81) = C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe [21/04/2021 16:24:39] CPU Usage:0 % 8940 | [Owner : quent | Parent : 1012(svchost.exe) | 81.44 Mo] - (.-.) - (0.0.0.0) = C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe [23/12/2020 03:04:31] CPU Usage:0 % 10312 | [Owner : quent | Parent : 3888(nvcontainer.exe) | 14.08 Mo] - (.NVIDIA Corporation - NVIDIA ShadowPlay Helper.) - (3.23.0.74) = C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe [15/01/2020 02:50:08] CPU Usage:0 % 10340 | [Owner : quent | Parent : 8336(nvcontainer.exe) | 60.93 Mo] - (.NVIDIA Corporation - NVIDIA Share.) - (73.3683.1933.5) = C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [15/01/2020 02:50:07] CPU Usage:0 % 10484 | [Owner : quent | Parent : 1012(svchost.exe) | 23.91 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe [15/01/2021 14:18:18] CPU Usage:0 % 10784 | [Owner : quent | Parent : 1012(svchost.exe) | 95.58 Mo] - (.Microsoft Corporation - Search application.) - (10.0.19041.1081) = C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe [26/06/2021 02:53:52] CPU Usage:0 % 11088 | [Owner : quent | Parent : 10340(NVIDIA Share.exe) | 38.04 Mo] - (.NVIDIA Corporation - NVIDIA Share.) - (73.3683.1933.5) = C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [15/01/2020 02:50:07] CPU Usage:0 % 11128 | [Owner : Système | Parent : 864(services.exe) | 26.22 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.19041.1023) = C:\Windows\System32\SearchIndexer.exe [26/05/2021 21:34:50] CPU Usage:0 % 11260 | [Owner : quent | Parent : 1012(svchost.exe) | 38.62 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe [15/01/2021 14:18:18] CPU Usage:0 % 10544 | [Owner : quent | Parent : 10440() | 58.46 Mo] - (.Node.js - NVIDIA Web Helper Service.) - (11.13.0.0) = C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe [15/01/2020 02:50:06] CPU Usage:0 % 10572 | [Owner : quent | Parent : 10544(NVIDIA Web Helper.exe) | 10.45 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.19041.964) = C:\Windows\System32\conhost.exe [15/05/2021 16:48:13] CPU Usage:0 % 1428 | [Owner : quent | Parent : 1012(svchost.exe) | 16.25 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe [15/01/2021 14:18:18] CPU Usage:0 % 11184 | [Owner : quent | Parent : 10340(NVIDIA Share.exe) | 75.05 Mo] - (.NVIDIA Corporation - NVIDIA Share.) - (73.3683.1933.5) = C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [15/01/2020 02:50:07] CPU Usage:0 % 5544 | [Owner : SERVICE LOCAL | Parent : 2696(svchost.exe) | 18.65 Mo] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (10.0.19041.1081) = C:\Windows\System32\audiodg.exe [26/06/2021 02:53:26] CPU Usage:0 % 12336 | [Owner : quent | Parent : 1012(svchost.exe) | 36.49 Mo] - (.Microsoft Corporation - Windows Defender SmartScreen.) - (10.0.19041.1052) = C:\Windows\System32\smartscreen.exe [11/06/2021 18:01:46] CPU Usage:0 % 12412 | [Owner : Système | Parent : 864(services.exe) | 11.14 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 12544 | [Owner : quent | Parent : 12392() | 77.21 Mo] - (.Discord Inc. - Discord.) - (1.0.9002.0) = C:\Users\quent\AppData\Local\Discord\app-1.0.9002\Discord.exe [25/05/2021 21:35:31] CPU Usage:0 % 12636 | [Owner : quent | Parent : 12544(Discord.exe) | 23.1 Mo] - (.Discord Inc. - Discord.) - (1.0.9002.0) = C:\Users\quent\AppData\Local\Discord\app-1.0.9002\Discord.exe [25/05/2021 21:35:31] CPU Usage:0 % 12732 | [Owner : quent | Parent : 12544(Discord.exe) | 63.15 Mo] - (.Discord Inc. - Discord.) - (1.0.9002.0) = C:\Users\quent\AppData\Local\Discord\app-1.0.9002\Discord.exe [25/05/2021 21:35:31] CPU Usage:0 % 12788 | [Owner : quent | Parent : 12544(Discord.exe) | 38.44 Mo] - (.Discord Inc. - Discord.) - (1.0.9002.0) = C:\Users\quent\AppData\Local\Discord\app-1.0.9002\Discord.exe [25/05/2021 21:35:31] CPU Usage:0 % 13132 | [Owner : quent | Parent : 12544(Discord.exe) | 364.38 Mo] - (.Discord Inc. - Discord.) - (1.0.9002.0) = C:\Users\quent\AppData\Local\Discord\app-1.0.9002\Discord.exe [25/05/2021 21:35:31] CPU Usage:0 % 13256 | [Owner : quent | Parent : 1012(svchost.exe) | 53.76 Mo] - (.Microsoft Corporation -.) - (2001.22012.0.3530) = C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe [26/06/2021 02:53:52] CPU Usage:0 % 12992 | [Owner : quent | Parent : 9196(explorer.exe) | 15.97 Mo] - (.- Flashpaste MFC Application.) - (6.5.0.0) = C:\Program Files (x86)\Flashpaste\Flashpaste.exe [16/11/2019 09:13:30] CPU Usage:0 % 10848 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | 14.2 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 13316 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | 11.52 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 13368 | [Owner : quent | Parent : 864(services.exe) | 22.8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 13536 | [Owner : quent | Parent : 12544(Discord.exe) | 55.97 Mo] - (.Discord Inc. - Discord.) - (1.0.9002.0) = C:\Users\quent\AppData\Local\Discord\app-1.0.9002\Discord.exe [25/05/2021 21:35:31] CPU Usage:0 % 812 | [Owner : Système | Parent : 864(services.exe) | 10 Mo] - (.Acer Incorporated - QASvc.) - (3.0.3017.0) = C:\Program Files\Acer\Quick Access Service\QASvc.exe [10/09/2020 14:58:18] CPU Usage:0 % 14248 | [Owner : Système | Parent : 864(services.exe) | 16.84 Mo] - (.Acer Incorporated - PSSvc.) - (3.0.3010.0) = C:\Program Files\Acer\PredatorSense Service\PSSvc.exe [10/06/2019 11:40:54] CPU Usage:0 % 5756 | [Owner : quent | Parent : 812(QASvc.exe) | 8.73 Mo] - (.Acer Incorporated - QAAgent.) - (3.0.3017.0) = C:\Program Files\Acer\Quick Access Service\QAAgent.exe [10/09/2020 14:58:18] CPU Usage:0 % 4976 | [Owner : Système | Parent : 812(QASvc.exe) | 11.39 Mo] - (.Acer Incorporated - QAAdminAgent.) - (3.0.3017.0) = C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe [10/09/2020 14:58:18] CPU Usage:0 % 13520 | [Owner : Système | Parent : 1012(svchost.exe) | 7.45 Mo] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (10.0.19041.1081) = C:\Windows\System32\wbem\unsecapp.exe [26/06/2021 02:53:26] CPU Usage:0 % 13812 | [Owner : Système | Parent : 14248(PSSvc.exe) | 10.45 Mo] - (.Acer Incorporated - PSAdminAgent.) - (3.0.3010.0) = C:\Program Files\Acer\PredatorSense Service\PSAdminAgent.exe [10/06/2019 11:40:50] CPU Usage:0 % 4260 | [Owner : Système | Parent : 864(services.exe) | 11.91 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 15100 | [Owner : SERVICE RÉSEAU | Parent : 864(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 13612 | [Owner : quent | Parent : 13000() | 43.29 Mo] - (.Intel Corporation - IAStorIcon.) - (17.2.6.1027) = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [25/03/2019 18:12:56] CPU Usage:0 % 6940 | [Owner : Système | Parent : 864(services.exe) | 22.62 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 13672 | [Owner : Système | Parent : 864(services.exe) | 74.68 Mo] - (.Intel Corporation - IAStorDataSvc.) - (17.2.6.1027) = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [25/03/2019 18:12:56] CPU Usage:0 % 14364 | [Owner : Système | Parent : 864(services.exe) | ?????] - (.Microsoft Corporation - Service Broker du moniteur d'exécution System Guard.) - (10.0.19041.546) = C:\Windows\System32\SgrmBroker.exe [23/12/2020 03:04:56] CPU Usage:0 % 14948 | [Owner : SERVICE LOCAL | Parent : 864(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 12348 | [Owner : quent | Parent : 864(services.exe) | 12.4 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 3692 | [Owner : quent | Parent : 1012(svchost.exe) | 12.42 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.19041.546) = C:\Windows\System32\dllhost.exe [23/12/2020 03:04:36] CPU Usage:0 % 14852 | [Owner : quent | Parent : 13552() | 182.24 Mo] - (.Epic Games, Inc. - EpicGamesLauncher.) - (12.2.9.0) = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [23/12/2020 22:50:53] CPU Usage:0 % 15080 | [Owner : Système | Parent : 864(services.exe) | ?????] - (.Microsoft Corporation - Windows Security Health Service.) - (4.18.1907.16384) = C:\Windows\System32\SecurityHealthService.exe [15/05/2021 16:48:14] CPU Usage:0 % 9856 | [Owner : quent | Parent : 14852(EpicGamesLauncher.exe) | 85.84 Mo] - (.Epic Games, Inc. - EpicWebHelper.) - (4.23.0.0) = C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe [23/12/2020 22:50:53] CPU Usage:0 % 15060 | [Owner : quent | Parent : 14852(EpicGamesLauncher.exe) | 38.01 Mo] - (.Epic Games, Inc. - EpicWebHelper.) - (4.23.0.0) = C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe [23/12/2020 22:50:53] CPU Usage:0 % 14856 | [Owner : quent | Parent : 14852(EpicGamesLauncher.exe) | 33.6 Mo] - (.Epic Games, Inc. - EpicWebHelper.) - (4.23.0.0) = C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe [23/12/2020 22:50:53] CPU Usage:0 % 7052 | [Owner : quent | Parent : 14852(EpicGamesLauncher.exe) | 157.58 Mo] - (.Epic Games, Inc. - EpicWebHelper.) - (4.23.0.0) = C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe [23/12/2020 22:50:53] CPU Usage:0 % 6300 | [Owner : quent | Parent : 9196(explorer.exe) | 170.86 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.114) = C:\Program Files\Google\Chrome\Application\chrome.exe [23/12/2020 10:46:49] CPU Usage:0 % 8024 | [Owner : quent | Parent : 6300(chrome.exe) | 7.46 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.114) = C:\Program Files\Google\Chrome\Application\chrome.exe [23/12/2020 10:46:49] CPU Usage:0 % 12816 | [Owner : quent | Parent : 6300(chrome.exe) | 115.74 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.114) = C:\Program Files\Google\Chrome\Application\chrome.exe [23/12/2020 10:46:49] CPU Usage:0 % 4036 | [Owner : quent | Parent : 6300(chrome.exe) | 39.83 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.114) = C:\Program Files\Google\Chrome\Application\chrome.exe [23/12/2020 10:46:49] CPU Usage:0 % 11788 | [Owner : quent | Parent : 6300(chrome.exe) | 16.67 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.114) = C:\Program Files\Google\Chrome\Application\chrome.exe [23/12/2020 10:46:49] CPU Usage:0 % 7676 | [Owner : quent | Parent : 6300(chrome.exe) | 52.37 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.114) = C:\Program Files\Google\Chrome\Application\chrome.exe [23/12/2020 10:46:49] CPU Usage:0 % 1772 | [Owner : quent | Parent : 6300(chrome.exe) | 39.04 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.114) = C:\Program Files\Google\Chrome\Application\chrome.exe [23/12/2020 10:46:49] CPU Usage:0 % 10608 | [Owner : quent | Parent : 6300(chrome.exe) | 65.94 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.114) = C:\Program Files\Google\Chrome\Application\chrome.exe [23/12/2020 10:46:49] CPU Usage:0 % 6620 | [Owner : quent | Parent : 6300(chrome.exe) | 203.72 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.114) = C:\Program Files\Google\Chrome\Application\chrome.exe [23/12/2020 10:46:49] CPU Usage:0 % 14084 | [Owner : quent | Parent : 6300(chrome.exe) | 16.93 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.114) = C:\Program Files\Google\Chrome\Application\chrome.exe [23/12/2020 10:46:49] CPU Usage:0 % 12612 | [Owner : quent | Parent : 6300(chrome.exe) | 54.64 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.114) = C:\Program Files\Google\Chrome\Application\chrome.exe [23/12/2020 10:46:49] CPU Usage:0 % 14264 | [Owner : quent | Parent : 6300(chrome.exe) | 52.13 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.114) = C:\Program Files\Google\Chrome\Application\chrome.exe [23/12/2020 10:46:49] CPU Usage:0 % 11144 | [Owner : Système | Parent : 1360(svchost.exe) | 1.95 Mo] - (.Microsoft Corporation - Microsoft Edge Update.) - (1.3.135.29) = C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [23/12/2020 06:19:36] CPU Usage:0 % 6396 | [Owner : quent | Parent : 1360(svchost.exe) | 63.32 Mo] - (.- ACCStd.) - (4.0.3006.0) = C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [22/04/2019 10:44:46] CPU Usage:0 % 13832 | [Owner : quent | Parent : 6300(chrome.exe) | 85.34 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.114) = C:\Program Files\Google\Chrome\Application\chrome.exe [23/12/2020 10:46:49] CPU Usage:0 % 11424 | [Owner : quent | Parent : 6300(chrome.exe) | 102.47 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.114) = C:\Program Files\Google\Chrome\Application\chrome.exe [23/12/2020 10:46:49] CPU Usage:0 % 2932 | [Owner : quent | Parent : 6300(chrome.exe) | 49.56 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.114) = C:\Program Files\Google\Chrome\Application\chrome.exe [23/12/2020 10:46:49] CPU Usage:0 % 13852 | [Owner : quent | Parent : 6300(chrome.exe) | 96.63 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.114) = C:\Program Files\Google\Chrome\Application\chrome.exe [23/12/2020 10:46:49] CPU Usage:0 % 1328 | [Owner : Système | Parent : 11128(SearchIndexer.exe) | 14.33 Mo] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.19041.1023) = C:\Windows\System32\SearchProtocolHost.exe [26/05/2021 21:34:50] CPU Usage:0 % 3740 | [Owner : Système | Parent : 11128(SearchIndexer.exe) | 7.36 Mo] - (.Microsoft Corporation - Microsoft Windows Search Filter Host.) - (7.0.19041.1023) = C:\Windows\System32\SearchFilterHost.exe [26/05/2021 21:34:50] CPU Usage:0 % 5524 | [Owner : Système | Parent : 864(services.exe) | 17.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [23/12/2020 03:04:36] CPU Usage:0 % 11620 | [Owner : quent | Parent : 9196(explorer.exe) | 57.01 Mo] - (.SosVirus - QuickDiag.) - (7.145.21.1) = C:\Users\quent\Downloads\QuickDiag.exe [26/06/2021 14:37:18] CPU Usage:0 % 4476 | [Owner : Système | Parent : 3728(svchost.exe) | 8.59 Mo] - (.Microsoft Corporation - WMI Reverse Performance Adapter Maintenance Utility.) - (10.0.19041.1081) = C:\Windows\System32\wbem\WMIADAP.exe [26/06/2021 02:53:26] CPU Usage:0 % 13092 | [Owner : SERVICE RÉSEAU | Parent : 1012(svchost.exe) | 11.21 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.19041.546) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [23/12/2020 03:04:46] CPU Usage:0 % ---------- | Locked Applications ---------- | Policy Restrictions ---------- | Explorer.exe Modules (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\Windows\SYSTEM32\UMPDC.dll (..-..) - (0.0.0.0) -- C:\Windows\SYSTEM32\TextShaping.dll (.NVIDIA Corporation.-.NVIDIA Driver Loader, Version 471.11.) - (30.0.14.7111) -- C:\Windows\System32\DriverStore\FileRepository\nvaei.inf_amd64_527ff2c3aff50f25\nvldumdx.dll (.NVIDIA Corporation.-.NVIDIA D3D10 Driver, Version 471.11.) - (30.0.14.7111) -- C:\Windows\System32\DriverStore\FileRepository\nvaei.inf_amd64_527ff2c3aff50f25\nvwgf2umx_cfg.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\WindowManagementAPI.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\VirtualMonitorManager.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\Windows.Internal.UI.Shell.WindowTabManager.dll (.Intel Corporation.-.Intel Optane Pinning API (internal).) - (17.2.6.1027) -- C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellExperiences\TileControl.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellComponents\TaskFlowUI.dll (.Alexander Roshal.-.WinRAR shell extension.) - (6.0.0.0) -- C:\Program Files\WinRAR\rarext.dll (.NVIDIA Corporation.-.NVIDIA Shell Extensions.) - (6.14.14.7111) -- C:\Windows\System32\DriverStore\FileRepository\nvaei.inf_amd64_527ff2c3aff50f25\nv3dappshext.dll (.NVIDIA Corporation.-.NVIDIA NVAPI Library, Version 471.11.) - (30.0.14.7111) -- C:\Windows\SYSTEM32\nvapi64.dll ---------- | Winlogon.exe Modules (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\Windows\system32\UMPDC.dll ---------- | svchost.exe Modules (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- c:\windows\system32\UMPDC.dll (..-..) - (0.0.0.0) -- c:\windows\system32\TextShaping.dll (.SQLite Development Team.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.29.0.0) -- c:\windows\system32\winsqlite3.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\WindowManagementAPI.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\windows.applicationmodel.conversationalagent.internal.proxystub.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\usocoreps.dll ---------- | Windows Installer Installations () - Install. : // - Package : (Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 ENU - Install. : 15/01/2020 - Package : C:\Windows\Installer\bce5.msi (Intel Corporation) Intel(R) Wireless Bluetooth(R) - Install. : 15/01/2020 - Package : C:\Windows\Installer\27c6d.msi (Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 - Install. : 03/02/2021 - Package : C:\Windows\Installer\189394.msi (Epic Games, Inc.) Epic Games Launcher - Install. : 23/12/2020 - Package : C:\Windows\Installer\14252b7.msi (Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 - Install. : 23/12/2020 - Package : C:\Windows\Installer\58240d.msi (Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - Install. : 23/12/2020 - Package : C:\Windows\Installer\5811fa.msi (Acer Incorporated) PredatorSense Service - Install. : 15/01/2020 - Package : C:\Windows\Installer\bcea.msi (Microsoft Corporation) Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 - Install. : 18/02/2021 - Package : C:\Windows\Installer\2421c158.msi (Microsoft Corporation) Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 - Install. : 23/12/2020 - Package : C:\Windows\Installer\582f64.msi (Microsoft Corporation) Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 - Install. : 23/12/2020 - Package : C:\Windows\Installer\582f69.msi (The Document Foundation) LibreOffice 7.0.4.2 - Install. : 01/01/2021 - Package : C:\Windows\Installer\4459121.msi (Acer Incorporated) User Experience Improvement Program Service - Install. : 15/01/2020 - Package : C:\Windows\Installer\bcef.msi (Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) - Install. : 23/12/2020 - Package : C:\Windows\Installer\14252bc.msi (Oracle Corporation) Java 8 Update 291 (64-bit) - Install. : 25/04/2021 - Package : C:\Windows\Installer\f3a543e.msi (Microsoft Corporation) Microsoft Update Health Tools - Install. : 20/06/2021 - Package : C:\Windows\Installer\ca4ab02.msi (Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 - Install. : 23/12/2020 - Package : C:\Windows\Installer\582f73.msi (Intel Corporation) Intel(R) Rapid Storage Technology - Install. : 15/01/2020 - Package : C:\Windows\Installer\5e8f.msi (Intel Corporation) Intel® Optane™ Pinning Explorer Extensions - Install. : 15/01/2020 - Package : C:\Windows\Installer\3e07.msi (Microsoft Corporation) Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 - Install. : 23/12/2020 - Package : C:\Windows\Installer\582f6e.msi (Mojang) Minecraft Launcher - Install. : 23/12/2020 - Package : C:\Windows\Installer\3c086a.msi (Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 - Install. : 07/01/2021 - Package : C:\Windows\Installer\25c0d.msi (Acer Incorporated) Care Center Service - Install. : 24/12/2020 - Package : C:\Windows\Installer\556710a.msi (Microsoft Corporation) Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 - Install. : 18/02/2021 - Package : C:\Windows\Installer\2421c16e.msi (Google LLC) Google Update Helper - Install. : 07/06/2021 - Package : C:\Windows\Installer\452a45e.msi (Acer) Acer Jumpstart - Install. : 23/12/2020 - Package : C:\Windows\Installer\571c.msi (KULT#100) KULT#100 Gaming Mouse - Install. : 27/12/2020 - Package : C:\Windows\Installer\64405f3.msi (Acer Incorporated) DriverSetupUtility - Install. : 15/01/2020 - Package : c:\Windows\Installer\13690.msi (Apple Inc.) iCloud Outlook - Install. : 04/05/2021 - Package : C:\Windows\Installer\10b7a53f.msi (Microsoft Corporation) Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29334 - Install. : 18/02/2021 - Package : C:\Windows\Installer\2421c181.msi (Microsoft Corporation) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 - Install. : 15/01/2020 - Package : C:\Windows\Installer\769a.msi (Acer Incorporated) Quick Access Service - Install. : 23/12/2020 - Package : C:\Windows\Installer\4726.msi (Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - Install. : 15/01/2020 - Package : C:\Windows\Installer\768b.msi (Microsoft Corporation) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 - Install. : 07/01/2021 - Package : C:\Windows\Installer\25c08.msi (Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - Install. : 15/01/2020 - Package : C:\Windows\Installer\7690.msi (Intel Corporation) Intel® PROSet/Wireless WiFi Software - Install. : 15/01/2020 - Package : C:\Windows\Installer\9950.msi (Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - Install. : 16/04/2021 - Package : C:\Windows\Installer\1173138.msi (Microsoft Corporation) Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 - Install. : 15/01/2020 - Package : C:\Windows\Installer\7695.msi (Acer) Acer Configuration Manager - Install. : 15/01/2020 - Package : C:\Windows\Installer\bce0.msi (Microsoft Corporation) Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29334 - Install. : 18/02/2021 - Package : C:\Windows\Installer\2421c197.msi (Intel Corporation) Intel(R) PRO/Wireless Driver - Install. : 15/01/2020 - Package : C:\Windows\Installer\9936.msi (Oracle Corporation) Java Auto Updater - Install. : 25/04/2021 - Package : C:\Windows\Installer\f3a5449.msi ---------- | Windows Updates KB5003254 - Installed On : 05/26/2021 - [Update] KB4562830 - Installed On : 12/23/2020 - [Update] KB4577586 - Installed On : 03/07/2021 - [Update] KB4580325 - Installed On : 12/25/2020 - [Security Update] KB4593175 - Installed On : 12/23/2020 - [Security Update] KB4598481 - Installed On : 01/15/2021 - [Security Update] KB5000736 - Installed On : 05/25/2021 - [Update] KB5003690 - Installed On : 06/26/2021 - [Update] KB5003742 - Installed On : 06/26/2021 - [Security Update] ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Synapse3] : C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized [HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[OneDriveSetup] : C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[OneDriveSetup] : C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[OneDrive] : "C:\Users\quent\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Steam] : "C:\Program Files (x86)\Steam\steam.exe" -silent [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[EpicGamesLauncher] : "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[CCleaner Smart Cleaning] : "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Flashpaste] : C:\Program Files (x86)\Flashpaste\flashpaste.exe [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Discord] : C:\Users\quent\AppData\Local\Discord\Update.exe --processStart Discord.exe [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Synapse3] : "C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe" /StartMinimized [HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Synapse3] : C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[SecurityHealth] : %windir%\system32\SecurityHealthSystray.exe [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[RtkAudUService] : "C:\Windows\System32\RtkAudUService64.exe" -background [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[IAStorIcon] : "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\quent\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background "Steam"="C:\Program Files (x86)\Steam\steam.exe" -silent "EpicGamesLauncher"="C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent "CCleaner Smart Cleaning"="C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR "Flashpaste"=C:\Program Files (x86)\Flashpaste\flashpaste.exe [16/11/2019 09:13:30] "Discord"=C:\Users\quent\AppData\Local\Discord\Update.exe --processStart Discord.exe "Synapse3"="C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe" /StartMinimized [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "OneDrive"=0x03000000B0A9260409D9D601 "Flashpaste"=0x020000000000000000000000 "Steam"=0x0300000003C1C4090DD9D601 "Discord"=0x03000000667BF6B26452D701 "EpicGamesLauncher"=0x03000000C96B98A744E0D601 "CCleaner Smart Cleaning"=0x03000000A68027A644E0D601 "DiscordCanary"=0x020000000000000000000000 "Synapse3"=0x030000002E085120935FD701 [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "Device"=HPCACD2B (HP ENVY 5000 series),winspool,Ne02: "IsMRUEstablished"=0 "LegacyDefaultPrinterMode"=0 "MenuDropAlignment"=1 [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "SecurityHealth"=%windir%\system32\SecurityHealthSystray.exe "RtkAudUService"="C:\Windows\System32\RtkAudUService64.exe" -background "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "SecurityHealth"=0x07000000B6BAF123935FD701 "IAStorIcon"=0x020000000000000000000000 "WindowsDefender"=0x020000000000000000000000 "RtkAudUService"=0x03000000857E99B0E15FD701 "CL-25-2CE9B02D-D129-43DC-AB43-9BDE18D0C05A"=0x010000008967FCD66452D701 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32] "Discord"=0x020000000000000000000000 "LogMeIn Hamachi Ui"=0x03000000FB0160978CDCD601 "SunJavaUpdateSched"=0x03000000E853C1C36452D701 [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 "Win32kLastWriteTime"=1D76A25AFE010BC [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "Discord"=C:\ProgramData\SquirrelMachineInstalls\Discord.exe --checkInstall "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Win.ini : ---------- | System.ini : ---------- | Tasks List ACC ACCAgent ACCBackgroundApplication AcerCMUpdateTask2.1.16258 BraveSoftwareUpdateTaskMachineCore BraveSoftwareUpdateTaskMachineUA CCleaner Update CCleanerSkipUAC GoogleUpdateTaskMachineCore GoogleUpdateTaskMachineUA MicrosoftEdgeUpdateTaskMachineCore MicrosoftEdgeUpdateTaskMachineUA NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} OneDrive Standalone Update Task-S-1-5-21-2749564263-2306086831-1143213442-500 OneDrive Standalone Update Task-S-1-5-21-86999783-108695983-2164099147-1001 Overwolf Updater Task PredatorSense Quick Access Software Update Application UbtFrameworkService UEIPInvitation ---------- | Startings up registry ¦ Folder ---------- | Control - lsa - SecurityProviders - Session Manager - Terminal Server [HKLM\System\CurrentControlSet\Control] "BootDriverFlags"=28 "CurrentUser"=USERNAME "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM AppIdSvc "PreshutdownOrder"=DeviceInstall UsoSvc gpsvc trustedinstaller "SvcHostSplitThresholdInKB"=3670016 "WaitToKillServiceTimeout"=2000 "SystemStartOptions"= NOEXECUTE=OPTIN NOVGA "SystemBootDevice"=multi(0)disk(0)rdisk(1)partition(3) "FirmwareBootDevice"=multi(0)disk(0)rdisk(1)partition(1) "LastBootSucceeded"=1 "LastBootShutdown"=1 "DirtyShutdownCount"=35 [HKLM\System\CurrentControlSet\Control\lsa] "auditbasedirectories"=0 "auditbaseobjects"=0 "Bounds"=0x0030000000200000 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Security Packages"="" [23/12/2020 10:39:56] "Notification Packages"=scecli "Authentication Packages"=msv1_0 "LsaPid"=884 "SecureBoot"=1 "ProductType"=3 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "restrictanonymoussam"=1 "restrictanonymous"=0 "SamConnectedAccountsExist"=1 [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Session Manager] "AutoChkTimeout"=8 "BootExecute"=autocheck autochk * "BootShell"=%SystemRoot%\system32\bootim.exe "CriticalSectionTimeout"=2592000 "ExcludeFromKnownDlls"= "GlobalFlag"=0 "GlobalFlag2"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "InitConsoleFlags"=0 "NumberOfInitialSessions"=2 "ObjectDirectories"=\Windows \RPC Control "ProcessorControl"=2 "ProtectionMode"=1 "ResourceTimeoutCount"=150 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager "SETUPEXECUTE"= "AutoChkSkipSystemPartition"=0 "PendingFileRenameOperations"=\??\C:\Windows\Temp\84e29c33-250b-498b-8a25-a7b0be1aab81.tmp [HKLM\System\CurrentControlSet\Control\Terminal Server] "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "DeleteTempDirsOnExit"=1 "fDenyTSConnections"=1 "fSingleSessionPerUser"=1 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "ProductVersion"=5.1 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "StartRCM"=0 "TSUserEnabled"=0 "InstanceID"=e3914b8e-9403-4434-84f1-71317a5 "GlassSessionId"=1 ---------- | .LNK with Arguments ---------- | AppCertDlls ---------- | Dnsapi.dll C:\Windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Control Panel\Desktop] "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretTimeout"=5000 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "MouseWheelRouting"=2 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "ScreenSaveActive"=1 "SnapSizing"=1 "TileWallpaper"=0 "WallPaper"=C:\Users\quent\Desktop\photos\1572740665149.jpg [04/05/2021 17:14:39] "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "Win8DpiScaling"=0 "DpiScalingVer"=4096 "UserPreferencesMask"=0x9032078012000000 "MaxVirtualDesktopDimension"=1920 "MaxMonitorDimension"=1920 "TranscodedImageCount"=1 "LastUpdated"=4294967295 "TranscodedImageCache"=0x7AC30100BCBA0000000200001A0100008002DB0BDD91D50143003A005C00550073006500720073005C007100750065006E0074005C004400650073006B0074006F0070005C00700068006F0074006F0073005C0031003500370032003700340030003600360035003100340039002E006A007000670000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "PreviousPreferredUILanguages"=fr-FR "PreferredUILanguages"=fr-FR "WaitToKillAppTimeout"=2000 "HungAppTimeout"=2000 [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{018D5C66-4533-4307-9B53-224DE2ED1FE6}"=1 [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Microsoft\Windows\CurrentVersion\Explorer] "ExplorerStartupTraceRecorded"=1 "ShellState"=0x240000003A28000000000000000000000000000001000000130000000000000042000000 "UserSignedIn"=1 "SlowContextMenuEntries"=0x6024B221EA3A6910A2DC08002B30309DACBF0200AF75193DC6488E4FA182BE0E08FA86A9E80300000114020000000000C000000000000046280900005D54A9A2C2A0B4429708A0B2BADD77C8700A0000BD0E0C47735D584D9CEDE91E22E23282E8030000 "SIDUpdatedOnLibraries"=1 "LocalKnownFoldersMigrated"=1 "TelemetrySalt"=5 "GlobalAssocChangedCounter"=1103 "FirstRunTelemetryComplete"=1 "AppReadinessLogonComplete"=1 "PostAppInstallTasksCompleted"=1 "ExcludedFromStableAnaheimDownloadPromotionSL"=1 "EnableAutoTray"=1 [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=2 "ShowCompColor"=1 "HideFileExt"=0 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "ShowSuperHidden"=0 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=0 "ShowStatusBar"=1 "StoreAppsOnTaskbar"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "ShowCortanaButton"=0 "StartMigratedBrowserPin"=1 "StartMenuInit"=13 "ReindexedProfile"=1 "TaskbarStateLastRun"=0x75AAD46000000000 "TaskbarSizeMove"=1 "Start_TrackProgs"=0 [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery] "MRUListEx"=0x0E0000000D0000000C0000000B0000000A00000009000000080000000700000006000000050000000400000003000000020000000100000000000000FFFFFFFF "0"=0x66006C006100730068000000 "1"=0x7400720079000000 "2"=0x6700750069006C006400200077006100720073000000 "3"=0x72006F006C006C00650072000000 "4"=0x300034000000 "5"=0x61006B0061000000 "6"=0x61006B0061007400730075006B0069000000 "7"=0x610072006B000000 "8"=0x6900730073000000 "9"=0x6D0065000000 "10"=0x61006D006F0067000000 "11"=0x6200740073000000 "12"=0x6D006F006E006B000000 "13"=0x6C006500730073000000 "14"=0x730068000000 [HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "FilterAdministratorToken"=1 "undockwithoutlogon"=1 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "DisableAutomaticRestartSignOn"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 "NoDriveTypeAutoRun"=255 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "LayoutXMLPath"=C:\Users\Default\AppData\Local\Microsoft\Windows\Shell\TaskbarLayoutModification.xml [23/12/2020 05:51:18] "GlobalAssocChangedCounter"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "FilterAdministratorToken"=1 "undockwithoutlogon"=1 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "DisableAutomaticRestartSignOn"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 "NoDriveTypeAutoRun"=255 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=29 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders "BuildNumber"=19043 "FirstLogon"=0 "ParseAutoexec"=1 "PUUActive"=0x23E86B5701001E00B401E406739C4D00DA1B5600DA1B5600D20000000200C2003847DFB5855FD400C9D6630080DB3A00C0A233003BA019000300000000000000000000003E605900A73C0400C61000009F10F26D266AD701739C4D000000000001000000739C4D00624A0000360D0000C604300000000000 "DP"=0xD200E800AD011E00B101000023E86B5700000000000000004C48BD86876AD7014C48BD86876AD701000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000F03F80510100CC8900400D8862020D886206701B0080413081014332914130F00080FC174800FC17480141EB0080C2100400C3101D00CD0401802410480C2F104C6C8ABB000000A3850401A3C55C1DB3008003EC00040BEC0404023200809200152092281520822B0080A0694146A2EB41467DDA0080080448520804497671130180152144049521C40C [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "DisableBackButton"=1 "EnableSIHostIntegration"=1 "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "ReportBootOk"=1 "Shell"=explorer.exe "ShellCritical"=0 "ShellInfrastructure"=sihost.exe "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "Userinit"=C:\Windows\system32\userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "WinStationsDisabled"=0 "scremoveoption"=0 "LastLogOffEndTimePerfCounter"=79764784 "ShutdownFlags"=51 "DisableCad"=1 "DisableLockWorkstation"=0 "EnableFirstLogonAnimation"=1 "AutoLogonSID"=S-1-5-21-86999783-108695983-2164099147-1001 "LastUsedUsername"=quent [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultDomainName"= "DefaultUserName"= "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell"=explorer.exe "ShellCritical"=0 "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\Windows\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\Classes\Folder] ""=Folder "AppUserModelID"=Microsoft.Windows.Explorer "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\Windows\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\WOW6432Node\Classes\Folder] ""=Folder "AppUserModelID"=Microsoft.Windows.Explorer "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\Clients\StartMenuInternet\Brave\Shell\open\Command] ""="C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" [HKLM\Software\Clients\StartMenuInternet\Brave\InstallInfo] "ReinstallCommand"="C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [07/12/2019 16:50:50] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\Clients\StartMenuInternet\Microsoft Edge\Shell\open\Command] ""="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" [HKLM\Software\Clients\StartMenuInternet\Microsoft Edge\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Brave\Shell\open\Command] ""="C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Brave\InstallInfo] "ReinstallCommand"="C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [07/12/2019 16:50:50] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Microsoft Edge\Shell\open\Command] ""="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Microsoft Edge\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --make-default-browser ---------- | AppcompatFlags [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe"=32 [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\OEM\Preload\Autorun\CheckFiles.exe"=0x5341435001000000000000000700000028000000207A0D00AD780E000100000000000000000000067100000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000002F000000000000000100000001000000 "C:\Program Files\CPUID\CPU-Z\cpuz.exe"=0x5341435001000000000000000700000028000000901C3F00873A3F0001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000D1240600000000000200000002000000 "C:\Program Files (x86)\KULT#100 Gaming Mouse\GamingMouse.exe"=0x5341435001000000000000000700000028000000000220000000000001000000000000000000000A7122000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000D5EAE303000000002300000023000000 "C:\Program Files\Windows NT\Accessories\wordpad.exe"=0x534143500100000000000000070000002800000000B02E00A7502F0001000000010000000000000A6322000050BB64EDDDACD5010000000000000000 "C:\Program Files\LibreOffice\program\swriter.exe"=0x534143500100000000000000070000002800000030410100D81C020001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000029A34501000000001B0000001B000000 "C:\Program Files\LibreOffice\program\soffice.exe"=0x5341435001000000000000000700000028000000300F0300C742030001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000002140EE00000000003E0000003E000000 "C:\Users\quent\AppData\Local\Discord\Update.exe"=0x534143500100000000000000070000002800000038151700FA39170001000000000000000000000A7522000050BB64EDDDACD5010000000000000000020000002800000000000000000000000400000000000000000000000000000071247D06000000001400000014000000 "C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe"=0x5341435001000000000000000700000028000000582F07001181070001000000000000000000000A7122000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000B9329B01000000000500000005000000 "C:\Program Files (x86)\Flashpaste\Flashpaste.exe"=0x5341435001000000000000000700000028000000000E41000000000001000000000000000000000A7122000050BB64EDDDACD50100000000000000000200000050000000000000000000000000000000000000000000000000000000E06F43020000000037000000280000000000000000000040000000000000000000000000000000009247EE00000000000300000000000000 "C:\Program Files (x86)\Flashpaste\uninst.exe"=0x534143500100000000000000070000002800000085690100000000000100000000000000000001060001000050BB64EDDDACD50100000000000000000200000028000000000000000000004000020000000000000000000000000000001A0000000000000200000002000000 "C:\Program Files (x86)\DroidCam\DroidCamApp.exe"=0x5341435001000000000000000700000028000000980E0E0032100E0001000000000000000000000A7122000050BB64EDDDACD501000000000000000002000000280000000000000000000000000002000000000000000000000000003D581C01000000001B0000001B000000 "C:\Program Files\WinRAR\WinRAR.exe"=0x5341435001000000000000000700000028000000301E2800E3AD280001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000A3D80C00000000001900000019000000 "C:\Users\quent\Desktop\star wars empire at war gold pack\STAR WARS - Empire at War Gold Pack (v1.05)(Multi 5)[RG Alucania].exe"=0x5341435001000000000000000700000028000000DE6BF400000000000100000000000000000003060001000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000ED840700000000000100000001000000 "D:\wow\WINDOWS_World of Warcraft 335a_Textures\Wow.exe"=0x5341435001000000000000000700000028000000988E7500962676000100000000000000000001067100000050BB64EDDDACD501000000000000000005000000100000000000000000000000000000000000008002000000500000000000000000000090080000000000000000000000000000001A71030000000000060000000100000000000000000000D000000000000000000000000000000000153B0000000000000100000000000000 "D:\wow\WINDOWS_World of Warcraft 335a_Textures\Repair.exe"=0x534143500100000000000000070000002800000098E20E00CEAB0F000100000000000000000001067122000050BB64EDDDACD501000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000000AB20000000000000300000003000000 "D:\wow\WINDOWS_World of Warcraft 335a_Textures\WowError.exe"=0x534143500100000000000000070000002800000098580500FBF305000100000000000000000001067120000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000000F000000000000000200000002000000 "C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe"=0x534143500100000000000000070000002800000048AAE5007D2DE60001000000000000000000000A7122000050BB64EDDDACD5010000000000000000020000002800000000000000000000400000000000000000000000000000000091830800000000000100000001000000 "C:\Program Files (x86)\GLRLauncher\glr-qt-launcher.exe"=0x534143500100000000000000070000002800000000AC05000DD3050001000000000000000000000A7122000050BB64EDDDACD50100000000000000000200000050000000000000008000000000000000000000000000000000000000E36C3F0100000000CB000000C50000000000000080000040000000000000000000000000000000007A7B0000000000000100000000000000 "C:\Program Files (x86)\Minecraft Launcher\MinecraftLauncher.exe"=0x5341435001000000000000000700000028000000584334009759340001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000800000000000000000000000000000000000000044067100000000000700000007000000 "C:\Program Files\LibreOffice\program\scalc.exe"=0x534143500100000000000000070000002800000030290100C38A010001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000FEA60000000000000100000001000000 "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe"=0x5341435001000000000000000700000028000000C8B50A004FD50A0001000000000000000000000A7322000050BB64EDDDACD5010000000000000000020000002800000000000000000000400000000000000000000000000000000082C70100000000000200000002000000 "D:\steam\steamapps\common\Among Us - Copie\Among Us.exe"=0x534143500100000000000000070000002800000000CA09000000000001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000001AF30A00000000000100000001000000 "D:\battle net\Overwatch\Overwatch Launcher.exe"=0x5341435001000000000000000700000028000000B0AF4B00E7794C0001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000800000000000000000000000000000000000000009E52900000000000100000001000000 "C:\Users\quent\Downloads\Rockstar-Games-Launcher.exe"=0x534143500100000000000000070000002800000058522A0560762A0501000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000008000004000000000000000000000000000000000C4F60000000000000100000001000000 "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe"=0x5341435001000000000000000700000028000000F0991A00B70B1B0001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000ED530000000000000100000001000000 "D:\gta\Grand Theft Auto V\PlayGTAV.exe"=0x5341435001000000000000000700000028000000A024030066D6030001000000000000000000000A7322000050BB64EDDDACD5010000000000000000050000001000000000000000000000000000000000000000020000005000000000000000000000400000000000000000000000000000000091950500000000000200000002000000000000000000000000000000000000000000000000000000F8D13100000000000300000000000000 "C:\Riot Games\League of Legends\LeagueClient.exe"=0x5341435001000000000000000700000028000000809F560151E3560101000000000000000000000A7122000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000003170000000000000100000001000000 "C:\Users\quent\Downloads\Install VALORANT.exe"=0x534143500100000000000000070000002800000000EC1D0470021E0401000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000016DB0500000000000100000001000000 "C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UplayService.exe"=0x5341435001000000000000000700000028000000605A5E0032DD5E0001000000000000000000000A7122000050BB64EDDDACD50100000000000000000200000050000000000000008000000000000000000000000000000000000000350C0000000000000200000002000000000000008000004000000000000000000000000000000000CE020000000000000200000000000000 "C:\Program Files (x86)\PerfectKeyboard\PerfectKeyboard.exe"=0x534143500100000000000000070000002800000070CE65001F62660001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000BF4B0000000000000100000001000000 "C:\Users\quent\AppData\Local\T2GP Launcher\app-1.0.1.1798\launcher.exe"=0x534143500100000000000000070000002800000080917D00B5DD7D0001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000002F10100000000000100000001000000 "C:\Users\quent\AppData\Local\T2GP Launcher\app-1.0.2.1881\launcher.exe"=0x534143500100000000000000070000002800000080A17E006F777F0001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000003B847800000000000100000001000000 "C:\Program Files\Rockstar Games\Launcher\LauncherPatcher.exe"=0x534143500100000000000000070000002800000098BD0700B7D4070001000000000000000000000A7322000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000008AACE000000000000500000005000000 "C:\Users\quent\Desktop\scp\ScpServer\bin\ScpDriver.exe"=0x534143500100000000000000070000002800000000B80B00000000000100000000000000000003067522000050BB64EDDDACD501000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000001F490000000000000100000001000000 "C:\Users\quent\Desktop\scp\ScpServer\bin\ScpServer.exe"=0x534143500100000000000000070000002800000000980B00000000000100000000000000000003067522000050BB64EDDDACD5010000000000000000020000002800000000000000000000000010000000000000000000000000000007E03300000000000300000003000000 "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe"=0x5341435001000000000000000700000028000000E0FDF7014923F80101000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000F8263300000000000100000001000000 "C:\Program Files (x86)\Common Files\Steam\SteamService.exe"=0x5341435001000000000000000700000028000000E8502A0029C92A0001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000E6B70000000000000200000002000000 "C:\Users\quent\Downloads\AutoClicker.exe"=0x53414350010000000000000007000000280000003D300D0003090E0001000000000000000000000A7122000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000F10DB401000000000100000001000000 "C:\Users\quent\Downloads\bitdefender_windows_0c47e85c-5537-4219-a1eb-d43b1ea0b5a7.exe"=0x5341435001000000000000000700000028000000D009CF00A5BFCF0001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000069200000000000000100000001000000 "C:\Program Files (x86)\Acer\Acer Jumpstart\wall.exe"=0x5341435001000000000000000700000028000000301101004DB8010001000000000000000000000A7522000050BB64EDDDACD5010000000000000000 "C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe"=0x5341435001000000000000000700000028000000903B0300B8BC030001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000008000000000000000000000000000000000000000D0B76400000000001300000013000000 "C:\Users\quent\Desktop\pokemmo\PokeMMO\PokeMMO.exe"=0x5341435001000000000000000700000028000000A055260123D9260101000000000000000000000A7120000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000005825A500000000000500000005000000 "C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe"=0x5341435001000000000000000700000028000000C86D2200752F230001000000000000000000000A0021000050BB64EDDDACD5010000000000000000 "C:\Program Files (x86)\Steam\steam.exe"=0x5341435001000000000000000700000028000000E8B23E00A3B33E0001000000000000000000000A0021000050BB64EDDDACD5010000000100000000 "C:\Users\quent\AppData\Local\DiscordCanary\Update.exe"=0x5341435001000000000000000700000028000000A01217008172170001000000000000000000000A7522000050BB64EDDDACD5010000000000000000020000002800000000000000000000000400000000000000000000000000000094950100000000000300000003000000 "C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe"=0x534143500100000000000000070000002800000040B23500A214360001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000009A79602000000000900000009000000 "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe"=0x5341435001000000000000000700000028000000E0832A00CD272B0001000000000000000000000A7122000050BB64EDDDACD5010000000000000000020000002800000000000000800000000400000000000000000000000000000007798F02000000001100000011000000 "C:\Users\quent\AppData\Local\Microsoft\OneDrive\21.099.0516.0003\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000784309004260090001000000000000000000000A0021000050BB64EDDDACD5010000000100000000 "C:\Program Files\Google\Chrome\Application\chrome.exe"=0x5341435001000000000000000700000028000000A834250009F0250001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000008D870101000000000200000002000000 "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"=0x534143500100000000000000070000002800000090053200EB0B320001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000001000000000000000000000000000000000B9030000000000000100000001000000 "C:\Riot Games\Riot Client\RiotClientServices.exe"=0x534143500100000000000000070000002800000048B8200473D8200401000000000000000000000A7122000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000A9AB1200000000000400000004000000 "C:\ProgramData\NVIDIA Corporation\Downloader\60f2d0e7dee93517db08a8f8a2f371dd\GeForce_Experience_Update_v3.23.0.74_Official_026B48.exe"=0x5341435001000000000000000700000028000000686BB907579EB9070100000000000000000002060001000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000032A10000000000000100000001000000 "C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe"=0x534143500100000000000000070000002800000070D909009C480A0001000000000000000000000A7120000050BB64EDDDACD501000000000000000002000000280000000000000080000000000000000000000000000000000000004F050000000000000100000001000000 "C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"=0x534143500100000000000000070000002800000070F33200E0AD330001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000C5DC2700000000000100000001000000 "C:\Program Files\WindowsApps\cyberlinkcorp.ac.powerdirectorforacerdesktop_14.0.4304.0_x64__ypz87dpxkv292\PowerDirector14\RichVideo64.exe"=0x534143500100000000000000070000002800000018950900FFE5090001000000000000000000000A7322000050BB64EDDDACD5010000000000000000 "C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe"=0x534143500100000000000000070000002800000058A91A006D1A1B0001000000000000000000000A7322000050BB64EDDDACD5010000000000000000 "C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe"=0x5341435001000000000000000700000028000000008406000000000001000000000000000000000A7322000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000005B030000000000000900000009000000 "C:\Program Files\CCleaner\CCleaner64.exe"=0x5341435001000000000000000700000028000000804A0302A1C2030201000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000E5060000000000000100000001000000 "C:\Users\quent\Downloads\QuickDiag.exe"=0x5341435001000000000000000700000028000000F05045006F9D450001000000000000000000000A0021000050BB64EDDDACD5010000000000000000 ---------- | IFEO ---------- | Mountpoints2 [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{8f92d8ed-93f4-11eb-80f8-24418c67e4d0}] : "F:\HiSuiteDownLoader.exe" (AutoRun) ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=132531708682035355 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "RemediationExe"=windowsdefender:// "ProductType"=2 "InstallTime"=0xEC5D8A73E2D8D601 "InstallLocation"=C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\ "ManagedDefenderProductType"=0 "ProductStatus"=0 "TrustedImageIdentifier"=POP01S0063X8HC11-PAP01J1L63X86C11 "OOBEInstallTime"=0x145BE8E107D9D601 "DisableAntiSpyware"=0 "DisableAntiVirus"=0 "LastEnabledTime"=0x31D4D0873A51D701 "PUAProtection"=1 "BackupLocation"=C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0 "IsServiceRunning"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CBDHSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MsQuic] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NgcCtnrSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NgcSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] ---------- | Winsock (Whitelist) ---------- | Hosts ---------- | Ping Envoi d'une requ?te 'ping' sur google.com [2a00:1450:4007:805::200e] avec 32 octets de donn?es?: R?ponse de 2a00:1450:4007:805::200e?: temps=12 ms R?ponse de 2a00:1450:4007:805::200e?: temps=12 ms R?ponse de 2a00:1450:4007:805::200e?: temps=11 ms R?ponse de 2a00:1450:4007:805::200e?: temps=14 ms Statistiques Ping pour 2a00:1450:4007:805::200e: Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%), Dur?e approximative des boucles en millisecondes : Minimum = 11ms, Maximum = 14ms, Moyenne = 12ms ---------- | @ [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Cache_Update_Frequency"=yes "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=%11%\blank.htm "Save_Session_History_On_Exit"=no "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "UseClearType"=no "XMLHTTP"=1 "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=http://acer17win10.msn.com/?pc=ACTE "Default_Page_URL"=http://acer17win10.msn.com/?pc=ACTE "DisableFirstRunCustomize"=1 "ImageStoreRandomFolder"=qgabebw [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "CertificateRevocation"=1 "DisableCachingOfSSLPages"=0 "IE5_UA_Backup_Flag"=5.0 "PrivacyAdvanced"=1 "SecureProtocols"=2688 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "ZonesSecurityUpgrade"=0x1ABEDCFC44CBD501 "WarnonZoneCrossing"=0 "EnableNegotiate"=1 "ProxyEnable"=0 "MigrateProxy"=1 "LockDatabase"=132690185371900925 [HKLM\Software\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "TabProcGrowth"=Medium [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings] "CallLegacyWCMPolicies"=0 "Security_options_edit"=1 "Security_zones_map_edit"=1 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\SysWOW64\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "TabProcGrowth"=Medium [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\CurrentVersion\Internet Settings] "CallLegacyWCMPolicies"=0 "Security_options_edit"=1 "Security_zones_map_edit"=1 ---------- | Proxy ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | Execution FileExts ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OptaneIconOverlay] - {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} -- mscoree.dll [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- C:\Windows\System32\EhStorShell.dll [15/01/2021 14:18:33] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} -- [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks] "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"= ---------- | Toolbar [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=0 "ShowDiscussionButton"=Yes [HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=0 [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={02D76476-CC9B-465C-A022-B6521394D98D} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar] "Locked"=0 [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={02D76476-CC9B-465C-A022-B6521394D98D} ---------- | Extensions ---------- | SearchScopes [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{02D76476-CC9B-465C-A022-B6521394D98D}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=PRACE1&src=IE11TR&pc=ACTE : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E664FF12-565F-4768-9AB1-534E15D27278}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=PRACE1&src=IE11TR&pc=ACTE : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{02D76476-CC9B-465C-A022-B6521394D98D}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=PRACE1&src=IE11TR&pc=ACTE : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{E664FF12-565F-4768-9AB1-534E15D27278}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=PRACE1&src=IE11TR&pc=ACTE : ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}] -> (IEToEdge BHO) : C:\Program Files (x86)\Microsoft\Edge\Application\91.0.864.59\BHO\ie_to_edge_bho.dll [26/06/2021 14:37:21] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> () : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> () : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}] -> (IEToEdge BHO) : C:\Program Files (x86)\Microsoft\Edge\Application\91.0.864.59\BHO\ie_to_edge_bho.dll [26/06/2021 14:37:21] ---------- | Chrome C:\Users\quent\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\quent\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\quent\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\quent\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\quent\AppData\Local\Google\Chrome\User Data\Default\extensions\fefnkplkicihcoenmljhbihhaaagjhpp = : __MSG_description__ - __MSG_name__ - https://clients2.google.com/service/update2/crx C:\Users\quent\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\quent\AppData\Local\Google\Chrome\User Data\Default\extensions\gcbfdkgdehbcllhglllmfkdhcpfcbjka = : Connectez-vous à Ornikar pour vous entraîner au code de la route ou réserver des heures de conduite - https://app.ornikar.com/connexion?utm_source=web_app_manifest - Ornikar C:\Users\quent\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\quent\AppData\Local\Google\Chrome\User Data\Default\extensions\gighmmpiobklfepjocnamgkkbiglidom = : __MSG_description__ - short_name: __MSG_name__ - permissions:[tabs\u003Call_urls>contextMenuswebRequestwebRequestBlockingwebNavigationstorageunlimitedStoragenotificationsidlealarms] - https://clients2.google.com/service/update2/crx C:\Users\quent\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\quent\AppData\Local\Google\Chrome\User Data\Default\extensions\oocalimimngaihdkbihfgmpkcpnmlaoa = : __MSG_extDescription__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\quent\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail - Google & co - [*://mail.google.com/mail] - https://clients2.google.com/service/update2/crx C:\Users\quent\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = : Provider for discovery and services for mirroring of Chrome Media Router - Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx ---------- | Opera ---------- | Firefox [HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.291.2] - (Java™ Deployment Toolkit) : C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.291.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll C:\Users\quent\AppData\Roaming\Mozilla\Firefox\Profiles\janh3xgh.default\Prefs.js user_pref("browser.newtab.extensionControlled", true); user_pref("browser.startup.homepage_override.buildID", "20191030021342"); user_pref("browser.startup.homepage_override.mstone", "70.0.1"); user_pref("extensions.activeThemeID", "default-theme@mozilla.org"); user_pref("extensions.blocklist.pingCountVersion", 0); user_pref("extensions.chinaNewtab.prefVersion", 1); user_pref("extensions.cpmanager.safeflag.listtypes.0", "m6eb-phish-shavar"); user_pref("extensions.cpmanager.safeflag.restart.0", 7); user_pref("extensions.cpmanager@mozillaonline.com.active_time", "1598604654922"); user_pref("extensions.cpmanager@mozillaonline.com.fxa.initstep", 3); user_pref("extensions.cpmanager@mozillaonline.com.pocketButtonRemoved2", true); user_pref("extensions.cpmanager@mozillaonline.com.screenshotButtonRemoved", true); user_pref("extensions.cpmanager@mozillaonline.com.uuid", "{6de86b52-69a0-4ed3-b810-3d56fa0991a4}"); user_pref("extensions.databaseSchema", 31); user_pref("extensions.getAddons.databaseSchema", 5); user_pref("extensions.incognito.migrated", true); user_pref("extensions.installedDistroAddon.cehomepage@mozillaonline.com", true); user_pref("extensions.installedDistroAddon.china-newtab@mozillaonline.com", true); user_pref("extensions.installedDistroAddon.coba@mozilla.com.cn", true); user_pref("extensions.installedDistroAddon.cpmanager@mozillaonline.com", true); user_pref("extensions.installedDistroAddon.easyscreenshot@mozillaonline.com", true); user_pref("extensions.installedDistroAddon.tabtweak@mozillaonline.com", true); user_pref("extensions.installedDistroAddon.wx-assistant@mozillaonline.com", true); user_pref("extensions.lastAppBuildId", "20191030021342"); user_pref("extensions.lastAppVersion", "70.0.1"); user_pref("extensions.lastPlatformVersion", "70.0.1"); user_pref("extensions.pendingOperations", false); user_pref("extensions.pocket.enabled", false); user_pref("extensions.screenshots.disabled", true); user_pref("extensions.systemAddonSet", "{\"schema\":1,\"addons\":{}}"); user_pref("extensions.webcompat.perform_injections", true); user_pref("extensions.webcompat.perform_ua_overrides", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.cehomepage@mozillaonline.com", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.china-newtab@mozillaonline.com", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.coba@mozilla.com.cn", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.cpmanager@mozillaonline.com", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.easyscreenshot@mozillaonline.com", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.screenshots@mozilla.org", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.{e4a8a97b-f2ed-450b-b12d-ee082ba24781}", true); user_pref("extensions.webextensions.uuids", "{\"cehomepage@mozillaonline.com\":\"68c56b1f-25b6-4a97-b66d-eb454bcdbf0f\",\"china-newtab@mozillaonline.com\":\"c9cdd9b2-a8a6-4f4c-8167-86f19e1820e6\",\"coba@mozilla.com.cn\":\"d1f351cc-31ff-421b-b87d-57d5cb71c1f8\",\"cpmanager@mozillaonline.com\":\"1b87cdb3-ca5f-46eb-808c-7d38e807ff80\",\"easyscreenshot@mozillaonline.com\":\"cd6941e5-1868-444e-ad94-0524c629e7cf\",\"tabtweak@mozillaonline.com\":\"b1be611f-e9f2-4ce6-ab55-e6c7e1be0939\",\"wx-assistant@mozillaonline.com\":\"75128516-3de5-4337-9e44-22d8e471cbd9\",\"formautofill@mozilla.org\":\"3857be87-28da-416e-9cd7-01d622850f08\",\"screenshots@mozilla.org\":\"5f0b8a35-3ac4-46f1-891f-6f5d22176c4f\",\"webcompat-reporter@mozilla.org\":\"7a4f94fe-e3ca-4b2f-a575-31de24c1d4c8\",\"webcompat@mozilla.org\":\"2676a4b9-2113-415d-a020-9fb1848716df\",\"default-theme@mozilla.org\":\"d0492b75-3b22-4c07-aad3-007c1d9d4d51\",\"baidu@search.mozilla.org\":\"78a75282-b9cb-4494-8fce-3521126d55a8\",\"google@search.mozilla.org\":\"59978a90-f3e0-4272-93ce-cbae8d2a0cc0\",\"bing@search.mozilla.org\":\"99ff882b-8656-49c8-8365-4e5bb327da44\",\"ddg@search.mozilla.org\":\"1cbdce30-ada6-4f43-8fec-a04bf9d906ef\",\"wikipedia@search.mozilla.org\":\"61cebe91-9bcd-4c88-afdb-c8f108983b01\",\"amazondotcn@search.mozilla.org\":\"3eb6068f-bf0d-4dd8-bf2d-670f82b253fb\",\"{e4a8a97b-f2ed-450b-b12d-ee082ba24781}\":\"fe0ddd3d-a6f9-4fcf-9fa1-04ee736f082a\"}"); C:\Users\quent\AppData\Roaming\Mozilla\Firefox\Profiles\janh3xgh.default [Profile0] - Name=default -> Profiles/janh3xgh.default ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{4c4392df-a467-45b6-a83c-820c037fc64a}] "DhcpNameServer"=172.18.2.2 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{90ce3523-a57b-4756-8c09-baa15ca818a0}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{4c4392df-a467-45b6-a83c-820c037fc64a}] "DhcpNameServer"=172.18.2.2 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{90ce3523-a57b-4756-8c09-baa15ca818a0}] "DhcpNameServer"=192.168.1.1 ---------- | Applications [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Classes\Applications\PerfectKeyboard.exe] : C:\Program Files (x86)\PerfectKeyboard\PerfectKeyboard.exe %1 [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\PerfectKeyboard.exe] : C:\Program Files (x86)\PerfectKeyboard\PerfectKeyboard.exe %1 [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\PerfectKeyboard.exe] : C:\Program Files (x86)\PerfectKeyboard\PerfectKeyboard.exe %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | SvcHost (Whitelist) [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=Power LSM BrokerInfrastructure PlugPlay DcomLaunch SystemEventsBroker DeviceInstall "rdxgroup"=RetailDemo "Camera"=FrameS "LocalServiceNoNetworkFirewall"=BFE mpssvc "diagnostics"=DiagSvc "AarSvcGroup"=AarSvc "PrintWorkflow"=PrintWorkflowUserSvc "wusvcs"=WaaSMedicSvc "BcastDVRUserService"=BcastDVRUserService "GraphicsPerfSvcGroup"=GraphicsPerfSvc "autoTimeSvc"=autoTimeSvc "ClipboardSvcGroup"=cbdhsvc "BthAppGroup"=BluetoothUserService "smbsvcs"=lanmanserver "UdkSvcGroup"=UdkUserSvc "DevicesFlow"=DeviceAssociationBrokerSvc DevicesFlowUserSvc ConsentUxUserSvc DevicePickerUserSvc [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=DcomLaunch DeviceInstall "PrintWorkflow"=PrintWorkflowUserSvc "AarSvcGroup"=AarSvc "DevicesFlow"=DeviceAssociationBrokerSvc "smbsvcs"=lanmanserver ---------- | SvcHost - Netsvcs (Whitelist) ---------- | Software [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Acer] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Activision] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\AppDataLow] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Apple Inc.] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\AvastAdSDK] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Beam Team Games] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Blizzard Entertainment] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\BlueStacksInstaller] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\BraveSoftware] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\BugSplat] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Chromium] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Coffee Stain Studios] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Discord] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Epic Games] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\GameSpy] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Google] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Hasbro, Inc.] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Hubert Moszka] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Innersloth] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Intel] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\JavaSoft] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Kabam Montreal, Inc] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Khronos] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Kinetic Games] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Local AppWizard-Generated Applications] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Logitech] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Microsoft] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Mojang] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Mozilla] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Netscape] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Northwood] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\NVIDIA Corporation] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\ODBC] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\OEM] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\OpenAutomate] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\osu!] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Overwolf] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\paint.net] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Pathea Entertainment] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Petroglyph] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Piriform] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Policies] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\QtProject] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Razer] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Realtek] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\RegisteredApplications] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Rockstar Games] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Smartly Dressed Games] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Softvoile] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\SyncEngines] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\The Document Foundation] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Total Mayhem Games] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Twitch Desktop] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Ubisoft] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Unknown Worlds] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\UrsaMinor] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Valve] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\WinRAR] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\WinRAR SFX] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Wondershare] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Wow6432Node] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Accessibility] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Active Setup] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\ActiveMovie] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\ActiveSync] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\ASF Stream Descriptor File] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Assistance] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\AuthCookies] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Avalon.Graphics] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Clipboard] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\CommsAPHost] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Connection Manager] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\CTF] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\DeviceDirectory] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\DirectDraw] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\DirectInput] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\DirectX Diagnostic Tool] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Edge] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\EdgeUpdate] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\EventSystem] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\F12] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\FamilyStore] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Fax] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Feeds] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\FTP] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\GameBar] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\GameBarApi] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\IdentityCRL] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Ieak] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\IME] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Input] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\InputMethod] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\InputPersonalization] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Internet Connection Wizard] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Internet Explorer] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Internet Mail and News] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Keyboard] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\LanguageOverlay] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\MediaPlayer] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Microsoft Games] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Microsoft Management Console] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\MS Design Tools] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\MSDAIPP] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\MSF] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Multimedia] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\MVA] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Narrator] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\NGC] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Notepad] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Office] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\OneDrive] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Osk] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\PeerNet] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Personalization] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Phone] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Pim] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Poom] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\PowerShell] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\RAS AutoDial] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Remote Assistance] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\ResKit] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\RPM] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\ScreenMagnifier] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Sensors] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Shared] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Shared Tools] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Shell] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\SkyDrive] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Speech] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Speech Virtual] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Speech_OneCore] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Spelling] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\SQMClient] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\StorageLibrary] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\SystemCertificates] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\TabletTip] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\TPG] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Unified Store] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Unistore] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\UserData] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\UserDataService] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Visual Basic] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\WAB] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\WcmSvc] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\wfs] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Windows] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Windows Defender Security Center] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Windows Media] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Windows NT] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Windows Script] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Windows Script Host] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Windows Search] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Windows Security Health] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\Wisp] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\XboxLive] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Microsoft\Windows\AssignedAccessConfiguration] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Microsoft\Windows\Winlogon] [HKU\S-1-5-21-86999783-108695983-2164099147-1001\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\AGEIA Technologies] [HKLM\Software\Apple Inc.] [HKLM\Software\BlueStacksInstaller] [HKLM\Software\cl2021.upgrade] [HKLM\Software\Clients] [HKLM\Software\CPUID] [HKLM\Software\CVSM] [HKLM\Software\DefaultUserEnvironment] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\Google] [HKLM\Software\Hewlett-Packard] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Khronos] [HKLM\Software\LibreOffice] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\mozilla.org] [HKLM\Software\MozillaPlugins] [HKLM\Software\Norton] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\OpenSSH] [HKLM\Software\Oracle] [HKLM\Software\Partner] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Razer] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Rockstar Games] [HKLM\Software\RTLSetup] [HKLM\Software\SNC] [HKLM\Software\Symantec] [HKLM\Software\The Document Foundation] [HKLM\Software\Windows] [HKLM\Software\WinRAR] [HKLM\Software\Wondershare] [HKLM\Software\WOW6432Node] [HKLM\SOFTWARE\Microsoft\.NETFramework] [HKLM\SOFTWARE\Microsoft\0E4820BD18CC4CC5] [HKLM\SOFTWARE\Microsoft\9d4c2f636f067f89] [HKLM\SOFTWARE\Microsoft\a0b923820dcc509a] [HKLM\SOFTWARE\Microsoft\AccountsControl] [HKLM\SOFTWARE\Microsoft\Active Setup] [HKLM\SOFTWARE\Microsoft\ActiveSync] [HKLM\SOFTWARE\Microsoft\ADs] [HKLM\SOFTWARE\Microsoft\Advanced INF Setup] [HKLM\SOFTWARE\Microsoft\ALG] [HKLM\SOFTWARE\Microsoft\AllUserInstallAgent] [HKLM\SOFTWARE\Microsoft\AMSI] [HKLM\SOFTWARE\Microsoft\Analog] [HKLM\SOFTWARE\Microsoft\AppModel] [HKLM\SOFTWARE\Microsoft\AppServiceProtocols] [HKLM\SOFTWARE\Microsoft\AppVISV] [HKLM\SOFTWARE\Microsoft\ASP.NET] [HKLM\SOFTWARE\Microsoft\Assistance] [HKLM\SOFTWARE\Microsoft\AuthHost] [HKLM\SOFTWARE\Microsoft\BidInterface] [HKLM\SOFTWARE\Microsoft\BitLockerCsp] [HKLM\SOFTWARE\Microsoft\CallAndMessagingEnhancement] [HKLM\SOFTWARE\Microsoft\Cellular] [HKLM\SOFTWARE\Microsoft\Chkdsk] [HKLM\SOFTWARE\Microsoft\Clipboard] [HKLM\SOFTWARE\Microsoft\ClipboardServer] [HKLM\SOFTWARE\Microsoft\CloudManagedUpdate] [HKLM\SOFTWARE\Microsoft\COM3] [HKLM\SOFTWARE\Microsoft\Command Processor] [HKLM\SOFTWARE\Microsoft\CommsAPHost] [HKLM\SOFTWARE\Microsoft\CoreShell] [HKLM\SOFTWARE\Microsoft\Cryptography] [HKLM\SOFTWARE\Microsoft\CTF] [HKLM\SOFTWARE\Microsoft\DataAccess] [HKLM\SOFTWARE\Microsoft\DataCollection] [HKLM\SOFTWARE\Microsoft\DataSharing] [HKLM\SOFTWARE\Microsoft\DDDS] [HKLM\SOFTWARE\Microsoft\DevDiv] [HKLM\SOFTWARE\Microsoft\Device Association Framework] [HKLM\SOFTWARE\Microsoft\DeviceReg] [HKLM\SOFTWARE\Microsoft\Dfrg] [HKLM\SOFTWARE\Microsoft\DFS] [HKLM\SOFTWARE\Microsoft\DiagnosticLogCSP] [HKLM\SOFTWARE\Microsoft\DirectDraw] [HKLM\SOFTWARE\Microsoft\DirectInput] [HKLM\SOFTWARE\Microsoft\DirectMusic] [HKLM\SOFTWARE\Microsoft\DirectPlay8] [HKLM\SOFTWARE\Microsoft\DirectPlayNATHelp] [HKLM\SOFTWARE\Microsoft\DirectShow] [HKLM\SOFTWARE\Microsoft\DirectX] [HKLM\SOFTWARE\Microsoft\DiskSnapshot] [HKLM\SOFTWARE\Microsoft\Driver Signing] [HKLM\SOFTWARE\Microsoft\DRM] [HKLM\SOFTWARE\Microsoft\DusmSvc] [HKLM\SOFTWARE\Microsoft\DVDNavigator] [HKLM\SOFTWARE\Microsoft\DVR] [HKLM\SOFTWARE\Microsoft\DXP] [HKLM\SOFTWARE\Microsoft\EAPSIMMethods] [HKLM\SOFTWARE\Microsoft\Edge] [HKLM\SOFTWARE\Microsoft\Enrollment] [HKLM\SOFTWARE\Microsoft\Enrollments] [HKLM\SOFTWARE\Microsoft\EnterpriseCertificates] [HKLM\SOFTWARE\Microsoft\EnterpriseResourceManager] [HKLM\SOFTWARE\Microsoft\EventSounds] [HKLM\SOFTWARE\Microsoft\EventSystem] [HKLM\SOFTWARE\Microsoft\F12] [HKLM\SOFTWARE\Microsoft\FamilyStore] [HKLM\SOFTWARE\Microsoft\Fax] [HKLM\SOFTWARE\Microsoft\FaxServer] [HKLM\SOFTWARE\Microsoft\Feeds] [HKLM\SOFTWARE\Microsoft\FilePicker] [HKLM\SOFTWARE\Microsoft\FilterDS] [HKLM\SOFTWARE\Microsoft\FingerKB] [HKLM\SOFTWARE\Microsoft\FTH] [HKLM\SOFTWARE\Microsoft\Function Discovery] [HKLM\SOFTWARE\Microsoft\Fusion] [HKLM\SOFTWARE\Microsoft\FuzzyDS] [HKLM\SOFTWARE\Microsoft\GameOverlay] [HKLM\SOFTWARE\Microsoft\GamingServices] [HKLM\SOFTWARE\Microsoft\HTMLHelp] [HKLM\SOFTWARE\Microsoft\Hvsi] [HKLM\SOFTWARE\Microsoft\IdentityCRL] [HKLM\SOFTWARE\Microsoft\IdentityStore] [HKLM\SOFTWARE\Microsoft\IHDS] [HKLM\SOFTWARE\Microsoft\ImageTimeSettings] [HKLM\SOFTWARE\Microsoft\IMAPI] [HKLM\SOFTWARE\Microsoft\IME] [HKLM\SOFTWARE\Microsoft\IMEJP] [HKLM\SOFTWARE\Microsoft\IMEKR] [HKLM\SOFTWARE\Microsoft\IMETC] [HKLM\SOFTWARE\Microsoft\InProcLogger] [HKLM\SOFTWARE\Microsoft\Input] [HKLM\SOFTWARE\Microsoft\InputMethod] [HKLM\SOFTWARE\Microsoft\InputPersonalization] [HKLM\SOFTWARE\Microsoft\Internet Account Manager] [HKLM\SOFTWARE\Microsoft\Internet Domains] [HKLM\SOFTWARE\Microsoft\Internet Explorer] [HKLM\SOFTWARE\Microsoft\IsoBurn] [HKLM\SOFTWARE\Microsoft\KGL] [HKLM\SOFTWARE\Microsoft\LanguageOverlay] [HKLM\SOFTWARE\Microsoft\LexiconUpdate] [HKLM\SOFTWARE\Microsoft\LPKSetup] [HKLM\SOFTWARE\Microsoft\Managed Desktop] [HKLM\SOFTWARE\Microsoft\MdmCommon] [HKLM\SOFTWARE\Microsoft\MdmDiagnostics] [HKLM\SOFTWARE\Microsoft\MediaEngine] [HKLM\SOFTWARE\Microsoft\MediaPlayer] [HKLM\SOFTWARE\Microsoft\MemoryDiagnostic] [HKLM\SOFTWARE\Microsoft\Messaging] [HKLM\SOFTWARE\Microsoft\MessengerService] [HKLM\SOFTWARE\Microsoft\Microsoft Camera Codec Pack] [HKLM\SOFTWARE\Microsoft\Microsoft SQL Server Compact Edition] [HKLM\SOFTWARE\Microsoft\MicrosoftEdge] [HKLM\SOFTWARE\Microsoft\MiracastReceiver] [HKLM\SOFTWARE\Microsoft\MMC] [HKLM\SOFTWARE\Microsoft\Mobile] [HKLM\SOFTWARE\Microsoft\MpSigStub] [HKLM\SOFTWARE\Microsoft\MSBuild] [HKLM\SOFTWARE\Microsoft\MSDE] [HKLM\SOFTWARE\Microsoft\MSDRM] [HKLM\SOFTWARE\Microsoft\MSDTC] [HKLM\SOFTWARE\Microsoft\MSF] [HKLM\SOFTWARE\Microsoft\MSIME] [HKLM\SOFTWARE\Microsoft\MSLicensing] [HKLM\SOFTWARE\Microsoft\MSMQ] [HKLM\SOFTWARE\Microsoft\MSN Apps] [HKLM\SOFTWARE\Microsoft\MTF] [HKLM\SOFTWARE\Microsoft\MTFFuzzyFactors] [HKLM\SOFTWARE\Microsoft\MTFInputType] [HKLM\SOFTWARE\Microsoft\MTFKeyboardMappings] [HKLM\SOFTWARE\Microsoft\Multimedia] [HKLM\SOFTWARE\Microsoft\Multivariant] [HKLM\SOFTWARE\Microsoft\NET Framework Setup] [HKLM\SOFTWARE\Microsoft\NetSh] [HKLM\SOFTWARE\Microsoft\Network] [HKLM\SOFTWARE\Microsoft\Non-Driver Signing] [HKLM\SOFTWARE\Microsoft\Notepad] [HKLM\SOFTWARE\Microsoft\ODBC] [HKLM\SOFTWARE\Microsoft\OEM] [HKLM\SOFTWARE\Microsoft\Office] [HKLM\SOFTWARE\Microsoft\OfficeCSP] [HKLM\SOFTWARE\Microsoft\OfficeSoftwareProtectionPlatform] [HKLM\SOFTWARE\Microsoft\Ole] [HKLM\SOFTWARE\Microsoft\OnlineProviders] [HKLM\SOFTWARE\Microsoft\Outlook Express] [HKLM\SOFTWARE\Microsoft\Palm] [HKLM\SOFTWARE\Microsoft\Personalization] [HKLM\SOFTWARE\Microsoft\Phone] [HKLM\SOFTWARE\Microsoft\Photos] [HKLM\SOFTWARE\Microsoft\Pim] [HKLM\SOFTWARE\Microsoft\PLA] [HKLM\SOFTWARE\Microsoft\PlayToReceiver] [HKLM\SOFTWARE\Microsoft\PointOfService] [HKLM\SOFTWARE\Microsoft\Policies] [HKLM\SOFTWARE\Microsoft\PolicyManager] [HKLM\SOFTWARE\Microsoft\Poom] [HKLM\SOFTWARE\Microsoft\PowerShell] [HKLM\SOFTWARE\Microsoft\Print] [HKLM\SOFTWARE\Microsoft\Provisioning] [HKLM\SOFTWARE\Microsoft\PushRouter] [HKLM\SOFTWARE\Microsoft\RADAR] [HKLM\SOFTWARE\Microsoft\Ras] [HKLM\SOFTWARE\Microsoft\RAS AutoDial] [HKLM\SOFTWARE\Microsoft\RcsPresence] [HKLM\SOFTWARE\Microsoft\Reliability Analysis] [HKLM\SOFTWARE\Microsoft\Remediation] [HKLM\SOFTWARE\Microsoft\RemovalTools] [HKLM\SOFTWARE\Microsoft\RendezvousApps] [HKLM\SOFTWARE\Microsoft\Router] [HKLM\SOFTWARE\Microsoft\Rpc] [HKLM\SOFTWARE\Microsoft\SchedulingAgent] [HKLM\SOFTWARE\Microsoft\Schema Library] [HKLM\SOFTWARE\Microsoft\Security Center] [HKLM\SOFTWARE\Microsoft\SecurityManager] [HKLM\SOFTWARE\Microsoft\SEMgr] [HKLM\SOFTWARE\Microsoft\Sensors] [HKLM\SOFTWARE\Microsoft\Shared] [HKLM\SOFTWARE\Microsoft\Shared Tools] [HKLM\SOFTWARE\Microsoft\Shared Tools Location] [HKLM\SOFTWARE\Microsoft\Shell] [HKLM\SOFTWARE\Microsoft\SIH] [HKLM\SOFTWARE\Microsoft\Siuf] [HKLM\SOFTWARE\Microsoft\Software] [HKLM\SOFTWARE\Microsoft\Speech] [HKLM\SOFTWARE\Microsoft\Speech_OneCore] [HKLM\SOFTWARE\Microsoft\SQMClient] [HKLM\SOFTWARE\Microsoft\StrongName] [HKLM\SOFTWARE\Microsoft\Sync Framework] [HKLM\SOFTWARE\Microsoft\Sysprep] [HKLM\SOFTWARE\Microsoft\SystemCertificates] [HKLM\SOFTWARE\Microsoft\SystemSettings] [HKLM\SOFTWARE\Microsoft\TableTextService] [HKLM\SOFTWARE\Microsoft\TabletTip] [HKLM\SOFTWARE\Microsoft\TaskFlowDataEngine] [HKLM\SOFTWARE\Microsoft\Tcpip] [HKLM\SOFTWARE\Microsoft\TelemetryClient] [HKLM\SOFTWARE\Microsoft\Terminal Server Client] [HKLM\SOFTWARE\Microsoft\TermServLicensing] [HKLM\SOFTWARE\Microsoft\TouchPrediction] [HKLM\SOFTWARE\Microsoft\TPG] [HKLM\SOFTWARE\Microsoft\Tpm] [HKLM\SOFTWARE\Microsoft\Tracing] [HKLM\SOFTWARE\Microsoft\Transaction Server] [HKLM\SOFTWARE\Microsoft\TV System Services] [HKLM\SOFTWARE\Microsoft\uDRM] [HKLM\SOFTWARE\Microsoft\Unified Store] [HKLM\SOFTWARE\Microsoft\UNP] [HKLM\SOFTWARE\Microsoft\UPnP Control Point] [HKLM\SOFTWARE\Microsoft\UPnP Device Host] [HKLM\SOFTWARE\Microsoft\UserData] [HKLM\SOFTWARE\Microsoft\UserManager] [HKLM\SOFTWARE\Microsoft\Virtual Machine] [HKLM\SOFTWARE\Microsoft\VisualStudio] [HKLM\SOFTWARE\Microsoft\WAB] [HKLM\SOFTWARE\Microsoft\Wallet] [HKLM\SOFTWARE\Microsoft\Wbem] [HKLM\SOFTWARE\Microsoft\WcmSvc] [HKLM\SOFTWARE\Microsoft\WIMMount] [HKLM\SOFTWARE\Microsoft\Windows] [HKLM\SOFTWARE\Microsoft\Windows Defender] [HKLM\SOFTWARE\Microsoft\Windows Defender Security Center] [HKLM\SOFTWARE\Microsoft\Windows Desktop Search] [HKLM\SOFTWARE\Microsoft\Windows Mail] [HKLM\SOFTWARE\Microsoft\Windows Media Device Manager] [HKLM\SOFTWARE\Microsoft\Windows Media Foundation] [HKLM\SOFTWARE\Microsoft\Windows Media Player NSS] [HKLM\SOFTWARE\Microsoft\Windows Messaging Subsystem] [HKLM\SOFTWARE\Microsoft\Windows NT] [HKLM\SOFTWARE\Microsoft\Windows Performance Toolkit] [HKLM\SOFTWARE\Microsoft\Windows Photo Viewer] [HKLM\SOFTWARE\Microsoft\Windows Portable Devices] [HKLM\SOFTWARE\Microsoft\Windows Script Host] [HKLM\SOFTWARE\Microsoft\Windows Search] [HKLM\SOFTWARE\Microsoft\Windows Security Health] [HKLM\SOFTWARE\Microsoft\WindowsRuntime] [HKLM\SOFTWARE\Microsoft\WindowsSelfHost] [HKLM\SOFTWARE\Microsoft\WindowsUpdate] [HKLM\SOFTWARE\Microsoft\Wisp] [HKLM\SOFTWARE\Microsoft\WlanSvc] [HKLM\SOFTWARE\Microsoft\Wlpasvc] [HKLM\SOFTWARE\Microsoft\Wow64] [HKLM\SOFTWARE\Microsoft\WSDAPI] [HKLM\SOFTWARE\Microsoft\WwanSvc] [HKLM\SOFTWARE\Microsoft\XAML] [HKLM\SOFTWARE\Microsoft\XboxGameSaveStorage] [HKLM\SOFTWARE\Microsoft\XboxLive] [HKLM\SOFTWARE\Microsoft\XGameSaveStorage] [HKLM\Software\Microsoft\Windows\Autopilot] [HKLM\Software\Microsoft\Windows\ClickNote] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\Dwm] [HKLM\Software\Microsoft\Windows\DynamicManagement] [HKLM\Software\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\Microsoft\Windows\Heat] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\NcsiUwpApp] [HKLM\Software\Microsoft\Windows\Notepad] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\UpdateApi] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AarSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\autotimesvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BcastDVRUserService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\btagservice] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BthAppGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\Camera] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ClipboardSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\DevicesFlow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\diagnostics] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GraphicsPerfSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\rdxgroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\RmSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UdkSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs] [HKLM\Software\WOW6432Node\AGEIA Technologies] [HKLM\Software\WOW6432Node\Apple Inc.] [HKLM\Software\WOW6432Node\Bitdefender Agent] [HKLM\Software\WOW6432Node\Blizzard Entertainment] [HKLM\Software\WOW6432Node\BraveSoftware] [HKLM\Software\WOW6432Node\Cyberlink] [HKLM\Software\WOW6432Node\DroidCam] [HKLM\Software\WOW6432Node\EasyAntiCheat] [HKLM\Software\WOW6432Node\Epic Games] [HKLM\Software\WOW6432Node\EpicGames] [HKLM\Software\WOW6432Node\Gameforge4d] [HKLM\Software\WOW6432Node\GOG.com] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\LucasArts] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\NVIDIA Corporation] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\OEM] [HKLM\Software\WOW6432Node\Overwolf] [HKLM\Software\WOW6432Node\Razer] [HKLM\Software\WOW6432Node\Razer Chroma SDK] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\Rockstar Games] [HKLM\Software\WOW6432Node\Symantec] [HKLM\Software\WOW6432Node\Ubisoft] [HKLM\Software\WOW6432Node\Valve] [HKLM\Software\WOW6432Node\WafCX] [HKLM\Software\WOW6432Node\Wondershare] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\.NETFramework] [HKLM\Software\WOW6432Node\Microsoft\Active Setup] [HKLM\Software\WOW6432Node\Microsoft\ADs] [HKLM\Software\WOW6432Node\Microsoft\Advanced INF Setup] [HKLM\Software\WOW6432Node\Microsoft\AMSI] [HKLM\Software\WOW6432Node\Microsoft\AppServiceProtocols] [HKLM\Software\WOW6432Node\Microsoft\ASP.NET] [HKLM\Software\WOW6432Node\Microsoft\Assistance] [HKLM\Software\WOW6432Node\Microsoft\AudioCompressionManager] [HKLM\Software\WOW6432Node\Microsoft\AuthHost] [HKLM\Software\WOW6432Node\Microsoft\BidInterface] [HKLM\Software\WOW6432Node\Microsoft\BitLockerCsp] [HKLM\Software\WOW6432Node\Microsoft\ClipboardServer] [HKLM\Software\WOW6432Node\Microsoft\Command Processor] [HKLM\Software\WOW6432Node\Microsoft\Cryptography] [HKLM\Software\WOW6432Node\Microsoft\CTF] [HKLM\Software\WOW6432Node\Microsoft\DataAccess] [HKLM\Software\WOW6432Node\Microsoft\DevDiv] [HKLM\Software\WOW6432Node\Microsoft\Device Association Framework] [HKLM\Software\WOW6432Node\Microsoft\Direct3D] [HKLM\Software\WOW6432Node\Microsoft\DirectDraw] [HKLM\Software\WOW6432Node\Microsoft\DirectInput] [HKLM\Software\WOW6432Node\Microsoft\DirectMusic] [HKLM\Software\WOW6432Node\Microsoft\DirectPlay] [HKLM\Software\WOW6432Node\Microsoft\DirectPlay8] [HKLM\Software\WOW6432Node\Microsoft\DirectPlayNATHelp] [HKLM\Software\WOW6432Node\Microsoft\DirectShow] [HKLM\Software\WOW6432Node\Microsoft\DirectX] [HKLM\Software\WOW6432Node\Microsoft\DRM] [HKLM\Software\WOW6432Node\Microsoft\DVDNavigator] [HKLM\Software\WOW6432Node\Microsoft\DVR] [HKLM\Software\WOW6432Node\Microsoft\EAPSIMMethods] [HKLM\Software\WOW6432Node\Microsoft\Edge] [HKLM\Software\WOW6432Node\Microsoft\EdgeUpdate] [HKLM\Software\WOW6432Node\Microsoft\ENROLLMENTS] [HKLM\Software\WOW6432Node\Microsoft\EnterpriseResourceManager] [HKLM\Software\WOW6432Node\Microsoft\Exchange] [HKLM\Software\WOW6432Node\Microsoft\F12] [HKLM\Software\WOW6432Node\Microsoft\Fax] [HKLM\Software\WOW6432Node\Microsoft\Feeds] [HKLM\Software\WOW6432Node\Microsoft\FilePicker] [HKLM\Software\WOW6432Node\Microsoft\Function Discovery] [HKLM\Software\WOW6432Node\Microsoft\Fusion] [HKLM\Software\WOW6432Node\Microsoft\GameOverlay] [HKLM\Software\WOW6432Node\Microsoft\HTMLHelp] [HKLM\Software\WOW6432Node\Microsoft\IdentityCRL] [HKLM\Software\WOW6432Node\Microsoft\IdentityStore] [HKLM\Software\WOW6432Node\Microsoft\IMAPI] [HKLM\Software\WOW6432Node\Microsoft\IME] [HKLM\Software\WOW6432Node\Microsoft\IMEJP] [HKLM\Software\WOW6432Node\Microsoft\IMEKR] [HKLM\Software\WOW6432Node\Microsoft\IMETC] [HKLM\Software\WOW6432Node\Microsoft\InputMethod] [HKLM\Software\WOW6432Node\Microsoft\InputPersonalization] [HKLM\Software\WOW6432Node\Microsoft\Internet Account Manager] [HKLM\Software\WOW6432Node\Microsoft\Internet Domains] [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer] [HKLM\Software\WOW6432Node\Microsoft\IsoBurn] [HKLM\Software\WOW6432Node\Microsoft\Jet] [HKLM\Software\WOW6432Node\Microsoft\MediaEngine] [HKLM\Software\WOW6432Node\Microsoft\MediaPlayer] [HKLM\Software\WOW6432Node\Microsoft\MessengerService] [HKLM\Software\WOW6432Node\Microsoft\Microsoft Camera Codec Pack] [HKLM\Software\WOW6432Node\Microsoft\Microsoft Games] [HKLM\Software\WOW6432Node\Microsoft\Microsoft SQL Server Compact Edition] [HKLM\Software\WOW6432Node\Microsoft\MiracastReceiver] [HKLM\Software\WOW6432Node\Microsoft\MMC] [HKLM\Software\WOW6432Node\Microsoft\MSBuild] [HKLM\Software\WOW6432Node\Microsoft\MSDE] [HKLM\Software\WOW6432Node\Microsoft\MSDRM] [HKLM\Software\WOW6432Node\Microsoft\MSDTC] [HKLM\Software\WOW6432Node\Microsoft\MSF] [HKLM\Software\WOW6432Node\Microsoft\MSLicensing] [HKLM\Software\WOW6432Node\Microsoft\MSN Apps] [HKLM\Software\WOW6432Node\Microsoft\Multimedia] [HKLM\Software\WOW6432Node\Microsoft\NET Framework Setup] [HKLM\Software\WOW6432Node\Microsoft\NetSh] [HKLM\Software\WOW6432Node\Microsoft\Network] [HKLM\Software\WOW6432Node\Microsoft\Notepad] [HKLM\Software\WOW6432Node\Microsoft\ODBC] [HKLM\Software\WOW6432Node\Microsoft\OEM] [HKLM\Software\WOW6432Node\Microsoft\Office] [HKLM\Software\WOW6432Node\Microsoft\Office Server] [HKLM\Software\WOW6432Node\Microsoft\OfficeSoftwareProtectionPlatform] [HKLM\Software\WOW6432Node\Microsoft\OnlineProviders] [HKLM\Software\WOW6432Node\Microsoft\Outlook Express] [HKLM\Software\WOW6432Node\Microsoft\Palm] [HKLM\Software\WOW6432Node\Microsoft\Personalization] [HKLM\Software\WOW6432Node\Microsoft\Photos] [HKLM\Software\WOW6432Node\Microsoft\PLA] [HKLM\Software\WOW6432Node\Microsoft\Policies] [HKLM\Software\WOW6432Node\Microsoft\PowerShell] [HKLM\Software\WOW6432Node\Microsoft\Print] [HKLM\Software\WOW6432Node\Microsoft\Provisioning] [HKLM\Software\WOW6432Node\Microsoft\RADAR] [HKLM\Software\WOW6432Node\Microsoft\RendezvousApps] [HKLM\Software\WOW6432Node\Microsoft\RFC1156Agent] [HKLM\Software\WOW6432Node\Microsoft\SchedulingAgent] [HKLM\Software\WOW6432Node\Microsoft\Security Center] [HKLM\Software\WOW6432Node\Microsoft\Sensors] [HKLM\Software\WOW6432Node\Microsoft\Shared Tools] [HKLM\Software\WOW6432Node\Microsoft\Shared Tools Location] [HKLM\Software\WOW6432Node\Microsoft\Software] [HKLM\Software\WOW6432Node\Microsoft\SPEECH] [HKLM\Software\WOW6432Node\Microsoft\Speech_OneCore] [HKLM\Software\WOW6432Node\Microsoft\SQMClient] [HKLM\Software\WOW6432Node\Microsoft\Sync Framework] [HKLM\Software\WOW6432Node\Microsoft\SystemSettings] [HKLM\Software\WOW6432Node\Microsoft\TableTextService] [HKLM\Software\WOW6432Node\Microsoft\TabletTip] [HKLM\Software\WOW6432Node\Microsoft\Tcpip] [HKLM\Software\WOW6432Node\Microsoft\Terminal Server Client] [HKLM\Software\WOW6432Node\Microsoft\TouchPrediction] [HKLM\Software\WOW6432Node\Microsoft\TPG] [HKLM\Software\WOW6432Node\Microsoft\Tpm] [HKLM\Software\WOW6432Node\Microsoft\Tracing] [HKLM\Software\WOW6432Node\Microsoft\TV System Services] [HKLM\Software\WOW6432Node\Microsoft\uDRM] [HKLM\Software\WOW6432Node\Microsoft\Updates] [HKLM\Software\WOW6432Node\Microsoft\UPnP Control Point] [HKLM\Software\WOW6432Node\Microsoft\UPnP Device Host] [HKLM\Software\WOW6432Node\Microsoft\VisualStudio] [HKLM\Software\WOW6432Node\Microsoft\WAB] [HKLM\Software\WOW6432Node\Microsoft\WBEM] [HKLM\Software\WOW6432Node\Microsoft\WIMMount] [HKLM\Software\WOW6432Node\Microsoft\Windows] [HKLM\Software\WOW6432Node\Microsoft\Windows Desktop Search] [HKLM\Software\WOW6432Node\Microsoft\Windows Mail] [HKLM\Software\WOW6432Node\Microsoft\Windows Media Device Manager] [HKLM\Software\WOW6432Node\Microsoft\Windows Media Foundation] [HKLM\Software\WOW6432Node\Microsoft\Windows Media Player NSS] [HKLM\Software\WOW6432Node\Microsoft\Windows Messaging Subsystem] [HKLM\Software\WOW6432Node\Microsoft\Windows NT] [HKLM\Software\WOW6432Node\Microsoft\Windows Photo Viewer] [HKLM\Software\WOW6432Node\Microsoft\Windows Portable Devices] [HKLM\Software\WOW6432Node\Microsoft\Windows Script Host] [HKLM\Software\WOW6432Node\Microsoft\WindowsRuntime] [HKLM\Software\WOW6432Node\Microsoft\WindowsUpdate] [HKLM\Software\WOW6432Node\Microsoft\Wisp] [HKLM\Software\WOW6432Node\Microsoft\WlanSvc] [HKLM\Software\WOW6432Node\Microsoft\WSDAPI] [HKLM\Software\WOW6432Node\Microsoft\Cellular] [HKLM\Software\WOW6432Node\Microsoft\COM3] [HKLM\Software\WOW6432Node\Microsoft\DeviceReg] [HKLM\Software\WOW6432Node\Microsoft\DFS] [HKLM\Software\WOW6432Node\Microsoft\Driver Signing] [HKLM\Software\WOW6432Node\Microsoft\EnterpriseCertificates] [HKLM\Software\WOW6432Node\Microsoft\EventSystem] [HKLM\Software\WOW6432Node\Microsoft\FingerKB] [HKLM\Software\WOW6432Node\Microsoft\FuzzyDS] [HKLM\Software\WOW6432Node\Microsoft\Input] [HKLM\Software\WOW6432Node\Microsoft\LanguageOverlay] [HKLM\Software\WOW6432Node\Microsoft\Messaging] [HKLM\Software\WOW6432Node\Microsoft\MSMQ] [HKLM\Software\WOW6432Node\Microsoft\MTF] [HKLM\Software\WOW6432Node\Microsoft\MTFFuzzyFactors] [HKLM\Software\WOW6432Node\Microsoft\MTFInputType] [HKLM\Software\WOW6432Node\Microsoft\MTFKeyboardMappings] [HKLM\Software\WOW6432Node\Microsoft\Non-Driver Signing] [HKLM\Software\WOW6432Node\Microsoft\Ole] [HKLM\Software\WOW6432Node\Microsoft\Phone] [HKLM\Software\WOW6432Node\Microsoft\Pim] [HKLM\Software\WOW6432Node\Microsoft\Poom] [HKLM\Software\WOW6432Node\Microsoft\Ras] [HKLM\Software\WOW6432Node\Microsoft\Rpc] [HKLM\Software\WOW6432Node\Microsoft\SecurityManager] [HKLM\Software\WOW6432Node\Microsoft\Semgr] [HKLM\Software\WOW6432Node\Microsoft\Shell] [HKLM\Software\WOW6432Node\Microsoft\SystemCertificates] [HKLM\Software\WOW6432Node\Microsoft\TermServLicensing] [HKLM\Software\WOW6432Node\Microsoft\Transaction Server] [HKLM\Software\WOW6432Node\Microsoft\Unified Store] [HKLM\Software\WOW6432Node\Microsoft\UserData] [HKLM\Software\WOW6432Node\Microsoft\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\XAML] [HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\Dwm] [HKLM\Software\WOW6432Node\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\WOW6432Node\Microsoft\Windows\Heat] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\UpdateApi] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\AarSvc] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs] ---------- | Drives D: ---------- | C: [07/12/2019 11:14:52] - |SHD| - [13399294] - C:\$Recycle.Bin [23/12/2020 02:39:22] - |HD| - [31073063] - C:\$SysReset [29/12/2020 18:54:26] - |HD| - [0] - C:\$WinREAgent [23/12/2020 06:25:45] - |SHD| - [0] - C:\Documents and Settings [MD5.F47B2C2C9007844E24E70DAC73A17839] - [23/12/2020 06:16:44] - |ASH| - (.-.) - [8192] - (0.0.0.0) - C:\DumpStack.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [23/12/2020 06:16:44] - |ASH| - (.-.) - [8192] - (0.0.0.0) - C:\DumpStack.log.tmp [07/04/2021 10:05:51] - |D| - [16866225811] - C:\epic games [MD5.D41D8CD98F00B204E9800998ECF8427E] - [23/12/2020 06:25:03] - |ASH| - (.-.) - [3401572352] - (0.0.0.0) - C:\hiberfil.sys [23/12/2020 06:16:56] - |SHD| - [1050416] - C:\IntelOptaneData [23/12/2020 05:51:17] - |HD| - [975479160] - C:\OEM [23/12/2020 10:45:42] - |HD| - [0] - C:\OneDriveTemp [MD5.D41D8CD98F00B204E9800998ECF8427E] - [26/06/2021 02:57:49] - |ASH| - (.-.) - [11274289152] - (0.0.0.0) - C:\pagefile.sys [07/12/2019 11:14:52] - |HD| - [0] - C:\PerfLogs [07/12/2019 11:14:52] - |RD| - [10075319517] - C:\Program Files [07/12/2019 11:14:52] - |RD| - [61174248530] - C:\Program Files (x86) [07/12/2019 11:14:52] - |HD| - [5028799513] - C:\ProgramData [26/06/2021 14:37:39] - |D| - [33] - C:\QuickDiag [MD5.9A477D13997D352061366C2B8B4BB31B] - [26/06/2021 14:37:43] - |A| - (.-.) - [201558] - (0.0.0.0) - C:\QuickDiag.txt [15/01/2020 03:31:04] - |HD| - [3715953670] - C:\Recovery [01/01/2021 23:38:31] - |D| - [14506645170] - C:\Riot Games [MD5.D41D8CD98F00B204E9800998ECF8427E] - [15/01/2020 02:34:56] - |ASH| - (.-.) - [16777216] - (0.0.0.0) - C:\swapfile.sys [11/12/2019 01:14:23] - |SHD| - [0] - C:\System Volume Information [11/06/2021 12:45:48] - |D| - [105648] - C:\temp [07/12/2019 11:03:44] - |D| - [49076204319] - C:\Users [07/12/2019 11:03:44] - |D| - [26980462865] - C:\Windows ---------- | C:\Windows [07/12/2019 16:51:10] - |D| - [802] - C:\Windows\addins [07/12/2019 11:14:52] - |D| - [18499752] - C:\Windows\appcompat [07/12/2019 11:14:52] - |D| - [10216354] - C:\Windows\apppatch [07/12/2019 11:14:52] - |D| - [0] - C:\Windows\AppReadiness [07/12/2019 11:14:52] - |RSD| - [1164447827] - C:\Windows\assembly [07/12/2019 11:14:52] - |D| - [785153] - C:\Windows\bcastdvr [MD5.862251351EC170BB3BD59CB219491811] - [15/01/2021 14:18:10] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [77824] - (10.0.19041.746) - C:\Windows\bfsvc.exe [07/12/2019 11:14:52] - |D| - [40901938] - C:\Windows\Boot [MD5.F4C6312D57C83FB131B8F6008B1D21ED] - [23/12/2020 03:08:04] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\Windows\bootstat.dat [07/12/2019 11:14:52] - |D| - [2458608] - C:\Windows\Branding [07/12/2019 11:03:44] - |D| - [0] - C:\Windows\CbsTemp [MD5.5E85BDEC43F4DBEBB4142D77DA3DD9A7] - [18/07/2019 07:04:07] - |A| - (.-.) - [41] - (0.0.0.0) - C:\Windows\ChangeLang_Done.tag [07/12/2019 11:14:52] - |D| - [32147162] - C:\Windows\Containers [MD5.C6C52AF48A75DCC59644DC894D2F524E] - [07/12/2019 16:53:23] - |A| - (.-.) - [29857] - (0.0.0.0) - C:\Windows\Core.xml [MD5.D97EBDE12C4176C1C9B41ADE233FE385] - [11/12/2019 01:14:53] - |A| - (.-.) - [10] - (0.0.0.0) - C:\Windows\CSUP.txt [07/12/2019 11:14:52] - |D| - [11501377] - C:\Windows\Cursors [07/12/2019 11:14:52] - |D| - [13247399] - C:\Windows\debug [07/12/2019 11:14:52] - |D| - [4572753] - C:\Windows\diagnostics [07/12/2019 11:14:52] - |D| - [1701843] - C:\Windows\DiagTrack [07/12/2019 16:49:55] - |D| - [0] - C:\Windows\DigitalLocker [07/12/2019 11:14:52] - |SD| - [0] - C:\Windows\Downloaded Program Files [07/12/2019 11:14:52] - |HD| - [46688] - C:\Windows\ELAMBKUP [07/12/2019 16:49:55] - |D| - [98816] - C:\Windows\en-US [MD5.62022614D1D9290CD1069234F2A55CF8] - [26/06/2021 02:53:26] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4894336] - (10.0.19041.1081) - C:\Windows\explorer.exe [23/12/2020 02:58:01] - |D| - [12582912] - C:\Windows\Firmware [07/12/2019 11:14:52] - |RSD| - [450688350] - C:\Windows\Fonts [07/12/2019 16:49:55] - |D| - [111616] - C:\Windows\fr-FR [07/12/2019 11:14:52] - |D| - [0] - C:\Windows\GameBarPresenceWriter [07/12/2019 11:14:52] - |D| - [57013073] - C:\Windows\Globalization [07/12/2019 11:14:52] - |D| - [1893706] - C:\Windows\Help [MD5.86AE3BE50DF246C646DA76E7223A968E] - [15/04/2021 20:52:49] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [1076736] - (10.0.19041.906) - C:\Windows\HelpPane.exe [MD5.2C8FE78D53C8CA27523A71DFD2938241] - [07/12/2019 11:09:39] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [18432] - (10.0.19041.1) - C:\Windows\hh.exe [07/12/2019 11:14:52] - |D| - [30327] - C:\Windows\IdentityCRL [07/12/2019 11:14:52] - |D| - [28825030] - C:\Windows\IME [07/12/2019 11:14:52] - |RD| - [8178373] - C:\Windows\ImmersiveControlPanel [07/12/2019 11:13:02] - |D| - [73163466] - C:\Windows\INF [07/12/2019 11:14:52] - |D| - [38193580] - C:\Windows\InputMethod [07/12/2019 11:14:52] - |SHD| - [1278925668] - C:\Windows\Installer [07/12/2019 11:14:52] - |D| - [109650] - C:\Windows\L2Schemas [07/12/2019 11:14:52] - |HD| - [0] - C:\Windows\LanguageOverlayCache [07/12/2019 11:14:52] - |D| - [0] - C:\Windows\LiveKernelReports [07/12/2019 11:14:52] - |D| - [126672618] - C:\Windows\Logs [07/12/2019 11:14:52] - |RSD| - [20063519] - C:\Windows\Media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [07/12/2019 11:08:58] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\Windows\mib.bin [07/12/2019 11:14:52] - |RD| - [848223213] - C:\Windows\Microsoft.NET [07/12/2019 11:14:52] - |D| - [3323] - C:\Windows\Migration [09/01/2021 00:53:55] - |D| - [0] - C:\Windows\Minidump [07/12/2019 11:14:52] - |D| - [0] - C:\Windows\ModemLogs [18/07/2019 06:58:23] - |D| - [17274334] - C:\Windows\NAPP_Dism_Log [MD5.1C1760ED4D19CDBECB2398216922628B] - [26/06/2021 02:53:49] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [211968] - (10.0.19041.1081) - C:\Windows\notepad.exe [MD5.74F28574BB8F61FFC7DD419FE6B6E0D5] - [15/01/2020 02:50:05] - |A| - (.-.) - [1951] - (0.0.0.0) - C:\Windows\NvContainerRecovery.bat [07/12/2019 16:51:57] - |D| - [199472] - C:\Windows\OCR [23/12/2020 10:49:53] - |D| - [1260] - C:\Windows\oem [07/12/2019 11:14:52] - |RD| - [0] - C:\Windows\Offline Web Pages [23/12/2020 03:09:11] - |D| - [176338296] - C:\Windows\Panther [07/12/2019 11:14:52] - |D| - [412434] - C:\Windows\Performance [MD5.C3315BC5CE810A629C3AEDC2D3782924] - [23/12/2020 06:25:03] - |A| - (.-.) - [3112168] - (0.0.0.0) - C:\Windows\PFRO.log [07/12/2019 11:14:52] - |D| - [1283900] - C:\Windows\PLA [07/12/2019 11:14:52] - |D| - [3684371] - C:\Windows\PolicyDefinitions [23/12/2020 06:16:44] - |D| - [8595015] - C:\Windows\Prefetch [07/12/2019 11:14:52] - |RD| - [2234380] - C:\Windows\PrintDialog [07/12/2019 11:14:52] - |D| - [6067475] - C:\Windows\Provisioning [MD5.999A30979F6195BF562068639FFC4426] - [15/01/2021 14:19:01] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [370176] - (10.0.19041.746) - C:\Windows\regedit.exe [07/12/2019 11:14:52] - |D| - [22588] - C:\Windows\Registration [07/12/2019 11:14:52] - |D| - [20722128] - C:\Windows\rescache [07/12/2019 11:14:52] - |D| - [3677575] - C:\Windows\Resources [MD5.2F887699ECB55E01D486700FB67E8805] - [15/01/2020 03:11:57] - |A| - (.Copyright (C) 2017 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [2856800] - (1.0.7.2) - C:\Windows\RtlExUpd.dll [07/12/2019 11:14:52] - |D| - [0] - C:\Windows\SchCache [07/12/2019 11:14:52] - |D| - [126782] - C:\Windows\schemas [07/12/2019 11:14:52] - |D| - [5349376] - C:\Windows\security [23/12/2020 06:16:49] - |D| - [969594937] - C:\Windows\ServiceProfiles [07/12/2019 11:14:52] - |D| - [4096] - C:\Windows\ServiceState [07/12/2019 11:03:44] - |D| - [3321937181] - C:\Windows\servicing [07/12/2019 11:18:25] - |D| - [42] - C:\Windows\Setup [MD5.BDF580A2BF5CC1D61BB2BBFA7D8B81D6] - [26/06/2021 02:57:52] - |A| - (.-.) - [872] - (0.0.0.0) - C:\Windows\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [26/06/2021 02:57:52] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\setuperr.log [07/12/2019 11:14:52] - |D| - [5500416] - C:\Windows\ShellComponents [07/12/2019 11:14:52] - |D| - [19058688] - C:\Windows\ShellExperiences [07/12/2019 11:14:52] - |D| - [3070736] - C:\Windows\SKB [15/01/2020 02:37:26] - |D| - [81895076] - C:\Windows\SoftwareDistribution [07/12/2019 11:14:52] - |D| - [86040257] - C:\Windows\Speech [07/12/2019 11:14:52] - |D| - [64508236] - C:\Windows\Speech_OneCore [MD5.A0AE654E51F5879CB114B7B99B48B283] - [11/06/2021 18:01:46] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [136192] - (10.0.19041.1052) - C:\Windows\splwow64.exe [07/12/2019 11:14:52] - |D| - [31039] - C:\Windows\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [19/03/2019 06:49:35] - |A| - (.-.) - [219] - (0.0.0.0) - C:\Windows\system.ini [07/12/2019 11:03:44] - |D| - [7081019458] - C:\Windows\System32 [07/12/2019 11:14:52] - |D| - [147623454] - C:\Windows\SystemApps [07/12/2019 11:14:52] - |D| - [169339689] - C:\Windows\SystemResources [07/12/2019 11:14:52] - |D| - [1363747448] - C:\Windows\SysWOW64 [07/12/2019 11:14:52] - |D| - [0] - C:\Windows\TAPI [19/03/2019 06:52:46] - |D| - [6] - C:\Windows\Tasks [07/12/2019 11:14:52] - |D| - [5276825] - C:\Windows\Temp [19/03/2019 06:52:46] - |D| - [0] - C:\Windows\TextInput [07/12/2019 11:14:52] - |D| - [0] - C:\Windows\tracing [07/12/2019 11:14:52] - |D| - [7680] - C:\Windows\twain_32 [MD5.AFE119DD4E17891B227684F38AA25D4D] - [07/12/2019 11:10:00] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [65024] - (1.7.1.3) - C:\Windows\twain_32.dll [MD5.55A54008AD1BA589AA210D2629C1DF41] - [30/04/2021 09:41:40] - |A| - (.-.) - [1] - (0.0.0.0) - C:\Windows\vgkbootstatus.dat [07/12/2019 11:14:52] - |D| - [12420] - C:\Windows\Vss [07/12/2019 11:14:52] - |D| - [33190] - C:\Windows\WaaS [07/12/2019 11:14:52] - |D| - [17193176] - C:\Windows\Web [MD5.23CF8138F49416231807E6DE371FB9E6] - [19/03/2019 06:49:35] - |A| - (.-.) - [92] - (0.0.0.0) - C:\Windows\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [07/12/2019 11:09:09] - |RAH| - (.-.) - [670] - (0.0.0.0) - C:\Windows\WindowsShell.Manifest [MD5.2CC83D93DD1DDE691158CF5E9882420B] - [24/06/2021 20:42:43] - |A| - (.-.) - [276] - (0.0.0.0) - C:\Windows\WindowsUpdate.log [MD5.0629E6D130F226C009EA9AB329F37ACC] - [07/12/2019 11:10:00] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [11776] - (10.0.19041.1) - C:\Windows\winhlp32.exe [07/12/2019 11:03:44] - |D| - [9139970493] - C:\Windows\WinSxS [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [07/12/2019 11:10:11] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\Windows\WMSysPr9.prx [MD5.B947CCA7F485F6C1156F4D02E8C9874F] - [07/12/2019 16:52:21] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.19041.1) - C:\Windows\write.exe ---------- | C:\Windows\System32\GroupPolicy ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [04/05/2021 17:01:36] - C:\Windows\Installer\10b7a53f.msi : (iCloud Outlook Support - Apple Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [04/12/2017 12:08:02] - C:\Windows\Installer\13690.msi : (DriverSetupUtility - Acer Incorporated) [Header ok : D0CF11E0A1B11AE10000000000000000] [18/06/2020 12:28:42] - C:\Windows\Installer\14252bc.msi : (Epic Games Launcher Prerequisites (x64) - Epic Games, Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [06/07/2018 04:38:52] - C:\Windows\Installer\27c6d.msi : (Intel(R) Wireless Bluetooth(R) Patch/Audio Package Installation - Intel Corporation) [Header ok : D0CF11E0A1B11AE10000000000000000] [23/12/2020 12:16:49] - C:\Windows\Installer\3c086a.msi : (Minecraft Launcher - Mojang) [Header ok : D0CF11E0A1B11AE10000000000000000] [25/03/2019 11:28:32] - C:\Windows\Installer\3e07.msi : (Intel® Optane™ Pinning Explorer Extensions - Intel Corporation) [Header ok : D0CF11E0A1B11AE10000000000000000] [07/06/2021 16:53:21] - C:\Windows\Installer\452a45e.msi : (Google Update Helper - Google LLC) [Header ok : D0CF11E0A1B11AE10000000000000000] [23/12/2020 10:53:56] - C:\Windows\Installer\4726.msi : (Quick Access - Acer Incorporated) [Header ok : D0CF11E0A1B11AE10000000000000000] [24/12/2020 17:49:57] - C:\Windows\Installer\556710a.msi : (Care Center Service - Acer Incorporated) [Header ok : D0CF11E0A1B11AE10000000000000000] [16/03/2020 20:39:00] - C:\Windows\Installer\571c.msi : (Acer Jumpstart - Acer) [Header ok : D0CF11E0A1B11AE10000000000000000] [25/03/2019 18:27:52] - C:\Windows\Installer\5e8f.msi : (Intel(R) Rapid Storage Technology - Intel Corporation) [Header ok : D0CF11E0A1B11AE10000000000000000] [27/12/2020 03:18:05] - C:\Windows\Installer\64405f3.msi : (KULT#100 Gaming Mouse - KULT#100) [Header ok : D0CF11E0A1B11AE10000000000000000] [20/09/2016 16:34:44] - C:\Windows\Installer\bce0.msi : ( - Acer) [Header ok : D0CF11E0A1B11AE10000000000000000] [10/06/2019 05:47:32] - C:\Windows\Installer\bcea.msi : (PredatorSense Service - Acer Incorporated) [Header ok : D0CF11E0A1B11AE10000000000000000] [15/01/2019 12:29:48] - C:\Windows\Installer\bcef.msi : (User Experience Improvement Program - Acer Incorporated) [Header ok : D0CF11E0A1B11AE10000000000000000] [25/04/2021 23:18:05] - C:\Windows\Installer\f3a5449.msi : (Java Auto Updater - Oracle Corporation) [Header ok : D0CF11E0A1B11AE10000000000000000] [28/06/2011 22:27:28] - [4028928] - (.().-. - ()) - C:\Windows\Installer\5811fb.msp [28/06/2011 22:21:32] - [4637184] - (.().-. - ()) - C:\Windows\Installer\58240e.msp ---------- | %System%\*.in* [07/12/2019 11:09:39] - [3329] - C:\Windows\System32\ieuinit.inf [04/05/2021 17:02:28] - [652] - C:\Windows\System32\mapisvc.inf [23/12/2020 06:29:19] - [1772726] - C:\Windows\System32\PerfStringBackup.INI [07/12/2019 11:09:05] - [60124] - C:\Windows\System32\tcpmon.ini [07/12/2019 11:08:46] - [2404] - C:\Windows\System32\WimBootCompress.ini [07/12/2019 11:10:00] - [3329] - C:\Windows\Syswow64\ieuinit.inf [04/05/2021 17:02:28] - [644] - C:\Windows\Syswow64\mapisvc.inf [07/12/2019 11:09:22] - [2404] - C:\Windows\Syswow64\WimBootCompress.ini ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.3F8D158762AE792FDC3384895439142B] - |A| - [12/06/2021 18:37:08] - (.-.) - [18.37 Ko] - (0.0.0.0) - C:\Windows\Temp\catalog.json [MD5.6A0466C7DB5DA6669EA2C5252EF3D5A5] - |A| - [26/06/2021 02:57:55] - (.-.) - [6.85 Ko] - (0.0.0.0) - C:\Windows\Temp\lpksetup-20210626-025755-0.log [MD5.18556FDE2BAD7ACED231D902980A7730] - |A| - [26/06/2021 14:33:45] - (.-.) - [6.85 Ko] - (0.0.0.0) - C:\Windows\Temp\lpksetup-20210626-143345-0.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [24/06/2021 08:37:05] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\mat-debug-10712.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [26/06/2021 14:37:30] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\mat-debug-13744.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [26/06/2021 14:36:42] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\mat-debug-15228.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [25/06/2021 11:13:26] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\mat-debug-5044.log [MD5.C02FBD3E46C02433288BC8916339292B] - |A| - [25/05/2021 09:43:57] - (.-.) - [253.33 Ko] - (0.0.0.0) - C:\Windows\Temp\MpCmdRun.log [MD5.050CAA60ECE42EFB05ED529CEAD65317] - |A| - [25/05/2021 10:00:03] - (.-.) - [516.84 Ko] - (0.0.0.0) - C:\Windows\Temp\MpSigStub.log [MD5.00000000000000000000000000000000] - |D| - [26/06/2021 14:37:13] - [0.17 Ko] - C:\Windows\Temp\MsEdgeCrashpad [MD5.8C083C93A54B8F12B8F8F4A8B06A8857] - |A| - [26/06/2021 14:37:13] - (.-.) - [55.34 Ko] - (0.0.0.0) - C:\Windows\Temp\msedge_installer.log [MD5.4F6B88C0F1D74399B93D93AAD041F884] - |A| - [26/06/2021 02:57:56] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_3AC6.tmp [MD5.F4425B07BC7BF98B2BACC59ED044D7D3] - |A| - [26/06/2021 02:58:02] - (.-.) - [192 Ko] - (0.0.0.0) - C:\Windows\Temp\TS_52F3.tmp [MD5.105E8B7E04ED7F2048AE0790B744B0E7] - |A| - [03/06/2016 06:18:31] - (.-.) - [8.36 Ko] - (0.0.0.0) - C:\Windows\System32\$Acer$.cmd [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:55] - [0 Ko] - C:\Windows\System32\0409 [MD5.C652A5EA6545C98CE71684018E0640E7] - |A| - [07/12/2019 11:09:00] - (.-.) - [3.1 Ko] - (0.0.0.0) - C:\Windows\System32\@AdvancedKeySettingsNotification.png [MD5.D6F8DD9F561B8A67FFAC2BAD7E989770] - |A| - [07/12/2019 11:08:44] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\Windows\System32\@AppHelpToast.png [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [07/12/2019 11:08:45] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\Windows\System32\@AudioToastIcon.png [MD5.8E4B25CC8E98F63DBD54176DFAB539E0] - |A| - [07/12/2019 11:08:21] - (.-.) - [0.44 Ko] - (0.0.0.0) - C:\Windows\System32\@BackgroundAccessToastIcon.png [MD5.3937359E324E15F6A7A7092D4DAEBD64] - |A| - [07/12/2019 11:08:52] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\Windows\System32\@bitlockertoastimage.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [07/12/2019 11:08:52] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\Windows\System32\@EnrollmentToastIcon.png [MD5.C2A332DE50FE519DA21AFB8BD6E134F4] - |A| - [07/12/2019 11:08:58] - (.-.) - [0.55 Ko] - (0.0.0.0) - C:\Windows\System32\@language_notification_icon.png [MD5.A119D69B4C29845D3F8CE2E5638C8E65] - |A| - [07/12/2019 11:09:45] - (.-.) - [0.47 Ko] - (0.0.0.0) - C:\Windows\System32\@optionalfeatures.png [MD5.A3437673F5766635A8378F67645B81C0] - |A| - [07/12/2019 11:09:37] - (.-.) - [0.35 Ko] - (0.0.0.0) - C:\Windows\System32\@StorageSenseToastIcon.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [07/12/2019 11:09:07] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\Windows\System32\@VpnToastIcon.png [MD5.79166EAF65485F1432DD72B72870026B] - |A| - [07/12/2019 11:09:32] - (.-.) - [190.86 Ko] - (0.0.0.0) - C:\Windows\System32\@windows-hello-V4.1.gif [MD5.13EF2C8D799F7B6E9D8E3D6BACB9C779] - |A| - [07/12/2019 11:09:32] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsHelloFaceToastIcon.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsUpdateToastIcon.contrast-black.png [MD5.DAD405CBDE259DE527EBF71BCC28099C] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsUpdateToastIcon.contrast-white.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsUpdateToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [07/12/2019 11:08:19] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\Windows\System32\@WirelessDisplayToast.png [MD5.147B047B46B79A91CC34499D4F89119E] - |A| - [07/12/2019 11:09:05] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\Windows\System32\@WLOGO_48x48.png [MD5.31A16C523B62500F83C82217F056A538] - |A| - [07/12/2019 11:08:39] - (.-.) - [8.13 Ko] - (0.0.0.0) - C:\Windows\System32\ActiveHours.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [2786.8 Ko] - C:\Windows\System32\AdvancedInstallers [MD5.A49C26AA0CADD994DE158F51CB7EEFBC] - |A| - [15/05/2021 16:48:05] - (.-.) - [13 Ko] - (0.0.0.0) - C:\Windows\System32\agentactivationruntimestarter.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5.97 Ko] - C:\Windows\System32\am-et [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\System32\AppLocker [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [2808.41 Ko] - C:\Windows\System32\appraiser [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [279.5 Ko] - C:\Windows\System32\ar-SA [MD5.C9486151C26D64A4933B95BA10BF730A] - |A| - [07/12/2019 11:09:34] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [614 Ko] - (3.3.2.0) - C:\Windows\System32\archiveint.dll [MD5.C03F0062C0749CDB59A4D60862C3E83E] - |A| - [07/12/2019 11:08:07] - (.-.) - [134.86 Ko] - (0.0.0.0) - C:\Windows\System32\AverageRoom.bin [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [258.5 Ko] - C:\Windows\System32\bg-BG [MD5.705628497C0012302212A46ADD463E6E] - |A| - [07/12/2019 11:08:05] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\Windows\System32\BluetoothPairingSystemToastIcon.contrast-black.png [MD5.F63C615733A3337BF2BEA96C6EE9B568] - |A| - [07/12/2019 11:08:05] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\Windows\System32\BluetoothPairingSystemToastIcon.contrast-high.png [MD5.705628497C0012302212A46ADD463E6E] - |A| - [07/12/2019 11:08:05] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\Windows\System32\BluetoothPairingSystemToastIcon.contrast-white.png [MD5.DAF1DCB4AEE839A1965F4CC160C49A53] - |A| - [07/12/2019 11:08:05] - (.-.) - [8.34 Ko] - (0.0.0.0) - C:\Windows\System32\BluetoothPairingSystemToastIcon.png [MD5.28ECA83D7F9D10D69E969675D1FF6725] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.29 Ko] - (0.0.0.0) - C:\Windows\System32\BluetoothSystemToastIcon.contrast-white.png [MD5.A620186FF1CDE4EE117FC4CAD648B9CC] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.2 Ko] - (0.0.0.0) - C:\Windows\System32\BluetoothSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [6040.59 Ko] - C:\Windows\System32\Boot [MD5.3149A16CF39B9A49BD9A1EF98A1C527B] - |A| - [15/01/2021 14:18:29] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [186.5 Ko] - (1.0.0.1) - C:\Windows\System32\BthpanContextHandler.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.1 Ko] - C:\Windows\System32\Bthprops [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:03:44] - [77499.8 Ko] - C:\Windows\System32\CatRoot [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [64063.87 Ko] - C:\Windows\System32\catroot2 [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [20.62 Ko] - C:\Windows\System32\CodeIntegrity [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [382.5 Ko] - C:\Windows\System32\Com [MD5.535884123FABC2C15AA7DEC9834B55D4] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\Windows\System32\ComputerToastIcon.contrast-white.png [MD5.89F92266DFC6F93961DFFBB2D6C61A15] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.38 Ko] - (0.0.0.0) - C:\Windows\System32\ComputerToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:03:44] - [401033.21 Ko] - C:\Windows\System32\config [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [86.84 Ko] - C:\Windows\System32\Configuration [MD5.C113EC3ABF481A1B41F99BD721B513C3] - |A| - [15/04/2021 20:52:34] - (.-.) - [225.83 Ko] - (0.0.0.0) - C:\Windows\System32\containerdevicemanagement.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.34 Ko] - C:\Windows\System32\ContainerSettingsProviders [MD5.A41C1754A956E37B5E7D06D5167548E7] - |A| - [26/05/2021 21:34:46] - (.-.) - [280.5 Ko] - (0.0.0.0) - C:\Windows\System32\CoreMas.dll [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [10/01/2021 14:58:52] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\System32\courgette.log [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [318 Ko] - C:\Windows\System32\cs-CZ [MD5.1C3645EBDDBE2DA6A32A5F9FB43A3C23] - |A| - [07/12/2019 11:09:34] - (.© 1996 - 2017 Daniel Stenberg, . - The curl executable.) - [411.5 Ko] - (7.55.1.0) - C:\Windows\System32\curl.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [321.5 Ko] - C:\Windows\System32\da-DK [MD5.C071699F4F21B82606C72BAE2A430E1D] - |A| - [15/05/2021 16:48:06] - (.-.) - [162 Ko] - (0.0.0.0) - C:\Windows\System32\DataStoreCacheDumpTool.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [271.02 Ko] - C:\Windows\System32\DDFs [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [358.5 Ko] - C:\Windows\System32\de-DE [MD5.C1684AACAAD62889ACFCA988AA46562D] - |A| - [07/12/2019 11:08:21] - (.-.) - [28.83 Ko] - (0.0.0.0) - C:\Windows\System32\DefaultAccountTile.png [MD5.057C75B5735EEF2A75ABF8F6770BCA34] - |A| - [23/12/2020 03:04:16] - (.-.) - [4128.04 Ko] - (0.0.0.0) - C:\Windows\System32\DefaultHrtfs.bin [MD5.664AA698FC0106A2B075A641E8DC6302] - |A| - [07/12/2019 11:14:56] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\Windows\System32\DefaultQuestions.json [MD5.041A7B079E9776721847031A7CF533E1] - |A| - [07/12/2019 11:09:34] - (.-.) - [15.97 Ko] - (0.0.0.0) - C:\Windows\System32\DeliveryOptimizationMIProv.mof [MD5.59D5500F74109D59522F5A9457B8D9A2] - |A| - [07/12/2019 11:09:34] - (.-.) - [0.89 Ko] - (0.0.0.0) - C:\Windows\System32\DeliveryOptimizationMIProvUninstall.mof [MD5.B924F1A7DE5ED8331B3375A778B3FE38] - |A| - [07/12/2019 11:08:52] - (.-.) - [35.5 Ko] - (0.0.0.0) - C:\Windows\System32\deploymentcsphelper.exe [MD5.851A9305E14B348CA0D9C7FB75391FDB] - |A| - [07/12/2019 11:08:39] - (.-.) - [272.34 Ko] - (0.0.0.0) - C:\Windows\System32\DesktopKeepOnToastImg.gif [MD5.4A6FA3C0EFD237F104E09A22883D9388] - |A| - [07/12/2019 11:08:43] - (.-.) - [3.85 Ko] - (0.0.0.0) - C:\Windows\System32\DetailedReading-Default.xml [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [885 Ko] - C:\Windows\System32\DiagSvcs [MD5.037DF43BCC9F9A4DF6548FED8F4503AF] - |A| - [07/12/2019 11:08:37] - (.-.) - [82.96 Ko] - (0.0.0.0) - C:\Windows\System32\DiskSnapshot.conf [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [10159.79 Ko] - C:\Windows\System32\Dism [MD5.6AB2B935BF38EB13CFCB9506223FD6E7] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\Windows\System32\DisplaySystemToastIcon.contrast-white.png [MD5.FF004E0B30E5E4EC747B3D8EF6E3B89E] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\Windows\System32\DisplaySystemToastIcon.png [MD5.4B3986DA7DAF912AFEB8B9F6F161A0A0] - |A| - [26/06/2021 02:53:43] - (.-.) - [11.07 Ko] - (0.0.0.0) - C:\Windows\System32\DrtmAuthTxt.wim [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [214.5 Ko] - C:\Windows\System32\dsc [MD5.64E652DC979CB9EF1AEE91DBD4F8C624] - |A| - [15/01/2021 14:18:31] - (.-.) - [2201.5 Ko] - (0.0.0.0) - C:\Windows\System32\dwmscene.dll [MD5.DF84EB7B44D1414284BA384F0061D1DC] - |A| - [07/12/2019 11:08:07] - (.-.) - [728.08 Ko] - (0.0.0.0) - C:\Windows\System32\DynamicLong.bin [MD5.346870077DFD18867A9693C7A59AA3E6] - |A| - [07/12/2019 11:08:07] - (.-.) - [503.08 Ko] - (0.0.0.0) - C:\Windows\System32\DynamicMedium.bin [MD5.2BEC13D68312ADE8C0065D8BCC146D2F] - |A| - [07/12/2019 11:08:07] - (.-.) - [315.58 Ko] - (0.0.0.0) - C:\Windows\System32\DynamicShort.bin [MD5.6D2A55CD99FFF5AFA1046BFA4E16685D] - |A| - [27/01/2021 15:30:27] - (.Copyright ? EasyAntiCheat Oy 2018 - EasyAntiCheat UserMode.) - [22.3 Ko] - (1.0.0.0) - C:\Windows\System32\eac_usermode_4095808841756.dll [MD5.6D2A55CD99FFF5AFA1046BFA4E16685D] - |A| - [25/01/2021 19:43:01] - (.Copyright ? EasyAntiCheat Oy 2018 - EasyAntiCheat UserMode.) - [22.3 Ko] - (1.0.0.0) - C:\Windows\System32\eac_usermode_63246511576313.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [361.5 Ko] - C:\Windows\System32\el-GR [MD5.00000000000000000000000000000000] - |D| - [25/05/2021 09:37:05] - [22.44 Ko] - C:\Windows\System32\elambkup [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:55] - [3369 Ko] - C:\Windows\System32\en [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [244 Ko] - C:\Windows\System32\en-GB [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [41733.55 Ko] - C:\Windows\System32\en-US [MD5.1D0A840D731A2C1F2E1FB5B8596B4C34] - |A| - [15/01/2021 14:18:29] - (.-.) - [148.5 Ko] - (0.0.0.0) - C:\Windows\System32\EoAExperiences.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [343.5 Ko] - C:\Windows\System32\es-ES [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [271 Ko] - C:\Windows\System32\es-MX [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [238 Ko] - C:\Windows\System32\et-EE [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [16806.64 Ko] - C:\Windows\System32\F12 [MD5.4DED57BD7ACB9B0EBBE82034EC44645A] - |A| - [07/12/2019 11:08:41] - (.-.) - [43.22 Ko] - (0.0.0.0) - C:\Windows\System32\FeatureToastBulldogImg.png [MD5.7F65C93283F31EB39E311DDDC00DFBA6] - |A| - [23/12/2020 03:04:36] - (.-.) - [16.54 Ko] - (0.0.0.0) - C:\Windows\System32\FeatureToastDlpImg.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [7.11 Ko] - C:\Windows\System32\ff-Adlm-SN [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [326 Ko] - C:\Windows\System32\fi-FI [MD5.D55CC2BBFE5A3C3FC5CD10AD1E1FE12C] - |A| - [23/12/2020 06:16:48] - (.-.) - [614.29 Ko] - (0.0.0.0) - C:\Windows\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:55] - [3403.5 Ko] - C:\Windows\System32\fr [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [279 Ko] - C:\Windows\System32\fr-CA [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [46745.83 Ko] - C:\Windows\System32\fr-FR [MD5.F5CA01AB732F8723CEB0118923F1AD32] - |A| - [15/05/2021 16:48:26] - (.-.) - [684.5 Ko] - (0.0.0.0) - C:\Windows\System32\FsNVSDeviceSource.dll [MD5.617086AB941960B1B9EF9CDFF3CF7911] - |A| - [23/12/2020 10:55:47] - (.-.) - [76.36 Ko] - (0.0.0.0) - C:\Windows\System32\FvSDK_x64.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:51:10] - [0 Ko] - C:\Windows\System32\FxsTmp [MD5.41FD64AE28A0C932CA7B2A250993D675] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\Windows\System32\GameSystemToastIcon.contrast-white.png [MD5.6DC77FD8B062264AF1C6DA325ABB7010] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.11 Ko] - (0.0.0.0) - C:\Windows\System32\GameSystemToastIcon.png [MD5.2E6AF4D5BF6E31E728F409984C3045D4] - |A| - [07/12/2019 11:09:48] - (.-.) - [86.7 Ko] - (0.0.0.0) - C:\Windows\System32\gatherNetworkInfo.vbs [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [0 Ko] - C:\Windows\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [0 Ko] - C:\Windows\System32\GroupPolicyUsers [MD5.EA99A87E98D995DE6E280CF85CEAD413] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\Windows\System32\HandwritingSystemToastIcon.contrast-white.png [MD5.B8E586ED92DB703FFA480E254996160E] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.89 Ko] - (0.0.0.0) - C:\Windows\System32\HandwritingSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [256.5 Ko] - C:\Windows\System32\he-IL [MD5.6E9E9D56B192B2995493E529CFF2BBFE] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.43 Ko] - (0.0.0.0) - C:\Windows\System32\HeadphoneSystemToastIcon.contrast-white.png [MD5.7F1E9502267F778F3A8139C35A352190] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.09 Ko] - (0.0.0.0) - C:\Windows\System32\HeadphoneSystemToastIcon.png [MD5.202A07E4526B050E22624328E64E0470] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.52 Ko] - (0.0.0.0) - C:\Windows\System32\HeadsetSystemToastIcon.contrast-white.png [MD5.1892ACC10CAC009BCAC146AD650ABA58] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.17 Ko] - (0.0.0.0) - C:\Windows\System32\HeadsetSystemToastIcon.png [MD5.031713BFD5F30E63336D3CA5D2767BE9] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.79 Ko] - (0.0.0.0) - C:\Windows\System32\HealthSystemToastIcon.contrast-white.png [MD5.C1BD7976C99830E33A713D02374054EC] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.62 Ko] - (0.0.0.0) - C:\Windows\System32\HealthSystemToastIcon.png [MD5.6D2BA2902199292D57806E3C53C587BF] - |A| - [15/01/2021 14:18:20] - (.-.) - [299.5 Ko] - (0.0.0.0) - C:\Windows\System32\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [250 Ko] - C:\Windows\System32\hr-HR [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [324.5 Ko] - C:\Windows\System32\hu-HU [MD5.871CA2345825E86D1D2D2A2E9E475D4F] - |A| - [23/12/2020 03:05:02] - (.-.) - [44.8 Ko] - (0.0.0.0) - C:\Windows\System32\HvSocket.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:53:03] - [149.55 Ko] - C:\Windows\System32\Hydrogen [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5.36 Ko] - C:\Windows\System32\ias [MD5.947D07FA32ABB13DB520016769EB901B] - |A| - [26/05/2021 21:34:51] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Combined Library.) - [2207.5 Ko] - (64.2.0.0) - C:\Windows\System32\icu.dll [MD5.A7B574704574F326B92DCEA872F1E9E1] - |A| - [23/12/2020 03:04:28] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N Forwarder DLL.) - [24.5 Ko] - (64.2.0.0) - C:\Windows\System32\icuin.dll [MD5.4A85A9DEA3D47D95CEF5525586756EA6] - |A| - [23/12/2020 03:04:28] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common Forwarder DLL.) - [29 Ko] - (64.2.0.0) - C:\Windows\System32\icuuc.dll [MD5.388BE35F952EC7F057CDD79E8EDF9A18] - |A| - [23/12/2020 03:04:15] - (.-.) - [193 Ko] - (0.0.0.0) - C:\Windows\System32\IHDS.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [26862.43 Ko] - C:\Windows\System32\IME [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\System32\inetsrv [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [6943 Ko] - C:\Windows\System32\InputMethod [MD5.8DE9AE82152650C178BF1E24014E8503] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\Windows\System32\InputSystemToastIcon.contrast-white.png [MD5.0B9FBD6F3ED617CD36D042D3422F1C2B] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\Windows\System32\InputSystemToastIcon.png [MD5.23AC7515B6D8A794BCC01B582F044078] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\Windows\System32\KeyboardSystemToastIcon.contrast-white.png [MD5.3DF873E16CCEA9B42857FB5FA085CB00] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\Windows\System32\KeyboardSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [10192.95 Ko] - C:\Windows\System32\Keywords [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [235 Ko] - C:\Windows\System32\ko-KR [MD5.9451D4436E2EA67EB33FCC764E4AABED] - |A| - [07/12/2019 11:08:39] - (.-.) - [186.29 Ko] - (0.0.0.0) - C:\Windows\System32\LaptopPlugInToastImg.gif [MD5.F0CC83E1BA7E24F9B3292160C28AECD7] - |A| - [07/12/2019 11:08:07] - (.-.) - [145.56 Ko] - (0.0.0.0) - C:\Windows\System32\LargeRoom.bin [MD5.14BE6A1C21780D85AD3F1D09283C56DA] - |A| - [15/05/2021 16:48:34] - (.-.) - [1647.5 Ko] - (3.0.2.0) - C:\Windows\System32\libcrypto.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [625.17 Ko] - C:\Windows\System32\Licenses [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [43637.71 Ko] - C:\Windows\System32\LogFiles [MD5.00000000000000000000000000000000] - |D| - [14/02/2021 21:43:59] - [384 Ko] - C:\Windows\System32\Logs [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [246.5 Ko] - C:\Windows\System32\lt-LT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [247.5 Ko] - C:\Windows\System32\lv-LV [MD5.00000000000000000000000000000000] - |D| - [31/03/2021 23:04:52] - [56562.13 Ko] - C:\Windows\System32\lxss [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:52:05] - [32.68 Ko] - C:\Windows\System32\MailContactsCalendarSync [MD5.6160E762D057CA107F3F2577F37F15C8] - |A| - [04/05/2021 17:02:28] - (.-.) - [0.64 Ko] - (0.0.0.0) - C:\Windows\System32\mapisvc.inf [MD5.AC932EB352090EB3492BD38438F57E85] - |A| - [06/05/2019 05:13:36] - (.Copyright (c) 2006-2019 Creative Technology Ltd. - Creative Audio Processing Object Module.) - [2285.27 Ko] - (2.0.0.36) - C:\Windows\System32\MBAPO264.dll [MD5.65735234BE6F70E5BA10F12364B1041B] - |A| - [15/05/2021 16:48:18] - (.-.) - [1136.5 Ko] - (0.0.0.0) - C:\Windows\System32\MBR2GPT.EXE [MD5.F23EB28468FC8B62AF941308EC30387F] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\Windows\System32\MediaSystemToastIcon.contrast-white.png [MD5.6E27512E38D598E0A60F8E5ADCF032CD] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.83 Ko] - (0.0.0.0) - C:\Windows\System32\MediaSystemToastIcon.png [MD5.69D04DE701CF1E8CE69C65D1671D2B3F] - |A| - [07/12/2019 11:08:07] - (.-.) - [107.46 Ko] - (0.0.0.0) - C:\Windows\System32\MediumRoom.bin [MD5.00000000000000000000000000000000] - |SD| - [23/12/2020 06:16:49] - [1107.25 Ko] - C:\Windows\System32\Microsoft [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5667.23 Ko] - C:\Windows\System32\migration [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [45415.39 Ko] - C:\Windows\System32\migwiz [MD5.08749DCC252AE1148E3BEA32B3FFFBFC] - |A| - [07/12/2019 11:10:11] - (.-.) - [0.11 Ko] - (0.0.0.0) - C:\Windows\System32\MixedRealityRuntime.json [MD5.C8BF077B236ED2803347BD95DE29BF68] - |A| - [07/12/2019 11:14:56] - (.-.) - [3.03 Ko] - (0.0.0.0) - C:\Windows\System32\mmc.exe.config [MD5.B43E43FFFDD0F06A6925C7C89594042B] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.35 Ko] - (0.0.0.0) - C:\Windows\System32\MouseSystemToastIcon.contrast-white.png [MD5.5D2F0D3E50BF1129D260AC1405FF2A18] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.06 Ko] - (0.0.0.0) - C:\Windows\System32\MouseSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [25/12/2020 13:40:30] - [0 Ko] - C:\Windows\System32\MRT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [45.5 Ko] - C:\Windows\System32\MSDRM [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [4148.28 Ko] - C:\Windows\System32\MsDtc [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [21.37 Ko] - C:\Windows\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [45.64 Ko] - C:\Windows\System32\my-mm [MD5.74FDEEAC0C0C0F62F4D0D484A36DA23A] - |A| - [07/12/2019 11:08:44] - (.-.) - [30.09 Ko] - (0.0.0.0) - C:\Windows\System32\NarratorControlTemplates.xml [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [314.5 Ko] - C:\Windows\System32\nb-NO [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [896 Ko] - C:\Windows\System32\NDF [MD5.ECED700A6FBEA6E82007697894921E15] - |A| - [23/12/2020 06:16:49] - (.-.) - [36.2 Ko] - (0.0.0.0) - C:\Windows\System32\NetSetupMig.log [MD5.C146E873B22C3B300B21A859FE66C27A] - |A| - [07/12/2019 11:09:48] - (.-.) - [21.15 Ko] - (0.0.0.0) - C:\Windows\System32\NetTrace.PLA.Diagnostics.xml [MD5.0E2D5DA1C7A1A97E46172AC33AD354EC] - |A| - [07/12/2019 11:09:48] - (.-.) - [70.5 Ko] - (0.0.0.0) - C:\Windows\System32\nettraceex.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [51 Ko] - C:\Windows\System32\networklist [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [338.5 Ko] - C:\Windows\System32\nl-NL [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [3781.5 Ko] - C:\Windows\System32\Nui [MD5.78E012D8BCAFB35EFA2D009E29FE2B36] - |A| - [10/06/2019 04:25:15] - (.-.) - [102.11 Ko] - (0.0.0.0) - C:\Windows\System32\nvidia-smi.1.pdf [MD5.F85B7A0EF76A9F2A9F504945922800D5] - |A| - [23/06/2021 14:58:14] - (.-.) - [81.02 Ko] - (0.0.0.0) - C:\Windows\System32\nvinfo.pb [MD5.1152BAE1D05FF3CBD888D64920B9C549] - |A| - [23/06/2021 14:58:14] - (.-.) - [698.8 Ko] - (0.0.0.0) - C:\Windows\System32\nvofapi64.dll [MD5.D55B689DF6269B40E170EAFBCC0C34C4] - |A| - [07/12/2019 16:53:03] - (.-.) - [20.42 Ko] - (0.0.0.0) - C:\Windows\System32\OEMDefaultAssociations.xml [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\Windows\System32\OkDone_80.contrast-black.png [MD5.BFE1CCA08FEFC8A3422F7DA615567D75] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.43 Ko] - (0.0.0.0) - C:\Windows\System32\OkDone_80.contrast-white.png [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\Windows\System32\OkDone_80.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [38090.83 Ko] - C:\Windows\System32\oobe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:51:03] - [3625 Ko] - C:\Windows\System32\OpenSSH [MD5.459FB33AA2114A28C5932FEAA115B072] - |A| - [07/12/2019 11:08:07] - (.-.) - [45.82 Ko] - (0.0.0.0) - C:\Windows\System32\OutdoorAudioEnvironment.bin [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1743.23 Ko] - C:\Windows\System32\PerceptionSimulation [MD5.C57247F8F6DE05E9C90E0B44175612F7] - |A| - [07/12/2019 11:17:25] - (.-.) - [130.64 Ko] - (0.0.0.0) - C:\Windows\System32\perfc009.dat [MD5.02B8E9332CFCE0DDB223E0771F4DD579] - |A| - [07/12/2019 16:49:57] - (.-.) - [146.41 Ko] - (0.0.0.0) - C:\Windows\System32\perfc00C.dat [MD5.1E60BC5E525063B96078DF17FBD3C4E1] - |A| - [07/12/2019 11:17:25] - (.-.) - [32.64 Ko] - (0.0.0.0) - C:\Windows\System32\perfd009.dat [MD5.9F9AF8517189B0D61B2615007E071084] - |A| - [07/12/2019 16:49:57] - (.-.) - [39.74 Ko] - (0.0.0.0) - C:\Windows\System32\perfd00C.dat [MD5.37B11F4A45BC5B354D4381E7C10FAD20] - |A| - [07/12/2019 11:17:25] - (.-.) - [685.97 Ko] - (0.0.0.0) - C:\Windows\System32\perfh009.dat [MD5.332BD73EC84A7523E92B21F39961B7DE] - |A| - [07/12/2019 16:49:57] - (.-.) - [773.21 Ko] - (0.0.0.0) - C:\Windows\System32\perfh00C.dat [MD5.98CA4237F0F27E6788E956B872DC4AAA] - |A| - [23/12/2020 06:29:19] - (.-.) - [1731.18 Ko] - (0.0.0.0) - C:\Windows\System32\PerfStringBackup.INI [MD5.79D34E3B62076D4C875C748F5BE71ECA] - |A| - [07/12/2019 11:08:05] - (.-.) - [2.21 Ko] - (0.0.0.0) - C:\Windows\System32\PhoneSystemToastIcon.contrast-white.png [MD5.4D9495349D00D9AD907F227FF51F289F] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.92 Ko] - (0.0.0.0) - C:\Windows\System32\PhoneSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [338.5 Ko] - C:\Windows\System32\pl-PL [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [464.5 Ko] - C:\Windows\System32\PointOfService [MD5.7700A1F5ECACFB07A92C5960448AFAB8] - |A| - [07/12/2019 11:08:28] - (.-.) - [43 Ko] - (0.0.0.0) - C:\Windows\System32\pospaymentsworker.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [969.13 Ko] - C:\Windows\System32\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\System32\ProximityToast [MD5.007893E8374C766471239EB291BA8C17] - |A| - [07/12/2019 11:08:19] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\Windows\System32\psmodulediscoveryprovider.mof [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [332 Ko] - C:\Windows\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [335 Ko] - C:\Windows\System32\pt-PT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [23.75 Ko] - C:\Windows\System32\ras [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\System32\RasToast [MD5.75BCC7E07D8CE1C6C52C60279658C1A7] - |A| - [11/06/2021 12:40:17] - (.Copyright © 2017 Razer Inc. All rights reserved - RazerS3Coinstaller.) - [77.52 Ko] - (0.0.0.3) - C:\Windows\System32\RazerS3Coinstaller.dll [MD5.7852D37790807E55BD71A65183E0F1ED] - |A| - [26/06/2021 02:53:45] - (.-.) - [2315.5 Ko] - (1.0.2104.14003) - C:\Windows\System32\rdpnano.dll [MD5.42577ED1BA5199ADD53E1186EC4E28A4] - |A| - [15/01/2021 14:18:10] - (.-.) - [72.5 Ko] - (0.0.0.0) - C:\Windows\System32\rdsxvmaudio.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1.04 Ko] - C:\Windows\System32\Recovery [MD5.826549DF7B1333179BA8CA939B12DAD3] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.58 Ko] - (0.0.0.0) - C:\Windows\System32\RemoteSystemToastIcon.contrast-white.png [MD5.B4DEEC96F9DF6961D5DE054F11BF9C2B] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.1 Ko] - (0.0.0.0) - C:\Windows\System32\RemoteSystemToastIcon.png [MD5.19B5EEEC29F044451D5E8E89B1BE6F5E] - |A| - [07/12/2019 11:09:33] - (.-.) - [110.5 Ko] - (0.0.0.0) - C:\Windows\System32\ResBParser.dll [MD5.31924C8E78CDBD81DA7905E87B185387] - |A| - [07/12/2019 11:09:54] - (.-.) - [9.35 Ko] - (0.0.0.0) - C:\Windows\System32\ResPriHMImageList [MD5.5504F7F27D0AB178346D643D444A612C] - |A| - [07/12/2019 11:09:54] - (.-.) - [8.98 Ko] - (0.0.0.0) - C:\Windows\System32\ResPriHMImageListLowCost [MD5.85CF16AF388AE12AAE3E48A883C17A06] - |A| - [07/12/2019 11:09:54] - (.-.) - [8.77 Ko] - (0.0.0.0) - C:\Windows\System32\ResPriImageList [MD5.1391FB4E005C208A35E77DF6F3F055E2] - |A| - [07/12/2019 11:09:54] - (.-.) - [8.49 Ko] - (0.0.0.0) - C:\Windows\System32\ResPriImageListLowCost [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\Windows\System32\RestartNowPower_80.contrast-black.png [MD5.DF286186041C6BF73C5DC21CEEEFFED5] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\Windows\System32\RestartNowPower_80.contrast-white.png [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\Windows\System32\RestartNowPower_80.png [MD5.AE9FE55FED83149715734CB83339055A] - |A| - [07/12/2019 11:08:39] - (.-.) - [1.07 Ko] - (0.0.0.0) - C:\Windows\System32\RestartTonight_80.png [MD5.AE9FE55FED83149715734CB83339055A] - |A| - [07/12/2019 11:08:39] - (.-.) - [1.07 Ko] - (0.0.0.0) - C:\Windows\System32\RestartTonight_80_contrast-black.png [MD5.891AD355AB777A95695FC8A8A623A614] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.98 Ko] - (0.0.0.0) - C:\Windows\System32\RestartTonight_80_contrast-white.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.07 Ko] - C:\Windows\System32\restore [MD5.FF82597A4B863A46083998B955772DD1] - |A| - [26/06/2021 02:53:36] - (.-.) - [59.5 Ko] - (0.0.0.0) - C:\Windows\System32\runexehelper.exe [MD5.232516DD3DE13A6A14BA3B72C4E87BDD] - |A| - [12/04/2021 08:08:26] - (.Copyright (c) 2011-2018 Razer Inc. - Chroma Broadcast API.) - [184.68 Ko] - (2.4.1.71) - C:\Windows\System32\RzChromaBroadcastAPI64.dll [MD5.94A5F2A2A999C72D4CD71FB052E67196] - |A| - [12/04/2021 08:08:26] - (.Copyright (c) 2011-2018 Razer Inc. - Chroma Broadcast Manager.) - [161.19 Ko] - (2.4.2.34) - C:\Windows\System32\RzChromaBroadcastManager64.dll [MD5.FD056B0CC90C94A9DEEEA22FE1653D1F] - |A| - [28/04/2021 04:18:16] - (.Copyright (c) 2011-2018 Razer Inc. - Razer Chroma SDK.) - [211.52 Ko] - (3.7.2.105) - C:\Windows\System32\RzChromaSDK64.dll [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [07/12/2019 11:10:32] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\Windows\System32\ScavengeSpace.xml [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\Windows\System32\ScheduleTime_80.contrast-black.png [MD5.E72B1B6800DE45AA9AE7E10F899E5999] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.54 Ko] - (0.0.0.0) - C:\Windows\System32\ScheduleTime_80.contrast-white.png [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\Windows\System32\ScheduleTime_80.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [4.85 Ko] - C:\Windows\System32\SecureBootUpdates [MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |A| - [07/12/2019 11:08:41] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\System32\settings.dat [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [78.59 Ko] - C:\Windows\System32\Sgrm [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1839 Ko] - C:\Windows\System32\ShellExperiences [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [23.7 Ko] - C:\Windows\System32\si-lk [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [254.5 Ko] - C:\Windows\System32\sk-SK [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [251.5 Ko] - C:\Windows\System32\sl-SI [MD5.00000000000000000000000000000000] - |D| - [23/12/2020 06:16:49] - [21479.6 Ko] - C:\Windows\System32\SleepStudy [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [98.06 Ko] - C:\Windows\System32\slmgr [MD5.DAC275ABAAD2B689D7BB3685E4032072] - |A| - [07/12/2019 11:08:07] - (.-.) - [68.15 Ko] - (0.0.0.0) - C:\Windows\System32\SmallRoom.bin [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:03:44] - [18439.02 Ko] - C:\Windows\System32\SMI [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\Windows\System32\Snooze_80.contrast-black.png [MD5.E30B7D226E7B5B0EC2B9FC2316694ECC] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\Windows\System32\Snooze_80.contrast-white.png [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\Windows\System32\Snooze_80.png [MD5.DE3EAAF17BC934C77C4FC0C626EEA03B] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.48 Ko] - (0.0.0.0) - C:\Windows\System32\SpeakersSystemToastIcon.contrast-white.png [MD5.3308374DB8D20CFDA4D4204E2B5E559E] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\Windows\System32\SpeakersSystemToastIcon.png [MD5.6DB032025BD266E5A3A52259F57F9247] - |A| - [07/12/2019 11:09:51] - (.-.) - [40 Ko] - (0.0.0.0) - C:\Windows\System32\SpectrumSyncClient.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [7747.8 Ko] - C:\Windows\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [12470.18 Ko] - C:\Windows\System32\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [45438.72 Ko] - C:\Windows\System32\spool [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [13389.43 Ko] - C:\Windows\System32\spp [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [23.6 Ko] - C:\Windows\System32\sppui [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [253.5 Ko] - C:\Windows\System32\sr-Latn-RS [MD5.BA7D4E5FAE64BD0403C7F7E91CD93F77] - |A| - [07/12/2019 11:09:54] - (.-.) - [11.03 Ko] - (0.0.0.0) - C:\Windows\System32\srms-apr-v.dat [MD5.DC9450258D80F46AEF8EF063A7C629B0] - |A| - [07/12/2019 11:09:54] - (.-.) - [19.03 Ko] - (0.0.0.0) - C:\Windows\System32\srms-apr.dat [MD5.67894C70461ABD4EF6C116637EBB218A] - |A| - [07/12/2019 11:09:45] - (.-.) - [58.16 Ko] - (0.0.0.0) - C:\Windows\System32\srms.dat [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [55000 Ko] - C:\Windows\System32\sru [MD5.862E9C75593E9BB1A90961975276F7FE] - |A| - [15/01/2021 14:18:09] - (.-.) - [444.5 Ko] - (0.0.0.0) - C:\Windows\System32\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [320 Ko] - C:\Windows\System32\sv-SE [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1426.53 Ko] - C:\Windows\System32\Sysprep [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [945.78 Ko] - C:\Windows\System32\SystemResetPlatform [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [8.16 Ko] - C:\Windows\System32\ta-in [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [10.73 Ko] - C:\Windows\System32\ta-lk [MD5.4D188B08E9274E1360062B22E88A2F3F] - |A| - [07/12/2019 11:09:34] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [52 Ko] - (3.3.2.0) - C:\Windows\System32\tar.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [688.87 Ko] - C:\Windows\System32\Tasks [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [632.66 Ko] - C:\Windows\System32\Tasks_Migrated [MD5.D602CA245CC6774A0981B607F0675609] - |A| - [07/12/2019 11:09:05] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\Windows\System32\tcpmon.ini [MD5.518F44081E6F4B3236CBF4FB17E41F9B] - |A| - [26/06/2021 02:53:31] - (.-.) - [2208 Ko] - (0.0.0.0) - C:\Windows\System32\TextInputMethodFormatter.dll [MD5.74B20E14C597763501A603ED2DA2AD65] - |A| - [13/03/2021 14:39:35] - (.-.) - [690.45 Ko] - (0.0.0.0) - C:\Windows\System32\TextShaping.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [240 Ko] - C:\Windows\System32\th-TH [MD5.CF7677327BE3C6395B9F3333CC0F1C15] - |A| - [23/12/2020 03:04:36] - (.-.) - [1.34 Ko] - (0.0.0.0) - C:\Windows\System32\ThirdPartyNoticesBySHS.txt [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5.97 Ko] - C:\Windows\System32\ti-et [MD5.DD2C06FF7F8B7014B105ECE968BB8114] - |A| - [26/05/2021 21:34:47] - (.-.) - [266 Ko] - (0.0.0.0) - C:\Windows\System32\TpmTool.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [308 Ko] - C:\Windows\System32\tr-TR [MD5.B88B8D017386A00D7724519F475317A0] - |A| - [07/12/2019 11:08:13] - (.-.) - [10.33 Ko] - (0.0.0.0) - C:\Windows\System32\TransformPPSToWlan.xslt [MD5.2F05390B798363D51EBE65D6320CD45E] - |A| - [07/12/2019 11:08:13] - (.-.) - [1.65 Ko] - (0.0.0.0) - C:\Windows\System32\TransformPPSToWlanCredentials.xslt [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [249 Ko] - C:\Windows\System32\uk-UA [MD5.8CDD866E0707A71952FBA8BE899B7512] - |A| - [23/12/2020 03:04:16] - (.-.) - [63.04 Ko] - (0.0.0.0) - C:\Windows\System32\umpdc.dll [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [2196.59 Ko] - C:\Windows\System32\UNP [MD5.8ADD5935D83D0A425C39E369520C4095] - |A| - [07/12/2019 11:08:37] - (.-.) - [48 Ko] - (0.0.0.0) - C:\Windows\System32\UsbPmApi.dll [MD5.46A6DF60907700A148D42CCF1219522E] - |A| - [07/12/2019 11:08:39] - (.-.) - [38.5 Ko] - (0.0.0.0) - C:\Windows\System32\usocoreps.dll [MD5.1E630731AFDFC63DEC4074301D342E4B] - |A| - [07/12/2019 11:08:09] - (.-.) - [36.5 Ko] - (0.0.0.0) - C:\Windows\System32\VhfUm.dll [MD5.A10725A4632FFFEAE250E09ADA553F94] - |A| - [15/01/2021 14:19:20] - (.-.) - [93.5 Ko] - (0.0.0.0) - C:\Windows\System32\VirtualMonitorManager.dll [MD5.BA90C8404004A2BF66C9E03ED85B5C5F] - |A| - [23/06/2021 14:58:14] - (.Copyright (C) 2015-2020 - Vulkan Loader.) - [1072.1 Ko] - (1.2.170.0) - C:\Windows\System32\vulkan-1-999-0-0-0.dll [MD5.BA90C8404004A2BF66C9E03ED85B5C5F] - |A| - [10/06/2021 22:13:25] - (.Copyright (C) 2015-2020 - Vulkan Loader.) - [1072.1 Ko] - (1.2.170.0) - C:\Windows\System32\vulkan-1.dll [MD5.CFFEC12FE067ABFBC8D3EFF8166FB5D2] - |A| - [23/06/2021 14:58:14] - (.Copyright (C) 2015-2020 - Vulkan Info.) - [1815.12 Ko] - (1.2.170.0) - C:\Windows\System32\vulkaninfo-1-999-0-0-0.exe [MD5.CFFEC12FE067ABFBC8D3EFF8166FB5D2] - |A| - [23/06/2021 14:58:14] - (.Copyright (C) 2015-2020 - Vulkan Info.) - [1815.12 Ko] - (1.2.170.0) - C:\Windows\System32\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [148806.84 Ko] - C:\Windows\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [0 Ko] - C:\Windows\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [121179.6 Ko] - C:\Windows\System32\WDI [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [07/12/2019 11:08:46] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\Windows\System32\WdsUnattendTemplate.xml [MD5.1D64ACF3675288CC086E6361EAC748C4] - |A| - [07/12/2019 11:08:52] - (.-.) - [144.51 Ko] - (0.0.0.0) - C:\Windows\System32\Win32AppSettingsProvider.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1.12 Ko] - C:\Windows\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [50263.29 Ko] - C:\Windows\System32\WinBioPlugIns [MD5.3F376202BE6A0EC0C866D97ED2E0F16D] - |A| - [26/05/2021 21:34:51] - (.-.) - [642.05 Ko] - (0.0.0.0) - C:\Windows\System32\WindowManagementAPI.dll [MD5.63CA1C622CC1F4B2520E61BB393C718A] - |A| - [23/12/2020 12:23:32] - (.Copyright © 2021 - Java(TM) Platform SE binary.) - [187.28 Ko] - (8.0.2910.10) - C:\Windows\System32\WindowsAccessBridge-64.dll [MD5.E9CA21D71E952448B75C45B2467E4DE7] - |A| - [07/12/2019 11:08:27] - (.-.) - [123 Ko] - (0.0.0.0) - C:\Windows\System32\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [10902.41 Ko] - C:\Windows\System32\WindowsPowerShell [MD5.28E98ED0B6B08B7F1D163FFD184B28AF] - |A| - [07/12/2019 11:08:41] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\Windows\System32\WindowsSecurityIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [258604 Ko] - C:\Windows\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [6278.84 Ko] - C:\Windows\System32\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [207.67 Ko] - C:\Windows\System32\winrm [MD5.00000000000000000000000000000000] - |HD| - [15/01/2020 02:54:34] - [0.05 Ko] - C:\Windows\System32\WLANProfiles [MD5.1B46E2E85D401A629966A8F62D9B0775] - |A| - [07/12/2019 11:08:12] - (.-.) - [9.91 Ko] - (0.0.0.0) - C:\Windows\System32\wpcatltoast.png [MD5.C30C621748C66CE751B19B2788559A3E] - |A| - [07/12/2019 11:08:12] - (.-.) - [4.58 Ko] - (0.0.0.0) - C:\Windows\System32\wpcmon.png [MD5.69FEC1494F4C454E994D27CA6750832B] - |A| - [07/12/2019 11:08:49] - (.-.) - [0.71 Ko] - (0.0.0.0) - C:\Windows\System32\wpr.config.xml [MD5.C8A7EAA0B83E05DDD11F37A833F754AC] - |A| - [07/12/2019 11:08:21] - (.-.) - [83 Ko] - (0.0.0.0) - C:\Windows\System32\xboxgipsynthetic.dll [MD5.F7B865265606C41B0E07779D3317E0A8] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.61 Ko] - (0.0.0.0) - C:\Windows\System32\X_80.contrast-black.png [MD5.6FF92221AF9D6CDF0966C4E44C367975] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.57 Ko] - (0.0.0.0) - C:\Windows\System32\X_80.contrast-white.png [MD5.F7B865265606C41B0E07779D3317E0A8] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.61 Ko] - (0.0.0.0) - C:\Windows\System32\X_80.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [234.99 Ko] - C:\Windows\System32\zh-CN [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [204.5 Ko] - C:\Windows\System32\zh-TW [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [0 Ko] - C:\Windows\SysWOW64\0409 [MD5.D6F8DD9F561B8A67FFAC2BAD7E989770] - |A| - [07/12/2019 11:09:21] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@AppHelpToast.png [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [07/12/2019 11:09:21] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@AudioToastIcon.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [07/12/2019 11:09:26] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@EnrollmentToastIcon.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [07/12/2019 11:09:32] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@VpnToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [07/12/2019 11:09:15] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@WirelessDisplayToast.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1864.83 Ko] - C:\Windows\SysWOW64\AdvancedInstallers [MD5.E556115BD4E751178310F842E457CA22] - |A| - [23/12/2020 03:04:44] - (.-.) - [10.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\agentactivationruntimestarter.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\AppLocker [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [97.5 Ko] - C:\Windows\SysWOW64\ar-SA [MD5.DDE41441FE1A8A540354DA849E3FBC79] - |A| - [07/12/2019 11:09:57] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [519.5 Ko] - (3.3.2.0) - C:\Windows\SysWOW64\archiveint.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [58.5 Ko] - C:\Windows\SysWOW64\bg-BG [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.1 Ko] - C:\Windows\SysWOW64\Bthprops [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\catroot [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [321.5 Ko] - C:\Windows\SysWOW64\Com [MD5.6545DE4EF5217AA2FFC7FFD27725A971] - |A| - [23/12/2020 03:04:44] - (.-.) - [235 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\CoreMas.dll [MD5.3F26AA45231FAC42BBA21A148A03A907] - |A| - [06/05/2019 02:08:02] - (.Copyright (c) Creative Technology Ltd., 2018. -.) - [355.44 Ko] - (2.0.2.5) - C:\Windows\SysWOW64\Creative.UWPRPCService.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [118.5 Ko] - C:\Windows\SysWOW64\cs-CZ [MD5.4329254E74AD91D047E3CEDCC7C138C3] - |A| - [07/12/2019 11:09:57] - (.© 1996 - 2017 Daniel Stenberg, . - The curl executable.) - [377.5 Ko] - (7.55.1.0) - C:\Windows\SysWOW64\curl.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [119.5 Ko] - C:\Windows\SysWOW64\da-DK [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [131 Ko] - C:\Windows\SysWOW64\de-DE [MD5.C1684AACAAD62889ACFCA988AA46562D] - |A| - [07/12/2019 11:09:15] - (.-.) - [28.83 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\DefaultAccountTile.png [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [188 Ko] - C:\Windows\SysWOW64\DiagSvcs [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [7867.52 Ko] - C:\Windows\SysWOW64\Dism [MD5.BC1CF91831E2E02AF7A4B905FEF9FD2A] - |A| - [23/12/2020 10:55:47] - (.-.) - [66.36 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\FvSDK_x86.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:51:10] - [0 Ko] - C:\Windows\SysWOW64\FxsTmp [MD5.B873A5ABCFBC42B1BAC9EBE8741C6162] - |A| - [07/12/2019 16:50:56] - (.Copyright (C) 2019 - Gracenote SDK component.) - [244 Ko] - (3.9.511.0) - C:\Windows\SysWOW64\gnsdk_fp.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicyUsers [MD5.DF0C9C776F8367E213210FB256AC30EC] - |A| - [15/01/2021 14:18:44] - (.-.) - [230 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [55.5 Ko] - C:\Windows\SysWOW64\hr-HR [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [123 Ko] - C:\Windows\SysWOW64\hu-HU [MD5.8226A1A91F01432A0CB10CAABF1B9C6D] - |A| - [26/05/2021 21:35:03] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Combined Library.) - [1820.5 Ko] - (64.2.0.0) - C:\Windows\SysWOW64\icu.dll [MD5.FB475B41189AACF1C607C1E9DC0EBB0B] - |RA| - [07/12/2019 11:09:18] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N Forwarder DLL.) - [24 Ko] - (64.2.0.0) - C:\Windows\SysWOW64\icuin.dll [MD5.B17445D0DF2C22C924899B5DF8E84475] - |RA| - [07/12/2019 11:09:18] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common Forwarder DLL.) - [28.5 Ko] - (64.2.0.0) - C:\Windows\SysWOW64\icuuc.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [21642.16 Ko] - C:\Windows\SysWOW64\IME [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\inetsrv [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [215 Ko] - C:\Windows\SysWOW64\InputMethod [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1160 Ko] - C:\Windows\SysWOW64\InstallShield [MD5.8E8A9CEE6367E671513C737886CAC64A] - |A| - [04/05/2021 17:02:28] - (.-.) - [0.63 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\mapisvc.inf [MD5.163B19CBF791C0008E5517FF5E2748A1] - |A| - [06/05/2019 05:13:38] - (.Copyright (c) 2006-2019 Creative Technology Ltd. - Creative Audio Processing Object Module.) - [1854.25 Ko] - (2.0.0.36) - C:\Windows\SysWOW64\MBAPO232.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [2870.11 Ko] - C:\Windows\SysWOW64\migration [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [816.8 Ko] - C:\Windows\SysWOW64\migwiz [MD5.08749DCC252AE1148E3BEA32B3FFFBFC] - |A| - [07/12/2019 11:10:14] - (.-.) - [0.11 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\MixedRealityRuntime.json [MD5.C8BF077B236ED2803347BD95DE29BF68] - |A| - [07/12/2019 11:15:00] - (.-.) - [3.03 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\mmc.exe.config [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [45.5 Ko] - C:\Windows\SysWOW64\MSDRM [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [52.28 Ko] - C:\Windows\SysWOW64\Msdtc [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [21.37 Ko] - C:\Windows\SysWOW64\MUI [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [116 Ko] - C:\Windows\SysWOW64\nb-NO [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\NDF [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [51 Ko] - C:\Windows\SysWOW64\networklist [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [122 Ko] - C:\Windows\SysWOW64\nl-NL [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [3781.5 Ko] - C:\Windows\SysWOW64\Nui [MD5.5042179388F5A44B54EF9A65F2813AA7] - |A| - [23/06/2021 14:58:14] - (.-.) - [562.3 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\nvofapi.dll [MD5.B3B9C8925432FDA674ACCA908FE3CFDE] - |A| - [07/12/2019 11:10:14] - (.-.) - [36.79 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\OneDrive.ico [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [764.33 Ko] - C:\Windows\SysWOW64\oobe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [79.5 Ko] - C:\Windows\SysWOW64\PerceptionSimulation [MD5.6207DB527677F19F86A08AB53D298304] - |A| - [12/04/2021 08:08:26] - (.Copyright (c) 2011-2018 Razer Inc. - Chroma Broadcast API.) - [151.18 Ko] - (2.4.1.70) - C:\Windows\SysWOW64\RzChromaBroadcastAPI.dll [MD5.A029E0F150CAAEA92898CD99004D91F0] - |A| - [12/04/2021 08:08:26] - (.Copyright (c) 2011-2018 Razer Inc. - Chroma Broadcast Manager.) - [131.69 Ko] - (2.4.2.33) - C:\Windows\SysWOW64\RzChromaBroadcastManager.dll [MD5.2F41F4FE2EC5B57CEDA97BF6F56A78AA] - |A| - [28/04/2021 04:16:40] - (.Copyright (c) 2011-2018 Razer Inc. - Razer Chroma SDK.) - [184.02 Ko] - (3.7.2.105) - C:\Windows\SysWOW64\RzChromaSDK.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [57 Ko] - C:\Windows\SysWOW64\sk-SK [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [57 Ko] - C:\Windows\SysWOW64\sl-SI [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [98.06 Ko] - C:\Windows\SysWOW64\slmgr [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\SMI [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [4078.33 Ko] - C:\Windows\SysWOW64\Speech [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [8699.66 Ko] - C:\Windows\SysWOW64\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1315.66 Ko] - C:\Windows\SysWOW64\spp [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [23.6 Ko] - C:\Windows\SysWOW64\sppui [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [56.5 Ko] - C:\Windows\SysWOW64\sr-Latn-RS [MD5.BA7D4E5FAE64BD0403C7F7E91CD93F77] - |A| - [07/12/2019 11:10:05] - (.-.) - [11.03 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\srms-apr-v.dat [MD5.DC9450258D80F46AEF8EF063A7C629B0] - |A| - [07/12/2019 11:10:05] - (.-.) - [19.03 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\srms-apr.dat [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\sru [MD5.BDC53957962AFBEBE6A25EF941C261B3] - |A| - [15/01/2021 14:18:40] - (.-.) - [323 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [117 Ko] - C:\Windows\SysWOW64\sv-SE [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [0 Ko] - C:\Windows\SysWOW64\sysprep [MD5.4B26D4CD5CD5F7B074E31793979F17C5] - |A| - [07/12/2019 11:09:57] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [42.5 Ko] - (3.3.2.0) - C:\Windows\SysWOW64\tar.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\Tasks [MD5.5C678F08A307A26636D2A00E49E76FF3] - |A| - [15/01/2021 14:18:45] - (.-.) - [1302.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\TextInputMethodFormatter.dll [MD5.9CEDDB7AB658F4AC4C4F1757098278C3] - |A| - [13/03/2021 14:39:38] - (.-.) - [597.61 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\TextShaping.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [50.5 Ko] - C:\Windows\SysWOW64\th-TH [MD5.F6F4828A0DAF74F06AB2AC749267FD84] - |A| - [26/05/2021 21:35:01] - (.-.) - [218.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\TpmTool.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [115 Ko] - C:\Windows\SysWOW64\tr-TR [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [57 Ko] - C:\Windows\SysWOW64\uk-UA [MD5.7E0273A51BDD51DFB58F905C8F501061] - |A| - [23/12/2020 03:04:50] - (.-.) - [46.36 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\umpdc.dll [MD5.92AA84D17A2A2455D900735B9D563532] - |A| - [23/06/2021 14:58:14] - (.Copyright (C) 2015-2020 - Vulkan Loader.) - [929.6 Ko] - (1.2.170.0) - C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll [MD5.92AA84D17A2A2455D900735B9D563532] - |A| - [23/06/2021 14:58:14] - (.Copyright (C) 2015-2020 - Vulkan Loader.) - [929.6 Ko] - (1.2.170.0) - C:\Windows\SysWOW64\vulkan-1.dll [MD5.E8C985670272B1E03E4A96176B099B61] - |A| - [23/06/2021 14:58:14] - (.Copyright (C) 2015-2020 - Vulkan Info.) - [1405.1 Ko] - (1.2.170.0) - C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe [MD5.E8C985670272B1E03E4A96176B099B61] - |A| - [23/06/2021 14:58:14] - (.Copyright (C) 2015-2020 - Vulkan Info.) - [1405.1 Ko] - (1.2.170.0) - C:\Windows\SysWOW64\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [18812.86 Ko] - C:\Windows\SysWOW64\wbem [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [0 Ko] - C:\Windows\SysWOW64\WCN [MD5.A22B636328327A4EA6F6AB3F48A5B5B1] - |A| - [26/05/2021 21:35:02] - (.-.) - [457.46 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\WindowManagementAPI.dll [MD5.BEDEDB102316C696D36F0D4331E1C2AE] - |A| - [07/12/2019 11:09:17] - (.-.) - [104.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [9635.01 Ko] - C:\Windows\SysWOW64\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [6278.98 Ko] - C:\Windows\SysWOW64\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [207.67 Ko] - C:\Windows\SysWOW64\winrm [MD5.7A015A6F199516A06C5AFB56FEE7AC51] - |A| - [07/12/2019 11:09:17] - (.-.) - [59 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [23/12/2020 03:00:31] - [10.16 Ko] - C:\Windows\SysWOW64\XPSViewer ---------- | [Public] [15/01/2020 02:37:31] - |RHD| - [201459] - C:\Users\Public\AccountPictures [23/12/2020 12:01:02] - |D| - [72] - C:\Users\Public\BlueStacks [07/12/2019 11:14:52] - |RHD| - [174] - C:\Users\Public\Desktop [07/12/2019 11:14:54] - |ASH| - [174] - C:\Users\Public\desktop.ini [07/12/2019 11:14:52] - |RD| - [312651966] - C:\Users\Public\Documents [07/12/2019 11:14:52] - |RD| - [174] - C:\Users\Public\Downloads [07/12/2019 11:14:52] - |RHD| - [1174] - C:\Users\Public\Libraries [07/12/2019 11:14:52] - |RD| - [380] - C:\Users\Public\Music [07/12/2019 11:14:52] - |RD| - [380] - C:\Users\Public\Pictures [15/01/2020 02:54:20] - |D| - [0] - C:\Users\Public\Roaming [15/01/2020 03:29:34] - |D| - [27822] - C:\Users\Public\Symantec [22/02/2021 14:56:21] - |D| - [26264] - C:\Users\Public\Thunder Network [07/12/2019 11:14:52] - |RD| - [380] - C:\Users\Public\Videos ---------- | [quent] [23/12/2020 10:43:44] - |RD| - [298] - C:\Users\quent\3D Objects [23/12/2020 10:53:36] - |D| - [0] - C:\Users\quent\ansel [23/12/2020 10:39:56] - |D| - [33608455841] - C:\Users\quent\AppData [04/05/2021 16:37:16] - |D| - [0] - C:\Users\quent\Apple [23/12/2020 10:39:56] - |SHD| - [0] - C:\Users\quent\Application Data [23/12/2020 10:43:44] - |RD| - [412] - C:\Users\quent\Contacts [23/12/2020 10:39:56] - |SHD| - [0] - C:\Users\quent\Cookies [23/12/2020 10:39:56] - |RD| - [8657796740] - C:\Users\quent\Desktop [23/12/2020 10:39:56] - |RD| - [270478636] - C:\Users\quent\Documents [23/12/2020 10:39:56] - |RD| - [854605405] - C:\Users\quent\Downloads [23/12/2020 10:39:56] - |RD| - [747] - C:\Users\quent\Favorites [23/12/2020 10:39:56] - |RD| - [1953] - C:\Users\quent\Links [23/12/2020 10:39:56] - |SHD| - [0] - C:\Users\quent\Local Settings [23/12/2020 10:39:56] - |SHD| - [0] - C:\Users\quent\Menu Démarrer [23/12/2020 10:39:56] - |SHD| - [0] - C:\Users\quent\Mes documents [23/12/2020 10:39:56] - |SHD| - [0] - C:\Users\quent\Modèles [23/12/2020 10:39:56] - |RD| - [1398817] - C:\Users\quent\Music [23/12/2020 10:39:56] - |AH| - [5505024] - C:\Users\quent\NTUSER.DAT [23/12/2020 10:39:56] - |ASH| - [1740800] - C:\Users\quent\ntuser.dat.LOG1 [23/12/2020 10:39:56] - |ASH| - [1310720] - C:\Users\quent\ntuser.dat.LOG2 [23/12/2020 10:39:56] - |ASH| - [65536] - C:\Users\quent\NTUSER.DAT{a82a51f5-44d5-11eb-a41b-8eb236536881}.TM.blf [23/12/2020 10:39:56] - |ASH| - [524288] - C:\Users\quent\NTUSER.DAT{a82a51f5-44d5-11eb-a41b-8eb236536881}.TMContainer00000000000000000001.regtrans-ms [23/12/2020 10:39:56] - |ASH| - [524288] - C:\Users\quent\NTUSER.DAT{a82a51f5-44d5-11eb-a41b-8eb236536881}.TMContainer00000000000000000002.regtrans-ms [23/12/2020 10:39:56] - |SH| - [20] - C:\Users\quent\ntuser.ini [23/12/2020 10:45:12] - |RAD| - [1068699] - C:\Users\quent\OneDrive [23/12/2020 10:39:56] - |RD| - [1092] - C:\Users\quent\Pictures [23/12/2020 10:39:56] - |SHD| - [0] - C:\Users\quent\Recent [23/12/2020 10:39:56] - |RD| - [1059606] - C:\Users\quent\Saved Games [23/12/2020 10:43:44] - |RD| - [1868] - C:\Users\quent\Searches [23/12/2020 10:39:56] - |SHD| - [0] - C:\Users\quent\SendTo [23/12/2020 10:39:56] - |RD| - [327379738] - C:\Users\quent\Videos [23/12/2020 10:39:56] - |SHD| - [0] - C:\Users\quent\Voisinage d'impression [23/12/2020 10:39:56] - |SHD| - [0] - C:\Users\quent\Voisinage réseau [23/12/2020 10:39:56] - |D| - [8628238662] - C:\Users\quent\AppData\Local [23/12/2020 10:39:56] - |D| - [25141440] - C:\Users\quent\AppData\LocalLow [23/12/2020 10:39:56] - |D| - [24955075739] - C:\Users\quent\AppData\Roaming [08/04/2021 12:15:25] - |D| - [11024] - C:\Users\quent\AppData\Local\Agrou [23/12/2020 10:39:56] - |SHD| - [0] - C:\Users\quent\AppData\Local\Application Data [22/02/2021 14:59:50] - |D| - [426927961] - C:\Users\quent\AppData\Local\Battle.net [07/01/2021 15:47:13] - |D| - [3] - C:\Users\quent\AppData\Local\BattlEye [28/02/2021 15:38:52] - |D| - [117399] - C:\Users\quent\AppData\Local\BitTorrentHelper [22/02/2021 14:49:59] - |D| - [3904146] - C:\Users\quent\AppData\Local\Blizzard Entertainment [23/12/2020 12:01:02] - |D| - [252245] - C:\Users\quent\AppData\Local\Bluestacks [07/06/2021 16:53:20] - |D| - [244739367] - C:\Users\quent\AppData\Local\BraveSoftware [22/02/2021 15:00:21] - |D| - [140485] - C:\Users\quent\AppData\Local\cache [23/12/2020 10:52:57] - |D| - [2868] - C:\Users\quent\AppData\Local\CareCenter [23/12/2020 10:53:32] - |D| - [3618045] - C:\Users\quent\AppData\Local\CEF [23/12/2020 10:48:00] - |D| - [22502991] - C:\Users\quent\AppData\Local\Comms [23/12/2020 10:43:43] - |D| - [6208078] - C:\Users\quent\AppData\Local\ConnectedDevicesPlatform [28/12/2020 00:45:31] - |D| - [0] - C:\Users\quent\AppData\Local\CrashDumps [23/12/2020 20:38:54] - |D| - [1727587] - C:\Users\quent\AppData\Local\CrashReportClient [19/06/2021 14:38:50] - |D| - [0] - C:\Users\quent\AppData\Local\CrashRpt [23/12/2020 10:52:51] - |D| - [532864] - C:\Users\quent\AppData\Local\D3DSCache [23/12/2020 20:38:54] - |D| - [0] - C:\Users\quent\AppData\Local\DBG [23/12/2020 12:51:20] - |D| - [85267572] - C:\Users\quent\AppData\Local\DeadByDaylight [20/02/2021 19:56:26] - |D| - [3600] - C:\Users\quent\AppData\Local\DefenseGrid [02/01/2021 14:58:15] - |D| - [0] - C:\Users\quent\AppData\Local\Diagnostics [23/12/2020 10:58:00] - |D| - [488332478] - C:\Users\quent\AppData\Local\Discord [10/06/2021 18:13:56] - |D| - [377934280] - C:\Users\quent\AppData\Local\DiscordCanary [03/06/2021 22:48:10] - |D| - [2464] - C:\Users\quent\AppData\Local\Dontnod [27/12/2020 03:18:05] - |D| - [6585344] - C:\Users\quent\AppData\Local\Downloaded Installations [23/12/2020 11:15:35] - |D| - [131649] - C:\Users\quent\AppData\Local\ElevatedDiagnostics [02/01/2021 00:41:45] - |D| - [22917881] - C:\Users\quent\AppData\Local\Epic Games [23/12/2020 22:50:28] - |D| - [241400253] - C:\Users\quent\AppData\Local\EpicGamesLauncher [21/05/2021 19:29:29] - |D| - [319814957] - C:\Users\quent\AppData\Local\FactoryGame [23/12/2020 11:02:39] - |D| - [0] - C:\Users\quent\AppData\Local\Flashpaste [02/01/2021 00:41:42] - |D| - [1065] - C:\Users\quent\AppData\Local\Frontier Developments [23/12/2020 10:46:31] - |D| - [940383152] - C:\Users\quent\AppData\Local\Google [23/12/2020 10:39:56] - |SHD| - [0] - C:\Users\quent\AppData\Local\Historique [23/12/2020 10:49:05] - |AH| - [27006] - C:\Users\quent\AppData\Local\IconCache.db [23/12/2020 11:21:22] - |D| - [0] - C:\Users\quent\AppData\Local\INetHistory [26/12/2020 23:23:27] - |D| - [0] - C:\Users\quent\AppData\Local\LogMeIn [23/12/2020 10:39:56] - |D| - [458541641] - C:\Users\quent\AppData\Local\Microsoft [23/12/2020 10:46:11] - |D| - [262144] - C:\Users\quent\AppData\Local\Mozilla [23/12/2020 10:53:34] - |D| - [503268457] - C:\Users\quent\AppData\Local\NVIDIA [23/12/2020 10:49:53] - |D| - [97318471] - C:\Users\quent\AppData\Local\NVIDIA Corporation [23/12/2020 10:50:00] - |D| - [2472087] - C:\Users\quent\AppData\Local\OEM [23/12/2020 10:52:41] - |D| - [55824] - C:\Users\quent\AppData\Local\OneDrive [09/01/2021 01:00:27] - |D| - [700601697] - C:\Users\quent\AppData\Local\Overwolf [23/12/2020 10:43:44] - |D| - [2522657453] - C:\Users\quent\AppData\Local\Packages [31/01/2021 23:58:57] - |D| - [3772] - C:\Users\quent\AppData\Local\paint.net [23/12/2020 10:45:09] - |D| - [41669] - C:\Users\quent\AppData\Local\PlaceholderTileLogoFolder [24/12/2020 01:04:46] - |D| - [0] - C:\Users\quent\AppData\Local\Programs [23/12/2020 10:43:49] - |D| - [0] - C:\Users\quent\AppData\Local\Publishers [11/06/2021 12:45:50] - |D| - [27349118] - C:\Users\quent\AppData\Local\Razer [21/04/2021 19:00:07] - |A| - [7602] - C:\Users\quent\AppData\Local\Resmon.ResmonCfg [01/01/2021 23:38:22] - |D| - [16358858] - C:\Users\quent\AppData\Local\Riot Games [16/04/2021 17:07:43] - |D| - [578386] - C:\Users\quent\AppData\Local\Rockstar Games [29/12/2020 19:08:26] - |D| - [9400] - C:\Users\quent\AppData\Local\speech [23/12/2020 10:57:59] - |D| - [12395] - C:\Users\quent\AppData\Local\SquirrelTemp [23/12/2020 11:18:38] - |D| - [518090720] - C:\Users\quent\AppData\Local\Steam [13/05/2021 22:14:24] - |D| - [554986497] - C:\Users\quent\AppData\Local\T2GP Launcher [23/12/2020 10:39:56] - |AD| - [7065176] - C:\Users\quent\AppData\Local\Temp [23/12/2020 10:39:56] - |SHD| - [0] - C:\Users\quent\AppData\Local\Temporary Internet Files [07/01/2021 15:44:41] - |D| - [4554] - C:\Users\quent\AppData\Local\Ubisoft Game Launcher [23/12/2020 12:51:20] - |D| - [235] - C:\Users\quent\AppData\Local\UnrealEngine [23/12/2020 22:50:30] - |D| - [0] - C:\Users\quent\AppData\Local\UnrealEngineLauncher [28/02/2021 15:37:58] - |D| - [1596] - C:\Users\quent\AppData\Local\UTW008 [30/04/2021 09:43:25] - |D| - [25064064] - C:\Users\quent\AppData\Local\VALORANT [23/12/2020 10:43:44] - |D| - [0] - C:\Users\quent\AppData\Local\VirtualStore [03/02/2021 17:37:12] - |D| - [82] - C:\Users\quent\AppData\Local\Wondershare [22/02/2021 14:42:26] - |D| - [6606796] - C:\Users\quent\AppData\LocalLow\Beam Team Games [17/01/2021 21:37:25] - |D| - [10298] - C:\Users\quent\AppData\LocalLow\Hasbro, Inc_ [24/01/2021 00:08:32] - |D| - [2053431] - C:\Users\quent\AppData\LocalLow\Innersloth [08/04/2021 12:24:42] - |D| - [113782] - C:\Users\quent\AppData\LocalLow\Kabam Montreal, Inc [12/03/2021 22:58:25] - |D| - [166803] - C:\Users\quent\AppData\LocalLow\Kinetic Games [23/12/2020 10:40:14] - |SD| - [610133] - C:\Users\quent\AppData\LocalLow\Microsoft [23/12/2020 10:46:12] - |D| - [0] - C:\Users\quent\AppData\LocalLow\Mozilla [05/06/2021 23:05:46] - |D| - [1387084] - C:\Users\quent\AppData\LocalLow\Northwood [20/01/2021 21:50:10] - |D| - [290816] - C:\Users\quent\AppData\LocalLow\Oracle [01/02/2021 00:26:46] - |D| - [42188] - C:\Users\quent\AppData\LocalLow\Pathea Entertainment [28/04/2021 14:22:28] - |D| - [20037] - C:\Users\quent\AppData\LocalLow\Smartly Dressed Games [23/12/2020 12:23:14] - |D| - [17408] - C:\Users\quent\AppData\LocalLow\Sun [10/01/2021 03:53:39] - |D| - [568023] - C:\Users\quent\AppData\LocalLow\Total Mayhem Games [17/02/2021 22:04:56] - |D| - [0] - C:\Users\quent\AppData\LocalLow\Ubisoft [26/12/2020 23:21:22] - |D| - [13254641] - C:\Users\quent\AppData\LocalLow\Unknown Worlds [23/12/2020 12:19:32] - |D| - [17309042816] - C:\Users\quent\AppData\Roaming\.minecraft [05/06/2021 23:05:41] - |D| - [0] - C:\Users\quent\AppData\Roaming\.unity [21/05/2021 08:10:06] - |D| - [6191428999] - C:\Users\quent\AppData\Roaming\2K Sports [23/12/2020 10:43:44] - |D| - [0] - C:\Users\quent\AppData\Roaming\Adobe [04/05/2021 18:11:22] - |D| - [0] - C:\Users\quent\AppData\Roaming\Apple Computer [22/02/2021 14:59:50] - |D| - [4399] - C:\Users\quent\AppData\Roaming\Battle.net [14/05/2021 13:05:10] - |D| - [165] - C:\Users\quent\AppData\Roaming\Blizzard Entertainment [15/02/2021 23:56:10] - |D| - [10900] - C:\Users\quent\AppData\Roaming\Bungie [23/12/2020 10:58:04] - |D| - [625040076] - C:\Users\quent\AppData\Roaming\discord [10/06/2021 18:14:01] - |D| - [348976051] - C:\Users\quent\AppData\Roaming\discordcanary [15/04/2021 16:59:46] - |D| - [4722320] - C:\Users\quent\AppData\Roaming\EasyAntiCheat [13/05/2021 22:17:38] - |D| - [2806] - C:\Users\quent\AppData\Roaming\FiraxisLive [17/06/2021 23:55:51] - |D| - [58307] - C:\Users\quent\AppData\Roaming\Flashpaste [07/03/2021 18:15:46] - |D| - [175227225] - C:\Users\quent\AppData\Roaming\glr-qt-launcher [25/03/2021 20:02:26] - |D| - [44764743] - C:\Users\quent\AppData\Roaming\Guild Wars 2 [23/12/2020 10:43:43] - |D| - [1224] - C:\Users\quent\AppData\Roaming\Intel [23/12/2020 10:46:06] - |D| - [682] - C:\Users\quent\AppData\Roaming\Intel Corporation [05/06/2021 23:05:41] - |D| - [0] - C:\Users\quent\AppData\Roaming\jjava [01/01/2021 15:30:47] - |D| - [5233779] - C:\Users\quent\AppData\Roaming\LibreOffice [23/12/2020 10:39:56] - |SD| - [34596167] - C:\Users\quent\AppData\Roaming\Microsoft [23/12/2020 10:46:11] - |D| - [9839118] - C:\Users\quent\AppData\Roaming\Mozilla [26/12/2020 23:21:20] - |D| - [0] - C:\Users\quent\AppData\Roaming\Nitrox [05/06/2021 23:05:41] - |D| - [66] - C:\Users\quent\AppData\Roaming\npm-vendors [01/01/2021 15:30:48] - |D| - [6304504] - C:\Users\quent\AppData\Roaming\NVIDIA [05/06/2021 23:05:41] - |D| - [0] - C:\Users\quent\AppData\Roaming\OculusSoft [25/03/2021 17:26:10] - |D| - [0] - C:\Users\quent\AppData\Roaming\Overwolf [23/02/2021 22:36:18] - |D| - [7859323] - C:\Users\quent\AppData\Roaming\Petroglyph [05/06/2021 23:05:41] - |D| - [66] - C:\Users\quent\AppData\Roaming\Postman21 [05/06/2021 23:05:41] - |D| - [0] - C:\Users\quent\AppData\Roaming\protonVM [05/06/2021 23:05:39] - |D| - [57453] - C:\Users\quent\AppData\Roaming\SCP Secret Laboratory [05/06/2021 23:05:41] - |D| - [0] - C:\Users\quent\AppData\Roaming\slobs-client-cache [05/06/2021 23:05:41] - |D| - [0] - C:\Users\quent\AppData\Roaming\Steam [23/12/2020 12:23:37] - |D| - [0] - C:\Users\quent\AppData\Roaming\Sun [11/06/2021 12:45:50] - |D| - [0] - C:\Users\quent\AppData\Roaming\Synapse3 [13/05/2021 22:14:24] - |D| - [28510375] - C:\Users\quent\AppData\Roaming\T2GP Launcher [03/03/2021 21:58:31] - |D| - [0] - C:\Users\quent\AppData\Roaming\twitch-desktop-electron-platform [04/05/2021 18:04:05] - |D| - [163394163] - C:\Users\quent\AppData\Roaming\WindSolutions [22/02/2021 14:54:41] - |D| - [12] - C:\Users\quent\AppData\Roaming\WinRAR [23/12/2020 10:43:44] - |SH| - [174] - C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [23/12/2020 10:39:56] - |SHD| - [0] - C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [23/12/2020 10:39:56] - |RD| - [51504] - C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [23/12/2020 10:39:56] - |RD| - [3888] - C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [23/12/2020 10:39:56] - |RD| - [1674] - C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [23/12/2020 10:43:44] - |RD| - [174] - C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [04/05/2021 18:04:13] - |D| - [2782] - C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center [23/12/2020 10:39:56] - |SH| - [264] - C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [23/12/2020 10:58:04] - |D| - [4570] - C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc [30/01/2021 17:06:40] - |D| - [3379] - C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam [29/01/2021 20:01:54] - |A| - [1286] - C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameforge Client.lnk [23/12/2020 10:39:56] - |D| - [170] - C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [23/12/2020 10:39:56] - |A| - [2417] - C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [09/01/2021 01:01:17] - |D| - [3398] - C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf [23/01/2021 17:50:38] - |D| - [1127] - C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Registry Trash Keys Finder [01/01/2021 23:38:31] - |D| - [0] - C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games [16/04/2021 17:05:14] - |D| - [1944] - C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games [23/12/2020 10:43:44] - |RD| - [174] - C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [23/12/2020 11:23:22] - |D| - [2997] - C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam [23/12/2020 10:39:56] - |RD| - [4913] - C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [07/01/2021 15:44:41] - |D| - [4839] - C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft [28/02/2021 15:38:32] - |A| - [1869] - C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk [23/12/2020 10:39:56] - |D| - [5078] - C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [22/02/2021 14:54:32] - |D| - [4561] - C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [23/12/2020 10:43:44] - |SH| - [174] - C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\ProgramData [25/05/2021 09:37:49] - |D| - [0] - C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4 [15/01/2020 03:18:23] - |D| - [2576150] - C:\ProgramData\Acer [25/05/2021 09:34:53] - |A| - [118708] - C:\ProgramData\agent.1621928088.bdinstall.v2.bin [25/05/2021 09:47:42] - |A| - [74316] - C:\ProgramData\agent.uninstall.1621928855.bdinstall.v2.bin [04/05/2021 16:36:35] - |D| - [4040225] - C:\ProgramData\Apple [04/05/2021 16:36:33] - |D| - [1604] - C:\ProgramData\Apple Computer [04/05/2021 17:02:26] - |D| - [13529152] - C:\ProgramData\Apple Inc [23/12/2020 06:25:45] - |SHD| - [0] - C:\ProgramData\Application Data [25/05/2021 09:37:25] - |D| - [0] - C:\ProgramData\Atc [22/02/2021 14:49:43] - |D| - [15472306] - C:\ProgramData\Battle.net [25/05/2021 09:37:05] - |D| - [0] - C:\ProgramData\BDLogging [25/05/2021 09:34:48] - |D| - [0] - C:\ProgramData\Bitdefender Agent [22/02/2021 15:00:19] - |D| - [375117191] - C:\ProgramData\Blizzard Entertainment [23/12/2020 06:25:45] - |SHD| - [0] - C:\ProgramData\Bureau [25/05/2021 09:37:52] - |A| - [773940] - C:\ProgramData\cl.1621928197.bdinstall.v2.bin [25/05/2021 09:37:52] - |A| - [104068] - C:\ProgramData\cl.kit.1621928190.bdinstall.v2.bin [25/05/2021 09:45:52] - |A| - [403092] - C:\ProgramData\cl.uninstall.1621928722.bdinstall.v2.bin [15/01/2020 03:28:54] - |D| - [118] - C:\ProgramData\CLSK [15/01/2020 03:28:48] - |D| - [1004246] - C:\ProgramData\CyberLink [15/01/2020 02:48:49] - |A| - [5291] - C:\ProgramData\DisplaySessionContainer1.log [15/01/2020 02:48:49] - |A| - [6554] - C:\ProgramData\DisplaySessionContainer1.log_backup1 [23/12/2020 06:25:45] - |SHD| - [0] - C:\ProgramData\Documents [15/01/2020 03:31:36] - |D| - [6105] - C:\ProgramData\DriverSetupUtility [30/01/2021 17:13:33] - |A| - [4824] - C:\ProgramData\droidcam-client-options-v2 [30/01/2021 17:13:33] - |A| - [372] - C:\ProgramData\droidcam-settings [30/01/2021 17:12:19] - |A| - [0] - C:\ProgramData\droidcam.log [23/12/2020 22:50:17] - |D| - [69019318] - C:\ProgramData\Epic [02/01/2021 00:41:42] - |D| - [0] - C:\ProgramData\Frontier Developments [31/01/2021 19:04:20] - |D| - [29387728] - C:\ProgramData\Gameforge4d [25/05/2021 09:37:25] - |D| - [0] - C:\ProgramData\Gemma [15/01/2020 03:28:00] - |D| - [2060684] - C:\ProgramData\install_backup [15/01/2020 03:28:00] - |D| - [538103] - C:\ProgramData\install_clap [15/01/2020 02:54:13] - |D| - [2290861] - C:\ProgramData\Intel [26/12/2020 23:23:27] - |D| - [0] - C:\ProgramData\LogMeIn [23/12/2020 06:25:45] - |SHD| - [0] - C:\ProgramData\Menu Démarrer [07/12/2019 11:14:52] - |SD| - [739177947] - C:\ProgramData\Microsoft [23/12/2020 10:45:05] - |D| - [25] - C:\ProgramData\Microsoft OneDrive [03/02/2021 17:37:34] - |A| - [16] - C:\ProgramData\mntemp [23/12/2020 06:25:45] - |SHD| - [0] - C:\ProgramData\Modèles [15/01/2020 03:20:39] - |D| - [0] - C:\ProgramData\Mozilla [15/01/2020 03:29:04] - |D| - [33324] - C:\ProgramData\Norton [15/01/2020 03:29:02] - |D| - [43218332] - C:\ProgramData\NortonInstaller [15/01/2020 02:48:49] - |A| - [6888] - C:\ProgramData\NVDisplay.ContainerLocalSystem.log [15/01/2020 02:48:49] - |A| - [12959] - C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1 [15/01/2020 02:48:49] - |A| - [21557] - C:\ProgramData\NVDisplayContainerWatchdog.log [15/01/2020 02:48:49] - |A| - [24798] - C:\ProgramData\NVDisplayContainerWatchdog.log_backup1 [15/01/2020 02:49:50] - |D| - [1671870] - C:\ProgramData\NVIDIA [23/12/2020 06:17:18] - |D| - [2319261197] - C:\ProgramData\NVIDIA Corporation [15/01/2020 03:18:22] - |D| - [137756435] - C:\ProgramData\OEM [23/12/2020 12:23:19] - |D| - [82551976] - C:\ProgramData\Oracle [09/01/2021 01:01:11] - |D| - [648920746] - C:\ProgramData\Overwolf [15/01/2020 02:49:52] - |D| - [173546042] - C:\ProgramData\Package Cache [23/12/2020 10:43:47] - |D| - [634880] - C:\ProgramData\Packages [11/06/2021 12:40:33] - |D| - [262315037] - C:\ProgramData\Razer [07/12/2019 11:14:52] - |D| - [999] - C:\ProgramData\regid.1991-06.com.microsoft [01/01/2021 23:38:22] - |D| - [6529608] - C:\ProgramData\Riot Games [15/01/2020 02:54:20] - |D| - [0] - C:\ProgramData\Roaming [16/04/2021 17:05:13] - |D| - [2589173] - C:\ProgramData\Rockstar Games [07/12/2019 11:14:52] - |D| - [0] - C:\ProgramData\SoftwareDistribution [23/12/2020 10:57:59] - |D| - [68822328] - C:\ProgramData\SquirrelMachineInstalls [23/12/2020 03:07:30] - |D| - [0] - C:\ProgramData\ssh [15/01/2020 03:28:03] - |D| - [0] - C:\ProgramData\Temp [22/02/2021 14:56:21] - |D| - [133] - C:\ProgramData\Thunder Network [07/01/2021 15:51:10] - |D| - [0] - C:\ProgramData\Ubisoft [26/12/2020 23:27:16] - |D| - [0] - C:\ProgramData\Unknown Worlds [07/12/2019 11:14:52] - |D| - [10604544] - C:\ProgramData\USOPrivate [07/12/2019 11:14:52] - |D| - [14213120] - C:\ProgramData\USOShared [25/05/2021 09:41:14] - |A| - [197564] - C:\ProgramData\vpn.1621928467.bdinstall.v2.bin [25/05/2021 09:47:31] - |A| - [99244] - C:\ProgramData\vpn.uninstall.1621928833.bdinstall.v2.bin [07/12/2019 16:53:03] - |D| - [0] - C:\ProgramData\WindowsHolographicDevices [04/05/2021 18:04:05] - |D| - [53815] - C:\ProgramData\WindSolutions [03/02/2021 17:37:48] - |D| - [0] - C:\ProgramData\Wondershare ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [23/12/2020 10:50:00] - |D| - [1194] - C:\ProgramData\Microsoft\Windows\Start Menu\Acer [07/12/2019 11:14:54] - |SH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [23/12/2020 06:25:45] - |SHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [07/12/2019 11:14:52] - |RD| - [113810] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [07/12/2019 11:14:52] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [07/12/2019 11:14:52] - |RD| - [14467] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [15/01/2020 03:32:28] - |D| - [2186] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer [07/12/2019 11:14:52] - |RD| - [22956] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [22/02/2021 14:59:45] - |D| - [878] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net [07/06/2021 16:53:49] - |A| - [2366] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk [01/01/2021 15:46:19] - |D| - [967] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [24/12/2020 01:04:55] - |D| - [2850] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID [15/01/2020 03:28:48] - |RD| - [2488] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 14 [07/12/2019 11:14:54] - |ASH| - [400] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [23/12/2020 22:50:24] - |A| - [1270] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk [12/02/2021 21:58:45] - |D| - [1958] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flashpaste [07/03/2021 18:13:39] - |A| - [1144] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Galaxy Life Reborn.lnk [23/12/2020 10:46:49] - |A| - [2249] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [07/12/2019 11:10:31] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [15/01/2020 03:05:17] - |RD| - [2475] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [23/12/2020 12:23:32] - |D| - [6764] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [27/12/2020 03:18:17] - |D| - [4734] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KULT#100 Gaming Mouse [01/01/2021 15:29:07] - |D| - [9058] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.0 [07/12/2019 11:14:52] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [23/12/2020 06:19:46] - |A| - [2446] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk [23/12/2020 12:19:28] - |D| - [1211] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Launcher [15/01/2020 02:50:08] - |D| - [1461] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [22/02/2021 15:14:50] - |D| - [533] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch [02/05/2021 15:31:25] - |D| - [2366] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerfectKeyboard [11/06/2021 12:45:47] - |D| - [1580] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer [01/01/2021 23:38:31] - |D| - [3310] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games [23/02/2021 22:29:52] - |D| - [5783] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STAR WARS - Empire at War Gold Pack [14/05/2021 12:44:39] - |D| - [495] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II [07/12/2019 11:14:52] - |RD| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [23/12/2020 11:18:06] - |D| - [1108] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [07/12/2019 11:14:52] - |RD| - [1458] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [07/12/2019 16:52:28] - |RD| - [2800] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [22/02/2021 14:54:32] - |D| - [4489] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [03/02/2021 17:37:05] - |D| - [1253] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [07/12/2019 11:14:54] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [15/01/2020 03:18:22] - |D| - [33588128] - C:\Program Files (x86)\Acer [22/02/2021 14:59:02] - |D| - [578733936] - C:\Program Files (x86)\Battle.net [07/06/2021 16:53:21] - |D| - [17732345] - C:\Program Files (x86)\BraveSoftware [07/12/2019 11:14:52] - |D| - [99209335] - C:\Program Files (x86)\Common Files [15/01/2020 03:28:39] - |D| - [303749544] - C:\Program Files (x86)\CyberLink [07/12/2019 11:14:54] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [30/01/2021 17:06:36] - |D| - [9911015] - C:\Program Files (x86)\DroidCam [26/02/2021 22:58:24] - |D| - [3167296] - C:\Program Files (x86)\EasyAntiCheat [23/12/2020 22:50:17] - |D| - [926188855] - C:\Program Files (x86)\Epic Games [12/02/2021 21:58:44] - |D| - [5904549] - C:\Program Files (x86)\Flashpaste [29/01/2021 20:01:42] - |D| - [0] - C:\Program Files (x86)\GameforgeClient [07/03/2021 18:13:33] - |D| - [186645410] - C:\Program Files (x86)\GLRLauncher [23/12/2020 10:46:33] - |D| - [12646240] - C:\Program Files (x86)\Google [15/01/2020 02:46:51] - |HD| - [31816276] - C:\Program Files (x86)\InstallShield Installation Information [15/01/2020 02:54:13] - |D| - [56450941] - C:\Program Files (x86)\Intel [07/12/2019 11:14:52] - |D| - [1992547] - C:\Program Files (x86)\Internet Explorer [27/12/2020 03:18:17] - |D| - [10378323] - C:\Program Files (x86)\KULT#100 Gaming Mouse [23/12/2020 06:19:36] - |D| - [1274305480] - C:\Program Files (x86)\Microsoft [15/01/2020 03:20:02] - |D| - [8808482] - C:\Program Files (x86)\Microsoft SQL Server Compact Edition [07/12/2019 11:14:52] - |D| - [23935] - C:\Program Files (x86)\Microsoft.NET [23/12/2020 12:19:28] - |D| - [486369178] - C:\Program Files (x86)\Minecraft Launcher [23/12/2020 03:00:30] - |D| - [25757] - C:\Program Files (x86)\MSBuild [15/01/2020 03:28:48] - |D| - [12136278] - C:\Program Files (x86)\NSIS Uninstall Information [15/01/2020 02:48:49] - |D| - [294852666] - C:\Program Files (x86)\NVIDIA Corporation [09/01/2021 01:01:14] - |D| - [639991438] - C:\Program Files (x86)\Overwolf [02/05/2021 15:31:22] - |D| - [23738957] - C:\Program Files (x86)\PerfectKeyboard [23/01/2021 17:42:54] - |D| - [3828568] - C:\Program Files (x86)\RakaposhiPurviewkpzInstall [11/06/2021 12:40:19] - |D| - [751924245] - C:\Program Files (x86)\Razer [11/06/2021 12:43:40] - |D| - [45334733] - C:\Program Files (x86)\Razer Chroma SDK [15/01/2020 02:46:51] - |D| - [9685952] - C:\Program Files (x86)\Realtek [23/12/2020 03:00:30] - |D| - [38479105] - C:\Program Files (x86)\Reference Assemblies [16/04/2021 17:08:33] - |D| - [158941018] - C:\Program Files (x86)\Rockstar Games [23/12/2020 11:18:06] - |D| - [54858228643] - C:\Program Files (x86)\Steam [15/01/2020 03:11:57] - |HD| - [0] - C:\Program Files (x86)\Temp [07/01/2021 15:44:39] - |D| - [269775827] - C:\Program Files (x86)\Ubisoft [07/12/2019 11:14:52] - |D| - [1876768] - C:\Program Files (x86)\Windows Defender [07/12/2019 11:14:52] - |D| - [625664] - C:\Program Files (x86)\Windows Mail [07/12/2019 16:53:03] - |D| - [3311981] - C:\Program Files (x86)\Windows Media Player [07/12/2019 16:53:03] - |D| - [40232] - C:\Program Files (x86)\Windows Multimedia Platform [07/12/2019 11:14:52] - |D| - [6109528] - C:\Program Files (x86)\Windows NT [07/12/2019 16:53:03] - |D| - [5305792] - C:\Program Files (x86)\Windows Photo Viewer [07/12/2019 16:53:03] - |D| - [40232] - C:\Program Files (x86)\Windows Portable Devices [07/12/2019 11:14:52] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar [07/12/2019 11:14:52] - |D| - [2373157] - C:\Program Files (x86)\WindowsPowerShell ---------- | C:\Program Files [15/01/2020 03:20:09] - |D| - [297230066] - C:\Program Files\Acer [25/05/2021 09:36:43] - |D| - [0] - C:\Program Files\Bitdefender [07/06/2021 16:53:41] - |D| - [663198764] - C:\Program Files\BraveSoftware [01/01/2021 15:46:18] - |D| - [79856136] - C:\Program Files\CCleaner [07/12/2019 11:14:52] - |D| - [49744314] - C:\Program Files\Common Files [24/12/2020 01:04:55] - |D| - [4910716] - C:\Program Files\CPUID [07/12/2019 11:14:54] - |SH| - [174] - C:\Program Files\desktop.ini [15/01/2020 03:31:36] - |D| - [1983713] - C:\Program Files\DriverSetupUtility [23/12/2020 06:25:45] - |SHD| - [0] - C:\Program Files\Fichiers communs [23/12/2020 10:46:44] - |D| - [512360762] - C:\Program Files\Google [15/01/2020 02:37:27] - |D| - [206893557] - C:\Program Files\Intel [07/12/2019 11:14:52] - |D| - [2669934] - C:\Program Files\Internet Explorer [23/12/2020 12:23:18] - |D| - [213470509] - C:\Program Files\Java [01/01/2021 15:28:42] - |D| - [591452049] - C:\Program Files\LibreOffice [15/01/2020 03:20:02] - |D| - [9418786] - C:\Program Files\Microsoft SQL Server Compact Edition [14/02/2021 21:43:59] - |D| - [2041880] - C:\Program Files\Microsoft Update Health Tools [07/12/2019 11:14:52] - |D| - [0] - C:\Program Files\ModifiableWindowsApps [23/12/2020 03:00:30] - |D| - [25757] - C:\Program Files\MSBuild [15/01/2020 02:48:24] - |D| - [771364473] - C:\Program Files\NVIDIA Corporation [31/01/2021 23:58:57] - |D| - [0] - C:\Program Files\paint.net [11/06/2021 12:43:59] - |D| - [354168] - C:\Program Files\Razer [11/06/2021 12:43:41] - |D| - [216600] - C:\Program Files\Razer Chroma SDK [23/12/2020 03:00:30] - |D| - [36883625] - C:\Program Files\Reference Assemblies [16/04/2021 17:05:06] - |D| - [580641374] - C:\Program Files\Rockstar Games [23/12/2020 06:17:00] - |HD| - [0] - C:\Program Files\Uninstall Information [07/12/2019 11:14:52] - |D| - [14101430] - C:\Program Files\Windows Defender [07/12/2019 11:14:52] - |D| - [639488] - C:\Program Files\Windows Mail [07/12/2019 16:53:03] - |D| - [4709265] - C:\Program Files\Windows Media Player [07/12/2019 16:53:03] - |D| - [48536] - C:\Program Files\Windows Multimedia Platform [07/12/2019 11:14:52] - |D| - [6454616] - C:\Program Files\Windows NT [07/12/2019 16:53:03] - |D| - [6223816] - C:\Program Files\Windows Photo Viewer [07/12/2019 16:53:03] - |D| - [48528] - C:\Program Files\Windows Portable Devices [07/12/2019 11:14:52] - |D| - [111709] - C:\Program Files\Windows Security [07/12/2019 11:14:52] - |SHD| - [0] - C:\Program Files\Windows Sidebar [07/12/2019 11:14:52] - |HD| - [6007361355] - C:\Program Files\WindowsApps [07/12/2019 11:14:52] - |D| - [2699677] - C:\Program Files\WindowsPowerShell [22/02/2021 14:54:30] - |D| - [8203740] - C:\Program Files\WinRAR ---------- | C:\Program Files (x86)\Common Files [07/01/2021 15:47:14] - |D| - [35590344] - C:\Program Files (x86)\Common Files\BattlEye [25/04/2021 23:18:40] - |D| - [2223312] - C:\Program Files (x86)\Common Files\Java [07/12/2019 11:14:52] - |D| - [16375555] - C:\Program Files (x86)\Common Files\Microsoft Shared [25/04/2021 23:18:50] - |D| - [2011840] - C:\Program Files (x86)\Common Files\Oracle [09/01/2021 01:01:15] - |D| - [2259760] - C:\Program Files (x86)\Common Files\Overwolf [07/12/2019 11:14:52] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [23/12/2020 11:18:07] - |D| - [30890451] - C:\Program Files (x86)\Common Files\Steam [07/12/2019 11:14:52] - |D| - [9855371] - C:\Program Files (x86)\Common Files\System ---------- | C:\Program Files\Common files [15/01/2020 02:54:13] - |D| - [2472928] - C:\Program Files\Common files\Intel [15/01/2020 03:05:23] - |D| - [338764] - C:\Program Files\Common files\Intel Corporation [07/12/2019 11:14:52] - |D| - [36074613] - C:\Program Files\Common files\microsoft shared [07/12/2019 11:14:52] - |D| - [2702] - C:\Program Files\Common files\Services [07/12/2019 11:14:52] - |D| - [10855307] - C:\Program Files\Common files\System [03/03/2021 21:58:30] - |D| - [0] - C:\Program Files\Common files\Twitch ---------- | Links to files C:\OEM\Preload\Command\AlaunchX\BackupLinks\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe - Status : OK C:\Program Files (x86)\DroidCam\Toggle HD Mode.lnk -> C:\Program Files (x86)\DroidCam\DroidCamApp.exe - Status : OK C:\Program Files (x86)\DroidCam\With Stats.lnk -> C:\Program Files (x86)\DroidCam\DroidCamApp.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Acer\Acer Jumpstart.lnk -> C:\Program Files (x86)\Acer\Acer Jumpstart\wall.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\system32\notepad.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\system32\mspaint.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\system32\quickassist.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\system32\mstsc.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\system32\SnippingTool.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\system32\psr.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\system32\charmap.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\system32\WFS.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer documents.lnk -> C:\OEM\Preload\Autorun\GUI\Acer User's Manual\00 - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\system32\comexp.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\system32\compmgmt.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\system32\dfrgui.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\system32\cleanmgr.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\system32\eventvwr.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\system32\iscsicpl.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\system32\MdSched.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\syswow64\odbcad32.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\system32\odbcad32.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\system32\perfmon.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\system32\RecoveryDrive.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\system32\perfmon.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\system32\services.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\system32\msconfig.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\system32\msinfo32.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\system32\taskschd.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\system32\WF.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net\Battle.net.lnk -> C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk -> C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\Edit CPU-Z Config File.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.ini - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\Uninstall CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\unins000.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 14\CyberLink PowerDVD 14.lnk -> C:\Program Files (x86)\CyberLink\PowerDVD14\PDVDLP.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk -> C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flashpaste\Flashpaste.lnk -> C:\Program Files (x86)\Flashpaste\Flashpaste.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flashpaste\Website.lnk -> C:\Program Files (x86)\Flashpaste\Flashpaste.url - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Galaxy Life Reborn.lnk -> C:\Program Files (x86)\GLRLauncher\glr-qt-launcher.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\Control.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Rapid Storage Technology.lnk -> C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\A propos de Java.lnk -> C:\Program Files\Java\jre1.8.0_291\bin\javacpl.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configurer Java.lnk -> C:\Program Files\Java\jre1.8.0_291\bin\javacpl.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Rechercher les mises à jour.lnk -> C:\Program Files\Java\jre1.8.0_291\bin\javacpl.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KULT#100 Gaming Mouse\KULT#100 Gaming Mouse.lnk -> C:\Windows\Installer\{1F62FD2A-129B-45AA-B328-2B5C06518058}\GamingMouse.exe_C91750A3439949AD9A64E119169FEAEE.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KULT#100 Gaming Mouse\Uninstall.lnk -> C:\Windows\SysWOW64\msiexec.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.0\LibreOffice (Mode sans échec).lnk -> C:\Program Files\LibreOffice\program\soffice.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.0\LibreOffice Base.lnk -> C:\Program Files\LibreOffice\program\sbase.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.0\LibreOffice Calc.lnk -> C:\Program Files\LibreOffice\program\scalc.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.0\LibreOffice Draw.lnk -> C:\Program Files\LibreOffice\program\sdraw.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.0\LibreOffice Impress.lnk -> C:\Program Files\LibreOffice\program\simpress.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.0\LibreOffice Math.lnk -> C:\Program Files\LibreOffice\program\smath.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.0\LibreOffice Writer.lnk -> C:\Program Files\LibreOffice\program\swriter.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.0\LibreOffice.lnk -> C:\Program Files\LibreOffice\program\soffice.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Launcher\Minecraft Launcher.lnk -> C:\Program Files (x86)\Minecraft Launcher\MinecraftLauncher.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch\Overwatch.lnk -> D:\battle net\Overwatch\Overwatch Launcher.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerfectKeyboard\PerfectKeyboard.lnk -> C:\Program Files (x86)\PerfectKeyboard\PerfectKeyboard.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerfectKeyboard\Uninstall PerfectKeyboard.lnk -> C:\Program Files (x86)\PerfectKeyboard\unins000.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer\Razer Synapse.lnk -> C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games\League of Legends.lnk -> C:\Riot Games\Riot Client\RiotClientServices.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games\VALORANT.lnk -> C:\Riot Games\Riot Client\RiotClientServices.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STAR WARS - Empire at War Gold Pack\Language Empire at War.lnk -> C:\STAR WARS - Empire at War Gold Pack\Language.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STAR WARS - Empire at War Gold Pack\Star Wars - Empire At War - Forces of Corruption.lnk -> C:\STAR WARS - Empire at War Gold Pack\EAWX\swfoc.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STAR WARS - Empire at War Gold Pack\Star Wars - Empire At War.lnk -> C:\STAR WARS - Empire at War Gold Pack\GameData\sweaw.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STAR WARS - Empire at War Gold Pack\Uninstall STAR WARS - Empire at War Gold Pack.lnk -> C:\STAR WARS - Empire at War Gold Pack\unins000.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II\StarCraft II.lnk -> D:\battle net\StarCraft II\StarCraft II.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\system32\taskmgr.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\syswow64\WindowsPowerShell\v1.0\PowerShell_ISE.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Aide de WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Manuel de la console RAR.lnk -> C:\Program Files\WinRAR\Rar.txt - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Quelles sont les nouveautés de la dernière version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare\Wondershare Filmora Update\Filmora Effect Pack.lnk -> C:\Program Files\Wondershare\Wondershare Filmora Update\Wondershare Filmora Update.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\system32\taskmgr.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\system32\compmgmt.msc - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\system32\diskmgmt.msc - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\system32\eventvwr.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\system32\mblctr.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\system32\WFS.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\system32\magnify.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\system32\narrator.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\system32\osk.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\OneDrive\OneDrive.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\quent\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe - Status : OK C:\Users\quent\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe - Status : OK C:\Users\quent\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe - Status : OK C:\Users\quent\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe - Status : OK C:\Users\quent\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> - Status : OK C:\Users\quent\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\system32\taskmgr.exe - Status : OK C:\Users\quent\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Users\quent\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\quent\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Users\quent\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\quent\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\system32\compmgmt.msc - Status : OK C:\Users\quent\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\system32\diskmgmt.msc - Status : OK C:\Users\quent\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> - Status : OK C:\Users\quent\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Users\quent\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> - Status : OK C:\Users\quent\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\system32\eventvwr.exe - Status : OK C:\Users\quent\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> - Status : OK C:\Users\quent\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\system32\mblctr.exe - Status : OK C:\Users\quent\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Brave.lnk -> C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\81f60f1222210b45\League of Legends.lnk -> C:\Riot Games\League of Legends\LeagueClient.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Discord Canary.lnk -> C:\Users\quent\AppData\Local\DiscordCanary\Update.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Discord.lnk -> C:\Users\quent\AppData\Local\Discord\Update.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Steam Client Bootstrapper.lnk -> C:\Program Files (x86)\Steam\steam.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Office\Recent\22_protests_activity_sheet.docx.LNK -> C:\Users\quent\Downloads\22_protests_activity_sheet.docx - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Office\Recent\fiche GRAND ORAL.docx.LNK -> C:\Users\quent\Downloads\fiche GRAND ORAL.docx - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Office\Recent\Organisation_du_tournoi.docx.LNK -> C:\Users\quent\Downloads\Organisation_du_tournoi.docx - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Office\Recent\Planning passage classes.docx.LNK -> C:\Users\quent\Downloads\Planning passage classes.docx - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Office\Recent\S.W.Enracinement.doc.LNK -> C:\Users\quent\Downloads\S.W.Enracinement.doc - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Office\Recent\Templates.LNK -> C:\Users\quent\AppData\Roaming\Microsoft\Templates - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\-_Andor_-.jpg.lnk -> C:\Users\quent\Desktop\pp\-_Andor_-.jpg - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\1572740662732.jpg.lnk -> C:\Users\quent\Desktop\photos\1572740662732.jpg - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\1572740665149.jpg.lnk -> C:\Users\quent\Desktop\photos\1572740665149.jpg - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\1607001901681.jpg.lnk -> C:\Users\quent\Desktop\photos\1607001901681.jpg - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\18 Drone Port Drone Docking Station (1).cbp.lnk -> C:\Users\quent\Downloads\18 Drone Port Drone Docking Station (1).cbp - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\18 Drone Port Drone Docking Station.cbp.lnk -> C:\Users\quent\Downloads\18 Drone Port Drone Docking Station.cbp - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\194863848800002_Convocation_par_epreuve_V1_20210604 (1).PDF.lnk -> C:\Users\quent\Downloads\194863848800002_Convocation_par_epreuve_V1_20210604 (1).PDF - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\20200712_202558.jpg.lnk -> C:\Users\quent\Desktop\meme\20200712_202558.jpg - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\2021-05-29_00-32-27.mkv.lnk -> C:\Users\quent\Downloads\2021-05-29_00-32-27.mkv - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\3205367c115c.gif.lnk -> C:\Users\quent\Desktop\pp\3205367c115c.gif - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\3ad48fe0d9ba223494761fd0665af7c90f8d266c_hq.jpg.lnk -> C:\Users\quent\Desktop\3ad48fe0d9ba223494761fd0665af7c90f8d266c_hq.jpg - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\5edf9ae9e816d_img_0020_3-4612169.jpg.lnk -> C:\Users\quent\Desktop\5edf9ae9e816d_img_0020_3-4612169.jpg - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\802645034105176105.png.lnk -> C:\Users\quent\Downloads\802645034105176105.png - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\81rP2Sf2CJL._AC_SX425_.jpg.lnk -> C:\Users\quent\Desktop\81rP2Sf2CJL._AC_SX425_.jpg - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Afficher la quantité de mémoire RAM et la vitesse du processeur.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\alpha_130621-234249.sav.lnk -> C:\Users\quent\Desktop\pp\alpha_130621-234249.sav - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\alpha_150621-014516.sav.lnk -> C:\Users\quent\Desktop\pp\alpha_150621-014516.sav - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Aoi_Todo's_cursed_energy_(Anime).png.lnk -> C:\Users\quent\Desktop\Aoi_Todo's_cursed_energy_(Anime).png - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\artworks-bFvv4qMTKkqj5DVk-Z1sVpQ-t500x500.jpg.lnk -> C:\Users\quent\Desktop\pp\artworks-bFvv4qMTKkqj5DVk-Z1sVpQ-t500x500.jpg - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\attestation_535233_1309570.pdf.lnk -> C:\Users\quent\Downloads\attestation_535233_1309570.pdf - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\a_5bbc9534e6b8c429f1d708f8f85459b0_1.gif.lnk -> C:\Users\quent\Desktop\pp\a_5bbc9534e6b8c429f1d708f8f85459b0_1.gif - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\a_a93acfe3ecdfdfc5da05ff778cf4b65f.gif.lnk -> C:\Users\quent\Desktop\pp\a_a93acfe3ecdfdfc5da05ff778cf4b65f.gif - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\a_bf29b5c4e51cf78fef390ab208f5b618.gif.lnk -> C:\Users\quent\Desktop\pp\a_bf29b5c4e51cf78fef390ab208f5b618.gif - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\basket.lnk -> C:\Users\quent\Desktop\photos téléphone\on garde\basket - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\bruh.mp4.lnk -> C:\Users\quent\Desktop\meme\bruh.mp4 - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\bug fall.mp4.lnk -> C:\Users\quent\Desktop\meme\bug fall.mp4 - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Bureau.lnk -> C:\Users\quent\Desktop - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Capture d’écran 2021-02-13 231000.png.lnk -> C:\Users\quent\Desktop\meme potes\Capture d’écran 2021-02-13 231000.png - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Capture d’écran 2021-03-05 215630.png.lnk -> C:\Users\quent\Desktop\Capture d’écran 2021-03-05 215630.png - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Ce PC.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Consulter l’état de votre ordinateur.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\cringelol.lnk -> C:\Users\quent\Desktop\cringelol - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\d-172716_Among_Us.png.lnk -> C:\Users\quent\Desktop\d-172716_Among_Us.png - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ddd.png.lnk -> C:\Users\quent\Desktop\ddd.png - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Desktop (2).lnk -> C:\Users\quent\Videos\Desktop - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Desktop 2021.06.12 - 19.30.47.02.mp4.lnk -> C:\Users\quent\Videos\Desktop\Desktop 2021.06.12 - 19.30.47.02.mp4 - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Desktop 2021.06.13 - 01.10.04.12.DVR.mp4.lnk -> C:\Users\quent\Videos\Desktop\Desktop 2021.06.13 - 01.10.04.12.DVR.mp4 - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Desktop.lnk -> C:\Users\quent\Videos\Desktop - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\DOC150621-15062021180129 (2).pdf.lnk -> C:\Users\quent\Downloads\DOC150621-15062021180129 (2).pdf - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\DOC150621-15062021180129.pdf.lnk -> C:\Users\quent\Desktop\DOC150621-15062021180129.pdf - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Dr Hydra's Megastorage.cbp.lnk -> C:\Users\quent\Downloads\Dr Hydra's Megastorage.cbp - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\droit eco gestion.odt.lnk -> C:\Users\quent\Desktop\parcoursup\droit eco gestion.odt - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\drone cyberpunk.mp4.lnk -> C:\Users\quent\Desktop\meme\drone cyberpunk.mp4 - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Drone Nest.cbp.lnk -> C:\Users\quent\Downloads\Drone Nest.cbp - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Défragmenter et optimiser vos lecteurs.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\eco maths le mans.odt.lnk -> C:\Users\quent\Desktop\parcoursup\eco maths le mans.odt - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\eco.odt.lnk -> C:\Users\quent\Desktop\parcoursup\eco.odt - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\eyes4.gif.lnk -> C:\Users\quent\Desktop\pp\eyes4.gif - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Ficsit Freighter (1).cbp.lnk -> C:\Users\quent\Downloads\Ficsit Freighter (1).cbp - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Ficsit Freighter.cbp.lnk -> C:\Users\quent\Downloads\Ficsit Freighter.cbp - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\FUBAR's Uranium Subway.cbp.lnk -> C:\Users\quent\Downloads\FUBAR's Uranium Subway.cbp - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Furry_FJ.mp4.lnk -> C:\Users\quent\Downloads\Furry_FJ.mp4 - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\geo et aménagement le mans.odt.lnk -> C:\Users\quent\Desktop\parcoursup\geo et aménagement le mans.odt - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Gestionnaire de périphériques (2).lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Gestionnaire de périphériques.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\gintama.gif.lnk -> C:\Users\quent\Desktop\pp\gintama.gif - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\grand oral ses.odt.lnk -> C:\Users\quent\Desktop\grand oral\grand oral ses.odt - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\grand oral svt.odt.lnk -> C:\Users\quent\Desktop\grand oral\grand oral svt.odt - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\grand oral.lnk -> C:\Users\quent\Desktop\grand oral - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\hero-graphic.png.lnk -> C:\Users\quent\Desktop\hero-graphic.png - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\histoire le mans.odt.lnk -> C:\Users\quent\Desktop\parcoursup\histoire le mans.odt - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\houla.lnk -> C:\Users\quent\Desktop\houla - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\https--go.microsoft.com-fwlink-linkid=2030685.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\https--regles.heavencommunity.fr-.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\image.png.lnk -> C:\Users\quent\Desktop\pp\image.png - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\image0-36-2.jpg.lnk -> C:\Users\quent\Desktop\image0-36-2.jpg - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\image0.jpg.lnk -> C:\Users\quent\Desktop\pp\image0.jpg - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\impersonne.lnk -> C:\Users\quent\Desktop\impersonne - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Internet (2).lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Internet.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\je suis stylé . exe.png.lnk -> C:\Users\quent\Desktop\meme\je suis stylé . exe.png - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\jedi_fall.mp4.lnk -> C:\Users\quent\Downloads\jedi_fall.mp4 - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\less.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\lettres le mans.odt.lnk -> C:\Users\quent\Desktop\parcoursup\lettres le mans.odt - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\lettres nantes.odt.lnk -> C:\Users\quent\Desktop\parcoursup\lettres nantes.odt - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\mama.gif.lnk -> C:\Users\quent\Desktop\pp\mama.gif - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Matériel et audio.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\maxresdefault.jpg.lnk -> C:\Users\quent\Desktop\maxresdefault.jpg - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\maxresdefault.jpg__770x433_q85_crop_subsampling-2_upscale.jpg.lnk -> C:\Users\quent\Desktop\pp\maxresdefault.jpg__770x433_q85_crop_subsampling-2_upscale.jpg - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\meme potes.lnk -> C:\Users\quent\Desktop\meme potes - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\meme.lnk -> C:\Users\quent\Desktop\meme - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\microsoft-edgehttps--www.bing.com-searchq=configurer%20le%20microphone%20dans%20Windows%2010&form=B00032&ocid=SettingsHAQ-BingIA&mkt=fr-FR.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\microsoft-edgehttps--www.bing.com-searchq=programmes%20de%20d%C3%A9marrage%20dans%20Windows%2010&form=B00032&ocid=SettingsHAQ-BingIA&mkt=fr-FR.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\microsoft-edgehttps--www.msn.com-fr-fr-feed-personalizeocid=winp1taskbar.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\monk.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\montage jay.lnk -> C:\Users\quent\Desktop\montage jay - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--- (2).lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay---.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--kglcheck-.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1635723607&ProcessId=12108&WindowId=1246900.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1635723607&ProcessId=13704&WindowId=262984.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1635723607&ProcessId=15960&WindowId=263038.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1635723607&ProcessId=16224&WindowId=2032848.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1635723607&ProcessId=6680&WindowId=2557348.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1635723607&ProcessId=7988&WindowId=328340.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1635723607&ProcessId=8572&WindowId=394586.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1635723607&ProcessId=968&WindowId=394268.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1677994798&ProcessId=12788&WindowId=394528.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1677994798&ProcessId=15728&WindowId=133064.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1677994798&ProcessId=2268&WindowId=263758.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1677994798&ProcessId=3236&WindowId=176489128.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1677994798&ProcessId=5176&WindowId=328974.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1677994798&ProcessId=6208&WindowId=262820.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1677994798&ProcessId=7572&WindowId=198242.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1677994798&ProcessId=8244&WindowId=97388076.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1811699532&ProcessId=11496&WindowId=132380.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1811699532&ProcessId=13424&WindowId=787450.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1811699532&ProcessId=14564&WindowId=2885018.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1811699532&ProcessId=8176&WindowId=788324.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1811699532&ProcessId=9384&WindowId=263792.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1862446374&ProcessId=144&WindowId=197896.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1862446374&ProcessId=1940&WindowId=394788.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1862446374&ProcessId=9676&WindowId=1049872.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=2035309799&ProcessId=9248&WindowId=6161822.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-settingsemailandaccounts.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-settingssound.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-settingswindowsupdate.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-settingswindowsupdatewinsettingshome (2).lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\ms-settingswindowsupdatewinsettingshome.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\musique.mp4.lnk -> C:\Users\quent\Desktop\meme\musique.mp4 - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\nb.lnk -> C:\Users\quent\Desktop\staff among us fr\nb - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Nouveau dossier.lnk -> C:\Users\quent\Desktop\Nouveau dossier - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\on garde (2).lnk -> C:\Users\quent\Desktop\photos téléphone\on garde - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\on garde.lnk -> C:\Users\quent\Desktop\photos téléphone\on garde - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Options d’alimentation.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\parcoursup.lnk -> C:\Users\quent\Desktop\parcoursup - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\photos (2).lnk -> C:\Users\quent\Desktop\photos - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\photos téléphone.lnk -> C:\Users\quent\Desktop\photos téléphone - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\photos.lnk -> C:\Users\quent\Desktop\photos - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\pokemmo.lnk -> C:\Users\quent\Desktop\pokemmo - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Power Grid Network (Update 4).cbp.lnk -> C:\Users\quent\Downloads\Power Grid Network (Update 4).cbp - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Power Storage Ball.cbp.lnk -> C:\Users\quent\Downloads\Power Storage Ball.cbp - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\pp.lnk -> C:\Users\quent\Desktop\pp - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Périphériques et imprimantes.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Rip_2.mp4.lnk -> C:\Users\quent\Downloads\Rip_2.mp4 - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Résoudre des problèmes informatiques courants.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Sans nom 1.odt.lnk -> C:\Users\quent\Desktop\parcoursup\Sans nom 1.odt - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\satisfactory.lnk -> C:\Users\quent\Desktop\satisfactory - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\sauvegarde flashpaste.lnk -> C:\Users\quent\Desktop\staff among us fr\sauvegarde flashpaste - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\SCP Secret Laboratory 2021.06.10 - 13.20.30.04.mp4.lnk -> C:\Users\quent\Videos\SCP Secret Laboratory\SCP Secret Laboratory 2021.06.10 - 13.20.30.04.mp4 - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\SCP Secret Laboratory 2021.06.12 - 22.03.05.07.mp4.lnk -> C:\Users\quent\Videos\SCP Secret Laboratory\SCP Secret Laboratory 2021.06.12 - 22.03.05.07.mp4 - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\SCP Secret Laboratory 2021.06.13 - 00.53.29.27.DVR.mp4.lnk -> C:\Users\quent\Videos\SCP Secret Laboratory\SCP Secret Laboratory 2021.06.13 - 00.53.29.27.DVR.mp4 - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\SCP Secret Laboratory 2021.06.13 - 00.58.06.30.DVR.mp4.lnk -> C:\Users\quent\Videos\SCP Secret Laboratory\SCP Secret Laboratory 2021.06.13 - 00.58.06.30.DVR.mp4 - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\SCP Secret Laboratory 2021.06.13 - 01.05.40.70.mp4.lnk -> C:\Users\quent\Videos\SCP Secret Laboratory\SCP Secret Laboratory 2021.06.13 - 01.05.40.70.mp4 - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\SCP Secret Laboratory 2021.06.13 - 01.06.21.91.mp4.lnk -> C:\Users\quent\Videos\SCP Secret Laboratory\SCP Secret Laboratory 2021.06.13 - 01.06.21.91.mp4 - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\SCP Secret Laboratory.lnk -> C:\Users\quent\Videos\SCP Secret Laboratory - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Screenshot_20210305-172716_Among_Us.png.lnk -> C:\Users\quent\Desktop\Screenshot_20210305-172716_Among_Us.png - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\search.html.lnk -> C:\Users\quent\Desktop\search.html - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\sheesh vieux.mp4.lnk -> C:\Users\quent\Desktop\meme\sheesh vieux.mp4 - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Son.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Souris (2).lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Souris.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\staff among us fr.lnk -> C:\Users\quent\Desktop\staff among us fr - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\staps.odt.lnk -> C:\Users\quent\Desktop\parcoursup\staps.odt - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\star_6033a93cbb87b.zip.lnk -> C:\Users\quent\Desktop\Nouveau dossier (2)\star_6033a93cbb87b.zip - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\sus mario.mp4.lnk -> C:\Users\quent\Downloads\sus mario.mp4 - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\t'es culotté.jpg.lnk -> C:\Users\quent\Desktop\meme\t'es culotté.jpg - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\taux production.txt.lnk -> C:\Users\quent\Desktop\satisfactory\taux production.txt - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\tenor.gif.lnk -> C:\Users\quent\Desktop\tenor.gif - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\the world du ble d.jpg.lnk -> C:\Users\quent\Desktop\meme\the world du ble d.jpg - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Toutes les tâches.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Toz_Vous_avez_ete_bloque_Maskey_x_Jacob.mp4.lnk -> C:\Users\quent\Desktop\meme\Toz_Vous_avez_ete_bloque_Maskey_x_Jacob.mp4 - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Turbofuel 110GW.cbp.lnk -> C:\Users\quent\Downloads\Turbofuel 110GW.cbp - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\TurboFuel Powerplant , 44444.4MW from 600 Crude Oil Fully working__ __EDITED TO BE MORE EFFICIENT __.cbp.lnk -> C:\Users\quent\Downloads\TurboFuel Powerplant , 44444.4MW from 600 Crude Oil Fully working__ __EDITED TO BE MORE EFFICIENT __.cbp - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Téléchargements.lnk -> C:\Users\quent\Downloads - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Ugandan_Knuckles_-_I_know_de_wae.png.lnk -> C:\Users\quent\Desktop\Ugandan_Knuckles_-_I_know_de_wae.png - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\vacances.txt.lnk -> C:\Users\quent\Desktop\vacances.txt - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\Vaisseau de stockage de ressources + chasseurs TIE.cbp.lnk -> C:\Users\quent\Downloads\Vaisseau de stockage de ressources + chasseurs TIE.cbp - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\video0 (4).mp4.lnk -> C:\Users\quent\Downloads\video0 (4).mp4 - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\video0 (5).mp4.lnk -> C:\Users\quent\Downloads\video0 (5).mp4 - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\video0.mov.lnk -> C:\Users\quent\Downloads\video0.mov - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\windowsdefender--threat- (2).lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\windowsdefender--threat-.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\wow.lnk -> D:\wow - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Recent\à savoir.odt.lnk -> C:\Users\quent\Desktop\staff among us fr\nb\à savoir.odt - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\system32\WFS.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\SendTo\Transfert de fichiers Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\system32\magnify.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\system32\narrator.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\system32\osk.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center\CopyTrans Control Center.lnk -> C:\Users\quent\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransControlCenter.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center\Désinstaller.lnk -> C:\Users\quent\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransControlCenter.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc\Discord Canary.lnk -> C:\Users\quent\AppData\Local\DiscordCanary\Update.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc\Discord.lnk -> C:\Users\quent\AppData\Local\Discord\Update.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam\DroidCam Client.lnk -> C:\Program Files (x86)\DroidCam\DroidCamApp.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam\HD Mode.lnk -> C:\Program Files (x86)\DroidCam\DroidCamApp.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam\Uninstall.lnk -> C:\Program Files (x86)\DroidCam\Uninstall.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameforge Client.lnk -> C:\Program Files (x86)\GameforgeClient\gfclient.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\quent\AppData\Local\Microsoft\OneDrive\OneDrive.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf\Overwolf.lnk -> C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf\Porofessor.gg.lnk -> C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Registry Trash Keys Finder\TrashRegX64 Freeware.lnk -> C:\Program Files (x86)\TrashReg\TrashRegX64.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games\Grand Theft Auto V.lnk -> D:\gta\Grand Theft Auto V\PlayGTAV.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games\Rockstar Games Launcher.lnk -> C:\Program Files\Rockstar Games\Launcher\LauncherPatcher.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\UbisoftConnect\Ubisoft Connect.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftConnect.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\UbisoftConnect\Uninstall.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk -> C:\Users\quent\AppData\Roaming\uTorrent Web\utweb.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Aide de WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Manuel de la console RAR.lnk -> C:\Program Files\WinRAR\Rar.txt - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Quelles sont les nouveautés de la dernière version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt - Status : OK C:\Users\quent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe - Status : OK C:\Users\quent\Desktop\star wars empire at war gold pack\MOD Strategic Improvement (Forces of Corruption).lnk -> C:\STAR WARS - Empire at War Gold Pack\EAWX\PlayStrategic Improvement 99.4.bat - Status : OK C:\Users\quent\Desktop\star wars empire at war gold pack\Star Wars - Empire At War - Forces of Corruption.lnk -> C:\STAR WARS - Empire at War Gold Pack\EAWX\swfoc.exe - Status : OK C:\Users\quent\Desktop\star wars empire at war gold pack\Star Wars - Empire At War.lnk -> C:\STAR WARS - Empire at War Gold Pack\GameData\sweaw.exe - Status : OK C:\Users\quent\Documents\StarCraft II\Above_385@2.lnk -> C:\Users\quent\Documents\StarCraft II\Accounts\439090543\2-S2-1-8696262 - Status : OK C:\Users\quent\Links\Desktop.lnk -> C:\Users\quent\Desktop - Status : OK C:\Users\quent\Links\Downloads.lnk -> C:\Users\quent\Downloads - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\system32\taskmgr.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\system32\compmgmt.msc - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\system32\diskmgmt.msc - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\system32\eventvwr.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\system32\mblctr.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\SendTo\Destinataire de télécopie.lnk -> C:\Windows\System32\WFS.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\system32\WFS.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\system32\magnify.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\system32\narrator.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\system32\osk.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\OneDrive\OneDrive.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\system32\taskmgr.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\system32\compmgmt.msc - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\system32\diskmgmt.msc - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\system32\eventvwr.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\system32\mblctr.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\SendTo\Destinataire de télécopie.lnk -> C:\Windows\System32\WFS.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\system32\WFS.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\system32\magnify.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\system32\narrator.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\system32\osk.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\OneDrive\OneDrive.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe - Status : OK C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe - Status : OK C:\Windows\WinSxS\amd64_eventviewersettings_31bf3856ad364e35_10.0.19041.1_none_aae8e58aa310aa7d\Event Viewer.lnk -> C:\Windows\system32\eventvwr.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-hyper-v-management-clients_31bf3856ad364e35_10.0.19041.1_none_a87cce111f2d21d5\Hyper-V Manager.lnk -> C:\Windows\System32\mmc.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-a..roblemstepsrecorder_31bf3856ad364e35_10.0.19041.746_none_b8eadbf8a9c907b3\Steps Recorder.lnk -> C:\Windows\system32\psr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-advancedtaskmanager_31bf3856ad364e35_10.0.19041.844_none_8cde26fe4a506084\Task Manager.lnk -> C:\Windows\system32\taskmgr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-c..-disposableclientvm_31bf3856ad364e35_10.0.19041.985_none_c3639a9e3ab1a351\Windows Sandbox.lnk -> C:\Windows\system32\WindowsSandbox.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-c..s-admin-compsvclink_31bf3856ad364e35_10.0.19041.1_none_88835f4d79d6a242\Component Services.lnk -> C:\Windows\system32\comexp.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-c..termanagementsnapin_31bf3856ad364e35_10.0.19041.746_none_290f6af7d5263efa\Computer Management.lnk -> C:\Windows\system32\compmgmt.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-charmap_31bf3856ad364e35_10.0.19041.1_none_a84acae243b8ad63\Character Map.lnk -> C:\Windows\system32\charmap.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-cleanmgr_31bf3856ad364e35_10.0.19041.906_none_4b68c4a9bc3aa082\Disk Cleanup.lnk -> C:\Windows\system32\cleanmgr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-commandprompt-shortcut_31bf3856ad364e35_10.0.19041.1_none_efaf63248e6d4479\Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-d..-tools-mmc-adsiedit_31bf3856ad364e35_10.0.19041.746_none_911fb46a38a61421\ADSIEdit.lnk -> C:\Windows\system32\adsiedit.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-d..mc-sitesandservices_31bf3856ad364e35_10.0.19041.746_none_7d35d325c812757b\Active Directory Sites and Services.lnk -> C:\Windows\system32\dssite.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-d..services-adam-setup_31bf3856ad364e35_10.0.19041.746_none_1a1e8292dcf10728\ADAM Install.lnk -> C:\Windows\ADAM\adaminstall.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-defrag-adminui_31bf3856ad364e35_10.0.19041.746_none_770f598aef14382e\dfrgui.lnk -> C:\Windows\system32\dfrgui.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-e..er-server-shortcuts_31bf3856ad364e35_10.0.19041.1_none_5e85a7ed6f490164\Administrative Tools.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\01 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\01a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\02 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\02a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\03 - Computer Management.lnk -> C:\Windows\system32\compmgmt.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\04 - Disk Management.lnk -> C:\Windows\system32\diskmgmt.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\04-1 - NetworkStatus.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\05 - Device Manager.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\06 - SystemAbout.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\07 - Event Viewer.lnk -> C:\Windows\system32\eventvwr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\08 - PowerAndSleep.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\09 - Mobility Center.lnk -> C:\Windows\system32\mblctr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\1 - Desktop.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\1 - Run.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\10 - AppsAndFeatures.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\2 - Search.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\4 - Control Panel.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\5 - Task Manager.lnk -> C:\Windows\system32\taskmgr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\computer.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\Control Panel.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\File Explorer.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\Run.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\Shows Desktop.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\Window Switcher.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-f..client-applications_31bf3856ad364e35_10.0.19041.746_none_56f2f7338735a9a6\Fax Recipient.lnk -> C:\Windows\system32\WFS.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-f..client-applications_31bf3856ad364e35_10.0.19041.746_none_56f2f7338735a9a6\Windows Fax and Scan.lnk -> C:\Windows\system32\WFS.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-i..ntrolpanel.appxmain_31bf3856ad364e35_10.0.19041.1023_none_8f95c0f64c2c2e80\Immersive Control Panel.lnk -> C:\Windows\System32\Control.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-i..ntrolpanel.appxmain_31bf3856ad364e35_10.0.19041.1081_none_8f9bf0424c269348\Immersive Control Panel.lnk -> C:\Windows\System32\Control.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-iis-clientshortcuts_31bf3856ad364e35_10.0.19041.1_none_9f9e4023b60d2433\IIS Client Manager.lnk -> C:\Windows\system32\inetsrv\InetMgr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-iis-legacysnapin_31bf3856ad364e35_10.0.19041.906_none_5f45625010b4cd19\IIS6 Manager.lnk -> C:\Windows\system32\inetsrv\InetMgr6.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-iis-managementconsole_31bf3856ad364e35_10.0.19041.906_none_65f82ba919c64b11\IIS Manager.lnk -> C:\Windows\system32\inetsrv\InetMgr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-iscsi_initiator_ui_31bf3856ad364e35_10.0.19041.1_none_8ddc3834fb6f659f\iSCSI Initiator.lnk -> C:\Windows\system32\iscsicpl.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-m..-odbc-administrator_31bf3856ad364e35_10.0.19041.1_none_fa40f4e1dd1492a8\ODBC Data Sources (64-bit).lnk -> C:\Windows\system32\odbcad32.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-m..diagnostic-schedule_31bf3856ad364e35_10.0.19041.1_none_49c7a9c019150ac4\Memory Diagnostics Tool.lnk -> C:\Windows\system32\MdSched.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-magnify_31bf3856ad364e35_10.0.19041.1023_none_e3058dfa4dd44bcb\Magnify.lnk -> C:\Windows\system32\magnify.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-mediaplayer-shortcut_31bf3856ad364e35_10.0.19041.1_none_64c27fc7ed12e401\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-msconfig-exe_31bf3856ad364e35_10.0.19041.1_none_906b4c073d1d970c\System Configuration.lnk -> C:\Windows\system32\msconfig.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-msinfo32-exe_31bf3856ad364e35_10.0.19041.1_none_61cd745a990bcfb3\System Information.lnk -> C:\Windows\system32\msinfo32.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-mspaint_31bf3856ad364e35_10.0.19041.746_none_6c16d1714d60fddf\Paint.lnk -> C:\Windows\system32\mspaint.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-narrator_31bf3856ad364e35_10.0.19041.789_none_9beee4eb02a5f8c7\Narrator.lnk -> C:\Windows\system32\narrator.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-nfs-adminmmc_31bf3856ad364e35_10.0.19041.1_none_9da8f6be034114e3\Services For Network File System.lnk -> C:\Windows\system32\nfsmgmt.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-notepad_31bf3856ad364e35_10.0.19041.1081_none_e3f87355251e8c43\Notepad.lnk -> C:\Windows\system32\notepad.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-notepad_31bf3856ad364e35_10.0.19041.746_none_4d13d847cecf0038\Notepad.lnk -> C:\Windows\system32\notepad.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-osk_31bf3856ad364e35_10.0.19041.1_none_60ade0eff94c37fc\On-Screen Keyboard.lnk -> C:\Windows\system32\osk.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-performancetoolsgui_31bf3856ad364e35_10.0.19041.746_none_7a0308f7ffc334d5\Performance Monitor.lnk -> C:\Windows\system32\perfmon.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-performancetoolsgui_31bf3856ad364e35_10.0.19041.746_none_7a0308f7ffc334d5\Resource Monitor.lnk -> C:\Windows\system32\perfmon.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-powershell-ise_31bf3856ad364e35_10.0.19041.1_none_1ed6cb15a1b51b10\Windows PowerShell ISE (x86).lnk -> C:\Windows\syswow64\WindowsPowerShell\v1.0\PowerShell_ISE.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-powershell-ise_31bf3856ad364e35_10.0.19041.1_none_1ed6cb15a1b51b10\Windows PowerShell ISE.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-quickassist_31bf3856ad364e35_10.0.19041.964_none_dbe27aa7cda42a65\Quick Assist.lnk -> C:\Windows\system32\quickassist.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-recoverydrive_31bf3856ad364e35_10.0.19041.746_none_068bfbddea7cb9b4\RecoveryDrive.lnk -> C:\Windows\system32\RecoveryDrive.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_10.0.19041.746_none_d22800313aa7eb5c\Registry Editor.lnk -> C:\Windows\regedit.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-s..ment-policytools-ex_31bf3856ad364e35_10.0.19041.1_none_0f506321e073254e\Security Configuration Management.lnk -> C:\Windows\system32\secpol.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_10.0.19041.1_none_8554f027e5186b5e\services.lnk -> C:\Windows\system32\services.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-snippingtool-app_31bf3856ad364e35_10.0.19041.746_none_77bd4cfbe87238a7\Snipping Tool.lnk -> C:\Windows\system32\SnippingTool.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-speech-userexperience_31bf3856ad364e35_10.0.19041.746_none_fa033ad7aa9be481\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-t..etpc-mathinputpanel_31bf3856ad364e35_10.0.19041.746_none_a89acde4afbab635\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_10.0.19041.746_none_2bd598617fe6d4c3\Remote Desktop Connection.lnk -> C:\Windows\system32\mstsc.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-wordpad_31bf3856ad364e35_10.0.19041.1052_none_a29547672207232d\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft.windows.powershell.common_31bf3856ad364e35_10.0.19041.1_none_e6d05ddbba96a35b\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft.windows.powershell.common_31bf3856ad364e35_10.0.19041.1_none_e6d05ddbba96a35b\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\WinSxS\amd64_multipoint-logcollector_31bf3856ad364e35_10.0.19041.1_none_56138d203a7fc4cf\MultiPoint Log Collector.lnk -> C:\Program Files\Windows MultiPoint Server\LogCollector.exe - Status : OK C:\Windows\WinSxS\amd64_multipoint-wmsmanager_31bf3856ad364e35_10.0.19041.1_none_d1ffdc3927836528\MultiPoint Manager.lnk -> C:\Program Files\Windows MultiPoint Server\WmsManager.exe - Status : OK C:\Windows\WinSxS\amd64_networking-mpssvc-shortcut_31bf3856ad364e35_10.0.19041.1_none_3b48028dac22b3be\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\system32\WF.msc - Status : OK C:\Windows\WinSxS\amd64_taskschedulersettings_31bf3856ad364e35_10.0.19041.1_none_00dc114da3ba6b01\Task Scheduler.lnk -> C:\Windows\system32\taskschd.msc - Status : OK C:\Windows\WinSxS\msil_hyperv-ux-ui-vmcreate_31bf3856ad364e35_10.0.19041.1_none_8d387dde0a6c6d14\VMCreate.lnk -> C:\Program Files\Hyper-V\VMCreate.exe - Status : OK C:\Windows\WinSxS\msil_multipoint-wmsdashboard_31bf3856ad364e35_10.0.19041.1_none_061d84508b376f80\MultiPoint Dashboard.lnk -> C:\Program Files\Windows MultiPoint Server\WmsDashboard.exe - Status : OK C:\Windows\WinSxS\wow64_microsoft-windows-m..-odbc-administrator_31bf3856ad364e35_10.0.19041.1_none_04959f34117554a3\ODBC Data Sources (32-bit).lnk -> C:\Windows\syswow64\odbcad32.exe - Status : OK C:\Windows\WinSxS\wow64_microsoft-windows-onedrive-setup_31bf3856ad364e35_10.0.19041.1_none_e585f901f9ce93e6\OneDrive.lnk -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\OneDrive\OneDrive.exe - Status : OK ---------- | Tasks [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [23/12/2020 06:16:56] - |AH| - [6] - C:\Windows\Tasks\SA.DAT [MD5.B1EB36C035F52A2B4FDCF48421460F59] - [23/12/2020 10:49:54] - |A| - [4890] - C:\Windows\System32\Tasks\AcerCMUpdateTask2.1.16258 : "C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe" [MD5.00000000000000000000000000000000] - [27/05/2021 00:43:23] - |D| - [2612] - C:\Windows\System32\Tasks\Agent Activation Runtime [MD5.EDB4FAB401C3D2A500C07046E00B72C9] - [07/06/2021 16:53:23] - |A| - [3484] - C:\Windows\System32\Tasks\BraveSoftwareUpdateTaskMachineCore : C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [MD5.E645933ED86BB798F17E43533E3168BD] - [07/06/2021 16:53:23] - |A| - [3608] - C:\Windows\System32\Tasks\BraveSoftwareUpdateTaskMachineUA : C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [MD5.E894BCC73CC6EF5CB317C51522949B07] - [01/01/2021 15:46:19] - |A| - [3936] - C:\Windows\System32\Tasks\CCleaner Update : C:\Program Files\CCleaner\CCUpdate.exe [MD5.A5C24B62CDD44FD63A040B36A312BCA8] - [01/01/2021 15:46:19] - |A| - [2888] - C:\Windows\System32\Tasks\CCleanerSkipUAC : "C:\Program Files\CCleaner\CCleaner.exe" [MD5.B74C348BE0E204B378A7961F4D352FA2] - [23/12/2020 10:46:37] - |A| - [3464] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.9B186D4BDDEB09F5FB8C0F50FA90511F] - [23/12/2020 10:46:37] - |A| - [3588] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] - [23/12/2020 06:16:56] - |D| - [0] - C:\Windows\System32\Tasks\Intel [MD5.00000000000000000000000000000000] - [07/12/2019 11:14:52] - |D| - [613250] - C:\Windows\System32\Tasks\Microsoft [MD5.E7C69EF036A747E6BBBA14A5092475C8] - [23/12/2020 06:19:36] - |A| - [3510] - C:\Windows\System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore : C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [MD5.2316D9DD922BDF967C41C832D5ADDD1B] - [23/12/2020 06:19:36] - |A| - [3634] - C:\Windows\System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA : C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [MD5.3FCF5E0D7D1D01D2FDE412AC20D2ED17] - [23/12/2020 10:55:44] - |A| - [4106] - C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [MD5.6A410C702B27ADA4D001D78321E8E250] - [23/12/2020 10:55:44] - |A| - [4308] - C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [MD5.F55B2F72E563AB4B2C6F011BD0C0A3BC] - [23/12/2020 10:55:47] - |A| - [3976] - C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : "C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe" [MD5.9200A7AEAD4C78C61F5CA9964667C70D] - [23/12/2020 10:55:47] - |A| - [3940] - C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [MD5.22A3AF650BD0FE546B5F8040B3737E88] - [23/12/2020 10:55:41] - |A| - [3894] - C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [MD5.4C1943F7A098FE04B84E9B3BDC3715BF] - [23/12/2020 10:55:41] - |A| - [3654] - C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [MD5.E09022E319B7995D763D8A9DDF861C6D] - [23/12/2020 10:55:44] - |A| - [3858] - C:\Windows\System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [MD5.5D80FE910D401E224CA0DA8B51F966D6] - [23/12/2020 10:55:44] - |A| - [3858] - C:\Windows\System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [MD5.C4B8A26A818EF81D573F5739136F624A] - [23/12/2020 10:55:44] - |A| - [3858] - C:\Windows\System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [MD5.98D01CF93A16C4A2E3068F5772374FD3] - [23/12/2020 10:55:44] - |A| - [3858] - C:\Windows\System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [MD5.00000000000000000000000000000000] - [23/12/2020 10:49:59] - |D| - [3748] - C:\Windows\System32\Tasks\Oem [MD5.C7F60676F37C2C061EA90EBF188764A2] - [23/12/2020 10:45:12] - |A| - [3374] - C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-86999783-108695983-2164099147-1001 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.FFCD795C364C93C23CEF186657A24643] - [09/01/2021 01:01:18] - |A| - [4384] - C:\Windows\System32\Tasks\Overwolf Updater Task : C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [MD5.16BD4676943B4B38F01BE7420A474829] - [23/12/2020 11:14:14] - |A| - [2998] - C:\Windows\System32\Tasks\Quick Access : "C:\Program Files\Acer\Quick Access Service\QALauncher.exe" [MD5.790E1F7C2B3B13E3B3099C7906EDA96E] - [23/12/2020 10:43:45] - |A| - [2722] - C:\Windows\System32\Tasks\UbtFrameworkService : "C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe" [MD5.00000000000000000000000000000000] - [07/12/2019 11:14:52] - |D| - [0] - C:\Windows\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "WiFiDirect-KM-Driver-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=System|Name=@wlansvc.dll,-37378|Desc=@wlansvc.dll,-37890|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=System|Name=@wlansvc.dll,-37379|Desc=@wlansvc.dll,-37891|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-In-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=System|Name=@wlansvc.dll,-37380|Desc=@wlansvc.dll,-37892|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=System|Name=@wlansvc.dll,-37381|Desc=@wlansvc.dll,-37893|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "DeliveryOptimization-TCP-In"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "DeliveryOptimization-UDP-In"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "WirelessDisplay-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Infra-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7250|App=%systemroot%\system32\CastSrv.exe|Name=@wifidisplay.dll,-10206|Desc=@wifidisplay.dll,-10207|EmbedCtxt=@wifidisplay.dll,-100| "{A34C9525-CC5F-4734-B4BC-D17A9801DBEF}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe|Name=CyberLink PowerDVD14 Movie Module|Desc=CyberLink PowerDVD14 Movie Module| "{64DC9E99-7461-4540-9AB5-B7A683597185}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe|Name=CyberLink PowerDVD14|Desc=CyberLink PowerDVD14| "{27BBA3D3-BAA3-4BAF-9400-878CFE3C3F0F}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe|Name=Wireless PAN DHCP Server|EmbedCtxt=MyWiFiDHCPDNS| "{D8623064-06F3-4170-87E8-DC000EC54EE8}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-2749564263-2306086831-1143213442-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{EB1FE3DF-0A86-4B82-8795-EED6BACB5AAB}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-18|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{19A2F8F5-DDD8-48EB-B4A1-05856B301AA7}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox Game Bar Plugin|Desc=Xbox Game Bar Plugin|LUOwn=S-1-5-21-86999783-108695983-2164099147-1001|AppPkgId=S-1-15-2-1823635404-1364722122-2170562666-1762391777-2399050872-3465541734-3732476201|EmbedCtxt=Xbox Game Bar Plugin|Platform=2:6:2|Platform2=GTEQ| "{81FE18D4-7C59-4BCF-B4A9-7D63A605521D}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox TCUI|Desc=Xbox TCUI|LUOwn=S-1-5-21-86999783-108695983-2164099147-1001|AppPkgId=S-1-15-2-2603511428-3224021693-1028932517-3941269705-3349582775-2312504883-4057327947|EmbedCtxt=Xbox TCUI|Platform=2:6:2|Platform2=GTEQ| "{4AC9EA95-C2A2-4C02-9E4E-7C10FBF91145}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Pay|Desc=Microsoft Pay|LUOwn=S-1-5-21-86999783-108695983-2164099147-1001|AppPkgId=S-1-15-2-567501097-281763132-502764112-1855211022-3143306454-2372101908-561929011|EmbedCtxt=Microsoft Pay|Platform=2:6:2|Platform2=GTEQ| "{95CAFD59-99BA-49DD-8DEF-05ED9155EE40}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=GoTrust ID|Desc=GoTrust ID|LUOwn=S-1-5-21-86999783-108695983-2164099147-1001|AppPkgId=S-1-15-2-1092964029-1760271832-2094658901-1590468430-2552967209-3585593290-2793545643|EmbedCtxt=GoTrust ID|Platform=2:6:2|Platform2=GTEQ| "{E78C6E72-FBBB-4A73-A02C-B27398CBDF7A}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=GoTrust ID|Desc=GoTrust ID|LUOwn=S-1-5-21-86999783-108695983-2164099147-1001|AppPkgId=S-1-15-2-1092964029-1760271832-2094658901-1590468430-2552967209-3585593290-2793545643|EmbedCtxt=GoTrust ID|Platform=2:6:2|Platform2=GTEQ| "{6B57D801-00B4-41D0-9AC2-BA64CD8457C2}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Acer Collection S|Desc=Acer Collection S|LUOwn=S-1-5-21-86999783-108695983-2164099147-1001|AppPkgId=S-1-15-2-2739280323-4080940986-2533165559-126454831-1465666873-2600317546-1054940153|EmbedCtxt=Acer Collection S|Platform=2:6:2|Platform2=GTEQ| "{58CE1485-4781-4A28-86A0-1D74A38B2B9A}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Acer Collection S|Desc=Acer Collection S|LUOwn=S-1-5-21-86999783-108695983-2164099147-1001|AppPkgId=S-1-15-2-2739280323-4080940986-2533165559-126454831-1465666873-2600317546-1054940153|EmbedCtxt=Acer Collection S|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "TCP Query User{DB2BFCCE-373A-4851-B3B3-A72A46DCF0F2}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "UDP Query User{A348E4D4-B580-4EF4-81C8-D08A59E1BD65}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "{F2AB4F24-3E7C-4E30-A2CD-8506C7867F48}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Acer Product Registration|Desc=Acer Product Registration|LUOwn=S-1-5-21-86999783-108695983-2164099147-1001|AppPkgId=S-1-15-2-3374822201-501444534-3812824608-980367603-3674439784-1654851451-3289179312|EmbedCtxt=Acer Product Registration|Platform=2:6:2|Platform2=GTEQ| "{D5617D8B-9E9D-490A-BB34-20E480E2BDA5}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Acer Product Registration|Desc=Acer Product Registration|LUOwn=S-1-5-21-86999783-108695983-2164099147-1001|AppPkgId=S-1-15-2-3374822201-501444534-3812824608-980367603-3674439784-1654851451-3289179312|EmbedCtxt=Acer Product Registration|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{9A5BE430-C60C-4230-851F-E08F4E02174C}C:\program files (x86)\droidcam\droidcamapp.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\droidcam\droidcamapp.exe|Name=droidcamapp|Desc=droidcamapp|Defer=User| "UDP Query User{90C45F2F-E871-40C0-9259-879190D64F66}C:\program files (x86)\droidcam\droidcamapp.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\droidcam\droidcamapp.exe|Name=droidcamapp|Desc=droidcamapp|Defer=User| "TCP Query User{77AD3097-D807-4595-B360-4FB84A13AF58}D:\battle net\overwatch\_retail_\overwatch.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\battle net\overwatch\_retail_\overwatch.exe|Name=Overwatch Application|Desc=Overwatch Application|Defer=User| "UDP Query User{F7109C89-469A-4687-8A89-90F9CE271D70}D:\battle net\overwatch\_retail_\overwatch.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\battle net\overwatch\_retail_\overwatch.exe|Name=Overwatch Application|Desc=Overwatch Application|Defer=User| "TCP Query User{B06B27A6-2FB0-466D-AD9E-A65798106FA8}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "UDP Query User{4112B2C7-4C16-4DC6-AE2F-82B4806C80DC}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "{354EF8E9-7933-49E9-B1C3-333D7602145C}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\gta\Grand Theft Auto V\GTA5.exe|Name=GTA V| "{E3D8495D-9355-40A7-B662-E0DC2BDA2D9D}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\gta\Grand Theft Auto V\GTA5.exe|Name=GTA V| "{E6A7D6B4-2575-4A00-A6F5-888A3E6C6379}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=HP Smart|Desc=HP Smart|LUOwn=S-1-5-21-86999783-108695983-2164099147-1001|AppPkgId=S-1-15-2-744533573-2444454674-265863901-3215465728-4115286053-1341080355-789689510|EmbedCtxt=HP Smart|Platform=2:6:2|Platform2=GTEQ| "{C0137385-872A-4C92-8210-2D6D56BA832A}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=HP Smart|Desc=HP Smart|LUOwn=S-1-5-21-86999783-108695983-2164099147-1001|AppPkgId=S-1-15-2-744533573-2444454674-265863901-3215465728-4115286053-1341080355-789689510|EmbedCtxt=HP Smart|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "TCP Query User{1D1E2FE6-0821-4FF0-8DAE-9EF9B6287299}D:\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi_dx12.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi_dx12.exe|Name=Sid Meier's Civilization VI (DX12)|Desc=Sid Meier's Civilization VI (DX12)|Defer=User| "UDP Query User{0F0A554F-AAC8-4815-831A-7428184E468E}D:\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi_dx12.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\epic games\sidmeierscivilizationvi\base\binaries\win64eos\civilizationvi_dx12.exe|Name=Sid Meier's Civilization VI (DX12)|Desc=Sid Meier's Civilization VI (DX12)|Defer=User| "TCP Query User{112097D6-D077-4DE6-B687-2282F150D04D}D:\battle net\starcraft ii\versions\base84643\sc2_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\battle net\starcraft ii\versions\base84643\sc2_x64.exe|Name=StarCraft II|Desc=StarCraft II|Defer=User| "UDP Query User{7B8359CB-B498-4F3F-BD2E-A4EEE52D9C16}D:\battle net\starcraft ii\versions\base84643\sc2_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\battle net\starcraft ii\versions\base84643\sc2_x64.exe|Name=StarCraft II|Desc=StarCraft II|Defer=User| "TCP Query User{6F5D2B35-4D97-4363-BA68-6D99166B5CA1}C:\epic games\satisfactoryearlyaccess\engine\binaries\win64\factorygame-win64-shipping.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\epic games\satisfactoryearlyaccess\engine\binaries\win64\factorygame-win64-shipping.exe|Name=Satisfactory|Desc=Satisfactory|Defer=User| "UDP Query User{16BEBF08-97EB-40CD-BB2B-A399D8BBCAF1}C:\epic games\satisfactoryearlyaccess\engine\binaries\win64\factorygame-win64-shipping.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\epic games\satisfactoryearlyaccess\engine\binaries\win64\factorygame-win64-shipping.exe|Name=Satisfactory|Desc=Satisfactory|Defer=User| "{0869064C-B1AC-40BC-8166-C479857F31EF}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Edge|Desc=Microsoft Edge|LUOwn=S-1-5-21-86999783-108695983-2164099147-1001|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=Microsoft Edge|Platform=2:6:2|Platform2=GTEQ| "{3ADB029E-47B8-463F-AA70-7F8BDBB08651}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Edge|Desc=Microsoft Edge|LUOwn=S-1-5-21-86999783-108695983-2164099147-1001|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=Microsoft Edge|Platform=2:6:2|Platform2=GTEQ| "{9891745F-3A70-4A92-A8FE-98ACCF949EB8}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=NcsiUwpApp|Desc=NcsiUwpApp|LUOwn=S-1-5-21-86999783-108695983-2164099147-1001|AppPkgId=S-1-15-2-138780814-3997110584-2874353029-2041838810-3659441231-3169655024-3643974355|EmbedCtxt=NcsiUwpApp|Platform=2:6:2|Platform2=GTEQ| "{4C7DF6B8-5606-49D8-B3A2-00A9A3795B03}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4371-4379|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{B0EA0822-D74A-46CE-A350-C61CA2516B83}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4381-4389|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{5D3D7F56-4A60-45B0-935F-368F75EFE656}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{5EA0F5F3-9706-415D-A68D-3250C11414C4}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{27D23C2E-E45B-4937-9587-606D2B4519E4}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=57621|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{B82F3157-9040-4323-BBCB-ADFA9B493C9B}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=57621-57631|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{2FB511B3-E73A-4328-93DF-281BCD5C5B85}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{93C61499-6F18-4A5A-A109-294C6353C71C}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{85E68F94-9868-42A6-BCF8-E59BC87ACCD0}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Spotify Music|Desc=Spotify Music|LUOwn=S-1-5-21-86999783-108695983-2164099147-1001|AppPkgId=S-1-15-2-557819504-3144503769-3460048582-2468406004-2969798954-3397036932-4166026031|EmbedCtxt=Spotify Music|Platform=2:6:2|Platform2=GTEQ| "{87F4D4B4-EF53-4355-A26E-3F3A508948D4}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome| "{493CBEC9-A141-41A5-B571-B15356755861}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe|Name=Brave (mDNS-In)|Desc=Règle de trafic entrant pour Brave autorisant le trafic mDNS|EmbedCtxt=Brave| "{F06DA220-1F19-4783-8DD7-F30D71C220C3}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Cortana|Desc=Cortana|LUOwn=S-1-5-21-86999783-108695983-2164099147-1001|AppPkgId=S-1-15-2-1880626798-2296700190-2192216202-2581987570-949377748-777141861-2889999867|EmbedCtxt=Cortana|Platform=2:6:2|Platform2=GTEQ| "{8507D174-1B51-4CC5-98E8-3FBBC95841E3}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Cortana|Desc=Cortana|LUOwn=S-1-5-21-86999783-108695983-2164099147-1001|AppPkgId=S-1-15-2-1880626798-2296700190-2192216202-2581987570-949377748-777141861-2889999867|EmbedCtxt=Cortana|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{1C375B6E-EAD6-4E07-94A6-0A69C4111AF3}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox Game Bar|Desc=Xbox Game Bar|LUOwn=S-1-5-21-86999783-108695983-2164099147-1001|AppPkgId=S-1-15-2-1714399563-1326177402-2048222277-143663168-2151391019-765408921-4098702777|EmbedCtxt=Xbox Game Bar|Platform=2:6:2|Platform2=GTEQ| "{F8E7EC53-70EE-4654-9F4B-6B4BD6E6987D}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox Game Bar|Desc=Xbox Game Bar|LUOwn=S-1-5-21-86999783-108695983-2164099147-1001|AppPkgId=S-1-15-2-1714399563-1326177402-2048222277-143663168-2151391019-765408921-4098702777|EmbedCtxt=Xbox Game Bar|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{31797401-5B23-40DF-9171-95DAB816C44D}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Overwolf\0.173.0.14\OverwolfBrowser.exe|Name=OverwolfBrowser| "{9C93F689-BE1D-47B7-A5CC-3206629AAB0F}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Overwolf\0.173.0.14\OverwolfBrowser.exe|Name=OverwolfBrowser| "{0A397F16-95ED-4DC5-811C-CA9BE499FE9E}"=v2.30|Action=Block|Active=FALSE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Overwolf\0.173.0.14\OverwolfBrowser.exe|Name=OverwolfBrowser| "{78F255BE-D09B-4D39-BD4B-EDA9D0B9F0ED}"=v2.30|Action=Block|Active=FALSE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Overwolf\0.173.0.14\OverwolfBrowser.exe|Name=OverwolfBrowser| "{5CB89572-EC47-469F-8A9A-04E35AA21142}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Overwolf\0.173.0.16\OverwolfBrowser.exe|Name=OverwolfBrowser| "{BCA6D3D9-D8DE-4280-B86B-4EB3CA3C1A39}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Overwolf\0.173.0.16\OverwolfBrowser.exe|Name=OverwolfBrowser| "{28167A3B-82F9-4B8E-8F55-D8E3BCDE9EC6}"=v2.30|Action=Block|Active=FALSE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Overwolf\0.173.0.16\OverwolfBrowser.exe|Name=OverwolfBrowser| "{0836E4EE-EB4F-43D5-9A2B-443306BDA4D7}"=v2.30|Action=Block|Active=FALSE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Overwolf\0.173.0.16\OverwolfBrowser.exe|Name=OverwolfBrowser| "{0E43E78E-AE54-4CD1-AE30-26FEEF44299D}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Windows Feature Experience Pack|Desc=Windows Feature Experience Pack|LUOwn=S-1-5-21-86999783-108695983-2164099147-1001|AppPkgId=S-1-15-2-283421221-3183566570-1718213290-751554359-3541592344-2312209569-3374928651|EmbedCtxt=Windows Feature Experience Pack|Platform=2:6:2|Platform2=GTEQ| "{A11ED6F7-334A-445E-93CB-E7666BE800F3}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-86999783-108695983-2164099147-1001|AppPkgId=S-1-15-2-1723189366-2159580849-2248400763-1481059666-1951766778-2756563051-3565589001|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ| "{E01557D0-1DCC-42C8-995C-D7A4DDC3EEFD}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe|Name=Microsoft Edge (mDNS-In)|Desc=Règle de trafic entrant pour Microsoft Edge pour autoriser le trafic mDNS.|EmbedCtxt=Microsoft Edge| "{A0A07318-9C3E-40BE-8759-3435261D439B}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=OneNote for Windows 10|Desc=OneNote for Windows 10|LUOwn=S-1-5-21-86999783-108695983-2164099147-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote for Windows 10|Platform=2:6:2|Platform2=GTEQ| "{82B3B02E-9CA6-4311-9B92-14E768620635}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote for Windows 10|Desc=OneNote for Windows 10|LUOwn=S-1-5-21-86999783-108695983-2164099147-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote for Windows 10|Platform=2:6:2|Platform2=GTEQ| "{83F6D42F-3DE8-4A90-9636-EF4C8E0C5903}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\91.0.864.59\msedgewebview2.exe|Name=Microsoft Edge (mDNS-In)|Desc=Règle de trafic entrant pour Microsoft Edge pour autoriser le trafic mDNS.|EmbedCtxt=Microsoft Edge WebView2 Runtime| ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760f-a5c8-4bfe-b314-d56a7b44a362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1750f915-5639-497c-966c-3a65acecfcb6}] : (Razer Device) [] -> @oem136.inf,%ClassName%;Razer Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ee986ed-9d81-43b3-b9ea-30686e6f4219}] : (PSM) [] -> @oem121.inf,%ClassName%;Intel® Power Sharing Manager [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (SecurityAccelerator) [] -> @c_sslaccel.inf,%ClassName%;Security accelerators [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2db15374-706e-4131-a0c7-d7c78eb0289a}] : (SystemRecovery) [] -> @c_fssystemrecovery.inf,%ClassDesc%;FS System recovery filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163c566-d381-4467-87bc-a65a18d5b648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163c566-d381-4467-87bc-a65a18d5b649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3e3f0674-c83c-4558-bb26-9820e1eba5c5}] : (ContentScreener) [] -> @c_fscontentscreener.inf,%ClassDesc%;FS Content screener filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @c_mcx.inf,%ClassDesc%;Media Center Extenders [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48d3ebc4-4cf8-48ff-b869-9c68ad42eb9f}] : (Replication) [] -> @c_fsreplication.inf,%ClassDesc%;FS Replication filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @c_diskdrive.inf,%ClassDesc%;Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @c_display.inf,%ClassDesc%;Display adapters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (FDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (HDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @c_media.inf,%ClassDesc%;Sound, video and game controllers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4fc9541c-0fe6-4480-a4f6-9495a0d17cd2}] : (HidLineDisplay) [] -> @c_linedisplay.inf,%ClassName%;POS Line Display [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53487c23-680f-4585-acc3-1f10d6777e82}] : (SmrDisk) [] -> @c_smrdisk.inf,%ClassDesc%;Shingled magnetic recording disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53966cb1-4d46-4166-bf23-c522403cd495}] : (ScmDisk) [] -> @c_scmdisk.inf,%ClassDesc%;Persistent memory disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53b3cf03-8f5a-4788-91b6-d19ed9fcccbf}] : (SmrVolume) [] -> @c_smrvolume.inf,%ClassDesc%;Shingled magnetic recording volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53ccb149-e543-4c84-b6e0-bce4f6b7e806}] : (ScmVolume) [] -> @c_scmvolume.inf,%ClassDesc%;Storage Class Memory volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5989fce8-9cd0-467d-8a6a-5419e31529d4}] : (AudioProcessingObject) [] -> @c_apo.inf,%ClassDesc%;Audio Processing Objects (APOs) [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5aea001d-9372-4ed7-97f3-b79bf15a53c5}] : (OposLegacyDevice) [] -> @oposdrv.inf,%ClassName%;OPOS Legacy Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5c4c3332-344d-483c-8739-259e934c9cc8}] : (SoftwareComponent) [] -> @c_swcomponent.inf,%ClassDesc%;Software components [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5d1b9aaa-01e2-46af-849f-272b3f324c46}] : (FSFilterSystem) [] -> @c_fssystem.inf,%ClassDesc%;FS System filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{645ad99b-1344-4316-837a-08a3e73db222}] : (PerceptionSimulation) [] -> @PerceptionSimulationSixDof.inf,%ClassName%;Perception Simulation Controllers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6a0a8e78-bba6-4fc4-a709-1e33cd09d67e}] : (PhysicalQuotaManagement) [] -> @c_fsphysicalquotamgmt.inf,%ClassDesc%;FS Physical quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6fae73b7-b735-4b50-a0da-0dc2484b1f1a}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @c_volume.inf,%ClassDesc%;Storage volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71aa14f8-6fad-4622-ad77-92bb9d7e6947}] : (ContinuousBackup) [] -> @c_fscontinuousbackup.inf,%ClassDesc%;FS Continuous backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{81c87465-de07-4efc-9d93-61e891d52fd2}] : (RdpVideoMiniport) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8503c911-a6c7-4919-8f79-5028f5866b0c}] : (QuotaManagement) [] -> @c_fsquotamgmt.inf,%ClassDesc%;FS Quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87ef9ad1-8f70-49ee-b215-ab1fcadcbe3c}] : (NetDriver) [] -> @c_netdriver.inf,%ClassDesc%;Universal Network Drivers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{89786ff1-9c12-402f-9c9e-17753c7f4375}] : (CopyProtection) [] -> @c_fscopyprotection.inf,%ClassDesc%;FS Copy protection filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a701c0-a511-42ff-aa6c-06dc0395576f}] : (Encryption) [] -> @c_fsencryption.inf,%ClassDesc%;FS Encryption filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a3e32dba-ba89-4f17-8386-2d0127fbd4cc}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a73c93f1-9727-4d1d-ace1-0e333ba4e7db}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{aa018edf-4915-415e-9c17-d7ebec8917d2}] : (NvModuleTracker) [] -> @oem132.inf,%ClassName%;NvModuleTracker [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b1d1a169-c54f-4379-81db-bee7d88d7454}] : (AntiVirus) [] -> @c_fsantivirus.inf,%ClassDesc%;FS Anti-virus filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b2728d24-ac56-42db-9e02-8edaf5db652f}] : (RDCamera) [] -> @rdcameradriver.inf,%ClassName%;Remote Desktop Camera devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b86dff51-a31e-4bac-b3cf-e8cfe75c9fc2}] : (ActivityMonitor) [] -> @c_fsactivitymonitor.inf,%ClassDesc%;FS Activity monitor filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ca3e7ab9-b4c3-4ae6-8251-579ef933890f}] : (Camera) [] -> @c_camera.inf,%ClassDesc%;Cameras [HKLM\SYSTEM\CurrentControlSet\Control\Class\{cdcf0939-b75b-4630-bf76-80f7ba655884}] : (CFSMetadataServer) [] -> @c_fscfsmetadataserver.inf,%ClassDesc%;FS CFS metadata server filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d02bc3da-0c8e-4945-9bd5-f1883c226c8c}] : (SecurityEnhancer) [] -> @c_fssecurityenhancer.inf,%ClassDesc%;FS Security enhancer filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d546500a-2aeb-45f6-9482-f4b1799c3177}] : (HSM) [] -> @c_fshsm.inf,%ClassDesc%;FS HSM filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d612553d-06b1-49ca-8938-e39ef80eb16f}] : (Holographic) [] -> @c_holographic.inf,%ClassName%;Mixed Reality devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e55fa6f9-128c-4d04-abab-630c74b1453a}] : (Infrastructure) [] -> @c_fsinfrastructure.inf,%ClassDesc%;FS Infrastructure filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e6f1aa1c-7f3b-4473-b2e8-c97d8ac71d53}] : (UCM) [] -> @c_ucm.inf,%ClassDesc%;USB Connector Managers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f01a9d53-3ff6-48d2-9f97-c8a7004be10c}] : (ComputeAccelerator) [] -> @c_computeaccelerator.inf,%ClassDesc%;Compute accelerators [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f3586baf-b5aa-49b5-8d6c-0569284c639f}] : (Compression) [] -> @c_fscompression.inf,%ClassDesc%;FS Compression filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f75a86c0-10d8-4c3a-b233-ed60e4cdfaac}] : (Virtualization) [] -> @c_fsvirtualization.inf,%ClassDesc%;FS Virtualization filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f8ecafa6-66d1-41a5-899b-66585d7216b7}] : (OpenFileBackup) [] -> @c_fsopenfilebackup.inf,%ClassDesc%;FS Open file backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{fe8f1572-c67a-48c0-bbac-0b5c6d66cafb}] : (Undelete) [] -> @c_fsundelete.inf,%ClassDesc%;FS Undelete filters [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [24/08/2020 15:01:56] - (1.0.0.68) - (Razer Inc - Razer Device Driver) - C:\Windows\System32\drivers\RzDev_0084.sys [07/07/2020 18:33:08] - (1.0.0.71) - (Razer Inc - Razer Common Driver) - C:\Windows\System32\drivers\RzCommon.sys [23/06/2021 14:58:14] - (30.0.14.7111) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 471.11) - C:\Windows\System32\DriverStore\FileRepository\nvaei.inf_amd64_527ff2c3aff50f25\nvlddmkm.sys [15/01/2020 02:49:50] - (4.13.0.0) - (NVIDIA Corporation - NVIDIA Virtual Audio Driver) - C:\Windows\system32\drivers\nvvad64v.sys [18/12/2020 23:18:06] - (304.0.0.0) - (NVIDIA Corporation - Virtual USB Host Controller driver) - C:\Windows\System32\drivers\nvvhci.sys [15/04/2021 16:22:56] - (100.0.0.0) - (NVIDIA Corporation - Process and module monitoring driver) - C:\Windows\System32\drivers\NvModuleTracker.sys [02/05/2020 23:18:22] - (1.0.0.103) - (Scarlet.Crush Productions - Scp Virtual Bus Driver) - C:\Windows\System32\drivers\ScpVBus.sys [04/10/2020 03:25:48] - (6.3.9600.16384) - (Windows (R) Win 7 DDK provider - WDM Video Capture Driver) - C:\Windows\System32\drivers\droidcamvideo.sys [10/04/2020 22:02:08] - (1.0.0.0) - (Dev47Apps - Virtual Audio Device) - C:\Windows\System32\drivers\droidcam.sys [18/12/2020 23:18:06] - (1.3.38.60) - (NVIDIA Corporation - NVIDIA HDMI Audio Driver) - C:\Windows\system32\drivers\nvhda64v.sys [12/04/2020 15:08:01] - (6.10.0.16) - (Creative Technology Ltd. - Creative Audio Driver) - C:\Windows\system32\drivers\MBfilt64.sys [26/06/2021 02:53:32] - (0.0.0.0) - ( -) - C:\Windows\System32\Drivers\CimFS.SYS ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service S0 - [Kernel Driver] - 3ware (3ware) -> C:\Windows\system32\drivers\3ware.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - ACPI (Pilote ACPI Microsoft) -> C:\Windows\system32\drivers\ACPI.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> C:\Windows\system32\Drivers\acpiex.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - ADP80XX (ADP80XX) -> C:\Windows\system32\drivers\ADP80XX.SYS - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - amdsata (amdsata) -> C:\Windows\system32\drivers\amdsata.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - amdsbs (amdsbs) -> C:\Windows\system32\drivers\amdsbs.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - amdxata (amdxata) -> C:\Windows\system32\drivers\amdxata.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - arcsas (Pilote miniport Storport Adaptec SAS/SATA-II RAID) -> C:\Windows\system32\drivers\arcsas.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - atapi (Canal IDE) -> C:\Windows\system32\drivers\atapi.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - b06bdrv (Carte réseau QLogic VBD) -> C:\Windows\system32\drivers\bxvbda.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - bttflt (Filtre Microsoft Hyper-V VHDPMEM BTT) -> C:\Windows\system32\drivers\bttflt.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - cht4iscsi (cht4iscsi) -> C:\Windows\system32\drivers\cht4sx64.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - CLFS (Common Log (CLFS)) -> C:\Windows\system32\drivers\CLFS.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - CNG (CNG) -> C:\Windows\system32\Drivers\cng.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - disk (Pilote de disque) -> C:\Windows\system32\drivers\disk.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - ebdrv (Carte QLogic 10 Gigabit Ethernet VBD) -> C:\Windows\system32\drivers\evbda.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - EhStorClass (Enhanced Storage Filter Driver) -> C:\Windows\system32\drivers\EhStorClass.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - EhStorTcgDrv (Pilote Microsoft pour dispositif de stockage prenant en charge les protocoles IEEE 1667 et TCG) -> C:\Windows\system32\drivers\EhStorTcgDrv.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [File System Driver] - FileInfo (File Information FS MiniFilter) -> C:\Windows\system32\drivers\fileinfo.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [File System Driver] - FltMgr (FltMgr) -> C:\Windows\system32\drivers\fltmgr.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - fvevol (Pilote de filtre de chiffrement de lecteur BitLocker) -> C:\Windows\system32\DRIVERS\fvevol.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - HpSAMD (HpSAMD) -> C:\Windows\system32\drivers\HpSAMD.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - hwpolicy (Hardware Policy Driver) -> C:\Windows\system32\drivers\hwpolicy.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - iaStorAC (Intel(R) Chipset SATA/PCIe RST Premium Controller) -> C:\Windows\system32\drivers\iaStorAC.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - iaStorAVC (Contrôleur RAID SATA de circuit microprogrammé Intel) -> C:\Windows\system32\drivers\iaStorAVC.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - iaStorV (Contrôleur RAID Intel Windows 7) -> C:\Windows\system32\drivers\iaStorV.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - intelide (intelide) -> C:\Windows\system32\drivers\intelide.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - intelpep (Pilote de plug-in du moteur d’alimentation Intel(R)) -> C:\Windows\system32\drivers\intelpep.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - iorate (Pilote du filtre du taux d’E/S du disque) -> C:\Windows\system32\drivers\iorate.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - isapnp (isapnp) -> C:\Windows\system32\drivers\isapnp.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - ItSas35i (ItSas35i) -> C:\Windows\system32\drivers\ItSas35i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - KSecDD (KSecDD) -> C:\Windows\system32\Drivers\ksecdd.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - KSecPkg (KSecPkg) -> C:\Windows\system32\Drivers\ksecpkg.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - LSI_SAS (LSI_SAS) -> C:\Windows\system32\drivers\lsi_sas.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - LSI_SAS2i (LSI_SAS2i) -> C:\Windows\system32\drivers\lsi_sas2i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - LSI_SAS3i (LSI_SAS3i) -> C:\Windows\system32\drivers\lsi_sas3i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - LSI_SSS (LSI_SSS) -> C:\Windows\system32\drivers\lsi_sss.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - megasas (megasas) -> C:\Windows\system32\drivers\megasas.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - megasas2i (megasas2i) -> C:\Windows\system32\drivers\MegaSas2i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - megasas35i (megasas35i) -> C:\Windows\system32\drivers\megasas35i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - megasr (megasr) -> C:\Windows\system32\drivers\megasr.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - mountmgr (Gestionnaire des points de montage) -> C:\Windows\system32\drivers\mountmgr.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - msisadrv (msisadrv) -> C:\Windows\system32\drivers\msisadrv.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [File System Driver] - Mup (Mup) -> C:\Windows\system32\Drivers\mup.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - mvumis (mvumis) -> C:\Windows\system32\drivers\mvumis.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - NDIS (Pilote système NDIS) -> C:\Windows\system32\drivers\ndis.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - nvdimm (Pilote de périphérique NVDIMM Microsoft) -> C:\Windows\system32\drivers\nvdimm.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - nvraid (nvraid) -> C:\Windows\system32\drivers\nvraid.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - nvstor (nvstor) -> C:\Windows\system32\drivers\nvstor.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - partmgr (Gestionnaire de partitions) -> C:\Windows\system32\drivers\partmgr.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - pci (Pilote de bus PCI) -> C:\Windows\system32\drivers\pci.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - pciide (pciide) -> C:\Windows\system32\drivers\pciide.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - pcmcia (pcmcia) -> C:\Windows\system32\drivers\pcmcia.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> C:\Windows\system32\drivers\pcw.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - pdc (CDP) -> C:\Windows\system32\drivers\pdc.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - percsas2i (percsas2i) -> C:\Windows\system32\drivers\percsas2i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - percsas3i (percsas3i) -> C:\Windows\system32\drivers\percsas3i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - pmem (Pilote de disque de mémoire persistante Microsoft) -> C:\Windows\system32\drivers\pmem.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - Ramdisk (Windows RAM Disk Driver) -> C:\Windows\system32\DRIVERS\ramdisk.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> C:\Windows\system32\drivers\rdyboost.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - sbp2port (Pilote de bus de transport/protocole SBP-2) -> C:\Windows\system32\drivers\sbp2port.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - scmbus (Pilote de bus de mémoire de classe stockage Microsoft) -> C:\Windows\system32\drivers\scmbus.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - SgrmAgent (System Guard Runtime Monitor Agent) -> C:\Windows\system32\drivers\SgrmAgent.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - SiSRaid2 (SiSRaid2) -> C:\Windows\system32\drivers\SiSRaid2.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - SiSRaid4 (SiSRaid4) -> C:\Windows\system32\drivers\sisraid4.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - SmartSAMD (SmartSAMD) -> C:\Windows\system32\drivers\SmartSAMD.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - spaceport (Pilote des espaces de stockage) -> C:\Windows\system32\drivers\spaceport.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - stexstor (stexstor) -> C:\Windows\system32\drivers\stexstor.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - storahci (Lecteur AHCI SATA Microsoft standard) -> C:\Windows\system32\drivers\storahci.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - storflt (Accélérateur de stockage Microsoft Hyper-V) -> C:\Windows\system32\drivers\vmstorfl.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - stornvme (Pilote NVM Express standard de Microsoft) -> C:\Windows\system32\drivers\stornvme.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - storufs (Pilote Universal Flash Storage (UFS) Microsoft) -> C:\Windows\system32\drivers\storufs.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - storvsc (storvsc) -> C:\Windows\system32\drivers\storvsc.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - Tcpip (Pilote pour protocole TCP/IP) -> C:\Windows\system32\drivers\tcpip.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - Telemetry (Service de télémétrie Intel(R)) -> C:\Windows\system32\drivers\IntelTA.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - vdrvroot (Énumérateur de lecteur virtuel Microsoft) -> C:\Windows\system32\drivers\vdrvroot.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - vmbus (Bus VMBus) -> C:\Windows\system32\drivers\vmbus.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - volmgr (Pilote du gestionnaire de volumes) -> C:\Windows\system32\drivers\volmgr.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - volmgrx (Gestionnaire de volumes dynamiques) -> C:\Windows\system32\drivers\volmgrx.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - volsnap (Pilote de cliché instantané du volume) -> C:\Windows\system32\drivers\volsnap.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - volume (Pilote de volume) -> C:\Windows\system32\drivers\volume.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - vpci (Bus PCI virtuel Microsoft Hyper-V) -> C:\Windows\system32\drivers\vpci.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - vsmraid (vsmraid) -> C:\Windows\system32\drivers\vsmraid.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - VSTXRAID (Pilote Windows du contrôleur RAID de stockage VIA StorX) -> C:\Windows\system32\drivers\vstxraid.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - WdBoot (Pilote de démarrage de l’antivirus Microsoft Defender) -> C:\Windows\system32\drivers\wd\WdBoot.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - Wdf01000 (Service Infrastructure de pilote en mode noyau) -> C:\Windows\system32\drivers\Wdf01000.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [File System Driver] - WdFilter (Pilote du mini-filtre de l’antivirus Microsoft Defender) -> C:\Windows\system32\drivers\wd\WdFilter.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - WFPLWFS (Plateforme de filtrage Microsoft Windows) -> C:\Windows\system32\drivers\wfplwfs.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> C:\Windows\system32\drivers\WindowsTrustedRT.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - WindowsTrustedRTProxy (Service sécurisé d'exécution approuvée Microsoft Windows) -> C:\Windows\system32\drivers\WindowsTrustedRTProxy.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [File System Driver] - Wof (Windows Overlay File System Filter Driver) -> C:\Windows\system32\drivers\Wof.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - AFD (Pilote de fonction connexe pour Winsock) -> C:\Windows\system32\drivers\afd.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - afunix (afunix) -> C:\Windows\system32\drivers\afunix.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - ahcache (Application Compatibility Cache) -> C:\Windows\system32\DRIVERS\ahcache.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - bam (Background Activity Moderator Driver) -> C:\Windows\system32\drivers\bam.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - BasicDisplay (BasicDisplay) -> C:\Windows\system32\DriverStore\FileRepository\basicdisplay.inf_amd64_65ab9a260dbf7467\BasicDisplay.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - BasicRender (BasicRender) -> C:\Windows\system32\DriverStore\FileRepository\basicrender.inf_amd64_df49c4daa6251397\BasicRender.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - Beep (Beep) -> C:\Windows\system32\drivers\Beep.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - cdrom (Pilote de CD-ROM) -> C:\Windows\system32\drivers\cdrom.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - CimFS (CimFS) -> C:\Windows\system32\drivers\CimFS.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S1 - [Kernel Driver] - dam (Desktop Activity Moderator Driver) -> C:\Windows\system32\drivers\dam.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R1 - [File System Driver] - Dfsc (Pilote du client de l’espace de noms DFS) -> C:\Windows\system32\Drivers\dfsc.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - DXGKrnl (LDDM Graphics Subsystem) -> C:\Windows\system32\drivers\dxgkrnl.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - FileCrypt (FileCrypt) -> C:\Windows\system32\drivers\filecrypt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - GpuEnergyDrv (GPU Energy Driver) -> C:\Windows\system32\drivers\gpuenergydrv.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - Msfs (Msfs) -> C:\Windows\system32\drivers\Msfs.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - mssmbios (Microsoft System Management BIOS Driver) -> C:\Windows\system32\drivers\mssmbios.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - NdisCap (Capture NDIS Microsoft) -> C:\Windows\system32\drivers\ndiscap.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - NetBIOS (NetBIOS Interface) -> C:\Windows\system32\drivers\netbios.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - NetBT (NetBT) -> C:\Windows\system32\DRIVERS\netbt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - Npfs (Npfs) -> C:\Windows\system32\drivers\Npfs.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - npsvctrig (Named pipe service trigger provider) -> C:\Windows\system32\drivers\npsvctrig.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - nsiproxy (NSI Proxy Service Driver) -> C:\Windows\system32\drivers\nsiproxy.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - Null (Null) -> C:\Windows\system32\drivers\Null.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - Psched (Planificateur de paquets QoS) -> C:\Windows\system32\drivers\pacer.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - rdbss (Sous-système de mise en mémoire tampon redirigée) -> C:\Windows\system32\DRIVERS\rdbss.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - tdx (Pilote de prise en charge TDI héritée NetIO) -> C:\Windows\system32\DRIVERS\tdx.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - Vid (Vid) -> C:\Windows\system32\drivers\Vid.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - vwififlt (Virtual WiFi Filter Driver) -> C:\Windows\system32\drivers\vwififlt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - ACCSvc (ACC Service) -> "C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - AudioEndpointBuilder (Générateur de points de terminaison du service Audio Windows) -> C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - Audiosrv (Audio Windows) -> C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - BFE (Moteur de filtrage de base) -> C:\Windows\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False S2 - [Own Process] - brave (Service Brave Update (brave)) -> "C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe" /svc - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - BrokerInfrastructure (Service d’infrastructure des tâches en arrière-plan) -> C:\Windows\system32\svchost.exe -k DcomLaunch -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - CDPSvc (Service de plateforme des appareils connectés) -> C:\Windows\system32\svchost.exe -k LocalService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - CoreMessagingRegistrar (CoreMessaging) -> C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - CryptSvc (Services de chiffrement) -> C:\Windows\system32\svchost.exe -k NetworkService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - DcomLaunch (Lanceur de processus serveur DCOM) -> C:\Windows\system32\svchost.exe -k DcomLaunch -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - DeviceAssociationService (Service d’association de périphérique) -> C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - Dhcp (Client DHCP) -> C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - DiagTrack (Expériences des utilisateurs connectés et télémétrie) -> C:\Windows\System32\svchost.exe -k utcsvc -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - DispBrokerDesktopSvc (Service de stratégie d'affichage) -> C:\Windows\system32\svchost.exe -k LocalService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - Dnscache (Client DNS) -> C:\Windows\system32\svchost.exe -k NetworkService -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - DoSvc (Optimisation de livraison) -> C:\Windows\System32\svchost.exe -k NetworkService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - DPS (Service de stratégie de diagnostic) -> C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - Ds3Service (SCP DS3 Service) -> "C:\Users\quent\Desktop\scp\ScpServer\bin\ScpService.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - DusmSvc (Consommation des données) -> C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False S2 - [Own Process] - edgeupdate (Service Mise à jour de Microsoft Edge (edgeupdate)) -> "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - EventLog (Journal d’événements Windows) -> C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - EventSystem (Système d’événement COM+) -> C:\Windows\system32\svchost.exe -k LocalService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - EvtEng (Intel(R) PROSet/Wireless Event Log) -> "C:\Program Files\Intel\WiFi\bin\EvtEng.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - FontCache (Service de cache de police Windows) -> C:\Windows\system32\svchost.exe -k LocalService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Unknown] - GamingServices (Gaming Services) -> C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17003.0_x64__8wekyb3d8bbwe\GamingServices.exe - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Unknown] - GamingServicesNet (Gaming Services) -> C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17003.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - gpsvc (Client de stratégie de groupe) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False S2 - [Own Process] - gupdate (Service Google Update (gupdate)) -> "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Own Process] - IAStorDataMgrSvc (Intel(R) Rapid Storage Technology) -> "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - ibtsiva (Intel Bluetooth Service) -> C:\Windows\system32\ibtsiva - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - IKEEXT (Modules de génération de clés IKE et AuthIP) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False S2 - [Own Process] - Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) -> C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\TPMProvisioningService.exe - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - iphlpsvc (Assistance IP) -> C:\Windows\System32\svchost.exe -k NetSvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - jhi_service (Intel(R) Dynamic Application Loader Host Interface Service) -> C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - LanmanServer (Serveur) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - LanmanWorkstation (Station de travail) -> C:\Windows\System32\svchost.exe -k NetworkService -p - AcceptPause : True - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - LSM (Gestionnaire de session locale) -> C:\Windows\system32\svchost.exe -k DcomLaunch -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False S2 - [Own Process] - MapsBroker (Gestionnaire des cartes téléchargées) -> C:\Windows\System32\svchost.exe -k NetworkService -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - mpssvc (Pare-feu Windows Defender) -> C:\Windows\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - NlaSvc (Connaissance des emplacements réseau) -> C:\Windows\System32\svchost.exe -k NetworkService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - nsi (Service Interface du magasin réseau) -> C:\Windows\system32\svchost.exe -k LocalService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - NvContainerLocalSystem (NVIDIA LocalSystem Container) -> "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - NVDisplay.ContainerLocalSystem (NVIDIA Display Container LS) -> C:\Windows\System32\DriverStore\FileRepository\nvaei.inf_amd64_527ff2c3aff50f25\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvaei.inf_amd64_527ff2c3aff50f25\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - Power (Alimentation) -> C:\Windows\system32\svchost.exe -k DcomLaunch -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - ProfSvc (Service de profil utilisateur) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - RasMan (Gestionnaire des connexions d’accès à distance) -> C:\Windows\System32\svchost.exe -k netsvcs - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - Razer Chroma SDK Server (Razer Chroma SDK Server) -> "C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe" - AcceptPause : True - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - Razer Chroma SDK Service (Razer Chroma SDK Service) -> "C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe" - AcceptPause : True - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - Razer Game Manager Service (Razer Game Manager) -> "C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - Razer Synapse Service (Razer Synapse Service) -> "C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe" - AcceptPause : True - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - RegSrvc (Intel(R) PROSet/Wireless Registry Service) -> "C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - RpcEptMapper (Mappeur de point de terminaison RPC) -> C:\Windows\system32\svchost.exe -k RPCSS -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - RpcSs (Appel de procédure distante (RPC)) -> C:\Windows\system32\svchost.exe -k rpcss -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Own Process] - RstMwService (RstMwService) -> C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_210a1fe35426e7b5\RstMwService.exe - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - RtkAudioUniversalService (Realtek Audio Universal Service) -> "C:\Windows\System32\RtkAudUService64.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - RzActionSvc (Razer Central Service) -> "C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [File System Driver] - bindflt (Windows Bind Filter Driver) -> C:\Windows\system32\drivers\bindflt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - SamSs (Gestionnaire de comptes de sécurité) -> C:\Windows\system32\lsass.exe - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - Schedule (Planificateur de tâches) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - SENS (Service de notification d’événements système) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - SgrmBroker (Service Broker du moniteur d'exécution System Guard) -> C:\Windows\system32\SgrmBroker.exe - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - ShellHWDetection (Détection matériel noyau) -> C:\Windows\System32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - Spooler (Spouleur d’impression) -> C:\Windows\System32\spoolsv.exe - AcceptPause : False - AcceptStop : True - DesktopInteract : True S2 - [Own Process] - sppsvc (Protection logicielle) -> C:\Windows\system32\sppsvc.exe - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Own Process] - stisvc (Acquisition d’image Windows (WIA)) -> C:\Windows\system32\svchost.exe -k imgsvc - AcceptPause : True - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - StorSvc (Service de stockage) -> C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - SysMain (SysMain) -> C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - SystemEventsBroker (Service Broker des événements système) -> C:\Windows\system32\svchost.exe -k DcomLaunch -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - Themes (Thèmes) -> C:\Windows\System32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - TrkWks (Client de suivi de lien distribué) -> C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - UserManager (Gestionnaire des utilisateurs) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - UsoSvc (Mettre à jour le service Orchestrator) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - UWPService (UWP RPC Service) -> C:\Windows\SysWOW64\Creative.UWPRPCService.exe - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - Wcmsvc (Gestionnaire des connexions Windows) -> C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - WinDefend (Service antivirus Microsoft Defender) -> "C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - Winmgmt (Infrastructure de gestion Windows) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : True - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - WlanSvc (Service de configuration automatique WLAN) -> C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - WpnService (Service du système de notifications Push Windows) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - wscsvc (Centre de sécurité) -> C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - WSearch (Windows Search) -> C:\Windows\system32\SearchIndexer.exe /Embedding - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - XTU3SERVICE (XTUOCDriverService) -> C:\Windows\SysWOW64\XtuService.exe - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - ZeroConfigService (Intel(R) PROSet/Wireless Zero Configuration Service) -> "C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Unknown] - CDPUserSvc_95964 (Service pour utilisateur de plateforme d’appareils connectés_95964) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Unknown] - OneSyncSvc_95964 (Hôte de synchronisation_95964) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Unknown] - WpnUserService_95964 (Service utilisateur de notifications Push Windows_95964) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [File System Driver] - CldFlt (Windows Cloud Files Filter Driver) -> C:\Windows\system32\drivers\cldflt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - lltdio (Pilote E/S de mappage de découverte de topologie de la couche de liaison) -> C:\Windows\system32\drivers\lltdio.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [File System Driver] - luafv (Virtualisation de fichier UAC) -> C:\Windows\system32\drivers\luafv.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - MMCSS (Multimedia Class Scheduler) -> C:\Windows\system32\drivers\mmcss.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - MsLldp (Protocole LLDP (Link Layer Discovery Protocol) Microsoft) -> C:\Windows\system32\drivers\mslldp.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - Ndu (Windows Network Data Usage Monitoring Driver) -> C:\Windows\system32\drivers\Ndu.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> C:\Windows\system32\drivers\peauth.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - rspndr (Répondeur de découverte de la topologie de la couche de liaison) -> C:\Windows\system32\drivers\rspndr.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [File System Driver] - storqosflt (Pilote de filtre de qualité de service de stockage) -> C:\Windows\system32\drivers\storqosflt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> C:\Windows\system32\drivers\tcpipreg.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - wanarp (Pilote ARP IP d’accès à distance) -> C:\Windows\system32\DRIVERS\wanarp.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [File System Driver] - wcifs (Windows Container Isolation) -> C:\Windows\system32\drivers\wcifs.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False ---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted) ---------- | Uninstall (Whitelist) [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CopyTrans Suite] : (CopyTrans Control Center désinstallation uniquement.-.WindSolutions) -> C:\Users\quent\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransControlCenter.exe /usermode /uninstall [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Discord] : (Discord.-.Discord Inc.) -> C:\Users\quent\AppData\Local\Discord\Update.exe --uninstall [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DiscordCanary] : (Discord Canary.-.Discord Inc.) -> C:\Users\quent\AppData\Local\DiscordCanary\Update.exe --uninstall [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Overwolf_pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh] : (Porofessor.gg.-.Overwolf app) -> C:\Program Files (x86)\Overwolf\OWUninstaller.exe --uninstall-app=pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh [HKU\S-1-5-21-86999783-108695983-2164099147-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Riot Game league_of_legends.live] : (League of Legends.-.Riot Games, Inc) -> "C:\Riot Games\Riot Client\RiotClientServices.exe" --uninstall-product=league_of_legends --uninstall-patchline=live [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CCleaner] : (CCleaner.-.Piriform) -> "C:\Program Files\CCleaner\uninst.exe" ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CPUID CPU-Z_is1] : (CPUID CPU-Z 1.94.-.CPUID, Inc.) -> "C:\Program Files\CPUID\CPU-Z\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 1180660] : (Tell Me Why.-.DONTNOD Entertainment) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/1180660 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 1305420] : (Agrou.-.Osmose Studio) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/1305420 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 238320] : (Outlast.-.Red Barrels) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/238320 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 381210] : (Dead by Daylight.-.Behaviour Interactive Inc.) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/381210 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 414530] : (Skyforge.-.Allods Team) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/414530 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 518790] : (theHunter: Call of the Wild™.-.Expansive Worlds) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/518790 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 700330] : (SCP: Secret Laboratory.-.Northwood Studios) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/700330 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 730] : (Counter-Strike: Global Offensive.-.Valve) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/730 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 739630] : (Phasmophobia.-.Kinetic Games) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/739630 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WinRAR archiver] : (WinRAR 6.00 (64-bit).-.win.rar GmbH) -> C:\Program Files\WinRAR\uninstall.exe ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1D2A5166-3AE4-4E40-882E-5AFD3473E997}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> MsiExec.exe /I{1D2A5166-3AE4-4E40-882E-5AFD3473E997} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F64180291F0}] : (Java 8 Update 291 (64-bit).-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F64180291F0} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}] : ( DriverSetupUtility.-.Acer Incorporated) -> Msiexec.exe /i {2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6} ACER=1 PRODUCTNAME=" DriverSetupUtility" REMOVEUSEC=1 BOOTSTRATOR=1 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{409CB30E-E457-4008-9B1A-ED1B9EA21140}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> "C:\Program Files (x86)\Intel\Package Cache\{409CB30E-E457-4008-9B1A-ED1B9EA21140}\Setup.exe" -uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7EBADAB6-B7AC-4560-85A7-FF345559F193}] : (Intel® Optane™ Pinning Explorer Extensions.-.Intel Corporation) -> MsiExec.exe /I{7EBADAB6-B7AC-4560-85A7-FF345559F193} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8906E51D-4425-42C4-BC63-B7DBE29D0A88}] : (Intel® PROSet/Wireless WiFi Software.-.Intel Corporation) -> MsiExec.exe /I{8906E51D-4425-42C4-BC63-B7DBE29D0A88} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{97391cce-0493-4f06-a464-c3c272ba9d2b}] : (Intel(R) PRO/Wireless Driver.-.Intel Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{AB25551C-74EF-4BAB-9989-891517FCF9FF}] : (Quick Access Service.-.Acer Incorporated) -> MsiExec.exe /i {AB25551C-74EF-4BAB-9989-891517FCF9FF} BOOTSTRATOR=1 GPRODUCTNAME="Quick Access Service" BRANDNAME="Acer" ISDT=1 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{AFB52E98-7597-4484-9202-58F0FD3512ED}] : (Care Center Service.-.Acer Incorporated) -> Msiexec.exe /i {AFB52E98-7597-4484-9202-58F0FD3512ED} ACER=1 PRODUCTNAME="Acer Care Center" REMOVEUSEC=1 BOOTSTRATOR=1 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver] : (NVIDIA Pilote graphique 471.11.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience] : (NVIDIA GeForce Experience 3.23.0.74.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus] : (NVIDIA Optimus Update 38.0.8.0.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX] : (NVIDIA Logiciel système PhysX 9.19.0218.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] : (Mises à jour NVIDIA 38.0.8.0.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk] : (NVIDIA FrameView SDK 1.1.4923.29968894.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage FrameViewSdk ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv] : (NVIDIA SHIELD Streaming.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GpxCommon.Oss] : (GPX Common OSS (POCO, OpenSSL) and libprotobuf binaries.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver] : (NVIDIA Pilote audio HD : 1.3.38.60.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage HDAudio.Driver ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] : (NVIDIA Install Application.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvAbHub] : (NVIDIA ABHub.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend] : (NVIDIA Backend.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer] : (NVIDIA Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ContainerTelemetryApiHelper] : (NVIDIA TelemetryApi helper for NvContainer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem] : (NVIDIA LocalSystem Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus] : (NVIDIA Message Bus for NvContainer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor] : (NVAPI Monitor plugin for NvContainer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ServiceUser] : (NVIDIA NetworkService Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session] : (NVIDIA Session Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User] : (NVIDIA User Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver] : (NvModuleTracker.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs] : (NVIDIA NodeJS.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog] : (NVIDIA Watchdog Plugin for NvContainer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry] : (NVIDIA Telemetry Client.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvVHCI] : (NVIDIA Virtual Host Controller.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC] : (Nvidia Share.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay] : (NVIDIA ShadowPlay 3.23.0.74.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController] : (NVIDIA SHIELD Wireless Controller Driver.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core] : (NVIDIA Update Core.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver] : (NVIDIA Virtual Audio 4.13.0.0.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B3171B83-4945-43E0-A101-841638C05506}] : (LibreOffice 7.0.4.2.-.The Document Foundation) -> MsiExec.exe /I{B3171B83-4945-43E0-A101-841638C05506} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{BA94ACF1-7245-41B1-AAF7-2599AA1A4B09}] : (PredatorSense Service.-.Acer Incorporated) -> MsiExec.exe /i {BA94ACF1-7245-41B1-AAF7-2599AA1A4B09} BOOTSTRATOR=1 GPRODUCTNAME="PredatorSense Service" BRANDNAME="Acer" ISDT=1 REBOOT=ReallySuppress [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{BB643BEA-A6B4-4E25-9BA5-70104A9AB131}] : (iCloud Outlook.-.Apple Inc.) -> MsiExec.exe /I{BB643BEA-A6B4-4E25-9BA5-70104A9AB131} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E9495FD3-F73D-4D33-A104-047F9E8BE6C7}] : (User Experience Improvement Program Service.-.Acer Incorporated) -> MsiExec.exe /i {E9495FD3-F73D-4D33-A104-047F9E8BE6C7} PRODUCTNAME="User Experience Improvement Program Service" BRANDNAME="Acer" BOOTSTRATOR=1 ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}] : (Epic Games Launcher Prerequisites (x64).-.Epic Games, Inc.) -> MsiExec.exe /X{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Battle.net] : (Battle.net.-.Blizzard Entertainment) -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=frFR --uid=battle.net --displayname="Battle.net" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\BraveSoftware Brave-Browser] : (Brave.-.Auteurs de Brave) -> "C:\Program Files\BraveSoftware\Brave-Browser\Application\91.1.26.67\Installer\setup.exe" --uninstall --system-level ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DroidCam] : (DroidCam Client.-.Dev47apps) -> "C:\Program Files (x86)\DroidCam\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Flashpaste] : (Flashpaste 6.5.-.Softvoile) -> C:\Program Files (x86)\Flashpaste\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Google Chrome] : (Google Chrome.-.Google LLC) -> "C:\Program Files\Google\Chrome\Application\91.0.4472.114\Installer\setup.exe" --uninstall --channel --system-level --verbose-logging [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Microsoft Edge Update] : (Microsoft Edge Update.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Overwatch] : (Overwatch.-.Blizzard Entertainment) -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=frFR --uid=prometheus --displayname="Overwatch" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Overwolf] : (Overwolf.-.Overwolf Ltd.) -> "C:\Program Files (x86)\Overwolf\\OWUninstaller.exe" /S [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\PerfectKeyboard Free_is1] : (Perfect Keyboard Free.-.Pitrinec Software) -> "C:\Program Files (x86)\PerfectKeyboard\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Razer Chroma SDK] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Razer Synapse] : (Razer Synapse.-.Razer Inc.) -> "C:\Windows\Installer\Razer\Installer\App\RazerInstaller.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Rockstar Games Launcher] : (Rockstar Games Launcher.-.Rockstar Games) -> "C:\Program Files\Rockstar Games\Launcher\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Rockstar Games Social Club] : (Rockstar Games Social Club.-.Rockstar Games) -> C:\Program Files\Rockstar Games\Social Club\uninstallRGSCRedistributable.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\StarCraft II] : (StarCraft II.-.Blizzard Entertainment) -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=frFR --uid=s2 --displayname="StarCraft II" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam] : (Steam.-.Valve Corporation) -> C:\Program Files (x86)\Steam\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Uplay] : (Ubisoft Connect.-.Ubisoft) -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{00000070-0200-1036-84C8-B8D95FA3C8C3}] : (Intel(R) Wireless Bluetooth(R).-.Intel Corporation) -> MsiExec.exe /I{00000070-0200-1036-84C8-B8D95FA3C8C3} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1F62FD2A-129B-45AA-B328-2B5C06518058}] : (KULT#100 Gaming Mouse.-.KULT#100) -> MsiExec.exe /I{1F62FD2A-129B-45AA-B328-2B5C06518058} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{27B34E47-68AE-4802-822A-9F0C187AF84A}] : (Minecraft Launcher.-.Mojang) -> MsiExec.exe /X{27B34E47-68AE-4802-822A-9F0C187AF84A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}] : (CyberLink PowerDVD 14.-.CyberLink Corp.) -> "C:\Program Files (x86)\NSIS Uninstall Information\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}\Setup.exe" _?=C:\Program Files (x86)\NSIS Uninstall Information\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3865C9C8-E3A7-4DA6-9F4B-235EE8B7CCCB}_is1] : (Galaxy Life Reborn v2.0.5.-.Galaxy Life Reborn) -> "C:\Program Files (x86)\GLRLauncher\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{414D554E-4453-454E-0201-000000016258}] : (Acer Configuration Manager.-.Acer) -> MsiExec.exe /I{414D554E-4453-454E-0201-000000016258} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{43a03b9c-4770-409c-a999-587b60700b63}] : (Launcher Prerequisites (x64).-.Epic Games, Inc.) -> "C:\ProgramData\Package Cache\{43a03b9c-4770-409c-a999-587b60700b63}\LauncherPrereqSetup_x64.exe" /uninstall ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5C415481-ECCD-4875-AF77-A97B79825F2C}] : (Epic Games Launcher.-.Epic Games, Inc.) -> MsiExec.exe /X{5C415481-ECCD-4875-AF77-A97B79825F2C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5EFC6C07-6B87-43FC-9524-F9E967241741}] : (Grand Theft Auto V.-.Rockstar Games) -> "C:\Program Files\Rockstar Games\Launcher\Launcher.exe" -enableFullMode -uninstall=gta5 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}] : (Realtek Ethernet Controller Driver.-.Realtek) -> "C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe" -runfromtemp -removeonly ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] : (Google Update Helper.-.Google LLC) -> MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{bb8ed0cf-b474-4f77-ab97-8ec90b19b7ea}] : (Logiciel Intel® PROSet/Wireless.-.Intel Corporation) -> "C:\ProgramData\Package Cache\{bb8ed0cf-b474-4f77-ab97-8ec90b19b7ea}\ISetup.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E3930B59-5669-4BAB-A329-D56C1427C613}] : (Acer Jumpstart.-.Acer) -> MsiExec.exe /I{E3930B59-5669-4BAB-A329-D56C1427C613} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] : (Realtek High Definition Audio Driver.-.Realtek Semiconductor Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -runfromtemp -removeonly ---------- | Ports ---------- | Installer [HKCR\Installer\Products\003E8C234BDB8934292C9E7B8D2A33BD] : [HKCR\Installer\Products\0700000000206301488C8B9DF53A8C3C] : Intel(R) Wireless Bluetooth(R) -> C:\Windows\Installer\{00000070-0200-1036-84C8-B8D95FA3C8C3}\IntelBluetooth.ico [HKCR\Installer\Products\184514C5DCCE5784FA779AB79728F5C2] : Epic Games Launcher -> C:\Windows\Installer\{5C415481-ECCD-4875-AF77-A97B79825F2C}\Installer.ico [HKCR\Installer\Products\1FCA49AB54271B14AA7F5299AAA1B490] : PredatorSense Service [HKCR\Installer\Products\38B1713B54940E341A104861830C5560] : LibreOffice 7.0.4.2 -> C:\Windows\Installer\{B3171B83-4945-43E0-A101-841638C05506}\soffice.ico [HKCR\Installer\Products\3DF5949ED37F33D41A4040F7E9B86E7C] : User Experience Improvement Program Service -> C:\Windows\Installer\{E9495FD3-F73D-4D33-A104-047F9E8BE6C7}\ProductIconIco [HKCR\Installer\Products\499C5C9F9B6F57D43B7EDA108B04379E] : Epic Games Launcher Prerequisites (x64) -> C:\Windows\Installer\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}\UnrealEngineLauncher.ico [HKCR\Installer\Products\4EA42A62D9304AC4784BF2468120190F] : Java 8 Update 291 (64-bit) -> C:\Program Files\Java\jre1.8.0_291\\bin\javaws.exe [HKCR\Installer\Products\6615A2D14EA304E488E2A5DF43379E79] : Intel(R) Rapid Storage Technology [HKCR\Installer\Products\6BADABE7CA7B0654587AFF4355951F39] : Intel® Optane™ Pinning Explorer Extensions -> C:\Windows\Installer\{7EBADAB6-B7AC-4560-85A7-FF345559F193}\PinIcon.ico [HKCR\Installer\Products\74E43B72EA86208428A2F9C081A78FA4] : Minecraft Launcher -> C:\Windows\Installer\{27B34E47-68AE-4802-822A-9F0C187AF84A}\minecraft.ico [HKCR\Installer\Products\89E25BFA795748442920850FDF5321DE] : Care Center Service -> C:\Windows\Installer\{AFB52E98-7597-4484-9202-58F0FD3512ED}\icon.ico [HKCR\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E] : Google Update Helper [HKCR\Installer\Products\95B0393E9665BAB43A925DC641726C31] : Acer Jumpstart -> C:\Windows\Installer\{E3930B59-5669-4BAB-A329-D56C1427C613}\hermes.ico [HKCR\Installer\Products\A2DF26F1B921AA543B82B2C560150885] : KULT#100 Gaming Mouse -> C:\Windows\Installer\{1F62FD2A-129B-45AA-B328-2B5C06518058}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C] : DriverSetupUtility -> C:\Windows\Installer\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}\Bitmaps\Registration.ico [HKCR\Installer\Products\AEB346BB4B6A52E4B95A0701A4A91B13] : iCloud Outlook -> C:\Windows\Installer\{BB643BEA-A6B4-4E25-9BA5-70104A9AB131}\ARP.ico [HKCR\Installer\Products\C15552BAFE47BAB49998985171CF9FFF] : Quick Access Service [HKCR\Installer\Products\D15E609852444C24CB367BBD2ED9A088] : Intel® PROSet/Wireless WiFi Software -> C:\Windows\Installer\{8906E51D-4425-42C4-BC63-B7DBE29D0A88}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E455D4143544E4542010000000102685] : Acer Configuration Manager -> C:\Windows\Installer\{414D554E-4453-454E-0201-000000016258}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\ECC19379394060F44A463C2C27ABD9B2] : Intel(R) PRO/Wireless Driver -> C:\Windows\Installer\{97391CCE-0493-4F06-A464-C3C272BA9D2B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater ---------- | UserSettings [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\381b4222-f694-41f0-9685-ff5bb260df2e]~[Description] : @%SystemRoot%\system32\powrprof.dll,-14,Automatically balances performance with energy consumption on capable hardware. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\381b4222-f694-41f0-9685-ff5bb260df2e]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-15,Balanced (recommended) [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\3af9B8d9-7c97-431d-ad78-34a8bfea439f]~[Description] : @%SystemRoot%\system32\powrprof.dll,-1400,Favor performance instead of energy savings. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\3af9B8d9-7c97-431d-ad78-34a8bfea439f]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-1401,High Performance Overlay [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c]~[Description] : @%SystemRoot%\system32\powrprof.dll,-12,Favors performance, but may use more energy. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-13,High Performance [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\961cc777-2547-4f9d-8174-7d86181b8a7a]~[Description] : @%SystemRoot%\system32\powrprof.dll,-1404,Favor energy savings over performance. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\961cc777-2547-4f9d-8174-7d86181b8a7a]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-1405,Better Battery-life Overlay [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\a1841308-3541-4fab-bc81-f71556f20b4a]~[Description] : @%SystemRoot%\system32\powrprof.dll,-10,Saves energy by reducing your computer performance where possible. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\a1841308-3541-4fab-bc81-f71556f20b4a]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-11,Power Saver [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\b91d8365-1b22-46fb-ad88-47040a764858]~[Description] : @%SystemRoot%\system32\powrprof.dll,-12,Favors performance, but may use more energy. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\b91d8365-1b22-46fb-ad88-47040a764858]~[FriendlyName] : Acer [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\ded574b5-45a0-4f42-8737-46345c09c238]~[Description] : @%SystemRoot%\system32\powrprof.dll,-1402,Maximize bias towards performance instead of energy savings. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\ded574b5-45a0-4f42-8737-46345c09c238]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-1403,Max Performance Overlay [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\e9a42b02-d5df-448d-aa00-03f14749eb61]~[Description] : @%SystemRoot%\system32\powrprof.dll,-18,Provides ultimate performance on higher end PCs. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\e9a42b02-d5df-448d-aa00-03f14749eb61]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-19,Ultimate Performance [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\381b4222-f694-41f0-9685-ff5bb260df2e]~[Description] : @%SystemRoot%\system32\powrprof.dll,-14,Automatically balances performance with energy consumption on capable hardware. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\381b4222-f694-41f0-9685-ff5bb260df2e]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-15,Balanced (recommended) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\3af9B8d9-7c97-431d-ad78-34a8bfea439f]~[Description] : @%SystemRoot%\system32\powrprof.dll,-1400,Favor performance instead of energy savings. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\3af9B8d9-7c97-431d-ad78-34a8bfea439f]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-1401,High Performance Overlay [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c]~[Description] : @%SystemRoot%\system32\powrprof.dll,-12,Favors performance, but may use more energy. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-13,High Performance [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\961cc777-2547-4f9d-8174-7d86181b8a7a]~[Description] : @%SystemRoot%\system32\powrprof.dll,-1404,Favor energy savings over performance. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\961cc777-2547-4f9d-8174-7d86181b8a7a]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-1405,Better Battery-life Overlay [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\a1841308-3541-4fab-bc81-f71556f20b4a]~[Description] : @%SystemRoot%\system32\powrprof.dll,-10,Saves energy by reducing your computer performance where possible. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\a1841308-3541-4fab-bc81-f71556f20b4a]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-11,Power Saver [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\b91d8365-1b22-46fb-ad88-47040a764858]~[Description] : @%SystemRoot%\system32\powrprof.dll,-12,Favors performance, but may use more energy. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\b91d8365-1b22-46fb-ad88-47040a764858]~[FriendlyName] : Acer [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\ded574b5-45a0-4f42-8737-46345c09c238]~[Description] : @%SystemRoot%\system32\powrprof.dll,-1402,Maximize bias towards performance instead of energy savings. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\ded574b5-45a0-4f42-8737-46345c09c238]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-1403,Max Performance Overlay [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\e9a42b02-d5df-448d-aa00-03f14749eb61]~[Description] : @%SystemRoot%\system32\powrprof.dll,-18,Provides ultimate performance on higher end PCs. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\e9a42b02-d5df-448d-aa00-03f14749eb61]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-19,Ultimate Performance ---------- | ADS Detected : C:\Users\quent\AppData\Local\Temp:$DATA? ---------- | 20 LastEventLog Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours. . ------------ Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours. ] ------------ Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours. . ------------ Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours. ] ------------ Le programme mmc.exe version 10.0.19041.746 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance. ID de processus : 227c Heure de début : 01d76a2465fa4468 Heure d'arrêt : 6 Chemin d'accès à l'application : C:\Windows\System32\mmc.exe ID de rapport : 8fbee8a6-0d20-4f72-bc9e-699734e04343 Nom complet du package défectueux : ID de l'application relative à un package défectueux : Type de blocage : Unknown ------------ Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. ------------ Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. ------------ Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. ------------ Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. ------------ Le programme Calculator.exe version 10.2103.8.0 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance. ID de processus : 104c Heure de début : 01d76908f3a07742 Heure d'arrêt : 4294967295 Chemin d'accès à l'application : C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe ID de rapport : 615d03c0-5857-440e-8ab3-4d8737423778 Nom complet du package défectueux : Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe ID de l'application relative à un package défectueux : App Type de blocage : Quiesce ------------ Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. ------------ Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. ------------ Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. ------------ Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. ------------ Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. ------------ Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. ------------ Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. ------------ L’optimiseur de stockage n’a pas pu terminer réoptimisation sur Data (D:) car : L’opération demandée n’est pas prise en charge par le matériel sous-jacent au volume. (0x8900002A) ------------ Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code de statut. ------------ ----------( EOF)---------- - 5178 | 14:43:16