--------------- QuickDiag | g3n-h@ckm@n | V7.201.21.2 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 22/07/2021 12:13:30 Updated 20/07/2021 | 17:35 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [cl_97 (Administrator)] - [LAPTOP-BAN0IFUQ] (S-1-5-21-1459843401-856262318-2992657480-1001) PC : ASUSTeK COMPUTER INC. TUF Gaming FX505DT_TUF505DT x64-based PC System: Microsoft Windows 10 Famille - X64 - (10.0.19043) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> (21H1) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Famille|C:\WINDOWS|\Device\Harddisk0\Partition3 Boot : Normal boot PC: TUF Gaming FX505DT_TUF505DT - ASUSTeK COMPUTER INC. - IdNumber: L8NRCV02S493347 - UUID: 9C1E51BC-A68D-0C40-827D-6DD6F78B08F5 Processor : AMD Ryzen 5 3550H with Radeon Vega Mobile Gfx (AuthenticAMD) - Clock Speed : 2100 - Socket : FP5 - Stauts : OK BIOS : American Megatrends Inc. FX505DT.316 - SN : L8NRCV02S493347 - Status : OK - Version : _ASUS_ - 1072009 - PrimaryBios : True - CurrentLanguage : en|US|iso8859-1 - OtherTargetOS : CoreTemp : 90 Celsius ----------| Quick ---------- | SoundDevice Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0235&SUBSYS_104318F1&REV_1000\5&3BE9FA0&0&0001 NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: ROOT\UNNAMED_DEVICE\0000 NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0094&SUBSYS_1043109F&REV_1001\5&1C8C15AE&0&0001 ---------- | Video NVIDIA GeForce GTX 1650 - Resolution: x - Colors: - RefreshRate: - Bits Per Pixel - DeviceID: VideoController1 - Drivers: C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_743149b233106e87\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_743149b233106e87\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_743149b233106e87\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_743149b233106e87\nvldumdx.dll - PNPDeviceID: PCI\VEN_10DE&DEV_1F91&SUBSYS_109F1043&REV_A1\4&C6920CC&0&0009 - AdapterCompatibility: NVIDIA - RAM: -1048576 AMD Radeon(TM) Vega 8 Graphics - Resolution: 1920x1080 - Colors: 4294967296 - RefreshRate: 144 - 32 Bits Per Pixel - DeviceID: VideoController2 - Drivers: C:\WINDOWS\System32\DriverStore\FileRepository\u0361708.inf_amd64_7de6b99937f60751\B358199\aticfx64.dll,C:\WINDOWS\System32\DriverStore\FileRepository\u0361708.inf_amd64_7de6b99937f60751\B358199\aticfx64.dll,C:\WINDOWS\System32\DriverStore\FileRepository\u0361708.inf_amd64_7de6b99937f60751\B358199\aticfx64.dll,C:\WINDOWS\System32\DriverStore\FileRepository\u0361708.inf_amd64_7de6b99937f60751\B358199\amdxc64.dll - PNPDeviceID: PCI\VEN_1002&DEV_15D8&SUBSYS_18F11043&REV_C2\4&18C8F581&0&0041 - AdapterCompatibility: Advanced Micro Devices, Inc. - RAM: 536870912 Inegrated Video Chipset DeviceName: NVIDIA GeForce GTX 1650 - DriverVersion: 30.0.14.7141 - SpecificationVersion: 1025 ---------- | Codecs C:\WINDOWS\system32\MSRLE32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 18432 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\TSBYUV.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\RTVCVFW64.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 246272 - Manufacturer: - Status: OK C:\WINDOWS\system32\IYUV_32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\L3CODECA.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 93184 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK C:\WINDOWS\system32\MSVIDC32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 39936 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\IMAADP32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 37440 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\MSYUV.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 27648 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\MSADP32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34600 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\MSGSM32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42904 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\MSG711.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25824 - Manufacturer: Microsoft Corporation - Status: OK ---------- | Memory Pagefile = Total (MB) : 19203 | Free (MB) : 8379 Virtual = Total (MB) : 4194 | Free (MB) : 3912 Physical Memory (MB) -------------------- Total: 15808 Available: 10381 Cached: 8942 Free: 856 System ------ Handles: 130829 Processes: 263 Threads: 3894 ---------- | SID Users Administrateur : [S-1-5-21-1459843401-856262318-2992657480-500] cl_97 : [S-1-5-21-1459843401-856262318-2992657480-1001] DefaultAccount : [S-1-5-21-1459843401-856262318-2992657480-503] Invité : [S-1-5-21-1459843401-856262318-2992657480-501] WDAGUtilityAccount : [S-1-5-21-1459843401-856262318-2992657480-504] Administrateurs : [S-1-5-32-544] Hyper-V Administrators : [S-1-5-32-578] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] Propriétaires d'appareils : [S-1-5-32-583] System Managed Accounts Group : [S-1-5-32-581] Utilisateurs : [S-1-5-32-545] Utilisateurs de gestion à distance : [S-1-5-32-580] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] ---------- | Drives C:\ -> [Fixed] | [OS] | Total : 475.55 Go | Free : 139.22 Go -> NTFS (SSD) D:\ -> [Fixed] | [Data] | Total : 931.5 Go | Free : 242.62 Go -> NTFS [SATA] Drive: 0 Cylinders: 62260 Tracks per Cylinder: 255 Sectors per Track: 63 Bytes per Sector: 512 Total Space: 512110190592 bytes Drive: 1 Cylinders: 121601 Tracks per Cylinder: 255 Sectors per Track: 63 Bytes per Sector: 512 Total Space: 1000204886016 bytes ---------- | Windows updates - Activation - License W.A.T : :) Test 1 : Windows Is Activated Test 2 : Possible Fixed Windows Test 3 : Possible Fixed Windows Test 4 : Possible Fixed Windows Volume License ---------- | Browsers IE : 11.0.19041.1 (© Microsoft Corporation. Tous droits réservés.) Default : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" ---------- | FlashPlayer ---------- | Security AV : Malwarebytes Enabled AS : WMI : OK WU: Windows Update Service [Manual(3)] = stopped AS: Windows Defender [Manual(3)] = stopped WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 544 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.19041.964) = C:\Windows\System32\smss.exe [12/05/2021 20:59:16] CPU Usage:0 % 768 | [Owner : Système | Parent : 740() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.19041.546) = C:\Windows\System32\csrss.exe [28/01/2021 10:20:14] CPU Usage:0 % 908 | [Owner : Système | Parent : 740() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.19041.662) = C:\Windows\System32\wininit.exe [28/01/2021 10:20:14] CPU Usage:0 % 916 | [Owner : Système | Parent : 900() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.19041.546) = C:\Windows\System32\csrss.exe [28/01/2021 10:20:14] CPU Usage:0 % 1004 | [Owner : Système | Parent : 900() | 2.16 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.19041.906) = C:\Windows\System32\winlogon.exe [15/04/2021 06:24:11] CPU Usage:0 % 596 | [Owner : Système | Parent : 908(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.19041.928) = C:\Windows\System32\services.exe [15/04/2021 06:24:09] CPU Usage:0 % 616 | [Owner : Système | Parent : 908(wininit.exe) | 13.8 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.19041.906) = C:\Windows\System32\lsass.exe [15/04/2021 06:24:09] CPU Usage:0 % 1116 | [Owner : Système | Parent : 596(services.exe) | 21.93 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 1152 | [Owner : UMFD-0 | Parent : 908(wininit.exe) | 0.34 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.19041.1110) = C:\Windows\System32\fontdrvhost.exe [14/07/2021 13:36:08] CPU Usage:0 % 1156 | [Owner : UMFD-1 | Parent : 1004(winlogon.exe) | 6.2 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.19041.1110) = C:\Windows\System32\fontdrvhost.exe [14/07/2021 13:36:08] CPU Usage:0 % 1192 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 0.5 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.19041.1) = C:\Windows\System32\WUDFHost.exe [07/12/2019 11:08:58] CPU Usage:0 % 1288 | [Owner : SERVICE RÉSEAU | Parent : 596(services.exe) | 13.36 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 1344 | [Owner : Système | Parent : 596(services.exe) | 4 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 1412 | [Owner : DWM-1 | Parent : 1004(winlogon.exe) | 69.36 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (10.0.19041.746) = C:\Windows\System32\dwm.exe [28/01/2021 10:20:12] CPU Usage:0 % 1556 | [Owner : Système | Parent : 596(services.exe) | 2 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 1568 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 2.31 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 1604 | [Owner : Système | Parent : 596(services.exe) | 9.95 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 1664 | [Owner : Système | Parent : 596(services.exe) | 1.82 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 1724 | [Owner : Système | Parent : 596(services.exe) | 5.24 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 1732 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 1.82 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 1800 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 13.14 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 1900 | [Owner : Système | Parent : 596(services.exe) | 8.44 Mo] - (.IObit - Advanced SystemCare Service.) - (14.1.1.178) = C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [18/07/2021 01:27:07] CPU Usage:0 % 1952 | [Owner : Système | Parent : 596(services.exe) | 5.05 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 644 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 3.9 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 1916 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 2.47 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 2096 | [Owner : Système | Parent : 1604(svchost.exe) | 29.46 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.19041.906) = C:\Windows\System32\taskhostw.exe [15/04/2021 06:24:13] CPU Usage:0 % 2164 | [Owner : SERVICE RÉSEAU | Parent : 596(services.exe) | 5.56 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 2172 | [Owner : Système | Parent : 596(services.exe) | 5.42 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 2208 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 1.68 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 2240 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 1.07 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 2312 | [Owner : Système | Parent : 596(services.exe) | 13.44 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 2356 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 5.59 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 2460 | [Owner : Système | Parent : 596(services.exe) | 9.68 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 2676 | [Owner : Système | Parent : 596(services.exe) | 6.52 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.33.2988.2648) = C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_743149b233106e87\Display.NvContainer\NVDisplay.Container.exe [19/07/2021 16:51:03] CPU Usage:0 % 2864 | [Owner : Système | Parent : 596(services.exe) | 0.75 Mo] - (.AMD - AMD External Events Service Module.) - (27.20.1032.2) = C:\Windows\System32\DriverStore\FileRepository\u0361708.inf_amd64_7de6b99937f60751\B358199\atiesrxx.exe [30/11/2020 04:28:32] CPU Usage:0 % 2900 | [Owner : Système | Parent : 2676(NVDisplay.Container.exe) | 20.96 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.33.2988.2648) = C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_743149b233106e87\Display.NvContainer\NVDisplay.Container.exe [19/07/2021 16:51:03] CPU Usage:0 % 3016 | [Owner : Système | Parent : 596(services.exe) | 5.9 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 3024 | [Owner : Système | Parent : 596(services.exe) | 1.37 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 3032 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 3.91 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 3040 | [Owner : Système | Parent : 2864(atiesrxx.exe) | 1.88 Mo] - (.AMD - AMD External Events Client Module.) - (27.20.1032.2) = C:\Windows\System32\DriverStore\FileRepository\u0361708.inf_amd64_7de6b99937f60751\B358199\atieclxx.exe [30/11/2020 04:28:28] CPU Usage:0 % 2284 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 3.42 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 3096 | [Owner : Système | Parent : 596(services.exe) | 1.4 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 3160 | [Owner : SERVICE RÉSEAU | Parent : 596(services.exe) | 5.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 3184 | [Owner : Système | Parent : 596(services.exe) | 1.95 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 3192 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 3.25 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 3424 | [Owner : Système | Parent : 596(services.exe) | 26.61 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 3464 | [Owner : Système | Parent : 596(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 3596 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 7.42 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 3704 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 2.43 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 3712 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 2.92 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 3844 | [Owner : Système | Parent : 1116(svchost.exe) | 7.88 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.19041.546) = C:\Windows\System32\wbem\WmiPrvSE.exe [28/01/2021 10:20:09] CPU Usage:0 % 3904 | [Owner : Système | Parent : 596(services.exe) | 4.02 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 3984 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 1.69 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 4048 | [Owner : Système | Parent : 596(services.exe) | 2.32 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 4056 | [Owner : Système | Parent : 596(services.exe) | 2.83 Mo] - (.ASUSTeK COMPUTER INC. - ASUS Optimization.) - (2.1.28.0) = C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSOptimization\AsusOptimization.exe [14/07/2021 19:07:53] CPU Usage:0 % 4108 | [Owner : Système | Parent : 596(services.exe) | 4.41 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.19041.1083) = C:\Windows\System32\spoolsv.exe [08/07/2021 02:14:18] CPU Usage:0 % 4204 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 14.79 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 4380 | [Owner : SERVICE RÉSEAU | Parent : 596(services.exe) | 2.43 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 4520 | [Owner : Système | Parent : 596(services.exe) | 1.85 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 4684 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 2.07 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 4780 | [Owner : Système | Parent : 596(services.exe) | 1.47 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 4788 | [Owner : SERVICE RÉSEAU | Parent : 596(services.exe) | 3.96 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 4824 | [Owner : Système | Parent : 596(services.exe) | 3.8 Mo] - (.ASUSTeK COMPUTER INC.? - ASUS Link Remote.) - (2.0.5.0) = C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkRemote\AsusLinkRemote.exe [14/07/2021 19:07:53] CPU Usage:0 % 4832 | [Owner : Système | Parent : 596(services.exe) | 19.26 Mo] - (.ASUSTeK COMPUTER INC. - ARMOURY CRATE Service.) - (4.1.1.0) = C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe [08/06/2021 10:45:04] CPU Usage:0 % 4844 | [Owner : Système | Parent : 596(services.exe) | 5.43 Mo] - (.ASUSTek Computer Inc. - ASUS Link Near.) - (2.0.18.0) = C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkNear\AsusLinkNear.exe [14/07/2021 19:07:53] CPU Usage:0 % 4852 | [Owner : Système | Parent : 596(services.exe) | 11.94 Mo] - (.ASUSTeK COMPUTER INC. - ASUS Software Manager.) - (1.0.40.0) = C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSoftwareManager\AsusSoftwareManager.exe [14/07/2021 19:07:53] CPU Usage:0 % 4876 | [Owner : Système | Parent : 596(services.exe) | 0.61 Mo] - (.ASUSTek Computer Inc. - ASUS Link Near Extension.) - (1.0.3.0) = C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkNear\AsusLinkNearExt.exe [14/07/2021 19:07:53] CPU Usage:0 % 4892 | [Owner : Système | Parent : 596(services.exe) | 8.41 Mo] - (.ASUSTeK COMPUTER INC. - ASUS System Analysis.) - (2.1.8.0) = C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\AsusSystemAnalysis.exe [14/07/2021 19:07:53] CPU Usage:0 % 4920 | [Owner : Système | Parent : 596(services.exe) | ?????] - (.AO Kaspersky Lab - Kaspersky Lab launcher.) - (21.3.0.1) = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe [17/06/2021 10:32:46] CPU Usage:0 % 4928 | [Owner : Système | Parent : 596(services.exe) | 6.65 Mo] - (.ASUSTek COMPUTER INC. - ASUS System Diagnosis.) - (2.0.23.0) = C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe [14/07/2021 19:07:54] CPU Usage:0 % 4940 | [Owner : SERVICE RÉSEAU | Parent : 596(services.exe) | 5 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 4948 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 47.06 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 4956 | [Owner : Système | Parent : 596(services.exe) | 0.72 Mo] - (.Dropbox, Inc. - Dropbox Service.) - (1.0.24.0) = C:\Windows\System32\DbxSvc.exe [17/07/2021 16:58:52] CPU Usage:0 % 4964 | [Owner : Système | Parent : 596(services.exe) | 10.9 Mo] - (.Scarlet.Crush Productions - ScpService.) - (1.6.238.16010) = C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe [10/01/2016 13:52:08] CPU Usage:0 % 4996 | [Owner : Système | Parent : 596(services.exe) | 16.51 Mo] - (.Microsoft Corporation - Microsoft Office Click-to-Run (SxS).) - (16.0.14131.20304) = C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe [17/07/2021 18:51:09] CPU Usage:0 % 5064 | [Owner : Système | Parent : 596(services.exe) | 1.1 Mo] - (.-.) - (0.0.0.0) = C:\Windows\System32\DTS\PC\APO3x\DTSAPO3Service.exe [03/09/2019 05:08:28] CPU Usage:0 % 5100 | [Owner : Système | Parent : 596(services.exe) | 17.51 Mo] - (.Lenovo Group Ltd. - Lenovo.Modern.ImController.) - (1.1.20.1) = C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [13/07/2021 14:56:19] CPU Usage:0 % 5116 | [Owner : Système | Parent : 596(services.exe) | 3.62 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 4392 | [Owner : Système | Parent : 596(services.exe) | 20.49 Mo] - (.Lenovo Group Ltd. - LenovoVantageService.) - (3.7.19.0) = C:\Program Files (x86)\Lenovo\VantageService\3.7.19.0\LenovoVantageService.exe [20/06/2021 12:14:22] CPU Usage:0 % 3408 | [Owner : Système | Parent : 596(services.exe) | 3.74 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 2956 | [Owner : Système | Parent : 596(services.exe) | 0.59 Mo] - (.Parsec - Parsec.) - (150.47.0.0) = C:\Program Files\Parsec\pservice.exe [23/12/2020 17:08:35] CPU Usage:0 % 5124 | [Owner : Système | Parent : 596(services.exe) | 10.02 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.33.2988.2648) = C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [22/06/2021 18:18:18] CPU Usage:0 % 5132 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 1.21 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 5164 | [Owner : Système | Parent : 596(services.exe) | 1.99 Mo] - (.ASUSTek Computer Inc. - LightingService.) - (0.0.0.0) = C:\Program Files (x86)\LightingService\LightingService.exe [14/05/2021 14:16:54] CPU Usage:0 % 5224 | [Owner : Système | Parent : 596(services.exe) | 1.05 Mo] - (.Realtek Semiconductor - Realtek HD Audio Universal Service.) - (1.0.331.1) = C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c759ff49aef8a7cf\RtkAudUService64.exe [30/12/2020 15:53:39] CPU Usage:0 % 5256 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 0.18 Mo] - (.Microsoft Corporation - GamingServices.) - (10.0.19041.7259) = C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17003.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe [22/05/2021 14:42:13] CPU Usage:0 % 5288 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 1.55 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 5300 | [Owner : Système | Parent : 596(services.exe) | 8.85 Mo] - (.ASUSTek COMPUTER INC. - ROG Live Service.) - (1.2.12.5) = C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [18/06/2021 10:43:34] CPU Usage:0 % 5356 | [Owner : Système | Parent : 596(services.exe) | 0.67 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 5408 | [Owner : Système | Parent : 596(services.exe) | 5.98 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 5548 | [Owner : Système | Parent : 596(services.exe) | 12.31 Mo] - (.Microsoft Corporation - GamingServices.) - (10.0.19041.7259) = C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17003.0_x64__8wekyb3d8bbwe\GamingServices.exe [22/05/2021 14:42:13] CPU Usage:0 % 6172 | [Owner : Système | Parent : 596(services.exe) | 3.53 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 6292 | [Owner : Système | Parent : 596(services.exe) | 3.48 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 6732 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 0.99 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 7132 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 1.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 6164 | [Owner : Système | Parent : 5124(nvcontainer.exe) | 0.94 Mo] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (10.0.19041.746) = C:\Windows\System32\rundll32.exe [28/01/2021 10:20:21] CPU Usage:0 % 6140 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 3.1 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 7464 | [Owner : Système | Parent : 596(services.exe) | 0.92 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 7556 | [Owner : SERVICE LOCAL | Parent : 1116(svchost.exe) | 8.58 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.19041.546) = C:\Windows\System32\wbem\WmiPrvSE.exe [28/01/2021 10:20:09] CPU Usage:0 % 7588 | [Owner : SERVICE LOCAL | Parent : 6292(svchost.exe) | 3.47 Mo] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.19041.1) = C:\Windows\System32\dasHost.exe [07/12/2019 11:08:37] CPU Usage:0 % 7812 | [Owner : Système | Parent : 596(services.exe) | 3.4 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 7952 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 0.49 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 6516 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 3.22 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 8348 | [Owner : Système | Parent : 596(services.exe) | 6.1 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 9608 | [Owner : cl_97 | Parent : 4056(AsusOptimization.exe) | 0.27 Mo] - (.ASUSTeK COMPUTER INC. - ASUS Optimization Startup Task.) - (2.1.28.0) = C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSOptimization\AsusOptimizationStartupTask.exe [14/07/2021 19:07:53] CPU Usage:0 % 9680 | [Owner : cl_97 | Parent : 5124(nvcontainer.exe) | 4.08 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.33.2988.2648) = C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [22/06/2021 18:18:18] CPU Usage:0 % 9752 | [Owner : cl_97 | Parent : 5124(nvcontainer.exe) | 34.08 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.33.2988.2648) = C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [22/06/2021 18:18:18] CPU Usage:0 % 9916 | [Owner : cl_97 | Parent : 1952(svchost.exe) | 17.63 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.19041.746) = C:\Windows\System32\sihost.exe [28/01/2021 10:20:04] CPU Usage:0 % 10008 | [Owner : cl_97 | Parent : 4832(ArmouryCrate.Service.exe) | 18.99 Mo] - (.ASUSTeK COMPUTER INC. - ARMOURY CRATE User Session Helper.) - (4.0.0.0) = C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.UserSessionHelper.exe [08/06/2021 10:45:04] CPU Usage:0 % 10016 | [Owner : cl_97 | Parent : 10008(ArmouryCrate.UserSessionHelper.exe) | 0.53 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.19041.964) = C:\Windows\System32\conhost.exe [12/05/2021 20:59:15] CPU Usage:0 % 10128 | [Owner : cl_97 | Parent : 596(services.exe) | 2.28 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 10176 | [Owner : cl_97 | Parent : 596(services.exe) | 19.34 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 9388 | [Owner : Système | Parent : 1604(svchost.exe) | 1.96 Mo] - (.Dropbox, Inc. - Dropbox Update.) - (1.3.27.73) = C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [10/12/2020 10:29:34] CPU Usage:0 % 1700 | [Owner : Système | Parent : 596(services.exe) | 7.37 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 4796 | [Owner : cl_97 | Parent : 1604(svchost.exe) | 1 Mo] - (.ASUS - AcPowerNotification.) - (1.0.2.7) = C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [18/07/2021 13:22:27] CPU Usage:0 % 6404 | [Owner : Système | Parent : 596(services.exe) | 8.36 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 9868 | [Owner : cl_97 | Parent : 1604(svchost.exe) | 4.86 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.19041.906) = C:\Windows\System32\taskhostw.exe [15/04/2021 06:24:13] CPU Usage:0 % 10256 | [Owner : cl_97 | Parent : 1604(svchost.exe) | 12.31 Mo] - (.ASUSTek Computer Inc. - ASUS NodeJS Web Framework.) - (2.0.2.6) = C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [29/03/2021 11:20:12] CPU Usage:0 % 10268 | [Owner : cl_97 | Parent : 1604(svchost.exe) | 1.64 Mo] - (.ASUS - ArmourySocketServer.) - (0.0.7.10) = C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [18/07/2021 13:22:27] CPU Usage:0 % 10336 | [Owner : Système | Parent : 596(services.exe) | 1.36 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 10480 | [Owner : cl_97 | Parent : 10336(svchost.exe) | 8.4 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.19041.1) = C:\Windows\System32\ctfmon.exe [07/12/2019 11:09:00] CPU Usage:0 % 10664 | [Owner : cl_97 | Parent : 10568() | 117.67 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.19041.1110) = C:\Windows\explorer.exe [14/07/2021 13:36:04] CPU Usage:0 % 10760 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 3.7 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 11120 | [Owner : cl_97 | Parent : 596(services.exe) | 1.67 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 4672 | [Owner : cl_97 | Parent : 5184() | 1.54 Mo] - (.- GetMonitorInfo.) - (1.0.0.0) = C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\GetMonitorInfo.exe [17/04/2019 23:19:12] CPU Usage:0 % 10416 | [Owner : cl_97 | Parent : 4672(GetMonitorInfo.exe) | 0.29 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.19041.964) = C:\Windows\System32\conhost.exe [12/05/2021 20:59:15] CPU Usage:0 % 11352 | [Owner : SERVICE LOCAL | Parent : 3596(svchost.exe) | 33.64 Mo] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (10.0.19041.1081) = C:\Windows\System32\audiodg.exe [27/06/2021 02:41:32] CPU Usage:0 % 12072 | [Owner : Système | Parent : 4656() | 1.06 Mo] - (.Google LLC - Google Crash Handler.) - (1.3.36.91) = C:\Program Files (x86)\Google\Update\1.3.36.92\GoogleCrashHandler.exe [16/07/2021 00:33:43] CPU Usage:0 % 12156 | [Owner : Système | Parent : 596(services.exe) | 1.22 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 12240 | [Owner : Système | Parent : 4656() | 0.49 Mo] - (.Google LLC - Google Crash Handler.) - (1.3.36.91) = C:\Program Files (x86)\Google\Update\1.3.36.92\GoogleCrashHandler64.exe [16/07/2021 00:33:43] CPU Usage:0 % 12044 | [Owner : Système | Parent : 1116(svchost.exe) | 2.87 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.19041.546) = C:\Windows\System32\dllhost.exe [28/01/2021 10:20:13] CPU Usage:0 % 12548 | [Owner : Système | Parent : 4392(LenovoVantageService.exe) | 4.78 Mo] - (.Lenovo Group Ltd. - Lenovo.Vantage.AddinHost.) - (3.7.19.0) = C:\Program Files (x86)\Lenovo\VantageService\3.7.19.0\Lenovo.Vantage.AddinHost.exe [20/06/2021 12:14:22] CPU Usage:0 % 12944 | [Owner : cl_97 | Parent : 5124(nvcontainer.exe) | 0.96 Mo] - (.NVIDIA Corporation - NVIDIA ShadowPlay Helper.) - (3.23.0.74) = C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe [22/08/2020 13:17:58] CPU Usage:0 % 12964 | [Owner : cl_97 | Parent : 9680(nvcontainer.exe) | 9.54 Mo] - (.NVIDIA Corporation - NVIDIA Share.) - (73.3683.1933.5) = C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [22/08/2020 13:17:57] CPU Usage:0 % 12312 | [Owner : cl_97 | Parent : 13136() | 0.05 Mo] - (.ASUSTeK COMPUTER INC. - ASUS On-Screen Display.) - (2.1.9.0) = C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSOptimization\AsusOSD.exe [14/07/2021 19:07:53] CPU Usage:0 % 12256 | [Owner : Système | Parent : 596(services.exe) | 6.72 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 12344 | [Owner : Système | Parent : 596(services.exe) | 32.04 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.19041.1023) = C:\Windows\System32\SearchIndexer.exe [09/06/2021 11:16:18] CPU Usage:0 % 12396 | [Owner : cl_97 | Parent : 10008(ArmouryCrate.UserSessionHelper.exe) | 2.94 Mo] - (.- AutoConnectHelper.) - (1.0.0.3) = C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe [08/06/2021 10:45:06] CPU Usage:0 % 12560 | [Owner : cl_97 | Parent : 1116(svchost.exe) | 7.35 Mo] - (.-.) - (0.0.0.0) = C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe [28/01/2021 10:20:08] CPU Usage:0 % 13260 | [Owner : cl_97 | Parent : 1116(svchost.exe) | 1.97 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe [28/01/2021 10:19:56] CPU Usage:0 % 12192 | [Owner : cl_97 | Parent : 1116(svchost.exe) | 0.02 Mo] - (.Microsoft Corporation - Search application.) - (10.0.19041.1110) = C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe [14/07/2021 13:36:19] CPU Usage:0 % 13336 | [Owner : cl_97 | Parent : 12964(NVIDIA Share.exe) | 4 Mo] - (.NVIDIA Corporation - NVIDIA Share.) - (73.3683.1933.5) = C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [22/08/2020 13:17:57] CPU Usage:0 % 13568 | [Owner : cl_97 | Parent : 4920(avp.exe) | 0.93 Mo] - (.AO Kaspersky Lab - Kaspersky Anti-Virus.) - (21.3.12.434) = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe [17/06/2021 10:32:46] CPU Usage:0 % 13620 | [Owner : cl_97 | Parent : 1116(svchost.exe) | 5.54 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe [28/01/2021 10:19:56] CPU Usage:0 % 13968 | [Owner : cl_97 | Parent : 1116(svchost.exe) | 2.19 Mo] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.19041.746) = C:\Windows\System32\SettingSyncHost.exe [28/01/2021 10:20:22] CPU Usage:0 % 14200 | [Owner : cl_97 | Parent : 13992() | 14.31 Mo] - (.Node.js - NVIDIA Web Helper Service.) - (11.13.0.0) = C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe [22/08/2020 13:17:55] CPU Usage:0 % 14172 | [Owner : cl_97 | Parent : 14200(NVIDIA Web Helper.exe) | 0.89 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.19041.964) = C:\Windows\System32\conhost.exe [12/05/2021 20:59:15] CPU Usage:0 % 14664 | [Owner : cl_97 | Parent : 1116(svchost.exe) | 1.77 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe [28/01/2021 10:19:56] CPU Usage:0 % 13776 | [Owner : cl_97 | Parent : 12964(NVIDIA Share.exe) | 16.24 Mo] - (.NVIDIA Corporation - NVIDIA Share.) - (73.3683.1933.5) = C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [22/08/2020 13:17:57] CPU Usage:0 % 14520 | [Owner : cl_97 | Parent : 10256(asus_framework.exe) | 0.55 Mo] - (.ASUSTek Computer Inc. - ASUS NodeJS Web Framework.) - (2.0.2.6) = C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe [29/03/2021 11:20:12] CPU Usage:0 % 15516 | [Owner : cl_97 | Parent : 14520(asus_framework.exe) | 1.56 Mo] - (.- ArmourySwAgent.) - (1.0.0.19) = C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe [18/07/2021 13:22:31] CPU Usage:0 % 15712 | [Owner : cl_97 | Parent : 10664(explorer.exe) | 3.03 Mo] - (.Microsoft Corporation - Windows Security notification icon.) - (10.0.19041.1) = C:\Windows\System32\SecurityHealthSystray.exe [07/12/2019 11:08:41] CPU Usage:0 % 15748 | [Owner : Système | Parent : 596(services.exe) | ?????] - (.Microsoft Corporation - Windows Security Health Service.) - (4.18.1907.16384) = C:\Windows\System32\SecurityHealthService.exe [12/05/2021 20:59:15] CPU Usage:0 % 15832 | [Owner : cl_97 | Parent : 10664(explorer.exe) | 11.99 Mo] - (.Microsoft Corporation - Microsoft OneDrive.) - (21.119.613.1) = C:\Users\cl_97\AppData\Local\Microsoft\OneDrive\OneDrive.exe [08/07/2021 22:29:21] CPU Usage:0 % 16164 | [Owner : cl_97 | Parent : 10664(explorer.exe) | 165.01 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.164) = C:\Program Files\Google\Chrome\Application\chrome.exe [20/07/2021 03:40:38] CPU Usage:0 % 16184 | [Owner : cl_97 | Parent : 16164(chrome.exe) | 2.05 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.164) = C:\Program Files\Google\Chrome\Application\chrome.exe [20/07/2021 03:40:38] CPU Usage:0 % 16356 | [Owner : cl_97 | Parent : 16164(chrome.exe) | 183.52 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.164) = C:\Program Files\Google\Chrome\Application\chrome.exe [20/07/2021 03:40:38] CPU Usage:0 % 16368 | [Owner : cl_97 | Parent : 16164(chrome.exe) | 30.88 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.164) = C:\Program Files\Google\Chrome\Application\chrome.exe [20/07/2021 03:40:38] CPU Usage:0 % 13740 | [Owner : cl_97 | Parent : 16164(chrome.exe) | 7.44 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.164) = C:\Program Files\Google\Chrome\Application\chrome.exe [20/07/2021 03:40:38] CPU Usage:0 % 1980 | [Owner : cl_97 | Parent : 16164(chrome.exe) | 48.9 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.164) = C:\Program Files\Google\Chrome\Application\chrome.exe [20/07/2021 03:40:38] CPU Usage:0 % 1708 | [Owner : cl_97 | Parent : 16164(chrome.exe) | 41.43 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.164) = C:\Program Files\Google\Chrome\Application\chrome.exe [20/07/2021 03:40:38] CPU Usage:0 % 3064 | [Owner : cl_97 | Parent : 16164(chrome.exe) | 4.57 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.164) = C:\Program Files\Google\Chrome\Application\chrome.exe [20/07/2021 03:40:38] CPU Usage:0 % 16156 | [Owner : cl_97 | Parent : 16164(chrome.exe) | 38.49 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.164) = C:\Program Files\Google\Chrome\Application\chrome.exe [20/07/2021 03:40:38] CPU Usage:0 % 16152 | [Owner : cl_97 | Parent : 16164(chrome.exe) | 10.96 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.164) = C:\Program Files\Google\Chrome\Application\chrome.exe [20/07/2021 03:40:38] CPU Usage:0 % 5032 | [Owner : cl_97 | Parent : 16164(chrome.exe) | 35.22 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.164) = C:\Program Files\Google\Chrome\Application\chrome.exe [20/07/2021 03:40:38] CPU Usage:0 % 16472 | [Owner : cl_97 | Parent : 16164(chrome.exe) | 34.88 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.164) = C:\Program Files\Google\Chrome\Application\chrome.exe [20/07/2021 03:40:38] CPU Usage:0 % 16516 | [Owner : cl_97 | Parent : 16164(chrome.exe) | 3.94 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.164) = C:\Program Files\Google\Chrome\Application\chrome.exe [20/07/2021 03:40:38] CPU Usage:0 % 16924 | [Owner : cl_97 | Parent : 16164(chrome.exe) | 0.08 Mo] - (.Microsoft Corporation - Interpréteur de commandes Windows.) - (10.0.19041.746) = C:\Windows\System32\cmd.exe [28/01/2021 10:20:06] CPU Usage:0 % 16932 | [Owner : cl_97 | Parent : 16924(cmd.exe) | 0.44 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.19041.964) = C:\Windows\System32\conhost.exe [12/05/2021 20:59:15] CPU Usage:0 % 17020 | [Owner : cl_97 | Parent : 16924(cmd.exe) | 4.59 Mo] - (.AO Kaspersky Lab - Kaspersky Native Messaging Server.) - (30.587.0.1060) = C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\plugins_nms.exe [17/04/2021 10:01:14] CPU Usage:0 % 17192 | [Owner : cl_97 | Parent : 10664(explorer.exe) | 28.32 Mo] - (.Valve Corporation - Steam.) - (6.67.42.96) = C:\Program Files (x86)\Steam\steam.exe [17/07/2021 12:36:55] CPU Usage:0 % 16936 | [Owner : cl_97 | Parent : 17276() | 28.27 Mo] - (.Discord Inc. - Discord.) - (1.0.9002.0) = C:\Users\cl_97\AppData\Local\Discord\app-1.0.9002\Discord.exe [25/05/2021 20:42:22] CPU Usage:0 % 12056 | [Owner : cl_97 | Parent : 16936(Discord.exe) | 2.15 Mo] - (.Discord Inc. - Discord.) - (1.0.9002.0) = C:\Users\cl_97\AppData\Local\Discord\app-1.0.9002\Discord.exe [25/05/2021 20:42:22] CPU Usage:0 % 17412 | [Owner : cl_97 | Parent : 16936(Discord.exe) | 4.95 Mo] - (.Discord Inc. - Discord.) - (1.0.9002.0) = C:\Users\cl_97\AppData\Local\Discord\app-1.0.9002\Discord.exe [25/05/2021 20:42:22] CPU Usage:0 % 17484 | [Owner : cl_97 | Parent : 16936(Discord.exe) | 11.92 Mo] - (.Discord Inc. - Discord.) - (1.0.9002.0) = C:\Users\cl_97\AppData\Local\Discord\app-1.0.9002\Discord.exe [25/05/2021 20:42:22] CPU Usage:0 % 17716 | [Owner : cl_97 | Parent : 1604(svchost.exe) | 0.66 Mo] - (.Realtek Semiconductor - Realtek HD Audio Universal Service.) - (1.0.331.1) = C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c759ff49aef8a7cf\RtkAudUService64.exe [30/12/2020 15:53:39] CPU Usage:0 % 18240 | [Owner : cl_97 | Parent : 16936(Discord.exe) | 247.7 Mo] - (.Discord Inc. - Discord.) - (1.0.9002.0) = C:\Users\cl_97\AppData\Local\Discord\app-1.0.9002\Discord.exe [25/05/2021 20:42:22] CPU Usage:0 % 18604 | [Owner : cl_97 | Parent : 17192(steam.exe) | 8.46 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (6.67.42.96) = C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [17/07/2021 12:36:55] CPU Usage:0 % 18632 | [Owner : Système | Parent : 596(services.exe) | 2.24 Mo] - (.Valve Corporation - Steam Client Service.) - (6.67.42.96) = C:\Program Files (x86)\Common Files\Steam\SteamService.exe [10/12/2020 09:22:14] CPU Usage:0 % 18724 | [Owner : cl_97 | Parent : 18604(steamwebhelper.exe) | 2.03 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (6.67.42.96) = C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [17/07/2021 12:36:55] CPU Usage:0 % 18840 | [Owner : cl_97 | Parent : 18604(steamwebhelper.exe) | 4.61 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (6.67.42.96) = C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [17/07/2021 12:36:55] CPU Usage:0 % 19068 | [Owner : cl_97 | Parent : 18604(steamwebhelper.exe) | 2.47 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (6.67.42.96) = C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [17/07/2021 12:36:55] CPU Usage:0 % 19168 | [Owner : cl_97 | Parent : 18884() | 65.6 Mo] - (.Dropbox, Inc. - Dropbox.) - (127.4.4265.0) = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [21/07/2021 02:07:29] CPU Usage:0 % 19264 | [Owner : cl_97 | Parent : 19168(Dropbox.exe) | 0.94 Mo] - (.Dropbox, Inc. - Dropbox.) - (127.4.4265.0) = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [21/07/2021 02:07:29] CPU Usage:0 % 19360 | [Owner : cl_97 | Parent : 19168(Dropbox.exe) | 1.88 Mo] - (.Dropbox, Inc. - Dropbox.) - (127.4.4265.0) = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [21/07/2021 02:07:29] CPU Usage:0 % 19048 | [Owner : cl_97 | Parent : 16936(Discord.exe) | 7.02 Mo] - (.Discord Inc. - Discord.) - (1.0.9002.0) = C:\Users\cl_97\AppData\Local\Discord\app-1.0.9002\Discord.exe [25/05/2021 20:42:22] CPU Usage:0 % 20060 | [Owner : cl_97 | Parent : 18604(steamwebhelper.exe) | 1.06 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (6.67.42.96) = C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [17/07/2021 12:36:55] CPU Usage:0 % 20120 | [Owner : cl_97 | Parent : 18604(steamwebhelper.exe) | 8.85 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (6.67.42.96) = C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [17/07/2021 12:36:55] CPU Usage:0 % 20208 | [Owner : cl_97 | Parent : 18604(steamwebhelper.exe) | 1.16 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (6.67.42.96) = C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [17/07/2021 12:36:55] CPU Usage:0 % 19556 | [Owner : cl_97 | Parent : 16164(chrome.exe) | 4.72 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.164) = C:\Program Files\Google\Chrome\Application\chrome.exe [20/07/2021 03:40:38] CPU Usage:0 % 20308 | [Owner : cl_97 | Parent : 18884() | 0.32 Mo] - (.Oracle Corporation - Java Update Scheduler.) - (2.8.291.10) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [09/04/2021 05:29:36] CPU Usage:0 % 19792 | [Owner : cl_97 | Parent : 19168(Dropbox.exe) | 11.11 Mo] - (.The Qt Company Ltd. - Qt Qtwebengineprocess.) - (5.13.2.0) = C:\Program Files (x86)\Dropbox\Client\127.4.4265\QtWebEngineProcess.exe [21/07/2021 02:07:29] CPU Usage:0 % 17076 | [Owner : cl_97 | Parent : 19168(Dropbox.exe) | 0.38 Mo] - (.The Qt Company Ltd. - Qt Qtwebengineprocess.) - (5.13.2.0) = C:\Program Files (x86)\Dropbox\Client\127.4.4265\QtWebEngineProcess.exe [21/07/2021 02:07:29] CPU Usage:0 % 20884 | [Owner : cl_97 | Parent : 1116(svchost.exe) | 56.71 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.19041.610) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [28/01/2021 10:20:58] CPU Usage:0 % 20992 | [Owner : cl_97 | Parent : 1116(svchost.exe) | 14.31 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe [28/01/2021 10:19:56] CPU Usage:0 % 1944 | [Owner : cl_97 | Parent : 4852(AsusSoftwareManager.exe) | 45.14 Mo] - (.ASUSTeK COMPUTER INC.? - ASUS Software Manager Agent.) - (3.2.35.0) = C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSoftwareManager\AsusSoftwareManagerAgent.exe [14/07/2021 19:07:53] CPU Usage:0 % 5080 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 6.86 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 19948 | [Owner : Système | Parent : 596(services.exe) | 14.38 Mo] - (.AO Kaspersky Lab - Kaspersky Lab launcher.) - (21.3.0.1) = C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [17/06/2021 22:59:33] CPU Usage:0 % 20976 | [Owner : cl_97 | Parent : 596(services.exe) | 1.48 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 13468 | [Owner : Système | Parent : 596(services.exe) | ?????] - (.Microsoft Corporation - Service Broker du moniteur d'exécution System Guard.) - (10.0.19041.546) = C:\Windows\System32\SgrmBroker.exe [28/01/2021 10:20:37] CPU Usage:0 % 15532 | [Owner : Système | Parent : 596(services.exe) | 5.97 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 1132 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 11244 | [Owner : cl_97 | Parent : 10664(explorer.exe) | 5.09 Mo] - (.Disc Soft Ltd - DAEMON Tools Shell Extensions Helper.) - (8.2.0.708) = C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe [17/05/2017 10:27:52] CPU Usage:0 % 6392 | [Owner : Système | Parent : 596(services.exe) | 3.89 Mo] - (.Disc Soft Ltd - Disc Soft Bus Service Pro.) - (8.2.0.708) = C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe [17/05/2017 10:27:12] CPU Usage:0 % 4448 | [Owner : cl_97 | Parent : 1116(svchost.exe) | 0.41 Mo] - (.Microsoft Corporation - Application Frame Host.) - (10.0.19041.746) = C:\Windows\System32\ApplicationFrameHost.exe [28/01/2021 10:20:08] CPU Usage:0 % 19984 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 0.98 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 20628 | [Owner : cl_97 | Parent : 1116(svchost.exe) | 9.41 Mo] - (.Microsoft Corporation -.) - (2001.22012.0.3530) = C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe [27/06/2021 02:42:02] CPU Usage:0 % 9524 | [Owner : cl_97 | Parent : 19948(ksde.exe) | 1.42 Mo] - (.AO Kaspersky Lab - Kaspersky Secure Connection.) - (21.3.12.434) = C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe [17/06/2021 22:59:33] CPU Usage:0 % 15604 | [Owner : cl_97 | Parent : 1116(svchost.exe) | 25.6 Mo] - (.- BackgroundTaskUWP.) - (1.0.0.0) = C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.0.16.0_x64__qmba6cd70vzyy\BackgroundTaskUWP.exe [14/07/2021 19:06:57] CPU Usage:0 % 14260 | [Owner : cl_97 | Parent : 4824(AsusLinkRemote.exe) | 5.76 Mo] - (.ASUSTeK COMPUTER INC.? - ASUS Link Remote Agent.) - (3.0.3.0) = C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkRemote\AsusLinkRemoteAgent.exe [14/07/2021 19:07:53] CPU Usage:0 % 8504 | [Owner : cl_97 | Parent : 596(services.exe) | 0.96 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 15276 | [Owner : cl_97 | Parent : 1116(svchost.exe) | 3.27 Mo] - (.Microsoft Corporation - System Settings Broker.) - (10.0.19041.746) = C:\Windows\System32\SystemSettingsBroker.exe [28/01/2021 10:19:51] CPU Usage:0 % 14524 | [Owner : cl_97 | Parent : 1116(svchost.exe) | 2.22 Mo] - (.Microsoft Corporation - User OOBE Broker.) - (10.0.19041.746) = C:\Windows\System32\oobe\UserOOBEBroker.exe [28/01/2021 10:20:19] CPU Usage:0 % 19936 | [Owner : SERVICE RÉSEAU | Parent : 1116(svchost.exe) | 4.78 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.19041.546) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [28/01/2021 10:20:25] CPU Usage:0 % 5484 | [Owner : cl_97 | Parent : 1116(svchost.exe) | 0.18 Mo] - (.Microsoft Corporation - Component Package Support Server.) - (10.0.19041.746) = C:\Windows\System32\CompPkgSrv.exe [28/01/2021 10:19:48] CPU Usage:0 % 3532 | [Owner : cl_97 | Parent : 16164(chrome.exe) | 106.7 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.164) = C:\Program Files\Google\Chrome\Application\chrome.exe [20/07/2021 03:40:38] CPU Usage:0 % 3564 | [Owner : cl_97 | Parent : 1116(svchost.exe) | 5.07 Mo] - (.Microsoft Corporation - Microsoft Office SDX Helper.) - (16.0.14131.20320) = C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe [17/07/2021 18:53:13] CPU Usage:0 % 10968 | [Owner : Système | Parent : 596(services.exe) | 1.18 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 14824 | [Owner : cl_97 | Parent : 1116(svchost.exe) | 8.45 Mo] - (.Microsoft Corporation - Microsoft OneDriveFile Co-Authoring Executable.) - (21.119.613.1) = C:\Users\cl_97\AppData\Local\Microsoft\OneDrive\21.119.0613.0001\FileCoAuth.exe [08/07/2021 22:29:18] CPU Usage:0 % 2856 | [Owner : cl_97 | Parent : 10664(explorer.exe) | 19.98 Mo] - (.Epic Games, Inc. - EpicGamesLauncher.) - (12.2.10.0) = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [14/07/2021 21:42:34] CPU Usage:0 % 14776 | [Owner : cl_97 | Parent : 2856(EpicGamesLauncher.exe) | 3.82 Mo] - (.Epic Games, Inc. - EpicWebHelper.) - (4.23.0.0) = C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe [14/07/2021 21:42:34] CPU Usage:0 % 13816 | [Owner : cl_97 | Parent : 2856(EpicGamesLauncher.exe) | 2.53 Mo] - (.Epic Games, Inc. - EpicWebHelper.) - (4.23.0.0) = C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe [14/07/2021 21:42:34] CPU Usage:0 % 4696 | [Owner : cl_97 | Parent : 10664(explorer.exe) | 0.22 Mo] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (10.0.19041.746) = C:\Windows\System32\rundll32.exe [28/01/2021 10:20:21] CPU Usage:0 % 20816 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 1.77 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 8984 | [Owner : cl_97 | Parent : 1116(svchost.exe) | 0.46 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.19041.546) = C:\Windows\System32\dllhost.exe [28/01/2021 10:20:13] CPU Usage:0 % 3300 | [Owner : cl_97 | Parent : 1116(svchost.exe) | 0.02 Mo] - (.Microsoft Corporation - Search application.) - (10.0.19041.1110) = C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe [14/07/2021 13:36:19] CPU Usage:0 % 3436 | [Owner : cl_97 | Parent : 1116(svchost.exe) | 1 Mo] - (.Microsoft Corporation - YourPhone.) - (1.21052.124.0) = C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21052.124.0_x64__8wekyb3d8bbwe\YourPhone.exe [13/07/2021 15:22:56] CPU Usage:0 % 12600 | [Owner : cl_97 | Parent : 1116(svchost.exe) | 0.92 Mo] - (.Microsoft Corporation - LockApp.exe.) - (10.0.19041.844) = C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe [02/03/2021 14:39:59] CPU Usage:0 % 20840 | [Owner : cl_97 | Parent : 1116(svchost.exe) | 3.78 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe [28/01/2021 10:19:56] CPU Usage:0 % 2488 | [Owner : cl_97 | Parent : 1116(svchost.exe) | 1.29 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe [28/01/2021 10:19:56] CPU Usage:0 % 8536 | [Owner : SERVICE LOCAL | Parent : 596(services.exe) | 1.22 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 6660 | [Owner : cl_97 | Parent : 16164(chrome.exe) | 30.66 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.164) = C:\Program Files\Google\Chrome\Application\chrome.exe [20/07/2021 03:40:38] CPU Usage:0 % 1048 | [Owner : cl_97 | Parent : 16164(chrome.exe) | 45.58 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.164) = C:\Program Files\Google\Chrome\Application\chrome.exe [20/07/2021 03:40:38] CPU Usage:0 % 9008 | [Owner : cl_97 | Parent : 5100(Lenovo.Modern.ImController.exe) | 4.97 Mo] - (.Lenovo Group Ltd. - Lenovo.Modern.ImController.PluginHost.) - (1.1.20.1) = C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe [13/07/2021 14:56:19] CPU Usage:0 % 7400 | [Owner : Système | Parent : 596(services.exe) | 2.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 6800 | [Owner : cl_97 | Parent : 7420() | 8.83 Mo] - (.miHoYo - launcher.) - (2.10.3.1) = C:\Program Files\Epic Games\GenshinImpact\launcher.exe [16/07/2021 05:51:03] CPU Usage:0 % 20956 | [Owner : cl_97 | Parent : 6800(launcher.exe) | 3.49 Mo] - (.The Qt Company Ltd. - Qt Qtwebengineprocess.) - (5.12.5.0) = C:\Program Files\Epic Games\GenshinImpact\QtWebEngineProcess.exe [02/07/2021 11:26:36] CPU Usage:0 % 5772 | [Owner : cl_97 | Parent : 10664(explorer.exe) | 238.95 Mo] - (.Betternet Technologies Inc. - Betternet for Windows.) - (5.3.0.433) = C:\Program Files (x86)\Betternet\5.3.0.433\Betternet.exe [28/09/2019 15:38:56] CPU Usage:0 % 576 | [Owner : cl_97 | Parent : 1604(svchost.exe) | 59.26 Mo] - (.IObit - Advanced SystemCare.) - (14.2.0.220) = C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [18/07/2021 01:27:07] CPU Usage:0 % 18404 | [Owner : cl_97 | Parent : 10664(explorer.exe) | 361.24 Mo] - (.ASUSTeK COMPUTER INC. - MyASUS.) - (2.0.5.0) = C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.0.16.0_x64__qmba6cd70vzyy\MyASUS\MyASUS.exe [14/07/2021 19:06:58] CPU Usage:0 % 17344 | [Owner : Système | Parent : 596(services.exe) | 6.17 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 6444 | [Owner : SERVICE RÉSEAU | Parent : 596(services.exe) | 15.15 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 19772 | [Owner : cl_97 | Parent : 16164(chrome.exe) | 102.67 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.164) = C:\Program Files\Google\Chrome\Application\chrome.exe [20/07/2021 03:40:38] CPU Usage:0 % 17220 | [Owner : cl_97 | Parent : 16164(chrome.exe) | 111.87 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.164) = C:\Program Files\Google\Chrome\Application\chrome.exe [20/07/2021 03:40:38] CPU Usage:0 % 3800 | [Owner : cl_97 | Parent : 16164(chrome.exe) | 45.05 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.164) = C:\Program Files\Google\Chrome\Application\chrome.exe [20/07/2021 03:40:38] CPU Usage:0 % 16876 | [Owner : cl_97 | Parent : 16164(chrome.exe) | 51.72 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.164) = C:\Program Files\Google\Chrome\Application\chrome.exe [20/07/2021 03:40:38] CPU Usage:0 % 1484 | [Owner : cl_97 | Parent : 16164(chrome.exe) | 44.21 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.164) = C:\Program Files\Google\Chrome\Application\chrome.exe [20/07/2021 03:40:38] CPU Usage:0 % 15888 | [Owner : cl_97 | Parent : 16164(chrome.exe) | 115.72 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.164) = C:\Program Files\Google\Chrome\Application\chrome.exe [20/07/2021 03:40:38] CPU Usage:0 % 17012 | [Owner : cl_97 | Parent : 16164(chrome.exe) | 57.57 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.164) = C:\Program Files\Google\Chrome\Application\chrome.exe [20/07/2021 03:40:38] CPU Usage:0 % 1864 | [Owner : cl_97 | Parent : 16164(chrome.exe) | 103.58 Mo] - (.Google LLC - Google Chrome.) - (91.0.4472.164) = C:\Program Files\Google\Chrome\Application\chrome.exe [20/07/2021 03:40:38] CPU Usage:0 % 11408 | [Owner : Système | Parent : 596(services.exe) | 7.41 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 18040 | [Owner : Système | Parent : 1116(svchost.exe) | 7.18 Mo] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (10.0.19041.1081) = C:\Windows\System32\wbem\unsecapp.exe [27/06/2021 02:41:33] CPU Usage:0 % 13864 | [Owner : Système | Parent : 596(services.exe) | 13.09 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.546) = C:\Windows\System32\svchost.exe [28/01/2021 10:20:13] CPU Usage:0 % 764 | [Owner : cl_97 | Parent : 1116(svchost.exe) | 26.88 Mo] - (.Microsoft Corporation - Windows Defender SmartScreen.) - (10.0.19041.1052) = C:\Windows\System32\smartscreen.exe [09/06/2021 11:16:17] CPU Usage:0 % 2628 | [Owner : cl_97 | Parent : 10664(explorer.exe) | 59.57 Mo] - (.SosVirus - QuickDiag.) - (7.201.21.2) = C:\Users\cl_97\Downloads\QuickDiag.exe [22/07/2021 12:12:59] CPU Usage:1 % 17760 | [Owner : SERVICE RÉSEAU | Parent : 1116(svchost.exe) | 11.3 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.19041.546) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [28/01/2021 10:20:25] CPU Usage:0 % ---------- | Locked Applications ---------- | Policy Restrictions ---------- | Explorer.exe Modules (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\WINDOWS\SYSTEM32\UMPDC.dll (..-..) - (0.0.0.0) -- C:\WINDOWS\SYSTEM32\TextShaping.dll (.Advanced Micro Devices, Inc. .-.aticfx64.dll.) - (27.20.1032.2) -- C:\WINDOWS\System32\DriverStore\FileRepository\u0361708.inf_amd64_7de6b99937f60751\B358199\aticfx64.dll (.Advanced Micro Devices, Inc. .-.atiuxpag.dll.) - (27.20.1032.2) -- C:\WINDOWS\System32\DriverStore\FileRepository\u0361708.inf_amd64_7de6b99937f60751\B358199\atiuxp64.dll (.Advanced Micro Devices, Inc. .-.atidxx64.dll.) - (27.20.1032.2) -- C:\WINDOWS\System32\DriverStore\FileRepository\u0361708.inf_amd64_7de6b99937f60751\B358199\atidxx64.dll (.Advanced Micro Devices, Inc..-.Radeon Settings: Host Service.) - (2.0.0.1788) -- C:\WINDOWS\SYSTEM32\amdihk64.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\WindowManagementAPI.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\VirtualMonitorManager.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\Windows.Internal.UI.Shell.WindowTabManager.dll (.Dropbox, Inc..-.Dropbox Shell Extension.) - (1.0.48.0) -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellExperiences\TileControl.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellComponents\TaskFlowUI.dll (.NVIDIA Corporation.-.NVIDIA NVAPI Library, Version 471.41.) - (30.0.14.7141) -- C:\WINDOWS\SYSTEM32\nvapi64.dll (.AO Kaspersky Lab.-.Shell Extension.) - (21.3.10.391) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll (.AO Kaspersky Lab.-.Helper Library.) - (30.587.0.1060) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\remote_eka_prague_loader.dll (.AO Kaspersky Lab.-.PR_REMOTE.) - (30.587.0.1060) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\prremote.dll (.AO Kaspersky Lab.-.Kaspersky Product Info library.) - (21.3.10.350) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\product_info.dll (.AO Kaspersky Lab.-.Product Metainformation.) - (21.3.12.434) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\product_metainfo.dll (.Disc Soft Ltd.-.DAEMON Tools Pro.) - (8.2.0.708) -- C:\Program Files\DAEMON Tools Pro\DTShl64.dll (.IObit.-.ASCExtMenu Module.) - (14.0.0.12) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll (.Igor Pavlov.-.7-Zip Shell Extension.) - (19.0.0.0) -- C:\Program Files\7-Zip\7-zip.dll (.NVIDIA Corporation.-.NVIDIA Shell Extensions.) - (6.14.14.7141) -- C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_743149b233106e87\nv3dappshext.dll ---------- | Winlogon.exe Modules (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\WINDOWS\system32\UMPDC.dll ---------- | svchost.exe Modules (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- c:\windows\system32\UMPDC.dll (..-..) - (0.0.0.0) -- c:\windows\system32\TextShaping.dll (.AO Kaspersky Lab.-.Kaspersky AntiMalwareProvider Component.) - (30.587.0.880) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\antimalware_provider.dll (.SQLite Development Team.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.29.0.0) -- C:\WINDOWS\System32\winsqlite3.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\WindowManagementAPI.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\usocoreps.dll ---------- | Windows Installer Installations (Python Software Foundation) Python 3.7.9 Test Suite (64-bit) - Install. : 28/04/2021 - Package : C:\WINDOWS\Installer\29607d37.msi (Python Software Foundation) Python 3.7.9 Tcl/Tk Support (64-bit) - Install. : 28/04/2021 - Package : C:\WINDOWS\Installer\29607d46.msi (Python Software Foundation) Python 3.7.9 Executables (64-bit) - Install. : 28/04/2021 - Package : C:\WINDOWS\Installer\29607d2d.msi (Python Software Foundation) Python 3.7.9 Utility Scripts (64-bit) - Install. : 28/04/2021 - Package : C:\WINDOWS\Installer\29607d41.msi (Python Software Foundation) Python 3.7.9 Standard Library (64-bit) - Install. : 28/04/2021 - Package : C:\WINDOWS\Installer\29607d32.msi (Python Software Foundation) Python 3.7.9 pip Bootstrap (64-bit) - Install. : 28/04/2021 - Package : C:\WINDOWS\Installer\29607d50.msi (Microsoft Corp.) Microsoft WSE 3.0 Runtime - Install. : 13/12/2020 - Package : C:\Windows\Installer\cf3feff.msi (Python Software Foundation) Python 3.7.9 Core Interpreter (64-bit) - Install. : 28/04/2021 - Package : C:\WINDOWS\Installer\29607d23.msi (Python Software Foundation) Python 3.7.9 Development Libraries (64-bit) - Install. : 28/04/2021 - Package : C:\WINDOWS\Installer\29607d28.msi (Python Software Foundation) Python 3.7.9 Documentation (64-bit) - Install. : 28/04/2021 - Package : C:\WINDOWS\Installer\29607d3c.msi (Python Software Foundation) Python 3.7.9 Add to Path (64-bit) - Install. : 28/04/2021 - Package : C:\WINDOWS\Installer\29607d55.msi (Microsoft Corporation) Office 16 Click-to-Run Extensibility Component - Install. : 17/07/2021 - Package : c:\WINDOWS\Installer\e0968ac.msi (Microsoft Corporation) Office 16 Click-to-Run Localization Component - Install. : 07/07/2021 - Package : c:\WINDOWS\Installer\21dee90b.msi (Microsoft Corporation) Office 16 Click-to-Run Localization Component - Install. : 07/07/2021 - Package : c:\WINDOWS\Installer\21dee92b.msi (Microsoft Corporation) Office 16 Click-to-Run Licensing Component - Install. : 17/07/2021 - Package : c:\WINDOWS\Installer\e0968bc.msi (ASUSTek COMPUTER INC.) ASUS Aura SDK - Install. : 08/06/2021 - Package : C:\WINDOWS\Installer\53ea39a.msi (Microsoft Corporation) Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 - Install. : 20/02/2021 - Package : C:\WINDOWS\Installer\1b6b11ac.msi (ASUSTeK COMPUTER INC.) RefreshRateService - Install. : 22/08/2020 - Package : C:\Windows\Installer\1eddc.msi (ASUSTeK Computer Inc.) AURA Service - Install. : 08/06/2021 - Package : C:\WINDOWS\Installer\53ea3a2.msi (Epic Games, Inc.) Epic Online Services - Install. : 16/01/2021 - Package : C:\Windows\Installer\5bf4fe6.msi (ASUSTeK Computer Inc.) ASUS MB Peripheral Products - Install. : 22/08/2020 - Package : C:\Windows\Installer\1edf4.msi (Epic Games, Inc.) Epic Games Launcher - Install. : 27/12/2020 - Package : C:\Windows\Installer\83582.msi (Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 - Install. : 03/01/2021 - Package : C:\Windows\Installer\1168acd6.msi (Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - Install. : 03/01/2021 - Package : C:\Windows\Installer\11686e87.msi (ASUS) ARMOURY CRATE Service - Install. : 22/08/2020 - Package : C:\Windows\Installer\b626a.msi (Microsoft Corporation) Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 - Install. : 10/12/2020 - Package : C:\Windows\Installer\1521482.msi (Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 - Install. : 20/02/2021 - Package : C:\WINDOWS\Installer\1b6b1190.msi (ASUS) AURA lighting effect add-on x64 - Install. : 08/06/2021 - Package : C:\WINDOWS\Installer\53ea3bb.msi (Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) - Install. : 27/12/2020 - Package : C:\Windows\Installer\110b2c.msi (ASUSTeK COMPUTER INC.) DSB Notification - Install. : 22/08/2020 - Package : C:\Windows\Installer\1edd8.msi (Oracle Corporation) Java 8 Update 291 (64-bit) - Install. : 29/04/2021 - Package : C:\WINDOWS\Installer\31005467.msi (Microsoft Corporation) Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29325 - Install. : 26/12/2020 - Package : C:\Windows\Installer\10eff334.msi (ASUS) Armoury Crate Service Core - Install. : 22/08/2020 - Package : C:\Windows\Installer\b6251.msi (Dropbox, Inc.) Dropbox Update Helper - Install. : 24/06/2021 - Package : C:\WINDOWS\Installer\e06035b.msi (Microsoft Corporation) Microsoft Update Health Tools - Install. : 12/06/2021 - Package : C:\WINDOWS\Installer\4dcf7e3.msi (Microsoft Corporation) Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29325 - Install. : 26/12/2020 - Package : C:\Windows\Installer\10eff31e.msi (Microsoft Corporation) Microsoft .NET Host - 5.0.7 (x64) - Install. : 08/07/2021 - Package : C:\WINDOWS\Installer\198cab0.msi (Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 - Install. : 14/12/2020 - Package : c:\Windows\Installer\11997f43.msi (ASUSTek COMPUTER INC.) ROG Live Service - Install. : 28/06/2021 - Package : C:\WINDOWS\Installer\4b06863.msi (Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - Install. : 14/12/2020 - Package : c:\Windows\Installer\11997f3e.msi (Python Software Foundation) Python Launcher - Install. : 28/04/2021 - Package : C:\WINDOWS\Installer\29607d4b.msi (Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 - Install. : 09/01/2021 - Package : C:\Windows\Installer\ce66483.msi (Microsoft Corporation) Microsoft Windows Desktop Runtime - 5.0.7 (x64) - Install. : 08/07/2021 - Package : C:\WINDOWS\Installer\198cab5.msi (Nefarius Software Solutions) ScpToolkit - Install. : 05/04/2021 - Package : C:\WINDOWS\Installer\1c6a9.msi (Microsoft Corporation) Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 - Install. : 20/02/2021 - Package : C:\WINDOWS\Installer\1b6b11c8.msi (ASUSTek COMPUTER INC.) ASUS AURA Display Component - Install. : 22/08/2020 - Package : C:\Windows\Installer\1ede4.msi (Kaspersky) Kaspersky VPN - Install. : 07/07/2021 - Package : C:\WINDOWS\Installer\86522ba.msi (Native Instruments) Native Instruments Kontakt - Install. : 13/12/2020 - Package : C:\Windows\Installer\9749a62.msi (ASUSTeK Computer Inc.) ASUS Update Helper - Install. : 15/04/2021 - Package : C:\WINDOWS\Installer\29974ed6.msi () - Install. : // - Package : (Microsoft Corporation) Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 - Install. : 10/12/2020 - Package : C:\Windows\Installer\1521496.msi (Kaspersky) Kaspersky Internet Security - Install. : 07/07/2021 - Package : C:\WINDOWS\Installer\9e89109.msi (ASUSTek COMPUTER INC.) ASUS Aac_NBDT HAL - Install. : 22/08/2020 - Package : C:\Windows\Installer\1ede0.msi (ASUSTek COMPUTER INC.) ASUS Mouse HAL - Install. : 22/08/2020 - Package : C:\Windows\Installer\1edf0.msi (Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - Install. : 13/12/2020 - Package : C:\Windows\Installer\cf3fef9.msi (ASUS) AURA lighting effect add-on - Install. : 08/06/2021 - Package : C:\WINDOWS\Installer\53ea3b6.msi (Microsoft Corporation) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 - Install. : 09/01/2021 - Package : C:\Windows\Installer\ce66476.msi (Microsoft Corporation) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 - Install. : 09/01/2021 - Package : C:\Windows\Installer\ce6647e.msi (Microsoft Corporation) Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 - Install. : 20/02/2021 - Package : C:\WINDOWS\Installer\1b6b1174.msi (ASUSTek COMPUTER INC.) ASUS AURA Headset Component - Install. : 22/08/2020 - Package : C:\Windows\Installer\1ede8.msi (Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - Install. : 23/02/2021 - Package : C:\WINDOWS\Installer\d59cf3.msi (Betternet Technologies Inc.) Betternet for Windows 5.3.0.433 - Install. : 12/12/2020 - Package : C:\Windows\Installer\86f508d.msi (Microsoft Corporation) Microsoft Silverlight - Install. : 20/02/2021 - Package : C:\WINDOWS\Installer\1b6b1163.msi (Microsoft Corporation) Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 - Install. : 09/01/2021 - Package : C:\Windows\Installer\ce66471.msi (Microsoft Corporation) Microsoft .NET Host FX Resolver - 5.0.7 (x64) - Install. : 08/07/2021 - Package : C:\WINDOWS\Installer\198caab.msi (Kaspersky Lab) Kaspersky Password Manager - Install. : 22/01/2021 - Package : C:\Windows\Installer\6f1b31.msi (ASUSTek COMPUTER INC.) ASUS Framework Service - Install. : 07/06/2021 - Package : C:\WINDOWS\Installer\310590e.msi (Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh - Install. : 20/02/2021 - Package : C:\WINDOWS\Installer\1b6b115d.msi (ASUSTek COMPUTER INC.) ASUS Keyboard HAL - Install. : 22/08/2020 - Package : C:\Windows\Installer\1edec.msi (Microsoft Corporation) Microsoft .NET Runtime - 5.0.7 (x64) - Install. : 08/07/2021 - Package : C:\WINDOWS\Installer\198caa6.msi (Oracle Corporation) Java Auto Updater - Install. : 29/04/2021 - Package : C:\WINDOWS\Installer\31005472.msi (Microsoft Corporation) GameInput Redistributable - Install. : 11/12/2020 - Package : C:\Windows\Installer\c116fc.msi ---------- | Windows Updates KB5003537 - Installed On : 06/27/2021 - [Update] KB4562830 - Installed On : 01/28/2021 - [Update] KB4577586 - Installed On : 04/07/2021 - [Update] KB4580325 - Installed On : 01/30/2021 - [Security Update] KB4589212 - Installed On : 04/07/2021 - [Update] KB4598481 - Installed On : 01/28/2021 - [Security Update] KB5000736 - Installed On : 06/17/2021 - [Update] KB5004237 - Installed On : 07/14/2021 - [Security Update] KB5003742 - Installed On : 06/27/2021 - [Security Update] ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up [HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[OneDriveSetup] : C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[OneDriveSetup] : C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[OneDrive] : "C:\Users\cl_97\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[GoogleChromeAutoLaunch_612BFCB9436F226E673C7339CF1E321F] : "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Steam] : "C:\Program Files (x86)\Steam\steam.exe" -silent [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Spotify] : C:\Users\cl_97\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[EpicGamesLauncher] : "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[DAEMON Tools Pro Agent] : "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Discord] : C:\Users\cl_97\AppData\Local\Discord\Update.exe --processStart Discord.exe [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[com.blitz.app] : C:\Users\cl_97\AppData\Local\Programs\Blitz\Blitz.exe --autostart [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Advanced SystemCare] : "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[SecurityHealth] : %windir%\system32\SecurityHealthSystray.exe [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\cl_97\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background "GoogleChromeAutoLaunch_612BFCB9436F226E673C7339CF1E321F"="C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 "Steam"="C:\Program Files (x86)\Steam\steam.exe" -silent "Spotify"=C:\Users\cl_97\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized "EpicGamesLauncher"="C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent "DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun "Discord"=C:\Users\cl_97\AppData\Local\Discord\Update.exe --processStart Discord.exe "com.blitz.app"=C:\Users\cl_97\AppData\Local\Programs\Blitz\Blitz.exe --autostart "Advanced SystemCare"="C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "OneDrive"=0x020000000000000000000000 "GoogleChromeAutoLaunch_612BFCB9436F226E673C7339CF1E321F"=0x020000000000000000000000 "uTorrent"=0x0300000010068F1F28DBD601 "Steam"=0x020000000000000000000000 "Spotify"=0x0300000010068F1F28DBD601 "DAEMON Tools Lite Automount"=0x020000000000000000000000 "EA Core"=0x020000000000000000000000 "Parsec.App.0"=0x020000000000000000000000 "EpicGamesLauncher"=0x0300000080E49110C2EAD601 "DAEMON Tools Pro Agent"=0x03000000AC9C6AC8F3F4D601 "Discord"=0x020000000000000000000000 [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "Device"=HP Deskjet PCL3 Class Driver,winspool,Ne02: "IsMRUEstablished"=0 "LegacyDefaultPrinterMode"=0 [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "SecurityHealth"=%windir%\system32\SecurityHealthSystray.exe [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "SecurityHealth"=0x060000000000000000000000 "AvastUI.exe"=0x020000000000000000000000 "TuneupUI.exe"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32] "Dropbox"=0x020000000000000000000000 "LogMeIn Hamachi Ui"=0x03000000A5D3C5D5F3F4D601 [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 "Win32kLastWriteTime"=1D778A46E7CB07F [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Wininit.ini : [Rename] NUL=C:\Windows\system32\Macromed\Flash\Flash.ocx ---------- | Win.ini : ---------- | System.ini : ---------- | Tasks List ASC_PerformanceMonitor ASC_SkipUac_cl_97 ASUS Optimization 36D18D69AFC3 ASUS Update Checker 2.0 AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 BlueStacksHelper Driver Booster Scheduler Driver Booster SkipUAC (cl_97) Driver Booster Update DropboxUpdateTaskMachineCore DropboxUpdateTaskMachineUA DSB Notification GoogleUpdateTaskMachineCore GoogleUpdateTaskMachineUA MicrosoftEdgeUpdateTaskMachineCore MicrosoftEdgeUpdateTaskMachineCore1d6f5503493b962 MicrosoftEdgeUpdateTaskMachineUA NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} OneDrive Standalone Update Task-S-1-5-21-1459843401-856262318-2992657480-1001 OneDrive Standalone Update Task-S-1-5-21-1459843401-856262318-2992657480-500 RtkAudUService64_BG Sump Task (One-Time) updater ---------- | Startings up registry ¦ Folder ---------- | Control - lsa - SecurityProviders - Session Manager - Terminal Server [HKLM\System\CurrentControlSet\Control] "BootDriverFlags"=28 "CurrentUser"=USERNAME "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM AppIdSvc "PreshutdownOrder"=DeviceInstall UsoSvc gpsvc trustedinstaller "SvcHostSplitThresholdInKB"=3670016 "WaitToKillServiceTimeout"=2000 "SystemStartOptions"= NOEXECUTE=OPTIN NOVGA "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(3) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1) "LastBootSucceeded"=1 "LastBootShutdown"=1 "DirtyShutdownCount"=7 [HKLM\System\CurrentControlSet\Control\lsa] "auditbasedirectories"=0 "auditbaseobjects"=0 "Bounds"=0x0030000000200000 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Security Packages"="" [10/12/2020 08:01:29] "Notification Packages"=scecli "Authentication Packages"=msv1_0 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "LsaPid"=616 "ProductType"=3 "restrictanonymous"=0 "restrictanonymoussam"=1 "SamConnectedAccountsExist"=1 "SecureBoot"=1 [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Session Manager] "AutoChkTimeout"=8 "BootExecute"=autocheck autochk * "BootShell"=%SystemRoot%\system32\bootim.exe "CriticalSectionTimeout"=2592000 "ExcludeFromKnownDlls"= "GlobalFlag"=0 "GlobalFlag2"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "InitConsoleFlags"=0 "NumberOfInitialSessions"=2 "ObjectDirectories"=\Windows \RPC Control "ProcessorControl"=2 "ProtectionMode"=1 "ResourceTimeoutCount"=150 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager "SETUPEXECUTE"= "AutoChkSkipSystemPartition"=0 "PendingFileRenameOperations"=\??\C:\Users\cl_97\AppData\Local\Temp\_iu14D2N.tmp [HKLM\System\CurrentControlSet\Control\Terminal Server] "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "DeleteTempDirsOnExit"=1 "fDenyTSConnections"=1 "fSingleSessionPerUser"=1 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "ProductVersion"=5.1 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "StartRCM"=0 "TSUserEnabled"=0 "InstanceID"=db13ad91-2fe9-4c0b-8d27-bec48e1 "GlassSessionId"=1 ---------- | .LNK with Arguments ---------- | AppCertDlls ---------- | Dnsapi.dll C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Control Panel\Desktop] "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretTimeout"=5000 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=150000 "LeftOverlapChars"=3 "MenuShowDelay"=0 "MouseWheelRouting"=2 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "ScreenSaveActive"=1 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "WallPaper"=C:\Users\cl_97\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\ultra_instinct_self_movement_goku_vs_jiren_by_windyechoes-dbpwz0s.jpg [28/01/2021 10:45:06] "WallpaperStyle"=10 "Win8DpiScaling"=0 "DpiScalingVer"=4096 "UserPreferencesMask"=0x9012038012000000 "MaxVirtualDesktopDimension"=3286 "MaxMonitorDimension"=1920 "TranscodedImageCount"=1 "LastUpdated"=4294967295 "TranscodedImageCache"=0x7AC301009E070A00330700005E03000080CFFBD651F5D60143003A005C00550073006500720073005C0063006C005F00390037005C0041007000700044006100740061005C004C006F00630061006C005C005000610063006B0061006700650073005C004D006900630072006F0073006F00660074002E00570069006E0064006F00770073002E00500068006F0074006F0073005F003800770065006B007900620033006400380062006200770065005C004C006F00630061006C00530074006100740065005C00500068006F0074006F0073004100700070004200610063006B00670072006F0075006E0064005C0075006C007400720061005F0069006E007300740069006E00630074005F00730065006C0066005F006D006F00760065006D0065006E0074005F0067006F006B0075005F00760073005F006A006900720065006E005F00620079005F00770069006E00640079006500630068006F00650073002D0064006200700077007A00300073002E006A00700067000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "AutoColorization"=0 "ImageColor"=2697490508 "HungAppTimeout"=2000 "WaitToKillAppTimeout"=2000 "AutoEndTasks"=1 [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{018D5C66-4533-4307-9B53-224DE2ED1FE6}"=1 "{E31EA727-12ED-4702-820C-4B6445F28E1A}"=1 [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Microsoft\Windows\CurrentVersion\Explorer] "EdgeDesktopShortcutCreated"=1 "ExcludedFromStableAnaheimDownloadPromotionSL"=1 "ShellState"=0x240000003428000000000000000000000000000001000000130000000000000062000000 "ExplorerStartupTraceRecorded"=1 "UserSignedIn"=1 "SlowContextMenuEntries"=0x6024B221EA3A6910A2DC08002B30309D3407000097679640FE8FC8469EF87003F33CCF0F9B0800000114020000000000C000000000000046A1070000CEC429A936FD7042B4F534ECAC5BD63C1B0600005D54A9A2C2A0B4429708A0B2BADD77C8CADB0000 "SIDUpdatedOnLibraries"=1 "LocalKnownFoldersMigrated"=1 "TelemetrySalt"=2 "GlobalAssocChangedCounter"=510 "FirstRunTelemetryComplete"=1 "AppReadinessLogonComplete"=1 "PostAppInstallTasksCompleted"=1 "Browse For Folder Width"=404 "Browse For Folder Height"=354 "DesktopProcess"=1 "link"=0x00000000 [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=1 "ShowCompColor"=1 "HideFileExt"=0 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "ShowSuperHidden"=0 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ShowStatusBar"=1 "StoreAppsOnTaskbar"=1 "ListviewAlphaSelect"=0 "ListviewShadow"=0 "TaskbarAnimations"=0 "StartMenuInit"=13 "TaskbarStateLastRun"=0xED4AF76000000000 "ShowCortanaButton"=1 "ReindexedProfile"=1 "ShellViewReentered"=1 "StartMigratedBrowserPin"=1 "TaskbarMigratedBrowserPin"=1 "SnapFill"=0 "SnapAssist"=0 "JointResize"=0 "Start_TrackProgs"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{2C7DDECF-7A8E-48A5-A744-8F45D20FB1A9}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{2C7DDECF-7A8E-48A5-A744-8F45D20FB1A9}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=2 "Max Cached Icons"=2000 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{2C7DDECF-7A8E-48A5-A744-8F45D20FB1A9}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{2C7DDECF-7A8E-48A5-A744-8F45D20FB1A9}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "Max Cached Icons"=2000 "GlobalAssocChangedCounter"=40 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders "BuildNumber"=19043 "FirstLogon"=0 "ParseAutoexec"=1 "PUUActive"=0x23E86B570100060052001A055BB5550070F1850070F18500D2000000020053002D474E703365E6003F87C4009283220060350B009309030000000000000000001C5E040026F7AC00D69D00003B1A0000D8B7FEFFDE7ED7015BB5550000000000010000005BB55500624A0000CF17000066E1700000000000 "DP"=0xD200E800E70106005100000023E86B570000000000000000F3A012C5CD7ED701F3A012C5CD7ED701000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000F03F80510100E81601C080400220C2420321DEC00080C03D3848E03D38489A10008020010066A001006ED40F00804C0409114C0C0D1168490000490D4070490D5278015C00C02D1018012D10180159FF00408604C6118614C61101110180933A0A049B3A1A04E7F7000084A2980D8CF2980D1DF2000031878B1831C78B596E84000018351B0418371B14 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "DisableBackButton"=1 "EnableSIHostIntegration"=1 "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "ReportBootOk"=1 "Shell"=explorer.exe "ShellCritical"=0 "ShellInfrastructure"=sihost.exe "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "VMApplet"=SystemPropertiesPerformance.exe /pagefile "WinStationsDisabled"=0 "scremoveoption"=0 "LastLogOffEndTimePerfCounter"=26267241341 "ShutdownFlags"=2147483687 "Userinit"=C:\Windows\system32\userinit.exe, "DisableCad"=1 "DisableLockWorkstation"=0 "EnableFirstLogonAnimation"=1 "AutoLogonSID"=S-1-5-21-1459843401-856262318-2992657480-1001 "LastUsedUsername"=cl_97 [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultDomainName"= "DefaultUserName"= "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell"=explorer.exe "ShellCritical"=0 "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "Userinit"=C:\WINDOWS\system32\userinit.exe, ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\Classes\Folder] ""=Folder "AppUserModelID"=Microsoft.Windows.Explorer "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\WOW6432Node\Classes\Folder] ""=Folder "AppUserModelID"=Microsoft.Windows.Explorer "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [07/12/2019 16:50:50] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\Clients\StartMenuInternet\Microsoft Edge\Shell\open\Command] ""="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" [HKLM\Software\Clients\StartMenuInternet\Microsoft Edge\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [07/12/2019 16:50:50] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Microsoft Edge\Shell\open\Command] ""="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Microsoft Edge\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --make-default-browser ---------- | AppcompatFlags [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\Program Files\ASUS\ARMOURY CRATE Service\GPUSwitchPlugin\GPUTrayIcon.exe"=0x5341435001000000000000000700000028000000902C030025ED030001000000000000000000000A73220000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000FB750A00000000000100000001000000 "C:\Program Files\McAfee\MSC\mcuihost.exe"=0x5341435001000000000000000700000028000000E83D1800E6D5180001000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000004000000000000000000000000000000000F3BB0200000000000100000001000000 "C:\Users\cl_97\Downloads\FL STUDIO 20.7.1.1773\flstudio_win_20.7.1.1773.exe"=0x534143500100000000000000070000002800000090E271386079723801000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000003A0900000000000200000002000000 "C:\Users\cl_97\Downloads\FL STUDIO 20.7.1.1773\fl_patch_installer_20_7_1.exe"=0x5341435001000000000000000700000028000000F88E3C050000000001000000000000000000000A00210000631F6E6F0EDED4010000000000000000020000002800000000000000000000000000000000000000000000000000000096370100000000000400000004000000 "C:\Program Files\Image-Line\FL Studio 20\FL64.exe"=0x53414350010000000000000007000000280000002855040029FB04000100000000000000000003060001000050BB64EDDDACD501000000000000000005000000100000000000000000000000000000000000000002000000500000000000000000000000080000000000000000000000000000004DD47002000000003900000021000000000000000020002000000000000000000000000000000000A7E77F00000000000700000000000000 "E:\FabFilter.Total.Bundle.v2019.03.13.Incl.Patched.and.Keygen-R2R\Win\Setup FabFilter Total Bundle v2019.03.13.exe"=0x534143500100000000000000070000002800000064BE21020000000001000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000E6000100000000000200000002000000 "SIGN.MEDIA=28019D2B Setup.exe"=0x534143500100000000000000070000002800000016570C000000000001000000000000000000030600010000631F6E6F0EDED4010000000000000000020000002800000000000000000000000000000000000000000000000000000050A94500000000000100000001000000 "F:\FabFilter.Total.Bundle.v2019.03.13.Incl.Patched.and.Keygen-R2R\Win\R2R\FabFilter_KeyGen.exe"=0x534143500100000000000000070000002800000033860C000000000001000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000004000000000000000000000000000000000FB5C0200000000000100000001000000 "F:\Native Instruments Kontakt 5.v5.7.1 Portable WIN\Native.Instruments.Kontakt.5.v5.7.1.Portable\Install.exe"=0x534143500100000000000000070000002800000080C017000000000001000000000000000000000A00210000631F6E6F0EDED401000000000000000002000000280000000000000000000000000000000000000000000000000000003BCB0100000000000100000001000000 "C:\Users\cl_97\Downloads\DS4Windows\DS4Windows.exe"=0x5341435001000000000000000700000028000000005830000000000001000000000000000000000A0021000050BB64EDDDACD501000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000000000000000000000000000000000000002341E00D000000004700000047000000 "C:\Users\cl_97\Downloads\DS4Windows\Virtual Bus Driver\ScpDriver.exe"=0x534143500100000000000000070000002800000000B40B000000000001000000000000000000030675020000631F6E6F0EDED40100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000B6070200000000000300000003000000 "C:\Users\cl_97\Downloads\XboxInstaller.exe"=0x534143500100000000000000070000002800000080578400DBDF840001000000000000000000000A75220000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000AF810100000000000100000001000000 "D:\cl_97\Pianoteq STAGE v6.2.2 Standalone VST VST3 AAX.WiN\Pianoteq.STAGE.v6.2.2.Standalone.VST.VST3.AAX.WiN\Pianoteq 6 STAGE\pianoteq_stage_setup_v622.exe"=0x53414350010000000000000007000000280000006A640A040000000001000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000ABDB0000000000000100000001000000 "D:\cl_97\XLN Audio Addictive Keys\XLN Audio - Addictive Keys - Player\setup_Player.exe"=0x5341435001000000000000000700000028000000914B52020000000001000000000000000000010600010000631F6E6F0EDED40100000000000000000200000028000000000000000000004000000000000000000000000000000000B46C0000000000000100000001000000 "D:\cl_97\XLN Audio Addictive Keys\XLN Audio - Addictive Keys - Instruments\setup_Mark One.exe"=0x53414350010000000000000007000000280000008782A12B0000000001000000000000000000010600010000631F6E6F0EDED4010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000077D40000000000000100000001000000 "D:\cl_97\XLN Audio Addictive Keys\XLN Audio - Addictive Keys - Instruments\setup_Modern Upright.exe"=0x534143500100000000000000070000002800000090B0304E0000000001000000000000000000010600010000631F6E6F0EDED40100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000D5490100000000000100000001000000 "D:\cl_97\XLN Audio Addictive Keys\XLN Audio - Addictive Keys - Instruments\setup_Studio Grand.exe"=0x53414350010000000000000007000000280000000A95243F0000000001000000000000000000010600010000631F6E6F0EDED40100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000D55C0000000000000100000001000000 "D:\cl_97\FAW.SubLab.v1.1.3.Incl.Keygen-R2R\win\Setup SubLab v1.1.3.exe"=0x53414350010000000000000007000000280000001D50F2020000000001000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000C1EC0000000000000100000001000000 "D:\cl_97\FAW.SubLab.v1.1.3.Incl.Keygen-R2R\win\R2R\FAW_KeyGen.exe"=0x5341435001000000000000000700000028000000F27A0B000000000001000000000000000000000A00210000631F6E6F0EDED40100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000C2270200000000000100000001000000 "C:\Users\cl_97\Downloads\CrystalDiskInfo7_5_2\DiskInfo64.exe"=0x5341435001000000000000000700000028000000A0C63A00FB1B3B0001000000000000000000000A00210000631F6E6F0EDED4010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000004500000000000000100000001000000 "C:\Program Files\Image-Line\FL Studio 20\uninstall.exe"=0x5341435001000000000000000700000028000000181468009715680001000000000000000000000A00210000631F6E6F0EDED401000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000000000000000000000000000000000000007FDD0000000000000100000001000000 "D:\cl_97\XLN Audio Addictive Drums 2 Complete v2.1.9.WIN-R2R\Setup Addictive Drums 2 v2.1.9.exe"=0x53414350010000000000000007000000280000007E2167000000000001000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000F3520000000000000100000001000000 "D:\Program Files\Addictive Drums 2\AD2_Library_Placer.exe"=0x5341435001000000000000000700000028000000607E01000000000001000000000000000000010600010000631F6E6F0EDED40100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000020000000000000000000000000000100D0000000000000100000001000000 "D:\cl_97\XLN Audio Addictive Drums 2 Complete v2.1.9.WIN-R2R\R2R\XLN_KeyGen.exe"=0x5341435001000000000000000700000028000000AA890D000000000001000000000000000000000A00210000631F6E6F0EDED40100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000BC560300000000000100000001000000 "SIGN.MEDIA=5C8DA5AD Damage 2 1.0.0 Setup PC.exe"=0x5341435001000000000000000700000028000000C034380089F9380001000000000000000000010600010000631F6E6F0EDED401000000000000000002000000280000000000000000000040000000000000000000000000000000003B221100000000000100000001000000 "D:\cl_97\Native Instruments Kontakt 6 v6.0.2 Portable.WIN\Kontakt6Portable\Install.exe"=0x534143500100000000000000070000002800000089BF17000000000001000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000323E0000000000000200000002000000 "D:\cl_97\Native Instruments Kontakt 6 v6.0.2 Portable.WIN\Kontakt6Portable\Helper\Library Manager\Library Manager.exe"=0x534143500100000000000000070000002800000000B45D000000000001000000000000000000000A71220000631F6E6F0EDED40100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000C03E0300000000000300000003000000 "D:\cl_97\Native Instruments Kontakt 6 v6.4.2 FULL WiN.X86.X64\Native Instruments Kontakt 6 v6.4.2 FULL WiN X86 X64\Kontakt Setup PC 6.4.2.exe"=0x53414350010000000000000007000000280000005D0F6725B131642501000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000C0C80300000000000200000002000000 "C:\Games\NieR Automata\NieRAutomata.exe"=0x53414350010000000000000007000000280000005006CC05AE23CC0501000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000100000200000000000000000000000000000000096889800000000001000000010000000 "C:\Program Files (x86)\Betternet\5.3.0.433\Betternet.exe"=0x534143500100000000000000070000002800000000D01600EFE3160001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000E8523310000000000600000006000000 "C:\Games\Dragon Ball Z - Kakarot\AT.exe"=0x5341435001000000000000000700000028000000D0B2090016AD030001000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000002000006000000000000000000000000000000000B8BCF203000000001800000018000000 "D:\cl_97\Native Instruments Kontakt 6 v6.0.2 SYMLINK INSTALLER FIXED-P2P\Kontakt 6 NO INSTALL.exe"=0x5341435001000000000000000700000028000000B07117190000000001000000000000000000010671000000631F6E6F0EDED40100000000000000000200000028000000000000000008004000000000000000000000000000000000E7B60100000000000100000001000000 "D:\cl_97\Native Instruments Kontakt 6 v6.0.2 SYMLINK INSTALLER FIXED-P2P\Kontakt 6 NO INSTALL\pf\64bit\Kontakt.exe"=0x53414350010000000000000007000000280000000058DF05B8DCDF0501000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000F42C0500000000000300000003000000 "C:\Users\cl_97\Downloads\7z1900-x64.exe"=0x53414350010000000000000007000000280000000A1516000000000001000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000004000000000000000000000000000000000F1400000000000000100000001000000 "C:\Program Files\7-Zip\7z.exe"=0x5341435001000000000000000700000028000000002807000000000001000000000000000000000A00210000631F6E6F0EDED4010000000000000000020000002800000000000000000000000000000000000000000000000000000087010000000000000100000001000000 "C:\Program Files\7-Zip\7zFM.exe"=0x5341435001000000000000000700000028000000003E0D000000000001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000019FB1502000000002900000029000000 "SIGN.MEDIA=B6BAE2 Autorun.exe"=0x534143500100000000000000070000002800000010D500006A23010001000000000000000000000671200000631F6E6F0EDED4010000000000000000020000002800000000000000800000000000000000000000000000000000000068C70300000000000100000001000000 "SIGN.MEDIA=AA3A34 Autorun.exe"=0x534143500100000000000000070000002800000010D50000828E010001000000000000000000000671000000631F6E6F0EDED4010000000000000000020000002800000000000000800000000000000000000000000000000000000080DC0100000000000100000001000000 "SIGN.MEDIA=8EAB03 Autorun.exe"=0x534143500100000000000000070000002800000010D500001736010001000000000000000000000671000000631F6E6F0EDED4010000000000000000020000002800000000000000800000000000000000000000000000000000000075320100000000000100000001000000 "SIGN.MEDIA=9E0814 Autorun.exe"=0x534143500100000000000000070000002800000010D50000AD85010001000000000000000000010671200000631F6E6F0EDED40100000000000000000200000028000000000000008000000000000000000000000000000000000000D04A0100000000000100000001000000 "SIGN.MEDIA=8091BB Autorun.exe"=0x534143500100000000000000070000002800000010D500001EDF000001000000000000000000010671200000631F6E6F0EDED401000000000000000002000000280000000000000080000000000000000000000000000000000000006BD60000000000000100000001000000 "SIGN.MEDIA=9A10D8 Autorun.exe"=0x534143500100000000000000070000002800000010D50000E598010001000000000000000000010671200000631F6E6F0EDED40100000000000000000200000028000000000000008000000000000000000000000000000000000000C1BF0100000000000100000001000000 "SIGN.MEDIA=ABA4E7 Autorun.exe"=0x534143500100000000000000070000002800000010D50000C278010001000000000000000000010671200000631F6E6F0EDED401000000000000000002000000280000000000000080000000001000000000000000000000000000001C7C0200000000000300000003000000 "SIGN.MEDIA=A993E8 Sims3SP04Setup.exe"=0x5341435001000000000000000700000028000000101506000B7C060001000000000000000000000671020000631F6E6F0EDED4010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400010020000000000000000000000000009570000000000000100000001000000 "SIGN.MEDIA=96784C Autorun.exe"=0x534143500100000000000000070000002800000010D500006842010001000000000000000000010671200000631F6E6F0EDED4010000000000000000020000002800000000000000800000000010020000000000000000000000000042E20000000000000200000002000000 "SIGN.MEDIA=A993E8 Autorun.exe"=0x534143500100000000000000070000002800000010D500008154010001000000000000000000010671200000631F6E6F0EDED401000000000000000002000000280000000000000080000000000000000000000000000000000000003DE80000000000000100000001000000 "C:\Users\cl_97\Downloads\DBFZ Fix\DBFZ Fix\Afterburner and Rivatuner\MSIAfterburnerSetup462.exe"=0x534143500100000000000000070000002800000030E60503C317060301000000000000000000010600010000631F6E6F0EDED4010000000000000000020000002800000000000000000000400000000000000000000000000000000018100100000000000100000001000000 "C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe"=0x5341435001000000000000000700000028000000F0EF0B00895F0C0001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000040000000000000000000000000000000002AEBF005000000000600000006000000 "C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe"=0x534143500100000000000000070000002800000090FC0300C284040001000000000000000000000A7122000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000A5EFFF05000000000600000006000000 "C:\Users\cl_97\Downloads\Avast Premium Security 20.6.2420 (Build 20.6.5495.561) Multilingual\avast_premier_antivirus_setup_offline.exe"=0x5341435001000000000000000700000028000000A81D46170648461701000000000000000000000A00210000631F6E6F0EDED4010000000000000000020000002800000000000000000000400000000000000000000000000000000042C20100000000000100000001000000 "C:\Users\cl_97\Downloads\CheatEngine72.exe"=0x5341435001000000000000000700000028000000684D8301B630840101000000000000000000000A00210000631F6E6F0EDED401000000000000000002000000280000000000000000000000000000000000000000000000000000005BD60D00000000000100000001000000 "C:\Program Files\Cheat Engine 7.2\Cheat Engine.exe"=0x534143500100000000000000070000002800000090DD05008B9F060001000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000004000000000000000000000000000000000A0B8A500000000000200000002000000 "D:\cl_97\Native Instruments Kontakt 6 v6.0.2 Portable.WIN\Kontakt6Portable\Kontakt\x64\Kontakt.exe"=0x5341435001000000000000000700000028000000788412041643130401000000000000000000000A00210000631F6E6F0EDED401000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000000000000000000000000000000000000009A0A0100000000000200000002000000 "C:\Users\cl_97\Downloads\parsec-windows.exe"=0x5341435001000000000000000700000028000000C07EA100D096A10001000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000004000000000000000000000000000000000A5160000000000000100000001000000 "C:\Program Files\Parsec\parsecd.exe"=0x534143500100000000000000070000002800000010940600176C070001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000032020000000000000200000002000000 "C:\Users\cl_97\Downloads\CCleaner Pro Portable 5.75.8238 (Windows)\CCleanerPro\CCleanerPortable.exe"=0x5341435001000000000000000700000028000000F84C0100000000000100000000000000000001060001000050BB64EDDDACD501000000000000000002000000280000000000000000000040000000000000000000000000000000002B9D0300000000000400000004000000 "D:\GAMES\Need for Speed Most Wanted 2005\speed.exe"=0x534143500100000000000000070000002800000000005C000000000001000000000000000000010571000000631F6E6F0EDED40100000000000000000100000004000000010000000200000050000000000000001000002000000000000000000000000000000000CA7902000000000002000000020000000000000000000000000400000100000000000000010000007FEA0000000000000100000000000000 "C:\Program Files\Cheat Engine 7.2\cheatengine-x86_64.exe"=0x5341435001000000000000000700000028000000A8DBE200BF7CE30001000000000000000000000A6322000050BB64EDDDACD50100000000000000000200000028000000000000000000004002000000000000000000000000000000D7178500000000000600000006000000 "C:\Users\cl_97\Downloads\Driver Easy Pro Portable 5.6.15.34863(Windows)\DriverEasy\DriverEasyPortable.exe"=0x5341435001000000000000000700000028000000F80E01000000000001000000000000000000000A00210000631F6E6F0EDED401000000000000000002000000280000000000000000000040000000000000000000000000000000008B6F1200000000000700000007000000 "C:\Users\cl_97\Downloads\pcsx2-1.6.0-setup.exe"=0x5341435001000000000000000700000028000000099F6D000000000001000000000000000000000A00210000631F6E6F0EDED4010000000000000000020000002800000000000000000000000000000000000000000000000000000003720000000000000100000001000000 "C:\Program Files (x86)\PCSX2\pcsx2.exe"=0x5341435001000000000000000700000028000000007E9B000000000001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000FFAEBB00000000000B0000000B000000 "C:\Users\cl_97\Downloads\cemu_1.22.2\cemu_1.22.2\Cemu.exe"=0x5341435001000000000000000700000028000000000A1A010000000001000000000000000000000A73220000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000589D0A00000000000100000001000000 "C:\Users\cl_97\Downloads\Set Lang.exe"=0x534143500100000000000000070000002800000000E0190092361A0001000000000000000000010571200000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000752B0000000000000200000002000000 "SIGN.MEDIA=1861C0 autorun_data.exe"=0x534143500100000000000000070000002800000000B004000000000001000000000000000000010571200000631F6E6F0EDED4010000000000000000020000005000000000000000800000400000000000000000000000000000000011050000000000000100000001000000000000008000000000000000000000000000000000000000B7420000000000000500000000000000 "SIGN.MEDIA=1861C0 setup.exe"=0x5341435001000000000000000700000028000000005003000000000001000000000000000000010571200000631F6E6F0EDED4010000000000000000020000007800000000000106000800600000000000000000000000000000000003310000000000000100000001000000000301050008006000000000000000000000000000000000E92F0000000000000100000000000000000000000008004000000000000000000000000000000000707A0000000000000400000000000000 "SIGN.MEDIA=C5BD2E autorun.exe"=0x534143500100000000000000070000002800000000600C000000000001000000000000000000010571200000631F6E6F0EDED401000000000000000002000000280000000000000080000000000002000000000000000000000000005F680000000000000100000001000000 "SIGN.MEDIA=18C3DA8 autorun.exe"=0x534143500100000000000000070000002800000000600C000000000001000000000000000000010571200000631F6E6F0EDED401000000000000000002000000500000000000000080000040000000000000000000000000000000002B180000000000000100000001000000000000008000000000040200000000000000000000000000104E0000000000000100000000000000 "SIGN.MEDIA=17D820 Setup.exe"=0x5341435001000000000000000700000028000000AAD817007B9E140001000000000000000000020600010000631F6E6F0EDED4010000000000000000020000002800000000000000000000000000000000000000000000000000000070750300000000000100000001000000 "SIGN.MEDIA=1AEDF3E7 Files\Support\DirectX\DXSETUP.exe"=0x534143500100000000000000070000002800000058E707007433080001000000000000000000010671020000631F6E6F0EDED40100000000000000000200000028000000000000000000004000000000000000000000000000000000FE500000000000000100000001000000 "C:\Users\cl_97\Downloads\uiso9_pe.exe"=0x5341435001000000000000000700000028000000684A4C00F0CA4C0001000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000FB4F0200000000000100000001000000 "C:\Users\cl_97\Downloads\UltraISO 9.7.2.3561\uiso9_pe.exe"=0x534143500100000000000000070000002800000008D046001452470001000000000000000000000A00210000631F6E6F0EDED401000000000000000002000000280000000000000000000000000000000000000000000000000000003F8A0000000000000200000002000000 "C:\Program Files (x86)\UltraISO\unins000.exe"=0x534143500100000000000000070000002800000021460C000000000001000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000004000000000000000000000000000000000331C0000000000000100000001000000 "C:\Users\cl_97\Downloads\UltraISO 9.7.2.3561\f4-uiso9_pe-patch.exe"=0x5341435001000000000000000700000028000000003A03000000000001000000000000000000000A61220000631F6E6F0EDED401000000000000000002000000280000000000000000000040000000000000000000000000000000004E0F0100000000000100000001000000 "C:\Program Files (x86)\UltraISO\UltraISO.exe"=0x5341435001000000000000000700000028000000C8D351008E99520001000000000000000000000A71200000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000BDFF0000000000000100000001000000 "C:\Users\cl_97\Downloads\Daemon Tools PRO 8\Instalador\Daemon Tools Pro 820-0708.exe"=0x5341435001000000000000000700000028000000F0C1EB01D41BEC0101000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000004000000000000000000000000000000000FBB10000000000000100000001000000 "C:\Users\cl_97\Downloads\Daemon Tools PRO 8\Parche\Parche.exe"=0x534143500100000000000000070000002800000070D108004A93090001000000000000000000000A71200000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000BF1C0000000000000100000001000000 "C:\Program Files\DAEMON Tools Pro\Parche.exe"=0x534143500100000000000000070000002800000070D108004A93090001000000000000000000000A71200000631F6E6F0EDED40100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000067C0000000000000300000003000000 "C:\Program Files\DAEMON Tools Pro\DTPro.exe"=0x5341435001000000000000000700000028000000C0D49300EB0F940001000000000000000000000A00210000631F6E6F0EDED4010000000000000000020000002800000000000000000000000000000000000000000000000000000014E46A0C000000000300000003000000 "C:\Program Files\DAEMON Tools Pro\DTAgent.exe"=0x5341435001000000000000000700000028000000C0C2440055A1450001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000004070000000000000B0000000B000000 "C:\Program Files\Epic Games\Fortnite\FortniteGame\Binaries\Win64\EasyAntiCheat\EasyAntiCheat_Setup.exe"=0x5341435001000000000000000700000028000000807C0C00C6D30C0001000000000000000000030600010000631F6E6F0EDED401000000000000000002000000280000000000000000000040000000000000000000000000000000003F000000000000000100000001000000 "C:\Program Files\Epic Games\Fortnite\FortniteGame\Binaries\Win64\FortniteClient-Win64-Shipping_BE.exe"=0x534143500100000000000000070000002800000000A10B0042720C0001000000000000000000000A71200000631F6E6F0EDED401000000000000000002000000280000000000000000000040000000000000000000000000000000005B030000000000000100000001000000 "C:\Users\cl_97\Downloads\Driver Easy Pro Portable 5.6.15.34863(Windows)\DriverEasy\App\DriverEasy\DriverEasy.exe"=0x534143500100000000000000070000002800000000223A0067013B0001000000000000000000000A75220000631F6E6F0EDED4010000000000000000020000002800000000000000000000000000000000000000000000000000000054F90000000000000200000002000000 "C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpDriverInstaller.exe"=0x534143500100000000000000050000001000000000000000000000000000000000000000070000002800000000560C000000000001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000400000000000000000000000000000000069E34601000000003F0000003F000000 "C:\Users\cl_97\Downloads\DS4Windows\DS4Updater.exe"=0x534143500100000000000000070000002800000000C208000000000001000000000000000000000A75220000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000C3412A01000000000100000001000000 "SIGN.MEDIA=F185E390 setup.exe"=0x5341435001000000000000000700000028000000F61A0A000000000001000000000000000000030600010000631F6E6F0EDED4010000000000000000020000002800000000000000000000000000000000000000000000000000000088651200000000000100000001000000 "SIGN.MEDIA=D13EF76D setup.exe"=0x5341435001000000000000000700000028000000F7691D00000000000100000000000000000003060001000050BB64EDDDACD501000000000000000002000000500000000000000000000000000000000000000000000000000000000BE80400000000000400000003000000000000008000000000000000000000000000000000000000516F0400000000000100000000000000 "C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe"=0x5341435001000000000000000700000028000000001607000000000001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000AE0A0000000000000300000003000000 "C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpCleanWipe.exe"=0x534143500100000000000000070000002800000000D408000000000001000000000000000000000A75220000631F6E6F0EDED4010000000000000000020000002800000000000000000000400000000000000000000000000000000044B80000000000000100000001000000 "C:\Users\cl_97\AppData\Local\Discord\Update.exe"=0x534143500100000000000000070000002800000038151700FA39170001000000000000000000000A7522000050BB64EDDDACD501000000000000000002000000280000000000000000000000040000000000000000000000000000009047E40A000000001300000013000000 "C:\Users\cl_97\Downloads\kis21.2.16.590abfr_25777.exe"=0x5341435001000000000000000700000028000000705B2A0095052B0001000000000000000000000A00210000631F6E6F0EDED401000000000000000002000000280000000000000000000000000000000000000000000000000000002DBB0100000000000100000001000000 "C:\Users\cl_97\Downloads\vlc-3.0.11-win64.exe"=0x5341435001000000000000000700000028000000A82F7E02F3577E0201000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000004000000000000000000000000000000000E1670000000000000100000001000000 "C:\Users\cl_97\Downloads\ModSkin_11.1.2\LOLPRO 11.1.2.exe"=0x534143500100000000000000070000002800000000FE06006E44070001000000000000000000000A71220000631F6E6F0EDED40100000000000000000200000028000000000000000000004000000000000000000000000000000000AAAE0100000000000100000001000000 "C:\Users\cl_97\Downloads\ModSkin_11.1.2\v1Asajuqj.exe"=0x5341435001000000000000000700000028000000008E0800E7B6080001000000000000000000000A7122000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000CE226F00000000000200000002000000 "C:\Users\cl_97\Downloads\cmupdatetool.exe"=0x534143500100000000000000070000002800000088B621008B00220001000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000BCED0000000000000100000001000000 "C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpSettings.exe"=0x534143500100000000000000070000002800000000C60C000000000001000000000000000000000A7522000050BB64EDDDACD501000000000000000002000000280000000000000000000000000002000000000000000000000000001F9F0000000000000400000004000000 "C:\Program Files\Nefarius Software Solutions\ScpToolkit\Driver\installer_x64.exe"=0x534143500100000000000000070000002800000000A001000000000001000000000000000000000A73220000631F6E6F0EDED401000000000000000002000000280000000000000000000000000000000000000000000000000000006E000000000000000200000002000000 "C:\Users\cl_97\Downloads\IObit Driver Booster Pro 8.3.0.361 + Portable_TrucNet.com\IObit Driver Booster Pro 8.3.0.361 + Portable_TrucNet.com\Driver.Booster.8.3.0.361.exe"=0x5341435001000000000000000700000028000000430E3E010000000001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000040000000000000000000000000000000000F300200000000000100000001000000 "C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe"=0x5341435001000000000000000700000028000000D0637C0030E57C0001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000F8730000000000001A0000001A000000 "C:\Users\cl_97\Downloads\ffxivsetup_ft.exe"=0x5341435001000000000000000700000028000000284AAE019247AF0101000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000661D0100000000000100000001000000 "C:\Users\cl_97\Downloads\Detection.exe"=0x534143500100000000000000070000002800000058224F004AEA4F0001000000000000000000000A7322000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000009C490000000000000100000001000000 "C:\Program Files (x86)\IObit\Driver Booster\Backup.exe"=0x5341435001000000000000000700000028000000103711007334120001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000293C0100000000000900000009000000 "SIGN.MEDIA=2862832B mSetup.exe"=0x53414350010000000000000007000000280000000E980B000000000001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000B12A2600000000000100000001000000 "C:\Users\cl_97\AppData\Roaming\Spotify\Spotify.exe"=0x534143500100000000000000070000002800000048506B01A1BA6B0101000000000000000000000A0021000050BB64EDDDACD5010000000000000000 "C:\Users\cl_97\Downloads\TCPOptimizer.exe"=0x534143500100000000000000070000002800000000700A000000000001000000000000000000000A7120000050BB64EDDDACD5010000000000000000050000001000000000000000000000000000000000000000020000005000000000000000000000400000000000000000000000000000000003B7050000000000010000000100000000000000000000000000020000000000000000000000000023500000000000000100000000000000 "C:\Users\cl_97\Downloads\namebench-1.3.1-Windows.exe"=0x53414350010000000000000007000000280000000BC24F00000000000100000000000000000001057100000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000FD992100000000000100000001000000 "C:\Users\cl_97\Downloads\Ankama Launcher-Setup.exe"=0x534143500100000000000000070000002800000080AF0C00DEFC0C0001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000800000400000000000000000000000000000000091430000000000000100000001000000 "C:\Program Files (x86)\Steam\steamapps\common\DRAGON BALL FighterZ\RED\Binaries\Win64\RED-Win64-Shipping.exe"=0x5341435001000000000000000700000028000000001C160B0000000001000000000000000000000A7322000050BB64EDDDACD501000000000000000002000000280000000000000010000020000000000000000000000000000000000D030000000000000200000002000000 "C:\Users\cl_97\Downloads\DBFZ-mod-manager\DBFZ-mod-manager.exe"=0x5341435001000000000000000700000028000000002E0D000000000001000000000000000000000A7522000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000B602DB00000000000B0000000B000000 "D:\GAMES\GRID 2\unins000.exe"=0x5341435001000000000000000700000028000000DB371500000000000100000000000000000003060001000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000B53D0000000000000100000001000000 "D:\GAMES\GRID 2\grid2.exe"=0x53414350010000000000000007000000280000000078EE00000000000100000000000000000002067102000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000200000000200000028000000000000002000006000000000000000000000000000000000E1C4AC00000000002B0000002B000000 "SIGN.MEDIA=EB40C879 setup.exe"=0x5341435001000000000000000700000028000000007C1700000000000100000000000000000003060001000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000081860100000000000100000001000000 "C:\Users\cl_97\Downloads\BlueStacksInstaller_5.0.0.7228_native_a3c4a51c1cfce0cf491341f7e90660ee.exe"=0x534143500100000000000000070000002800000098871200833C13000100000000000000000001060001000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000429E0700000000000100000001000000 "C:\Users\cl_97\Downloads\BlueStacksInstaller_4.280.0.1022_native_1ec8058cacb68a005acaa20034f7b4de.exe"=0x5341435001000000000000000700000028000000E0DD12002F7113000100000000000000000001060001000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000003D730300000000000100000001000000 "C:\Program Files\BlueStacks\HD-Player.exe"=0x534143500100000000000000070000002800000028210A0043B70A0001000000000000000000000A7522000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000D5B90100000000000100000001000000 "C:\Program Files\BlueStacks\Bluestacks.exe"=0x534143500100000000000000070000002800000000A024000000000001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000C32F2312000000000400000004000000 "C:\Users\cl_97\Downloads\AMD-VwithRVI_Hyper-V_CompatibilityUtility\amdvhyperv.exe"=0x5341435001000000000000000700000028000000000401003C9D01000100000000000000000001067100000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000050000000000000000000004000000000000000000000000000000000A1210000000000000100000001000000000000000000000000020300000000000000000000000000BB080000000000000100000000000000 "C:\Users\cl_97\AppData\Roaming\uTorrent\uTorrent.exe"=0x5341435001000000000000000700000028000000288C20009711210001000000000000000000000A0021000050BB64EDDDACD501000000000000000005000000100000000000000000000000000000000000000002000000500000000000000000000010000000000000000000000000000000000063000000000000020000000200000000000000000000000000000000000000000000000000000018898605000000000B00000000000000 "C:\Users\cl_97\Downloads\DriverStoreExplorer.v0.11.64\Rapr.exe"=0x534143500100000000000000070000002800000000DE2000C07E210001000000000000000000000A7522000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000DEE30200000000000500000005000000 "C:\Users\cl_97\Downloads\devmanview\DevManView.exe"=0x534143500100000000000000070000002800000078C301006D50020001000000000000000000000A7122000050BB64EDDDACD5010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000043920200000000000100000001000000 "D:\cl_97\Documents\dokkan battle\Farming Bot v3.7\Farming Bot v3.7\KarysBot v3.7a.exe"=0x5341435001000000000000000700000028000000B55938010000000001000000000000000000000A7120000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000436A0000000000000200000002000000 "D:\cl_97\Documents\dokkan battle\BladeFive - 4.8a Project Instant Transmission.exe"=0x5341435001000000000000000700000028000000258701070000000001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000F3DC0000000000000100000001000000 "C:\Users\cl_97\AppData\Local\Temp\jre-8u291-windows-au.exe"=0x534143500100000000000000070000002800000008CF1F007023200001000000000000000000000A7122000050BB64EDDDACD501000000000000000002000000280000000000000000000040000000000000000000000000000000002C6D0100000000000100000001000000 "C:\Program Files\BlueStacks\HD-RunApp.exe"=0x534143500100000000000000070000002800000028C10500B21D060001000000000000000000000A7522000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000EF1FFE08000000000200000002000000 "C:\Program Files\BlueStacks\HD-MultiInstanceManager.exe"=0x534143500100000000000000070000002800000028D3030063B3040001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000C1C42C00000000000100000001000000 "C:\Program Files (x86)\Common Files\Steam\SteamService.exe"=0x5341435001000000000000000700000028000000E8502A0060A42A0001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000CB000000000000000400000004000000 "D:\Program Files\Pianoteq 6 STAGE\Pianoteq 6 STAGE.exe"=0x534143500100000000000000070000002800000000CEFE02EFC8FF0201000000000000000000000A7320000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000088130000000000000100000001000000 "C:\Users\cl_97\Downloads\NucleusCoop\NucleusCoop.exe"=0x5341435001000000000000000700000028000000004203000000000001000000000000000000000A7520000050BB64EDDDACD5010000000000000000020000005000000000000000200000600000000000000000000000000000000040B20F00000000000200000002000000000000000000000000000000000000000000000000000000C3E63200000000000100000000000000 "C:\Users\cl_97\Downloads\NucleusCoop\StartGame.exe"=0x5341435001000000000000000700000028000000006A00000000000001000000000000000000000A7520000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000CB000000000000000100000001000000 "C:\Games\Forza Horizon 4\ForzaHorizon4.exe"=0x534143500100000000000000070000002800000000D87E0968124C0801000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000008C910B00000000000A0000000A000000 "C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe"=0x5341435001000000000000000700000028000000881DAC003BF0AC0001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000400000000000000000000000000000000082710100000000000100000001000000 "SIGN.MEDIA=726D0F OInstall.exe"=0x5341435001000000000000000700000028000000B0B99E00037D9F0001000000000000000000000A7122000050BB64EDDDACD5010000000000000000020000002800000000000000000000400000000000000000000000000000000018490800000000000100000001000000 "C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe"=0x5341435001000000000000000700000028000000A0BF6201C98F630101000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000E9110500000000000100000001000000 "C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE"=0x5341435001000000000000000700000028000000504BD303EB3AD40301000000000000000000000A0021000050BB64EDDDACD5010000000100000000 "D:\GAMES\A Way Out\Haze1\Binaries\Win64\AWayOut.exe"=0x5341435001000000000000000700000028000000003E930E0E38940E01000000000000000000000A7320000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000200000000200000028000000000000002000006000000000010000000000000000000000B0640100000000000100000001000000 "D:\GAMES\A Way Out\Haze1\Binaries\Win64\Language Selector.exe"=0x534143500100000000000000070000002800000000900000000000000100000000000000000003067100000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000072B8700000000000100000001000000 "C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.59462344778C5_10.19.20004.0_x64__0a9344xs7nr4m\radeonsettings\RadeonSettings.exe"=0x534143500100000000000000070000002800000000C60B01281D0C0101000000000000000000000A0021000050BB64EDDDACD5010000000000000000 "C:\Users\cl_97\Downloads\ModSkin_11.12.1\LOLPRO 11.12.1.exe"=0x534143500100000000000000070000002800000000FE06006E44070001000000000000000000000A7122000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000DC64A300000000000400000004000000 "C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE"=0x534143500100000000000000070000002800000018F31800A3B2190001000000000000000000000A0021000050BB64EDDDACD5010000000100000000 "C:\Users\cl_97\AppData\Local\Packages\E046963F.LenovoCompanion_k1h2ywk1493x8\Lenovo\Vantage\Dependency\0ef55aca-1d15-43a0-81ed-a9c955841c0f\Lenovo.Vantage.ServiceSetup.exe"=0x5341435001000000000000000700000028000000B07B8700AF4A880001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000400000000000000000000000000000000029980000000000000100000001000000 "C:\ProgramData\NVIDIA Corporation\Downloader\latest\setup.exe"=0x534143500100000000000000070000002800000070B10700EE0A080001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000004770000000000000100000001000000 "C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe"=0x534143500100000000000000070000002800000070D909009C480A0001000000000000000000000A7120000050BB64EDDDACD5010000000000000000020000002800000000000000800000000000000000000000000000000000000007040000000000000100000001000000 "C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"=0x534143500100000000000000070000002800000070F33200E0AD330001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000C421B518000000000200000002000000 "C:\Program Files\Ankama\Ankama Launcher\Ankama Launcher.exe"=0x534143500100000000000000070000002800000020853F066384400601000000000000000000000A0021000050BB64EDDDACD5010000000000000000 "C:\Users\cl_97\OneDrive\Bureau\Games\plutonium.exe"=0x5341435001000000000000000700000028000000E86640007278400001000000000000000000000A6522000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000BF006F00000000000200000002000000 "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe"=0x5341435001000000000000000700000028000000C8E15900B3875A0001000000000000000000000A7122000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000AAB16000000000000100000001000000 "C:\Users\cl_97\Downloads\Blitz-1.14.24.exe"=0x534143500100000000000000070000002800000060D8ED0375E6ED0301000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000060240000000000000100000001000000 "C:\Users\cl_97\Downloads\qbittorrent_4.3.6_x64_setup.exe"=0x53414350010000000000000007000000280000005BA1A2010000000001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000897B0000000000000200000002000000 "C:\Program Files\VideoLAN\VLC\vlc.exe"=0x5341435001000000000000000700000028000000F8040F00205D0F000100000000000000000000060001000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000370C4B0B000000001900000019000000 "C:\Users\cl_97\Downloads\qbittorrent_4.3.6_x64_setup (1).exe"=0x53414350010000000000000007000000280000005BA1A2010000000001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000023E56200000000000100000001000000 "C:\Riot Games\Riot Client\RiotClientServices.exe"=0x534143500100000000000000070000002800000048B82004F899210401000000000000000000000A7122000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000511F5C00000000000500000005000000 "C:\Program Files\qBittorrent\qbittorrent.exe"=0x534143500100000000000000070000002800000000669A010000000001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000001EF1B621000000000500000005000000 "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe"=0x5341435001000000000000000700000028000000E0832A00CD272B0001000000000000000000000A7122000050BB64EDDDACD5010000000000000000020000002800000000000000800000000000000000000000000000000000000076277105000000000100000001000000 "C:\Program Files\ASUS\ARMOURY CRATE Service\GPUPowerSavingPlugin\GPU Power Saving.exe"=0x534143500100000000000000070000002800000078220200C371020001000000000000000000000A7322000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000001C950000000000000B0000000B000000 "C:\Program Files\Epic Games\GenshinImpact\launcher.exe"=0x5341435001000000000000000700000028000000C8403600E4F7360001000000000000000000000A7322000050BB64EDDDACD5010000000000000000050000001000000000000000000000000000000000000080020000002800000000000000000000C0000000000000000000000000000000009CC67D00000000000400000004000000 "C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_33c21db80f95a337\ASUSOptimization\AsusOSD.exe"=0x5341435001000000000000000700000028000000B8C901008264020001000000000000000000000A7122000050BB64EDDDACD501000000000000000002000000280000000000000000000040000000000000000000000000000000007A665B20000000000400000004000000 "C:\Users\cl_97\Downloads\windowsdesktop-runtime-5.0.7-win-x64.exe"=0x5341435001000000000000000700000028000000502F46033560460301000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000058420000000000000100000001000000 "C:\Users\cl_97\Downloads\Unverum\Unverum.exe"=0x5341435001000000000000000700000028000000005006000000000001000000000000000000000A7322000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000074D4D300000000000200000002000000 "C:\Users\cl_97\AppData\Local\Microsoft\OneDrive\21.119.0613.0001\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000786509006FC0090001000000000000000000000A0021000050BB64EDDDACD5010000000100000000 "C:\Program Files (x86)\ASUS\ArmouryDevice\dll\FilterDriver\x64\pnputil.exe"=0x5341435001000000000000000700000028000000009804006336050001000000000000000000000A6322000050BB64EDDDACD50100000000000000000200000028000000000000000000008000000000000000000000000000000000DB000000000000000200000002000000 "C:\Program Files (x86)\ASUS\ArmouryDevice\dll\Tools\RegSchdTask.exe"=0x534143500100000000000000070000002800000058850C0021220D000100000000000000000000067100000050BB64EDDDACD50100000000000000000200000028000000000000000008008000000000000000000000000000000000CB000000000000000800000008000000 "C:\Windows\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSOptimization\AsusOSD.exe"=0x5341435001000000000000000700000028000000B8C90100FD8E020001000000000000000000000A7122000050BB64EDDDACD501000000000000000002000000280000000000000000000040000000000000000000000000000000006B485411000000000F0000000F000000 "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe"=0x5341435001000000000000000700000028000000E04FFB01AA7DFB0101000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000F486680F000000000D0000000D000000 "C:\Users\cl_97\Downloads\tsetup-x64.2.8.11.exe"=0x5341435001000000000000000700000028000000D0A7E40155A0E50101000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000003C016703000000000100000001000000 "D:\jeux\Advanced SystemCare Pro v14.2.0.220 + crack\advanced-systemcare-setup.exe"=0x534143500100000000000000070000002800000060DAF2022D44F30201000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000001849E501000000000100000001000000 "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCFeature.exe"=0x534143500100000000000000070000002800000010ED0100AB8F020001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000038010000000000000400000004000000 "C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe"=0x5341435001000000000000000700000028000000C8DF8F002A80900001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000001D030000000000000500000005000000 "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe"=0x5341435001000000000000000700000028000000B0E005009580060001000000000000000000000A0021000050BB64EDDDACD5010000000000000000 "C:\Program Files (x86)\Steam\steam.exe"=0x5341435001000000000000000700000028000000E8B83E00A4593F0001000000000000000000000A0021000050BB64EDDDACD5010000000100000000 "C:\ProgramData\ASUS\RLSDownload\MainSDK\4_SDK\2_7954\MainSDK\Setup.exe"=0x534143500100000000000000070000002800000000DC0000000000000100000000000000000003060001000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000D61A0100000000000100000001000000 "C:\Program Files (x86)\ASUS\ArmouryDevice\dll\FilterDriver\x64\devcon.exe"=0x534143500100000000000000070000002800000000400100BDF3010001000000000000000000000A6320000050BB64EDDDACD5010000000000000000020000002800000000000000000000800000000000000000000000000000000024070000000000006000000060000000 "C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe"=0x53414350010000000000000007000000280000007884010079EA010001000000000000000000000A7120000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000006427F02000000000B0000000B000000 "C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe"=0x53414350010000000000000007000000280000009896010004F5010001000000000000000000000A6520000050BB64EDDDACD5010000000000000000 "C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe"=0x534143500100000000000000070000002800000050942100ADEC210001000000000000000000000A7322000050BB64EDDDACD5010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000000000000000000000000000000000084040000000000000E0000000E000000 "C:\Program Files\Streamlabs OBS\Streamlabs OBS.exe"=0x5341435001000000000000000700000028000000580A8607CD2D860701000000000000000000000A0021000050BB64EDDDACD5010000000000000000 "C:\ProgramData\NVIDIA Corporation\Downloader\506f4c22e9d59285075d7e6d861db21c_extracted\setup.exe"=0x534143500100000000000000070000002800000090DC0700EB7B080001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000800000400000000000000000000000000000000067240200000000000100000001000000 "D:\GAMES\Forza Horizon 4\ForzaHorizon4.exe"=0x534143500100000000000000070000002800000000D87E0968124C0801000000000000000000000A0021000050BB64EDDDACD5010000000000000000 "C:\Program Files\Google\Chrome\Application\chrome.exe"=0x5341435001000000000000000700000028000000A83425001653250001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000050000000000000000000000000000000000000000000000000000000CB000000000000000D000000040000000000000000000010000000000000000000000000000000004E000000000000000100000000000000 "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"=0x5341435001000000000000000700000028000000800532000728320001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000100000000000000000000000000000000059060000000000000700000007000000 "C:\Users\cl_97\AppData\Local\Programs\Blitz\Blitz.exe"=0x534143500100000000000000070000002800000008190707D124070701000000000000000000000A0021000050BB64EDDDACD5010000000000000000 "C:\Users\cl_97\Downloads\LatencyMon.exe"=0x5341435001000000000000000700000028000000405D22006672220001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000007A4F0300000000000100000001000000 "D:\jeux\Malwarebytes PREMIUM 3.7.1.2839-Repack [Win FR]\Malwarebytes Anti-Malware 3.7.1.2839.exe"=0x5341435001000000000000000700000028000000CE0CD0030000000001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000400000000000000000000000000000000066CF0000000000000100000001000000 "C:\Program Files (x86)\Malwarebytes\Anti-Malware\mbam.exe"=0x5341435001000000000000000700000028000000305C83000655840001000000000000000000000A7122000050BB64EDDDACD5010000000000000000 "C:\Program Files (x86)\Malwarebytes\Anti-Malware\unins000.exe"=0x5341435001000000000000000700000028000000D0021400CA0E140001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000400000000000000000000000000000000044CF0400000000000100000001000000 "C:\Users\cl_97\Downloads\WLAN_AZWAVE_2024.0.8.107_logo_Win10x64\Win10Install\x64\DPInst.exe"=0x5341435001000000000000000700000028000000B026100060D210000100000000000000000001067302000050BB64EDDDACD5010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000500000000000000000000000000000000005210000000000000500000005000000 "C:\Users\cl_97\Downloads\WLAN_AZWAVE_2024.0.8.107_logo_Win10x64\Win10Install\x64\devcon.exe"=0x5341435001000000000000000700000028000000B08801005C1B020001000000000000000000000A7320000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000007D000000000000000100000001000000 "C:\Users\cl_97\Downloads\WLAN_AZWAVE_2024.0.8.107_logo_Win10x64\Win10Install\x86\DPInst.exe"=0x5341435001000000000000000700000028000000B03C0E008C900E000100000000000000000001067102000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000005000020200000000000000000000000000F3090000000000000100000001000000 "D:\GAMES\Astral Chain\unins000.exe"=0x534143500100000000000000070000002800000071211700000000000100000000000000000001060001000050BB64EDDDACD5010000000000000000020000002800000000000000000000400002000000000000000000000000000018160000000000000100000001000000 "C:\Users\cl_97\Downloads\Look_My_Hardware.exe"=0x5341435001000000000000000700000028000000F05013002A83130001000000000000000000000A0021000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000252E0000000000000100000001000000 "C:\Users\cl_97\Downloads\QuickDiag.exe"=0x5341435001000000000000000700000028000000F05045000170450001000000000000000000000A0021000050BB64EDDDACD5010000000000000000 ---------- | IFEO ---------- | Mountpoints2 [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{0638bab5-4b0f-11eb-9be6-d8c0a62fe140}] : "E:\OInstall.exe" (AutoRun) [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{0638bab5-4b0f-11eb-9be6-d8c0a62fe140}] : E:\OInstall.exe (configure) [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{0638bab5-4b0f-11eb-9be6-d8c0a62fe140}] : E:\OInstall.exe (install) ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=132562965330304648 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "RemediationExe"=windowsdefender:// "DisableAntiSpyware"=1 "TrustedImageIdentifier"={FX505DT0-0000-0000-0000-000000000000} "ProductType"=2 "InstallLocation"=C:\Program Files\Windows Defender\ "ManagedDefenderProductType"=0 "ProductStatus"=0 "InstallTime"=0xB00BF2447578D601 "OOBEInstallTime"=0x79AC8DBCBACED601 "DisableAntiVirus"=1 "LastEnabledTime"=0x6718AD1FD5EAD601 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CBDHSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MsQuic] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NgcCtnrSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NgcSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] ---------- | Winsock (Whitelist) ---------- | Hosts #This file has been replaced with its default version by Kaspersky Lab because of possible infection 127.0.0.1 localhost ::1 localhost ---------- | Ping Envoi d'une requ?te 'ping' sur google.com [2a00:1450:4007:819::200e] avec 32 octets de donn?es?: R?ponse de 2a00:1450:4007:819::200e?: temps=18 ms R?ponse de 2a00:1450:4007:819::200e?: temps=18 ms R?ponse de 2a00:1450:4007:819::200e?: temps=18 ms R?ponse de 2a00:1450:4007:819::200e?: temps=18 ms Statistiques Ping pour 2a00:1450:4007:819::200e: Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%), Dur?e approximative des boucles en millisecondes : Minimum = 18ms, Maximum = 18ms, Moyenne = 18ms ---------- | @ [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Cache_Update_Frequency"=yes "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=%11%\blank.htm "Save_Session_History_On_Exit"=no "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "UseClearType"=no "XMLHTTP"=1 "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=about:blank "Default_Page_URL"=http://www.msn.com/?pc=ASTE "DisableFirstRunCustomize"=3 "ImageStoreRandomFolder"=z087ms2 [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "CertificateRevocation"=1 "DisableCachingOfSSLPages"=0 "IE5_UA_Backup_Flag"=5.0 "PrivacyAdvanced"=1 "SecureProtocols"=2688 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "ZonesSecurityUpgrade"=0x91F78FD00DF5D601 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "WarnonZoneCrossing"=0 "LockDatabase"=132564238407710964 [HKLM\Software\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "Start Page"=about:blank "TabProcGrowth"=Medium [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\SysWOW64\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 ---------- | Proxy ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | Execution FileExts ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt01] - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [14/05/2021 00:44:44] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt02] - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [14/05/2021 00:44:44] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt03] - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [14/05/2021 00:44:44] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt04] - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [14/05/2021 00:44:44] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt05] - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [14/05/2021 00:44:44] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt06] - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [14/05/2021 00:44:44] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt07] - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [14/05/2021 00:44:44] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt08] - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [14/05/2021 00:44:44] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt09] - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [14/05/2021 00:44:44] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt10] - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [14/05/2021 00:44:44] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw] - {472083B0-C522-11CF-8763-00608CC02F24} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- C:\Windows\System32\EhStorShell.dll [28/01/2021 10:20:16] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt01] - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.48.0.dll [14/05/2021 00:44:44] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt02] - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.48.0.dll [14/05/2021 00:44:44] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt03] - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.48.0.dll [14/05/2021 00:44:44] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt04] - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.48.0.dll [14/05/2021 00:44:44] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt05] - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.48.0.dll [14/05/2021 00:44:44] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt06] - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.48.0.dll [14/05/2021 00:44:44] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt07] - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.48.0.dll [14/05/2021 00:44:44] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt08] - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.48.0.dll [14/05/2021 00:44:44] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt09] - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.48.0.dll [14/05/2021 00:44:44] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ DropboxExt10] - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} -- C:\Program Files (x86)\Dropbox\Client\DropboxExt.48.0.dll [14/05/2021 00:44:44] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} -- [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks] "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"= ---------- | Toolbar [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ---------- | Extensions [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (Se&nd to OneNote) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] : (Lync Click to Call) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (OneNote Lin&ked Notes) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (Se&nd to OneNote) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] : (Lync Click to Call) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (OneNote Lin&ked Notes) - [] ---------- | SearchScopes [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=PRASU1&src=IE11TR&pc=ASTE : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=PRASU1&src=IE11TR&pc=ASTE : ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}] -> (IEToEdge BHO) : C:\Program Files (x86)\Microsoft\Edge\Application\91.0.864.71\BHO\ie_to_edge_bho.dll [20/07/2021 12:47:29] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] -> (Skype for Business Browser Helper) : C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [28/05/2021 17:48:05] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}] -> (IEToEdge BHO) : C:\Program Files (x86)\Microsoft\Edge\Application\91.0.864.71\BHO\ie_to_edge_bho.dll [20/07/2021 12:47:29] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] -> (Skype for Business Browser Helper) : C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [28/05/2021 17:48:05] ---------- | Chrome C:\Users\cl_97\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\cl_97\AppData\Local\Google\Chrome\User Data\Default\extensions\aegnopegbbhjeeiganiajffnalhlkkjb = : __MSG_extShortDesc__ - short_name: Safe Torrent Scanner - https://clients2.google.com/service/update2/crx C:\Users\cl_97\AppData\Local\Google\Chrome\User Data\Default\extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm = : __MSG_ExtensionDescription__ - __MSG_ExtensionName__ - permissions:[nativeMessagingmanagementcookiestabswebNavigationwebRequestcontextMenuswebRequestBlocking\u003Call_urls>storage] - https://clients2.google.com/service/update2/crx C:\Users\cl_97\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\cl_97\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\cl_97\AppData\Local\Google\Chrome\User Data\Default\extensions\bigefpfhnfcobdlfbedofhhaibnlghod = : Secure Cloud Storage and Chat - MEGA - https://clients2.google.com/service/update2/crx C:\Users\cl_97\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\cl_97\AppData\Local\Google\Chrome\User Data\Default\extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm = : __MSG_extShortDesc__ - name: uBlock Origin - short_name: uBlock0 - permissions:[contextMenusprivacystoragetabsunlimitedStoragewebNavigationwebRequestwebRequestBlocking\u003Call_urls>] - https://clients2.google.com/service/update2/crx C:\Users\cl_97\AppData\Local\Google\Chrome\User Data\Default\extensions\cmedhionkhpnakcndndgjdbohmhepckk = : __MSG_extension_description__ - __MSG_extension_name__ - permissions:[tabsstorageunlimitedStoragewebRequestwebRequestBlocking\u003Call_urls>] - https://clients2.google.com/service/update2/crx C:\Users\cl_97\AppData\Local\Google\Chrome\User Data\Default\extensions\emnoomldgleagdjapdeckpmebokijail = : __MSG_description__ - wanteeed - https://clients2.google.com/service/update2/crx C:\Users\cl_97\AppData\Local\Google\Chrome\User Data\Default\extensions\eofcbnmajmjmplflapaojjnihcjkigck = : __MSG_avastAppDesc__ - __MSG_avastAppShortName__ - https://clients2.google.com/service/update2/crx C:\Users\cl_97\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\cl_97\AppData\Local\Google\Chrome\User Data\Default\extensions\fkepacicchenbjecpbpbclokcabebhah = : __MSG_extDescription__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\cl_97\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\cl_97\AppData\Local\Google\Chrome\User Data\Default\extensions\gpbfjnhlnemfnhajnmkjicfmbagfbejm = : __MSG_description__ - short_name: __MSG_name__ - permissions:[tabs\u003Call_urls>contextMenuswebRequestwebRequestBlockingwebNavigationstoragenotificationsidle] - https://clients2.google.com/service/update2/crx C:\Users\cl_97\AppData\Local\Google\Chrome\User Data\Default\extensions\jeedakojomhhndjiacgkhlkknflflchl = : Games for free? Yes it's possible! Play games earn points and get free vouchers for games. - Gamekit - https://clients2.google.com/service/update2/crx C:\Users\cl_97\AppData\Local\Google\Chrome\User Data\Default\extensions\knipolnnllmklapflnccelgolnpehhpl = : __MSG_CHROME_APP_DESCRIPTION__ - __MSG_CHROME_HANGOUTS_SHORT_NAME__ - 1021803392181-71juemdl03adpl2n0tso7nl7hq83g2qg.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\cl_97\AppData\Local\Google\Chrome\User Data\Default\extensions\kodndogomnfgmbapagempdcobhmjfbho = : Paiements sécurisés & Support en ligne 24/7 chez IGVault pour l'achat bon marché de Dofus Kamas Crédits FIFA Comptes LOL et Or WoW Livraison Exprès ! - https://www.igvault.fr/ - iGVault C:\Users\cl_97\AppData\Local\Google\Chrome\User Data\Default\extensions\lbnoedlobifdhbpjkcfhcbdcjhampmne = : Browse the web for your favorite games and always know if they are available at Instant-Gaming.com ! - matches: [ http://store.steampowered.com/* https://store.steampowered.com/* https://www.origin.com/* https://www.dlcompare.com/* https://www.dlcompare.fr/* https://www.dlcompare.es/* https://www.dlcompare.de/* https://www.dlcompare.pt/* https://www.allkeyshop.com/* https://www.keyforsteam.de/* https://www.goclecd.fr/* https://www.planetkey.de/* https://gocdkeys.com/* https://www.jeuxvideo.com/* https://www.kinguin.net/* https://www.g2a.com/* https://www.youtube.com/* https://www.twitch.tv/* https://www.gamivo.com/* https://www.gamekult.com/* https://www.cdkeys.com/* https://www.amazon.fr/* https://www.amazon.es/* https://www.amazon.de/* https://www.amazon.en/* https://www.amazon.it/* https://www.amazon.com/* ] - Instant Gaming - https://clients2.google.com/service/update2/crx C:\Users\cl_97\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\cl_97\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail - Google & co - [*://mail.google.com/mail] - https://clients2.google.com/service/update2/crx C:\Users\cl_97\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = : Provider for discovery and services for mirroring of Chrome Media Router - Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx [HKLM\Software\Google\Chrome\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm] ---------- | Opera ---------- | Firefox [HKLM\Software\mozilla\Firefox\Extensions] "light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi [HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions] "light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi [HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.291.2] - (Java™ Deployment Toolkit) : C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.291.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.11] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.12] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.14] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.15] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.16] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0] - (Microsoft Lync Plug-in for Firefox) : C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.254 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{bf1c221a-791c-4fc1-acfd-72e747f2a961}] "DhcpNameServer"=192.168.1.254 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{e6e4494c-c157-4f19-8a3d-1d386642e5cb}] "DhcpNameServer"=192.168.1.254 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{e6e4494c-c157-4f19-8a3d-1d386642e5cb}] "NameServer"=1.1.1.1,1.0.0.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{bf1c221a-791c-4fc1-acfd-72e747f2a961}] "DhcpNameServer"=192.168.1.254 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{e6e4494c-c157-4f19-8a3d-1d386642e5cb}] "DhcpNameServer"=192.168.1.254 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{e6e4494c-c157-4f19-8a3d-1d386642e5cb}] "NameServer"=1.1.1.1,1.0.0.1 ---------- | Applications [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Classes\Applications\7z.exe] : "C:\Program Files\7-Zip\7z.exe" "%1" [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Classes\Applications\7zFM.exe] : "C:\Program Files\7-Zip\7zFM.exe" "%1" [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Classes\Applications\qbittorrent.exe] : "C:\Program Files\qBittorrent\qbittorrent.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen [HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | SvcHost (Whitelist) [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=Power LSM BrokerInfrastructure PlugPlay DcomLaunch SystemEventsBroker DeviceInstall "rdxgroup"=RetailDemo "Camera"=FrameS "LocalServiceNoNetworkFirewall"=BFE mpssvc "diagnostics"=DiagSvc "AarSvcGroup"=AarSvc "PrintWorkflow"=PrintWorkflowUserSvc "wusvcs"=WaaSMedicSvc "BcastDVRUserService"=BcastDVRUserService "GraphicsPerfSvcGroup"=GraphicsPerfSvc "autoTimeSvc"=autoTimeSvc "ClipboardSvcGroup"=cbdhsvc "BthAppGroup"=BluetoothUserService "smbsvcs"=lanmanserver "UdkSvcGroup"=UdkUserSvc "DevicesFlow"=DeviceAssociationBrokerSvc DevicesFlowUserSvc ConsentUxUserSvc DevicePickerUserSvc [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=DcomLaunch DeviceInstall "PrintWorkflow"=PrintWorkflowUserSvc "AarSvcGroup"=AarSvc "DevicesFlow"=DeviceAssociationBrokerSvc "smbsvcs"=lanmanserver ---------- | SvcHost - Netsvcs (Whitelist) ---------- | Software [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\153f8ce0-b97a-575b-ba12-4ff8b1481894] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\7-Zip] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Activision] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\AMD] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\AppDataLow] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\ASIO4ALL v2 by Wuschel] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\ASUS] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\ATI] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Betternet] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\BitTorrentPersist] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\BlueStacksInstaller] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\BugSplat] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Caphyon] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Cheat Engine] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Chromium] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Disc Soft] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Discord] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Dropbox] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\DropboxUpdate] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\EasyBoot Systems] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\ElAmigos] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Electronic Arts] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Epic Games] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\FabFilter] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\FAW] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Google] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\HWiNFO32] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\IM Providers] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Image-Line] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Innersloth] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Intel] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\JavaSoft] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\KasperskyLab] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\KasperskyLabSetup] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Khronos] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Lenovo] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Logitech] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Malwarebytes] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Microsoft] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\miHoYo] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\miHoYoSDK] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Mozilla] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\MSI] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Native Instruments] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Netscape] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\NVIDIA Corporation] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\ODBC] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\PCSX2] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Piriform] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Policies] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Python] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\QtProject] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Realtek] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Rebuilt Games] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\RegisteredApplications] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Resplendence Sp] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\SoftVoice] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Spotify] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\SyncEngines] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\TCP Optimizer] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\TelegramDesktop] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Trolltech] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Unwinder] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Valve] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\WixSharp] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Wow6432Node] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\XLN Audio] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Accessibility] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Active Setup] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\ActiveMovie] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\ActiveSync] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\AppV] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Assistance] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\AuthCookies] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Avalon.Graphics] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Clipboard] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\CommsAPHost] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Connection Manager] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\CTF] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\DeviceDirectory] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Direct3D] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\DirectInput] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\DirectX] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\DirectX Diagnostic Tool] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Edge] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Edge Beta] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\EdgeUpdate] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\EventSystem] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\F12] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\FamilyStore] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Fax] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Feeds] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\FTP] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\GameBar] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\GameBarApi] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\IdentityCRL] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Ieak] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\IME] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\IMEMIP] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Input] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\InputMethod] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\InputPersonalization] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Installer] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Internet Connection Wizard] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Internet Explorer] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Internet Mail and News] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Keyboard] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\LanguageOverlay] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\LPKSetup] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\MediaPlayer] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Messaging] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Microsoft Management Console] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\MicrosoftEdge] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\MobilePC] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\MS Design Tools] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\MSF] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Multimedia] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\MVA] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Narrator] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\NGC] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Notepad] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Office] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\OneDrive] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Osk] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\PeerNet] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Personalization] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Phone] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Pim] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Poom] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\RAS AutoDial] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\RAS Phonebook] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Remote Assistance] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\RPM] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\ScreenMagnifier] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Sensors] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Shared] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Shared Tools] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Silverlight] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Siuf] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\SkyDrive] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Speech] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Speech Virtual] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Speech_OneCore] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Spelling] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\SQMClient] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\StorageLibrary] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\SystemCertificates] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\TabletTip] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\TPG] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Unified Store] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Unistore] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\UserData] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\VBA] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Visual Basic] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\WAB] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\WcmSvc] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\wfs] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Windows] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Windows Defender Security Center] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Windows Media] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Windows NT] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Windows Script] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Windows Script Host] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Windows Search] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Windows Security Health] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\Wisp] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\XboxLive] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Microsoft\Windows\AssignedAccessConfiguration] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Microsoft\Windows\Winlogon] [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\029c4619-0385-5543-9426-46f9987161d9] [HKLM\Software\410fcd79-1be8-5bf1-986e-ea09c55f7edf] [HKLM\Software\7-Zip] [HKLM\Software\AGEIA Technologies] [HKLM\Software\AMD] [HKLM\Software\Apple Inc.] [HKLM\Software\ASIO] [HKLM\Software\ASUS] [HKLM\Software\Avast Software] [HKLM\Software\BlueStacks] [HKLM\Software\BlueStacksInstaller] [HKLM\Software\Caphyon] [HKLM\Software\Clients] [HKLM\Software\CVSM] [HKLM\Software\DefaultUserEnvironment] [HKLM\Software\Disc Soft] [HKLM\Software\dotnet] [HKLM\Software\DTS] [HKLM\Software\FabFilter] [HKLM\Software\FAW] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\Google] [HKLM\Software\IM Providers] [HKLM\Software\Image-Line] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\KasperskyLab] [HKLM\Software\Khronos] [HKLM\Software\Lenovo] [HKLM\Software\McAfee] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\MozillaPlugins] [HKLM\Software\Native Instruments] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\OBS Studio] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\OpenSSH] [HKLM\Software\Oracle] [HKLM\Software\Partner] [HKLM\Software\Policies] [HKLM\Software\Propellerhead Software] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SyncIntegrationClients] [HKLM\Software\VideoLAN] [HKLM\Software\Windows] [HKLM\Software\WOW6432Node] [HKLM\SOFTWARE\Microsoft\.NETFramework] [HKLM\SOFTWARE\Microsoft\AccountsControl] [HKLM\SOFTWARE\Microsoft\Active Setup] [HKLM\SOFTWARE\Microsoft\ActiveSync] [HKLM\SOFTWARE\Microsoft\ADs] [HKLM\SOFTWARE\Microsoft\Advanced INF Setup] [HKLM\SOFTWARE\Microsoft\ALG] [HKLM\SOFTWARE\Microsoft\AllUserInstallAgent] [HKLM\SOFTWARE\Microsoft\AMSI] [HKLM\SOFTWARE\Microsoft\Analog] [HKLM\SOFTWARE\Microsoft\AppServiceProtocols] [HKLM\SOFTWARE\Microsoft\AppV] [HKLM\SOFTWARE\Microsoft\AppVISV] [HKLM\SOFTWARE\Microsoft\ASP.NET] [HKLM\SOFTWARE\Microsoft\Assistance] [HKLM\SOFTWARE\Microsoft\AudioCompressionManager] [HKLM\SOFTWARE\Microsoft\AuthHost] [HKLM\SOFTWARE\Microsoft\BidInterface] [HKLM\SOFTWARE\Microsoft\BitLockerCsp] [HKLM\SOFTWARE\Microsoft\CallAndMessagingEnhancement] [HKLM\SOFTWARE\Microsoft\Cellular] [HKLM\SOFTWARE\Microsoft\Chkdsk] [HKLM\SOFTWARE\Microsoft\Clipboard] [HKLM\SOFTWARE\Microsoft\ClipboardServer] [HKLM\SOFTWARE\Microsoft\CloudManagedUpdate] [HKLM\SOFTWARE\Microsoft\COM3] [HKLM\SOFTWARE\Microsoft\Command Processor] [HKLM\SOFTWARE\Microsoft\CommsAPHost] [HKLM\SOFTWARE\Microsoft\CoreShell] [HKLM\SOFTWARE\Microsoft\Cryptography] [HKLM\SOFTWARE\Microsoft\CTF] [HKLM\SOFTWARE\Microsoft\DataAccess] [HKLM\SOFTWARE\Microsoft\DataCollection] [HKLM\SOFTWARE\Microsoft\DataSharing] [HKLM\SOFTWARE\Microsoft\DDDS] [HKLM\SOFTWARE\Microsoft\DevDiv] [HKLM\SOFTWARE\Microsoft\Device Association Framework] [HKLM\SOFTWARE\Microsoft\DeviceReg] [HKLM\SOFTWARE\Microsoft\Dfrg] [HKLM\SOFTWARE\Microsoft\DFS] [HKLM\SOFTWARE\Microsoft\DiagnosticLogCSP] [HKLM\SOFTWARE\Microsoft\DirectDraw] [HKLM\SOFTWARE\Microsoft\DirectInput] [HKLM\SOFTWARE\Microsoft\DirectMusic] [HKLM\SOFTWARE\Microsoft\DirectPlay8] [HKLM\SOFTWARE\Microsoft\DirectPlayNATHelp] [HKLM\SOFTWARE\Microsoft\DirectShow] [HKLM\SOFTWARE\Microsoft\DirectX] [HKLM\SOFTWARE\Microsoft\Driver Signing] [HKLM\SOFTWARE\Microsoft\DRM] [HKLM\SOFTWARE\Microsoft\DusmSvc] [HKLM\SOFTWARE\Microsoft\DVDNavigator] [HKLM\SOFTWARE\Microsoft\DVR] [HKLM\SOFTWARE\Microsoft\DXP] [HKLM\SOFTWARE\Microsoft\EAPSIMMethods] [HKLM\SOFTWARE\Microsoft\Edge] [HKLM\SOFTWARE\Microsoft\Enrollment] [HKLM\SOFTWARE\Microsoft\Enrollments] [HKLM\SOFTWARE\Microsoft\EnterpriseCertificates] [HKLM\SOFTWARE\Microsoft\EnterpriseDataProtection] [HKLM\SOFTWARE\Microsoft\EnterpriseResourceManager] [HKLM\SOFTWARE\Microsoft\EventSounds] [HKLM\SOFTWARE\Microsoft\EventSystem] [HKLM\SOFTWARE\Microsoft\F12] [HKLM\SOFTWARE\Microsoft\FamilyStore] [HKLM\SOFTWARE\Microsoft\Fax] [HKLM\SOFTWARE\Microsoft\FaxServer] [HKLM\SOFTWARE\Microsoft\Feeds] [HKLM\SOFTWARE\Microsoft\FilePicker] [HKLM\SOFTWARE\Microsoft\FilterDS] [HKLM\SOFTWARE\Microsoft\FingerKB] [HKLM\SOFTWARE\Microsoft\FTH] [HKLM\SOFTWARE\Microsoft\Function Discovery] [HKLM\SOFTWARE\Microsoft\Fusion] [HKLM\SOFTWARE\Microsoft\FuzzyDS] [HKLM\SOFTWARE\Microsoft\GameOverlay] [HKLM\SOFTWARE\Microsoft\GamingServices] [HKLM\SOFTWARE\Microsoft\HTMLHelp] [HKLM\SOFTWARE\Microsoft\Hvsi] [HKLM\SOFTWARE\Microsoft\IdentityCRL] [HKLM\SOFTWARE\Microsoft\IdentityStore] [HKLM\SOFTWARE\Microsoft\IHDS] [HKLM\SOFTWARE\Microsoft\ImageTimeSettings] [HKLM\SOFTWARE\Microsoft\IMAPI] [HKLM\SOFTWARE\Microsoft\IME] [HKLM\SOFTWARE\Microsoft\IMEJP] [HKLM\SOFTWARE\Microsoft\IMEKR] [HKLM\SOFTWARE\Microsoft\IMETC] [HKLM\SOFTWARE\Microsoft\InProcLogger] [HKLM\SOFTWARE\Microsoft\Input] [HKLM\SOFTWARE\Microsoft\InputMethod] [HKLM\SOFTWARE\Microsoft\InputPersonalization] [HKLM\SOFTWARE\Microsoft\Internet Account Manager] [HKLM\SOFTWARE\Microsoft\Internet Domains] [HKLM\SOFTWARE\Microsoft\Internet Explorer] [HKLM\SOFTWARE\Microsoft\IsoBurn] [HKLM\SOFTWARE\Microsoft\KGL] [HKLM\SOFTWARE\Microsoft\LanguageOverlay] [HKLM\SOFTWARE\Microsoft\LexiconUpdate] [HKLM\SOFTWARE\Microsoft\LPKSetup] [HKLM\SOFTWARE\Microsoft\Managed Desktop] [HKLM\SOFTWARE\Microsoft\MdmCommon] [HKLM\SOFTWARE\Microsoft\MdmDiagnostics] [HKLM\SOFTWARE\Microsoft\MediaEngine] [HKLM\SOFTWARE\Microsoft\MediaPlayer] [HKLM\SOFTWARE\Microsoft\MemoryDiagnostic] [HKLM\SOFTWARE\Microsoft\Messaging] [HKLM\SOFTWARE\Microsoft\MessengerService] [HKLM\SOFTWARE\Microsoft\Microsoft Camera Codec Pack] [HKLM\SOFTWARE\Microsoft\MiracastReceiver] [HKLM\SOFTWARE\Microsoft\MMC] [HKLM\SOFTWARE\Microsoft\Mobile] [HKLM\SOFTWARE\Microsoft\MpSigStub] [HKLM\SOFTWARE\Microsoft\MSBuild] [HKLM\SOFTWARE\Microsoft\MSDE] [HKLM\SOFTWARE\Microsoft\MSDRM] [HKLM\SOFTWARE\Microsoft\MSDTC] [HKLM\SOFTWARE\Microsoft\MSF] [HKLM\SOFTWARE\Microsoft\MSIME] [HKLM\SOFTWARE\Microsoft\MSLicensing] [HKLM\SOFTWARE\Microsoft\MSMQ] [HKLM\SOFTWARE\Microsoft\MSN Apps] [HKLM\SOFTWARE\Microsoft\MTF] [HKLM\SOFTWARE\Microsoft\MTFFuzzyFactors] [HKLM\SOFTWARE\Microsoft\MTFInputType] [HKLM\SOFTWARE\Microsoft\MTFKeyboardMappings] [HKLM\SOFTWARE\Microsoft\Multimedia] [HKLM\SOFTWARE\Microsoft\Multivariant] [HKLM\SOFTWARE\Microsoft\NET Framework Setup] [HKLM\SOFTWARE\Microsoft\NetSh] [HKLM\SOFTWARE\Microsoft\Network] [HKLM\SOFTWARE\Microsoft\Non-Driver Signing] [HKLM\SOFTWARE\Microsoft\Notepad] [HKLM\SOFTWARE\Microsoft\ODBC] [HKLM\SOFTWARE\Microsoft\OEM] [HKLM\SOFTWARE\Microsoft\Office] [HKLM\SOFTWARE\Microsoft\OfficeCSP] [HKLM\SOFTWARE\Microsoft\OfficeSoftwareProtectionPlatform] [HKLM\SOFTWARE\Microsoft\Ole] [HKLM\SOFTWARE\Microsoft\OnlineProviders] [HKLM\SOFTWARE\Microsoft\Outlook Express] [HKLM\SOFTWARE\Microsoft\Palm] [HKLM\SOFTWARE\Microsoft\Personalization] [HKLM\SOFTWARE\Microsoft\Phone] [HKLM\SOFTWARE\Microsoft\Photos] [HKLM\SOFTWARE\Microsoft\Pim] [HKLM\SOFTWARE\Microsoft\PLA] [HKLM\SOFTWARE\Microsoft\PlayReady] [HKLM\SOFTWARE\Microsoft\PlayToReceiver] [HKLM\SOFTWARE\Microsoft\PointOfService] [HKLM\SOFTWARE\Microsoft\Policies] [HKLM\SOFTWARE\Microsoft\PolicyManager] [HKLM\SOFTWARE\Microsoft\Poom] [HKLM\SOFTWARE\Microsoft\PowerShell] [HKLM\SOFTWARE\Microsoft\Print] [HKLM\SOFTWARE\Microsoft\Provisioning] [HKLM\SOFTWARE\Microsoft\PushRouter] [HKLM\SOFTWARE\Microsoft\RADAR] [HKLM\SOFTWARE\Microsoft\Ras] [HKLM\SOFTWARE\Microsoft\RAS AutoDial] [HKLM\SOFTWARE\Microsoft\RcsPresence] [HKLM\SOFTWARE\Microsoft\Reliability Analysis] [HKLM\SOFTWARE\Microsoft\Remediation] [HKLM\SOFTWARE\Microsoft\RemovalTools] [HKLM\SOFTWARE\Microsoft\RendezvousApps] [HKLM\SOFTWARE\Microsoft\Router] [HKLM\SOFTWARE\Microsoft\Rpc] [HKLM\SOFTWARE\Microsoft\SchedulingAgent] [HKLM\SOFTWARE\Microsoft\Schema Library] [HKLM\SOFTWARE\Microsoft\Security Center] [HKLM\SOFTWARE\Microsoft\SecurityManager] [HKLM\SOFTWARE\Microsoft\SEMgr] [HKLM\SOFTWARE\Microsoft\Sensors] [HKLM\SOFTWARE\Microsoft\Shared] [HKLM\SOFTWARE\Microsoft\Shared Tools] [HKLM\SOFTWARE\Microsoft\Shared Tools Location] [HKLM\SOFTWARE\Microsoft\Shell] [HKLM\SOFTWARE\Microsoft\SIH] [HKLM\SOFTWARE\Microsoft\Silverlight] [HKLM\SOFTWARE\Microsoft\Siuf] [HKLM\SOFTWARE\Microsoft\Software] [HKLM\SOFTWARE\Microsoft\Speech] [HKLM\SOFTWARE\Microsoft\Speech_OneCore] [HKLM\SOFTWARE\Microsoft\SQMClient] [HKLM\SOFTWARE\Microsoft\StrongName] [HKLM\SOFTWARE\Microsoft\Sync Framework] [HKLM\SOFTWARE\Microsoft\Sysprep] [HKLM\SOFTWARE\Microsoft\SystemCertificates] [HKLM\SOFTWARE\Microsoft\SystemSettings] [HKLM\SOFTWARE\Microsoft\TableTextService] [HKLM\SOFTWARE\Microsoft\TabletTip] [HKLM\SOFTWARE\Microsoft\TaskFlowDataEngine] [HKLM\SOFTWARE\Microsoft\Tcpip] [HKLM\SOFTWARE\Microsoft\TelemetryClient] [HKLM\SOFTWARE\Microsoft\Terminal Server Client] [HKLM\SOFTWARE\Microsoft\TermServLicensing] [HKLM\SOFTWARE\Microsoft\TouchPrediction] [HKLM\SOFTWARE\Microsoft\TPG] [HKLM\SOFTWARE\Microsoft\Tpm] [HKLM\SOFTWARE\Microsoft\Tracing] [HKLM\SOFTWARE\Microsoft\Transaction Server] [HKLM\SOFTWARE\Microsoft\TV System Services] [HKLM\SOFTWARE\Microsoft\uDRM] [HKLM\SOFTWARE\Microsoft\Unified Store] [HKLM\SOFTWARE\Microsoft\UNP] [HKLM\SOFTWARE\Microsoft\UPnP Control Point] [HKLM\SOFTWARE\Microsoft\UPnP Device Host] [HKLM\SOFTWARE\Microsoft\UserData] [HKLM\SOFTWARE\Microsoft\UserManager] [HKLM\SOFTWARE\Microsoft\Virtual Machine] [HKLM\SOFTWARE\Microsoft\VisualStudio] [HKLM\SOFTWARE\Microsoft\WAB] [HKLM\SOFTWARE\Microsoft\Wallet] [HKLM\SOFTWARE\Microsoft\Wbem] [HKLM\SOFTWARE\Microsoft\WcmSvc] [HKLM\SOFTWARE\Microsoft\WIMMount] [HKLM\SOFTWARE\Microsoft\Windows] [HKLM\SOFTWARE\Microsoft\Windows Defender] [HKLM\SOFTWARE\Microsoft\Windows Defender Security Center] [HKLM\SOFTWARE\Microsoft\Windows Desktop Search] [HKLM\SOFTWARE\Microsoft\Windows Mail] [HKLM\SOFTWARE\Microsoft\Windows Media Device Manager] [HKLM\SOFTWARE\Microsoft\Windows Media Foundation] [HKLM\SOFTWARE\Microsoft\Windows Media Player NSS] [HKLM\SOFTWARE\Microsoft\Windows Messaging Subsystem] [HKLM\SOFTWARE\Microsoft\Windows NT] [HKLM\SOFTWARE\Microsoft\Windows Photo Viewer] [HKLM\SOFTWARE\Microsoft\Windows Portable Devices] [HKLM\SOFTWARE\Microsoft\Windows Script Host] [HKLM\SOFTWARE\Microsoft\Windows Search] [HKLM\SOFTWARE\Microsoft\Windows Security Health] [HKLM\SOFTWARE\Microsoft\WindowsRuntime] [HKLM\SOFTWARE\Microsoft\WindowsSelfHost] [HKLM\SOFTWARE\Microsoft\WindowsUpdate] [HKLM\SOFTWARE\Microsoft\Wisp] [HKLM\SOFTWARE\Microsoft\WlanSvc] [HKLM\SOFTWARE\Microsoft\Wlpasvc] [HKLM\SOFTWARE\Microsoft\Wow64] [HKLM\SOFTWARE\Microsoft\WSDAPI] [HKLM\SOFTWARE\Microsoft\WwanSvc] [HKLM\SOFTWARE\Microsoft\XAML] [HKLM\SOFTWARE\Microsoft\XboxGameSaveStorage] [HKLM\SOFTWARE\Microsoft\XboxLive] [HKLM\SOFTWARE\Microsoft\XGameSaveStorage] [HKLM\Software\Microsoft\Windows\Autopilot] [HKLM\Software\Microsoft\Windows\ClickNote] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\Dwm] [HKLM\Software\Microsoft\Windows\DynamicManagement] [HKLM\Software\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\Microsoft\Windows\Heat] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\NcsiUwpApp] [HKLM\Software\Microsoft\Windows\Notepad] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\UpdateApi] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AarSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\autotimesvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BcastDVRUserService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\btagservice] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BthAppGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\Camera] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ClipboardSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\DevicesFlow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\diagnostics] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GraphicsPerfSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\rdxgroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\RmSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UdkSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs] [HKLM\Software\WOW6432Node\AGEIA Technologies] [HKLM\Software\WOW6432Node\ASIO] [HKLM\Software\WOW6432Node\ASIO4ALL] [HKLM\Software\WOW6432Node\ASUS] [HKLM\Software\WOW6432Node\Betternet] [HKLM\Software\WOW6432Node\Camel Audio] [HKLM\Software\WOW6432Node\Caphyon] [HKLM\Software\WOW6432Node\Codemasters] [HKLM\Software\WOW6432Node\dotnet] [HKLM\Software\WOW6432Node\DownloadCenter] [HKLM\Software\WOW6432Node\Dropbox] [HKLM\Software\WOW6432Node\DropboxUpdate] [HKLM\Software\WOW6432Node\EasyAntiCheat] [HKLM\Software\WOW6432Node\EasyBoot Systems] [HKLM\Software\WOW6432Node\Electronic Arts] [HKLM\Software\WOW6432Node\Epic Games] [HKLM\Software\WOW6432Node\EpicGames] [HKLM\Software\WOW6432Node\FabFilter] [HKLM\Software\WOW6432Node\GOG.com] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\Image-Line] [HKLM\Software\WOW6432Node\InstallShield] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\IObit] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\KasperskyLab] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\Lenovo] [HKLM\Software\WOW6432Node\McAfee] [HKLM\Software\WOW6432Node\Mephisto] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\MimarSinan] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\MSI] [HKLM\Software\WOW6432Node\Nefarius Software Solutions] [HKLM\Software\WOW6432Node\NVIDIA Corporation] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\OpenAL] [HKLM\Software\WOW6432Node\PCSX2] [HKLM\Software\WOW6432Node\Piriform] [HKLM\Software\WOW6432Node\Propellerhead Software] [HKLM\Software\WOW6432Node\Python] [HKLM\Software\WOW6432Node\qBittorrent] [HKLM\Software\WOW6432Node\Unwinder] [HKLM\Software\WOW6432Node\Valve] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\.NETFramework] [HKLM\Software\WOW6432Node\Microsoft\Active Setup] [HKLM\Software\WOW6432Node\Microsoft\ADs] [HKLM\Software\WOW6432Node\Microsoft\Advanced INF Setup] [HKLM\Software\WOW6432Node\Microsoft\AMSI] [HKLM\Software\WOW6432Node\Microsoft\AppServiceProtocols] [HKLM\Software\WOW6432Node\Microsoft\ASP.NET] [HKLM\Software\WOW6432Node\Microsoft\Assistance] [HKLM\Software\WOW6432Node\Microsoft\AuthHost] [HKLM\Software\WOW6432Node\Microsoft\BidInterface] [HKLM\Software\WOW6432Node\Microsoft\BitLockerCsp] [HKLM\Software\WOW6432Node\Microsoft\ClipboardServer] [HKLM\Software\WOW6432Node\Microsoft\Command Processor] [HKLM\Software\WOW6432Node\Microsoft\Cryptography] [HKLM\Software\WOW6432Node\Microsoft\CTF] [HKLM\Software\WOW6432Node\Microsoft\DataAccess] [HKLM\Software\WOW6432Node\Microsoft\DevDiv] [HKLM\Software\WOW6432Node\Microsoft\Device Association Framework] [HKLM\Software\WOW6432Node\Microsoft\Direct3D] [HKLM\Software\WOW6432Node\Microsoft\DirectDraw] [HKLM\Software\WOW6432Node\Microsoft\DirectInput] [HKLM\Software\WOW6432Node\Microsoft\DirectMusic] [HKLM\Software\WOW6432Node\Microsoft\DirectPlay] [HKLM\Software\WOW6432Node\Microsoft\DirectPlay8] [HKLM\Software\WOW6432Node\Microsoft\DirectPlayNATHelp] [HKLM\Software\WOW6432Node\Microsoft\DirectShow] [HKLM\Software\WOW6432Node\Microsoft\DirectX] [HKLM\Software\WOW6432Node\Microsoft\DRM] [HKLM\Software\WOW6432Node\Microsoft\DVDNavigator] [HKLM\Software\WOW6432Node\Microsoft\DVR] [HKLM\Software\WOW6432Node\Microsoft\EAPSIMMethods] [HKLM\Software\WOW6432Node\Microsoft\Edge] [HKLM\Software\WOW6432Node\Microsoft\EdgeUpdate] [HKLM\Software\WOW6432Node\Microsoft\ENROLLMENTS] [HKLM\Software\WOW6432Node\Microsoft\EnterpriseResourceManager] [HKLM\Software\WOW6432Node\Microsoft\Exchange] [HKLM\Software\WOW6432Node\Microsoft\F12] [HKLM\Software\WOW6432Node\Microsoft\Fax] [HKLM\Software\WOW6432Node\Microsoft\Feeds] [HKLM\Software\WOW6432Node\Microsoft\FilePicker] [HKLM\Software\WOW6432Node\Microsoft\Function Discovery] [HKLM\Software\WOW6432Node\Microsoft\Fusion] [HKLM\Software\WOW6432Node\Microsoft\GameOverlay] [HKLM\Software\WOW6432Node\Microsoft\HTMLHelp] [HKLM\Software\WOW6432Node\Microsoft\IdentityCRL] [HKLM\Software\WOW6432Node\Microsoft\IdentityStore] [HKLM\Software\WOW6432Node\Microsoft\IMAPI] [HKLM\Software\WOW6432Node\Microsoft\IME] [HKLM\Software\WOW6432Node\Microsoft\IMEJP] [HKLM\Software\WOW6432Node\Microsoft\IMEKR] [HKLM\Software\WOW6432Node\Microsoft\IMETC] [HKLM\Software\WOW6432Node\Microsoft\InputMethod] [HKLM\Software\WOW6432Node\Microsoft\InputPersonalization] [HKLM\Software\WOW6432Node\Microsoft\Internet Account Manager] [HKLM\Software\WOW6432Node\Microsoft\Internet Domains] [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer] [HKLM\Software\WOW6432Node\Microsoft\IsoBurn] [HKLM\Software\WOW6432Node\Microsoft\Jet] [HKLM\Software\WOW6432Node\Microsoft\MediaEngine] [HKLM\Software\WOW6432Node\Microsoft\MediaPlayer] [HKLM\Software\WOW6432Node\Microsoft\MessengerService] [HKLM\Software\WOW6432Node\Microsoft\Microsoft Camera Codec Pack] [HKLM\Software\WOW6432Node\Microsoft\MiracastReceiver] [HKLM\Software\WOW6432Node\Microsoft\MMC] [HKLM\Software\WOW6432Node\Microsoft\MSBuild] [HKLM\Software\WOW6432Node\Microsoft\MSDE] [HKLM\Software\WOW6432Node\Microsoft\MSDRM] [HKLM\Software\WOW6432Node\Microsoft\MSDTC] [HKLM\Software\WOW6432Node\Microsoft\MSF] [HKLM\Software\WOW6432Node\Microsoft\MSLicensing] [HKLM\Software\WOW6432Node\Microsoft\MSN Apps] [HKLM\Software\WOW6432Node\Microsoft\MTF] [HKLM\Software\WOW6432Node\Microsoft\Multimedia] [HKLM\Software\WOW6432Node\Microsoft\NET Framework Setup] [HKLM\Software\WOW6432Node\Microsoft\NetSh] [HKLM\Software\WOW6432Node\Microsoft\Network] [HKLM\Software\WOW6432Node\Microsoft\Notepad] [HKLM\Software\WOW6432Node\Microsoft\ODBC] [HKLM\Software\WOW6432Node\Microsoft\OEM] [HKLM\Software\WOW6432Node\Microsoft\Office] [HKLM\Software\WOW6432Node\Microsoft\Office Server] [HKLM\Software\WOW6432Node\Microsoft\OfficeSoftwareProtectionPlatform] [HKLM\Software\WOW6432Node\Microsoft\OnlineProviders] [HKLM\Software\WOW6432Node\Microsoft\Outlook Express] [HKLM\Software\WOW6432Node\Microsoft\Palm] [HKLM\Software\WOW6432Node\Microsoft\Personalization] [HKLM\Software\WOW6432Node\Microsoft\Photos] [HKLM\Software\WOW6432Node\Microsoft\PLA] [HKLM\Software\WOW6432Node\Microsoft\Policies] [HKLM\Software\WOW6432Node\Microsoft\PowerShell] [HKLM\Software\WOW6432Node\Microsoft\Print] [HKLM\Software\WOW6432Node\Microsoft\Provisioning] [HKLM\Software\WOW6432Node\Microsoft\RADAR] [HKLM\Software\WOW6432Node\Microsoft\RendezvousApps] [HKLM\Software\WOW6432Node\Microsoft\SchedulingAgent] [HKLM\Software\WOW6432Node\Microsoft\Schema Library] [HKLM\Software\WOW6432Node\Microsoft\Security Center] [HKLM\Software\WOW6432Node\Microsoft\Sensors] [HKLM\Software\WOW6432Node\Microsoft\Shared Tools] [HKLM\Software\WOW6432Node\Microsoft\Shared Tools Location] [HKLM\Software\WOW6432Node\Microsoft\Silverlight] [HKLM\Software\WOW6432Node\Microsoft\SoftGrid] [HKLM\Software\WOW6432Node\Microsoft\Software] [HKLM\Software\WOW6432Node\Microsoft\SPEECH] [HKLM\Software\WOW6432Node\Microsoft\Speech_OneCore] [HKLM\Software\WOW6432Node\Microsoft\SQMClient] [HKLM\Software\WOW6432Node\Microsoft\Sync Framework] [HKLM\Software\WOW6432Node\Microsoft\SystemSettings] [HKLM\Software\WOW6432Node\Microsoft\TableTextService] [HKLM\Software\WOW6432Node\Microsoft\TabletTip] [HKLM\Software\WOW6432Node\Microsoft\Tcpip] [HKLM\Software\WOW6432Node\Microsoft\Terminal Server Client] [HKLM\Software\WOW6432Node\Microsoft\TouchPrediction] [HKLM\Software\WOW6432Node\Microsoft\TPG] [HKLM\Software\WOW6432Node\Microsoft\Tpm] [HKLM\Software\WOW6432Node\Microsoft\Tracing] [HKLM\Software\WOW6432Node\Microsoft\TV System Services] [HKLM\Software\WOW6432Node\Microsoft\uDRM] [HKLM\Software\WOW6432Node\Microsoft\Updates] [HKLM\Software\WOW6432Node\Microsoft\UPnP Control Point] [HKLM\Software\WOW6432Node\Microsoft\UPnP Device Host] [HKLM\Software\WOW6432Node\Microsoft\VisualStudio] [HKLM\Software\WOW6432Node\Microsoft\VSTA Runtime Setup] [HKLM\Software\WOW6432Node\Microsoft\VSTO Runtime Setup] [HKLM\Software\WOW6432Node\Microsoft\WAB] [HKLM\Software\WOW6432Node\Microsoft\WBEM] [HKLM\Software\WOW6432Node\Microsoft\WIMMount] [HKLM\Software\WOW6432Node\Microsoft\Windows] [HKLM\Software\WOW6432Node\Microsoft\Windows Desktop Search] [HKLM\Software\WOW6432Node\Microsoft\Windows Kits] [HKLM\Software\WOW6432Node\Microsoft\Windows Mail] [HKLM\Software\WOW6432Node\Microsoft\Windows Media Device Manager] [HKLM\Software\WOW6432Node\Microsoft\Windows Media Foundation] [HKLM\Software\WOW6432Node\Microsoft\Windows Media Player NSS] [HKLM\Software\WOW6432Node\Microsoft\Windows Messaging Subsystem] [HKLM\Software\WOW6432Node\Microsoft\Windows NT] [HKLM\Software\WOW6432Node\Microsoft\Windows Photo Viewer] [HKLM\Software\WOW6432Node\Microsoft\Windows Portable Devices] [HKLM\Software\WOW6432Node\Microsoft\Windows Script Host] [HKLM\Software\WOW6432Node\Microsoft\WindowsRuntime] [HKLM\Software\WOW6432Node\Microsoft\WindowsUpdate] [HKLM\Software\WOW6432Node\Microsoft\Wisp] [HKLM\Software\WOW6432Node\Microsoft\WlanSvc] [HKLM\Software\WOW6432Node\Microsoft\WSDAPI] [HKLM\Software\WOW6432Node\Microsoft\WSE] [HKLM\Software\WOW6432Node\Microsoft\XNA] [HKLM\Software\WOW6432Node\Microsoft\Cellular] [HKLM\Software\WOW6432Node\Microsoft\COM3] [HKLM\Software\WOW6432Node\Microsoft\DeviceReg] [HKLM\Software\WOW6432Node\Microsoft\DFS] [HKLM\Software\WOW6432Node\Microsoft\Driver Signing] [HKLM\Software\WOW6432Node\Microsoft\EnterpriseCertificates] [HKLM\Software\WOW6432Node\Microsoft\EventSystem] [HKLM\Software\WOW6432Node\Microsoft\FingerKB] [HKLM\Software\WOW6432Node\Microsoft\FuzzyDS] [HKLM\Software\WOW6432Node\Microsoft\Input] [HKLM\Software\WOW6432Node\Microsoft\LanguageOverlay] [HKLM\Software\WOW6432Node\Microsoft\Messaging] [HKLM\Software\WOW6432Node\Microsoft\MSMQ] [HKLM\Software\WOW6432Node\Microsoft\MTFFuzzyFactors] [HKLM\Software\WOW6432Node\Microsoft\MTFInputType] [HKLM\Software\WOW6432Node\Microsoft\MTFKeyboardMappings] [HKLM\Software\WOW6432Node\Microsoft\Non-Driver Signing] [HKLM\Software\WOW6432Node\Microsoft\Ole] [HKLM\Software\WOW6432Node\Microsoft\Phone] [HKLM\Software\WOW6432Node\Microsoft\Pim] [HKLM\Software\WOW6432Node\Microsoft\Poom] [HKLM\Software\WOW6432Node\Microsoft\Ras] [HKLM\Software\WOW6432Node\Microsoft\Rpc] [HKLM\Software\WOW6432Node\Microsoft\SecurityManager] [HKLM\Software\WOW6432Node\Microsoft\Semgr] [HKLM\Software\WOW6432Node\Microsoft\Shell] [HKLM\Software\WOW6432Node\Microsoft\SystemCertificates] [HKLM\Software\WOW6432Node\Microsoft\TermServLicensing] [HKLM\Software\WOW6432Node\Microsoft\Transaction Server] [HKLM\Software\WOW6432Node\Microsoft\Unified Store] [HKLM\Software\WOW6432Node\Microsoft\UserData] [HKLM\Software\WOW6432Node\Microsoft\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\XAML] [HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\Dwm] [HKLM\Software\WOW6432Node\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\WOW6432Node\Microsoft\Windows\Heat] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\UpdateApi] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\AarSvc] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs] ---------- | Drives D: [26/05/2019 11:06:09] - |ASH| - (.-.) - [0] - (0.0.0.0) - D:\desktop.ini ---------- | C: [19/03/2019 06:52:43] - |SHD| - [516] - C:\$Recycle.Bin [28/01/2021 02:10:19] - |HD| - [0] - C:\$WinREAgent [MD5.F3B25701FE362EC84616A93A45CE9998] - [07/04/2021 21:48:52] - |A| - (.-.) - [2] - (0.0.0.0) - C:\AMFTrace.log [MD5.8EF9E4703A8BDAE0DD1DAE561A23D891] - [22/08/2020 13:46:12] - |AH| - (.-.) - [13702] - (0.0.0.0) - C:\devlist.txt [10/12/2020 07:55:23] - |SHD| - [0] - C:\Documents and Settings [31/03/2021 10:44:38] - |D| - [68621003] - C:\DRIVERS [MD5.90C45B904B0D505463280EE427B6AA04] - [05/04/2021 15:53:54] - |ASH| - (.-.) - [8192] - (0.0.0.0) - C:\DumpStack.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [27/05/2021 23:37:12] - |ASH| - (.-.) - [8192] - (0.0.0.0) - C:\DumpStack.log.tmp [23/10/2019 21:34:17] - |D| - [2214564347] - C:\eSupport [MD5.01224851F19C9423A1D7E06F44DBFB6A] - [22/08/2020 13:46:12] - |AH| - (.-.) - [9] - (0.0.0.0) - C:\Finish.log [20/01/2021 12:27:31] - |D| - [6795675] - C:\Fraps [10/12/2020 01:55:43] - |D| - [103542406510] - C:\Games [MD5.D41D8CD98F00B204E9800998ECF8427E] - [28/01/2021 10:30:55] - |ASH| - (.-.) - [6630731776] - (0.0.0.0) - C:\hiberfil.sys [22/07/2021 10:51:46] - |D| - [277313] - C:\Look_my_hardware [29/05/2021 10:16:40] - |D| - [64] - C:\Microsoft [10/12/2020 08:09:08] - |HD| - [0] - C:\OneDriveTemp [MD5.D41D8CD98F00B204E9800998ECF8427E] - [27/05/2021 23:37:16] - |ASH| - (.-.) - [3087007744] - (0.0.0.0) - C:\pagefile.sys [07/12/2019 11:14:52] - |D| - [0] - C:\PerfLogs [07/12/2019 11:14:52] - |RD| - [100697920305] - C:\Program Files [07/12/2019 11:14:52] - |RD| - [17537388670] - C:\Program Files (x86) [07/12/2019 11:14:52] - |HD| - [25717968562] - C:\ProgramData [22/07/2021 12:13:17] - |D| - [33] - C:\QuickDiag [MD5.8D7ACC268735A686E9BE7DC91EF714E6] - [22/07/2021 12:13:30] - |A| - (.-.) - [266903] - (0.0.0.0) - C:\QuickDiag.txt [22/08/2020 14:11:50] - |HD| - [3972013657] - C:\Recovery [09/12/2020 20:41:00] - |D| - [437359525] - C:\Riot Games [MD5.E480B3A7D35AD1FF6C9FBB3B0854BC90] - [28/03/2021 22:22:21] - |A| - (.-.) - [17824] - (0.0.0.0) - C:\savegame@profile0#NXDTVPKI.LKR [MD5.2F7D3E51D71ADED09AB2A8E269B1D979] - [28/03/2021 22:22:23] - |A| - (.-.) - [244336] - (0.0.0.0) - C:\savegame@profile0#QKIGMYYI.LKR [MD5.83691340CE76E3149038F22BF301BB21] - [28/03/2021 22:22:25] - |A| - (.-.) - [416] - (0.0.0.0) - C:\savegame@profile0#QKRHMYXE [MD5.D41D8CD98F00B204E9800998ECF8427E] - [22/08/2020 13:13:17] - |ASH| - (.-.) - [16777216] - (0.0.0.0) - C:\swapfile.sys [22/08/2020 14:05:34] - |SHD| - [0] - C:\System Volume Information [07/12/2019 11:03:44] - |RD| - [96370127067] - C:\Users [07/12/2019 11:03:44] - |D| - [25444728280] - C:\Windows ---------- | C:\WINDOWS [07/12/2019 16:51:10] - |D| - [802] - C:\WINDOWS\addins [07/12/2019 11:14:52] - |D| - [17490908] - C:\WINDOWS\appcompat [07/12/2019 11:14:52] - |D| - [9866914] - C:\WINDOWS\apppatch [07/12/2019 11:14:52] - |D| - [0] - C:\WINDOWS\AppReadiness [MD5.FAC6750920FEE40FAB5EC1B2F5709510] - [25/05/2020 09:58:49] - |A| - (.-.) - [23] - (0.0.0.0) - C:\WINDOWS\AsDCDVer.txt [MD5.D75B9630A77CE0051AE9958D6C38F5A6] - [16/09/2019 09:23:09] - |A| - (.-.) - [67] - (0.0.0.0) - C:\WINDOWS\AsEDNVer.txt [MD5.034B9299380552B9F8F218FCD2121901] - [23/10/2019 21:34:18] - |A| - (.-.) - [22] - (0.0.0.0) - C:\WINDOWS\AsHDIVer.txt [MD5.329BD8FA85A4AE9800C0D9517A8F20A3] - [31/10/2019 10:34:51] - |A| - (.-.) - [72] - (0.0.0.0) - C:\WINDOWS\AsKitVer.txt [MD5.8AB0637B50DAB0BEA78631F318F6612B] - [18/09/2019 04:50:54] - |A| - (.-.) - [79] - (0.0.0.0) - C:\WINDOWS\AsOFSVer.txt [MD5.CBCD32A4B306C1F06AFBA5AF063BFDDB] - [22/08/2020 14:12:55] - |A| - (.-.) - [97] - (0.0.0.0) - C:\WINDOWS\AsPEToolVer.txt [MD5.3E1AF6E6E07FAE37F9EA98EEFBE2C5F4] - [22/08/2020 14:11:46] - |A| - (.-.) - [64] - (0.0.0.0) - C:\WINDOWS\AsProcKitVer.txt [07/12/2019 11:14:52] - |RSD| - [1605673615] - C:\WINDOWS\assembly [MD5.643CF39B102ADDEA14CEC06794CF4093] - [22/08/2020 14:12:55] - |A| - (.-.) - [48] - (0.0.0.0) - C:\WINDOWS\AsToolCDVer.txt [23/10/2019 21:34:17] - |AD| - [5211411] - C:\WINDOWS\ASUS [07/12/2019 11:14:52] - |D| - [785153] - C:\WINDOWS\bcastdvr [MD5.862251351EC170BB3BD59CB219491811] - [28/01/2021 10:19:49] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [77824] - (10.0.19041.746) - C:\WINDOWS\bfsvc.exe [07/12/2019 11:14:52] - |D| - [40888226] - C:\WINDOWS\Boot [MD5.7D3F44AEDD37696219CBABB29E903182] - [28/01/2021 10:25:20] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat.dat [07/12/2019 11:14:52] - |D| - [2450416] - C:\WINDOWS\Branding [07/12/2019 11:03:44] - |D| - [0] - C:\WINDOWS\CbsTemp [07/12/2019 11:14:52] - |D| - [32141514] - C:\WINDOWS\Containers [MD5.C6C52AF48A75DCC59644DC894D2F524E] - [07/12/2019 16:53:23] - |A| - (.-.) - [29857] - (0.0.0.0) - C:\WINDOWS\Core.xml [MD5.1F334AC7713E228137147CBFBB7BC9AA] - [07/10/2019 05:07:22] - |A| - (.-.) - [33951] - (0.0.0.0) - C:\WINDOWS\CoreSingleLanguage.xml [MD5.2E3A23809A1DAD18DAB6D705885712EB] - [23/10/2019 21:38:14] - |A| - (.-.) - [10] - (0.0.0.0) - C:\WINDOWS\csup.txt [07/12/2019 11:14:52] - |D| - [11501377] - C:\WINDOWS\Cursors [07/12/2019 11:14:52] - |D| - [177212] - C:\WINDOWS\debug [MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [28/01/2021 10:35:04] - |A| - (.-.) - [7623] - (0.0.0.0) - C:\WINDOWS\diagerr.xml [07/12/2019 11:14:52] - |D| - [4307035] - C:\WINDOWS\diagnostics [07/12/2019 11:14:52] - |D| - [1701843] - C:\WINDOWS\DiagTrack [MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [28/01/2021 10:35:04] - |A| - (.-.) - [7623] - (0.0.0.0) - C:\WINDOWS\diagwrn.xml [07/12/2019 16:49:55] - |D| - [0] - C:\WINDOWS\DigitalLocker [07/12/2019 11:14:52] - |SD| - [65] - C:\WINDOWS\Downloaded Program Files [MD5.AB63F17BF2084F30CE2668EF53894C1F] - [21/07/2021 18:09:03] - |A| - (.-.) - [10706] - (0.0.0.0) - C:\WINDOWS\DPINST.LOG [07/12/2019 11:14:52] - |HD| - [88344] - C:\WINDOWS\ELAMBKUP [07/12/2019 16:49:55] - |D| - [0] - C:\WINDOWS\en-US [MD5.FD5541611456E27D8BF3E90DDA34DC4E] - [14/07/2021 13:36:04] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4894304] - (10.0.19041.1110) - C:\WINDOWS\explorer.exe [11/12/2020 07:57:44] - |D| - [33558528] - C:\WINDOWS\Firmware [07/12/2019 11:14:52] - |RSD| - [378775994] - C:\WINDOWS\Fonts [07/12/2019 16:49:55] - |D| - [111616] - C:\WINDOWS\fr-FR [07/12/2019 11:14:52] - |D| - [0] - C:\WINDOWS\GameBarPresenceWriter [07/12/2019 11:14:52] - |D| - [57013073] - C:\WINDOWS\Globalization [07/12/2019 11:14:52] - |D| - [1315831] - C:\WINDOWS\Help [MD5.86AE3BE50DF246C646DA76E7223A968E] - [15/04/2021 06:24:25] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [1076736] - (10.0.19041.906) - C:\WINDOWS\HelpPane.exe [MD5.2C8FE78D53C8CA27523A71DFD2938241] - [07/12/2019 11:09:39] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [18432] - (10.0.19041.1) - C:\WINDOWS\hh.exe [07/12/2019 11:14:52] - |D| - [30327] - C:\WINDOWS\IdentityCRL [07/12/2019 11:14:52] - |D| - [28822470] - C:\WINDOWS\IME [07/12/2019 11:14:52] - |RD| - [8171529] - C:\WINDOWS\ImmersiveControlPanel [07/12/2019 11:13:02] - |D| - [73287165] - C:\WINDOWS\INF [07/12/2019 11:14:52] - |D| - [38193580] - C:\WINDOWS\InputMethod [07/12/2019 11:14:52] - |SHD| - [517950156] - C:\WINDOWS\Installer [07/12/2019 11:14:52] - |D| - [109650] - C:\WINDOWS\L2Schemas [07/12/2019 11:14:52] - |HD| - [0] - C:\WINDOWS\LanguageOverlayCache [19/07/2021 16:54:03] - |D| - [130925092] - C:\WINDOWS\LastGood.Tmp [20/06/2021 12:14:27] - |D| - [36083920] - C:\WINDOWS\Lenovo [07/12/2019 11:14:52] - |D| - [0] - C:\WINDOWS\LiveKernelReports [23/10/2019 21:34:17] - |D| - [94718379] - C:\WINDOWS\Log [07/12/2019 11:14:52] - |D| - [27289305] - C:\WINDOWS\Logs [07/12/2019 11:14:52] - |RSD| - [20063519] - C:\WINDOWS\Media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [07/12/2019 11:08:58] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\WINDOWS\mib.bin [07/12/2019 11:14:52] - |RD| - [845573557] - C:\WINDOWS\Microsoft.NET [07/12/2019 11:14:52] - |D| - [3323] - C:\WINDOWS\Migration [04/04/2021 18:39:52] - |D| - [0] - C:\WINDOWS\Minidump [07/12/2019 11:14:52] - |D| - [0] - C:\WINDOWS\ModemLogs [10/12/2020 10:21:24] - |HD| - [0] - C:\WINDOWS\msdownld.tmp [MD5.1C1760ED4D19CDBECB2398216922628B] - [27/06/2021 02:41:59] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [211968] - (10.0.19041.1081) - C:\WINDOWS\notepad.exe [MD5.74F28574BB8F61FFC7DD419FE6B6E0D5] - [22/08/2020 13:17:54] - |A| - (.-.) - [1951] - (0.0.0.0) - C:\WINDOWS\NvContainerRecovery.bat [07/12/2019 16:51:57] - |D| - [199472] - C:\WINDOWS\OCR [22/08/2020 13:36:31] - |D| - [673] - C:\WINDOWS\OEM [07/12/2019 11:14:52] - |RD| - [65] - C:\WINDOWS\Offline Web Pages [28/01/2021 02:14:24] - |DC| - [24461] - C:\WINDOWS\Panther [07/12/2019 11:14:52] - |D| - [267146] - C:\WINDOWS\Performance [MD5.263DBB1A94222941FE980F3D3DFC98D0] - [18/07/2021 10:48:48] - |A| - (.-.) - [24324] - (0.0.0.0) - C:\WINDOWS\PFRO.log [MD5.B7824AA504CD7A2A6A930B72BB7DD2F3] - [07/05/2020 00:44:48] - |A| - (.-.) - [5304] - (0.0.0.0) - C:\WINDOWS\PidVid_List [07/12/2019 11:14:52] - |D| - [1136442] - C:\WINDOWS\PLA [07/12/2019 11:14:52] - |D| - [2932885] - C:\WINDOWS\PolicyDefinitions [28/01/2021 10:28:45] - |D| - [6400993] - C:\WINDOWS\Prefetch [07/12/2019 11:14:52] - |RD| - [2234380] - C:\WINDOWS\PrintDialog [07/12/2019 11:14:52] - |D| - [6067475] - C:\WINDOWS\Provisioning [MD5.59DC586EF072B1108CF6C7CF747D0403] - [17/08/2020 18:02:28] - |A| - (.Copyright © 2001-2016 Python Software Foundation. Copyright © 2000 BeOpen.com. Copyright © 1995-2001 CNRI. Copyright © 1991-1995 SMC. - Python.) - [904720] - (3.7.9150.1013) - C:\WINDOWS\py.exe [MD5.E85D92534703B1243D81BAE6DCEB8136] - [17/08/2020 18:04:32] - |A| - (.Copyright © 2001-2016 Python Software Foundation. Copyright © 2000 BeOpen.com. Copyright © 1995-2001 CNRI. Copyright © 1991-1995 SMC. - Python.) - [57360] - (3.7.9150.1013) - C:\WINDOWS\pyshellext.amd64.dll [MD5.726A12552F691C90D7C11E3835289452] - [17/08/2020 18:02:28] - |A| - (.Copyright © 2001-2016 Python Software Foundation. Copyright © 2000 BeOpen.com. Copyright © 1995-2001 CNRI. Copyright © 1991-1995 SMC. - Python.) - [905232] - (3.7.9150.1013) - C:\WINDOWS\pyw.exe [MD5.999A30979F6195BF562068639FFC4426] - [28/01/2021 10:20:43] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [370176] - (10.0.19041.746) - C:\WINDOWS\regedit.exe [07/12/2019 11:14:52] - |D| - [22588] - C:\WINDOWS\Registration [07/12/2019 11:14:52] - |D| - [16979176] - C:\WINDOWS\rescache [07/12/2019 11:14:52] - |D| - [4962931] - C:\WINDOWS\Resources [MD5.1AAF252B7F200A88CF224B5AA1CCFDA1] - [07/05/2020 00:54:16] - |A| - (.Realtek All Rights Reserved - Realtek Bluetooth BTDevManager Service Application.) - [757552] - (1.1.45.1) - C:\WINDOWS\RtkBtManServ.exe [MD5.37139100C409E022A64E90C0E0865184] - [07/05/2020 00:44:48] - |A| - (.-.) - [62340] - (0.0.0.0) - C:\WINDOWS\rtl8723d_mp_chip_bt40_fw_asic_rom_patch_new [MD5.475106177B1A9C5703F37E466C55A58C] - [07/05/2020 00:44:48] - |A| - (.-.) - [49480] - (0.0.0.0) - C:\WINDOWS\rtl8821c_mp_chip_bt40_fw_asic_rom_patch_new [MD5.232E79890E4DBEFBF7C78D95C19F4249] - [07/05/2020 00:44:48] - |A| - (.-.) - [50288] - (0.0.0.0) - C:\WINDOWS\rtl8822b_mp_chip_bt40_fw_asic_rom_patch_new [MD5.F3044C6592ABD546E101920D92E31350] - [07/05/2020 00:44:48] - |A| - (.-.) - [58616] - (0.0.0.0) - C:\WINDOWS\rtl8822c_mp_chip_bt40_fw_asic_rom_patch_new [07/12/2019 11:14:52] - |D| - [0] - C:\WINDOWS\SchCache [07/12/2019 11:14:52] - |D| - [126782] - C:\WINDOWS\schemas [07/12/2019 11:14:52] - |D| - [5318240] - C:\WINDOWS\security [28/01/2021 10:24:50] - |D| - [70097578] - C:\WINDOWS\ServiceProfiles [07/12/2019 11:14:52] - |D| - [4096] - C:\WINDOWS\ServiceState [07/12/2019 11:03:44] - |D| - [3309148091] - C:\WINDOWS\servicing [07/12/2019 11:18:25] - |D| - [98315] - C:\WINDOWS\Setup [MD5.AC65BC2DE3C960D3E067A28436665BA6] - [19/07/2021 16:54:20] - |A| - (.-.) - [41752] - (0.0.0.0) - C:\WINDOWS\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [19/07/2021 16:54:20] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\setuperr.log [07/12/2019 11:14:52] - |D| - [5500416] - C:\WINDOWS\ShellComponents [07/12/2019 11:14:52] - |D| - [39476736] - C:\WINDOWS\ShellExperiences [07/12/2019 11:14:52] - |D| - [3070736] - C:\WINDOWS\SKB [22/08/2020 13:17:00] - |D| - [39728341] - C:\WINDOWS\SoftwareDistribution [07/12/2019 11:14:52] - |D| - [86037697] - C:\WINDOWS\Speech [07/12/2019 11:14:52] - |D| - [64508236] - C:\WINDOWS\Speech_OneCore [MD5.04D8E1F5355152807A7B8EB12F18C61F] - [08/07/2021 02:14:18] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [136192] - (10.0.19041.1083) - C:\WINDOWS\splwow64.exe [07/12/2019 11:14:52] - |D| - [31039] - C:\WINDOWS\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [19/03/2019 06:49:35] - |A| - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\system.ini [07/12/2019 11:03:44] - |D| - [7052197543] - C:\WINDOWS\System32 [07/12/2019 11:14:52] - |D| - [147015118] - C:\WINDOWS\SystemApps [07/12/2019 11:14:52] - |D| - [167483745] - C:\WINDOWS\SystemResources [07/12/2019 11:14:52] - |D| - [1384958389] - C:\WINDOWS\SysWOW64 [07/12/2019 11:14:52] - |D| - [0] - C:\WINDOWS\TAPI [19/03/2019 06:52:46] - |D| - [2648] - C:\WINDOWS\Tasks [07/12/2019 11:14:52] - |D| - [8837761] - C:\WINDOWS\Temp [19/03/2019 06:52:46] - |D| - [13788672] - C:\WINDOWS\TextInput [07/12/2019 11:14:52] - |D| - [0] - C:\WINDOWS\tracing [07/12/2019 11:14:52] - |D| - [7680] - C:\WINDOWS\twain_32 [MD5.AFE119DD4E17891B227684F38AA25D4D] - [07/12/2019 11:10:00] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [65024] - (1.7.1.3) - C:\WINDOWS\twain_32.dll [07/12/2019 11:14:52] - |D| - [12420] - C:\WINDOWS\Vss [07/12/2019 11:14:52] - |D| - [33190] - C:\WINDOWS\WaaS [07/12/2019 11:14:52] - |D| - [16568315] - C:\WINDOWS\Web [MD5.23CF8138F49416231807E6DE371FB9E6] - [19/03/2019 06:49:35] - |A| - (.-.) - [92] - (0.0.0.0) - C:\WINDOWS\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [07/12/2019 11:09:09] - |RAH| - (.-.) - [670] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest [MD5.2CC83D93DD1DDE691158CF5E9882420B] - [18/07/2021 10:49:15] - |A| - (.-.) - [276] - (0.0.0.0) - C:\WINDOWS\WindowsUpdate.log [MD5.0629E6D130F226C009EA9AB329F37ACC] - [07/12/2019 11:10:00] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [11776] - (10.0.19041.1) - C:\WINDOWS\winhlp32.exe [MD5.DF7F10E35A52E1E35589F3ECAACCB380] - [13/12/2020 21:04:43] - |A| - (.-.) - [60] - (0.0.0.0) - C:\WINDOWS\wininit.ini [07/12/2019 11:03:44] - |D| - [8954919967] - C:\WINDOWS\WinSxS [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [07/12/2019 11:10:11] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx [MD5.B947CCA7F485F6C1156F4D02E8C9874F] - [07/12/2019 16:52:21] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.19041.1) - C:\WINDOWS\write.exe ---------- | C:\WINDOWS\System32\GroupPolicy [MD5.AD3327F17D5198769F3C4DCFDFEDDBD0] - [04/01/2021 13:51:26] - |A| - (.-.) - [128] - (0.0.0.0) - C:\WINDOWS\System32\GroupPolicy\gpt.ini [04/01/2021 13:51:26] - |D| - [192] - C:\WINDOWS\System32\GroupPolicy\Machine [04/01/2021 13:51:26] - |D| - [0] - C:\WINDOWS\System32\GroupPolicy\User ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [18/06/2020 12:28:42] - C:\WINDOWS\Installer\110b2c.msi : (Epic Games Launcher Prerequisites (x64) - Epic Games, Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [05/04/2021 16:08:55] - C:\WINDOWS\Installer\1c6a9.msi : (ScpToolkit - Nefarius Software Solutions) [Header ok : D0CF11E0A1B11AE10000000000000000] [28/01/2019 03:14:16] - C:\WINDOWS\Installer\1edd8.msi : ( - ASUS) [Header ok : D0CF11E0A1B11AE10000000000000000] [17/04/2019 08:19:22] - C:\WINDOWS\Installer\1eddc.msi : ( - ASUSTeK COMPUTER INC.) [Header ok : D0CF11E0A1B11AE10000000000000000] [17/05/2019 23:28:34] - C:\WINDOWS\Installer\1ede0.msi : (ASUS Aac_NBDT HAL - ASUSTek COMPUTER INC.) [Header ok : D0CF11E0A1B11AE10000000000000000] [13/05/2019 20:40:20] - C:\WINDOWS\Installer\1ede4.msi : (Display HAL Component - ASUSTek COMPUTER INC.) [Header ok : D0CF11E0A1B11AE10000000000000000] [13/05/2019 20:34:16] - C:\WINDOWS\Installer\1ede8.msi : (AacAudio HAL Component - ASUSTek COMPUTER INC.) [Header ok : D0CF11E0A1B11AE10000000000000000] [12/04/2019 20:00:06] - C:\WINDOWS\Installer\1edec.msi : (ASUS Keyboard HAL - ASUSTek COMPUTER INC.) [Header ok : D0CF11E0A1B11AE10000000000000000] [14/05/2019 19:25:08] - C:\WINDOWS\Installer\1edf0.msi : (ASUS Mouse HAL - ASUSTek COMPUTER INC.) [Header ok : D0CF11E0A1B11AE10000000000000000] [06/05/2019 23:58:06] - C:\WINDOWS\Installer\1edf4.msi : (ASUS MB Peripheral Products - ASUSTeK Computer Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [17/08/2020 19:00:40] - C:\WINDOWS\Installer\29607d23.msi : (Python 3.7.9 Core Interpreter (64-bit) - Python Software Foundation) [Header ok : D0CF11E0A1B11AE10000000000000000] [17/08/2020 19:01:02] - C:\WINDOWS\Installer\29607d28.msi : (Python 3.7.9 Development Libraries (64-bit) - Python Software Foundation) [Header ok : D0CF11E0A1B11AE10000000000000000] [17/08/2020 19:01:14] - C:\WINDOWS\Installer\29607d2d.msi : (Python 3.7.9 Executables (64-bit) - Python Software Foundation) [Header ok : D0CF11E0A1B11AE10000000000000000] [17/08/2020 19:01:36] - C:\WINDOWS\Installer\29607d32.msi : (Python 3.7.9 Standard Library (64-bit) - Python Software Foundation) [Header ok : D0CF11E0A1B11AE10000000000000000] [17/08/2020 19:02:42] - C:\WINDOWS\Installer\29607d37.msi : (Python 3.7.9 Test Suite (64-bit) - Python Software Foundation) [Header ok : D0CF11E0A1B11AE10000000000000000] [17/08/2020 19:01:10] - C:\WINDOWS\Installer\29607d3c.msi : (Python 3.7.9 Documentation (64-bit) - Python Software Foundation) [Header ok : D0CF11E0A1B11AE10000000000000000] [17/08/2020 19:02:50] - C:\WINDOWS\Installer\29607d41.msi : (Python 3.7.9 Utility Scripts (64-bit) - Python Software Foundation) [Header ok : D0CF11E0A1B11AE10000000000000000] [17/08/2020 19:02:20] - C:\WINDOWS\Installer\29607d46.msi : (Python 3.7.9 Tcl/Tk Support (64-bit) - Python Software Foundation) [Header ok : D0CF11E0A1B11AE10000000000000000] [17/08/2020 18:04:36] - C:\WINDOWS\Installer\29607d4b.msi : (Python Launcher - Python Software Foundation) [Header ok : D0CF11E0A1B11AE10000000000000000] [17/08/2020 19:02:06] - C:\WINDOWS\Installer\29607d50.msi : (Python 3.7.9 pip Bootstrap (64-bit) - Python Software Foundation) [Header ok : D0CF11E0A1B11AE10000000000000000] [17/08/2020 19:02:04] - C:\WINDOWS\Installer\29607d55.msi : (Python 3.7.9 Add to Path (64-bit) - Python Software Foundation) [Header ok : D0CF11E0A1B11AE10000000000000000] [15/04/2021 05:14:17] - C:\WINDOWS\Installer\29974ed6.msi : (ASUS Update Helper - ASUSTeK Computer Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [29/04/2021 12:13:48] - C:\WINDOWS\Installer\31005472.msi : (Java Auto Updater - Oracle Corporation) [Header ok : D0CF11E0A1B11AE10000000000000000] [29/03/2021 11:20:44] - C:\WINDOWS\Installer\310590e.msi : (ASUS Framework Service - ASUSTek COMPUTER INC.) [Header ok : D0CF11E0A1B11AE10000000000000000] [28/06/2021 11:19:40] - C:\WINDOWS\Installer\4b06863.msi : (ROG Live Service - ASUSTek COMPUTER INC.) [Header ok : D0CF11E0A1B11AE10000000000000000] [09/04/2021 18:29:02] - C:\WINDOWS\Installer\53ea39a.msi : (ASUS Aura SDK - ASUSTek COMPUTER INC.) [Header ok : D0CF11E0A1B11AE10000000000000000] [14/05/2021 14:17:34] - C:\WINDOWS\Installer\53ea3a2.msi : (ASUS AURA Service - ASUSTeK Computer Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [08/06/2021 10:45:47] - C:\WINDOWS\Installer\53ea3b6.msi : ( - ASUS) [Header ok : D0CF11E0A1B11AE10000000000000000] [08/06/2021 10:45:47] - C:\WINDOWS\Installer\53ea3bb.msi : ( - ASUS) [Header ok : D0CF11E0A1B11AE10000000000000000] [07/01/2021 19:00:04] - C:\WINDOWS\Installer\5bf4fe6.msi : (Epic Online Services - Epic Games, Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [08/04/2021 18:36:56] - C:\WINDOWS\Installer\86522ba.msi : (Kaspersky VPN - Kaspersky) [Header ok : D0CF11E0A1B11AE10000000000000000] [13/12/2020 00:00:29] - C:\WINDOWS\Installer\86f508d.msi : (Betternet for Windows 5.3.0.433 - Betternet Technologies Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [13/12/2020 04:46:22] - C:\WINDOWS\Installer\9749a62.msi : (Kontakt Setup - Native Instruments) [Header ok : D0CF11E0A1B11AE10000000000000000] [17/04/2021 10:00:46] - C:\WINDOWS\Installer\9e89109.msi : (Kaspersky Internet Security - Kaspersky) [Header ok : D0CF11E0A1B11AE10000000000000000] [27/09/2019 07:33:36] - C:\WINDOWS\Installer\b6251.msi : ( - ASUS) [Header ok : D0CF11E0A1B11AE10000000000000000] [24/06/2021 10:41:57] - C:\WINDOWS\Installer\e06035b.msi : (Dropbox Update Helper - Dropbox, Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [28/06/2011 22:27:28] - [4028928] - (.().-. - ()) - C:\WINDOWS\Installer\11686e88.msp [28/06/2011 22:21:32] - [4637184] - (.().-. - ()) - C:\WINDOWS\Installer\1168acd7.msp [07/07/2021 13:26:45] - [307200] - (.().-. - ()) - C:\WINDOWS\Installer\23f801c6.msp [22/01/2021 02:32:47] - [819200] - (.().-. - ()) - C:\WINDOWS\Installer\240da802.msp [07/07/2021 23:14:57] - [53248] - (.().-. - ()) - C:\WINDOWS\Installer\26123d8e.msp [20/05/2021 13:38:55] - [610304] - (.().-. - ()) - C:\WINDOWS\Installer\264bed38.msp [19/04/2021 11:56:34] - [606208] - (.().-. - ()) - C:\WINDOWS\Installer\52d7.msp [17/06/2021 10:32:30] - [307200] - (.().-. - ()) - C:\WINDOWS\Installer\a5ddd5c.msp [17/06/2021 22:59:29] - [49152] - (.().-. - ()) - C:\WINDOWS\Installer\d0983a5.msp ---------- | %System%\*.in* [07/12/2019 11:09:39] - [3329] - C:\WINDOWS\System32\ieuinit.inf [20/06/2021 12:14:24] - [62448] - C:\WINDOWS\System32\ImController.InfInstaller.exe [13/07/2021 14:56:19] - [19911] - C:\WINDOWS\System32\iMDriver.inf [20/06/2021 12:14:50] - [829] - C:\WINDOWS\System32\InstallUtil.InstallLog [28/01/2021 10:38:44] - [1770910] - C:\WINDOWS\System32\PerfStringBackup.INI [07/12/2019 11:09:05] - [60124] - C:\WINDOWS\System32\tcpmon.ini [07/12/2019 11:08:46] - [2404] - C:\WINDOWS\System32\WimBootCompress.ini [07/12/2019 11:10:00] - [3329] - C:\WINDOWS\Syswow64\ieuinit.inf [07/12/2019 11:09:22] - [2404] - C:\WINDOWS\Syswow64\WimBootCompress.ini ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\AppPatch\Custom\Custom64 [MD5.FFDFF1DAB879927827ABF9527D14646C] - |A| - [18/07/2021 10:46:37] - (.-.) - [18.53 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\catalog.json [MD5.07D44F5E19FC45AA9A099CC9B8C2380A] - |A| - [19/07/2021 21:52:21] - (.-.) - [49.24 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\chrome_installer.log [MD5.00000000000000000000000000000000] - |D| - [20/07/2021 23:58:49] - [48.8 Ko] - C:\WINDOWS\Temp\cpuz145 [MD5.00000000000000000000000000000000] - |D| - [19/07/2021 21:52:21] - [0.04 Ko] - C:\WINDOWS\Temp\Crashpad [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [18/07/2021 11:04:30] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\FXSAPIDebugLogFile.txt [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [18/07/2021 11:04:30] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\FXSTIFFDebugLogFile.txt [MD5.2A467252A8042ADB4C967589F71B786D] - |A| - [18/07/2021 10:48:59] - (.-.) - [10.39 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\HamachiSetup.log [MD5.9A3F2148B56C3D4045B4E071B66D1B6B] - |A| - [20/07/2021 00:21:32] - (.-.) - [0.1 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\httputitlity-2021-07-20.log [MD5.22F3AB7890CB6C87EE9AD0C3363249F2] - |A| - [15/07/2021 01:30:26] - (.-.) - [592.43 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210715-0130.log [MD5.939651CD21467779B168878F746A595F] - |A| - [17/07/2021 11:14:14] - (.-.) - [49.91 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210717-1114.log [MD5.BD1E33BB532AB9AC2DCED7632FBD5111] - |A| - [17/07/2021 12:52:07] - (.-.) - [51.63 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210717-1252.log [MD5.A7143DF19118BB94CA22CED2D6CDA02B] - |A| - [17/07/2021 13:46:04] - (.-.) - [51.18 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210717-1346.log [MD5.2A800C76079C3D33A440A0F79D361102] - |A| - [17/07/2021 18:51:01] - (.-.) - [54.88 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210717-1851.log [MD5.B6D0FE5DD3CF75E449CB004503A4D998] - |A| - [17/07/2021 18:51:14] - (.-.) - [497.31 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210717-1851a.log [MD5.4233C02BE098FB5C26F9B199AE5866FF] - |A| - [17/07/2021 18:54:11] - (.-.) - [475.25 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210717-1854.log [MD5.0CAED449F6378B849DB13F96B75B5F0F] - |A| - [17/07/2021 18:54:31] - (.-.) - [24.37 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210717-1854a.log [MD5.F1D4665C0F8284327367F168CF48B9E8] - |A| - [17/07/2021 18:54:39] - (.-.) - [38.26 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210717-1854b.log [MD5.1048341C864E7D7CFBBE281229729127] - |A| - [17/07/2021 19:19:30] - (.-.) - [52.33 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210717-1919.log [MD5.EB641E04974793E81A3C7F57FD433177] - |A| - [17/07/2021 20:40:37] - (.-.) - [52.45 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210717-2040.log [MD5.24451E761E2E516A18E949851926521F] - |A| - [17/07/2021 20:45:43] - (.-.) - [52.44 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210717-2045.log [MD5.143775E3A7B275C74B9381C469EDC7C2] - |A| - [17/07/2021 21:21:13] - (.-.) - [52.35 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210717-2121.log [MD5.0FE6E071347042D1C93A1B05F0D436E6] - |A| - [17/07/2021 21:26:16] - (.-.) - [52.35 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210717-2126.log [MD5.FAF227332199B7E8F5BC1B984EA8D9BE] - |A| - [17/07/2021 22:15:30] - (.-.) - [52.45 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210717-2215.log [MD5.83218E8D984597A5CC6372FD3433795B] - |A| - [17/07/2021 22:34:25] - (.-.) - [51.81 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210717-2234.log [MD5.F8A1F6775317F3F862B7EBFADE3CFC08] - |A| - [17/07/2021 22:43:17] - (.-.) - [52.45 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210717-2243.log [MD5.002D235A9ECBD2BE9915495832596F44] - |A| - [17/07/2021 22:48:56] - (.-.) - [52.43 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210717-2248.log [MD5.BEEE73E58AF06A910F16A64075D7BAF5] - |A| - [17/07/2021 23:06:01] - (.-.) - [52.45 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210717-2306.log [MD5.56CDFC347B3018262D7BC746E187199F] - |A| - [17/07/2021 23:35:05] - (.-.) - [52.45 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210717-2335.log [MD5.D6F6293CBA5BA436CDB1F541D7576A49] - |A| - [18/07/2021 00:16:40] - (.-.) - [50.1 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210718-0016.log [MD5.11690FF3C22BC8BCD9D64164C1A87A3F] - |A| - [18/07/2021 00:59:32] - (.-.) - [51.08 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210718-0059.log [MD5.506137AE3B9B4E9F73257BEB223BD2D7] - |A| - [18/07/2021 01:07:53] - (.-.) - [51.08 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210718-0107.log [MD5.5131FA314336D5922524C217B8EC9C42] - |A| - [18/07/2021 01:49:28] - (.-.) - [52.45 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210718-0149.log [MD5.50AAD543AFA5E909BB67C122486DAEF8] - |A| - [18/07/2021 01:59:50] - (.-.) - [52.45 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210718-0159.log [MD5.AA0C401F5FBF81740D2E6A81A5E27D79] - |A| - [18/07/2021 02:09:21] - (.-.) - [51.18 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210718-0209.log [MD5.44CF439C6D0FB92C45BA7707F113B6FA] - |A| - [18/07/2021 02:19:24] - (.-.) - [50.86 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210718-0219.log [MD5.EE2A8DA43AA4B88E34A6D31047BFAA45] - |A| - [18/07/2021 02:52:34] - (.-.) - [51.19 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210718-0252.log [MD5.CA1FE446517C962C07098A5F765F29F5] - |A| - [18/07/2021 04:00:01] - (.-.) - [49.39 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210718-0400.log [MD5.BEC3868B2217F9CD59C0376618CD00A7] - |A| - [18/07/2021 04:48:15] - (.-.) - [43.85 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210718-0448.log [MD5.D4A6A77B6A58441BC6CFE8E0B1575D89] - |A| - [18/07/2021 05:05:19] - (.-.) - [51.18 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210718-0505.log [MD5.EF0C5513BB5FB37FD93834D57DF65D70] - |A| - [18/07/2021 08:17:06] - (.-.) - [50.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210718-0817.log [MD5.4D9CF0B53D9D992B650D365FDF1445BE] - |A| - [18/07/2021 10:49:04] - (.-.) - [114.15 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210718-1049.log [MD5.C3E111F4259F5BC7C862CB9406707BB9] - |A| - [18/07/2021 10:53:58] - (.-.) - [48.57 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210718-1053.log [MD5.E41248343EAB5E9282CE2D1C4094EC30] - |A| - [18/07/2021 12:21:11] - (.-.) - [52.82 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210718-1221.log [MD5.0C53DB62B12DA487923017C2812A042B] - |A| - [18/07/2021 13:24:16] - (.-.) - [228.87 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210718-1324.log [MD5.95D737704664989715A2E06E00954AD7] - |A| - [18/07/2021 13:29:11] - (.-.) - [52.45 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210718-1329.log [MD5.79DF387182715AA3E7155B247F3C16B5] - |A| - [18/07/2021 14:37:33] - (.-.) - [51.18 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210718-1437.log [MD5.57B775FA4E7670AC8969FDB8554AE721] - |A| - [18/07/2021 20:36:54] - (.-.) - [54.89 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210718-2036.log [MD5.978DC576FA1F4A268CEC1E52417859AD] - |A| - [18/07/2021 20:37:02] - (.-.) - [268.82 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210718-2037.log [MD5.CD17BE0BD295D041BA979B7121E5070C] - |A| - [18/07/2021 22:32:07] - (.-.) - [270.76 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210718-2232.log [MD5.3DF8C641A813D115E5A3A72D89FE7566] - |A| - [18/07/2021 22:37:01] - (.-.) - [50.1 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210718-2237.log [MD5.49E53E8C87A441D7FD9409E4839E36D8] - |A| - [19/07/2021 16:48:40] - (.-.) - [52.58 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210719-1648.log [MD5.308F037CC028BCA79D72D844A0F7667B] - |A| - [19/07/2021 16:51:28] - (.-.) - [48.43 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210719-1651.log [MD5.AF86FDFD0950EC3BF15B980B1A208855] - |A| - [19/07/2021 16:51:28] - (.-.) - [55.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210719-1651a.log [MD5.E7606A40CC85123A3DA893A41738F48F] - |A| - [19/07/2021 16:53:31] - (.-.) - [51.61 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210719-1653.log [MD5.802FDC112984BFBB69650DC3557037D2] - |A| - [19/07/2021 19:13:03] - (.-.) - [48.11 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210719-1913.log [MD5.D9A115FA5E9C923B32E7F0BEC9500C3C] - |A| - [20/07/2021 00:45:09] - (.-.) - [54.78 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210720-0045.log [MD5.D6D278772D0799A92204D405F22EEEE1] - |A| - [20/07/2021 01:27:16] - (.-.) - [48.2 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210720-0127.log [MD5.C9EF8E4B3C568DBF1AC6C9E382241A51] - |A| - [20/07/2021 02:14:29] - (.-.) - [159.35 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210720-0214.log [MD5.FCD5AD771F1826BA35DE6A29035F9BA6] - |A| - [20/07/2021 02:19:23] - (.-.) - [51.37 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210720-0219.log [MD5.3708042BEE849C62F5A3B9D7A03110F1] - |A| - [20/07/2021 04:00:01] - (.-.) - [43.85 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210720-0400.log [MD5.889D8560CEC44C01D6AC5090B4033601] - |A| - [20/07/2021 04:04:39] - (.-.) - [51.07 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210720-0404.log [MD5.A63C8D6071B4CF4D896F9C08848EB9C4] - |A| - [20/07/2021 04:18:59] - (.-.) - [49.54 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210720-0418.log [MD5.1671373D88550C1F534706E7E4437FFB] - |A| - [20/07/2021 12:22:23] - (.-.) - [45.61 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210720-1222.log [MD5.D7CC0951E186652C77E62285C7E4CB2B] - |A| - [20/07/2021 12:24:26] - (.-.) - [56.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210720-1224.log [MD5.263E889A387D12768D8DF1739245F721] - |A| - [20/07/2021 14:09:51] - (.-.) - [51.74 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210720-1409.log [MD5.4F25AB2920AC37C297518E91CEC426DC] - |A| - [20/07/2021 14:54:13] - (.-.) - [52.69 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210720-1454.log [MD5.CC3F5B41292129084F822B99AB8E12DB] - |A| - [20/07/2021 15:07:00] - (.-.) - [51.18 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210720-1507.log [MD5.FB8B2CD71212DD806882F696EB573E92] - |A| - [20/07/2021 16:02:32] - (.-.) - [51.18 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210720-1602.log [MD5.D91DE4818620073DE5111A1858AC8F41] - |A| - [20/07/2021 16:10:56] - (.-.) - [51.17 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210720-1610.log [MD5.DBD45B6269A1145D4713C1A90A604C67] - |A| - [20/07/2021 20:56:45] - (.-.) - [50.1 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210720-2056.log [MD5.72D4B2DEE40DBA5E1C47702A008619D7] - |A| - [20/07/2021 22:05:11] - (.-.) - [51.18 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210720-2205.log [MD5.D9D78FB0C73E15E3E0CEC2464EB2B488] - |A| - [20/07/2021 22:26:00] - (.-.) - [51.18 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210720-2226.log [MD5.A22235703FA104C90F159AD58735C023] - |A| - [20/07/2021 23:58:33] - (.-.) - [194.25 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210720-2358.log [MD5.3F6854677C985C6BE81DC8E8A5894F6B] - |A| - [21/07/2021 00:03:34] - (.-.) - [51.38 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210721-0003.log [MD5.E6BA9B5BB29961307D10ED44AD4C8563] - |A| - [21/07/2021 00:51:35] - (.-.) - [55.44 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210721-0051.log [MD5.4E1068CAFEC4DC580C573777F1C54183] - |A| - [21/07/2021 04:00:01] - (.-.) - [48.51 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210721-0400.log [MD5.FC0224014367B25E67349FD1CFEF336D] - |A| - [21/07/2021 04:23:14] - (.-.) - [43.69 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210721-0423.log [MD5.1B5B141DEBD6DEECEFBF1AD604FB5F23] - |A| - [21/07/2021 10:19:24] - (.-.) - [50.19 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210721-1019.log [MD5.1A8C8CB0A848C0FE0A5A7DD343DC71D3] - |A| - [21/07/2021 11:59:47] - (.-.) - [51.19 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210721-1159.log [MD5.8D3D33173DEFB5AD69B855C8254A54A1] - |A| - [21/07/2021 12:33:15] - (.-.) - [51.2 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210721-1233.log [MD5.0D2412E3EF1AC11059B8C1ACFC8BB2B7] - |A| - [21/07/2021 13:20:24] - (.-.) - [49.55 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210721-1320.log [MD5.E944F9B7FECFB8C0972E209A72DA67A7] - |A| - [21/07/2021 14:36:22] - (.-.) - [50.1 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210721-1436.log [MD5.9780B363F41331445FEFDF2051EF43B9] - |A| - [21/07/2021 17:21:14] - (.-.) - [52.45 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210721-1721.log [MD5.58907611DFD11ED1D0D24F27FAAB5F14] - |A| - [21/07/2021 17:21:50] - (.-.) - [106.82 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210721-1721a.log [MD5.BDD791B8A952E71A94BABF0045804B1C] - |A| - [21/07/2021 17:27:05] - (.-.) - [52.45 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210721-1727.log [MD5.41429964A541ADCD7325156B43336ED0] - |A| - [21/07/2021 17:29:45] - (.-.) - [106.06 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210721-1729.log [MD5.0439C880D8F98B6CC509F845BEFAEBED] - |A| - [21/07/2021 17:34:57] - (.-.) - [51.38 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210721-1734.log [MD5.08A284EB14B4309C3D5A3ACCBFC8445E] - |A| - [21/07/2021 17:37:42] - (.-.) - [106.06 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210721-1737.log [MD5.65520A6A68B0B356061C4B6D8BDBBB6C] - |A| - [21/07/2021 17:42:43] - (.-.) - [51.74 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210721-1742.log [MD5.9532E4C6869B07FC3A21F691B52FD49F] - |A| - [21/07/2021 17:44:05] - (.-.) - [107.2 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210721-1744.log [MD5.B4CA3644BBA993B1777CF5E77FC419E3] - |A| - [21/07/2021 17:49:14] - (.-.) - [50.1 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210721-1749.log [MD5.AE4415888089A7E12B8C17F493C2CFE8] - |A| - [21/07/2021 17:56:54] - (.-.) - [107.2 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210721-1756.log [MD5.4E9C166C732AB03E835C3B51D69132D6] - |A| - [21/07/2021 18:01:55] - (.-.) - [50.1 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210721-1801.log [MD5.458101C07004B835D3CEAF5C7E6F4C17] - |A| - [21/07/2021 18:11:46] - (.-.) - [106.05 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210721-1811.log [MD5.C3B6A2E4AD50EE93917446717E9314BB] - |A| - [21/07/2021 18:16:51] - (.-.) - [51.38 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210721-1816.log [MD5.8C98DA6F944C930621F06E3CE53014D8] - |A| - [21/07/2021 18:26:03] - (.-.) - [110.46 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210721-1826.log [MD5.86091F93A41A35F16F1192502B4FE06E] - |A| - [21/07/2021 18:31:02] - (.-.) - [51.38 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210721-1831.log [MD5.4EE88028A35E62DD0FBBEB466CC8A5C9] - |A| - [21/07/2021 18:45:14] - (.-.) - [50.71 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210721-1845.log [MD5.F0082E787BCC0B6B9B7F3E18703A44D8] - |A| - [21/07/2021 19:10:03] - (.-.) - [202.13 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210721-1910.log [MD5.370FAA80652E63F5FD8A4E6E6DE5E584] - |A| - [21/07/2021 19:15:04] - (.-.) - [48.47 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210721-1915.log [MD5.84BAFCA488E4FAF5F0251A0E72531EDB] - |A| - [21/07/2021 19:35:37] - (.-.) - [51.18 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210721-1935.log [MD5.BFF983E6606C4112D137480831CE9249] - |A| - [21/07/2021 22:52:17] - (.-.) - [50.11 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210721-2252.log [MD5.49E4684AD10461251B4490B4801F9559] - |A| - [22/07/2021 07:06:11] - (.-.) - [50.06 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210722-0706.log [MD5.7C77F42A03362491F21259F742F545A2] - |A| - [22/07/2021 07:09:09] - (.-.) - [42.31 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210722-0709.log [MD5.481757CCEE21D36F29ABC8881C5C3E86] - |A| - [22/07/2021 10:00:44] - (.-.) - [54.51 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210722-1000.log [MD5.E27906A90F4DB14C8D55ECEF7DB6581F] - |A| - [22/07/2021 10:30:29] - (.-.) - [51.18 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210722-1030.log [MD5.AA2A920A5A0B7BB889BD6BC77958E719] - |A| - [22/07/2021 10:41:28] - (.-.) - [51.08 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210722-1041.log [MD5.D6E6077CA432E07F15821C35D93AFDF8] - |A| - [22/07/2021 11:21:36] - (.-.) - [49.9 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210722-1121.log [MD5.E0A1D10A4B95F4FE9BD4AFBA17C2A063] - |A| - [22/07/2021 11:59:35] - (.-.) - [51.17 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\LAPTOP-BAN0IFUQ-20210722-1159.log [MD5.B7A57E8CFDE5C9F06CFA44D14F973E20] - |A| - [18/07/2021 10:49:10] - (.-.) - [4.3 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20210718-104910-0.log [MD5.1E37982EB7EC18165BC4A879EFA2FC54] - |A| - [18/07/2021 13:24:22] - (.-.) - [4.3 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20210718-132422-0.log [MD5.5F22D84B738383EDA1AA642728FFC8C1] - |A| - [18/07/2021 22:32:11] - (.-.) - [4.3 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20210718-223211-0.log [MD5.D91B2EB98E709C2D5886AAC48549B437] - |A| - [20/07/2021 02:14:34] - (.-.) - [4.3 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20210720-021434-0.log [MD5.A92F76048C4EA193F932DCF8B42EF581] - |A| - [20/07/2021 23:58:31] - (.-.) - [4.3 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20210720-235831-0.log [MD5.63758D48451A7AF97F74A999FDDFF59E] - |A| - [21/07/2021 17:21:53] - (.-.) - [4.3 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20210721-172153-0.log [MD5.412233FF7B47F56208BC896C3F37F508] - |A| - [21/07/2021 17:29:47] - (.-.) - [4.3 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20210721-172947-0.log [MD5.D9376F47F5376FDC1111A2F7FE937761] - |A| - [21/07/2021 17:37:39] - (.-.) - [4.3 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20210721-173739-0.log [MD5.19D8917DABB62AB4D8873BF01CEF52D5] - |A| - [21/07/2021 17:44:02] - (.-.) - [4.3 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20210721-174402-0.log [MD5.46184FB2698988F5A3288337379254E1] - |A| - [21/07/2021 17:56:51] - (.-.) - [4.3 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20210721-175651-0.log [MD5.1EDCB748A894399FE8E0F5280C6A51E4] - |A| - [21/07/2021 18:11:44] - (.-.) - [4.3 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20210721-181144-0.log [MD5.45B338D7734C1AED64D93A8C966F01FE] - |A| - [21/07/2021 18:26:00] - (.-.) - [4.3 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20210721-182600-0.log [MD5.E30D2991DA6787FD18EB3BB8AF592A21] - |A| - [21/07/2021 19:10:00] - (.-.) - [4.3 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\lpksetup-20210721-191000-0.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [17/07/2021 13:46:43] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-12692.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [20/07/2021 18:46:42] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-12816.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [20/07/2021 02:46:59] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-13800.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [21/07/2021 08:46:45] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-15024.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [22/07/2021 07:06:52] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-17104.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [20/07/2021 22:47:01] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-17948.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [18/07/2021 15:46:42] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-17968.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [18/07/2021 10:46:46] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-18640.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [19/07/2021 16:49:37] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-19276.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [21/07/2021 20:46:42] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-19684.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [20/07/2021 12:47:33] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-21712.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [19/07/2021 16:48:39] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-2524.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [21/07/2021 18:47:41] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-4512.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [17/07/2021 14:46:47] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-6344.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [18/07/2021 00:47:19] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-6368.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [18/07/2021 20:47:13] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\mat-debug-6704.log [MD5.CE682B984F26D973B514AF6CE071BBB6] - |A| - [28/01/2021 10:35:32] - (.-.) - [596.65 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpCmdRun.log [MD5.00000000000000000000000000000000] - |D| - [20/07/2021 12:47:21] - [0.17 Ko] - C:\WINDOWS\Temp\MsEdgeCrashpad [MD5.5EB62E28C98465C9189F278BC539610A] - |A| - [20/07/2021 12:47:21] - (.-.) - [56.89 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\msedge_installer.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [20/07/2021 23:58:29] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\officeclicktorun.exe_streamserver(20210720235829150C).log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [21/07/2021 19:09:58] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\officeclicktorun.exe_streamserver(202107211909581384).log [MD5.00000000000000000000000000000000] - |D| - [18/07/2021 10:54:00] - [0 Ko] - C:\WINDOWS\Temp\Temp [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:55] - [0 Ko] - C:\WINDOWS\System32\0409 [MD5.C652A5EA6545C98CE71684018E0640E7] - |A| - [07/12/2019 11:09:00] - (.-.) - [3.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AdvancedKeySettingsNotification.png [MD5.D6F8DD9F561B8A67FFAC2BAD7E989770] - |A| - [07/12/2019 11:08:44] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AppHelpToast.png [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [07/12/2019 11:08:45] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AudioToastIcon.png [MD5.8E4B25CC8E98F63DBD54176DFAB539E0] - |A| - [07/12/2019 11:08:21] - (.-.) - [0.44 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@BackgroundAccessToastIcon.png [MD5.3937359E324E15F6A7A7092D4DAEBD64] - |A| - [07/12/2019 11:08:52] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@bitlockertoastimage.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [07/12/2019 11:08:52] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@EnrollmentToastIcon.png [MD5.C2A332DE50FE519DA21AFB8BD6E134F4] - |A| - [07/12/2019 11:08:58] - (.-.) - [0.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@language_notification_icon.png [MD5.A119D69B4C29845D3F8CE2E5638C8E65] - |A| - [07/12/2019 11:09:45] - (.-.) - [0.47 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@optionalfeatures.png [MD5.A3437673F5766635A8378F67645B81C0] - |A| - [07/12/2019 11:09:37] - (.-.) - [0.35 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@StorageSenseToastIcon.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [07/12/2019 11:09:07] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@VpnToastIcon.png [MD5.79166EAF65485F1432DD72B72870026B] - |A| - [07/12/2019 11:09:32] - (.-.) - [190.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@windows-hello-V4.1.gif [MD5.13EF2C8D799F7B6E9D8E3D6BACB9C779] - |A| - [07/12/2019 11:09:32] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsHelloFaceToastIcon.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.contrast-black.png [MD5.DAD405CBDE259DE527EBF71BCC28099C] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.contrast-white.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [07/12/2019 11:08:19] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WirelessDisplayToast.png [MD5.147B047B46B79A91CC34499D4F89119E] - |A| - [07/12/2019 11:09:05] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WLOGO_48x48.png [MD5.D0FCF781D0801ABF5F74B54E98076A5B] - |A| - [19/03/2019 06:44:12] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WwanNotificationIcon.png [MD5.85D91E478AF18125007C531227FF6E59] - |A| - [19/03/2019 06:44:12] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WwanSimLockIcon.png [MD5.31A16C523B62500F83C82217F056A538] - |A| - [07/12/2019 11:08:39] - (.-.) - [8.13 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ActiveHours.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [2786.8 Ko] - C:\WINDOWS\System32\AdvancedInstallers [MD5.A49C26AA0CADD994DE158F51CB7EEFBC] - |A| - [12/05/2021 20:59:02] - (.-.) - [13 Ko] - (0.0.0.0) - C:\WINDOWS\System32\agentactivationruntimestarter.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5.97 Ko] - C:\WINDOWS\System32\am-et [MD5.00000000000000000000000000000000] - |D| - [22/08/2020 13:16:31] - [122.23 Ko] - C:\WINDOWS\System32\AMD [MD5.1A28799E04E6CD93FBCA599A3196870F] - |A| - [30/11/2020 04:25:34] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon AMD AVE Driver Component.) - [142.41 Ko] - (27.20.1032.2) - C:\WINDOWS\System32\amdave64.dll [MD5.858CBA65381AB8BA0391027D9514372E] - |A| - [30/11/2020 04:26:08] - (.-.) - [486.52 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amdgfxinfo64.dll [MD5.FD7FA853ED5EC3243ED37E623A829B04] - |A| - [30/11/2020 04:26:12] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenCL 2.0 Runtime.) - [69374.02 Ko] - (10.0.3075.13) - C:\WINDOWS\System32\amdhip64.dll [MD5.6FC76761417ACC5F37FF37208E8FFAD4] - |A| - [30/11/2020 04:26:24] - (.Copyright (C) 2020 Advanced Micro Devices, Inc. - Radeon Settings: Host Service.) - [202.08 Ko] - (2.0.0.1788) - C:\WINDOWS\System32\amdihk64.dll [MD5.3C8A86F6E676949CD5023E50EC5D673B] - |A| - [30/11/2020 03:54:02] - (.-.) - [68.13 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AMDKernelEvents.man [MD5.23265E8A43DB2C9C823DBE1C6B18CDC6] - |A| - [30/11/2020 04:26:36] - (.-.) - [464.02 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amdlogum.exe [MD5.8AA310D7A971F235A5AF6D27A4520BA4] - |A| - [30/11/2020 04:26:42] - (.Advanced Micro Devices, Inc. Copyright (C) 2015 - LiquidVR SDK 1.0.) - [927.52 Ko] - (1.0.16.0) - C:\WINDOWS\System32\amdlvr64.dll [MD5.7582445BF88D01D0481557E0EC4FB77B] - |A| - [30/11/2020 04:26:58] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MCL Universal Driver.) - [549.02 Ko] - (1.6.0.0) - C:\WINDOWS\System32\amdmcl64.dll [MD5.711DCE4F37B0F7FEDFDF7EE119962418] - |A| - [30/11/2020 04:25:48] - (.-.) - [547.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amdmiracast.dll [MD5.C8DD293925196BFA4C7B5577A8574BA4] - |A| - [30/11/2020 04:25:52] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [136.82 Ko] - (27.20.1032.2) - C:\WINDOWS\System32\amdpcom64.dll [MD5.F0E736FDEBC68BC2952CF14DBAB74980] - |A| - [30/06/2021 13:47:17] - (.Copyright (c) 2013 - 2021 Advanced Micro Devices, Inc. - amdtee_api dll.) - [432.7 Ko] - (4.16.0.0) - C:\WINDOWS\System32\amdtee_api.dll [MD5.0475CD5B95170D1D1B672DD40E3325FC] - |A| - [30/11/2020 04:27:32] - (.Copyright (C) 2014-2017 AMD Inc. - amdxcstub64.dll.) - [128.02 Ko] - (8.18.10.357) - C:\WINDOWS\System32\amdxc64.dll [MD5.12C07C667C4853AD66B6124F9421B7D8] - |A| - [30/11/2020 04:27:42] - (.-.) - [63298.52 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amd_comgr.dll [MD5.BA2D66CD907F298E457CE62A24DC3339] - |A| - [30/11/2020 04:26:06] - (.Copyright (C) 2016 - AMD MJPEG MFT Component.) - [1669.29 Ko] - (27.20.1032.2) - C:\WINDOWS\System32\amf-mft-mjpeg-decoder64.dll [MD5.8752DFF6CF9466F755A99F18BEEE6117] - |A| - [30/11/2020 04:27:58] - (.Advanced Micro Devices, Inc. Copyright (C) 2017 - Advanced Media Framework.) - [4530.52 Ko] - (1.4.17.0) - C:\WINDOWS\System32\amfrt64.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\System32\AppLocker [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [2808.41 Ko] - C:\WINDOWS\System32\appraiser [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [279.5 Ko] - C:\WINDOWS\System32\ar-SA [MD5.C9486151C26D64A4933B95BA10BF730A] - |A| - [07/12/2019 11:09:34] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [614 Ko] - (3.3.2.0) - C:\WINDOWS\System32\archiveint.dll [MD5.FC5C7741B437A3AC0114CBAF8895AFDC] - |A| - [30/11/2020 04:28:00] - (.© 2004 Advanced Micro Devices, Inc. - eRecord Message Resource File.) - [77.02 Ko] - (27.20.1032.2) - C:\WINDOWS\System32\ati2erec.dll [MD5.17404A8416471072ACD86C7DB3B8BB6B] - |A| - [30/11/2020 04:28:02] - (.Copyright (C) 2008-2020 Advanced Micro Devices, Inc. - ADL.) - [1741.02 Ko] - (27.20.1032.2) - C:\WINDOWS\System32\atiadlxx.dll [MD5.55F4C571A08FE6FFC0BEED1B36F787D1] - |A| - [30/11/2020 03:54:08] - (.-.) - [531.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\atiapfxx.blb [MD5.CD737EB7B8C2B6B1397A3D49ECC5DA5D] - |A| - [30/11/2020 04:28:12] - (.Copyright (C) 1998-2012 AMD Inc. - aticfxstub64.dll.) - [186.53 Ko] - (8.17.10.1684) - C:\WINDOWS\System32\aticfx64.dll [MD5.5503B4A71FB67FFECD02021CA063F8AC] - |A| - [30/11/2020 04:28:14] - (.2002-2012 - Graphics DEM.) - [466.02 Ko] - (4.5.7528.35882) - C:\WINDOWS\System32\atidemgy.dll [MD5.7E09782FBC93330C2D4857A3CFDA3E0F] - |A| - [30/11/2020 04:28:20] - (.-.) - [131.02 Ko] - (0.0.0.0) - C:\WINDOWS\System32\atidxx64.dll [MD5.AED7CD4024DCF9AECBCDA4BB52A95198] - |A| - [30/11/2020 04:28:26] - (.-.) - [454.02 Ko] - (0.0.0.0) - C:\WINDOWS\System32\atieah64.exe [MD5.FF25442662D2233325C38A2FEA821F57] - |A| - [30/11/2020 04:28:28] - (.Copyright © 2008-2009 AMD - AMD External Events Client Module.) - [751.02 Ko] - (27.20.1032.2) - C:\WINDOWS\System32\atieclxx.exe [MD5.66091BA21D7882A0318492B91CD659F5] - |A| - [30/11/2020 04:28:36] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [248.02 Ko] - (27.20.1032.2) - C:\WINDOWS\System32\atig6txx.dll [MD5.235AEB7808B788FA608FE0305C94BBE4] - |A| - [30/11/2020 04:26:20] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [136.82 Ko] - (27.20.1032.2) - C:\WINDOWS\System32\atimpc64.dll [MD5.D9A4BFA8A66BD00BDCD6CF523006034B] - |A| - [30/11/2020 04:28:44] - (.Copyright ? 2009 AMD - Multi-language DPPE DLL.) - [141.02 Ko] - (27.20.1032.2) - C:\WINDOWS\System32\atimuixx.dll [MD5.4EDB5CB73A7CF66D57CECF79A19CC57A] - |A| - [30/11/2020 04:29:04] - (.Copyright (c) 2010 Advanced Micro Devices, Inc. - Radeon spu api dll.) - [171.52 Ko] - (27.20.1032.2) - C:\WINDOWS\System32\atisamu64.dll [MD5.E43D258E834CF902E7C9AE3575B95E04] - |A| - [30/11/2020 03:54:10] - (.-.) - [3357.06 Ko] - (0.0.0.0) - C:\WINDOWS\System32\atiumd6a.cap [MD5.7C163EDE63854539828F5B2C1BC529FD] - |A| - [07/04/2020 07:45:49] - (.-.) - [153.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvsva.dat [MD5.219D7091DD1D93728392337FE9C7ADD6] - |A| - [07/04/2020 07:45:49] - (.-.) - [200.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvsvl.dat [MD5.C03F0062C0749CDB59A4D60862C3E83E] - |A| - [07/12/2019 11:08:07] - (.-.) - [134.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AverageRoom.bin [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [258.5 Ko] - C:\WINDOWS\System32\bg-BG [MD5.705628497C0012302212A46ADD463E6E] - |A| - [07/12/2019 11:08:05] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-black.png [MD5.F63C615733A3337BF2BEA96C6EE9B568] - |A| - [07/12/2019 11:08:05] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-high.png [MD5.705628497C0012302212A46ADD463E6E] - |A| - [07/12/2019 11:08:05] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-white.png [MD5.DAF1DCB4AEE839A1965F4CC160C49A53] - |A| - [07/12/2019 11:08:05] - (.-.) - [8.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.png [MD5.28ECA83D7F9D10D69E969675D1FF6725] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothSystemToastIcon.contrast-white.png [MD5.A620186FF1CDE4EE117FC4CAD648B9CC] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.2 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5938.55 Ko] - C:\WINDOWS\System32\Boot [MD5.3149A16CF39B9A49BD9A1EF98A1C527B] - |A| - [28/01/2021 10:20:12] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [186.5 Ko] - (1.0.0.1) - C:\WINDOWS\System32\BthpanContextHandler.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.1 Ko] - C:\WINDOWS\System32\Bthprops [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:03:44] - [68849.57 Ko] - C:\WINDOWS\System32\CatRoot [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [51438.06 Ko] - C:\WINDOWS\System32\catroot2 [MD5.EA6A47A8824657779AB13E3D7B310DA5] - |A| - [30/11/2020 04:29:10] - (.-.) - [340.03 Ko] - (0.0.0.0) - C:\WINDOWS\System32\clinfo.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [20.74 Ko] - C:\WINDOWS\System32\CodeIntegrity [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [377.5 Ko] - C:\WINDOWS\System32\Com [MD5.535884123FABC2C15AA7DEC9834B55D4] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ComputerToastIcon.contrast-white.png [MD5.89F92266DFC6F93961DFFBB2D6C61A15] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.38 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ComputerToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:03:44] - [443920.09 Ko] - C:\WINDOWS\System32\config [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [53.11 Ko] - C:\WINDOWS\System32\Configuration [MD5.C113EC3ABF481A1B41F99BD721B513C3] - |A| - [15/04/2021 06:24:03] - (.-.) - [225.83 Ko] - (0.0.0.0) - C:\WINDOWS\System32\containerdevicemanagement.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.34 Ko] - C:\WINDOWS\System32\ContainerSettingsProviders [MD5.A41C1754A956E37B5E7D06D5167548E7] - |A| - [09/06/2021 11:16:11] - (.-.) - [280.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\CoreMas.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [318 Ko] - C:\WINDOWS\System32\cs-CZ [MD5.1C3645EBDDBE2DA6A32A5F9FB43A3C23] - |A| - [07/12/2019 11:09:34] - (.© 1996 - 2017 Daniel Stenberg, . - The curl executable.) - [411.5 Ko] - (7.55.1.0) - C:\WINDOWS\System32\curl.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [321.5 Ko] - C:\WINDOWS\System32\da-DK [MD5.C071699F4F21B82606C72BAE2A430E1D] - |A| - [12/05/2021 20:59:04] - (.-.) - [162 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DataStoreCacheDumpTool.exe [MD5.0E140EE6E905601AF0D0C4CB318D293B] - |A| - [17/07/2021 16:58:52] - (.Dropbox, Inc. - Dropbox Service.) - [43.29 Ko] - (1.0.24.0) - C:\WINDOWS\System32\DbxSvc.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [271.02 Ko] - C:\WINDOWS\System32\DDFs [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [358.5 Ko] - C:\WINDOWS\System32\de-DE [MD5.C1684AACAAD62889ACFCA988AA46562D] - |A| - [07/12/2019 11:08:21] - (.-.) - [28.83 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultAccountTile.png [MD5.057C75B5735EEF2A75ABF8F6770BCA34] - |A| - [28/01/2021 10:19:49] - (.-.) - [4128.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultHrtfs.bin [MD5.664AA698FC0106A2B075A641E8DC6302] - |A| - [07/12/2019 11:14:56] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultQuestions.json [MD5.041A7B079E9776721847031A7CF533E1] - |A| - [07/12/2019 11:09:34] - (.-.) - [15.97 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DeliveryOptimizationMIProv.mof [MD5.59D5500F74109D59522F5A9457B8D9A2] - |A| - [07/12/2019 11:09:34] - (.-.) - [0.89 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DeliveryOptimizationMIProvUninstall.mof [MD5.B924F1A7DE5ED8331B3375A778B3FE38] - |A| - [07/12/2019 11:08:52] - (.-.) - [35.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\deploymentcsphelper.exe [MD5.851A9305E14B348CA0D9C7FB75391FDB] - |A| - [07/12/2019 11:08:39] - (.-.) - [272.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DesktopKeepOnToastImg.gif [MD5.4A6FA3C0EFD237F104E09A22883D9388] - |A| - [07/12/2019 11:08:43] - (.-.) - [3.85 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DetailedReading-Default.xml [MD5.D54AD69725ECC34049470C03DE1FC82D] - |A| - [30/11/2020 04:29:22] - (.-.) - [490.03 Ko] - (0.0.0.0) - C:\WINDOWS\System32\dgtrayicon.exe [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [882 Ko] - C:\WINDOWS\System32\DiagSvcs [MD5.037DF43BCC9F9A4DF6548FED8F4503AF] - |A| - [07/12/2019 11:08:37] - (.-.) - [82.96 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DiskSnapshot.conf [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [9891.79 Ko] - C:\WINDOWS\System32\Dism [MD5.6AB2B935BF38EB13CFCB9506223FD6E7] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplaySystemToastIcon.contrast-white.png [MD5.FF004E0B30E5E4EC747B3D8EF6E3B89E] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplaySystemToastIcon.png [MD5.998E9829B6032B25AE47E08454344E88] - |A| - [14/01/2021 01:12:18] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth1.bin [MD5.0578633DDEBDBE97FB336C45A93B0EE1] - |A| - [14/01/2021 01:12:18] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth10.bin [MD5.0E285226BD61D54829FB11EBB8DD0345] - |A| - [14/01/2021 01:12:18] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth11.bin [MD5.5FDD2A7F5C34D7E5AE0185089E6F8E9D] - |A| - [14/01/2021 01:12:18] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth12.bin [MD5.7124F42371C40554C7262AAC1D15D190] - |A| - [11/12/2020 05:34:52] - (.-.) - [0.35 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth13.bin [MD5.84404431DBBC5024A72A2EA8FAB27E94] - |A| - [11/12/2020 05:34:52] - (.-.) - [0.35 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth14.bin [MD5.899B73845D60885E3543E4F1733544E6] - |A| - [14/01/2021 01:12:18] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth15.bin [MD5.399ACEC2635FE333E390A7F0E0024A2F] - |A| - [14/01/2021 01:12:18] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth16.bin [MD5.33F79D49F656A99448C3123AB2CA08B8] - |A| - [14/01/2021 01:12:18] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth17.bin [MD5.F805BDC53A8ACA5E996BEAD0D1576487] - |A| - [14/01/2021 01:12:18] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth18.bin [MD5.E9BBD1DB01EA9A822190E783E8CFDC25] - |A| - [14/01/2021 01:12:18] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth2.bin [MD5.BF530DE05DAA022D56990DB85EF0CDBD] - |A| - [14/01/2021 01:12:18] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth3.bin [MD5.DB8BC7EC452A71DE6AED47F08560CB1C] - |A| - [14/01/2021 01:12:18] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth4.bin [MD5.E352E5E8913C40E24DA1F43275C6BFE1] - |A| - [14/01/2021 01:12:18] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth5.bin [MD5.877F7CBF7B3744CBEA3E2405C9F337FC] - |A| - [14/01/2021 01:12:18] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth6.bin [MD5.0056E5C82997290948199F95720279FE] - |A| - [14/01/2021 01:12:18] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth7.bin [MD5.C148AAE7FA86B07FBAA706D23D96EBD9] - |A| - [14/01/2021 01:12:18] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth8.bin [MD5.789CBEA6FAE7D5BEBD14AB8E05AB7C7B] - |A| - [14/01/2021 01:12:18] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuth9.bin [MD5.885313FFA2EFF9B10A2F4BC3E3FE0615] - |A| - [14/07/2021 13:36:11] - (.-.) - [11.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuthTxt.wim [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [161.5 Ko] - C:\WINDOWS\System32\dsc [MD5.00000000000000000000000000000000] - |D| - [22/08/2020 13:30:47] - [10172.02 Ko] - C:\WINDOWS\System32\DTS [MD5.64E652DC979CB9EF1AEE91DBD4F8C624] - |A| - [28/01/2021 10:20:12] - (.-.) - [2201.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\dwmscene.dll [MD5.DF84EB7B44D1414284BA384F0061D1DC] - |A| - [07/12/2019 11:08:07] - (.-.) - [728.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicLong.bin [MD5.346870077DFD18867A9693C7A59AA3E6] - |A| - [07/12/2019 11:08:07] - (.-.) - [503.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicMedium.bin [MD5.2BEC13D68312ADE8C0065D8BCC146D2F] - |A| - [07/12/2019 11:08:07] - (.-.) - [315.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicShort.bin [MD5.18939B051A814603FD8BCBB8C565D46E] - |A| - [09/02/2021 19:44:12] - (.Copyright © EasyAntiCheat Oy 2018 - EasyAntiCheat UserMode.) - [21.92 Ko] - (1.0.0.0) - C:\WINDOWS\System32\eac_usermode_1005790009230200.dll [MD5.A7F9A0012D9AA49B7CA32EB14287BAD9] - |A| - [30/11/2020 04:29:30] - (.-.) - [431.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\EEURestart.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [361.5 Ko] - C:\WINDOWS\System32\el-GR [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:55] - [0 Ko] - C:\WINDOWS\System32\en [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [244 Ko] - C:\WINDOWS\System32\en-GB [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1572.53 Ko] - C:\WINDOWS\System32\en-US [MD5.1D0A840D731A2C1F2E1FB5B8596B4C34] - |A| - [28/01/2021 10:20:10] - (.-.) - [148.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\EoAExperiences.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [343.5 Ko] - C:\WINDOWS\System32\es-ES [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [271 Ko] - C:\WINDOWS\System32\es-MX [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [238 Ko] - C:\WINDOWS\System32\et-EE [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [16718.64 Ko] - C:\WINDOWS\System32\F12 [MD5.4DED57BD7ACB9B0EBBE82034EC44645A] - |A| - [07/12/2019 11:08:41] - (.-.) - [43.22 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FeatureToastBulldogImg.png [MD5.7F65C93283F31EB39E311DDDC00DFBA6] - |A| - [28/01/2021 10:20:13] - (.-.) - [16.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FeatureToastDlpImg.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [7.11 Ko] - C:\WINDOWS\System32\ff-Adlm-SN [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [326 Ko] - C:\WINDOWS\System32\fi-FI [MD5.1A061D83DBF9632EE1290F199A37136B] - |A| - [28/01/2021 10:28:46] - (.-.) - [432.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:55] - [3403.5 Ko] - C:\WINDOWS\System32\fr [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [279 Ko] - C:\WINDOWS\System32\fr-CA [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [46751.83 Ko] - C:\WINDOWS\System32\fr-FR [MD5.F5CA01AB732F8723CEB0118923F1AD32] - |A| - [12/05/2021 20:59:30] - (.-.) - [684.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FsNVSDeviceSource.dll [MD5.617086AB941960B1B9EF9CDFF3CF7911] - |A| - [09/12/2020 22:00:18] - (.-.) - [76.36 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FvSDK_x64.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:51:10] - [0 Ko] - C:\WINDOWS\System32\FxsTmp [MD5.D869BA27EDD1663FA5E1A992915D69E2] - |A| - [30/11/2020 04:29:36] - (.-.) - [493.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameManager64.dll [MD5.41FD64AE28A0C932CA7B2A250993D675] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameSystemToastIcon.contrast-white.png [MD5.6DC77FD8B062264AF1C6DA325ABB7010] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.11 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameSystemToastIcon.png [MD5.2E6AF4D5BF6E31E728F409984C3045D4] - |A| - [07/12/2019 11:09:48] - (.-.) - [86.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\gatherNetworkInfo.vbs [MD5.00000000000000000000000000000000] - |HD| - [19/03/2019 06:52:45] - [0.31 Ko] - C:\WINDOWS\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [0 Ko] - C:\WINDOWS\System32\GroupPolicyUsers [MD5.EA99A87E98D995DE6E280CF85CEAD413] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HandwritingSystemToastIcon.contrast-white.png [MD5.B8E586ED92DB703FFA480E254996160E] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.89 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HandwritingSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [256.5 Ko] - C:\WINDOWS\System32\he-IL [MD5.6E9E9D56B192B2995493E529CFF2BBFE] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadphoneSystemToastIcon.contrast-white.png [MD5.7F1E9502267F778F3A8139C35A352190] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadphoneSystemToastIcon.png [MD5.202A07E4526B050E22624328E64E0470] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.52 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadsetSystemToastIcon.contrast-white.png [MD5.1892ACC10CAC009BCAC146AD650ABA58] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.17 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadsetSystemToastIcon.png [MD5.031713BFD5F30E63336D3CA5D2767BE9] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HealthSystemToastIcon.contrast-white.png [MD5.C1BD7976C99830E33A713D02374054EC] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.62 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HealthSystemToastIcon.png [MD5.6D2BA2902199292D57806E3C53C587BF] - |A| - [28/01/2021 10:20:03] - (.-.) - [299.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [250 Ko] - C:\WINDOWS\System32\hr-HR [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [324.5 Ko] - C:\WINDOWS\System32\hu-HU [MD5.871CA2345825E86D1D2D2A2E9E475D4F] - |A| - [28/01/2021 10:20:46] - (.-.) - [44.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HvSocket.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:53:03] - [149.55 Ko] - C:\WINDOWS\System32\Hydrogen [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5.36 Ko] - C:\WINDOWS\System32\ias [MD5.00F2F3788398E97EAFBE91A21D0B2AF7] - |A| - [17/12/2020 00:17:10] - (.© 2020 Avast Software - Avast Installer.) - [80.1 Ko] - (20.6.1956.0) - C:\WINDOWS\System32\icarus_rvrt.exe.to_delete.77cd9b24.tmp [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [36.27 Ko] - C:\WINDOWS\System32\icsxml [MD5.947D07FA32ABB13DB520016769EB901B] - |A| - [09/06/2021 11:16:20] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Combined Library.) - [2207.5 Ko] - (64.2.0.0) - C:\WINDOWS\System32\icu.dll [MD5.A7B574704574F326B92DCEA872F1E9E1] - |A| - [28/01/2021 10:20:05] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N Forwarder DLL.) - [24.5 Ko] - (64.2.0.0) - C:\WINDOWS\System32\icuin.dll [MD5.4A85A9DEA3D47D95CEF5525586756EA6] - |A| - [28/01/2021 10:20:05] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common Forwarder DLL.) - [29 Ko] - (64.2.0.0) - C:\WINDOWS\System32\icuuc.dll [MD5.388BE35F952EC7F057CDD79E8EDF9A18] - |A| - [28/01/2021 10:19:48] - (.-.) - [193 Ko] - (0.0.0.0) - C:\WINDOWS\System32\IHDS.dll [MD5.4ED631900F60C0DDD260AB471595B58E] - |A| - [20/06/2021 12:14:24] - (.Copyright (C) Lenovo Group Ltd. 2021 - CoInstaller for System Interface Foundation INF.) - [105.46 Ko] - (1.1.20.1) - C:\WINDOWS\System32\ImController.CoInstaller.dll [MD5.B9AA52288FDA2FFD013BDAC7555D3150] - |A| - [20/06/2021 12:14:24] - (.Copyright (C) Lenovo Group Ltd. 2021 - ImController.InfInstaller.) - [60.98 Ko] - (1.1.20.1) - C:\WINDOWS\System32\ImController.InfInstaller.exe [MD5.BBE6F2D97F9B36C44C16450284B15963] - |A| - [13/07/2021 14:56:19] - (.-.) - [19.44 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iMDriver.inf [MD5.55009659D3BC85CEE59114A64F1162DD] - |A| - [13/07/2021 14:56:19] - (.Copyright (C) Lenovo Group Limited, 2017 - UMDF Driver Helper DLL.) - [419.86 Ko] - (2.0.0.0) - C:\WINDOWS\System32\iMDriverHelper.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [26862.43 Ko] - C:\WINDOWS\System32\IME [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\System32\inetsrv [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [6943 Ko] - C:\WINDOWS\System32\InputMethod [MD5.8DE9AE82152650C178BF1E24014E8503] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputSystemToastIcon.contrast-white.png [MD5.0B9FBD6F3ED617CD36D042D3422F1C2B] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputSystemToastIcon.png [MD5.B305EECA4D65FBD762A0F3F997D5727B] - |A| - [20/06/2021 12:14:50] - (.-.) - [0.81 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InstallUtil.InstallLog [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\System32\Ipmi [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [346 Ko] - C:\WINDOWS\System32\it-IT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [262.34 Ko] - C:\WINDOWS\System32\ja-jp [MD5.1ABE72FCC6D923949EFFE03D4C934E8C] - |A| - [30/11/2020 03:54:18] - (.-.) - [122.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\kapp_ci.sbin [MD5.13167FBECA48836D4D3B2C9F70FB3A29] - |A| - [07/04/2020 07:45:49] - (.-.) - [118.33 Ko] - (0.0.0.0) - C:\WINDOWS\System32\kapp_si.sbin [MD5.23AC7515B6D8A794BCC01B582F044078] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\KeyboardSystemToastIcon.contrast-white.png [MD5.3DF873E16CCEA9B42857FB5FA085CB00] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\KeyboardSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [10192.95 Ko] - C:\WINDOWS\System32\Keywords [MD5.48BA9C6110A5EBA910E7FB2E7D23CFC1] - |A| - [15/01/2021 02:25:57] - (.Copyright © Kaspersky Lab ZAO 1996-2012. - Filtering Platform Helper Class.) - [107.59 Ko] - (1.0.0.12) - C:\WINDOWS\System32\klfphc.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [235 Ko] - C:\WINDOWS\System32\ko-KR [MD5.9451D4436E2EA67EB33FCC764E4AABED] - |A| - [07/12/2019 11:08:39] - (.-.) - [186.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LaptopPlugInToastImg.gif [MD5.F0CC83E1BA7E24F9B3292160C28AECD7] - |A| - [07/12/2019 11:08:07] - (.-.) - [145.56 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LargeRoom.bin [MD5.14BE6A1C21780D85AD3F1D09283C56DA] - |A| - [12/05/2021 20:59:40] - (.-.) - [1647.5 Ko] - (3.0.2.0) - C:\WINDOWS\System32\libcrypto.dll [MD5.1D8215F7F8CD02A553499B534CCFB4D5] - |A| - [26/01/2021 03:43:19] - (.2002-2009 S. Meyer; 2010 T. Robinson - libusb-win32 - DLL.) - [74.59 Ko] - (1.2.6.0) - C:\WINDOWS\System32\libusb0.dll [MD5.C7DDCA593B4B77627B82043BA3B496CF] - |A| - [26/01/2021 03:43:19] - (.© T. Robinson 2010-2012 - libusbK(lusbk) USB Library.) - [96.09 Ko] - (3.0.5.16) - C:\WINDOWS\System32\libusbK.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [625.17 Ko] - C:\WINDOWS\System32\Licenses [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [36958.14 Ko] - C:\WINDOWS\System32\LogFiles [MD5.00000000000000000000000000000000] - |D| - [11/12/2020 05:48:17] - [512 Ko] - C:\WINDOWS\System32\Logs [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [246.5 Ko] - C:\WINDOWS\System32\lt-LT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [247.5 Ko] - C:\WINDOWS\System32\lv-LV [MD5.00000000000000000000000000000000] - |D| - [01/04/2021 11:31:02] - [56562.23 Ko] - C:\WINDOWS\System32\lxss [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:52:05] - [32.68 Ko] - C:\WINDOWS\System32\MailContactsCalendarSync [MD5.65735234BE6F70E5BA10F12364B1041B] - |A| - [12/05/2021 20:59:20] - (.-.) - [1136.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MBR2GPT.EXE [MD5.D9648B03E37FB21A87CB34291ECAA4D7] - |A| - [30/11/2020 04:29:54] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MCL Universal Driver.) - [97.04 Ko] - (27.20.1032.2) - C:\WINDOWS\System32\mcl64.dll [MD5.F23EB28468FC8B62AF941308EC30387F] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediaSystemToastIcon.contrast-white.png [MD5.6E27512E38D598E0A60F8E5ADCF032CD] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.83 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediaSystemToastIcon.png [MD5.69D04DE701CF1E8CE69C65D1671D2B3F] - |A| - [07/12/2019 11:08:07] - (.-.) - [107.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediumRoom.bin [MD5.00000000000000000000000000000000] - |D| - [28/01/2021 10:24:50] - [1110.45 Ko] - C:\WINDOWS\System32\Microsoft [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5660.73 Ko] - C:\WINDOWS\System32\migration [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [45407.89 Ko] - C:\WINDOWS\System32\migwiz [MD5.08749DCC252AE1148E3BEA32B3FFFBFC] - |A| - [07/12/2019 11:10:11] - (.-.) - [0.11 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MixedRealityRuntime.json [MD5.C8BF077B236ED2803347BD95DE29BF68] - |A| - [07/12/2019 11:14:56] - (.-.) - [3.03 Ko] - (0.0.0.0) - C:\WINDOWS\System32\mmc.exe.config [MD5.B43E43FFFDD0F06A6925C7C89594042B] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.35 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MouseSystemToastIcon.contrast-white.png [MD5.5D2F0D3E50BF1129D260AC1405FF2A18] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.06 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MouseSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [11/12/2020 05:51:34] - [0 Ko] - C:\WINDOWS\System32\MRT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [45.5 Ko] - C:\WINDOWS\System32\MSDRM [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [5236.28 Ko] - C:\WINDOWS\System32\MsDtc [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [21.37 Ko] - C:\WINDOWS\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [45.64 Ko] - C:\WINDOWS\System32\my-mm [MD5.74FDEEAC0C0C0F62F4D0D484A36DA23A] - |A| - [07/12/2019 11:08:44] - (.-.) - [30.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NarratorControlTemplates.xml [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [314.5 Ko] - C:\WINDOWS\System32\nb-NO [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [640 Ko] - C:\WINDOWS\System32\NDF [MD5.43736A716F7B89155EAAFA7643F0ACDB] - |A| - [28/01/2021 10:28:46] - (.-.) - [62.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetSetupMig.log [MD5.C146E873B22C3B300B21A859FE66C27A] - |A| - [07/12/2019 11:09:48] - (.-.) - [21.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetTrace.PLA.Diagnostics.xml [MD5.0E2D5DA1C7A1A97E46172AC33AD354EC] - |A| - [07/12/2019 11:09:48] - (.-.) - [70.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nettraceex.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [51 Ko] - C:\WINDOWS\System32\networklist [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [338.5 Ko] - C:\WINDOWS\System32\nl-NL [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [3781.5 Ko] - C:\WINDOWS\System32\Nui [MD5.2645AF7AF5BAAFBB9464B4A760D7EA80] - |A| - [19/07/2021 16:50:58] - (.-.) - [81.12 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvinfo.pb [MD5.8E3B6830D766BFE65524CF8D9091F1E3] - |A| - [19/07/2021 16:50:58] - (.-.) - [700.11 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvofapi64.dll [MD5.D55B689DF6269B40E170EAFBCC0C34C4] - |A| - [07/12/2019 16:53:03] - (.-.) - [20.42 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OEMDefaultAssociations.xml [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-black.png [MD5.BFE1CCA08FEFC8A3422F7DA615567D75] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-white.png [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [67175.92 Ko] - C:\WINDOWS\System32\oobe [MD5.2AD7B4F3C8D2BB686D231EDFF404B7A4] - |A| - [20/02/2021 16:43:19] - (.Copyright (C) 2000-2006 - Standard OpenAL(TM) Implementation.) - [120.02 Ko] - (6.14.357.24) - C:\WINDOWS\System32\OpenAL32.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:51:03] - [3625 Ko] - C:\WINDOWS\System32\OpenSSH [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [3.81 Ko] - C:\WINDOWS\System32\osa-Osge-001 [MD5.459FB33AA2114A28C5932FEAA115B072] - |A| - [07/12/2019 11:08:07] - (.-.) - [45.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OutdoorAudioEnvironment.bin [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1724.83 Ko] - C:\WINDOWS\System32\PerceptionSimulation [MD5.F7E29A5BE801F9114897BEC0AFE88373] - |A| - [07/12/2019 11:17:25] - (.-.) - [130.32 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc009.dat [MD5.BD23D106FB3D09C36072362658193F97] - |A| - [07/12/2019 16:49:57] - (.-.) - [146.63 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc00C.dat [MD5.1E60BC5E525063B96078DF17FBD3C4E1] - |A| - [07/12/2019 11:17:25] - (.-.) - [32.64 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd009.dat [MD5.9F9AF8517189B0D61B2615007E071084] - |A| - [07/12/2019 16:49:57] - (.-.) - [39.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd00C.dat [MD5.B3031225C91F25C75624D215F3B35C9E] - |A| - [07/12/2019 11:17:25] - (.-.) - [685.16 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh009.dat [MD5.A2DA560C5BC3E8DDC1198559C8271B23] - |A| - [07/12/2019 16:49:57] - (.-.) - [774.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh00C.dat [MD5.DC323DA00F1956C7E84B01FACC65A5DE] - |A| - [28/01/2021 10:38:44] - (.-.) - [1729.4 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PerfStringBackup.INI [MD5.79D34E3B62076D4C875C748F5BE71ECA] - |A| - [07/12/2019 11:08:05] - (.-.) - [2.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PhoneSystemToastIcon.contrast-white.png [MD5.4D9495349D00D9AD907F227FF51F289F] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.92 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PhoneSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [338.5 Ko] - C:\WINDOWS\System32\pl-PL [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [456 Ko] - C:\WINDOWS\System32\PointOfService [MD5.7700A1F5ECACFB07A92C5960448AFAB8] - |A| - [07/12/2019 11:08:28] - (.-.) - [43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\pospaymentsworker.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [420.74 Ko] - C:\WINDOWS\System32\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\System32\ProximityToast [MD5.007893E8374C766471239EB291BA8C17] - |A| - [07/12/2019 11:08:19] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\psmodulediscoveryprovider.mof [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [332 Ko] - C:\WINDOWS\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [335 Ko] - C:\WINDOWS\System32\pt-PT [MD5.B1659C88A8FD2D051C20674C72460EC2] - |A| - [30/11/2020 04:30:00] - (.(c) Advanced Micro Devices, Inc. - AMD RapidFire.) - [728.04 Ko] - (2.1.0.20) - C:\WINDOWS\System32\Rapidfire64.dll [MD5.1D5976A745908A9C7CC015458F247FBE] - |A| - [30/11/2020 04:30:10] - (.(c) Advanced Micro Devices, Inc. - AMD Rapid Fire Server.) - [54.04 Ko] - (1.2.0.15) - C:\WINDOWS\System32\RapidFireServer64.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [23.75 Ko] - C:\WINDOWS\System32\ras [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\System32\RasToast [MD5.7852D37790807E55BD71A65183E0F1ED] - |A| - [27/06/2021 02:41:56] - (.-.) - [2315.5 Ko] - (1.0.2104.14003) - C:\WINDOWS\System32\rdpnano.dll [MD5.42577ED1BA5199ADD53E1186EC4E28A4] - |A| - [28/01/2021 10:19:49] - (.-.) - [72.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\rdsxvmaudio.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [2.2 Ko] - C:\WINDOWS\System32\Recovery [MD5.826549DF7B1333179BA8CA939B12DAD3] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RemoteSystemToastIcon.contrast-white.png [MD5.B4DEEC96F9DF6961D5DE054F11BF9C2B] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RemoteSystemToastIcon.png [MD5.19B5EEEC29F044451D5E8E89B1BE6F5E] - |A| - [07/12/2019 11:09:33] - (.-.) - [110.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResBParser.dll [MD5.31924C8E78CDBD81DA7905E87B185387] - |A| - [07/12/2019 11:09:54] - (.-.) - [9.35 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriHMImageList [MD5.5504F7F27D0AB178346D643D444A612C] - |A| - [07/12/2019 11:09:54] - (.-.) - [8.98 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriHMImageListLowCost [MD5.85CF16AF388AE12AAE3E48A883C17A06] - |A| - [07/12/2019 11:09:54] - (.-.) - [8.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriImageList [MD5.1391FB4E005C208A35E77DF6F3F055E2] - |A| - [07/12/2019 11:09:54] - (.-.) - [8.49 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriImageListLowCost [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-black.png [MD5.DF286186041C6BF73C5DC21CEEEFFED5] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-white.png [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.png [MD5.AE9FE55FED83149715734CB83339055A] - |A| - [07/12/2019 11:08:39] - (.-.) - [1.07 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartTonight_80.png [MD5.AE9FE55FED83149715734CB83339055A] - |A| - [07/12/2019 11:08:39] - (.-.) - [1.07 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartTonight_80_contrast-black.png [MD5.891AD355AB777A95695FC8A8A623A614] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.98 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartTonight_80_contrast-white.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.07 Ko] - C:\WINDOWS\System32\restore [MD5.AF47D6660569DFA46BC4E1CD21E1624B] - |A| - [28/09/2012 21:45:18] - (.-.) - [240.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\rtvcvfw64.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [329.5 Ko] - C:\WINDOWS\System32\ru-RU [MD5.FF82597A4B863A46083998B955772DD1] - |A| - [27/06/2021 02:41:45] - (.-.) - [59.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\runexehelper.exe [MD5.56B23318DE09559AE0A7EA51F068AC3B] - |A| - [07/04/2020 07:45:49] - (.-.) - [150.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\samu_krnl_ci.sbin [MD5.A769B352B827590EA4CCAC16E6269E33] - |A| - [07/04/2020 07:45:49] - (.-.) - [135.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\samu_krnl_isv_ci.sbin [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [07/12/2019 11:10:32] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScavengeSpace.xml [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-black.png [MD5.E72B1B6800DE45AA9AE7E10F899E5999] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-white.png [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.png [MD5.29C9D68A94B240A3AFE265CBD0D87AC3] - |A| - [04/01/2021 15:57:06] - (.-.) - [1.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScpDriver.log [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [4.85 Ko] - C:\WINDOWS\System32\SecureBootUpdates [MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |A| - [07/12/2019 11:08:41] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\settings.dat [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [78.59 Ko] - C:\WINDOWS\System32\Sgrm [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1839 Ko] - C:\WINDOWS\System32\ShellExperiences [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [23.7 Ko] - C:\WINDOWS\System32\si-lk [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [254.5 Ko] - C:\WINDOWS\System32\sk-SK [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [251.5 Ko] - C:\WINDOWS\System32\sl-SI [MD5.00000000000000000000000000000000] - |D| - [28/01/2021 10:28:46] - [25065.54 Ko] - C:\WINDOWS\System32\SleepStudy [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [52.14 Ko] - C:\WINDOWS\System32\slmgr [MD5.DAC275ABAAD2B689D7BB3685E4032072] - |A| - [07/12/2019 11:08:07] - (.-.) - [68.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SmallRoom.bin [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:03:44] - [13377.02 Ko] - C:\WINDOWS\System32\SMI [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-black.png [MD5.E30B7D226E7B5B0EC2B9FC2316694ECC] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-white.png [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.png [MD5.DE3EAAF17BC934C77C4FC0C626EEA03B] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.48 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpeakersSystemToastIcon.contrast-white.png [MD5.3308374DB8D20CFDA4D4204E2B5E559E] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpeakersSystemToastIcon.png [MD5.6DB032025BD266E5A3A52259F57F9247] - |A| - [07/12/2019 11:09:51] - (.-.) - [40 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpectrumSyncClient.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [7625.3 Ko] - C:\WINDOWS\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [12660.37 Ko] - C:\WINDOWS\System32\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [49246.5 Ko] - C:\WINDOWS\System32\spool [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [13592.44 Ko] - C:\WINDOWS\System32\spp [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [23.6 Ko] - C:\WINDOWS\System32\sppui [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [253.5 Ko] - C:\WINDOWS\System32\sr-Latn-RS [MD5.BA7D4E5FAE64BD0403C7F7E91CD93F77] - |A| - [07/12/2019 11:09:54] - (.-.) - [11.03 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms-apr-v.dat [MD5.DC9450258D80F46AEF8EF063A7C629B0] - |A| - [07/12/2019 11:09:54] - (.-.) - [19.03 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms-apr.dat [MD5.67894C70461ABD4EF6C116637EBB218A] - |A| - [07/12/2019 11:09:45] - (.-.) - [58.16 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms.dat [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [90712 Ko] - C:\WINDOWS\System32\sru [MD5.862E9C75593E9BB1A90961975276F7FE] - |A| - [28/01/2021 10:19:48] - (.-.) - [444.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [320 Ko] - C:\WINDOWS\System32\sv-SE [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1417.53 Ko] - C:\WINDOWS\System32\Sysprep [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [938.28 Ko] - C:\WINDOWS\System32\SystemResetPlatform [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [10.73 Ko] - C:\WINDOWS\System32\ta-in [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [10.73 Ko] - C:\WINDOWS\System32\ta-lk [MD5.4D188B08E9274E1360062B22E88A2F3F] - |A| - [07/12/2019 11:09:34] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [52 Ko] - (3.3.2.0) - C:\WINDOWS\System32\tar.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [814.19 Ko] - C:\WINDOWS\System32\Tasks [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [685.65 Ko] - C:\WINDOWS\System32\Tasks_Migrated [MD5.D602CA245CC6774A0981B607F0675609] - |A| - [07/12/2019 11:09:05] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\tcpmon.ini [MD5.518F44081E6F4B3236CBF4FB17E41F9B] - |A| - [27/06/2021 02:41:40] - (.-.) - [2208 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TextInputMethodFormatter.dll [MD5.74B20E14C597763501A603ED2DA2AD65] - |A| - [10/03/2021 11:07:33] - (.-.) - [690.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TextShaping.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [240 Ko] - C:\WINDOWS\System32\th-TH [MD5.CF7677327BE3C6395B9F3333CC0F1C15] - |A| - [28/01/2021 10:20:13] - (.-.) - [1.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ThirdPartyNoticesBySHS.txt [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5.97 Ko] - C:\WINDOWS\System32\ti-et [MD5.DD2C06FF7F8B7014B105ECE968BB8114] - |A| - [09/06/2021 11:16:13] - (.-.) - [266 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TpmTool.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [308 Ko] - C:\WINDOWS\System32\tr-TR [MD5.B88B8D017386A00D7724519F475317A0] - |A| - [07/12/2019 11:08:13] - (.-.) - [10.33 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlan.xslt [MD5.2F05390B798363D51EBE65D6320CD45E] - |A| - [07/12/2019 11:08:13] - (.-.) - [1.65 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlanCredentials.xslt [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [249 Ko] - C:\WINDOWS\System32\uk-UA [MD5.8CDD866E0707A71952FBA8BE899B7512] - |A| - [28/01/2021 10:19:49] - (.-.) - [63.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\umpdc.dll [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [2196.59 Ko] - C:\WINDOWS\System32\UNP [MD5.8ADD5935D83D0A425C39E369520C4095] - |A| - [07/12/2019 11:08:37] - (.-.) - [48 Ko] - (0.0.0.0) - C:\WINDOWS\System32\UsbPmApi.dll [MD5.46A6DF60907700A148D42CCF1219522E] - |A| - [07/12/2019 11:08:39] - (.-.) - [38.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\usocoreps.dll [MD5.1E630731AFDFC63DEC4074301D342E4B] - |A| - [07/12/2019 11:08:09] - (.-.) - [36.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\VhfUm.dll [MD5.A10725A4632FFFEAE250E09ADA553F94] - |A| - [28/01/2021 10:20:56] - (.-.) - [93.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\VirtualMonitorManager.dll [MD5.224C889120CE9B0D867ED8BD56B52CC6] - |A| - [19/07/2021 16:50:59] - (.Copyright (C) 2015-2020 - Vulkan Loader.) - [1072.13 Ko] - (1.2.170.0) - C:\WINDOWS\System32\vulkan-1-999-0-0-0.dll [MD5.224C889120CE9B0D867ED8BD56B52CC6] - |A| - [19/07/2021 16:50:59] - (.Copyright (C) 2015-2020 - Vulkan Loader.) - [1072.13 Ko] - (1.2.170.0) - C:\WINDOWS\System32\vulkan-1.dll [MD5.6C9F31C7119D01DAF521CC348B3958C1] - |A| - [19/07/2021 16:50:59] - (.Copyright (C) 2015-2020 - Vulkan Info.) - [1815.1 Ko] - (1.2.170.0) - C:\WINDOWS\System32\vulkaninfo-1-999-0-0-0.exe [MD5.6C9F31C7119D01DAF521CC348B3958C1] - |A| - [19/07/2021 16:50:59] - (.Copyright (C) 2015-2020 - Vulkan Info.) - [1815.1 Ko] - (1.2.170.0) - C:\WINDOWS\System32\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [179302.85 Ko] - C:\WINDOWS\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [0 Ko] - C:\WINDOWS\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [124269.71 Ko] - C:\WINDOWS\System32\WDI [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [07/12/2019 11:08:46] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WdsUnattendTemplate.xml [MD5.1D64ACF3675288CC086E6361EAC748C4] - |A| - [07/12/2019 11:08:52] - (.-.) - [144.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Win32AppSettingsProvider.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1.12 Ko] - C:\WINDOWS\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [50307.13 Ko] - C:\WINDOWS\System32\WinBioPlugIns [MD5.3F376202BE6A0EC0C866D97ED2E0F16D] - |A| - [09/06/2021 11:16:20] - (.-.) - [642.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WindowManagementAPI.dll [MD5.63CA1C622CC1F4B2520E61BB393C718A] - |A| - [29/04/2021 12:14:57] - (.Copyright © 2021 - Java(TM) Platform SE binary.) - [187.28 Ko] - (8.0.2910.10) - C:\WINDOWS\System32\WindowsAccessBridge-64.dll [MD5.E9CA21D71E952448B75C45B2467E4DE7] - |A| - [07/12/2019 11:08:27] - (.-.) - [123 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [10373.09 Ko] - C:\WINDOWS\System32\WindowsPowerShell [MD5.28E98ED0B6B08B7F1D163FFD184B28AF] - |A| - [07/12/2019 11:08:41] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WindowsSecurityIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [265432 Ko] - C:\WINDOWS\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [6278.84 Ko] - C:\WINDOWS\System32\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [107.56 Ko] - C:\WINDOWS\System32\winrm [MD5.1B46E2E85D401A629966A8F62D9B0775] - |A| - [07/12/2019 11:08:12] - (.-.) - [9.91 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpcatltoast.png [MD5.C30C621748C66CE751B19B2788559A3E] - |A| - [07/12/2019 11:08:12] - (.-.) - [4.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpcmon.png [MD5.69FEC1494F4C454E994D27CA6750832B] - |A| - [07/12/2019 11:08:49] - (.-.) - [0.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpr.config.xml [MD5.549347BCD4AACD63243D78E8F869DBB1] - |A| - [20/02/2021 16:43:19] - (.Copyright © 2008 - OpenAL32.) - [455.52 Ko] - (2.2.0.5) - C:\WINDOWS\System32\wrap_oal.dll [MD5.4ED631900F60C0DDD260AB471595B58E] - |A| - [13/07/2021 14:56:19] - (.Copyright (C) Lenovo Group Ltd. 2021 - CoInstaller for System Interface Foundation INF.) - [105.46 Ko] - (1.1.20.1) - C:\WINDOWS\System32\WudfUpdate_02000.dll [MD5.C8A7EAA0B83E05DDD11F37A833F754AC] - |A| - [07/12/2019 11:08:21] - (.-.) - [83 Ko] - (0.0.0.0) - C:\WINDOWS\System32\xboxgipsynthetic.dll [MD5.F7B865265606C41B0E07779D3317E0A8] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.61 Ko] - (0.0.0.0) - C:\WINDOWS\System32\X_80.contrast-black.png [MD5.6FF92221AF9D6CDF0966C4E44C367975] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.57 Ko] - (0.0.0.0) - C:\WINDOWS\System32\X_80.contrast-white.png [MD5.F7B865265606C41B0E07779D3317E0A8] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.61 Ko] - (0.0.0.0) - C:\WINDOWS\System32\X_80.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [234.99 Ko] - C:\WINDOWS\System32\zh-CN [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [204.5 Ko] - C:\WINDOWS\System32\zh-TW [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [0 Ko] - C:\WINDOWS\SysWOW64\0409 [MD5.D6F8DD9F561B8A67FFAC2BAD7E989770] - |A| - [07/12/2019 11:09:21] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@AppHelpToast.png [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [07/12/2019 11:09:21] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@AudioToastIcon.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [07/12/2019 11:09:26] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@EnrollmentToastIcon.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [07/12/2019 11:09:32] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@VpnToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [07/12/2019 11:09:15] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@WirelessDisplayToast.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1864.83 Ko] - C:\WINDOWS\SysWOW64\AdvancedInstallers [MD5.E556115BD4E751178310F842E457CA22] - |A| - [28/01/2021 10:20:23] - (.-.) - [10.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe [MD5.D25E7D0A8EB152FC20D8097AD8B35C98] - |A| - [30/11/2020 04:25:32] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon AMD AVE Driver Component.) - [126.95 Ko] - (27.20.1032.2) - C:\WINDOWS\SysWOW64\amdave32.dll [MD5.DE40AB143A6FA9C0D0DCAFD90AFBE5C0] - |A| - [30/11/2020 04:26:06] - (.-.) - [379.52 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\amdgfxinfo32.dll [MD5.EFFF1FB0E28F55F4249290CA7247EAB4] - |A| - [30/11/2020 04:26:20] - (.Copyright (C) 2020 Advanced Micro Devices, Inc. - Radeon Settings: Host Service.) - [171.89 Ko] - (2.0.0.1788) - C:\WINDOWS\SysWOW64\amdihk32.dll [MD5.6519C3BAD6855F6DB848487D4674BF93] - |A| - [30/11/2020 04:26:38] - (.Advanced Micro Devices, Inc. Copyright (C) 2015 - LiquidVR SDK 1.0.) - [759.02 Ko] - (1.0.16.0) - C:\WINDOWS\SysWOW64\amdlvr32.dll [MD5.E69CB98037B00FFC2E2181A8500EAEDE] - |A| - [30/11/2020 04:26:54] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MCL Universal Driver.) - [383.02 Ko] - (1.6.0.0) - C:\WINDOWS\SysWOW64\amdmcl32.dll [MD5.3ACA50FCF17408A36345D2C2DD7C9549] - |A| - [30/11/2020 04:25:50] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [115.07 Ko] - (27.20.1032.2) - C:\WINDOWS\SysWOW64\amdpcom32.dll [MD5.9F8A25401F621C18191523153A52C475] - |A| - [30/06/2021 13:47:17] - (.Copyright (c) 2013 - 2021 Advanced Micro Devices, Inc. - amdtee_api dll.) - [348.2 Ko] - (4.16.0.0) - C:\WINDOWS\SysWOW64\amdtee_api.dll [MD5.0EAAFC92CC87A93B08747CCC732A8E2B] - |A| - [30/11/2020 04:27:28] - (.Copyright (C) 2014-2017 AMD Inc. - amdxcstub32.dll.) - [113.02 Ko] - (8.18.10.357) - C:\WINDOWS\SysWOW64\amdxc32.dll [MD5.41999649BA8FD3AD64485222586E2A58] - |A| - [30/11/2020 04:27:46] - (.-.) - [52444.02 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\amd_comgr32.dll [MD5.B82848550C9A8A97A690C1A9C2483508] - |A| - [30/11/2020 04:26:04] - (.Copyright (C) 2016 - AMD MJPEG MFT Component.) - [1353.38 Ko] - (27.20.1032.2) - C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll [MD5.E50E5EC307584AF675E540244C4AD26D] - |A| - [30/11/2020 04:27:54] - (.Advanced Micro Devices, Inc. Copyright (C) 2017 - Advanced Media Framework.) - [4052.52 Ko] - (1.4.17.0) - C:\WINDOWS\SysWOW64\amfrt32.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\AppLocker [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [97.5 Ko] - C:\WINDOWS\SysWOW64\ar-SA [MD5.DDE41441FE1A8A540354DA849E3FBC79] - |A| - [07/12/2019 11:09:57] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [519.5 Ko] - (3.3.2.0) - C:\WINDOWS\SysWOW64\archiveint.dll [MD5.3B1EC4946F58C27D1F1BC01A61750128] - |A| - [30/11/2020 04:28:06] - (.Copyright (C) 2008-2020 Advanced Micro Devices, Inc. - ADL.) - [1318.52 Ko] - (27.20.1032.2) - C:\WINDOWS\SysWOW64\atiadlxx.dll [MD5.3B1EC4946F58C27D1F1BC01A61750128] - |A| - [30/11/2020 04:28:06] - (.Copyright (C) 2008-2020 Advanced Micro Devices, Inc. - ADL.) - [1318.52 Ko] - (27.20.1032.2) - C:\WINDOWS\SysWOW64\atiadlxy.dll [MD5.55F4C571A08FE6FFC0BEED1B36F787D1] - |A| - [30/11/2020 03:54:08] - (.-.) - [531.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\atiapfxx.blb [MD5.7A6F704636A265BED1C368A8E229EBA0] - |A| - [30/11/2020 04:28:08] - (.Copyright (C) 1998-2012 AMD Inc. - aticfxstub32.dll.) - [163.34 Ko] - (8.17.10.1684) - C:\WINDOWS\SysWOW64\aticfx32.dll [MD5.64774DE0289A261E03460FD1093609DF] - |A| - [30/11/2020 04:28:16] - (.-.) - [113.52 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\atidxx32.dll [MD5.4FBD7EB9734C73AA2B7E77060523CE02] - |A| - [30/11/2020 04:28:22] - (.-.) - [352.02 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\atieah32.exe [MD5.33221C73DD8BADE6C1C857C0A9FE8AE1] - |A| - [30/11/2020 04:28:38] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [216.52 Ko] - (27.20.1032.2) - C:\WINDOWS\SysWOW64\atigktxx.dll [MD5.B1861FDF5FF949ABD45DB5A8666E451B] - |A| - [30/11/2020 04:26:18] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [115.07 Ko] - (27.20.1032.2) - C:\WINDOWS\SysWOW64\atimpc32.dll [MD5.05C08965A3252052017A77C701C15B21] - |A| - [30/11/2020 04:29:00] - (.Copyright (c) 2010 Advanced Micro Devices, Inc. - Radeon spu api dll.) - [146.02 Ko] - (27.20.1032.2) - C:\WINDOWS\SysWOW64\atisamu32.dll [MD5.7469A4582570CFF5882899100F870B31] - |A| - [30/11/2020 03:54:16] - (.-.) - [3390.02 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\atiumdva.cap [MD5.7C163EDE63854539828F5B2C1BC529FD] - |A| - [07/04/2020 07:45:49] - (.-.) - [153.46 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ativvsva.dat [MD5.219D7091DD1D93728392337FE9C7ADD6] - |A| - [07/04/2020 07:45:49] - (.-.) - [200.15 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ativvsvl.dat [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [58.5 Ko] - C:\WINDOWS\SysWOW64\bg-BG [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.1 Ko] - C:\WINDOWS\SysWOW64\Bthprops [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\catroot [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [316.5 Ko] - C:\WINDOWS\SysWOW64\Com [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [108461.25 Ko] - C:\WINDOWS\SysWOW64\config [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [53.11 Ko] - C:\WINDOWS\SysWOW64\Configuration [MD5.6545DE4EF5217AA2FFC7FFD27725A971] - |A| - [28/01/2021 10:20:23] - (.-.) - [235 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CoreMas.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [118.5 Ko] - C:\WINDOWS\SysWOW64\cs-CZ [MD5.4329254E74AD91D047E3CEDCC7C138C3] - |A| - [07/12/2019 11:09:57] - (.© 1996 - 2017 Daniel Stenberg, . - The curl executable.) - [377.5 Ko] - (7.55.1.0) - C:\WINDOWS\SysWOW64\curl.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [119.5 Ko] - C:\WINDOWS\SysWOW64\da-DK [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [131 Ko] - C:\WINDOWS\SysWOW64\de-DE [MD5.C1684AACAAD62889ACFCA988AA46562D] - |A| - [07/12/2019 11:09:15] - (.-.) - [28.83 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\DefaultAccountTile.png [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [188 Ko] - C:\WINDOWS\SysWOW64\DiagSvcs [MD5.00000000000000000000000000000000] - |D| - [18/04/2021 17:20:11] - [0 Ko] - C:\WINDOWS\SysWOW64\directx [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [7599.52 Ko] - C:\WINDOWS\SysWOW64\Dism [MD5.BC1CF91831E2E02AF7A4B905FEF9FD2A] - |A| - [09/12/2020 22:00:18] - (.-.) - [66.36 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\FvSDK_x86.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:51:10] - [0 Ko] - C:\WINDOWS\SysWOW64\FxsTmp [MD5.B652FE0E7AD543AD236B979D37E37571] - |A| - [30/11/2020 04:29:32] - (.-.) - [379.53 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\GameManager32.dll [MD5.B873A5ABCFBC42B1BAC9EBE8741C6162] - |A| - [07/12/2019 16:50:56] - (.Copyright (C) 2019 - Gracenote SDK component.) - [244 Ko] - (3.9.511.0) - C:\WINDOWS\SysWOW64\gnsdk_fp.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [93 Ko] - C:\WINDOWS\SysWOW64\he-IL [MD5.DF0C9C776F8367E213210FB256AC30EC] - |A| - [28/01/2021 10:20:28] - (.-.) - [230 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [55.5 Ko] - C:\WINDOWS\SysWOW64\hr-HR [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [123 Ko] - C:\WINDOWS\SysWOW64\hu-HU [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [36.27 Ko] - C:\WINDOWS\SysWOW64\icsxml [MD5.8226A1A91F01432A0CB10CAABF1B9C6D] - |A| - [09/06/2021 11:16:39] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Combined Library.) - [1820.5 Ko] - (64.2.0.0) - C:\WINDOWS\SysWOW64\icu.dll [MD5.FB475B41189AACF1C607C1E9DC0EBB0B] - |RA| - [07/12/2019 11:09:18] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N Forwarder DLL.) - [24 Ko] - (64.2.0.0) - C:\WINDOWS\SysWOW64\icuin.dll [MD5.B17445D0DF2C22C924899B5DF8E84475] - |RA| - [07/12/2019 11:09:18] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common Forwarder DLL.) - [28.5 Ko] - (64.2.0.0) - C:\WINDOWS\SysWOW64\icuuc.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [21642.16 Ko] - C:\WINDOWS\SysWOW64\IME [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\inetsrv [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [215 Ko] - C:\WINDOWS\SysWOW64\InputMethod [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1160 Ko] - C:\WINDOWS\SysWOW64\InstallShield [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\Ipmi [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [125 Ko] - C:\WINDOWS\SysWOW64\it-IT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [89 Ko] - C:\WINDOWS\SysWOW64\ja-JP [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [10192.95 Ko] - C:\WINDOWS\SysWOW64\Keywords [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [91 Ko] - C:\WINDOWS\SysWOW64\ko-KR [MD5.535779909A40B42F4F3E48598F5778A5] - |A| - [26/01/2021 03:43:19] - (.2002-2009 S. Meyer; 2010 T. Robinson - libusb-win32 - DLL.) - [66.09 Ko] - (1.2.6.0) - C:\WINDOWS\SysWOW64\libusb0.dll [MD5.F513A9294B0347FA30B739F9F9BFF866] - |A| - [26/01/2021 03:43:19] - (.© T. Robinson 2010-2012 - libusbK(lusbk) USB Library.) - [81.59 Ko] - (3.0.5.16) - C:\WINDOWS\SysWOW64\libusbK.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [625.17 Ko] - C:\WINDOWS\SysWOW64\Licenses [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\LogFiles [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [56.5 Ko] - C:\WINDOWS\SysWOW64\lt-LT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [56 Ko] - C:\WINDOWS\SysWOW64\lv-LV [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [22.4 Ko] - C:\WINDOWS\SysWOW64\Macromed [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:52:05] - [32.68 Ko] - C:\WINDOWS\SysWOW64\MailContactsCalendarSync [MD5.FB562A32718791246868D93CDDE3CC3E] - |A| - [30/11/2020 04:29:52] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MCL Universal Driver.) - [82.04 Ko] - (27.20.1032.2) - C:\WINDOWS\SysWOW64\mcl32.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [2863.61 Ko] - C:\WINDOWS\SysWOW64\migration [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [816.8 Ko] - C:\WINDOWS\SysWOW64\migwiz [MD5.08749DCC252AE1148E3BEA32B3FFFBFC] - |A| - [07/12/2019 11:10:14] - (.-.) - [0.11 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\MixedRealityRuntime.json [MD5.C8BF077B236ED2803347BD95DE29BF68] - |A| - [07/12/2019 11:15:00] - (.-.) - [3.03 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\mmc.exe.config [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [45.5 Ko] - C:\WINDOWS\SysWOW64\MSDRM [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [52.28 Ko] - C:\WINDOWS\SysWOW64\Msdtc [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [21.37 Ko] - C:\WINDOWS\SysWOW64\MUI [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [116 Ko] - C:\WINDOWS\SysWOW64\nb-NO [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\NDF [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [51 Ko] - C:\WINDOWS\SysWOW64\networklist [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [122 Ko] - C:\WINDOWS\SysWOW64\nl-NL [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [3781.5 Ko] - C:\WINDOWS\SysWOW64\Nui [MD5.F952378524D6A310494869F9CC659FF1] - |A| - [19/07/2021 16:50:58] - (.-.) - [563.63 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\nvofapi.dll [MD5.B3B9C8925432FDA674ACCA908FE3CFDE] - |A| - [07/12/2019 11:10:14] - (.-.) - [36.79 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\OneDrive.ico [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [761.33 Ko] - C:\WINDOWS\SysWOW64\oobe [MD5.235355A8DD26903E75D5E812ECF50E53] - |A| - [20/02/2021 16:43:19] - (.Copyright (C) 2000-2006 - Standard OpenAL(TM) Implementation.) - [106.52 Ko] - (6.14.357.24) - C:\WINDOWS\SysWOW64\OpenAL32.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [79.5 Ko] - C:\WINDOWS\SysWOW64\PerceptionSimulation [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [124 Ko] - C:\WINDOWS\SysWOW64\pl-PL [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [420.74 Ko] - C:\WINDOWS\SysWOW64\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [122 Ko] - C:\WINDOWS\SysWOW64\pt-BR [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [123 Ko] - C:\WINDOWS\SysWOW64\pt-PT [MD5.7636123426E93B85EC170E03CC09E6BF] - |A| - [30/11/2020 04:29:58] - (.(c) Advanced Micro Devices, Inc. - AMD RapidFire.) - [615.03 Ko] - (2.1.0.20) - C:\WINDOWS\SysWOW64\Rapidfire.dll [MD5.D6DC33A5648D13AB3D577F0BBC54E02E] - |A| - [30/11/2020 04:30:06] - (.(c) Advanced Micro Devices, Inc. - AMD Rapid Fire Server.) - [51.04 Ko] - (1.2.0.15) - C:\WINDOWS\SysWOW64\RapidFireServer.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [23.75 Ko] - C:\WINDOWS\SysWOW64\ras [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\RasToast [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.82 Ko] - C:\WINDOWS\SysWOW64\Recovery [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\restore [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [57.5 Ko] - C:\WINDOWS\SysWOW64\ro-RO [MD5.03944ABAE856DC164BD167526E07E953] - |A| - [28/09/2012 21:45:08] - (.-.) - [241.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\rtvcvfw32.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [121.5 Ko] - C:\WINDOWS\SysWOW64\ru-RU [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [57 Ko] - C:\WINDOWS\SysWOW64\sk-SK [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [57 Ko] - C:\WINDOWS\SysWOW64\sl-SI [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [52.14 Ko] - C:\WINDOWS\SysWOW64\slmgr [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\SMI [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [4039.33 Ko] - C:\WINDOWS\SysWOW64\Speech [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [8889.86 Ko] - C:\WINDOWS\SysWOW64\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1315.66 Ko] - C:\WINDOWS\SysWOW64\spp [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [23.6 Ko] - C:\WINDOWS\SysWOW64\sppui [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [56.5 Ko] - C:\WINDOWS\SysWOW64\sr-Latn-RS [MD5.BA7D4E5FAE64BD0403C7F7E91CD93F77] - |A| - [07/12/2019 11:10:05] - (.-.) - [11.03 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\srms-apr-v.dat [MD5.DC9450258D80F46AEF8EF063A7C629B0] - |A| - [07/12/2019 11:10:05] - (.-.) - [19.03 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\srms-apr.dat [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\sru [MD5.BDC53957962AFBEBE6A25EF941C261B3] - |A| - [28/01/2021 10:20:23] - (.-.) - [323 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [117 Ko] - C:\WINDOWS\SysWOW64\sv-SE [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [0 Ko] - C:\WINDOWS\SysWOW64\sysprep [MD5.4B26D4CD5CD5F7B074E31793979F17C5] - |A| - [07/12/2019 11:09:57] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [42.5 Ko] - (3.3.2.0) - C:\WINDOWS\SysWOW64\tar.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\Tasks [MD5.5C678F08A307A26636D2A00E49E76FF3] - |A| - [28/01/2021 10:20:28] - (.-.) - [1302.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll [MD5.9CEDDB7AB658F4AC4C4F1757098278C3] - |A| - [10/03/2021 11:07:37] - (.-.) - [597.61 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\TextShaping.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [50.5 Ko] - C:\WINDOWS\SysWOW64\th-TH [MD5.F6F4828A0DAF74F06AB2AC749267FD84] - |A| - [09/06/2021 11:16:36] - (.-.) - [218.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\TpmTool.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [115 Ko] - C:\WINDOWS\SysWOW64\tr-TR [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [57 Ko] - C:\WINDOWS\SysWOW64\uk-UA [MD5.7E0273A51BDD51DFB58F905C8F501061] - |A| - [28/01/2021 10:20:30] - (.-.) - [46.36 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\umpdc.dll [MD5.4B0C0A8C960AF22761FB6A25D8A50DF2] - |RA| - [13/12/2020 21:04:31] - (.Copyright © 2000-3 ON2 Technologies - VP6 VIDEO FOR WINDOWS CODEC.) - [437.26 Ko] - (6.0.6.4) - C:\WINDOWS\SysWOW64\vp6vfw.dll [MD5.811DB94340DCFE61478AF8CEB06CF241] - |A| - [19/07/2021 16:50:59] - (.Copyright (C) 2015-2020 - Vulkan Loader.) - [929.63 Ko] - (1.2.170.0) - C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll [MD5.811DB94340DCFE61478AF8CEB06CF241] - |A| - [19/07/2021 16:50:59] - (.Copyright (C) 2015-2020 - Vulkan Loader.) - [929.63 Ko] - (1.2.170.0) - C:\WINDOWS\SysWOW64\vulkan-1.dll [MD5.38814BFBE0955115E7B81D82E40FA6AF] - |A| - [19/07/2021 16:50:59] - (.Copyright (C) 2015-2020 - Vulkan Info.) - [1405.1 Ko] - (1.2.170.0) - C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe [MD5.38814BFBE0955115E7B81D82E40FA6AF] - |A| - [19/07/2021 16:50:59] - (.Copyright (C) 2015-2020 - Vulkan Info.) - [1405.1 Ko] - (1.2.170.0) - C:\WINDOWS\SysWOW64\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [15806.92 Ko] - C:\WINDOWS\SysWOW64\wbem [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [0 Ko] - C:\WINDOWS\SysWOW64\WCN [MD5.A22B636328327A4EA6F6AB3F48A5B5B1] - |A| - [09/06/2021 11:16:39] - (.-.) - [457.46 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\WindowManagementAPI.dll [MD5.BEDEDB102316C696D36F0D4331E1C2AE] - |A| - [07/12/2019 11:09:17] - (.-.) - [104.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [9338.44 Ko] - C:\WINDOWS\SysWOW64\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [6278.98 Ko] - C:\WINDOWS\SysWOW64\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [107.56 Ko] - C:\WINDOWS\SysWOW64\winrm [MD5.D494267BC169604FAC5E3679B9A97FED] - |A| - [20/02/2021 16:43:19] - (.Copyright © 2008 - OpenAL32.) - [434.52 Ko] - (2.2.0.5) - C:\WINDOWS\SysWOW64\wrap_oal.dll [MD5.7A015A6F199516A06C5AFB56FEE7AC51] - |A| - [07/12/2019 11:09:17] - (.-.) - [59 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [28/01/2021 10:13:50] - [10.16 Ko] - C:\WINDOWS\SysWOW64\XPSViewer [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [82 Ko] - C:\WINDOWS\SysWOW64\zh-CN [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [82 Ko] - C:\WINDOWS\SysWOW64\zh-TW ---------- | [cl_97] [02/05/2021 23:17:01] - |A| - [6961] - C:\Users\cl_97\-1.14-windows.xml [10/12/2020 08:06:12] - |RD| - [298] - C:\Users\cl_97\3D Objects [10/12/2020 10:21:36] - |D| - [0] - C:\Users\cl_97\ansel [28/01/2021 10:29:51] - |HD| - [16159333022] - C:\Users\cl_97\AppData [28/01/2021 10:29:51] - |SHD| - [0] - C:\Users\cl_97\Application Data [10/12/2020 08:06:12] - |RD| - [412] - C:\Users\cl_97\Contacts [28/01/2021 10:29:52] - |SHD| - [0] - C:\Users\cl_97\Cookies [10/12/2020 08:01:29] - |D| - [0] - C:\Users\cl_97\Documents [10/12/2020 08:01:29] - |RD| - [45905746100] - C:\Users\cl_97\Downloads [10/12/2020 10:33:20] - |RD| - [1139013475] - C:\Users\cl_97\Dropbox [10/12/2020 08:01:29] - |RD| - [914] - C:\Users\cl_97\Favorites [10/12/2020 08:01:29] - |RD| - [1993] - C:\Users\cl_97\Links [28/01/2021 10:29:52] - |SHD| - [0] - C:\Users\cl_97\Local Settings [28/01/2021 10:29:51] - |SHD| - [0] - C:\Users\cl_97\Menu Démarrer [28/01/2021 10:29:51] - |SHD| - [0] - C:\Users\cl_97\Mes documents [10/12/2020 08:10:51] - |HD| - [2641209] - C:\Users\cl_97\MicrosoftEdgeBackups [28/01/2021 10:29:52] - |SHD| - [0] - C:\Users\cl_97\Modèles [10/12/2020 08:01:29] - |RD| - [504] - C:\Users\cl_97\Music [28/01/2021 10:29:51] - |AH| - [6029312] - C:\Users\cl_97\NTUSER.DAT [28/01/2021 10:29:52] - |ASH| - [1310720] - C:\Users\cl_97\ntuser.dat.LOG1 [28/01/2021 10:29:52] - |ASH| - [1441792] - C:\Users\cl_97\ntuser.dat.LOG2 [04/04/2021 21:48:11] - |ASH| - [65536] - C:\Users\cl_97\NTUSER.DAT{9cdfbceb-957e-11eb-9c1c-d8c0a62fe140}.TM.blf [04/04/2021 21:48:11] - |ASH| - [524288] - C:\Users\cl_97\NTUSER.DAT{9cdfbceb-957e-11eb-9c1c-d8c0a62fe140}.TMContainer00000000000000000001.regtrans-ms [04/04/2021 21:48:11] - |ASH| - [524288] - C:\Users\cl_97\NTUSER.DAT{9cdfbceb-957e-11eb-9c1c-d8c0a62fe140}.TMContainer00000000000000000002.regtrans-ms [28/01/2021 10:29:52] - |ASH| - [65536] - C:\Users\cl_97\NTUSER.DAT{d3ded011-6142-11eb-9bf7-d8c0a62fe140}.TM.blf [28/01/2021 10:29:52] - |ASH| - [524288] - C:\Users\cl_97\NTUSER.DAT{d3ded011-6142-11eb-9bf7-d8c0a62fe140}.TMContainer00000000000000000001.regtrans-ms [28/01/2021 10:29:52] - |ASH| - [524288] - C:\Users\cl_97\NTUSER.DAT{d3ded011-6142-11eb-9bf7-d8c0a62fe140}.TMContainer00000000000000000002.regtrans-ms [28/01/2021 10:35:45] - |SH| - [20] - C:\Users\cl_97\ntuser.ini [23/05/2021 15:55:17] - |D| - [393248] - C:\Users\cl_97\NucleusCoop [10/12/2020 08:08:23] - |RAD| - [5131963631] - C:\Users\cl_97\OneDrive [28/01/2021 10:29:51] - |SHD| - [0] - C:\Users\cl_97\Recent [10/12/2020 08:01:29] - |RD| - [23540303] - C:\Users\cl_97\Saved Games [10/12/2020 08:06:12] - |RD| - [1875] - C:\Users\cl_97\Searches [28/01/2021 10:29:51] - |SHD| - [0] - C:\Users\cl_97\SendTo [10/12/2020 08:01:29] - |RD| - [2266877104] - C:\Users\cl_97\Videos [28/01/2021 10:29:51] - |SHD| - [0] - C:\Users\cl_97\Voisinage d'impression [28/01/2021 10:29:51] - |SHD| - [0] - C:\Users\cl_97\Voisinage réseau [28/01/2021 10:29:51] - |D| - [13428103610] - C:\Users\cl_97\AppData\Local [10/12/2020 08:01:30] - |D| - [17837447] - C:\Users\cl_97\AppData\LocalLow [28/01/2021 10:29:51] - |D| - [2713391965] - C:\Users\cl_97\AppData\Roaming [13/12/2020 18:31:20] - |D| - [69720] - C:\Users\cl_97\AppData\Local\AcSdkInsLog [10/12/2020 08:06:19] - |D| - [27065219] - C:\Users\cl_97\AppData\Local\AMD [08/03/2021 22:56:34] - |D| - [4340729570] - C:\Users\cl_97\AppData\Local\Ankama [28/01/2021 10:29:52] - |SHD| - [0] - C:\Users\cl_97\AppData\Local\Application Data [10/12/2020 08:56:26] - |D| - [2723327] - C:\Users\cl_97\AppData\Local\ASUS [13/12/2020 03:05:56] - |D| - [483634] - C:\Users\cl_97\AppData\Local\AT [10/12/2020 09:05:39] - |D| - [983732] - C:\Users\cl_97\AppData\Local\BitTorrentHelper [28/06/2021 18:42:35] - |D| - [287424169] - C:\Users\cl_97\AppData\Local\blitz-updater [29/03/2021 16:53:19] - |D| - [1143260] - C:\Users\cl_97\AppData\Local\Bluestacks [29/03/2021 17:02:33] - |D| - [557820360] - C:\Users\cl_97\AppData\Local\BlueStacksSetup [10/12/2020 10:32:48] - |D| - [9668] - C:\Users\cl_97\AppData\Local\cache [10/12/2020 20:26:51] - |D| - [21239519] - C:\Users\cl_97\AppData\Local\CD Projekt Red [10/12/2020 09:33:43] - |D| - [3618538] - C:\Users\cl_97\AppData\Local\CEF [30/12/2020 05:42:10] - |D| - [77] - C:\Users\cl_97\AppData\Local\Cemu [10/12/2020 08:17:42] - |D| - [162055810] - C:\Users\cl_97\AppData\Local\Comms [10/12/2020 08:06:10] - |D| - [6627749] - C:\Users\cl_97\AppData\Local\ConnectedDevicesPlatform [09/12/2020 20:52:13] - |D| - [20075471] - C:\Users\cl_97\AppData\Local\CrashDumps [07/02/2021 16:51:38] - |D| - [61286] - C:\Users\cl_97\AppData\Local\CrashReportClient [10/12/2020 08:06:19] - |D| - [19945240] - C:\Users\cl_97\AppData\Local\D3DSCache [10/12/2020 09:41:16] - |D| - [2538010] - C:\Users\cl_97\AppData\Local\DBFighterZ [07/02/2021 16:51:38] - |D| - [0] - C:\Users\cl_97\AppData\Local\DBG [14/12/2020 16:37:15] - |D| - [1715115] - C:\Users\cl_97\AppData\Local\Diagnostics [08/01/2021 21:36:38] - |D| - [487738209] - C:\Users\cl_97\AppData\Local\Discord [10/12/2020 01:55:18] - |D| - [1574] - C:\Users\cl_97\AppData\Local\Disc_Soft_Ltd [10/12/2020 09:30:55] - |D| - [36229515] - C:\Users\cl_97\AppData\Local\Dropbox [12/12/2020 02:40:36] - |D| - [1208829] - C:\Users\cl_97\AppData\Local\ElevatedDiagnostics [12/04/2021 21:18:28] - |D| - [20506485] - C:\Users\cl_97\AppData\Local\Epic Games [27/12/2020 01:06:09] - |D| - [392283249] - C:\Users\cl_97\AppData\Local\EpicGamesLauncher [02/01/2021 19:02:33] - |D| - [433424833] - C:\Users\cl_97\AppData\Local\FortniteGame [23/05/2021 19:39:50] - |D| - [1246948532] - C:\Users\cl_97\AppData\Local\ForzaHorizon4 [09/01/2021 15:06:14] - |D| - [20089] - C:\Users\cl_97\AppData\Local\Gears5 [20/06/2021 22:10:18] - |D| - [397174] - C:\Users\cl_97\AppData\Local\GGST [10/12/2020 20:26:51] - |D| - [2277] - C:\Users\cl_97\AppData\Local\GOG.com [10/12/2020 08:11:14] - |D| - [1066378456] - C:\Users\cl_97\AppData\Local\Google [29/05/2021 16:31:37] - |D| - [1515] - C:\Users\cl_97\AppData\Local\Haze1 [28/01/2021 10:29:52] - |SHD| - [0] - C:\Users\cl_97\AppData\Local\Historique [18/07/2021 10:48:24] - |AH| - [146118] - C:\Users\cl_97\AppData\Local\IconCache.db [11/12/2020 12:14:48] - |D| - [0] - C:\Users\cl_97\AppData\Local\INetHistory [17/12/2020 00:21:26] - |D| - [2884688] - C:\Users\cl_97\AppData\Local\Kaspersky Lab [20/06/2021 12:14:44] - |D| - [3932] - C:\Users\cl_97\AppData\Local\Lenovo [26/01/2021 04:39:32] - |D| - [0] - C:\Users\cl_97\AppData\Local\LogMeIn [21/07/2021 17:18:16] - |D| - [776360] - C:\Users\cl_97\AppData\Local\mbam [21/07/2021 17:17:31] - |D| - [238156] - C:\Users\cl_97\AppData\Local\mbamtray [23/02/2021 00:32:03] - |D| - [3191380] - C:\Users\cl_97\AppData\Local\Mephisto [28/01/2021 10:29:51] - |D| - [532175591] - C:\Users\cl_97\AppData\Local\Microsoft [10/12/2020 08:07:27] - |D| - [65405] - C:\Users\cl_97\AppData\Local\MicrosoftEdge [02/07/2021 11:26:57] - |D| - [11165581] - C:\Users\cl_97\AppData\Local\miHoYo [25/03/2021 15:47:30] - |D| - [873] - C:\Users\cl_97\AppData\Local\ModManager [13/12/2020 04:41:25] - |D| - [1826213] - C:\Users\cl_97\AppData\Local\Native Instruments [10/12/2020 10:21:33] - |D| - [887407855] - C:\Users\cl_97\AppData\Local\NVIDIA [10/12/2020 08:07:28] - |D| - [201918542] - C:\Users\cl_97\AppData\Local\NVIDIA Corporation [22/12/2020 05:35:24] - |D| - [71820] - C:\Users\cl_97\AppData\Local\OneDrive [20/07/2021 22:38:21] - |D| - [45215] - C:\Users\cl_97\AppData\Local\Onova [28/04/2021 00:41:52] - |D| - [26384592] - C:\Users\cl_97\AppData\Local\Package Cache [10/12/2020 08:06:11] - |D| - [457057823] - C:\Users\cl_97\AppData\Local\Packages [26/04/2021 18:44:49] - |D| - [154031778] - C:\Users\cl_97\AppData\Local\pip [10/12/2020 08:10:59] - |D| - [44661] - C:\Users\cl_97\AppData\Local\PlaceholderTileLogoFolder [23/01/2021 13:11:15] - |D| - [289600692] - C:\Users\cl_97\AppData\Local\Plutonium [09/12/2020 20:15:41] - |D| - [573968299] - C:\Users\cl_97\AppData\Local\Programs [10/12/2020 08:17:34] - |D| - [2347133] - C:\Users\cl_97\AppData\Local\Publishers [18/04/2021 13:33:14] - |D| - [7297144] - C:\Users\cl_97\AppData\Local\qBittorrent [04/04/2021 21:39:02] - |D| - [2327] - C:\Users\cl_97\AppData\Local\Rapr [10/12/2020 20:26:08] - |D| - [0] - C:\Users\cl_97\AppData\Local\REDEngine [18/07/2021 18:36:53] - |A| - [7606] - C:\Users\cl_97\AppData\Local\Resmon.ResmonCfg [09/12/2020 20:40:43] - |D| - [8222925] - C:\Users\cl_97\AppData\Local\Riot Games [22/05/2021 21:41:11] - |D| - [25062] - C:\Users\cl_97\AppData\Local\Rocket League [12/12/2020 05:29:10] - |D| - [239403912] - C:\Users\cl_97\AppData\Local\slobs-client-updater [10/12/2020 04:05:03] - |D| - [3655] - C:\Users\cl_97\AppData\Local\Spectrasonics [10/12/2020 10:00:56] - |D| - [91566860] - C:\Users\cl_97\AppData\Local\Spotify [08/01/2021 21:36:36] - |D| - [9518] - C:\Users\cl_97\AppData\Local\SquirrelTemp [10/12/2020 09:33:43] - |D| - [486295245] - C:\Users\cl_97\AppData\Local\Steam [18/04/2021 17:21:03] - |D| - [203261418] - C:\Users\cl_97\AppData\Local\TekkenGame [28/01/2021 10:29:51] - |AD| - [36967506] - C:\Users\cl_97\AppData\Local\Temp [28/01/2021 10:29:52] - |SHD| - [0] - C:\Users\cl_97\AppData\Local\Temporary Internet Files [10/12/2020 10:11:54] - |D| - [1342] - C:\Users\cl_97\AppData\Local\UnrealEngine [27/12/2020 01:06:10] - |D| - [0] - C:\Users\cl_97\AppData\Local\UnrealEngineLauncher [10/12/2020 08:06:11] - |D| - [382256] - C:\Users\cl_97\AppData\Local\VirtualStore [08/03/2021 22:54:13] - |D| - [67833916] - C:\Users\cl_97\AppData\Local\zaap-updater [10/12/2020 08:11:52] - |D| - [0] - C:\Users\cl_97\AppData\LocalLow\AMD [23/12/2020 18:13:45] - |D| - [36104] - C:\Users\cl_97\AppData\LocalLow\Innersloth [18/07/2021 01:26:59] - |D| - [671] - C:\Users\cl_97\AppData\LocalLow\IObit [10/12/2020 08:01:31] - |SD| - [14683191] - C:\Users\cl_97\AppData\LocalLow\Microsoft [02/07/2021 12:30:25] - |D| - [439413] - C:\Users\cl_97\AppData\LocalLow\miHoYo [29/04/2021 12:13:28] - |D| - [145408] - C:\Users\cl_97\AppData\LocalLow\Oracle [24/12/2020 00:27:14] - |D| - [2431754] - C:\Users\cl_97\AppData\LocalLow\Rebuilt Games [29/03/2021 15:28:42] - |D| - [35370] - C:\Users\cl_97\AppData\LocalLow\Sun [23/12/2020 18:13:52] - |D| - [0] - C:\Users\cl_97\AppData\LocalLow\Unity [14/04/2021 15:05:21] - |D| - [65536] - C:\Users\cl_97\AppData\LocalLow\uTorrent [28/06/2021 18:42:46] - |A| - [32] - C:\Users\cl_97\AppData\Roaming\.machineId [02/07/2021 12:35:11] - |D| - [0] - C:\Users\cl_97\AppData\Roaming\.mono [29/03/2021 15:46:24] - |D| - [114963] - C:\Users\cl_97\AppData\Roaming\.tlauncher [10/12/2020 08:06:12] - |D| - [0] - C:\Users\cl_97\AppData\Roaming\Adobe [08/03/2021 22:54:23] - |D| - [558063] - C:\Users\cl_97\AppData\Roaming\Ankama Launcher [08/03/2021 22:59:17] - |D| - [1005] - C:\Users\cl_97\AppData\Roaming\AnkamaCertificates [28/06/2021 18:42:39] - |D| - [368892150] - C:\Users\cl_97\AppData\Roaming\Blitz [21/05/2021 21:40:07] - |D| - [11385] - C:\Users\cl_97\AppData\Roaming\Bungie [10/01/2021 10:56:36] - |D| - [20755017] - C:\Users\cl_97\AppData\Roaming\Championify [03/01/2021 01:11:47] - |D| - [21447904] - C:\Users\cl_97\AppData\Roaming\cod_bo3_crack_data [04/01/2021 13:17:50] - |D| - [22056160] - C:\Users\cl_97\AppData\Roaming\cod_ww2_crack_data [08/03/2021 22:59:08] - |A| - [117] - C:\Users\cl_97\AppData\Roaming\D2Info0 [31/12/2020 15:31:15] - |D| - [0] - C:\Users\cl_97\AppData\Roaming\DAEMON Tools Pro [09/12/2020 23:16:41] - |D| - [0] - C:\Users\cl_97\AppData\Roaming\Disc-Soft [08/01/2021 21:36:50] - |D| - [340234235] - C:\Users\cl_97\AppData\Roaming\discord [08/03/2021 22:59:08] - |D| - [2884633] - C:\Users\cl_97\AppData\Roaming\Dofus [09/03/2021 13:37:24] - |D| - [75] - C:\Users\cl_97\AppData\Roaming\Dofus-2 [11/03/2021 21:23:49] - |D| - [75] - C:\Users\cl_97\AppData\Roaming\Dofus-3 [08/03/2021 22:59:08] - |A| - [8] - C:\Users\cl_97\AppData\Roaming\DofusAppId0_1 [09/03/2021 13:37:24] - |A| - [8] - C:\Users\cl_97\AppData\Roaming\DofusAppId0_2 [11/03/2021 21:23:49] - |A| - [8] - C:\Users\cl_97\AppData\Roaming\DofusAppId0_3 [10/12/2020 10:30:11] - |D| - [402524] - C:\Users\cl_97\AppData\Roaming\Dropbox [25/02/2021 22:39:01] - |D| - [203] - C:\Users\cl_97\AppData\Roaming\dvdcss [25/01/2021 23:25:08] - |D| - [392302530] - C:\Users\cl_97\AppData\Roaming\Easeware [14/05/2021 15:52:24] - |D| - [9861684] - C:\Users\cl_97\AppData\Roaming\EasyAntiCheat [19/04/2021 00:52:10] - |A| - [12288] - C:\Users\cl_97\AppData\Roaming\emp.bin [18/04/2021 17:20:53] - |D| - [1879] - C:\Users\cl_97\AppData\Roaming\EMPRESS [10/12/2020 01:51:20] - |D| - [8434944] - C:\Users\cl_97\AppData\Roaming\FabFilter [20/06/2021 22:10:19] - |D| - [17] - C:\Users\cl_97\AppData\Roaming\FLT [09/02/2021 09:24:04] - |D| - [6041904] - C:\Users\cl_97\AppData\Roaming\IObit [29/03/2021 15:29:34] - |D| - [0] - C:\Users\cl_97\AppData\Roaming\java [13/12/2020 21:05:46] - |D| - [2245] - C:\Users\cl_97\AppData\Roaming\Macromedia [11/12/2020 16:00:22] - |D| - [2320] - C:\Users\cl_97\AppData\Roaming\Maize Sampler Player [28/01/2021 10:29:51] - |SD| - [36109562] - C:\Users\cl_97\AppData\Roaming\Microsoft [11/12/2020 13:50:08] - |D| - [14570717] - C:\Users\cl_97\AppData\Roaming\Modartt [04/01/2021 13:49:55] - |D| - [0] - C:\Users\cl_97\AppData\Roaming\Nefarius Software Solutions [23/12/2020 17:34:31] - |D| - [0] - C:\Users\cl_97\AppData\Roaming\NVIDIA [12/12/2020 05:29:17] - |D| - [40] - C:\Users\cl_97\AppData\Roaming\obs-studio-node-server [09/12/2020 23:37:42] - |D| - [226] - C:\Users\cl_97\AppData\Roaming\Omnisphere [23/12/2020 17:08:33] - |D| - [15912217] - C:\Users\cl_97\AppData\Roaming\Parsec [26/04/2021 18:44:49] - |D| - [386671216] - C:\Users\cl_97\AppData\Roaming\Python [18/04/2021 13:33:14] - |D| - [4818] - C:\Users\cl_97\AppData\Roaming\qBittorrent [12/12/2020 05:29:15] - |D| - [580877338] - C:\Users\cl_97\AppData\Roaming\slobs-client [12/12/2020 05:29:17] - |D| - [0] - C:\Users\cl_97\AppData\Roaming\slobs-plugins [03/01/2021 01:12:28] - |D| - [158834] - C:\Users\cl_97\AppData\Roaming\SmartSteamEmu [10/12/2020 10:00:29] - |D| - [249556763] - C:\Users\cl_97\AppData\Roaming\Spotify [12/12/2020 05:29:15] - |D| - [0] - C:\Users\cl_97\AppData\Roaming\Streamlabs OBS [29/03/2021 15:29:12] - |D| - [0] - C:\Users\cl_97\AppData\Roaming\Sun [17/07/2021 18:25:23] - |D| - [165993912] - C:\Users\cl_97\AppData\Roaming\Telegram Desktop [10/12/2020 09:05:25] - |D| - [31746853] - C:\Users\cl_97\AppData\Roaming\uTorrent [17/01/2021 22:46:50] - |D| - [102659] - C:\Users\cl_97\AppData\Roaming\vlc [27/12/2020 00:55:34] - |D| - [46607] - C:\Users\cl_97\AppData\Roaming\yuzu [08/03/2021 22:54:23] - |D| - [37615891] - C:\Users\cl_97\AppData\Roaming\zaap [15/03/2021 15:41:52] - |D| - [75] - C:\Users\cl_97\AppData\Roaming\[Worker] [08/03/2021 22:59:10] - |D| - [5861] - C:\Users\cl_97\AppData\Roaming\[Worker].null [10/12/2020 08:06:12] - |SH| - [174] - C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [28/01/2021 10:29:51] - |SHD| - [0] - C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [10/12/2020 08:01:29] - |RD| - [72762] - C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [28/01/2021 10:29:51] - |RD| - [3888] - C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [28/01/2021 10:29:51] - |RD| - [1676] - C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [10/12/2020 08:06:12] - |RD| - [174] - C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [10/12/2020 08:24:27] - |D| - [5592] - C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome [09/12/2020 20:15:10] - |D| - [3332] - C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2 [28/06/2021 18:42:35] - |A| - [2247] - C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blitz.lnk [28/01/2021 10:29:51] - |SH| - [264] - C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [08/01/2021 21:36:51] - |D| - [2243] - C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc [10/01/2021 10:56:35] - |D| - [0] - C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dustin Blackman [09/12/2020 20:11:00] - |D| - [3777] - C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line [28/01/2021 10:29:51] - |D| - [170] - C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [14/12/2020 18:43:38] - |D| - [7704] - C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner [08/07/2021 22:29:21] - |A| - [2419] - C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [23/12/2020 17:08:34] - |D| - [1034] - C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Parsec [30/12/2020 00:47:52] - |A| - [1930] - C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PCSX2 1.6.0.lnk [28/04/2021 00:41:54] - |D| - [7536] - C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.7 [09/12/2020 20:41:00] - |D| - [0] - C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games [14/12/2020 18:44:11] - |D| - [8154] - C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server [10/12/2020 10:00:55] - |A| - [1838] - C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk [10/12/2020 08:06:12] - |RD| - [174] - C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [10/12/2020 09:41:33] - |D| - [2332] - C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam [28/01/2021 10:29:51] - |RD| - [4913] - C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [17/07/2021 18:25:26] - |D| - [2245] - C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop [28/01/2021 10:29:51] - |D| - [7844] - C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [11/12/2020 13:51:18] - |D| - [1276] - C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XLN Audio [10/12/2020 08:06:12] - |SH| - [174] - C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [Public] [22/08/2020 13:15:18] - |RHD| - [101090] - C:\Users\Public\AccountPictures [29/03/2021 16:53:19] - |D| - [108] - C:\Users\Public\BlueStacks [19/03/2019 06:52:44] - |RD| - [35702] - C:\Users\Public\Desktop [07/12/2019 11:14:54] - |ASH| - [174] - C:\Users\Public\desktop.ini [19/03/2019 06:52:44] - |RD| - [7524543] - C:\Users\Public\Documents [19/03/2019 06:52:44] - |RD| - [174] - C:\Users\Public\Downloads [07/12/2019 11:14:52] - |RHD| - [4594] - C:\Users\Public\Libraries [19/03/2019 06:52:44] - |RD| - [380] - C:\Users\Public\Music [17/12/2020 00:13:28] - |A| - [8192] - C:\Users\Public\ntuser.dat [17/12/2020 00:13:28] - |ASH| - [8192] - C:\Users\Public\ntuser.dat.LOG1 [17/12/2020 00:13:28] - |ASH| - [0] - C:\Users\Public\ntuser.dat.LOG2 [17/12/2020 00:13:28] - |ASH| - [65536] - C:\Users\Public\ntuser.dat{e9134e72-3fe7-11eb-9bde-d8c0a62fe140}.TM.blf [17/12/2020 00:13:28] - |ASH| - [524288] - C:\Users\Public\ntuser.dat{e9134e72-3fe7-11eb-9bde-d8c0a62fe140}.TMContainer00000000000000000001.regtrans-ms [17/12/2020 00:13:28] - |ASH| - [524288] - C:\Users\Public\ntuser.dat{e9134e72-3fe7-11eb-9bde-d8c0a62fe140}.TMContainer00000000000000000002.regtrans-ms [19/03/2019 06:52:44] - |RD| - [380] - C:\Users\Public\Pictures [22/08/2020 13:21:23] - |D| - [3] - C:\Users\Public\Roaming [02/01/2021 19:08:49] - |ASH| - [0] - C:\Users\Public\Shared Files [19/03/2019 06:52:44] - |RD| - [380] - C:\Users\Public\Videos ---------- | C:\ProgramData [28/01/2021 10:35:35] - |SHD| - [0] - C:\ProgramData\Application Data [22/08/2020 13:21:22] - |D| - [129636502] - C:\ProgramData\ASUS [17/12/2020 00:14:03] - |D| - [11628753] - C:\ProgramData\Avast Software [13/12/2020 00:01:11] - |D| - [73856] - C:\ProgramData\Betternet [29/03/2021 17:03:04] - |D| - [16962165307] - C:\ProgramData\BlueStacks [11/12/2020 14:28:36] - |D| - [0] - C:\ProgramData\boost_interprocess [28/01/2021 10:35:35] - |SHD| - [0] - C:\ProgramData\Bureau [10/12/2020 01:49:12] - |D| - [500668] - C:\ProgramData\Camel Audio [31/12/2020 04:09:36] - |D| - [0] - C:\ProgramData\Caphyon [31/12/2020 04:21:09] - |D| - [0] - C:\ProgramData\Codemasters [31/12/2020 14:20:05] - |D| - [5202] - C:\ProgramData\DAEMON Tools Pro [09/12/2020 23:16:22] - |D| - [0] - C:\ProgramData\Disc-Soft [22/08/2020 13:17:33] - |A| - [17978] - C:\ProgramData\DisplaySessionContainer1.log [22/08/2020 13:17:33] - |A| - [11716] - C:\ProgramData\DisplaySessionContainer1.log_backup1 [10/12/2020 08:06:09] - |A| - [6792] - C:\ProgramData\DisplaySessionContainer2.log [10/12/2020 08:06:09] - |A| - [11284] - C:\ProgramData\DisplaySessionContainer2.log_backup1 [10/12/2020 08:25:57] - |A| - [12116] - C:\ProgramData\DisplaySessionContainer3.log [28/01/2021 10:35:35] - |SHD| - [0] - C:\ProgramData\Documents [10/12/2020 10:29:28] - |D| - [917802] - C:\ProgramData\Dropbox [22/08/2020 13:30:49] - |D| - [3656] - C:\ProgramData\DTSAudio [27/12/2020 01:05:58] - |D| - [31292466] - C:\ProgramData\Epic [27/01/2021 22:03:53] - |D| - [8554] - C:\ProgramData\HP [09/02/2021 09:24:06] - |D| - [573731148] - C:\ProgramData\IObit [10/12/2020 09:14:17] - |D| - [1236267809] - C:\ProgramData\Kaspersky Lab [20/06/2021 12:14:20] - |D| - [98762764] - C:\ProgramData\Lenovo [26/01/2021 04:39:32] - |D| - [0] - C:\ProgramData\LogMeIn [21/07/2021 17:17:18] - |D| - [431944] - C:\ProgramData\Malwarebytes [28/01/2021 10:35:35] - |SHD| - [0] - C:\ProgramData\Menu Démarrer [07/12/2019 11:14:52] - |SD| - [797956858] - C:\ProgramData\Microsoft [28/01/2021 10:37:40] - |D| - [0] - C:\ProgramData\Microsoft OneDrive [28/01/2021 10:35:35] - |SHD| - [0] - C:\ProgramData\Modèles [12/12/2020 02:09:09] - |D| - [826] - C:\ProgramData\Native Instruments [27/01/2021 11:00:00] - |D| - [355] - C:\ProgramData\Nefarius Software Solutions [08/04/2021 18:37:31] - |A| - [8192] - C:\ProgramData\ntuser.dat [08/04/2021 18:37:31] - |ASH| - [8192] - C:\ProgramData\ntuser.dat.LOG1 [08/04/2021 18:37:31] - |ASH| - [0] - C:\ProgramData\ntuser.dat.LOG2 [08/04/2021 18:37:31] - |ASH| - [65536] - C:\ProgramData\ntuser.dat{b7fa4faf-9740-11eb-9c22-d8c0a62fe140}.TM.blf [08/04/2021 18:37:31] - |ASH| - [524288] - C:\ProgramData\ntuser.dat{b7fa4faf-9740-11eb-9c22-d8c0a62fe140}.TMContainer00000000000000000001.regtrans-ms [08/04/2021 18:37:31] - |ASH| - [524288] - C:\ProgramData\ntuser.dat{b7fa4faf-9740-11eb-9c22-d8c0a62fe140}.TMContainer00000000000000000002.regtrans-ms [04/04/2021 18:38:57] - |RSH| - [290] - C:\ProgramData\ntuser.pol [22/08/2020 13:17:32] - |A| - [1205] - C:\ProgramData\NvcDispCorePlugin.log [22/08/2020 13:17:32] - |A| - [1205] - C:\ProgramData\NvcDispCorePlugin.log_backup1 [22/08/2020 13:17:32] - |A| - [18399] - C:\ProgramData\NVDisplay.ContainerLocalSystem.log [22/08/2020 13:17:32] - |A| - [17959] - C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1 [22/08/2020 13:17:33] - |A| - [14912] - C:\ProgramData\NVDisplayContainerWatchdog.log [22/08/2020 13:17:33] - |A| - [17032] - C:\ProgramData\NVDisplayContainerWatchdog.log_backup1 [22/08/2020 13:17:38] - |D| - [17913550] - C:\ProgramData\NVIDIA [22/08/2020 13:17:34] - |D| - [1542565702] - C:\ProgramData\NVIDIA Corporation [12/12/2020 14:12:46] - |D| - [417794] - C:\ProgramData\obs-studio-hook [29/03/2021 15:28:48] - |D| - [82552033] - C:\ProgramData\Oracle [22/08/2020 13:17:39] - |D| - [190775038] - C:\ProgramData\Package Cache [10/12/2020 08:03:19] - |D| - [253952] - C:\ProgramData\Packages [09/02/2021 09:24:27] - |D| - [2103] - C:\ProgramData\ProductData [22/08/2020 13:19:30] - |D| - [1153927] - C:\ProgramData\Realtek [07/12/2019 11:14:52] - |D| - [4222] - C:\ProgramData\regid.1991-06.com.microsoft [09/12/2020 20:40:43] - |D| - [6528838] - C:\ProgramData\Riot Games [23/05/2021 15:55:19] - |D| - [0] - C:\ProgramData\Slightly Mad Studios [07/12/2019 11:14:52] - |D| - [0] - C:\ProgramData\SoftwareDistribution [09/12/2020 23:11:36] - |D| - [254514180] - C:\ProgramData\Spectrasonics [28/01/2021 10:23:49] - |D| - [0] - C:\ProgramData\ssh [31/12/2020 04:21:02] - |D| - [1065513] - C:\ProgramData\Steam [07/12/2019 11:14:52] - |D| - [11255808] - C:\ProgramData\USOPrivate [07/12/2019 11:14:52] - |D| - [15458304] - C:\ProgramData\USOShared [07/12/2019 16:53:03] - |D| - [0] - C:\ProgramData\WindowsHolographicDevices [11/12/2020 13:51:18] - |D| - [3726727208] - C:\ProgramData\XLN Audio [12/12/2020 02:32:34] - |HDC| - [17663461] - C:\ProgramData\{77490F36-6A25-4AC4-988E-D4D22FAE9A35} [09/12/2020 20:55:19] - |D| - [2260571] - C:\ProgramData\{8C14C049-8207-4015-BC26-02FEB0BEE9C7} [12/12/2020 02:22:30] - |D| - [2216038] - C:\ProgramData\{9380734D-6F66-4F76-A7D3-6D117FAA4773} [18/07/2021 01:27:11] - |D| - [0] - C:\ProgramData\{F86B0233-9A85-4589-8AAF-524CC4F8211B} ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [07/12/2019 11:14:54] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [28/01/2021 10:35:35] - |SHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [07/12/2019 11:14:52] - |RD| - [210976] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [13/12/2020 14:31:38] - |D| - [1561] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [27/05/2021 16:08:07] - |A| - [2424] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk [07/12/2019 11:14:52] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [07/12/2019 11:14:52] - |RD| - [14467] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [07/12/2019 11:14:52] - |RD| - [22956] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [18/07/2021 01:27:10] - |D| - [7808] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare [08/03/2021 22:54:13] - |D| - [2137] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ankama [13/12/2020 00:01:11] - |D| - [2150] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Betternet Technologies Inc [29/03/2021 17:04:22] - |A| - [2099] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks Multi-Instance Manager.lnk [29/03/2021 17:04:22] - |A| - [1926] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks.lnk [10/12/2020 01:49:12] - |D| - [2714] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camel Audio [18/12/2020 02:31:49] - |D| - [9825] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.2 [31/12/2020 15:31:15] - |D| - [1910] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro [27/06/2021 02:43:40] - |ASH| - [400] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [09/02/2021 09:24:06] - |D| - [3227] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 8 [21/07/2021 02:07:33] - |D| - [1314] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox [27/12/2020 01:06:06] - |A| - [1270] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk [27/05/2021 16:08:07] - |A| - [2423] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk [10/12/2020 01:51:02] - |D| - [1034] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FabFilter [11/12/2020 15:40:26] - |D| - [1111] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FAW [10/12/2020 08:11:49] - |A| - [2247] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [01/04/2021 18:26:37] - |D| - [1987] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GRID 2 [09/12/2020 20:11:00] - |D| - [1914] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line [07/12/2019 11:10:31] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [29/03/2021 15:29:05] - |D| - [6764] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [19/04/2021 11:55:18] - |D| - [5405] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security [15/01/2021 02:26:36] - |D| - [6985] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager [08/04/2021 18:37:33] - |D| - [6125] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN [20/07/2021 23:38:41] - |D| - [877] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon [07/12/2019 11:14:52] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [10/12/2020 03:10:51] - |D| - [828] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mephisto [10/12/2020 09:34:51] - |A| - [2444] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk [27/05/2021 16:08:07] - |D| - [17745] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools [20/02/2021 16:42:39] - |D| - [2304] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [11/12/2020 13:50:14] - |D| - [3472] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Modartt [09/12/2020 20:55:19] - |D| - [8775] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments [22/08/2020 13:17:57] - |D| - [1463] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [12/12/2020 04:29:22] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio [27/05/2021 16:08:07] - |A| - [2403] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk [27/05/2021 16:08:07] - |A| - [2417] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk [23/12/2020 17:08:31] - |D| - [802] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Parsec [27/05/2021 16:08:07] - |A| - [2460] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk [27/05/2021 16:08:07] - |A| - [2471] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project.lnk [27/05/2021 16:08:07] - |A| - [2411] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk [30/06/2021 11:54:06] - |D| - [1951] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent [09/12/2020 20:41:00] - |D| - [1681] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games [05/04/2021 16:09:18] - |D| - [10507] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScpToolkit [27/05/2021 16:08:07] - |A| - [2466] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk [09/12/2020 23:18:29] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spectrasonics [07/12/2019 11:14:52] - |RD| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [10/12/2020 09:22:13] - |D| - [1110] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [12/12/2020 05:29:10] - |A| - [1978] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs OBS.lnk [07/12/2019 11:14:52] - |RD| - [1458] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [31/12/2020 14:03:36] - |D| - [5637] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO [17/01/2021 22:39:54] - |D| - [5874] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [27/05/2021 16:08:07] - |A| - [2453] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio.lnk [07/12/2019 16:52:28] - |RD| - [2800] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [27/05/2021 16:08:07] - |A| - [2461] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk [11/12/2020 23:44:42] - |D| - [1238] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XLN Audio ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [07/12/2019 11:14:54] - |SH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [09/12/2020 20:15:10] - |D| - [561489] - C:\Program Files (x86)\ASIO4ALL v2 [22/08/2020 13:22:55] - |D| - [383922429] - C:\Program Files (x86)\ASUS [22/08/2020 13:21:22] - |D| - [550386] - C:\Program Files (x86)\ASUSTeK COMPUTER INC [13/12/2020 00:01:11] - |D| - [16949741] - C:\Program Files (x86)\Betternet [10/12/2020 01:49:12] - |D| - [131559] - C:\Program Files (x86)\Camel Audio [07/12/2019 11:14:52] - |D| - [200080379] - C:\Program Files (x86)\Common Files [07/12/2019 11:14:54] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [10/12/2020 10:29:29] - |D| - [437464824] - C:\Program Files (x86)\Dropbox [10/12/2020 10:09:54] - |D| - [2826696] - C:\Program Files (x86)\EasyAntiCheat [13/12/2020 21:03:27] - |D| - [0] - C:\Program Files (x86)\Electronic Arts [27/12/2020 01:05:58] - |D| - [961524306] - C:\Program Files (x86)\Epic Games [30/12/2020 21:00:20] - |D| - [960] - C:\Program Files (x86)\GOG.com [10/12/2020 08:11:22] - |D| - [33996360] - C:\Program Files (x86)\Google [13/12/2020 18:31:27] - |HD| - [193814850] - C:\Program Files (x86)\InstallShield Installation Information [07/12/2019 11:14:52] - |D| - [1984627] - C:\Program Files (x86)\Internet Explorer [09/02/2021 09:24:04] - |D| - [270858691] - C:\Program Files (x86)\IObit [10/12/2020 09:14:17] - |D| - [530442327] - C:\Program Files (x86)\Kaspersky Lab [20/06/2021 12:14:22] - |D| - [27242720] - C:\Program Files (x86)\Lenovo [22/08/2020 13:22:44] - |D| - [14374897] - C:\Program Files (x86)\LightingService [21/07/2021 17:17:13] - |D| - [733212] - C:\Program Files (x86)\Malwarebytes [10/12/2020 07:58:47] - |D| - [1266604404] - C:\Program Files (x86)\Microsoft [11/12/2020 12:13:24] - |D| - [809120] - C:\Program Files (x86)\Microsoft GameInput [20/02/2021 16:42:02] - |D| - [42894550] - C:\Program Files (x86)\Microsoft Silverlight [13/12/2020 21:04:31] - |D| - [979309] - C:\Program Files (x86)\Microsoft WSE [20/02/2021 16:41:47] - |D| - [6076507] - C:\Program Files (x86)\Microsoft XNA [07/12/2019 11:14:52] - |D| - [8175999] - C:\Program Files (x86)\Microsoft.NET [28/01/2021 10:13:49] - |D| - [25757] - C:\Program Files (x86)\MSBuild [14/12/2020 18:43:27] - |D| - [66363611] - C:\Program Files (x86)\MSI Afterburner [22/08/2020 13:17:35] - |D| - [294852666] - C:\Program Files (x86)\NVIDIA Corporation [20/02/2021 16:43:19] - |D| - [809496] - C:\Program Files (x86)\OpenAL [30/12/2020 00:47:52] - |D| - [28131295] - C:\Program Files (x86)\PCSX2 [28/12/2020 22:11:58] - |D| - [80768899] - C:\Program Files (x86)\Realtek [28/01/2021 10:13:49] - |D| - [38479105] - C:\Program Files (x86)\Reference Assemblies [14/12/2020 18:44:06] - |D| - [58210226] - C:\Program Files (x86)\RivaTuner Statistics Server [10/12/2020 09:22:12] - |D| - [10338146499] - C:\Program Files (x86)\Steam [10/12/2020 01:50:59] - |D| - [94214799] - C:\Program Files (x86)\Steinberg [28/12/2020 22:10:50] - |HD| - [0] - C:\Program Files (x86)\Temp [31/12/2020 14:03:34] - |D| - [15857420] - C:\Program Files (x86)\UltraISO [09/12/2020 20:11:07] - |D| - [2099170821] - C:\Program Files (x86)\VstPlugins [07/12/2019 11:14:52] - |D| - [1823008] - C:\Program Files (x86)\Windows Defender [11/12/2020 12:13:23] - |D| - [19388] - C:\Program Files (x86)\Windows Kits [07/12/2019 11:14:52] - |D| - [625664] - C:\Program Files (x86)\Windows Mail [07/12/2019 16:53:03] - |D| - [3237741] - C:\Program Files (x86)\Windows Media Player [07/12/2019 16:53:03] - |D| - [40232] - C:\Program Files (x86)\Windows Multimedia Platform [07/12/2019 11:14:52] - |D| - [6058840] - C:\Program Files (x86)\Windows NT [07/12/2019 16:53:03] - |D| - [5261760] - C:\Program Files (x86)\Windows Photo Viewer [07/12/2019 16:53:03] - |D| - [40232] - C:\Program Files (x86)\Windows Portable Devices [07/12/2019 11:14:52] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar [07/12/2019 11:14:52] - |D| - [2250695] - C:\Program Files (x86)\WindowsPowerShell ---------- | C:\Program Files [13/12/2020 14:31:38] - |D| - [5204927] - C:\Program Files\7-Zip [04/03/2021 23:06:03] - |D| - [1042644] - C:\Program Files\AMD [08/03/2021 22:54:09] - |D| - [254023569] - C:\Program Files\Ankama [22/08/2020 13:21:20] - |D| - [168135466] - C:\Program Files\ASUS [29/03/2021 17:03:01] - |D| - [118035634] - C:\Program Files\BlueStacks [18/12/2020 02:31:45] - |D| - [73380739] - C:\Program Files\Cheat Engine 7.2 [07/12/2019 11:14:52] - |D| - [877862589] - C:\Program Files\Common Files [31/12/2020 15:31:06] - |D| - [64641897] - C:\Program Files\DAEMON Tools Pro [07/12/2019 11:14:54] - |ASH| - [174] - C:\Program Files\desktop.ini [08/07/2021 19:46:23] - |D| - [156035214] - C:\Program Files\dotnet [02/01/2021 17:35:29] - |D| - [84978097507] - C:\Program Files\Epic Games [10/12/2020 01:50:59] - |D| - [18812856] - C:\Program Files\FabFilter [11/12/2020 15:40:16] - |D| - [78821000] - C:\Program Files\FAW [28/01/2021 10:35:35] - |SHD| - [0] - C:\Program Files\Fichiers communs [10/12/2020 08:11:43] - |D| - [775368741] - C:\Program Files\Google [09/12/2020 20:06:04] - |D| - [2293652090] - C:\Program Files\Image-Line [07/12/2019 11:14:52] - |D| - [2662014] - C:\Program Files\Internet Explorer [29/03/2021 15:28:46] - |D| - [213470509] - C:\Program Files\Java [20/07/2021 23:38:41] - |D| - [7244284] - C:\Program Files\LatencyMon [27/05/2021 16:04:58] - |D| - [3743513626] - C:\Program Files\Microsoft Office [27/05/2021 16:04:58] - |D| - [6448016] - C:\Program Files\Microsoft Office 15 [20/02/2021 16:42:02] - |D| - [55728894] - C:\Program Files\Microsoft Silverlight [11/12/2020 05:48:16] - |D| - [2041880] - C:\Program Files\Microsoft Update Health Tools [07/12/2019 11:14:52] - |D| - [0] - C:\Program Files\ModifiableWindowsApps [28/01/2021 10:13:49] - |D| - [25757] - C:\Program Files\MSBuild [13/12/2020 04:39:29] - |D| - [99078968] - C:\Program Files\Native Instruments [05/04/2021 16:09:18] - |D| - [25919044] - C:\Program Files\Nefarius Software Solutions [22/08/2020 13:16:56] - |D| - [773363833] - C:\Program Files\NVIDIA Corporation [23/12/2020 17:08:27] - |D| - [14978554] - C:\Program Files\Parsec [12/05/2021 17:01:39] - |D| - [137669684] - C:\Program Files\qBittorrent [28/01/2021 10:13:49] - |D| - [36883625] - C:\Program Files\Reference Assemblies [09/12/2020 23:18:26] - |D| - [223885312] - C:\Program Files\Steinberg [12/12/2020 05:29:02] - |D| - [623001467] - C:\Program Files\Streamlabs OBS [23/10/2019 21:33:45] - |HD| - [0] - C:\Program Files\Uninstall Information [10/12/2020 20:24:47] - |D| - [17039360] - C:\Program Files\UNP [17/01/2021 22:39:46] - |D| - [177240840] - C:\Program Files\VideoLAN [09/12/2020 20:55:19] - |D| - [363664187] - C:\Program Files\VstPlugins [07/12/2019 11:14:52] - |D| - [13852894] - C:\Program Files\Windows Defender [07/12/2019 11:14:52] - |D| - [639488] - C:\Program Files\Windows Mail [07/12/2019 16:53:03] - |D| - [4601233] - C:\Program Files\Windows Media Player [07/12/2019 16:53:03] - |D| - [48536] - C:\Program Files\Windows Multimedia Platform [07/12/2019 11:14:52] - |D| - [6403928] - C:\Program Files\Windows NT [07/12/2019 16:53:03] - |D| - [6179784] - C:\Program Files\Windows Photo Viewer [07/12/2019 16:53:03] - |D| - [48528] - C:\Program Files\Windows Portable Devices [07/12/2019 11:14:52] - |D| - [111709] - C:\Program Files\Windows Security [07/12/2019 11:14:52] - |SHD| - [0] - C:\Program Files\Windows Sidebar [07/12/2019 11:14:52] - |HD| - [4275177155] - C:\Program Files\WindowsApps [07/12/2019 11:14:52] - |D| - [2545983] - C:\Program Files\WindowsPowerShell [11/12/2020 23:44:41] - |D| - [1336166] - C:\Program Files\XLN Audio ---------- | C:\Program Files (x86)\Common Files [02/01/2021 19:01:52] - |D| - [17803936] - C:\Program Files (x86)\Common Files\BattlEye [10/12/2020 01:49:12] - |D| - [1507765] - C:\Program Files (x86)\Common Files\Digidesign [31/12/2020 14:03:35] - |D| - [491008] - C:\Program Files (x86)\Common Files\EZB Systems [13/12/2020 18:31:24] - |D| - [2850805] - C:\Program Files (x86)\Common Files\InstallShield [18/07/2021 01:27:10] - |D| - [0] - C:\Program Files (x86)\Common Files\IObit [29/04/2021 12:14:44] - |D| - [2223312] - C:\Program Files (x86)\Common Files\Java [15/01/2021 02:25:48] - |D| - [2310101] - C:\Program Files (x86)\Common Files\Kaspersky Lab [07/12/2019 11:14:52] - |D| - [20385501] - C:\Program Files (x86)\Common Files\Microsoft Shared [29/04/2021 12:14:57] - |D| - [2011840] - C:\Program Files (x86)\Common Files\Oracle [09/12/2020 20:11:07] - |D| - [1435256] - C:\Program Files (x86)\Common Files\Propellerhead Software [07/12/2019 11:14:52] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [10/12/2020 09:22:14] - |D| - [30894358] - C:\Program Files (x86)\Common Files\Steam [07/12/2019 11:14:52] - |D| - [9573259] - C:\Program Files (x86)\Common Files\System [10/12/2020 01:52:21] - |D| - [108590536] - C:\Program Files (x86)\Common Files\VST3 ---------- | C:\Program Files\Common files [10/12/2020 09:14:38] - |D| - [3895803] - C:\Program Files\Common files\AV [09/12/2020 23:18:26] - |D| - [48861358] - C:\Program Files\Common files\Avid [27/05/2021 16:07:42] - |D| - [25512] - C:\Program Files\Common files\DESIGNER [07/12/2019 11:14:52] - |D| - [130448640] - C:\Program Files\Common files\microsoft shared [11/12/2020 13:50:10] - |D| - [10218261] - C:\Program Files\Common files\Modartt [11/12/2020 13:50:10] - |D| - [546701254] - C:\Program Files\Common files\Native Instruments [09/12/2020 20:11:07] - |D| - [2193016] - C:\Program Files\Common files\Propellerhead Software [07/12/2019 11:14:52] - |D| - [2702] - C:\Program Files\Common files\Services [07/12/2019 11:14:52] - |D| - [10581899] - C:\Program Files\Common files\System [09/12/2020 20:11:08] - |D| - [7305216] - C:\Program Files\Common files\VST2 [10/12/2020 01:52:23] - |D| - [117628928] - C:\Program Files\Common files\VST3 ---------- | Links to files C:\Program Files\Image-Line\Shared\Start\Diagnostic.lnk -> C:\Program Files\Image-Line\FL Studio 20\System\Tools\Diagnostics\fldiagnostic.exe - Status : OK C:\Program Files\Image-Line\Shared\Start\FL Studio 20\FL Studio online.lnk -> C:\Program Files\Image-Line\FL Studio 20\System\Internet\FL Studio online.url - Status : OK C:\Program Files\Image-Line\Shared\Start\FL Studio 20\Help.lnk -> C:\Program Files\Image-Line\FL Studio 20\Help\FL.chm - Status : OK C:\Program Files\Image-Line\Shared\Start\FL Studio 20\Install plugin version (32bit).lnk -> C:\Program Files\Image-Line\FL Studio 20\FL.exe - Status : OK C:\Program Files\Image-Line\Shared\Start\FL Studio 20\Install plugin version (64bit).lnk -> C:\Program Files\Image-Line\FL Studio 20\FL64.exe - Status : OK C:\Program Files\Image-Line\Shared\Start\FL Studio 20\Plugin Manager.lnk -> C:\Program Files\Image-Line\FL Studio 20\System\Tools\Plugin Manager\PluginManager.exe - Status : OK C:\Program Files\Image-Line\Shared\Start\FL Studio 20\Reset settings.lnk -> C:\Program Files\Image-Line\FL Studio 20\FL.exe - Status : OK C:\Program Files\Image-Line\Shared\Start\FL Studio 20\Uninstall.lnk -> C:\Program Files\Image-Line\FL Studio 20\uninstall.exe - Status : OK C:\Program Files\Image-Line\Shared\Start\FL Studio 20\Unregister ReWire client (32bit).lnk -> C:\Program Files\Image-Line\FL Studio 20\FL.exe - Status : OK C:\Program Files\Image-Line\Shared\Start\FL Studio 20\Unregister ReWire client (64bit).lnk -> C:\Program Files\Image-Line\FL Studio 20\FL64.exe - Status : OK C:\Program Files\Image-Line\Shared\Start\FL Studio 20\What's new.lnk -> C:\Program Files\Image-Line\FL Studio 20\WhatsNew.rtf - Status : OK C:\Program Files\Image-Line\Shared\Start\FL Studio 20 (32bit).lnk -> C:\Program Files\Image-Line\FL Studio 20\FL.exe - Status : OK C:\Program Files\Image-Line\Shared\Start\FL Studio 20.lnk -> C:\Program Files\Image-Line\FL Studio 20\FL64.exe - Status : OK C:\Program Files\Image-Line\Shared\Start\Image-Line website.lnk -> C:\Program Files\Image-Line\FL Studio 20\System\Internet\About\Image-Line homepage.url - Status : OK C:\Program Files (x86)\Camel Audio\CamelCrusher\CamelCrusherData.lnk -> C:\ProgramData\Camel Audio\CamelCrusherData - Status : OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\Desktop\kav\Kaspersky Anti-Virus.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe - Status : OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\Desktop\kfa\Kaspersky Free.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe - Status : OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\Desktop\kis\Kaspersky Internet Security.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe - Status : OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\Desktop\pure\Kaspersky Total Security.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe - Status : OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\Desktop\saas\Kaspersky Security Cloud.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe - Status : OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\StartMenu\kav\Kaspersky Anti-Virus\Kaspersky Anti-Virus.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe - Status : OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\StartMenu\kav\Kaspersky Anti-Virus\Supprimer Kaspersky Anti-Virus.lnk -> C:\Windows\SysWOW64\msiexec.exe - Status : OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\StartMenu\kav\Kaspersky Anti-Virus\Visiter Kaspersky sur Internet.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\kl.url - Status : OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\StartMenu\kfa\Kaspersky Free\Kaspersky Free.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe - Status : OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\StartMenu\kfa\Kaspersky Free\Supprimer Kaspersky Free.lnk -> C:\Windows\SysWOW64\msiexec.exe - Status : OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\StartMenu\kfa\Kaspersky Free\Visiter Kaspersky sur Internet.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\kl.url - Status : OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\StartMenu\kis\Kaspersky Internet Security\Kaspersky Internet Security.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe - Status : OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\StartMenu\kis\Kaspersky Internet Security\Supprimer Kaspersky Internet Security.lnk -> C:\Windows\SysWOW64\msiexec.exe - Status : OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\StartMenu\kis\Kaspersky Internet Security\Visiter Kaspersky sur Internet.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\kl.url - Status : OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\StartMenu\pure\Kaspersky Total Security\Kaspersky Total Security.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe - Status : OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\StartMenu\pure\Kaspersky Total Security\Supprimer Kaspersky Total Security.lnk -> C:\Windows\SysWOW64\msiexec.exe - Status : OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\StartMenu\pure\Kaspersky Total Security\Visiter Kaspersky sur Internet.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\kl.url - Status : OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\StartMenu\saas\Kaspersky Security Cloud\Kaspersky Security Cloud.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe - Status : OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\StartMenu\saas\Kaspersky Security Cloud\Supprimer Kaspersky Security Cloud.lnk -> C:\Windows\SysWOW64\msiexec.exe - Status : OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\StartMenu\saas\Kaspersky Security Cloud\Visiter Kaspersky sur Internet.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\kl.url - Status : OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\Desktop\ksde\Kaspersky VPN.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe - Status : OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\StartMenu\ksde\Kaspersky VPN\Contrat de licence utilisateur final.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\Doc\KSDE\fr-FR\consumer_gdpr_kaspersky_secure_connection_for_windows_4_0_eula__eula.txt - Status : OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\StartMenu\ksde\Kaspersky VPN\Kaspersky VPN.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe - Status : OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\StartMenu\ksde\Kaspersky VPN\My Kaspersky.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\kl.url - Status : OK C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\StartMenu\ksde\Kaspersky VPN\Supprimer Kaspersky VPN.lnk -> C:\Windows\SysWOW64\msiexec.exe - Status : OK C:\Program Files (x86)\VstPlugins\CamelCrusherData.lnk -> C:\ProgramData\Camel Audio\CamelCrusherData - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk -> C:\Program Files\7-Zip\7zFM.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk -> C:\Program Files\7-Zip\7-zip.chm - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSACCESS.EXE - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\WINDOWS\Speech\Common\sapisvr.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\WINDOWS\system32\notepad.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\WINDOWS\system32\mspaint.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\WINDOWS\system32\quickassist.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\WINDOWS\system32\mstsc.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\WINDOWS\system32\SnippingTool.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\WINDOWS\system32\psr.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\WINDOWS\system32\charmap.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\WINDOWS\system32\WFS.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\WINDOWS\system32\comexp.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\WINDOWS\system32\compmgmt.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\WINDOWS\system32\dfrgui.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\WINDOWS\system32\cleanmgr.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\WINDOWS\system32\eventvwr.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\WINDOWS\system32\iscsicpl.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\WINDOWS\system32\MdSched.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\WINDOWS\syswow64\odbcad32.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\WINDOWS\system32\odbcad32.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\WINDOWS\system32\perfmon.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\WINDOWS\system32\RecoveryDrive.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\WINDOWS\regedit.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\WINDOWS\system32\perfmon.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\WINDOWS\system32\services.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\WINDOWS\system32\msconfig.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\WINDOWS\system32\msinfo32.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\WINDOWS\system32\taskschd.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\WINDOWS\system32\WF.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare\Advanced SystemCare.lnk -> C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare\Désinstaller Advanced SystemCare.lnk -> C:\Program Files (x86)\IObit\Advanced SystemCare\unins000.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare\Protect.lnk -> C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare\Software Updater.lnk -> C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare\Speed Up.lnk -> C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare\Toolbox.lnk -> C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ankama\Ankama Launcher.lnk -> C:\Program Files\Ankama\Ankama Launcher\Ankama Launcher.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Betternet Technologies Inc\Betternet for Windows\Betternet.lnk -> C:\Program Files (x86)\Betternet\5.3.0.433\Betternet.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks Multi-Instance Manager.lnk -> C:\Program Files\BlueStacks\HD-MultiInstanceManager.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks.lnk -> C:\Program Files\BlueStacks\Bluestacks.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camel Audio\CamelCrusher\Camel Audio Website.lnk -> - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camel Audio\CamelCrusher\CamelCrusherData.lnk -> C:\ProgramData\Camel Audio\CamelCrusherData - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camel Audio\CamelCrusher\Uninstall CamelCrusher.lnk -> C:\Program Files (x86)\Camel Audio\CamelCrusher\CamelCrusherUninstall.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.2\Cheat Engine (32-bit).lnk -> C:\Program Files\Cheat Engine 7.2\cheatengine-i386.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.2\Cheat Engine (64-bit SSE4-AVX2).lnk -> C:\Program Files\Cheat Engine 7.2\cheatengine-x86_64-SSE4-AVX2.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.2\Cheat Engine (64-bit).lnk -> C:\Program Files\Cheat Engine 7.2\cheatengine-x86_64.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.2\Cheat Engine help.lnk -> C:\Program Files\Cheat Engine 7.2\CheatEngine.chm - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.2\Cheat Engine tutorial (64-bit).lnk -> C:\Program Files\Cheat Engine 7.2\Tutorial-x86_64.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.2\Cheat Engine tutorial.lnk -> C:\Program Files\Cheat Engine 7.2\Tutorial-i386.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.2\Cheat Engine.lnk -> C:\Program Files\Cheat Engine 7.2\Cheat Engine.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.2\Kernel stuff\Unload kernel module.lnk -> C:\Program Files\Cheat Engine 7.2\Kernelmoduleunloader.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.2\Reset settings.lnk -> C:\Program Files\Cheat Engine 7.2\ceregreset.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.2\Uninstall Cheat Engine.lnk -> C:\Program Files\Cheat Engine 7.2\unins000.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro\DAEMON Tools Pro.lnk -> C:\Program Files\DAEMON Tools Pro\DTPro.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro\Image Editor.lnk -> C:\Program Files\DAEMON Tools Pro\DTImgEditor.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 8\Driver Booster.lnk -> C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 8\Uninstall Driver Booster.lnk -> C:\Program Files (x86)\IObit\Driver Booster\Uninstall\Uninstall.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk -> C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FabFilter\Uninstall.lnk -> C:\Program Files\FabFilter\unins000.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FAW\SubLab\Uninstall.lnk -> C:\Program Files\FAW\SubLab\unins000.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GRID 2\Désinstaller GRID 2.lnk -> D:\GAMES\GRID 2\unins000.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GRID 2\GRID 2 AVX CPU.lnk -> D:\GAMES\GRID 2\grid2.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GRID 2\GRID 2.lnk -> D:\GAMES\GRID 2\grid2.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 20.lnk -> C:\Program Files\Image-Line\FL Studio 20\FL64.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\WINDOWS\System32\Control.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\A propos de Java.lnk -> C:\Program Files\Java\jre1.8.0_291\bin\javacpl.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configurer Java.lnk -> C:\Program Files\Java\jre1.8.0_291\bin\javacpl.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Rechercher les mises à jour.lnk -> C:\Program Files\Java\jre1.8.0_291\bin\javacpl.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Kaspersky Internet Security.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Supprimer Kaspersky Internet Security.lnk -> C:\Windows\SysWOW64\msiexec.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Visiter Kaspersky sur Internet.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\kl.url - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager\Accéder à My Kaspersky.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpc.url - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager\Kaspersky Password Manager Aide.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\help.url - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager\Kaspersky Password Manager.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager\Supprimer Kaspersky Password Manager.lnk -> C:\Windows\SysWOW64\msiexec.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN\Contrat de licence utilisateur final.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\Doc\KSDE\fr-FR\consumer_gdpr_kaspersky_secure_connection_for_windows_4_0_eula__eula.txt - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN\Kaspersky VPN.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN\My Kaspersky.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\kl.url - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN\Supprimer Kaspersky VPN.lnk -> C:\Windows\SysWOW64\msiexec.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon\LatencyMon.lnk -> C:\Program Files\LatencyMon\LatMon.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mephisto\NieR Automata.lnk -> C:\Games\NieR Automata\NieRAutomata.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Database Compare.lnk -> C:\Program Files\Microsoft Office\root\Client\AppVLP.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Office Language Preferences.lnk -> C:\Program Files\Microsoft Office\root\Office16\SETLANG.EXE - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Project Server Accounts.lnk -> C:\Program Files\Microsoft Office\root\Office16\WINPROJ.EXE - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Skype for Business Recording Manager.lnk -> C:\Program Files\Microsoft Office\root\Office16\OcPubMgr.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Spreadsheet Compare.lnk -> C:\Program Files\Microsoft Office\root\Client\AppVLP.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetry Dashboard for Office.lnk -> C:\Program Files\Microsoft Office\root\Office16\msotd.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools\Telemetry Log for Office.lnk -> C:\Program Files\Microsoft Office\root\Office16\msoev.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\Silverlight.Configuration.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Modartt\Pianoteq 6 STAGE\Pianoteq 6 STAGE.lnk -> D:\Program Files\Pianoteq 6 STAGE\Pianoteq 6 STAGE.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Modartt\Pianoteq 6 STAGE\Uninstall Pianoteq STAGE.lnk -> D:\Program Files\Pianoteq 6 STAGE\unins000.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Modartt\Pianoteq 6 STAGE\User guide (english).lnk -> D:\Program Files\Pianoteq 6 STAGE\Documentation\pianoteq-english.pdf - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Modartt\Pianoteq 6 STAGE\User guide (french).lnk -> D:\Program Files\Pianoteq 6 STAGE\Documentation\pianoteq-francais.pdf - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Kontakt\Kontakt.lnk -> C:\Program Files\Native Instruments\Kontakt\Kontakt.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Kontakt 5 PORTABLE\Remove Kontakt 5 PORTABLE from your system.lnk -> C:\ProgramData\{8C14C049-8207-4015-BC26-02FEB0BEE9C7}\unins000.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Kontakt 6 PORTABLE\Kontakt 6 PORTABLE documentation.lnk -> D:\cl_97\Native Instruments Kontakt 6 v6.0.2 Portable.WIN\Kontakt6Portable\Kontakt\Documentation - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Kontakt 6 PORTABLE\Kontakt 6 PORTABLE.lnk -> D:\cl_97\Native Instruments Kontakt 6 v6.0.2 Portable.WIN\Kontakt6Portable\Kontakt\x64\Kontakt.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Kontakt 6 PORTABLE\Library Manager.lnk -> D:\cl_97\Native Instruments Kontakt 6 v6.0.2 Portable.WIN\Kontakt6Portable\Helper\Library Manager\Library Manager.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments\Kontakt 6 PORTABLE\Remove Kontakt 6 PORTABLE from your system.lnk -> C:\ProgramData\{9380734D-6F66-4F76-A7D3-6D117FAA4773}\unins000.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTE.EXE - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Parsec\Parsec.lnk -> C:\Program Files\Parsec\parsecd.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files\Microsoft Office\root\Office16\POWERPNT.EXE - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project.lnk -> C:\Program Files\Microsoft Office\root\Office16\WINPROJ.EXE - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk -> C:\Program Files\Microsoft Office\root\Office16\MSPUB.EXE - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent\qBittorrent.lnk -> C:\Program Files\qBittorrent\qbittorrent.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent\Uninstall qBittorrent.lnk -> C:\Program Files\qBittorrent\uninst.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games\League of Legends.lnk -> C:\Riot Games\Riot Client\RiotClientServices.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScpToolkit\ScpToolkit Clean Wipe Utility.lnk -> C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpCleanWipe.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScpToolkit\ScpToolkit Debug Info Collector.lnk -> C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpDebugInfoCollector.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScpToolkit\ScpToolkit Driver Installer.lnk -> C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpDriverInstaller.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScpToolkit\ScpToolkit Monitor (legacy).lnk -> C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpMonitor.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScpToolkit\ScpToolkit Settings Manager.lnk -> C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpSettings.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScpToolkit\ScpToolkit Stand-alone Server (legacy).lnk -> C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpServer.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScpToolkit\ScpToolkit Tray Notifications.lnk -> C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScpToolkit\ScpToolkit Updater.lnk -> C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk -> C:\Program Files\Microsoft Office\root\Office16\lync.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs OBS.lnk -> C:\Program Files\Streamlabs OBS\Streamlabs OBS.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\WINDOWS\system32\taskmgr.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO\UltraISO Help.lnk -> C:\Program Files (x86)\UltraISO\ultraiso.chm - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO\UltraISO Readme.lnk -> C:\Program Files (x86)\UltraISO\Readme.txt - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO\UltraISO Revision History.lnk -> C:\Program Files (x86)\UltraISO\History.txt - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO\UltraISO.lnk -> C:\Program Files (x86)\UltraISO\UltraISO.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO\Uninstall UltraISO.lnk -> C:\Program Files (x86)\UltraISO\unins000.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files\VideoLAN\VLC\Documentation.url - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files\VideoLAN\VLC\NEWS.txt - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files\VideoLAN\VLC\VideoLAN Website.url - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio.lnk -> C:\Program Files\Microsoft Office\root\Office16\VISIO.EXE - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\PowerShell_ISE.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\WINDOWS\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XLN Audio\Addictive Drums 2\Uninstall.lnk -> C:\Program Files\XLN Audio\Addictive Drums 2\unins000.exe - Status : OK C:\Users\cl_97\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\WINDOWS\explorer.exe - Status : OK C:\Users\cl_97\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\WINDOWS\explorer.exe - Status : OK C:\Users\cl_97\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\WINDOWS\explorer.exe - Status : OK C:\Users\cl_97\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\WINDOWS\explorer.exe - Status : OK C:\Users\cl_97\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> - Status : OK C:\Users\cl_97\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\WINDOWS\system32\taskmgr.exe - Status : OK C:\Users\cl_97\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\WINDOWS\system32\cmd.exe - Status : OK C:\Users\cl_97\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\cl_97\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\WINDOWS\system32\cmd.exe - Status : OK C:\Users\cl_97\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\cl_97\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\WINDOWS\system32\compmgmt.msc - Status : OK C:\Users\cl_97\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\WINDOWS\system32\diskmgmt.msc - Status : OK C:\Users\cl_97\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> - Status : OK C:\Users\cl_97\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\WINDOWS\system32\control.exe - Status : OK C:\Users\cl_97\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> - Status : OK C:\Users\cl_97\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\WINDOWS\system32\eventvwr.exe - Status : OK C:\Users\cl_97\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> - Status : OK C:\Users\cl_97\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\WINDOWS\system32\mblctr.exe - Status : OK C:\Users\cl_97\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\512c904ca96ecd5c\League of Legends.lnk -> D:\Riot Games\League of Legends\LeagueClient.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Advanced SystemCare.lnk -> C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\2021-07-18 19-45-53.mp4.lnk -> C:\Users\cl_97\Videos\2021-07-18 19-45-53.mp4 - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\2021-07-18 19-45-53_Trim.mp4.lnk -> C:\Users\cl_97\Videos\2021-07-18 19-45-53_Trim.mp4 - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\Astral Chain.lnk -> D:\GAMES\Astral Chain - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\Centre Réseau et partage.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\Gestionnaire de périphériques (2).lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\Gestionnaire de périphériques.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\http--go.microsoft.com-fwlink-LinkID=829264.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\https--support.lenovo.com-contactusserialnumber=L8NRCV02S493347.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\Images.lnk -> C:\Users\cl_97\OneDrive\Images - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\INFO-Malwarebytes PREMIUM 3.7.1.2839-Repack.txt.lnk -> D:\jeux\Malwarebytes PREMIUM 3.7.1.2839-Repack [Win FR]\INFO-Malwarebytes PREMIUM 3.7.1.2839-Repack.txt - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\Internet (2).lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\Internet.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\Invité commande.PNG.lnk -> C:\Users\cl_97\OneDrive\Images\Invité commande.PNG - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\Look_my_hardware.txt.lnk -> C:\Users\cl_97\OneDrive\Bureau\Look_my_hardware.txt - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\Malwarebytes PREMIUM 3.7.1.2839-Repack [Win FR].lnk -> D:\jeux\Malwarebytes PREMIUM 3.7.1.2839-Repack [Win FR] - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\Malwarebytes PREMIUM 3.7.1.2839-Repack [Win FR].torrent.lnk -> C:\Users\cl_97\Downloads\Malwarebytes PREMIUM 3.7.1.2839-Repack [Win FR].torrent - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\MarkC_Windows_10+8.x+7_MouseFix.zip.lnk -> C:\Users\cl_97\Downloads\MarkC_Windows_10+8.x+7_MouseFix.zip - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\Matériel et audio.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\microsoft-edgehttps--www.bing.com-searchq=supprimer%20des%20programmes%20dans%20Windows%2010&form=B00032&ocid=SettingsHAQ-BingIA&mkt=fr-FR.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\ms-availablenetworks.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay---.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-pid=11440&WindowId=2099518.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-pid=13280&WindowId=657140.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-pid=16864&WindowId=394992.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-pid=2008&WindowId=1575692.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-pid=2628&WindowId=3081860.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1820250788&ProcessId=7536&WindowId=395260.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1962957406&ProcessId=14248&WindowId=460826.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1962957406&ProcessId=19072&WindowId=657202.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1962957406&ProcessId=21520&WindowId=853862.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\ms-settingsbatterysaver.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\ms-settingsnetwork (2).lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\ms-settingsnetwork.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\Options d’alimentation (2).lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\Options d’alimentation (3).lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\Options d’alimentation.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\Pare-feu Windows Defender.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\Programmes et fonctionnalités.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\Programmes.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\rtkuwpAudioSettingsPage.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\Réseau et Internet.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\Souris.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\Système et sécurité.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\Toutes les tâches.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\Téléchargements.lnk -> C:\Users\cl_97\Downloads - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\Vidéos.lnk -> C:\Users\cl_97\Videos - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\Vérifier l’état de votre ordinateur et résoudre les problèmes.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Recent\WLAN_AZWAVE_2024.0.8.107_logo_Win10x64.zip.lnk -> C:\Users\cl_97\Downloads\WLAN_AZWAVE_2024.0.8.107_logo_Win10x64.zip - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\SendTo\Destinataire de télécopie.lnk -> C:\Windows\System32\WFS.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\WINDOWS\system32\WFS.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\SendTo\Transfert de fichiers Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\WINDOWS\system32\magnify.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\WINDOWS\system32\narrator.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\WINDOWS\system32\osk.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Google Hangouts.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\JP DBZ Space.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2\ASIO4ALL v2 Instruction Manual.lnk -> C:\Program Files (x86)\ASIO4ALL v2\ASIO4ALL v2 Instruction Manual.pdf - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2\ASIO4ALL Web Site.lnk -> C:\Program Files (x86)\ASIO4ALL v2\ASIO4ALL Web Site.url - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2\Uninstall.lnk -> C:\Program Files (x86)\ASIO4ALL v2\uninstall.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blitz.lnk -> C:\Users\cl_97\AppData\Local\Programs\Blitz\Blitz.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc\Discord.lnk -> C:\Users\cl_97\AppData\Local\Discord\Update.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 20.lnk -> C:\Program Files\Image-Line\FL Studio 20\FL64.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\More....lnk -> C:\Program Files\Image-Line\Shared\Start - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\MSI Afterburner.lnk -> C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\ReadMe.lnk -> C:\Program Files (x86)\MSI Afterburner\Doc\ReadMe.pdf - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\MSI Afterburner localization reference.lnk -> C:\Program Files (x86)\MSI Afterburner\SDK\Doc\Localization reference.pdf - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\MSI Afterburner skin format reference.lnk -> C:\Program Files (x86)\MSI Afterburner\SDK\Doc\USF skin format reference.pdf - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\Samples.lnk -> C:\Program Files (x86)\MSI Afterburner\SDK\Samples - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\Uninstall.lnk -> C:\Program Files (x86)\MSI Afterburner\Uninstall.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\cl_97\AppData\Local\Microsoft\OneDrive\OneDrive.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Parsec\Parsec.lnk -> C:\Program Files\Parsec\parsecd.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PCSX2 1.6.0.lnk -> C:\Program Files (x86)\PCSX2\pcsx2.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.7\IDLE (Python 3.7 64-bit).lnk -> C:\Users\cl_97\AppData\Local\Programs\Python\Python37\pythonw.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.7\Python 3.7 (64-bit).lnk -> C:\Users\cl_97\AppData\Local\Programs\Python\Python37\python.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.7\Python 3.7 Manuals (64-bit).lnk -> C:\WINDOWS\hh.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.7\Python 3.7 Module Docs (64-bit).lnk -> C:\Users\cl_97\AppData\Local\Programs\Python\Python37\python.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\ReadMe.lnk -> C:\Program Files (x86)\RivaTuner Statistics Server\Doc\ReadMe.pdf - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\RivaTuner Statistics Server.lnk -> C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\SDK\RivaTuner Statistics Server localization reference.lnk -> C:\Program Files (x86)\RivaTuner Statistics Server\SDK\Doc\Localization reference.pdf - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\SDK\RivaTuner Statistics Server skin format reference.lnk -> C:\Program Files (x86)\RivaTuner Statistics Server\SDK\Doc\USF skin format reference.pdf - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\SDK\Samples.lnk -> C:\Program Files (x86)\RivaTuner Statistics Server\SDK\Samples - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\Uninstall.lnk -> C:\Program Files (x86)\RivaTuner Statistics Server\Uninstall.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk -> C:\Users\cl_97\AppData\Roaming\Spotify\Spotify.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\steam.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\WINDOWS\system32\control.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\WINDOWS\system32\cmd.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop\Désinstaller Telegram.lnk -> C:\Users\cl_97\AppData\Roaming\Telegram Desktop\unins000.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop\Telegram.lnk -> C:\Users\cl_97\AppData\Roaming\Telegram Desktop\Telegram.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\PowerShell_ISE.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\WINDOWS\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\cl_97\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XLN Audio\Addictive Keys\Uninstall.lnk -> C:\Program Files (x86)\Steinberg\VSTPlugins\XLN Audio\Addictive Keys\uninstall.exe - Status : OK C:\Users\cl_97\Dropbox\Bureau - Raccourci.lnk -> C:\Users\cl_97\OneDrive\Bureau - Status : OK C:\Users\cl_97\Links\Desktop.lnk -> C:\Users\cl_97\OneDrive\Bureau - Status : OK C:\Users\cl_97\Links\Downloads.lnk -> C:\Users\cl_97\Downloads - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\WINDOWS\explorer.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\WINDOWS\explorer.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\WINDOWS\explorer.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\WINDOWS\explorer.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\WINDOWS\system32\taskmgr.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\WINDOWS\system32\cmd.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\WINDOWS\system32\cmd.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\WINDOWS\system32\compmgmt.msc - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\WINDOWS\system32\diskmgmt.msc - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\WINDOWS\system32\control.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\WINDOWS\system32\eventvwr.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\WINDOWS\system32\mblctr.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\WINDOWS\system32\WFS.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\WINDOWS\system32\magnify.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\WINDOWS\system32\narrator.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\WINDOWS\system32\osk.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\OneDrive\OneDrive.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\WINDOWS\system32\control.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\WINDOWS\system32\cmd.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\Public\Desktop\Advanced SystemCare.lnk -> C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe - Status : OK C:\Users\Public\Desktop\Betternet.lnk -> C:\Program Files (x86)\Betternet\5.3.0.433\Betternet.exe - Status : OK C:\Users\Public\Desktop\BlueStacks Multi-Instance Manager.lnk -> C:\Program Files\BlueStacks\HD-MultiInstanceManager.exe - Status : OK C:\Users\Public\Desktop\BlueStacks.lnk -> C:\Program Files\BlueStacks\Bluestacks.exe - Status : OK C:\Users\Public\Desktop\DAEMON Tools Pro.lnk -> C:\Program Files\DAEMON Tools Pro\DTPro.exe - Status : OK C:\Users\Public\Desktop\Epic Games Launcher.lnk -> C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe - Status : OK C:\Users\Public\Desktop\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe - Status : OK C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe - Status : OK C:\Users\Public\Desktop\Kaspersky Internet Security.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe - Status : OK C:\Users\Public\Desktop\Kaspersky Password Manager.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm.exe - Status : OK C:\Users\Public\Desktop\Kaspersky VPN.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe - Status : OK C:\Users\Public\Desktop\Kontakt 6 PORTABLE.lnk -> D:\cl_97\Native Instruments Kontakt 6 v6.0.2 Portable.WIN\Kontakt6Portable\Kontakt\x64\Kontakt.exe - Status : OK C:\Users\Public\Desktop\Kontakt.lnk -> C:\Program Files\Native Instruments\Kontakt\Kontakt.exe - Status : OK C:\Users\Public\Desktop\Library Manager.lnk -> D:\cl_97\Native Instruments Kontakt 6 v6.0.2 Portable.WIN\Kontakt6Portable\Helper\Library Manager\Library Manager.exe - Status : OK C:\Users\Public\Desktop\LOL SKIN.lnk -> C:\Users\cl_97\Downloads\ModSkin_11.12.1\3FbFJ.exe - Status : OK C:\Users\Public\Desktop\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe - Status : OK C:\Users\Public\Desktop\ScpToolkit Driver Installer.lnk -> C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpDriverInstaller.exe - Status : OK C:\Users\Public\Desktop\ScpToolkit Monitor (legacy).lnk -> C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpMonitor.exe - Status : OK C:\Users\Public\Desktop\ScpToolkit Settings Manager.lnk -> C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpSettings.exe - Status : OK C:\Users\Public\Desktop\ScpToolkit Updater.lnk -> C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe - Status : OK C:\Users\Public\Desktop\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe - Status : OK C:\Users\Public\Desktop\Streamlabs OBS.lnk -> C:\Program Files\Streamlabs OBS\Streamlabs OBS.exe - Status : OK C:\Users\Public\Desktop\UltraISO.lnk -> C:\Program Files (x86)\UltraISO\UltraISO.exe - Status : OK C:\Users\Public\Desktop\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\WINDOWS\explorer.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\WINDOWS\explorer.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\WINDOWS\explorer.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\WINDOWS\explorer.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\WINDOWS\system32\taskmgr.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\WINDOWS\system32\cmd.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\WINDOWS\system32\cmd.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\WINDOWS\system32\compmgmt.msc - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\WINDOWS\system32\diskmgmt.msc - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\WINDOWS\system32\control.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\WINDOWS\system32\eventvwr.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\WINDOWS\system32\mblctr.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\SendTo\Destinataire de télécopie.lnk -> C:\Windows\System32\WFS.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\WINDOWS\system32\WFS.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\WINDOWS\system32\magnify.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\WINDOWS\system32\narrator.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\WINDOWS\system32\osk.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\OneDrive\OneDrive.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\WINDOWS\system32\control.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\WINDOWS\system32\cmd.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\WINDOWS\explorer.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\WINDOWS\explorer.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\WINDOWS\explorer.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\WINDOWS\explorer.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\WINDOWS\system32\taskmgr.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\WINDOWS\system32\cmd.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\WINDOWS\system32\cmd.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\WINDOWS\system32\compmgmt.msc - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\WINDOWS\system32\diskmgmt.msc - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\WINDOWS\system32\control.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\WINDOWS\system32\eventvwr.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\WINDOWS\system32\mblctr.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\SendTo\Destinataire de télécopie.lnk -> C:\Windows\System32\WFS.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\WINDOWS\system32\WFS.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\WINDOWS\system32\magnify.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\WINDOWS\system32\narrator.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\WINDOWS\system32\osk.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\OneDrive\OneDrive.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\WINDOWS\system32\control.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\WINDOWS\system32\cmd.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe - Status : OK C:\Windows\WinSxS\amd64_eventviewersettings_31bf3856ad364e35_10.0.19041.1_none_aae8e58aa310aa7d\Event Viewer.lnk -> C:\WINDOWS\system32\eventvwr.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-hyper-v-management-clients_31bf3856ad364e35_10.0.19041.1_none_a87cce111f2d21d5\Hyper-V Manager.lnk -> C:\WINDOWS\System32\mmc.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-a..roblemstepsrecorder_31bf3856ad364e35_10.0.19041.746_none_b8eadbf8a9c907b3\Steps Recorder.lnk -> C:\WINDOWS\system32\psr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-advancedtaskmanager_31bf3856ad364e35_10.0.19041.844_none_8cde26fe4a506084\Task Manager.lnk -> C:\WINDOWS\system32\taskmgr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-c..-disposableclientvm_31bf3856ad364e35_10.0.19041.985_none_c3639a9e3ab1a351\Windows Sandbox.lnk -> C:\WINDOWS\system32\WindowsSandbox.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-c..s-admin-compsvclink_31bf3856ad364e35_10.0.19041.1_none_88835f4d79d6a242\Component Services.lnk -> C:\WINDOWS\system32\comexp.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-c..termanagementsnapin_31bf3856ad364e35_10.0.19041.746_none_290f6af7d5263efa\Computer Management.lnk -> C:\WINDOWS\system32\compmgmt.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-charmap_31bf3856ad364e35_10.0.19041.1_none_a84acae243b8ad63\Character Map.lnk -> C:\WINDOWS\system32\charmap.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-cleanmgr_31bf3856ad364e35_10.0.19041.906_none_4b68c4a9bc3aa082\Disk Cleanup.lnk -> C:\WINDOWS\system32\cleanmgr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-commandprompt-shortcut_31bf3856ad364e35_10.0.19041.1_none_efaf63248e6d4479\Command Prompt.lnk -> C:\WINDOWS\system32\cmd.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-d..-tools-mmc-adsiedit_31bf3856ad364e35_10.0.19041.746_none_911fb46a38a61421\ADSIEdit.lnk -> C:\WINDOWS\system32\adsiedit.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-d..mc-sitesandservices_31bf3856ad364e35_10.0.19041.746_none_7d35d325c812757b\Active Directory Sites and Services.lnk -> C:\WINDOWS\system32\dssite.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-d..services-adam-setup_31bf3856ad364e35_10.0.19041.746_none_1a1e8292dcf10728\ADAM Install.lnk -> C:\WINDOWS\ADAM\adaminstall.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-defrag-adminui_31bf3856ad364e35_10.0.19041.746_none_770f598aef14382e\dfrgui.lnk -> C:\WINDOWS\system32\dfrgui.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-e..er-server-shortcuts_31bf3856ad364e35_10.0.19041.1_none_5e85a7ed6f490164\Administrative Tools.lnk -> C:\WINDOWS\system32\control.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\01 - Command Prompt.lnk -> C:\WINDOWS\system32\cmd.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\01a - Windows PowerShell.lnk -> C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\02 - Command Prompt.lnk -> C:\WINDOWS\system32\cmd.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\02a - Windows PowerShell.lnk -> C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\03 - Computer Management.lnk -> C:\WINDOWS\system32\compmgmt.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\04 - Disk Management.lnk -> C:\WINDOWS\system32\diskmgmt.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\04-1 - NetworkStatus.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\05 - Device Manager.lnk -> C:\WINDOWS\system32\control.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\06 - SystemAbout.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\07 - Event Viewer.lnk -> C:\WINDOWS\system32\eventvwr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\08 - PowerAndSleep.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\09 - Mobility Center.lnk -> C:\WINDOWS\system32\mblctr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\1 - Desktop.lnk -> C:\WINDOWS\explorer.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\1 - Run.lnk -> C:\WINDOWS\explorer.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\10 - AppsAndFeatures.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\2 - Search.lnk -> C:\WINDOWS\explorer.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\3 - Windows Explorer.lnk -> C:\WINDOWS\explorer.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\4 - Control Panel.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\5 - Task Manager.lnk -> C:\WINDOWS\system32\taskmgr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\computer.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\Control Panel.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\File Explorer.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\Run.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\Shows Desktop.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\Window Switcher.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-f..client-applications_31bf3856ad364e35_10.0.19041.746_none_56f2f7338735a9a6\Fax Recipient.lnk -> C:\WINDOWS\system32\WFS.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-f..client-applications_31bf3856ad364e35_10.0.19041.746_none_56f2f7338735a9a6\Windows Fax and Scan.lnk -> C:\WINDOWS\system32\WFS.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-i..ntrolpanel.appxmain_31bf3856ad364e35_10.0.19041.1081_none_8f9bf0424c269348\Immersive Control Panel.lnk -> C:\WINDOWS\System32\Control.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-iis-clientshortcuts_31bf3856ad364e35_10.0.19041.1_none_9f9e4023b60d2433\IIS Client Manager.lnk -> C:\WINDOWS\system32\inetsrv\InetMgr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-iis-legacysnapin_31bf3856ad364e35_10.0.19041.906_none_5f45625010b4cd19\IIS6 Manager.lnk -> C:\WINDOWS\system32\inetsrv\InetMgr6.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-iis-managementconsole_31bf3856ad364e35_10.0.19041.906_none_65f82ba919c64b11\IIS Manager.lnk -> C:\WINDOWS\system32\inetsrv\InetMgr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-iscsi_initiator_ui_31bf3856ad364e35_10.0.19041.1_none_8ddc3834fb6f659f\iSCSI Initiator.lnk -> C:\WINDOWS\system32\iscsicpl.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-m..-odbc-administrator_31bf3856ad364e35_10.0.19041.1_none_fa40f4e1dd1492a8\ODBC Data Sources (64-bit).lnk -> C:\WINDOWS\system32\odbcad32.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-m..diagnostic-schedule_31bf3856ad364e35_10.0.19041.1_none_49c7a9c019150ac4\Memory Diagnostics Tool.lnk -> C:\WINDOWS\system32\MdSched.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-magnify_31bf3856ad364e35_10.0.19041.1023_none_e3058dfa4dd44bcb\Magnify.lnk -> C:\WINDOWS\system32\magnify.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-mediaplayer-shortcut_31bf3856ad364e35_10.0.19041.1_none_64c27fc7ed12e401\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-msconfig-exe_31bf3856ad364e35_10.0.19041.1110_none_4f46693352ed3250\System Configuration.lnk -> C:\WINDOWS\system32\msconfig.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-msconfig-exe_31bf3856ad364e35_10.0.19041.1_none_906b4c073d1d970c\System Configuration.lnk -> C:\WINDOWS\system32\msconfig.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-msinfo32-exe_31bf3856ad364e35_10.0.19041.1110_none_20a89186aedb6af7\System Information.lnk -> C:\WINDOWS\system32\msinfo32.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-msinfo32-exe_31bf3856ad364e35_10.0.19041.1_none_61cd745a990bcfb3\System Information.lnk -> C:\WINDOWS\system32\msinfo32.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-mspaint_31bf3856ad364e35_10.0.19041.746_none_6c16d1714d60fddf\Paint.lnk -> C:\WINDOWS\system32\mspaint.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-narrator_31bf3856ad364e35_10.0.19041.789_none_9beee4eb02a5f8c7\Narrator.lnk -> C:\WINDOWS\system32\narrator.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-nfs-adminmmc_31bf3856ad364e35_10.0.19041.1_none_9da8f6be034114e3\Services For Network File System.lnk -> C:\WINDOWS\system32\nfsmgmt.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-notepad_31bf3856ad364e35_10.0.19041.1081_none_e3f87355251e8c43\Notepad.lnk -> C:\WINDOWS\system32\notepad.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-osk_31bf3856ad364e35_10.0.19041.1_none_60ade0eff94c37fc\On-Screen Keyboard.lnk -> C:\WINDOWS\system32\osk.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-performancetoolsgui_31bf3856ad364e35_10.0.19041.746_none_7a0308f7ffc334d5\Performance Monitor.lnk -> C:\WINDOWS\system32\perfmon.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-performancetoolsgui_31bf3856ad364e35_10.0.19041.746_none_7a0308f7ffc334d5\Resource Monitor.lnk -> C:\WINDOWS\system32\perfmon.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-powershell-ise_31bf3856ad364e35_10.0.19041.1_none_1ed6cb15a1b51b10\Windows PowerShell ISE (x86).lnk -> C:\WINDOWS\syswow64\WindowsPowerShell\v1.0\PowerShell_ISE.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-powershell-ise_31bf3856ad364e35_10.0.19041.1_none_1ed6cb15a1b51b10\Windows PowerShell ISE.lnk -> C:\WINDOWS\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-quickassist_31bf3856ad364e35_10.0.19041.964_none_dbe27aa7cda42a65\Quick Assist.lnk -> C:\WINDOWS\system32\quickassist.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-recoverydrive_31bf3856ad364e35_10.0.19041.746_none_068bfbddea7cb9b4\RecoveryDrive.lnk -> C:\WINDOWS\system32\RecoveryDrive.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_10.0.19041.746_none_d22800313aa7eb5c\Registry Editor.lnk -> C:\WINDOWS\regedit.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-s..ment-policytools-ex_31bf3856ad364e35_10.0.19041.1_none_0f506321e073254e\Security Configuration Management.lnk -> C:\WINDOWS\system32\secpol.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_10.0.19041.1_none_8554f027e5186b5e\services.lnk -> C:\WINDOWS\system32\services.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-snippingtool-app_31bf3856ad364e35_10.0.19041.746_none_77bd4cfbe87238a7\Snipping Tool.lnk -> C:\WINDOWS\system32\SnippingTool.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-speech-userexperience_31bf3856ad364e35_10.0.19041.746_none_fa033ad7aa9be481\Speech Recognition.lnk -> C:\WINDOWS\Speech\Common\sapisvr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-t..etpc-mathinputpanel_31bf3856ad364e35_10.0.19041.746_none_a89acde4afbab635\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_10.0.19041.746_none_2bd598617fe6d4c3\Remote Desktop Connection.lnk -> C:\WINDOWS\system32\mstsc.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-wordpad_31bf3856ad364e35_10.0.19041.1052_none_a29547672207232d\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft.windows.powershell.common_31bf3856ad364e35_10.0.19041.1_none_e6d05ddbba96a35b\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft.windows.powershell.common_31bf3856ad364e35_10.0.19041.1_none_e6d05ddbba96a35b\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\WinSxS\amd64_multipoint-logcollector_31bf3856ad364e35_10.0.19041.1_none_56138d203a7fc4cf\MultiPoint Log Collector.lnk -> C:\Program Files\Windows MultiPoint Server\LogCollector.exe - Status : OK C:\Windows\WinSxS\amd64_multipoint-wmsmanager_31bf3856ad364e35_10.0.19041.1_none_d1ffdc3927836528\MultiPoint Manager.lnk -> C:\Program Files\Windows MultiPoint Server\WmsManager.exe - Status : OK C:\Windows\WinSxS\amd64_networking-mpssvc-shortcut_31bf3856ad364e35_10.0.19041.1_none_3b48028dac22b3be\Windows Defender Firewall with Advanced Security.lnk -> C:\WINDOWS\system32\WF.msc - Status : OK C:\Windows\WinSxS\amd64_taskschedulersettings_31bf3856ad364e35_10.0.19041.1_none_00dc114da3ba6b01\Task Scheduler.lnk -> C:\WINDOWS\system32\taskschd.msc - Status : OK C:\Windows\WinSxS\msil_hyperv-ux-ui-vmcreate_31bf3856ad364e35_10.0.19041.1_none_8d387dde0a6c6d14\VMCreate.lnk -> C:\Program Files\Hyper-V\VMCreate.exe - Status : OK C:\Windows\WinSxS\msil_multipoint-wmsdashboard_31bf3856ad364e35_10.0.19041.1_none_061d84508b376f80\MultiPoint Dashboard.lnk -> C:\Program Files\Windows MultiPoint Server\WmsDashboard.exe - Status : OK C:\Windows\WinSxS\wow64_microsoft-windows-m..-odbc-administrator_31bf3856ad364e35_10.0.19041.1_none_04959f34117554a3\ODBC Data Sources (32-bit).lnk -> C:\WINDOWS\syswow64\odbcad32.exe - Status : OK C:\Windows\WinSxS\wow64_microsoft-windows-onedrive-setup_31bf3856ad364e35_10.0.19041.1_none_e585f901f9ce93e6\OneDrive.lnk -> C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\OneDrive\OneDrive.exe - Status : OK D:\cl_97\Documents\Bin64\Bin64\Devmode.lnk -> C:\Program Files (x86)\Steam\steamapps\common\crysis\Bin64\Crysis.exe - Status : OK D:\Programmes\Data (D) - Raccourci.lnk -> D:\ - Status : OK ---------- | Tasks [MD5.62F36A46CC2027A23B3D91AAF6C93E84] - [19/04/2021 23:51:08] - |A| - [214] - C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job [MD5.62E2CE3BD3FA7A8D6D847A240D3DBAFE] - [10/12/2020 10:29:36] - |A| - [1212] - C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job [MD5.585BA49739EBA53BD0F8884E538050DC] - [10/12/2020 10:29:36] - |A| - [1216] - C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [28/01/2021 10:35:32] - |AH| - [6] - C:\WINDOWS\Tasks\SA.DAT [MD5.00000000000000000000000000000000] - [26/03/2021 03:17:37] - |D| - [2620] - C:\WINDOWS\System32\Tasks\Agent Activation Runtime [MD5.98D8E5746E4A52E5352C3A7A1EEA8392] - [18/07/2021 01:28:03] - |A| - [3302] - C:\WINDOWS\System32\Tasks\ASC_PerformanceMonitor : "C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe" [MD5.4D0ACDA2D3697E3D0D5999AEB82D30D9] - [18/07/2021 01:27:11] - |A| - [3092] - C:\WINDOWS\System32\Tasks\ASC_SkipUac_cl_97 : "C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe" [MD5.00000000000000000000000000000000] - [28/01/2021 10:35:32] - |D| - [19620] - C:\WINDOWS\System32\Tasks\ASUS [MD5.A4E569A2802D18C49007798EBE312E2A] - [14/07/2021 19:08:03] - |A| - [3764] - C:\WINDOWS\System32\Tasks\ASUS Optimization 36D18D69AFC3 : "C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSOptimization\AsusHotkeyExec.exe" [MD5.001517E2CE1AAD52EEF09A5B00153B18] - [14/07/2021 19:10:12] - |A| - [4122] - C:\WINDOWS\System32\Tasks\ASUS Update Checker 2.0 : "C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSoftwareManager\AsusUpdateChecker.exe" [MD5.3E75141515B06AD30EB3A4C2847F7F45] - [28/01/2021 10:35:32] - |A| - [3752] - C:\WINDOWS\System32\Tasks\AsusSystemAnalysis_754F3273-0563-4F20-B12F-826510B07474 : "C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\AsusSystemAnalysis.exe" [MD5.E4DA6EACD4238599F88404FE35A6884C] - [29/03/2021 17:09:24] - |A| - [3946] - C:\WINDOWS\System32\Tasks\BlueStacksHelper : C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [MD5.299192DBAA02DB8672BC9D745EF184DF] - [09/02/2021 22:52:47] - |A| - [3180] - C:\WINDOWS\System32\Tasks\Driver Booster Scheduler : "C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe" [MD5.A1CA9917C3708E42158A382454B321BE] - [09/02/2021 22:52:47] - |A| - [2940] - C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (cl_97) : "C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe" [MD5.9DEDF326F6864A2181CFA6164B7A5939] - [09/02/2021 22:52:47] - |A| - [3166] - C:\WINDOWS\System32\Tasks\Driver Booster Update : "C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe" [MD5.F320C36DB8F55C62D9D04B9D55EE9B22] - [28/01/2021 10:35:32] - |A| - [4044] - C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore : C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [MD5.CEFDA0BFC412CD3908311E8DA3D0A743] - [28/01/2021 10:35:32] - |A| - [4276] - C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA : C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [MD5.A3D1B2D8B225A93508FCEC87918D849D] - [28/01/2021 10:35:32] - |A| - [3726] - C:\WINDOWS\System32\Tasks\DSB Notification : C:\Program Files\ASUS\DSB Notification\DSBNotification.exe [MD5.CB2AA35FADC1D557D4863873FAD3C83D] - [28/01/2021 10:35:32] - |A| - [3464] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.ED9BABDFF364ACE4CEAAAAE753F01EC4] - [28/01/2021 10:35:32] - |A| - [3588] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] - [20/06/2021 12:14:34] - |D| - [16200] - C:\WINDOWS\System32\Tasks\Lenovo [MD5.00000000000000000000000000000000] - [07/12/2019 11:14:52] - |D| - [674812] - C:\WINDOWS\System32\Tasks\Microsoft [MD5.E6D616021297481F5F4BF1BE272FCDB4] - [28/01/2021 10:35:32] - |A| - [3338] - C:\WINDOWS\System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore : C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [MD5.749FD5E6DEFD1FEE120DF36834FD839D] - [08/02/2021 22:46:00] - |A| - [3540] - C:\WINDOWS\System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6f5503493b962 : C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [MD5.D54D2AC71FF157F0ADCAE8121721B520] - [28/01/2021 10:35:32] - |A| - [3634] - C:\WINDOWS\System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA : C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [MD5.3FCF5E0D7D1D01D2FDE412AC20D2ED17] - [22/06/2021 18:18:20] - |A| - [4106] - C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [MD5.CAFC39FE5084D650F41CD5D5CB55A2C3] - [22/06/2021 18:18:20] - |A| - [4308] - C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [MD5.F55B2F72E563AB4B2C6F011BD0C0A3BC] - [22/06/2021 18:18:25] - |A| - [3976] - C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : "C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe" [MD5.9200A7AEAD4C78C61F5CA9964667C70D] - [22/06/2021 18:18:25] - |A| - [3940] - C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [MD5.9442CAF11ED6A5CE65C3ED0F836A4066] - [22/06/2021 18:18:16] - |A| - [3894] - C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [MD5.4C1943F7A098FE04B84E9B3BDC3715BF] - [22/06/2021 18:18:16] - |A| - [3654] - C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [MD5.F5AB9A713C547B19C8372E82EDF64049] - [22/06/2021 18:18:20] - |A| - [3858] - C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [MD5.8EC9BBA7D3AA61450CDE5CD0C0026D39] - [22/06/2021 18:18:20] - |A| - [3858] - C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [MD5.45E7F6518CD095E8A32C97FE134C7E87] - [22/06/2021 18:18:20] - |A| - [3858] - C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [MD5.72EBE4189560FE4B8BB4C641979DAB12] - [22/06/2021 18:18:20] - |A| - [3858] - C:\WINDOWS\System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [MD5.8ECE0AD8796CAE0D037755BD7F38F542] - [08/07/2021 22:29:22] - |A| - [3378] - C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1459843401-856262318-2992657480-1001 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.041B51F927C45CE28DCF6D1A4237B3D4] - [28/01/2021 10:35:32] - |A| - [2852] - C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1459843401-856262318-2992657480-500 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.63422B1A4BAD268B0111EB2E1CF9291A] - [28/01/2021 10:35:32] - |A| - [3388] - C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-54527157-2376648009-1082403599-500 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.8F7B4758CCC4513F1ED007189D04B928] - [28/01/2021 10:35:32] - |A| - [3366] - C:\WINDOWS\System32\Tasks\RtkAudUService64_BG : ""C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c759ff49aef8a7cf\RtkAudUService64.exe"" [MD5.0BAAAE48C7308071581D3DC80B91B174] - [21/07/2021 19:20:03] - |A| - [3352] - C:\WINDOWS\System32\Tasks\Sump Task (One-Time) : "C:\Program Files (x86)\IObit\Advanced SystemCare\sump.exe" [MD5.464D133E088AC4BE67ADBAD8FA6C8111] - [05/04/2021 16:09:18] - |A| - [3956] - C:\WINDOWS\System32\Tasks\updater : C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe [MD5.00000000000000000000000000000000] - [07/12/2019 11:14:52] - |D| - [0] - C:\WINDOWS\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "WiFiDirect-KM-Driver-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=System|Name=@wlansvc.dll,-37378|Desc=@wlansvc.dll,-37890|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=System|Name=@wlansvc.dll,-37379|Desc=@wlansvc.dll,-37891|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-In-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=System|Name=@wlansvc.dll,-37380|Desc=@wlansvc.dll,-37892|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=System|Name=@wlansvc.dll,-37381|Desc=@wlansvc.dll,-37893|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "DeliveryOptimization-TCP-In"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "DeliveryOptimization-UDP-In"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "WirelessDisplay-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Infra-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7250|App=%systemroot%\system32\CastSrv.exe|Name=@wifidisplay.dll,-10206|Desc=@wifidisplay.dll,-10207|EmbedCtxt=@wifidisplay.dll,-100| "{A54EFD5E-73E9-4A6D-8AC7-CABE8F954008}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe|Name=AutoConnectHelper TCP|Desc=AutoConnectHelper TCP|Edge=TRUE| "UDP Query User{244F15EA-E58C-4E5C-9F72-7C966A393242}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe|Name=Fortnite|Desc=Fortnite|Defer=User| "TCP Query User{5F7D87BF-1499-4894-AD3E-31D234B925D1}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe|Name=Fortnite|Desc=Fortnite|Defer=User| "{4D9836C7-56C6-47D2-A5D0-B32FB1863C6C}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe|Name=ArmourySocketServer|Desc=ArmourySocketServer| "{689B3A67-F112-43E2-9614-84073A091DC6}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe|Name=FrameworkService|Desc=FrameworkService| "{CA512B45-7B0E-40E9-80E7-AE6CDF9770A1}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe|Name=ArmouryHtmlDebugServer|Desc=ArmouryHtmlDebugServer| "{61CCAA7B-5A5F-41BA-A924-62E3F013B166}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Private|Profile=Public|App=C:\Program Files\Parsec\parsecd.exe|Name=Parsec| "{34015C47-0BE3-4518-9AB9-789870EE8129}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe|Name=ArmourySocketServer|Desc=ArmourySocketServer| "{BC901173-3799-4676-9880-C7A541E97191}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe|Name=FrameworkService|Desc=FrameworkService| "{DB60F3FD-77BF-42FB-BB8C-0F56A62FBE1C}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe|Name=ArmouryHtmlDebugServer|Desc=ArmouryHtmlDebugServer| "{15DB95F6-1CAF-4941-A14A-FB16CDBC1642}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Name=Xbox Game Bar Plugin|Desc=Xbox Game Bar Plugin|LUOwn=S-1-5-21-1459843401-856262318-2992657480-1001|AppPkgId=S-1-15-2-1823635404-1364722122-2170562666-1762391777-2399050872-3465541734-3732476201|EmbedCtxt=Xbox Game Bar Plugin|Platform=2:6:2|Platform2=GTEQ| "UDP Query User{28955738-4F5D-4F86-AC59-C8F840336719}C:\users\cl_97\appdata\roaming\spotify\spotify.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\cl_97\appdata\roaming\spotify\spotify.exe|Name=spotify.exe|Desc=spotify.exe|Defer=User| "TCP Query User{B1571A45-A4E3-4A7D-B72E-EF4AA3FF4FD2}C:\users\cl_97\appdata\roaming\spotify\spotify.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\cl_97\appdata\roaming\spotify\spotify.exe|Name=spotify.exe|Desc=spotify.exe|Defer=User| "{A2A2AAD3-2D6A-431F-A163-18AABBCBF2E9}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Name=Xbox TCUI|Desc=Xbox TCUI|LUOwn=S-1-5-21-1459843401-856262318-2992657480-1001|AppPkgId=S-1-15-2-2603511428-3224021693-1028932517-3941269705-3349582775-2312504883-4057327947|EmbedCtxt=Xbox TCUI|Platform=2:6:2|Platform2=GTEQ| "{81794CE0-2C36-405F-BD4E-1BFF6811729A}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Name=Microsoft Pay|Desc=Microsoft Pay|LUOwn=S-1-5-21-1459843401-856262318-2992657480-1001|AppPkgId=S-1-15-2-567501097-281763132-502764112-1855211022-3143306454-2372101908-561929011|EmbedCtxt=Microsoft Pay|Platform=2:6:2|Platform2=GTEQ| "{D3D3A532-62B7-40CA-9A90-A4337EE34CF1}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Name=AMD Radeon™ Settings Lite|Desc=AMD Radeon™ Settings Lite|LUOwn=S-1-5-21-1459843401-856262318-2992657480-1000|AppPkgId=S-1-15-2-1036060538-1371916910-1721558205-1771714225-809698444-271080112-3243963158|EmbedCtxt=AMD Radeon™ Settings Lite|Platform=2:6:2|Platform2=GTEQ| "{5093FD70-7A77-4934-9B55-600192980E44}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-1459843401-856262318-2992657480-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{BFD473A6-F9E6-47B2-9252-B4E000C7C30B}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-18|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{AC5CBC8B-6D13-4AF8-A62C-D9C93323C67A}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=AMD Radeon™ Settings Lite|Desc=AMD Radeon™ Settings Lite|LUOwn=S-1-5-21-1459843401-856262318-2992657480-1001|AppPkgId=S-1-15-2-1036060538-1371916910-1721558205-1771714225-809698444-271080112-3243963158|EmbedCtxt=AMD Radeon™ Settings Lite|Platform=2:6:2|Platform2=GTEQ| "{551C863B-2BB0-4E19-9F3A-C6D3F2EB24D7}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe|Name=Driver Booster| "{68BAA8DD-DBF5-40D2-B2E4-284077E03A4F}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe|Name=Driver Booster| "{7887FA24-4F22-4B0E-91D9-AA9A5C1B5620}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe|Name=Booster| "{5CAC9CD3-411F-4164-BF97-94AB3582096B}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe|Name=Booster| "{8B7E624C-152C-4789-970A-D396835E7FEE}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe|Name=Driver| "{D93AC3C4-2E6E-4263-AB63-02B6DDAEAC5D}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe|Name=Driver| "{4F5CAE0E-28C1-43AD-B3B1-C03DDCB62B2D}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\BlueStacks\HD-Player.exe|Name=BlueStacks Service| "TCP Query User{D4D30CFC-5032-49C0-B027-78B5C6273C12}C:\users\cl_97\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\cl_97\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe|Name=plutonium-bootstrapper-win32.exe|Desc=plutonium-bootstrapper-win32.exe|Defer=User| "UDP Query User{C06D6419-F22B-40BD-8022-72613A6F990A}C:\users\cl_97\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\cl_97\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe|Name=plutonium-bootstrapper-win32.exe|Desc=plutonium-bootstrapper-win32.exe|Defer=User| "{F8830DF9-25E5-4F9A-8851-C9A18C727620}"=v2.30|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\cl_97\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe|Name=plutonium-bootstrapper-win32.exe|Desc=plutonium-bootstrapper-win32.exe| "{E04F13D1-3902-4AC4-A819-F35ED3F004E4}"=v2.30|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\cl_97\appdata\local\plutonium\bin\plutonium-bootstrapper-win32.exe|Name=plutonium-bootstrapper-win32.exe|Desc=plutonium-bootstrapper-win32.exe| "TCP Query User{11F96802-ECD3-4EEF-9AE4-12E3BCDA70AE}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe|Name=Fortnite|Desc=Fortnite|Defer=User| "UDP Query User{062E1A40-E60C-4D0B-AB38-17D9FB38DA34}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe|Name=Fortnite|Desc=Fortnite|Defer=User| "{C474A34B-5DC5-47A0-B55A-BE689855F81E}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe|Name=ArmourySocketServer|Desc=ArmourySocketServer| "{0243522A-8E3D-4CE2-9051-259C13745078}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe|Name=ArmouryHtmlDebugServer|Desc=ArmouryHtmlDebugServer| "{754C14E3-E112-4513-99A2-94820D5A0FE5}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe|Name=FrameworkService|Desc=FrameworkService| "{8D897CC9-2848-4E2E-B1F9-7B7AEC5C7217}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-1459843401-856262318-2992657480-1001|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "{45580255-6F4A-40BF-A5CA-7CB16AAF93E8}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-1459843401-856262318-2992657480-1001|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{41DC1ABB-2274-4B4B-942C-DADA0024E313}C:\games\forza horizon 4\forzahorizon4.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\games\forza horizon 4\forzahorizon4.exe|Name=Forza Horizon 4|Desc=Forza Horizon 4|Defer=User| "UDP Query User{B8F38FEC-71D9-4E7F-9BFF-DDF16110F075}C:\games\forza horizon 4\forzahorizon4.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\games\forza horizon 4\forzahorizon4.exe|Name=Forza Horizon 4|Desc=Forza Horizon 4|Defer=User| "{A956816A-2DF8-448A-8398-3218DAEEC33F}"=v2.30|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\games\forza horizon 4\forzahorizon4.exe|Name=Forza Horizon 4|Desc=Forza Horizon 4| "{D06DDD84-9ED3-4DE3-B8E2-77D94E67C9A6}"=v2.30|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\games\forza horizon 4\forzahorizon4.exe|Name=Forza Horizon 4|Desc=Forza Horizon 4| "{F1F80574-DB96-4657-AD7D-0F1698EDB211}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe|Name=Framework Service|Desc=Framework Service| "{FF670EA1-C0EB-404F-869B-5493D746F949}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe|Name=ArmourySocketServer|Desc=ArmourySocketServer| "{2D7020C2-824D-48AE-9F04-4AF96D2698C2}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe|Name=ArmouryHtmlDebugServer|Desc=ArmouryHtmlDebugServer| "{6AED9012-8F6F-4BAF-BE74-9D32F58F4109}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe|Name=FrameworkService|Desc=FrameworkService| "{EC2FC136-E42A-4ED5-8C66-6F896C889641}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=ARMOURY CRATE|Desc=ARMOURY CRATE|LUOwn=S-1-5-21-1459843401-856262318-2992657480-1001|AppPkgId=S-1-15-2-490905099-2794809881-2632752266-3514030558-4166392763-3416490339-321513134|EmbedCtxt=ARMOURY CRATE|Platform=2:6:2|Platform2=GTEQ| "{9A2D7CF4-8CEC-488A-82A0-3EA604786EBB}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=ARMOURY CRATE|Desc=ARMOURY CRATE|LUOwn=S-1-5-21-1459843401-856262318-2992657480-1001|AppPkgId=S-1-15-2-490905099-2794809881-2632752266-3514030558-4166392763-3416490339-321513134|EmbedCtxt=ARMOURY CRATE|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{5F92B522-A10E-41D0-A55A-5AC1189D1C89}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Edge|Desc=Microsoft Edge|LUOwn=S-1-5-21-1459843401-856262318-2992657480-1001|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=Microsoft Edge|Platform=2:6:2|Platform2=GTEQ| "{61DA9115-B687-463A-B2F3-7EEB43CC5B99}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Edge|Desc=Microsoft Edge|LUOwn=S-1-5-21-1459843401-856262318-2992657480-1001|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=Microsoft Edge|Platform=2:6:2|Platform2=GTEQ| "{5FE79354-8466-4CC3-A51E-D634F9F479EB}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=NcsiUwpApp|Desc=NcsiUwpApp|LUOwn=S-1-5-21-1459843401-856262318-2992657480-1001|AppPkgId=S-1-15-2-138780814-3997110584-2874353029-2041838810-3659441231-3169655024-3643974355|EmbedCtxt=NcsiUwpApp|Platform=2:6:2|Platform2=GTEQ| "{A3A842C4-2327-4B25-9058-20D9F85020C2}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-1459843401-856262318-2992657480-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{98DFCD12-F39E-4632-BFE9-E64336C9F2CF}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-1459843401-856262318-2992657480-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{7AFD798F-FB44-4ABF-B56C-19D040B2DD89}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Lenovo Vantage|Desc=Lenovo Vantage|LUOwn=S-1-5-21-1459843401-856262318-2992657480-1001|AppPkgId=S-1-15-2-4089219695-2918877493-2298198654-3910773282-1202009102-2725390625-3479975918|EmbedCtxt=Lenovo Vantage|Platform=2:6:2|Platform2=GTEQ| "{527825E6-21B1-4C61-927A-60EB762715A8}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Lenovo Vantage|Desc=Lenovo Vantage|LUOwn=S-1-5-21-1459843401-856262318-2992657480-1001|AppPkgId=S-1-15-2-4089219695-2918877493-2298198654-3910773282-1202009102-2725390625-3479975918|EmbedCtxt=Lenovo Vantage|Platform=2:6:2|Platform2=GTEQ| "{6204F179-1EFA-49AD-9393-138642D8FE6A}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Cortana|Desc=Cortana|LUOwn=S-1-5-21-1459843401-856262318-2992657480-1001|AppPkgId=S-1-15-2-1880626798-2296700190-2192216202-2581987570-949377748-777141861-2889999867|EmbedCtxt=Cortana|Platform=2:6:2|Platform2=GTEQ| "{65B4B403-4B59-4C82-8933-BA87ABE9CFBF}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Cortana|Desc=Cortana|LUOwn=S-1-5-21-1459843401-856262318-2992657480-1001|AppPkgId=S-1-15-2-1880626798-2296700190-2192216202-2581987570-949377748-777141861-2889999867|EmbedCtxt=Cortana|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{5D917A58-BA3B-48AD-BC03-A55A7CA86BE2}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=OneNote for Windows 10|Desc=OneNote for Windows 10|LUOwn=S-1-5-21-1459843401-856262318-2992657480-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote for Windows 10|Platform=2:6:2|Platform2=GTEQ| "{B3D0361C-7CD7-41AC-9BF5-55D022A505BA}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote for Windows 10|Desc=OneNote for Windows 10|LUOwn=S-1-5-21-1459843401-856262318-2992657480-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote for Windows 10|Platform=2:6:2|Platform2=GTEQ| "{49361AEA-F4B4-4C35-B344-56AC51286EBE}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Windows Feature Experience Pack|Desc=Windows Feature Experience Pack|LUOwn=S-1-5-21-1459843401-856262318-2992657480-1001|AppPkgId=S-1-15-2-283421221-3183566570-1718213290-751554359-3541592344-2312209569-3374928651|EmbedCtxt=Windows Feature Experience Pack|Platform=2:6:2|Platform2=GTEQ| "{0377880D-875F-4CF5-86D0-DAF7940F7057}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe|Name=ROGLiveService| "{8E92525D-D20A-4769-BBD9-E5D00BCB36F1}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe|Name=ROGLiveService| "{CAC1B368-EBF0-4D4B-8F39-D5F57EF243FE}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\qBittorrent\qbittorrent.exe|Name=qBittorrent| "{A52306CA-D26A-48D1-B46A-102AD54BA7AB}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\qBittorrent\qbittorrent.exe|Name=qBittorrent| "{92A57674-AC55-471C-BD03-F40EB1F91012}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Amazon Prime Video for Windows|Desc=Amazon Prime Video for Windows|LUOwn=S-1-5-21-1459843401-856262318-2992657480-1001|AppPkgId=S-1-15-2-951130048-154400821-2668953884-4264649864-3799061387-3195039707-3430880308|EmbedCtxt=Amazon Prime Video for Windows|Platform=2:6:2|Platform2=GTEQ| "{6CA1744F-F0B6-49A1-AC03-42DD810703D8}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=HP Smart|Desc=HP Smart|LUOwn=S-1-5-21-1459843401-856262318-2992657480-1001|AppPkgId=S-1-15-2-744533573-2444454674-265863901-3215465728-4115286053-1341080355-789689510|EmbedCtxt=HP Smart|Platform=2:6:2|Platform2=GTEQ| "{FA254FB3-9651-4DAD-8EDC-B48DF3F548A3}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=HP Smart|Desc=HP Smart|LUOwn=S-1-5-21-1459843401-856262318-2992657480-1001|AppPkgId=S-1-15-2-744533573-2444454674-265863901-3215465728-4115286053-1341080355-789689510|EmbedCtxt=HP Smart|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{84A9A697-329E-4F6C-BE04-8E1F26172DC9}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-1459843401-856262318-2992657480-1001|AppPkgId=S-1-15-2-1723189366-2159580849-2248400763-1481059666-1951766778-2756563051-3565589001|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ| "{C8864434-CD7A-478D-84C7-37EE858595F2}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe|Name=FrameworkService|Desc=FrameworkService| "{E6F524E8-7E9E-4254-98D0-9011FFE66810}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe|Name=ArmourySocketServer|Desc=ArmourySocketServer| "{7060AD71-67B0-45A1-B2EF-04D6BC452BAA}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe|Name=ArmouryHtmlDebugServer|Desc=ArmouryHtmlDebugServer| "{80876EE6-E987-431F-9E5D-797F328A2CC0}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox Game Bar|Desc=Xbox Game Bar|LUOwn=S-1-5-21-1459843401-856262318-2992657480-1001|AppPkgId=S-1-15-2-1714399563-1326177402-2048222277-143663168-2151391019-765408921-4098702777|EmbedCtxt=Xbox Game Bar|Platform=2:6:2|Platform2=GTEQ| "{A824D46F-C2F4-4058-9CED-15B8A96977D8}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox Game Bar|Desc=Xbox Game Bar|LUOwn=S-1-5-21-1459843401-856262318-2992657480-1001|AppPkgId=S-1-15-2-1714399563-1326177402-2048222277-143663168-2151391019-765408921-4098702777|EmbedCtxt=Xbox Game Bar|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{9BE7676F-1E0F-46DF-B528-A137D40E737D}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=MyASUS|Desc=MyASUS|LUOwn=S-1-5-21-1459843401-856262318-2992657480-1001|AppPkgId=S-1-15-2-2374383173-3186932240-168833321-563994408-811485301-4130872166-3127019498|EmbedCtxt=MyASUS|Platform=2:6:2|Platform2=GTEQ| "{20251990-1FE8-4E01-8A42-03A4D461D1A6}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=MyASUS|Desc=MyASUS|LUOwn=S-1-5-21-1459843401-856262318-2992657480-1001|AppPkgId=S-1-15-2-2374383173-3186932240-168833321-563994408-811485301-4130872166-3127019498|EmbedCtxt=MyASUS|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{AB242CB3-CAD1-4A32-86B7-B43F7710A6C5}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe|Name=ArmourySocketServer|Desc=ArmourySocketServer| "{B516D825-3A1A-4D56-A3E0-5235E8194DC8}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe|Name=ArmouryHtmlDebugServer|Desc=ArmouryHtmlDebugServer| "{6C5FD519-5A73-413F-B300-19F0AA3E9F3B}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe|Name=FrameworkService|Desc=FrameworkService| "{C4F612D9-D1A2-4D4C-BB4F-74CE2DA24100}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe|Name=Microsoft Edge (mDNS-In)|Desc=Règle de trafic entrant pour Microsoft Edge pour autoriser le trafic mDNS.|EmbedCtxt=Microsoft Edge| "{12AD96B1-9EE1-4D01-859D-9E1D4CA543F3}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=80|LPort=433|LPort=443|LPort=3478|LPort=3479|LPort=5060|LPort=5062|LPort=5222|LPort=6250|LPort2_10=12000-65000|Name=Epic Games Launcher| "{011A68BF-9398-42E3-85CE-D1EB712CE718}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\91.0.864.71\msedgewebview2.exe|Name=Microsoft Edge (mDNS-In)|Desc=Règle de trafic entrant pour Microsoft Edge pour autoriser le trafic mDNS.|EmbedCtxt=Microsoft Edge WebView2 Runtime| "{11B19780-73FE-4ED6-8E5C-4CD85C9CAEC3}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe|Name=Dropbox| "{B8B6FABD-4C7B-43C9-A80C-6120E33C10BC}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkRemote\AsusLinkRemoteAgent.exe|Name=AsusLinkRemoteAgent|Desc=| "{9941D262-C8E0-4729-A8F8-F5A994549BAB}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkRemote\AsusLinkRemoteAgent.exe|Name=AsusLinkRemoteAgent|Desc=| "{369D3560-C825-4389-9456-C3F52DD3F24A}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Private|Profile=Public|App=C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkNear\AsusLinkNear.exe|Name=AsusSync| "{639BE801-947A-4F43-AEC0-A8136D1CD697}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe|Name=AutoConnectHelper TCP|Desc=AutoConnectHelper TCP|Edge=TRUE| "{BEEF0A38-6169-4320-9368-936D6FEBE1E5}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files\ASUS\ARMOURY CRATE Service\MobilePlugin\AutoConnectHelper.exe|Name=AutoConnectHelper UDP|Desc=AutoConnectHelper UDP|Edge=TRUE| "{02D4DC98-24A2-4663-BF93-94CEECE99A9B}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome| ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{091bc97e-2352-4362-a539-10a6d8ff7596}] : (RDPDR) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760f-a5c8-4bfe-b314-d56a7b44a362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (SecurityAccelerator) [] -> @c_sslaccel.inf,%ClassName%;Security accelerators [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2db15374-706e-4131-a0c7-d7c78eb0289a}] : (SystemRecovery) [] -> @c_fssystemrecovery.inf,%ClassDesc%;FS System recovery filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163c566-d381-4467-87bc-a65a18d5b648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163c566-d381-4467-87bc-a65a18d5b649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3e3f0674-c83c-4558-bb26-9820e1eba5c5}] : (ContentScreener) [] -> @c_fscontentscreener.inf,%ClassDesc%;FS Content screener filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @c_mcx.inf,%ClassDesc%;Media Center Extenders [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48d3ebc4-4cf8-48ff-b869-9c68ad42eb9f}] : (Replication) [] -> @c_fsreplication.inf,%ClassDesc%;FS Replication filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @c_diskdrive.inf,%ClassDesc%;Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @c_display.inf,%ClassDesc%;Display adapters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (FDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (HDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @c_media.inf,%ClassDesc%;Sound, video and game controllers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4fc9541c-0fe6-4480-a4f6-9495a0d17cd2}] : (HidLineDisplay) [] -> @c_linedisplay.inf,%ClassName%;POS Line Display [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53487c23-680f-4585-acc3-1f10d6777e82}] : (SmrDisk) [] -> @c_smrdisk.inf,%ClassDesc%;Shingled magnetic recording disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53966cb1-4d46-4166-bf23-c522403cd495}] : (ScmDisk) [] -> @c_scmdisk.inf,%ClassDesc%;Persistent memory disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53b3cf03-8f5a-4788-91b6-d19ed9fcccbf}] : (SmrVolume) [] -> @c_smrvolume.inf,%ClassDesc%;Shingled magnetic recording volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53ccb149-e543-4c84-b6e0-bce4f6b7e806}] : (ScmVolume) [] -> @c_scmvolume.inf,%ClassDesc%;Storage Class Memory volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5989fce8-9cd0-467d-8a6a-5419e31529d4}] : (AudioProcessingObject) [] -> @c_apo.inf,%ClassDesc%;Audio Processing Objects (APOs) [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5aea001d-9372-4ed7-97f3-b79bf15a53c5}] : (OposLegacyDevice) [] -> @oposdrv.inf,%ClassName%;OPOS Legacy Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5c4c3332-344d-483c-8739-259e934c9cc8}] : (SoftwareComponent) [] -> @c_swcomponent.inf,%ClassDesc%;Software components [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5d1b9aaa-01e2-46af-849f-272b3f324c46}] : (FSFilterSystem) [] -> @c_fssystem.inf,%ClassDesc%;FS System filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{645ad99b-1344-4316-837a-08a3e73db222}] : (PerceptionSimulation) [] -> @PerceptionSimulationSixDof.inf,%ClassName%;Perception Simulation Controllers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6a0a8e78-bba6-4fc4-a709-1e33cd09d67e}] : (PhysicalQuotaManagement) [] -> @c_fsphysicalquotamgmt.inf,%ClassDesc%;FS Physical quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6fae73b7-b735-4b50-a0da-0dc2484b1f1a}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @c_volume.inf,%ClassDesc%;Storage volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71aa14f8-6fad-4622-ad77-92bb9d7e6947}] : (ContinuousBackup) [] -> @c_fscontinuousbackup.inf,%ClassDesc%;FS Continuous backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{81c87465-de07-4efc-9d93-61e891d52fd2}] : (RdpVideoMiniport) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8503c911-a6c7-4919-8f79-5028f5866b0c}] : (QuotaManagement) [] -> @c_fsquotamgmt.inf,%ClassDesc%;FS Quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87ef9ad1-8f70-49ee-b215-ab1fcadcbe3c}] : (NetDriver) [] -> @c_netdriver.inf,%ClassDesc%;Universal Network Drivers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{89786ff1-9c12-402f-9c9e-17753c7f4375}] : (CopyProtection) [] -> @c_fscopyprotection.inf,%ClassDesc%;FS Copy protection filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a701c0-a511-42ff-aa6c-06dc0395576f}] : (Encryption) [] -> @c_fsencryption.inf,%ClassDesc%;FS Encryption filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a3e32dba-ba89-4f17-8386-2d0127fbd4cc}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a73c93f1-9727-4d1d-ace1-0e333ba4e7db}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a8ba2d1f-894f-464a-b0ce-7a0c8fd65df1}] : (ViGEmBus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{aa018edf-4915-415e-9c17-d7ebec8917d2}] : (NvModuleTracker) [] -> @oem12.inf,%ClassName%;NvModuleTracker [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b1d1a169-c54f-4379-81db-bee7d88d7454}] : (AntiVirus) [] -> @c_fsantivirus.inf,%ClassDesc%;FS Anti-virus filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b2728d24-ac56-42db-9e02-8edaf5db652f}] : (RDCamera) [] -> @rdcameradriver.inf,%ClassName%;Remote Desktop Camera devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b86dff51-a31e-4bac-b3cf-e8cfe75c9fc2}] : (ActivityMonitor) [] -> @c_fsactivitymonitor.inf,%ClassDesc%;FS Activity monitor filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ca3e7ab9-b4c3-4ae6-8251-579ef933890f}] : (Camera) [] -> @c_camera.inf,%ClassDesc%;Cameras [HKLM\SYSTEM\CurrentControlSet\Control\Class\{cc41eba2-ab57-4f4e-8c3d-1bc33b1e74e3}] : (RDPDR) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{cdcf0939-b75b-4630-bf76-80f7ba655884}] : (CFSMetadataServer) [] -> @c_fscfsmetadataserver.inf,%ClassDesc%;FS CFS metadata server filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d02bc3da-0c8e-4945-9bd5-f1883c226c8c}] : (SecurityEnhancer) [] -> @c_fssecurityenhancer.inf,%ClassDesc%;FS Security enhancer filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d546500a-2aeb-45f6-9482-f4b1799c3177}] : (HSM) [] -> @c_fshsm.inf,%ClassDesc%;FS HSM filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d612553d-06b1-49ca-8938-e39ef80eb16f}] : (Holographic) [] -> @c_holographic.inf,%ClassName%;Mixed Reality devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e55fa6f9-128c-4d04-abab-630c74b1453a}] : (Infrastructure) [] -> @c_fsinfrastructure.inf,%ClassDesc%;FS Infrastructure filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e6f1aa1c-7f3b-4473-b2e8-c97d8ac71d53}] : (UCM) [] -> @c_ucm.inf,%ClassDesc%;USB Connector Managers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ecfb0cfd-74c4-4f52-bbf7-343461cd72ac}] : (libusbk devices) [] -> libusbK USB Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f01a9d53-3ff6-48d2-9f97-c8a7004be10c}] : (ComputeAccelerator) [] -> @c_computeaccelerator.inf,%ClassDesc%;Compute accelerators [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f3586baf-b5aa-49b5-8d6c-0569284c639f}] : (Compression) [] -> @c_fscompression.inf,%ClassDesc%;FS Compression filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f75a86c0-10d8-4c3a-b233-ed60e4cdfaac}] : (Virtualization) [] -> @c_fsvirtualization.inf,%ClassDesc%;FS Virtualization filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f8ecafa6-66d1-41a5-899b-66585d7216b7}] : (OpenFileBackup) [] -> @c_fsopenfilebackup.inf,%ClassDesc%;FS Open file backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{fe8f1572-c67a-48c0-bbac-0b5c6d66cafb}] : (Undelete) [] -> @c_fsundelete.inf,%ClassDesc%;FS Undelete filters [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [12/04/2021 11:01:40] - (2.7.4.0) - (AO Kaspersky Lab - Kaspersky Lab Anti-Rootkit Monitor Driver) - C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [19/02/2021 21:08:52] - (30.587.0.170) - (AO Kaspersky Lab - Cryptographic Module Driver x86 (56 bit)) - C:\WINDOWS\system32\DRIVERS\cm_km.sys [12/04/2021 11:01:40] - (11.7.3.0) - (AO Kaspersky Lab - Kaspersky Lab Boot Guard Driver) - C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [19/02/2021 21:08:52] - (30.587.0.170) - (AO Kaspersky Lab - Backup Disk Filter [fre_win7_x64]) - C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [19/02/2021 21:08:56] - (30.587.0.1060) - (AO Kaspersky Lab - Filter Core [fre_win7_x64]) - C:\WINDOWS\system32\DRIVERS\klflt.sys [19/02/2021 21:08:54] - (30.587.0.810) - (AO Kaspersky Lab - Backup File Filter [fre_win7_x64]) - C:\WINDOWS\system32\DRIVERS\klbackupflt.sys [19/02/2021 21:08:56] - (30.587.0.1060) - (AO Kaspersky Lab - Core System Interceptors [fre_win7_x64]) - C:\WINDOWS\system32\DRIVERS\klif.sys [08/05/2021 18:05:06] - (20.7.26.0) - (AO Kaspersky Lab - klhk [fre_win7_x64]) - C:\WINDOWS\system32\DRIVERS\klhk.sys [08/05/2021 18:05:06] - (20.7.18.0) - (AO Kaspersky Lab - Security Extender [fre_win7_x64]) - C:\WINDOWS\system32\DRIVERS\klgse.sys [19/02/2021 21:08:58] - (30.587.0.170) - (AO Kaspersky Lab - Format Recognizer [fre_win7_x64]) - C:\WINDOWS\system32\DRIVERS\klpd.sys [19/02/2021 21:08:54] - (30.587.0.170) - (AO Kaspersky Lab - Virtual Disk [fre_win7_x64]) - C:\WINDOWS\system32\DRIVERS\kldisk.sys [27/06/2021 02:41:41] - (0.0.0.0) - ( -) - C:\WINDOWS\System32\Drivers\CimFS.SYS [19/02/2021 21:09:00] - (30.587.0.170) - (AO Kaspersky Lab - WFP Network Filter [fre_win7_x64]) - C:\WINDOWS\system32\DRIVERS\klwfp.sys [19/02/2021 21:09:00] - (30.587.0.590) - (AO Kaspersky Lab - WFP Network Connection Filter Driver [fre_win7_x64]) - C:\WINDOWS\system32\DRIVERS\klwtp.sys [19/02/2021 21:08:56] - (30.587.0.930) - (AO Kaspersky Lab - Packet Network Filter [fre_win7_x64]) - C:\WINDOWS\system32\DRIVERS\klim6.sys [17/06/2021 10:32:46] - (30.587.0.1260) - (AO Kaspersky Lab - Generic PnP filter [fre_win7_x64]) - C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [19/02/2021 21:09:02] - (30.587.0.460) - (AO Kaspersky Lab - Network Processor [fre_win7_x64]) - C:\WINDOWS\system32\DRIVERS\kneps.sys [14/07/2021 19:07:53] - (2.1.9.0) - (ASUSTeK COMPUTER INC. - ASUS WMIACPI driver) - C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSOptimization\atkwmiacpi64.sys [14/07/2021 19:07:53] - (1.0.4.0) - (ASUSTeK COMPUTER INC. - ASUSSAIO) - C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\ASUSSAIO.sys [22/10/2020 00:12:00] - (9.0.0.22) - (The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6.0)) - C:\WINDOWS\System32\drivers\kltap.sys [19/07/2021 16:50:58] - (30.0.14.7141) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 471.41) - C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_743149b233106e87\nvlddmkm.sys [19/02/2021 21:08:58] - (30.587.0.170) - (AO Kaspersky Lab - Keyboard Device Filter [fre_win7_x64]) - C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [19/11/2020 02:02:54] - (1.0.0.12) - (ASUS - ASUS Wireless Radio Control) - C:\WINDOWS\System32\drivers\AsRadioControl.sys [04/03/2021 09:42:58] - (4.13.0.0) - (NVIDIA Corporation - NVIDIA Virtual Audio Driver) - C:\WINDOWS\system32\drivers\nvvad64v.sys [22/06/2021 18:18:12] - (304.0.0.0) - (NVIDIA Corporation - Virtual USB Host Controller driver) - C:\WINDOWS\System32\drivers\nvvhci.sys [19/04/2021 02:14:43] - (100.0.0.0) - (NVIDIA Corporation - Process and module monitoring driver) - C:\WINDOWS\System32\drivers\NvModuleTracker.sys [26/01/2021 03:41:25] - (1.0.0.103) - (Scarlet.Crush Productions - Scp Virtual Bus Driver) - C:\WINDOWS\System32\drivers\ScpVBus.sys [31/12/2020 15:31:15] - (5.28.0.0) - (Disc Soft Ltd - DAEMON Tools Pro Virtual SCSI Bus Driver) - C:\WINDOWS\System32\drivers\dtproscsibus.sys [19/02/2021 21:08:58] - (30.587.0.170) - (AO Kaspersky Lab - Mouse Device Filter [fre_win7_x64]) - C:\WINDOWS\system32\DRIVERS\klmouflt.sys [28/12/2020 21:45:45] - (11.0.0.25) - (ASUSTek COMPUTER INC. - Asus PTP Filter Driver (x64)) - C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [11/06/2021 17:39:45] - (1.3.38.60) - (NVIDIA Corporation - NVIDIA HDMI Audio Driver) - C:\WINDOWS\system32\drivers\nvhda64v.sys [17/03/2021 15:04:43] - (2.1.24.17012) - (Bluestack System Inc. - Bluestacks Support Driver) - C:\Program Files\BlueStacks\BstkDrv_bgp.sys [12/04/2021 11:01:40] - (6.6.3.0) - (AO Kaspersky Lab - Kaspersky Lab Anti-Rootkit Memory Driver) - C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [18/07/2021 01:27:09] - (14.0.0.1) - (IObit - AscFileFilter) - C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [18/07/2021 01:27:09] - (13.0.7.15) - (IObit - AscRegistryFilter) - C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [12/04/2021 11:02:40] - (4.7.3.0) - (AO Kaspersky Lab - Kaspersky Lab Anti-Rootkit) - C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service S0 - [Kernel Driver] - 3ware (3ware) -> C:\WINDOWS\system32\drivers\3ware.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - ACPI (Pilote ACPI Microsoft) -> C:\WINDOWS\system32\drivers\ACPI.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> C:\WINDOWS\system32\Drivers\acpiex.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - ADP80XX (ADP80XX) -> C:\WINDOWS\system32\drivers\ADP80XX.SYS - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - amdpsp (AMD PSP Service) -> C:\WINDOWS\system32\drivers\amdpsp.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - amdsata (amdsata) -> C:\WINDOWS\system32\drivers\amdsata.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - amdsbs (amdsbs) -> C:\WINDOWS\system32\drivers\amdsbs.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - amdxata (amdxata) -> C:\WINDOWS\system32\drivers\amdxata.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - amd_sata (amd_sata) -> C:\WINDOWS\system32\drivers\amd_sata.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - amd_xata (amd_xata) -> C:\WINDOWS\system32\drivers\amd_xata.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - arcsas (Pilote miniport Storport Adaptec SAS/SATA-II RAID) -> C:\WINDOWS\system32\drivers\arcsas.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - atapi (Canal IDE) -> C:\WINDOWS\system32\drivers\atapi.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - b06bdrv (Carte réseau QLogic VBD) -> C:\WINDOWS\system32\drivers\bxvbda.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - bttflt (Filtre Microsoft Hyper-V VHDPMEM BTT) -> C:\WINDOWS\system32\drivers\bttflt.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - cht4iscsi (cht4iscsi) -> C:\WINDOWS\system32\drivers\cht4sx64.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - CLFS (Common Log (CLFS)) -> C:\WINDOWS\system32\drivers\CLFS.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - cm_km (AO Kaspersky Lab Cryptographic Module x64 (56 bit)) -> C:\WINDOWS\system32\DRIVERS\cm_km.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - CNG (CNG) -> C:\WINDOWS\system32\Drivers\cng.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - disk (Pilote de disque) -> C:\WINDOWS\system32\drivers\disk.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - ebdrv (Carte QLogic 10 Gigabit Ethernet VBD) -> C:\WINDOWS\system32\drivers\evbda.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - EhStorClass (Enhanced Storage Filter Driver) -> C:\WINDOWS\system32\drivers\EhStorClass.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - EhStorTcgDrv (Pilote Microsoft pour dispositif de stockage prenant en charge les protocoles IEEE 1667 et TCG) -> C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [File System Driver] - FileInfo (File Information FS MiniFilter) -> C:\WINDOWS\system32\drivers\fileinfo.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [File System Driver] - FltMgr (FltMgr) -> C:\WINDOWS\system32\drivers\fltmgr.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - fvevol (Pilote de filtre de chiffrement de lecteur BitLocker) -> C:\WINDOWS\system32\DRIVERS\fvevol.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - HpSAMD (HpSAMD) -> C:\WINDOWS\system32\drivers\HpSAMD.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - hwpolicy (Hardware Policy Driver) -> C:\WINDOWS\system32\drivers\hwpolicy.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - iaStorAVC (Contrôleur RAID SATA de circuit microprogrammé Intel) -> C:\WINDOWS\system32\drivers\iaStorAVC.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - iaStorV (Contrôleur RAID Intel Windows 7) -> C:\WINDOWS\system32\drivers\iaStorV.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - intelide (intelide) -> C:\WINDOWS\system32\drivers\intelide.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - intelpep (Pilote de plug-in du moteur d’alimentation Intel(R)) -> C:\WINDOWS\system32\drivers\intelpep.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - iorate (Pilote du filtre du taux d’E/S du disque) -> C:\WINDOWS\system32\drivers\iorate.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - isapnp (isapnp) -> C:\WINDOWS\system32\drivers\isapnp.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - ItSas35i (ItSas35i) -> C:\WINDOWS\system32\drivers\ItSas35i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - klelam (klelam) -> C:\WINDOWS\system32\DRIVERS\klelam.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - klupd_klif_arkmon (klupd_klif_arkmon) -> C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - klupd_klif_klbg (klupd_klif_klbg) -> C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - KSecDD (KSecDD) -> C:\WINDOWS\system32\Drivers\ksecdd.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - KSecPkg (KSecPkg) -> C:\WINDOWS\system32\Drivers\ksecpkg.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - LSI_SAS (LSI_SAS) -> C:\WINDOWS\system32\drivers\lsi_sas.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - LSI_SAS2i (LSI_SAS2i) -> C:\WINDOWS\system32\drivers\lsi_sas2i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - LSI_SAS3i (LSI_SAS3i) -> C:\WINDOWS\system32\drivers\lsi_sas3i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - LSI_SSS (LSI_SSS) -> C:\WINDOWS\system32\drivers\lsi_sss.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - megasas (megasas) -> C:\WINDOWS\system32\drivers\megasas.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - megasas2i (megasas2i) -> C:\WINDOWS\system32\drivers\MegaSas2i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - megasas35i (megasas35i) -> C:\WINDOWS\system32\drivers\megasas35i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - megasr (megasr) -> C:\WINDOWS\system32\drivers\megasr.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - mountmgr (Gestionnaire des points de montage) -> C:\WINDOWS\system32\drivers\mountmgr.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - msisadrv (msisadrv) -> C:\WINDOWS\system32\drivers\msisadrv.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [File System Driver] - Mup (Mup) -> C:\WINDOWS\system32\Drivers\mup.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - mvumis (mvumis) -> C:\WINDOWS\system32\drivers\mvumis.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - NDIS (Pilote système NDIS) -> C:\WINDOWS\system32\drivers\ndis.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - nvdimm (Pilote de périphérique NVDIMM Microsoft) -> C:\WINDOWS\system32\drivers\nvdimm.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - nvraid (nvraid) -> C:\WINDOWS\system32\drivers\nvraid.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - nvstor (nvstor) -> C:\WINDOWS\system32\drivers\nvstor.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - partmgr (Gestionnaire de partitions) -> C:\WINDOWS\system32\drivers\partmgr.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - pci (Pilote de bus PCI) -> C:\WINDOWS\system32\drivers\pci.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - pciide (pciide) -> C:\WINDOWS\system32\drivers\pciide.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - pcmcia (pcmcia) -> C:\WINDOWS\system32\drivers\pcmcia.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> C:\WINDOWS\system32\drivers\pcw.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - pdc (CDP) -> C:\WINDOWS\system32\drivers\pdc.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - percsas2i (percsas2i) -> C:\WINDOWS\system32\drivers\percsas2i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - percsas3i (percsas3i) -> C:\WINDOWS\system32\drivers\percsas3i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - pmem (Pilote de disque de mémoire persistante Microsoft) -> C:\WINDOWS\system32\drivers\pmem.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - Ramdisk (Windows RAM Disk Driver) -> C:\WINDOWS\system32\DRIVERS\ramdisk.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> C:\WINDOWS\system32\drivers\rdyboost.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - sbp2port (Pilote de bus de transport/protocole SBP-2) -> C:\WINDOWS\system32\drivers\sbp2port.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - scmbus (Pilote de bus de mémoire de classe stockage Microsoft) -> C:\WINDOWS\system32\drivers\scmbus.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - SgrmAgent (System Guard Runtime Monitor Agent) -> C:\WINDOWS\system32\drivers\SgrmAgent.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - SiSRaid2 (SiSRaid2) -> C:\WINDOWS\system32\drivers\SiSRaid2.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - SiSRaid4 (SiSRaid4) -> C:\WINDOWS\system32\drivers\sisraid4.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - SmartSAMD (SmartSAMD) -> C:\WINDOWS\system32\drivers\SmartSAMD.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - spaceport (Pilote des espaces de stockage) -> C:\WINDOWS\system32\drivers\spaceport.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - stexstor (stexstor) -> C:\WINDOWS\system32\drivers\stexstor.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - storahci (Lecteur AHCI SATA Microsoft standard) -> C:\WINDOWS\system32\drivers\storahci.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - storflt (Accélérateur de stockage Microsoft Hyper-V) -> C:\WINDOWS\system32\drivers\vmstorfl.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - stornvme (Pilote NVM Express standard de Microsoft) -> C:\WINDOWS\system32\drivers\stornvme.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - storufs (Pilote Universal Flash Storage (UFS) Microsoft) -> C:\WINDOWS\system32\drivers\storufs.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - storvsc (storvsc) -> C:\WINDOWS\system32\drivers\storvsc.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - Tcpip (Pilote pour protocole TCP/IP) -> C:\WINDOWS\system32\drivers\tcpip.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - Telemetry (Service de télémétrie Intel(R)) -> C:\WINDOWS\system32\drivers\IntelTA.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - vdrvroot (Énumérateur de lecteur virtuel Microsoft) -> C:\WINDOWS\system32\drivers\vdrvroot.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - vmbus (Bus VMBus) -> C:\WINDOWS\system32\drivers\vmbus.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - volmgr (Pilote du gestionnaire de volumes) -> C:\WINDOWS\system32\drivers\volmgr.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - volmgrx (Gestionnaire de volumes dynamiques) -> C:\WINDOWS\system32\drivers\volmgrx.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - volsnap (Pilote de cliché instantané du volume) -> C:\WINDOWS\system32\drivers\volsnap.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - volume (Pilote de volume) -> C:\WINDOWS\system32\drivers\volume.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - vpci (Bus PCI virtuel Microsoft Hyper-V) -> C:\WINDOWS\system32\drivers\vpci.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - vsmraid (vsmraid) -> C:\WINDOWS\system32\drivers\vsmraid.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - VSTXRAID (Pilote Windows du contrôleur RAID de stockage VIA StorX) -> C:\WINDOWS\system32\drivers\vstxraid.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - Wdf01000 (Service Infrastructure de pilote en mode noyau) -> C:\WINDOWS\system32\drivers\Wdf01000.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - WFPLWFS (Plateforme de filtrage Microsoft Windows) -> C:\WINDOWS\system32\drivers\wfplwfs.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - WindowsTrustedRTProxy (Service sécurisé d'exécution approuvée Microsoft Windows) -> C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [File System Driver] - Wof (Windows Overlay File System Filter Driver) -> C:\WINDOWS\system32\drivers\Wof.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - AFD (Pilote de fonction connexe pour Winsock) -> C:\WINDOWS\system32\drivers\afd.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - afunix (afunix) -> C:\WINDOWS\system32\drivers\afunix.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - ahcache (Application Compatibility Cache) -> C:\WINDOWS\system32\DRIVERS\ahcache.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - ASUSSAIO (ASUS System Analysis Driver) -> C:\WINDOWS\system32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\ASUSSAIO.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - ATKWMIACPIIO (ATKWMIACPI Driver) -> C:\WINDOWS\system32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSOptimization\atkwmiacpi64.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - bam (Background Activity Moderator Driver) -> C:\WINDOWS\system32\drivers\bam.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - BasicDisplay (BasicDisplay) -> C:\WINDOWS\system32\DriverStore\FileRepository\basicdisplay.inf_amd64_65ab9a260dbf7467\BasicDisplay.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - BasicRender (BasicRender) -> C:\WINDOWS\system32\DriverStore\FileRepository\basicrender.inf_amd64_df49c4daa6251397\BasicRender.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - Beep (Beep) -> C:\WINDOWS\system32\drivers\Beep.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - cdrom (Pilote de CD-ROM) -> C:\WINDOWS\system32\drivers\cdrom.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - CimFS (CimFS) -> C:\WINDOWS\system32\drivers\CimFS.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S1 - [Kernel Driver] - dam (Desktop Activity Moderator Driver) -> C:\WINDOWS\system32\drivers\dam.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R1 - [File System Driver] - Dfsc (Pilote du client de l’espace de noms DFS) -> C:\WINDOWS\system32\Drivers\dfsc.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - DXGKrnl (LDDM Graphics Subsystem) -> C:\WINDOWS\system32\drivers\dxgkrnl.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - ESProtectionDriver (Malwarebytes Anti-Exploit) -> \??\C:\WINDOWS\system32\drivers\mbae64.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - FileCrypt (FileCrypt) -> C:\WINDOWS\system32\drivers\filecrypt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - GpuEnergyDrv (GPU Energy Driver) -> C:\WINDOWS\system32\drivers\gpuenergydrv.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - klbackupdisk (Kaspersky Lab klbackupdisk) -> C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - klbackupflt (Kaspersky Lab klbackupflt) -> C:\WINDOWS\system32\DRIVERS\klbackupflt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - kldisk (kldisk) -> C:\WINDOWS\system32\DRIVERS\kldisk.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - klflt (Kaspersky Lab Kernel DLL) -> C:\WINDOWS\system32\DRIVERS\klflt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - klgse (Kaspersky Lab Security Extender Driver) -> C:\WINDOWS\system32\DRIVERS\klgse.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - klhk (Kaspersky Lab service driver) -> C:\WINDOWS\system32\DRIVERS\klhk.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - KLIF (Kaspersky Lab Driver) -> C:\WINDOWS\system32\DRIVERS\klif.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - klim6 (Kaspersky Anti-Virus NDIS 6 Filter) -> C:\WINDOWS\system32\DRIVERS\klim6.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - klpd (Kaspersky Lab format recognizer driver) -> C:\WINDOWS\system32\DRIVERS\klpd.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - klpnpflt (Kaspersky Lab klpnpflt) -> C:\WINDOWS\system32\DRIVERS\klpnpflt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - klwfp (klwfp) -> C:\WINDOWS\system32\DRIVERS\klwfp.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - klwtp (KLwtp - WFP callout traffic inspector) -> C:\WINDOWS\system32\DRIVERS\klwtp.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - kneps (kneps) -> C:\WINDOWS\system32\DRIVERS\kneps.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - Msfs (Msfs) -> C:\WINDOWS\system32\drivers\Msfs.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - mssmbios (Microsoft System Management BIOS Driver) -> C:\WINDOWS\system32\drivers\mssmbios.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - NdisCap (Capture NDIS Microsoft) -> C:\WINDOWS\system32\drivers\ndiscap.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - NetBIOS (NetBIOS Interface) -> C:\WINDOWS\system32\drivers\netbios.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - NetBT (NetBT) -> C:\WINDOWS\system32\DRIVERS\netbt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - Npfs (Npfs) -> C:\WINDOWS\system32\drivers\Npfs.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - npsvctrig (Named pipe service trigger provider) -> C:\WINDOWS\system32\drivers\npsvctrig.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - nsiproxy (NSI Proxy Service Driver) -> C:\WINDOWS\system32\drivers\nsiproxy.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - Null (Null) -> C:\WINDOWS\system32\drivers\Null.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - Psched (Planificateur de paquets QoS) -> C:\WINDOWS\system32\drivers\pacer.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - rdbss (Sous-système de mise en mémoire tampon redirigée) -> C:\WINDOWS\system32\DRIVERS\rdbss.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - tdx (Pilote de prise en charge TDI héritée NetIO) -> C:\WINDOWS\system32\DRIVERS\tdx.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - Vid (Vid) -> C:\WINDOWS\system32\drivers\Vid.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - vwififlt (Virtual WiFi Filter Driver) -> C:\WINDOWS\system32\drivers\vwififlt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [File System Driver] - bindflt (Windows Bind Filter Driver) -> C:\WINDOWS\system32\drivers\bindflt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - BlueStacksDrv (BlueStacks Hypervisor) -> \??\C:\Program Files\BlueStacks\BstkDrv_bgp.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - AdvancedSystemCareService14 (Advanced SystemCare Service 14) -> "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe" - AcceptPause : True - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - AMD External Events Utility (AMD External Events Utility) -> C:\WINDOWS\System32\DriverStore\FileRepository\u0361708.inf_amd64_7de6b99937f60751\B358199\atiesrxx.exe - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - ArmouryCrateService (ARMOURY CRATE Service) -> "C:\Program Files\ASUS\ARMOURY CRATE Service\ArmouryCrate.Service.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False S2 - [Own Process] - asus (ASUS Update Service (asus)) -> "C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe" /svc - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Own Process] - ASUSLinkNear (ASUS Link Near) -> C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkNear\AsusLinkNear.exe - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - ASUSLinkNearExt (ASUS Link Near Extension) -> C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkNear\AsusLinkNearExt.exe - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - ASUSLinkRemote (ASUS Link Remote) -> C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSLinkRemote\AsusLinkRemote.exe - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - ASUSOptimization (ASUS Optimization) -> C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSOptimization\AsusOptimization.exe - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - ASUSSoftwareManager (ASUS Software Manager) -> C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSoftwareManager\AsusSoftwareManager.exe - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - ASUSSystemAnalysis (ASUS System Analysis) -> C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemAnalysis\AsusSystemAnalysis.exe - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - ASUSSystemDiagnosis (ASUS System Diagnosis) -> C:\WINDOWS\System32\DriverStore\FileRepository\asussci2.inf_amd64_0ec822756ef2f7a9\ASUSSystemDiagnosis\AsusSystemDiagnosis.exe - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - AudioEndpointBuilder (Générateur de points de terminaison du service Audio Windows) -> C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - Audiosrv (Audio Windows) -> C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - AVP21.3 (Kaspersky Anti-Virus Service 21.3) -> "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe" -r - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - BFE (Moteur de filtrage de base) -> C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - BrokerInfrastructure (Service d’infrastructure des tâches en arrière-plan) -> C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - CDPSvc (Service de plateforme des appareils connectés) -> C:\WINDOWS\system32\svchost.exe -k LocalService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - ClickToRunSvc (Microsoft Office Click-to-Run Service) -> "C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - CoreMessagingRegistrar (CoreMessaging) -> C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - CryptSvc (Services de chiffrement) -> C:\WINDOWS\system32\svchost.exe -k NetworkService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False S2 - [Own Process] - dbupdate (Service Mise à jour Dropbox (dbupdate)) -> "C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /svc - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [File System Driver] - CldFlt (Windows Cloud Files Filter Driver) -> C:\WINDOWS\system32\drivers\cldflt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - DbxSvc (DbxSvc) -> C:\WINDOWS\system32\DbxSvc.exe - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - DcomLaunch (Lanceur de processus serveur DCOM) -> C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - Dhcp (Client DHCP) -> C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - DispBrokerDesktopSvc (Service de stratégie d'affichage) -> C:\WINDOWS\system32\svchost.exe -k LocalService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - Dnscache (Client DNS) -> C:\WINDOWS\system32\svchost.exe -k NetworkService -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - DPS (Service de stratégie de diagnostic) -> C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - Ds3Service (SCP DSx Service) -> "C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - DTSAPO3Service (DTS APO3 Service) -> C:\WINDOWS\System32\DTS\PC\APO3x\DTSAPO3Service.exe - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - DusmSvc (Consommation des données) -> C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False S2 - [Own Process] - edgeupdate (Service Mise à jour de Microsoft Edge (edgeupdate)) -> "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - EventLog (Journal d’événements Windows) -> C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - EventSystem (Système d’événement COM+) -> C:\WINDOWS\system32\svchost.exe -k LocalService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - FontCache (Service de cache de police Windows) -> C:\WINDOWS\system32\svchost.exe -k LocalService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - lltdio (Pilote E/S de mappage de découverte de topologie de la couche de liaison) -> C:\WINDOWS\system32\drivers\lltdio.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [File System Driver] - luafv (Virtualisation de fichier UAC) -> C:\WINDOWS\system32\drivers\luafv.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - MMCSS (Multimedia Class Scheduler) -> C:\WINDOWS\system32\drivers\mmcss.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - MsLldp (Protocole LLDP (Link Layer Discovery Protocol) Microsoft) -> C:\WINDOWS\system32\drivers\mslldp.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - Ndu (Windows Network Data Usage Monitoring Driver) -> C:\WINDOWS\system32\drivers\Ndu.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Unknown] - GamingServices (Gaming Services) -> C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17003.0_x64__8wekyb3d8bbwe\GamingServices.exe - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Unknown] - GamingServicesNet (Gaming Services) -> C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17003.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - gpsvc (Client de stratégie de groupe) -> C:\WINDOWS\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False S2 - [Own Process] - gupdate (Service Google Update (gupdate)) -> "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - IKEEXT (Modules de génération de clés IKE et AuthIP) -> C:\WINDOWS\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - ImControllerService (System Interface Foundation Service) -> C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - iphlpsvc (Assistance IP) -> C:\WINDOWS\System32\svchost.exe -k NetSvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - KSDE5.3 (Kaspersky VPN Secure Connection Service 5.3) -> "C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe" -r - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - LanmanServer (Serveur) -> C:\WINDOWS\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - LanmanWorkstation (Station de travail) -> C:\WINDOWS\System32\svchost.exe -k NetworkService -p - AcceptPause : True - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - LenovoVantageService (LenovoVantageService) -> "C:\Program Files (x86)\Lenovo\VantageService\3.7.19.0\LenovoVantageService.exe" - AcceptPause : True - AcceptStop : True - DesktopInteract : True R2 - [Own Process] - LightingService (LightingService) -> "C:\Program Files (x86)\LightingService\LightingService.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - LSM (Gestionnaire de session locale) -> C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False S2 - [Own Process] - MapsBroker (Gestionnaire des cartes téléchargées) -> C:\WINDOWS\System32\svchost.exe -k NetworkService -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - mpssvc (Pare-feu Windows Defender) -> C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> C:\WINDOWS\system32\drivers\peauth.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - rspndr (Répondeur de découverte de la topologie de la couche de liaison) -> C:\WINDOWS\system32\drivers\rspndr.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [File System Driver] - storqosflt (Pilote de filtre de qualité de service de stockage) -> C:\WINDOWS\system32\drivers\storqosflt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> C:\WINDOWS\system32\drivers\tcpipreg.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - NlaSvc (Connaissance des emplacements réseau) -> C:\WINDOWS\System32\svchost.exe -k NetworkService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - nsi (Service Interface du magasin réseau) -> C:\WINDOWS\system32\svchost.exe -k LocalService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - NvContainerLocalSystem (NVIDIA LocalSystem Container) -> "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - NVDisplay.ContainerLocalSystem (NVIDIA Display Container LS) -> C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_743149b233106e87\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_743149b233106e87\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - Parsec (Parsec) -> "C:\Program Files\Parsec\pservice.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : True R2 - [Share Process] - Power (Alimentation) -> C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - ProfSvc (Service de profil utilisateur) -> C:\WINDOWS\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - RasMan (Gestionnaire des connexions d’accès à distance) -> C:\WINDOWS\System32\svchost.exe -k netsvcs - AcceptPause : False - AcceptStop : True - DesktopInteract : False S2 - [Own Process] - RefreshRateService (Service for Panel OverDrive , if this service stop, can't use OverDrive feature) -> "C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe" - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [File System Driver] - wcifs (Windows Container Isolation) -> C:\WINDOWS\system32\drivers\wcifs.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - RmSvc (Service de gestion radio) -> C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - ROG Live Service (ROG Live Service) -> "C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - RpcEptMapper (Mappeur de point de terminaison RPC) -> C:\WINDOWS\system32\svchost.exe -k RPCSS -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - RpcSs (Appel de procédure distante (RPC)) -> C:\WINDOWS\system32\svchost.exe -k rpcss -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Own Process] - RtkAudioUniversalService (Realtek Audio Universal Service) -> "C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c759ff49aef8a7cf\RtkAudUService64.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False S2 - [Own Process] - RtkBtManServ (Realtek Bluetooth Device Manager Service) -> C:\WINDOWS\RtkBtManServ.exe - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - SamSs (Gestionnaire de comptes de sécurité) -> C:\WINDOWS\system32\lsass.exe - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - Schedule (Planificateur de tâches) -> C:\WINDOWS\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - SENS (Service de notification d’événements système) -> C:\WINDOWS\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - SgrmBroker (Service Broker du moniteur d'exécution System Guard) -> C:\WINDOWS\system32\SgrmBroker.exe - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - ShellHWDetection (Détection matériel noyau) -> C:\WINDOWS\System32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - Spooler (Spouleur d’impression) -> C:\WINDOWS\System32\spoolsv.exe - AcceptPause : False - AcceptStop : True - DesktopInteract : True S2 - [Own Process] - sppsvc (Protection logicielle) -> C:\WINDOWS\system32\sppsvc.exe - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Own Process] - stisvc (Acquisition d’image Windows (WIA)) -> C:\WINDOWS\system32\svchost.exe -k imgsvc - AcceptPause : True - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - StorSvc (Service de stockage) -> C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - SysMain (SysMain) -> C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - SystemEventsBroker (Service Broker des événements système) -> C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - Themes (Thèmes) -> C:\WINDOWS\System32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - TrkWks (Client de suivi de lien distribué) -> C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - UserManager (Gestionnaire des utilisateurs) -> C:\WINDOWS\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - UsoSvc (Mettre à jour le service Orchestrator) -> C:\WINDOWS\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - Wcmsvc (Gestionnaire des connexions Windows) -> C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False S2 - [Share Process] - WFDSConMgrSvc (Service Wi-Fi Direct Service de gestionnaire de connexions) -> C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - Winmgmt (Infrastructure de gestion Windows) -> C:\WINDOWS\system32\svchost.exe -k netsvcs -p - AcceptPause : True - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - WlanSvc (Service de configuration automatique WLAN) -> C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - WpnService (Service du système de notifications Push Windows) -> C:\WINDOWS\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - wscsvc (Centre de sécurité) -> C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - WSearch (Windows Search) -> C:\WINDOWS\system32\SearchIndexer.exe /Embedding - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Unknown] - CDPUserSvc_88b9f (Service pour utilisateur de plateforme d’appareils connectés_88b9f) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Unknown] - OneSyncSvc_88b9f (Hôte de synchronisation_88b9f) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Unknown] - WpnUserService_88b9f (Service utilisateur de notifications Push Windows_88b9f) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup - AcceptPause : False - AcceptStop : True - DesktopInteract : False ---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted) ---------- | Uninstall (Whitelist) [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\153f8ce0-b97a-575b-ba12-4ff8b1481894] : (Blitz.-.Blitz, Inc.) -> "C:\Users\cl_97\AppData\Local\Programs\Blitz\Uninstall Blitz.exe" /currentuser [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Championify] : (Championify.-.Dustin Blackman) -> "C:\Users\cl_97\AppData\Local\Championify\Update.exe" --uninstall [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Discord] : (Discord.-.Discord Inc.) -> C:\Users\cl_97\AppData\Local\Discord\Update.exe --uninstall [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Riot Game league_of_legends.live] : (League of Legends.-.Riot Games, Inc) -> "C:\Riot Games\Riot Client\RiotClientServices.exe" --uninstall-product=league_of_legends --uninstall-patchline=live [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Spotify] : (Spotify.-.Spotify AB) -> "C:\Users\cl_97\AppData\Roaming\Spotify\Spotify.exe" /uninstall [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1] : (Telegram Desktop version 2.8.11.-.Telegram FZ-LLC) -> "C:\Users\cl_97\AppData\Roaming\Telegram Desktop\unins000.exe" [HKU\S-1-5-21-1459843401-856262318-2992657480-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9df6f8e6-72f4-474f-a929-37485bb7537e}] : (Python 3.7.9 (64-bit).-.Python Software Foundation) -> "C:\Users\cl_97\AppData\Local\Package Cache\{9df6f8e6-72f4-474f-a929-37485bb7537e}\python-3.7.9-amd64.exe" /uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\029c4619-0385-5543-9426-46f9987161d9] : (Streamlabs OBS 0.26.0.-.General Workings, Inc.) -> "C:\Program Files\Streamlabs OBS\Uninstall Streamlabs OBS.exe" /allusers [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\7-Zip] : (7-Zip 19.00 (x64).-.Igor Pavlov) -> C:\Program Files\7-Zip\Uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Addictive Drums 2_is1] : (XLN Audio Addictive Drums 2.-.XLN Audio) -> "C:\Program Files\XLN Audio\Addictive Drums 2\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\BlueStacks] : (BlueStacks App Player.-.BlueStack Systems, Inc.) -> C:\Program Files\BlueStacks\BlueStacksUninstaller.exe -tmp [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Cheat Engine_is1] : (Cheat Engine 7.2.-.Cheat Engine) -> "C:\Program Files\Cheat Engine 7.2\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DAEMON Tools Pro] : (DAEMON Tools Pro.-.Disc Soft Ltd) -> C:\Program Files\DAEMON Tools Pro\uninst.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\FabFilter Total Bundle_is1] : (FabFilter Total Bundle.-.FabFilter) -> "C:\Program Files\FabFilter\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Genshin Impact] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\LatencyMon_is1] : (LatencyMon 7.00.-.Resplendence Software Projects Sp.) -> "C:\Program Files\LatencyMon\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Microsoft Edge] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Pianoteq STAGE_is1] : (Pianoteq STAGE version 6.2.2.-.Modartt) -> "D:\Program Files\Pianoteq 6 STAGE\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 1085660] : (Destiny 2.-.Bungie) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/1085660 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 1384160] : (GUILTY GEAR -STRIVE-.-.Arc System Works) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/1384160 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 389730] : (TEKKEN 7.-.BANDAI NAMCO Studios Inc.) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/389730 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 678950] : (DRAGON BALL FighterZ.-.Arc System Works) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/678950 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 705210] : (Cube Racer.-.Simon Blasen) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/705210 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 880940] : (Pummel Party.-.Rebuilt Games) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/880940 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SubLab_is1] : (FAW SubLab.-.FAW) -> "C:\Program Files\FAW\SubLab\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VLC media player] : (VLC media player.-.VideoLAN) -> "C:\Program Files\VideoLAN\VLC\uninstall.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{01378DC3-088F-4F55-AAFA-DC6A9CCA292A}] : (ARMOURY CRATE Service.-.ASUS) -> C:\ProgramData\ASUS\ARMOURYCRATEServiceUninstall\Uninstall.exe ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{01D3B7AA-D078-4506-B460-60877FCDDBD6}] : (ASUS Aac_NBDT HAL.-.ASUSTek COMPUTER INC.) -> MsiExec.exe /I{01D3B7AA-D078-4506-B460-60877FCDDBD6} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}] : (ASUS Keyboard HAL.-.ASUSTek COMPUTER INC.) -> MsiExec.exe /I{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1838F91B-D481-45AA-B92F-071C62D0A19A}] : (ASUS Mouse HAL.-.ASUSTek COMPUTER INC.) -> MsiExec.exe /I{1838F91B-D481-45AA-B92F-071C62D0A19A} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{23505416-9A4E-4DC3-86A6-AF433F85F853}] : (Python 3.7.9 Utility Scripts (64-bit).-.Python Software Foundation) -> MsiExec.exe /I{23505416-9A4E-4DC3-86A6-AF433F85F853} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F64180291F0}] : (Java 8 Update 291 (64-bit).-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F64180291F0} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{410fcd79-1be8-5bf1-986e-ea09c55f7edf}] : (Ankama Launcher 3.3.13.-.Ankama) -> "C:\Program Files\Ankama\Ankama Launcher\Uninstall Ankama Launcher.exe" /allusers ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{68cffbb8-7b20-4e9a-bee5-1dab962049ff}] : (Native Instruments Kontakt.-.Native Instruments) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6AE46807-153C-4604-A9D3-A31E6578176D}] : (Python 3.7.9 pip Bootstrap (64-bit).-.Python Software Foundation) -> MsiExec.exe /I{6AE46807-153C-4604-A9D3-A31E6578176D} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8C14C049-8207-4015-BC26-02FEB0BEE9C7}_is1] : (Kontakt 5 PORTABLE.-.Native Instruments) -> "C:\ProgramData\{8C14C049-8207-4015-BC26-02FEB0BEE9C7}\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9380734D-6F66-4F76-A7D3-6D117FAA4773}_is1] : (Kontakt 6 PORTABLE.-.Native Instruments) -> "C:\ProgramData\{9380734D-6F66-4F76-A7D3-6D117FAA4773}\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}] : (ASUS AURA Headset Component.-.ASUSTek COMPUTER INC.) -> MsiExec.exe /I{A3C4120D-8096-4307-91A2-FFE37EBD5A3D} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A82D01C4-0F9C-4FD6-9E2F-EDBD1E9826DC}] : (DSB Notification.-.ASUSTeK COMPUTER INC.) -> MsiExec.exe /I{A82D01C4-0F9C-4FD6-9E2F-EDBD1E9826DC} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{AC052048-9828-45E3-872B-04CE30A3B58B}] : (ScpToolkit.-.Nefarius Software Solutions) -> MsiExec.exe /I{AC052048-9828-45E3-872B-04CE30A3B58B} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}] : (ASUS AURA Display Component.-.ASUSTek COMPUTER INC.) -> MsiExec.exe /I{AFD1CF98-FE97-434C-A095-9F27C5BEA53C} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver] : (NVIDIA Pilote graphique 471.41.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience] : (NVIDIA GeForce Experience 3.23.0.74.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus] : (NVIDIA Optimus Update 38.0.8.0.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX] : (NVIDIA PhysX System Software 9.19.0218.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] : (Mises à jour NVIDIA 38.0.8.0.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk] : (NVIDIA FrameView SDK 1.1.4923.29968894.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage FrameViewSdk ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv] : (NVIDIA SHIELD Streaming.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GpxCommon.Oss] : (GPX Common OSS (POCO, OpenSSL) and libprotobuf binaries.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver] : (NVIDIA Pilote audio HD : 1.3.38.60.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage HDAudio.Driver ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] : (NVIDIA Install Application.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvAbHub] : (NVIDIA ABHub.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend] : (NVIDIA Backend.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer] : (NVIDIA Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ContainerTelemetryApiHelper] : (NVIDIA TelemetryApi helper for NvContainer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem] : (NVIDIA LocalSystem Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus] : (NVIDIA Message Bus for NvContainer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor] : (NVAPI Monitor plugin for NvContainer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ServiceUser] : (NVIDIA NetworkService Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session] : (NVIDIA Session Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User] : (NVIDIA User Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver] : (NvModuleTracker.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs] : (NVIDIA NodeJS.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog] : (NVIDIA Watchdog Plugin for NvContainer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry] : (NVIDIA Telemetry Client.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvVHCI] : (NVIDIA Virtual Host Controller.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC] : (Nvidia Share.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay] : (NVIDIA ShadowPlay 3.23.0.74.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController] : (NVIDIA SHIELD Wireless Controller Driver.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core] : (NVIDIA Update Core.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver] : (NVIDIA Virtual Audio 4.13.0.0.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{BCFB5D0C-01D4-479D-B83B-836EFB81B560}] : (Python 3.7.9 Development Libraries (64-bit).-.Python Software Foundation) -> MsiExec.exe /I{BCFB5D0C-01D4-479D-B83B-836EFB81B560} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{BFED9861-7D96-4528-89F1-B090ABBF11A7}] : (ASUS MB Peripheral Products.-.ASUSTeK Computer Inc.) -> MsiExec.exe /I{BFED9861-7D96-4528-89F1-B090ABBF11A7} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C5A4A164-4428-4931-B728-96EEF0FA3C44}] : (AURA lighting effect add-on x64.-.ASUS) -> MsiExec.exe /I{C5A4A164-4428-4931-B728-96EEF0FA3C44} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{CD14E774-992D-4A34-B3D8-6BBEC890D918}] : (Python 3.7.9 Executables (64-bit).-.Python Software Foundation) -> MsiExec.exe /I{CD14E774-992D-4A34-B3D8-6BBEC890D918} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}] : (ASUS Aura SDK.-.ASUSTek COMPUTER INC.) -> MsiExec.exe /I{CF8E6E00-9C03-4440-81C0-21FACB921A6B} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D035D3BD-C873-4615-8731-F447647419CD}] : (Python 3.7.9 Documentation (64-bit).-.Python Software Foundation) -> MsiExec.exe /I{D035D3BD-C873-4615-8731-F447647419CD} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E13CDE01-4800-4E01-8EAC-D35E00552730}] : (Python 3.7.9 Test Suite (64-bit).-.Python Software Foundation) -> MsiExec.exe /I{E13CDE01-4800-4E01-8EAC-D35E00552730} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E608BB24-F6E3-4465-9DE1-F7CE3EC7C366}] : (Python 3.7.9 Tcl/Tk Support (64-bit).-.Python Software Foundation) -> MsiExec.exe /I{E608BB24-F6E3-4465-9DE1-F7CE3EC7C366} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{EECA983B-8C90-4D13-8C80-F6B2E10585F3}] : (Python 3.7.9 Core Interpreter (64-bit).-.Python Software Foundation) -> MsiExec.exe /I{EECA983B-8C90-4D13-8C80-F6B2E10585F3} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{EF3BEAFF-1EA7-4C32-A55F-68A015813C15}] : (Python 3.7.9 Add to Path (64-bit).-.Python Software Foundation) -> MsiExec.exe /I{EF3BEAFF-1EA7-4C32-A55F-68A015813C15} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}] : (Epic Games Launcher Prerequisites (x64).-.Epic Games, Inc.) -> MsiExec.exe /X{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{FF740026-2FC0-4F8A-A046-8B316AF4ECA6}] : (Python 3.7.9 Standard Library (64-bit).-.Python Software Foundation) -> MsiExec.exe /I{FF740026-2FC0-4F8A-A046-8B316AF4ECA6} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\A Way Out_is1] : (A Way Out.-.) -> "D:\Games\A Way Out\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Advanced SystemCare_is1] : (Advanced SystemCare.-.IObit) -> "C:\Program Files (x86)\IObit\Advanced SystemCare\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Afterburner] : (MSI Afterburner 4.6.2.-.MSI Co., LTD) -> "C:\Program Files (x86)\MSI Afterburner\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\ASIO4ALL] : (ASIO4ALL.-.Michael Tippach) -> C:\Program Files (x86)\ASIO4ALL v2\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Camel Audio CamelCrusher] : (Camel Audio CamelCrusher.-.Camel Audio) -> C:\Program Files (x86)\Camel Audio\CamelCrusher\CamelCrusherUninstall.exe ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Dragon Ball Z: Kakarot_is1] : (Dragon Ball Z: Kakarot.-.) -> "C:\Games\Dragon Ball Z - Kakarot\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Driver Booster_is1] : (Driver Booster 8.3.0.361.-.IObit) -> "C:\Program Files (x86)\IObit\Driver Booster\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Dropbox] : (Dropbox.-.Dropbox, Inc.) -> "C:\Program Files (x86)\Dropbox\Client\DropboxUninstaller.exe" /InstallType:MACHINE [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\FL Studio 20] : (FL Studio 20.-.Image-Line) -> C:\Program Files\Image-Line\FL Studio 20\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\FL Studio ASIO] : (FL Studio ASIO.-.Image-Line) -> C:\Program Files\Image-Line\FL Studio ASIO\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Forza Horizon 4_is1] : (Forza Horizon 4.-.) -> "C:\Games\Forza Horizon 4\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Google Chrome] : (Google Chrome.-.Google LLC) -> "C:\Program Files\Google\Chrome\Application\92.0.4515.107\Installer\setup.exe" --uninstall --channel=stable --system-level --verbose-logging [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}] : (Kaspersky Internet Security.-.Kaspersky) -> MsiExec.exe /I{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976} REMOVE=ALL [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}] : (Kaspersky Password Manager.-.Kaspersky Lab) -> MsiExec.exe /I{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611} REMOVE=ALL REINSTALLMODE=omus [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallWIX_{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}] : (Kaspersky VPN.-.Kaspersky) -> MsiExec.exe /I{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2} REMOVE=ALL [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1] : (.-.) -> "C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Microsoft Edge Update] : (Microsoft Edge Update.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Native Instruments Kontakt] : (Native Instruments Kontakt.-.Native Instruments) -> "C:\ProgramData\{77490F36-6A25-4AC4-988E-D4D22FAE9A35}\Kontakt Setup PC.exe" REMOVE=TRUE MODIFY=FALSE [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\OpenAL] : (OpenAL.-.) -> "C:\Program Files (x86)\OpenAL\oalinst.exe" /U [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Parsec] : (Parsec.-.Parsec Cloud Inc.) -> "C:\Program Files\Parsec\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\pcsx2] : (PCSX2 - Playstation 2 Emulator.-.PCSX2 Team) -> C:\Program Files (x86)\PCSX2\Uninst-pcsx2.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\qBittorrent] : (qBittorrent 4.3.6.-.The qBittorrent project) -> "C:\Program Files\qBittorrent\uninst.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\RTSS] : (RivaTuner Statistics Server 7.2.3.-.Unwinder) -> "C:\Program Files (x86)\RivaTuner Statistics Server\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Spectrasonics Trilian Library_is1] : (Spectrasonics Trilian Library version 1.0.-.Copyright (C) 2009-2011 Spectrasonics) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam] : (Steam.-.Valve Corporation) -> C:\Program Files (x86)\Steam\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\UltraISO_is1] : (UltraISO Premium V9.72.-.) -> "C:\Program Files (x86)\UltraISO\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\VantageSRV_is1] : (Lenovo Vantage Service.-.Lenovo Group Ltd.) -> "C:\Program Files (x86)\Lenovo\VantageService\3.7.19.0\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0167A031-AD97-403B-A129-9DFCB53F3890}] : (RefreshRateService.-.ASUSTeK COMPUTER INC.) -> MsiExec.exe /I{0167A031-AD97-403B-A129-9DFCB53F3890} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{049c2f12-c730-4efc-81db-0adcf3ff5782}] : (ASUS Keyboard HAL.-.ASUSTek COMPUTER INC.) -> "C:\ProgramData\Package Cache\{049c2f12-c730-4efc-81db-0adcf3ff5782}\AacKbSetup.exe" /uninstall ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{099218A5-A723-43DC-8DB5-6173656A1E94}] : (Dropbox Update Helper.-.Dropbox, Inc.) -> MsiExec.exe /I{099218A5-A723-43DC-8DB5-6173656A1E94} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0E536061-3B55-4D45-BF58-0BDA261C94B0}] : (AURA Service.-.ASUSTeK Computer Inc.) -> MsiExec.exe /I{0E536061-3B55-4D45-BF58-0BDA261C94B0} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}] : (AURA lighting effect add-on.-.ASUS) -> MsiExec.exe /I{1E2EA04B-FCA7-457E-B6F4-F33E1858E859} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}] : (ROG Live Service.-.ASUSTek COMPUTER INC.) -> MsiExec.exe /I{2D87BFB6-C184-4A59-9BBE-3E20CE797631} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2E77104D-96E1-4A9C-86F2-C7CF9CA03A4B}] : (Betternet for Windows 5.3.0.433.-.Betternet Technologies Inc.) -> MsiExec.exe /X{2E77104D-96E1-4A9C-86F2-C7CF9CA03A4B} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{43a03b9c-4770-409c-a999-587b60700b63}] : (Launcher Prerequisites (x64).-.Epic Games, Inc.) -> "C:\ProgramData\Package Cache\{43a03b9c-4770-409c-a999-587b60700b63}\LauncherPrereqSetup_x64.exe" /uninstall ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}] : (Kaspersky Internet Security.-.Kaspersky) -> MsiExec.exe /I{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5C415481-ECCD-4875-AF77-A97B79825F2C}] : (Epic Games Launcher.-.Epic Games, Inc.) -> MsiExec.exe /X{5C415481-ECCD-4875-AF77-A97B79825F2C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{68cffbb8-7b20-4e9a-bee5-1dab962049ff}] : (.-.) -> C:\ProgramData\{77490F36-6A25-4AC4-988E-D4D22FAE9A35}\Kontakt Setup PC.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6A5A6DBD-DFD1-494B-A564-A2C9F5D943A7}_is1] : (GRID 2 Reloaded Edition MULTi7 - ElAmigos version 1.0.-.Codemasters) -> "D:\GAMES\GRID 2\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6D70A161-C29B-441B-9AA5-2ABBAB3B4B4D}] : (Epic Online Services.-.Epic Games, Inc.) -> MsiExec.exe /I{6D70A161-C29B-441B-9AA5-2ABBAB3B4B4D} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6EE02C78-E908-493B-B1A6-D64AFC53002F}] : (.-.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{6EE02C78-E908-493B-B1A6-D64AFC53002F}\Setup.exe" -l0x9 ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7f23d3ea-a821-4293-b7f7-34383bf06437}] : (ASUS AURA Headset Component.-.ASUSTek COMPUTER INC.) -> "C:\ProgramData\Package Cache\{7f23d3ea-a821-4293-b7f7-34383bf06437}\AacHeadSetSetup.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{80f60ecc-98e1-474b-aee2-0c470f02dbbc}] : (ASUS Framework Service.-.ASUSTek COMPUTER INC.) -> "C:\ProgramData\Package Cache\{80f60ecc-98e1-474b-aee2-0c470f02dbbc}\FrameworkServiceSetup.exe" /uninstall ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{99c84b70-e56e-4a29-9a3a-10d41c9fcc6d}] : (ASUS Aac_NBDT HAL.-.ASUSTek COMPUTER INC.) -> "C:\ProgramData\Package Cache\{99c84b70-e56e-4a29-9a3a-10d41c9fcc6d}\AacNBDTSetup.exe" /uninstall ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{a3a1beb0-9f5b-4b4e-8cfa-ef25842faf55}] : (ASUS MB Peripheral Products.-.ASUSTeK Computer Inc.) -> "C:\ProgramData\Package Cache\{a3a1beb0-9f5b-4b4e-8cfa-ef25842faf55}\AacTerminalHal.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{a890e515-8afe-4007-81e7-5c4d3da50086}] : (AURA Service.-.ASUSTeK Computer Inc.) -> "C:\ProgramData\Package Cache\{a890e515-8afe-4007-81e7-5c4d3da50086}\AuraServiceSetup.exe" /uninstall ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] : (ASUS Update Helper.-.ASUSTeK Computer Inc.) -> MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{a96c7710-4dd8-463e-8f76-c3ad65b248a5}] : (ASUS Mouse HAL.-.ASUSTek COMPUTER INC.) -> "C:\ProgramData\Package Cache\{a96c7710-4dd8-463e-8f76-c3ad65b248a5}\AacMouseSetup.exe" /uninstall ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}] : (Kaspersky Password Manager.-.Kaspersky Lab) -> MsiExec.exe /X{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{b8af8e27-5c72-412c-bab7-dc6430e70f1b}] : (ASUS AURA Display Component.-.ASUSTek COMPUTER INC.) -> "C:\ProgramData\Package Cache\{b8af8e27-5c72-412c-bab7-dc6430e70f1b}\AacDisplaySetup.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D9EDA177-2AA5-4AF1-A1E3-38B455C60E4D}] : (Python Launcher.-.Python Software Foundation) -> MsiExec.exe /X{D9EDA177-2AA5-4AF1-A1E3-38B455C60E4D} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EA6A87BE-8AD3-40D2-944C-9DF5FBFF4332}] : (ASUS Framework Service.-.ASUSTek COMPUTER INC.) -> MsiExec.exe /I{EA6A87BE-8AD3-40D2-944C-9DF5FBFF4332} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FE9835BB-9C3F-4EC9-971F-EAC46D419A38}_is1] : (NieR Automata.-.Square Enix) -> "C:\Games\NieR Automata\uninstall\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}] : (Kaspersky VPN.-.Kaspersky) -> MsiExec.exe /I{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2} ---------- | Ports ---------- | Installer [HKCR\Installer\Products\00006109C80000000100000000F01FEC] : Office 16 Click-to-Run Extensibility Component [HKCR\Installer\Products\00006109C80090400100000000F01FEC] : Office 16 Click-to-Run Localization Component [HKCR\Installer\Products\00006109C800C0400100000000F01FEC] : Office 16 Click-to-Run Localization Component [HKCR\Installer\Products\00006109E70000000100000000F01FEC] : Office 16 Click-to-Run Licensing Component [HKCR\Installer\Products\00E6E8FC30C90444180C12AFBC29A1B6] : ASUS Aura SDK [HKCR\Installer\Products\130A761079DAB3041A92D9CF5BF38309] : RefreshRateService [HKCR\Installer\Products\160635E055B354D4FB85B0AD62C1490B] : AURA Service [HKCR\Installer\Products\161A07D6B92CB144A95AA2BBBAB3B4D4] : Epic Online Services -> C:\Windows\Installer\{6D70A161-C29B-441B-9AA5-2ABBAB3B4B4D}\Installer.ico [HKCR\Installer\Products\1689DEFB69D78254981F0B09BAFB117A] : ASUS MB Peripheral Products [HKCR\Installer\Products\184514C5DCCE5784FA779AB79728F5C2] : Epic Games Launcher -> C:\Windows\Installer\{5C415481-ECCD-4875-AF77-A97B79825F2C}\Installer.ico [HKCR\Installer\Products\3CD87310F88055F4AAAFCDA6C9AC92A2] : ARMOURY CRATE Service -> C:\Windows\Installer\{01378DC3-088F-4F55-AAFA-DC6A9CCA292A}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\461A4A5C824413947B8269EE0FAFC344] : AURA lighting effect add-on x64 [HKCR\Installer\Products\499C5C9F9B6F57D43B7EDA108B04379E] : Epic Games Launcher Prerequisites (x64) -> C:\Windows\Installer\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}\UnrealEngineLauncher.ico [HKCR\Installer\Products\4C10D28AC9F06DF4E9F2DEDBE18962CD] : DSB Notification -> C:\Windows\Installer\{A82D01C4-0F9C-4FD6-9E2F-EDBD1E9826DC}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\4EA42A62D9304AC4784BF2468120190F] : Java 8 Update 291 (64-bit) -> C:\Program Files\Java\jre1.8.0_291\\bin\javaws.exe [HKCR\Installer\Products\5913FB66427791A49AEEEF7BBD9F7922] : Armoury Crate Service Core [HKCR\Installer\Products\5A812990327ACD34D85B163756A6E149] : Dropbox Update Helper [HKCR\Installer\Products\6BFB78D2481C95A4B9EBE302EC976713] : ROG Live Service [HKCR\Installer\Products\771ADE9D5AA21FA41A3E834B556CE0D4] : Python Launcher -> C:\WINDOWS\Installer\{D9EDA177-2AA5-4AF1-A1E3-38B455C60E4D}\ARPIcon [HKCR\Installer\Products\840250CA82893E5478B240EC033A5BB8] : ScpToolkit -> C:\WINDOWS\Installer\{AC052048-9828-45E3-872B-04CE30A3B58B}\DualShock3.exe [HKCR\Installer\Products\89FC1DFA79EFC4340A59F9725CEB5AC3] : ASUS AURA Display Component [HKCR\Installer\Products\8B21A2FF7BEA0C84598C2E3E6DD7CF2B] : Kaspersky VPN -> C:\WINDOWS\Installer\{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}\arp.ico [HKCR\Installer\Products\8bbffc8602b7a9e4eb5ed1ba690294ff] : Native Instruments Kontakt [HKCR\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E] : ASUS Update Helper [HKCR\Installer\Products\99E80CA9B0328e74791254777B1F42AE] : [HKCR\Installer\Products\9EB97CF436DA0C6469624E6FCB6E9A67] : Kaspersky Internet Security -> C:\WINDOWS\Installer\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}\arp.ico [HKCR\Installer\Products\AA7B3D10870D60544B060678F7DCBD6D] : ASUS Aac_NBDT HAL [HKCR\Installer\Products\B19F8381184DAA549BF270C1260D1AA9] : ASUS Mouse HAL [HKCR\Installer\Products\B40AE2E17ACFE7546B4F3FE381858E95] : AURA lighting effect add-on [HKCR\Installer\Products\D0214C3A69087034192AFF3EE7DBA5D3] : ASUS AURA Headset Component [HKCR\Installer\Products\D40177E21E69C9A4682F7CFCC90AA3B4] : Betternet for Windows 5.3.0.433 -> C:\Windows\Installer\{2E77104D-96E1-4A9C-86F2-C7CF9CA03A4B}\app_icon.ico [HKCR\Installer\Products\E3337F2BD8C64994AA4CEF8CBEFB6911] : Kaspersky Password Manager -> C:\Windows\Installer\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}\product.ico [HKCR\Installer\Products\EB78A6AE3DA82D0449C4D95FBFFF3423] : ASUS Framework Service [HKCR\Installer\Products\EEDC0AF08CD5E1249AD77CF46A6EF63C] : ASUS Keyboard HAL [HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater [HKCR\Installer\Products\F65125E7EF81359BEB9AB66E7AA7DFFF] : GameInput Redistributable ---------- | UserSettings [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\381b4222-f694-41f0-9685-ff5bb260df2e]~[Description] : @%SystemRoot%\system32\powrprof.dll,-14,Automatically balances performance with energy consumption on capable hardware. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\381b4222-f694-41f0-9685-ff5bb260df2e]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-15,Balanced (recommended) [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\3af9B8d9-7c97-431d-ad78-34a8bfea439f]~[Description] : @%SystemRoot%\system32\powrprof.dll,-1400,Favor performance instead of energy savings. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\3af9B8d9-7c97-431d-ad78-34a8bfea439f]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-1401,High Performance Overlay [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\64a64f24-65b9-4b56-befd-5ec1eaced9b3]~[Description] : @%SystemRoot%\system32\powrprof.dll,-10,Saves energy by reducing your computer performance where possible. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\64a64f24-65b9-4b56-befd-5ec1eaced9b3]~[FriendlyName] : Power saver [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\6fecc5ae-f350-48a5-b669-b472cb895ccf]~[Description] : @%SystemRoot%\system32\powrprof.dll,-12,Favors performance, but may use more energy. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\6fecc5ae-f350-48a5-b669-b472cb895ccf]~[FriendlyName] : High Performance [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c]~[Description] : @%SystemRoot%\system32\powrprof.dll,-12,Favors performance, but may use more energy. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-13,High Performance [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\961cc777-2547-4f9d-8174-7d86181b8a7a]~[Description] : @%SystemRoot%\system32\powrprof.dll,-1404,Favor energy savings over performance. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\961cc777-2547-4f9d-8174-7d86181b8a7a]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-1405,Better Battery-life Overlay [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\a1841308-3541-4fab-bc81-f71556f20b4a]~[Description] : @%SystemRoot%\system32\powrprof.dll,-10,Saves energy by reducing your computer performance where possible. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\a1841308-3541-4fab-bc81-f71556f20b4a]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-11,Power Saver [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\a787cd2e-106a-4c93-b55d-f0e875d123ea]~[Description] : @%SystemRoot%\system32\powrprof.dll,-18,Provides ultimate performance on higher end PCs. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\a787cd2e-106a-4c93-b55d-f0e875d123ea]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-19,Ultimate Performance [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\dd46b002-233a-4e31-8fc2-0c4ee39e122f]~[Description] : Activate it when you switch to Gaming Mode for boosting. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\dd46b002-233a-4e31-8fc2-0c4ee39e122f]~[FriendlyName] : Driver Booster Power Plan [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\dda98f1f-4c97-41e9-a5e8-e8026e2585d1]~[Description] : @%SystemRoot%\system32\powrprof.dll,-14,Automatically balances performance with energy consumption on capable hardware. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\dda98f1f-4c97-41e9-a5e8-e8026e2585d1]~[FriendlyName] : ASUS Recommended [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\ded574b5-45a0-4f42-8737-46345c09c238]~[Description] : @%SystemRoot%\system32\powrprof.dll,-1402,Maximize bias towards performance instead of energy savings. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\ded574b5-45a0-4f42-8737-46345c09c238]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-1403,Max Performance Overlay [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\e9a42b02-d5df-448d-aa00-03f14749eb61]~[Description] : @%SystemRoot%\system32\powrprof.dll,-18,Provides ultimate performance on higher end PCs. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\e9a42b02-d5df-448d-aa00-03f14749eb61]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-19,Ultimate Performance [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\381b4222-f694-41f0-9685-ff5bb260df2e]~[Description] : @%SystemRoot%\system32\powrprof.dll,-14,Automatically balances performance with energy consumption on capable hardware. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\381b4222-f694-41f0-9685-ff5bb260df2e]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-15,Balanced (recommended) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\3af9B8d9-7c97-431d-ad78-34a8bfea439f]~[Description] : @%SystemRoot%\system32\powrprof.dll,-1400,Favor performance instead of energy savings. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\3af9B8d9-7c97-431d-ad78-34a8bfea439f]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-1401,High Performance Overlay [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\64a64f24-65b9-4b56-befd-5ec1eaced9b3]~[Description] : @%SystemRoot%\system32\powrprof.dll,-10,Saves energy by reducing your computer performance where possible. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\64a64f24-65b9-4b56-befd-5ec1eaced9b3]~[FriendlyName] : Power saver [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\6fecc5ae-f350-48a5-b669-b472cb895ccf]~[Description] : @%SystemRoot%\system32\powrprof.dll,-12,Favors performance, but may use more energy. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\6fecc5ae-f350-48a5-b669-b472cb895ccf]~[FriendlyName] : High Performance [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c]~[Description] : @%SystemRoot%\system32\powrprof.dll,-12,Favors performance, but may use more energy. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-13,High Performance [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\961cc777-2547-4f9d-8174-7d86181b8a7a]~[Description] : @%SystemRoot%\system32\powrprof.dll,-1404,Favor energy savings over performance. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\961cc777-2547-4f9d-8174-7d86181b8a7a]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-1405,Better Battery-life Overlay [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\a1841308-3541-4fab-bc81-f71556f20b4a]~[Description] : @%SystemRoot%\system32\powrprof.dll,-10,Saves energy by reducing your computer performance where possible. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\a1841308-3541-4fab-bc81-f71556f20b4a]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-11,Power Saver [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\a787cd2e-106a-4c93-b55d-f0e875d123ea]~[Description] : @%SystemRoot%\system32\powrprof.dll,-18,Provides ultimate performance on higher end PCs. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\a787cd2e-106a-4c93-b55d-f0e875d123ea]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-19,Ultimate Performance [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\dd46b002-233a-4e31-8fc2-0c4ee39e122f]~[Description] : Activate it when you switch to Gaming Mode for boosting. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\dd46b002-233a-4e31-8fc2-0c4ee39e122f]~[FriendlyName] : Driver Booster Power Plan [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\dda98f1f-4c97-41e9-a5e8-e8026e2585d1]~[Description] : @%SystemRoot%\system32\powrprof.dll,-14,Automatically balances performance with energy consumption on capable hardware. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\dda98f1f-4c97-41e9-a5e8-e8026e2585d1]~[FriendlyName] : ASUS Recommended [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\ded574b5-45a0-4f42-8737-46345c09c238]~[Description] : @%SystemRoot%\system32\powrprof.dll,-1402,Maximize bias towards performance instead of energy savings. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\ded574b5-45a0-4f42-8737-46345c09c238]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-1403,Max Performance Overlay [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\e9a42b02-d5df-448d-aa00-03f14749eb61]~[Description] : @%SystemRoot%\system32\powrprof.dll,-18,Provides ultimate performance on higher end PCs. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\e9a42b02-d5df-448d-aa00-03f14749eb61]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-19,Ultimate Performance ---------- | ADS Detected : C:\Users\cl_97\AppData\Local\Temp:$DATA? ---------- | 20 LastEventLog Nom de l’application défaillante Blitz.exe, version : 1.15.12.144, horodatage : 0x60f07816 Nom du module défaillant : blitz_core.node, version : 0.0.0.0, horodatage : 0x60f64867 Code d’exception : 0xc0000409 Décalage d’erreur : 0x00057c2d ID du processus défaillant : 0x42cc Heure de début de l’application défaillante : 0x01d77e534fcf6b75 Chemin d’accès de l’application défaillante : C:\Users\cl_97\AppData\Local\Programs\Blitz\Blitz.exe Chemin d’accès du module défaillant: \\?\C:\Users\cl_97\AppData\Roaming\Blitz\blitz-deps\1.15.12\blitz_core.node ID de rapport : 437dff34-67fb-41d4-9f44-d401527abe30 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante RefreshRateService.exe, version : 1.0.0.0, horodatage : 0x5cb6c561 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.1110, horodatage : 0xc830c52d Code d’exception : 0xe0434352 Décalage d’erreur : 0x0012b4b2 ID du processus défaillant : 0x1440 Heure de début de l’application défaillante : 0x01d77e533bc5412b Chemin d’accès de l’application défaillante : C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : d88e2f5e-f350-4ed0-ae9c-16f1f1eb96bf Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Application : RefreshRateService.exe Version du Framework : v4.0.30319 Description : le processus a été arrêté en raison d'une exception non gérée. Informations sur l'exception : System.Security.Principal.IdentityNotMappedException à System.Security.Principal.NTAccount.Translate(System.Security.Principal.IdentityReferenceCollection, System.Type, Boolean) à System.Security.Principal.NTAccount.Translate(System.Type) à System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(System.Security.AccessControl.AccessControlModification, System.Security.AccessControl.AccessRule, Boolean ByRef) à System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(System.Security.AccessControl.AccessRule) à System.IO.Pipes.PipeSecurity.AddAccessRule(System.IO.Pipes.PipeAccessRule) à Extensions.ProcessExtensions.ServerThread(System.Object) à System.Threading.ThreadHelper.ThreadStart_Context(System.Object) à System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) à System.Threading.ThreadHelper.ThreadStart(System.Object) ------------ Nom de l’application défaillante RefreshRateService.exe, version : 1.0.0.0, horodatage : 0x5cb6c561 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.1110, horodatage : 0xc830c52d Code d’exception : 0xe0434352 Décalage d’erreur : 0x0012b4b2 ID du processus défaillant : 0x1484 Heure de début de l’application défaillante : 0x01d77e4d16452662 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : 5c265432-f210-4812-aac2-54a68fc4d078 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Application : RefreshRateService.exe Version du Framework : v4.0.30319 Description : le processus a été arrêté en raison d'une exception non gérée. Informations sur l'exception : System.Security.Principal.IdentityNotMappedException à System.Security.Principal.NTAccount.Translate(System.Security.Principal.IdentityReferenceCollection, System.Type, Boolean) à System.Security.Principal.NTAccount.Translate(System.Type) à System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(System.Security.AccessControl.AccessControlModification, System.Security.AccessControl.AccessRule, Boolean ByRef) à System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(System.Security.AccessControl.AccessRule) à System.IO.Pipes.PipeSecurity.AddAccessRule(System.IO.Pipes.PipeAccessRule) à Extensions.ProcessExtensions.ServerThread(System.Object) à System.Threading.ThreadHelper.ThreadStart_Context(System.Object) à System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) à System.Threading.ThreadHelper.ThreadStart(System.Object) ------------ Nom de l’application défaillante RefreshRateService.exe, version : 1.0.0.0, horodatage : 0x5cb6c561 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.1110, horodatage : 0xc830c52d Code d’exception : 0xe0434352 Décalage d’erreur : 0x0012b4b2 ID du processus défaillant : 0x144c Heure de début de l’application défaillante : 0x01d77e4b176892ee Chemin d’accès de l’application défaillante : C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : 261c57f0-70af-488d-bb00-14ca4477393c Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Application : RefreshRateService.exe Version du Framework : v4.0.30319 Description : le processus a été arrêté en raison d'une exception non gérée. Informations sur l'exception : System.Security.Principal.IdentityNotMappedException à System.Security.Principal.NTAccount.Translate(System.Security.Principal.IdentityReferenceCollection, System.Type, Boolean) à System.Security.Principal.NTAccount.Translate(System.Type) à System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(System.Security.AccessControl.AccessControlModification, System.Security.AccessControl.AccessRule, Boolean ByRef) à System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(System.Security.AccessControl.AccessRule) à System.IO.Pipes.PipeSecurity.AddAccessRule(System.IO.Pipes.PipeAccessRule) à Extensions.ProcessExtensions.ServerThread(System.Object) à System.Threading.ThreadHelper.ThreadStart_Context(System.Object) à System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) à System.Threading.ThreadHelper.ThreadStart(System.Object) ------------ Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours. . ------------ Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours. ] ------------ Nom de l’application défaillante RefreshRateService.exe, version : 1.0.0.0, horodatage : 0x5cb6c561 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.1110, horodatage : 0xc830c52d Code d’exception : 0xe0434352 Décalage d’erreur : 0x0012b4b2 ID du processus défaillant : 0x1420 Heure de début de l’application défaillante : 0x01d77e4903af284a Chemin d’accès de l’application défaillante : C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : 30697cbe-8601-4c83-945e-e754cacada22 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Application : RefreshRateService.exe Version du Framework : v4.0.30319 Description : le processus a été arrêté en raison d'une exception non gérée. Informations sur l'exception : System.Security.Principal.IdentityNotMappedException à System.Security.Principal.NTAccount.Translate(System.Security.Principal.IdentityReferenceCollection, System.Type, Boolean) à System.Security.Principal.NTAccount.Translate(System.Type) à System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(System.Security.AccessControl.AccessControlModification, System.Security.AccessControl.AccessRule, Boolean ByRef) à System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(System.Security.AccessControl.AccessRule) à System.IO.Pipes.PipeSecurity.AddAccessRule(System.IO.Pipes.PipeAccessRule) à Extensions.ProcessExtensions.ServerThread(System.Object) à System.Threading.ThreadHelper.ThreadStart_Context(System.Object) à System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) à System.Threading.ThreadHelper.ThreadStart(System.Object) ------------ Nom de l’application défaillante RefreshRateService.exe, version : 1.0.0.0, horodatage : 0x5cb6c561 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.1110, horodatage : 0xc830c52d Code d’exception : 0xe0434352 Décalage d’erreur : 0x0012b4b2 ID du processus défaillant : 0x1534 Heure de début de l’application défaillante : 0x01d77e4739601a61 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : c7266543-30f2-48da-8c42-8270dc6fadc3 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Application : RefreshRateService.exe Version du Framework : v4.0.30319 Description : le processus a été arrêté en raison d'une exception non gérée. Informations sur l'exception : System.Security.Principal.IdentityNotMappedException à System.Security.Principal.NTAccount.Translate(System.Security.Principal.IdentityReferenceCollection, System.Type, Boolean) à System.Security.Principal.NTAccount.Translate(System.Type) à System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(System.Security.AccessControl.AccessControlModification, System.Security.AccessControl.AccessRule, Boolean ByRef) à System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(System.Security.AccessControl.AccessRule) à System.IO.Pipes.PipeSecurity.AddAccessRule(System.IO.Pipes.PipeAccessRule) à Extensions.ProcessExtensions.ServerThread(System.Object) à System.Threading.ThreadHelper.ThreadStart_Context(System.Object) à System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) à System.Threading.ThreadHelper.ThreadStart(System.Object) ------------ Nom de l’application défaillante RefreshRateService.exe, version : 1.0.0.0, horodatage : 0x5cb6c561 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.1110, horodatage : 0xc830c52d Code d’exception : 0xe0434352 Décalage d’erreur : 0x0012b4b2 ID du processus défaillant : 0x14ac Heure de début de l’application défaillante : 0x01d77e465504374e Chemin d’accès de l’application défaillante : C:\Program Files (x86)\ASUSTeK COMPUTER INC\RefreshRateService\RefreshRateService.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : c7b6a573-9a91-4b97-8c38-5df863d5ff0b Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Application : RefreshRateService.exe Version du Framework : v4.0.30319 Description : le processus a été arrêté en raison d'une exception non gérée. Informations sur l'exception : System.Security.Principal.IdentityNotMappedException à System.Security.Principal.NTAccount.Translate(System.Security.Principal.IdentityReferenceCollection, System.Type, Boolean) à System.Security.Principal.NTAccount.Translate(System.Type) à System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(System.Security.AccessControl.AccessControlModification, System.Security.AccessControl.AccessRule, Boolean ByRef) à System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(System.Security.AccessControl.AccessRule) à System.IO.Pipes.PipeSecurity.AddAccessRule(System.IO.Pipes.PipeAccessRule) à Extensions.ProcessExtensions.ServerThread(System.Object) à System.Threading.ThreadHelper.ThreadStart_Context(System.Object) à System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) à System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) à System.Threading.ThreadHelper.ThreadStart(System.Object) ------------ Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours. . ------------ Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours. ] ------------ Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours. . ------------ Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours. ] ------------ ----------( EOF)---------- - 6063 | 12:22:18