--------------- QuickDiag | g3n-h@ckm@n | V8.028.22.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 26/03/2022 18:24:33 Updated 28/01/2022 | 10:00 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [bette (Administrator)] - [DESKTOP-91QNL1K] (S-1-5-21-3647221497-3949391349-1226619127-1001) PC : Micro-Star International Co., Ltd MS-7C02 x64-based PC System: Microsoft Windows 10 Professionnel - X64 - (10.0.19044) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> (21H2) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Professionnel|C:\Windows|\Device\Harddisk0\Partition3 Boot : Normal boot PC: MS-7C02 - Micro-Star International Co., Ltd - IdNumber: To be filled by O.E.M. - UUID: BEDEBDE7-CAEA-8518-A9F7-D8BBC14AC601 Processor : AMD Ryzen 5 5600X 6-Core Processor (AuthenticAMD) - Clock Speed : 3701 - Socket : AM4 - Stauts : OK BIOS : American Megatrends International, LLC. H.60 - SN : To be filled by O.E.M. - Status : OK - Version : ALASKA - 1072009 - PrimaryBios : True - CurrentLanguage : - OtherTargetOS : CoreTemp : ? Celsius ----------| Quick ---------- | SoundDevice Périphérique High Definition Audio - Status: OK - Manufacturer: Microsoft - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0897&SUBSYS_1462EC02&REV_1004\5&32738DF5&0&0001 NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: ROOT\UNNAMED_DEVICE\0000 NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_009E&SUBSYS_1458405A&REV_1001\5&376548AA&0&0001 ---------- | Video NVIDIA GeForce RTX 3060 Ti - Resolution: 1920x1080 - Colors: 4294967296 - RefreshRate: 143 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_3b12ac0f95b18b9d\nvldumdx.dll,C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_3b12ac0f95b18b9d\nvldumdx.dll,C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_3b12ac0f95b18b9d\nvldumdx.dll,C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_3b12ac0f95b18b9d\nvldumdx.dll - PNPDeviceID: PCI\VEN_10DE&DEV_2489&SUBSYS_405A1458&REV_A1\4&1FC990D7&0&0019 - AdapterCompatibility: NVIDIA - RAM: -1048576 Inegrated Video Chipset DeviceName: NVIDIA GeForce RTX 3060 Ti - DriverVersion: 30.0.15.1179 - SpecificationVersion: 1025 ---------- | Codecs C:\Windows\system32\L3CODECA.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 93184 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK C:\Windows\system32\MSVIDC32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 39936 - Manufacturer: Microsoft Corporation - Status: OK C:\Windows\system32\IMAADP32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 37440 - Manufacturer: Microsoft Corporation - Status: OK C:\Windows\system32\MSADP32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34600 - Manufacturer: Microsoft Corporation - Status: OK C:\Windows\system32\MSRLE32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 18432 - Manufacturer: Microsoft Corporation - Status: OK C:\Windows\system32\TSBYUV.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK C:\Windows\system32\IYUV_32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 - Manufacturer: Microsoft Corporation - Status: OK C:\Windows\system32\MSGSM32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42904 - Manufacturer: Microsoft Corporation - Status: OK C:\Windows\system32\MSYUV.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 27648 - Manufacturer: Microsoft Corporation - Status: OK C:\Windows\system32\MSG711.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25824 - Manufacturer: Microsoft Corporation - Status: OK ---------- | Memory Pagefile = Total (MB) : 24565 | Free (MB) : 15979 Virtual = Total (MB) : 4194 | Free (MB) : 3924 Physical Memory (MB) -------------------- Total: 16309 Available: 10313 Cached: 4117 Free: 747 System ------ Handles: 133846 Processes: 220 Threads: 3816 ---------- | Drives C:\ -> [Fixed] | [] | Total : 930.89 Go | Free : 639.22 Go -> NTFS (SSD) D:\ -> [Removable] | [ESD-USB] | Total : 29.8 Go | Free : 29.77 Go -> FAT32 [USB] Drive: 0 Cylinders: 121601 Tracks per Cylinder: 255 Sectors per Track: 63 Bytes per Sector: 512 Total Space: 1000204886016 bytes Drive: 1 Cylinders: 3892 Tracks per Cylinder: 255 Sectors per Track: 63 Bytes per Sector: 512 Total Space: 32015679488 bytes ---------- | Windows updates - Activation - License W.A.T : :) Test 1 : Windows Is Activated Volume License ---------- | Browsers IE : 11.0.19041.1566 (© Microsoft Corporation. Tous droits réservés.) Default : "C:\Program Files\Internet Explorer\iexplore.exe" ---------- | FlashPlayer ---------- | Security AV : Avast Antivirus Enabled AS : FW : Avast Antivirus Enabled WMI : OK WU: Windows Update Service [Manual(3)] = Running AS: Windows Defender [Manual(3)] = stopped WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 636 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.19041.964) = C:\Windows\System32\smss.exe [06/10/2021 14:30:26] 764 | [Owner : Système | Parent : 732() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.19041.546) = C:\Windows\System32\csrss.exe [06/10/2021 14:30:26] 856 | [Owner : Système | Parent : 732() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.19041.1566) = C:\Windows\System32\wininit.exe [16/03/2022 17:22:39] 928 | [Owner : Système | Parent : 856(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.19041.928) = C:\Windows\System32\services.exe [06/10/2021 14:30:26] 944 | [Owner : Système | Parent : 856(wininit.exe) | 20.98 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.19041.1586) = C:\Windows\System32\lsass.exe [16/03/2022 17:22:41] 504 | [Owner : Système | Parent : 928(services.exe) | 22.51 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 704 | [Owner : UMFD-0 | Parent : 856(wininit.exe) | 0.26 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.19041.1566) = C:\Windows\System32\fontdrvhost.exe [16/03/2022 17:22:44] 1044 | [Owner : SERVICE RÉSEAU | Parent : 928(services.exe) | 13.77 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 1092 | [Owner : Système | Parent : 928(services.exe) | 6.22 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 1300 | [Owner : Système | Parent : 928(services.exe) | 5.82 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 1348 | [Owner : Système | Parent : 928(services.exe) | 10.72 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 1368 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 4.87 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 1376 | [Owner : Système | Parent : 928(services.exe) | 2.46 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 1428 | [Owner : Système | Parent : 928(services.exe) | 8.16 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 1504 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 17.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 1652 | [Owner : Système | Parent : 928(services.exe) | 12.5 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 1704 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 3.16 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.19041.1466) = C:\Windows\System32\WUDFHost.exe [16/03/2022 17:22:45] 1716 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 2.14 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 1744 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 7.39 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 1864 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 4.08 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 1892 | [Owner : Système | Parent : 928(services.exe) | 12.84 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.35.3033.8148) = C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_3b12ac0f95b18b9d\Display.NvContainer\NVDisplay.Container.exe [14/03/2022 16:14:31] 1972 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 5.46 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 2024 | [Owner : SERVICE RÉSEAU | Parent : 928(services.exe) | 9.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 1144 | [Owner : Système | Parent : 928(services.exe) | 7.14 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 2060 | [Owner : Système | Parent : 928(services.exe) | 1.63 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 2068 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 6.1 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 2076 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 4.34 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 2108 | [Owner : Système | Parent : 928(services.exe) | ?????] - (.AVAST Software - Avast remediation exe.) - (21.4.6162.0) = C:\Program Files\Avast Software\Avast\wsc_proxy.exe [14/03/2022 21:55:25] 2220 | [Owner : Système | Parent : 928(services.exe) | 5.32 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 2324 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 3.15 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 2524 | [Owner : Système | Parent : 928(services.exe) | 4.97 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 2536 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 4.35 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 2664 | [Owner : Système | Parent : 928(services.exe) | 17.27 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 2744 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 11.8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 2852 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 2.56 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 2856 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 4.53 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 2868 | [Owner : SERVICE RÉSEAU | Parent : 928(services.exe) | 5.84 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 2880 | [Owner : Système | Parent : 928(services.exe) | 16.92 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 2952 | [Owner : Système | Parent : 928(services.exe) | 9.07 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 2992 | [Owner : Système | Parent : 928(services.exe) | ?????] - (.AVAST Software - Avast Service.) - (22.2.7013.0) = C:\Program Files\Avast Software\Avast\AvastSvc.exe [14/03/2022 21:55:25] 2936 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 3.94 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 3224 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 16.74 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 3604 | [Owner : Système | Parent : 928(services.exe) | 69.88 Mo] - (.AVAST Software - Avast Antivirus.) - (22.2.7013.0) = C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [14/03/2022 21:55:38] 3660 | [Owner : Système | Parent : 928(services.exe) | 2.98 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 3664 | [Owner : Système | Parent : 928(services.exe) | 6.71 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 3676 | [Owner : SERVICE RÉSEAU | Parent : 928(services.exe) | 4.17 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 3932 | [Owner : Système | Parent : 928(services.exe) | 5.89 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.19041.1566) = C:\Windows\System32\spoolsv.exe [16/03/2022 17:22:18] 4008 | [Owner : Système | Parent : 928(services.exe) | 12.67 Mo] - (.AVAST Software - Avast firewall service.) - (22.2.7013.0) = C:\Program Files\Avast Software\Avast\afwServ.exe [14/03/2022 21:55:21] 4032 | [Owner : SERVICE RÉSEAU | Parent : 928(services.exe) | 2.85 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 2548 | [Owner : SERVICE RÉSEAU | Parent : 928(services.exe) | 10.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 2580 | [Owner : Système | Parent : 928(services.exe) | 24.24 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 4052 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 16.84 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 848 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 1.18 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 2508 | [Owner : Système | Parent : 928(services.exe) | 1.78 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 8 | [Owner : Système | Parent : 928(services.exe) | 15.52 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 4104 | [Owner : Système | Parent : 928(services.exe) | 22.98 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.35.3033.8148) = C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [14/03/2022 16:22:47] 4208 | [Owner : Système | Parent : 928(services.exe) | 41.64 Mo] - (.AVAST Software - Avast VPN Service.) - (5.16.5987.0) = C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [14/03/2022 21:57:10] 4216 | [Owner : Système | Parent : 928(services.exe) | 37.7 Mo] - (.AVAST Software - Avast Driver Updater Service.) - (22.1.2374.0) = C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [17/03/2022 21:56:56] 4236 | [Owner : Système | Parent : 928(services.exe) | 10.38 Mo] - (.TeamViewer Germany GmbH - TeamViewer.) - (15.27.3.0) = C:\Program Files\TeamViewer\TeamViewer_Service.exe [14/03/2022 23:35:13] 4276 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 8 Mo] - (.Electronic Arts - OriginWebHelperService.) - (10.5.111.50299) = C:\Program Files (x86)\Origin\OriginWebHelperService.exe [14/03/2022 16:39:46] 4532 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 1.32 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 4632 | [Owner : Système | Parent : 928(services.exe) | 3.93 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 4764 | [Owner : Système | Parent : 928(services.exe) | 5.8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 5392 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 6316 | [Owner : Système | Parent : 928(services.exe) | 36.55 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.19041.1566) = C:\Windows\System32\SearchIndexer.exe [16/03/2022 17:22:29] 7268 | [Owner : Système | Parent : 928(services.exe) | 19.22 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 7628 | [Owner : Système | Parent : 928(services.exe) | 3.46 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 7924 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 15.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 8376 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 4.18 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 8812 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 4.71 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 11000 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 4.44 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 11416 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 3.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 11304 | [Owner : Système | Parent : 928(services.exe) | 8.52 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 12788 | [Owner : Système | Parent : 928(services.exe) | ?????] - (.Microsoft Corporation - Windows Security Health Service.) - (4.18.1907.16384) = C:\Windows\System32\SecurityHealthService.exe [16/03/2022 17:22:39] 14212 | [Owner : Système | Parent : 928(services.exe) | 5.61 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 10432 | [Owner : Système | Parent : 928(services.exe) | 6.33 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 16696 | [Owner : Système | Parent : 928(services.exe) | 15.86 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 17820 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 14.86 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 17304 | [Owner : Système | Parent : 928(services.exe) | 15.7 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 10844 | [Owner : Système | Parent : 928(services.exe) | ?????] - (.Microsoft Corporation - Service Broker du moniteur d'exécution System Guard.) - (10.0.19041.546) = C:\Windows\System32\SgrmBroker.exe [06/10/2021 14:31:06] 1468 | [Owner : Système | Parent : 928(services.exe) | 5.96 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 18240 | [Owner : Système | Parent : 928(services.exe) | 48.57 Mo] - (.AVAST Software - Avast Cleanup Service.) - (22.1.11691.0) = C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [24/03/2022 14:02:58] 18804 | [Owner : Système | Parent : 928(services.exe) | 2.86 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 10320 | [Owner : SERVICE LOCAL | Parent : 2744(svchost.exe) | 8.39 Mo] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (10.0.19041.1503) = C:\Windows\System32\audiodg.exe [16/03/2022 17:22:17] 7144 | [Owner : Système | Parent : 504(svchost.exe) | 29.65 Mo] - (.Microsoft Corporation - MoUSO Core Worker Process.) - (10.0.19041.1503) = C:\Windows\System32\MoUsoCoreWorker.exe [16/03/2022 17:22:33] 18428 | [Owner : Système | Parent : 928(services.exe) | ?????] - (.AVAST Software - Avast Software Analyzer.) - (22.2.7013.0) = C:\Program Files\Avast Software\Avast\aswidsagent.exe [14/03/2022 21:55:22] 17856 | [Owner : Système | Parent : 504(svchost.exe) | 7.62 Mo] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (10.0.19041.1320) = C:\Windows\System32\wbem\unsecapp.exe [16/03/2022 17:22:18] 13564 | [Owner : Système | Parent : 928(services.exe) | 10.04 Mo] - (.-.) - (0.0.0.0) = C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\target\x86_64-pc-windows-msvc\release\service.exe [25/03/2022 22:30:32] 28768 | [Owner : Système | Parent : 928(services.exe) | 17.08 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 30224 | [Owner : Système | Parent : 928(services.exe) | 12.86 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 19880 | [Owner : Système | Parent : 928(services.exe) | 23.37 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 27548 | [Owner : Système | Parent : 13184() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.19041.546) = C:\Windows\System32\csrss.exe [06/10/2021 14:30:26] 27880 | [Owner : Système | Parent : 13184() | 11.86 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.19041.1503) = C:\Windows\System32\winlogon.exe [16/03/2022 17:22:44] 17268 | [Owner : UMFD-3 | Parent : 27880(winlogon.exe) | 6.86 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.19041.1566) = C:\Windows\System32\fontdrvhost.exe [16/03/2022 17:22:44] 28052 | [Owner : DWM-3 | Parent : 27880(winlogon.exe) | 68.34 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (10.0.19041.746) = C:\Windows\System32\dwm.exe [06/10/2021 14:30:22] 23620 | [Owner : Système | Parent : 928(services.exe) | 8.46 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 19752 | [Owner : Système | Parent : 928(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 26868 | [Owner : Système | Parent : 6316(SearchIndexer.exe) | 16.9 Mo] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.19041.1566) = C:\Windows\System32\SearchProtocolHost.exe [16/03/2022 17:22:29] 28292 | [Owner : Système | Parent : 928(services.exe) | 52.54 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 27956 | [Owner : Système | Parent : 1892(NVDisplay.Container.exe) | 58.37 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.35.3033.8148) = C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_3b12ac0f95b18b9d\Display.NvContainer\NVDisplay.Container.exe [14/03/2022 16:14:31] 3140 | [Owner : SERVICE RÉSEAU | Parent : 504(svchost.exe) | 15.95 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.19041.546) = C:\Windows\System32\wbem\WmiPrvSE.exe [06/10/2021 14:30:16] 30020 | [Owner : bette | Parent : 4104(nvcontainer.exe) | 32.08 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.35.3033.8148) = C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [14/03/2022 16:22:47] 15988 | [Owner : bette | Parent : 4104(nvcontainer.exe) | 68.28 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.35.3033.8148) = C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [14/03/2022 16:22:47] 17240 | [Owner : bette | Parent : 1652(svchost.exe) | 31.92 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.19041.746) = C:\Windows\System32\sihost.exe [06/10/2021 14:30:07] 19244 | [Owner : bette | Parent : 928(services.exe) | 29.24 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 12044 | [Owner : bette | Parent : 928(services.exe) | 39.05 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 15776 | [Owner : Système | Parent : 1348(svchost.exe) | 2.4 Mo] - (.Google LLC - Programme d'installation de Google.) - (1.3.36.121) = C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14/03/2022 14:42:04] 12380 | [Owner : bette | Parent : 1348(svchost.exe) | 16.22 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.19041.1503) = C:\Windows\System32\taskhostw.exe [16/03/2022 17:22:45] 10332 | [Owner : Système | Parent : 1348(svchost.exe) | 2.13 Mo] - (.Microsoft Corporation - Microsoft Edge Update.) - (1.3.147.37) = C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [05/08/2021 23:41:46] 10360 | [Owner : bette | Parent : 28044() | 137.88 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.19041.1586) = C:\Windows\explorer.exe [16/03/2022 17:22:18] 25684 | [Owner : Système | Parent : 928(services.exe) | 9.01 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 8096 | [Owner : bette | Parent : 928(services.exe) | 19.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 18416 | [Owner : bette | Parent : 504(svchost.exe) | 8.14 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.19041.546) = C:\Windows\System32\dllhost.exe [06/10/2021 14:30:23] 17836 | [Owner : bette | Parent : 504(svchost.exe) | 79.36 Mo] - (.-.) - (0.0.0.0) = C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe [16/03/2022 17:22:33] 28608 | [Owner : bette | Parent : 25784() | 41.04 Mo] - (.Node.js - NVIDIA Web Helper Service.) - (11.13.0.0) = C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe [14/03/2022 16:22:52] 14576 | [Owner : bette | Parent : 504(svchost.exe) | 26.05 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe [06/10/2021 14:29:50] 23932 | [Owner : bette | Parent : 504(svchost.exe) | 125.38 Mo] - (.Microsoft Corporation - Search application.) - (10.0.19041.1566) = C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe [16/03/2022 17:23:27] 20776 | [Owner : bette | Parent : 28608(NVIDIA Web Helper.exe) | 5.88 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.19041.1566) = C:\Windows\System32\conhost.exe [16/03/2022 17:22:38] 1960 | [Owner : bette | Parent : 504(svchost.exe) | 24.44 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe [06/10/2021 14:29:50] 18852 | [Owner : Système | Parent : 928(services.exe) | 18.7 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 6696 | [Owner : bette | Parent : 504(svchost.exe) | 54.64 Mo] - (.Microsoft Corporation -.) - (1.22022.147.0) = C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22022.147.0_x64__8wekyb3d8bbwe\YourPhone.exe [18/03/2022 15:10:58] 15720 | [Owner : bette | Parent : 504(svchost.exe) | 22.6 Mo] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.19041.1320) = C:\Windows\System32\SettingSyncHost.exe [16/03/2022 17:22:49] 11668 | [Owner : bette | Parent : 7628(svchost.exe) | 21.45 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.19041.1) = C:\Windows\System32\ctfmon.exe [07/12/2019 10:09:00] 3748 | [Owner : bette | Parent : 504(svchost.exe) | 17.44 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe [06/10/2021 14:29:50] 9060 | [Owner : bette | Parent : 504(svchost.exe) | 56.58 Mo] - (.Microsoft Corporation - LockApp.exe.) - (10.0.19041.1503) = C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe [16/03/2022 17:22:45] 28900 | [Owner : bette | Parent : 504(svchost.exe) | 33.01 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe [06/10/2021 14:29:50] 28420 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 6.41 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 8108 | [Owner : Système | Parent : 928(services.exe) | 6.73 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 1188 | [Owner : bette | Parent : 504(svchost.exe) | 27.35 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe [06/10/2021 14:29:50] 14224 | [Owner : bette | Parent : 4104(nvcontainer.exe) | 15.07 Mo] - (.NVIDIA Corporation - NVIDIA ShadowPlay Helper.) - (3.25.0.84) = C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe [14/03/2022 16:22:55] 13484 | [Owner : bette | Parent : 30020(nvcontainer.exe) | 60.35 Mo] - (.NVIDIA Corporation - NVIDIA Share.) - (73.3683.1933.5) = C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [14/03/2022 16:22:54] 22464 | [Owner : bette | Parent : 13484(NVIDIA Share.exe) | 38.09 Mo] - (.NVIDIA Corporation - NVIDIA Share.) - (73.3683.1933.5) = C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [14/03/2022 16:22:54] 13576 | [Owner : bette | Parent : 13484(NVIDIA Share.exe) | 77.77 Mo] - (.NVIDIA Corporation - NVIDIA Share.) - (73.3683.1933.5) = C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [14/03/2022 16:22:54] 8904 | [Owner : bette | Parent : 504(svchost.exe) | 27.98 Mo] - (.Microsoft Corporation - Windows Defender SmartScreen.) - (10.0.19041.1566) = C:\Windows\System32\smartscreen.exe [16/03/2022 17:22:22] 23640 | [Owner : bette | Parent : 10360(explorer.exe) | 10.58 Mo] - (.Microsoft Corporation - Windows Security notification icon.) - (10.0.19041.1) = C:\Windows\System32\SecurityHealthSystray.exe [07/12/2019 10:08:41] 22212 | [Owner : bette | Parent : 27552() | 68.18 Mo] - (.AVAST Software - Avast Antivirus.) - (22.2.7013.0) = C:\Program Files\Avast Software\Avast\AvastUI.exe [14/03/2022 21:57:55] 29368 | [Owner : bette | Parent : 10360(explorer.exe) | 82.43 Mo] - (.Microsoft Corporation - Microsoft OneDrive.) - (22.45.227.4) = C:\Users\bette\AppData\Local\Microsoft\OneDrive\OneDrive.exe [14/03/2022 14:36:52] 7976 | [Owner : bette | Parent : 10360(explorer.exe) | 130.04 Mo] - (.Epic Games, Inc. - EpicGamesLauncher.) - (13.3.1.0) = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [14/03/2022 18:52:41] 22916 | [Owner : bette | Parent : 15012() | 77.86 Mo] - (.Discord Inc. - Discord.) - (1.0.9004.0) = C:\Users\bette\AppData\Local\Discord\app-1.0.9004\Discord.exe [14/03/2022 15:45:09] 20028 | [Owner : bette | Parent : 10360(explorer.exe) | 108.31 Mo] - (.NZXT, Inc. - NZXT CAM.) - (4.34.1.12) = C:\Program Files\NZXT CAM\NZXT CAM.exe [25/03/2022 22:30:32] 25868 | [Owner : bette | Parent : 22916(Discord.exe) | 25.64 Mo] - (.Discord Inc. - Discord.) - (1.0.9004.0) = C:\Users\bette\AppData\Local\Discord\app-1.0.9004\Discord.exe [14/03/2022 15:45:09] 17300 | [Owner : bette | Parent : 22916(Discord.exe) | 91.58 Mo] - (.Discord Inc. - Discord.) - (1.0.9004.0) = C:\Users\bette\AppData\Local\Discord\app-1.0.9004\Discord.exe [14/03/2022 15:45:09] 25480 | [Owner : bette | Parent : 20028(NZXT CAM.exe) | 25.27 Mo] - (.NZXT, Inc. - NZXT CAM.) - (4.34.1.12) = C:\Program Files\NZXT CAM\NZXT CAM.exe [25/03/2022 22:30:32] 27184 | [Owner : bette | Parent : 22916(Discord.exe) | 40.74 Mo] - (.Discord Inc. - Discord.) - (1.0.9004.0) = C:\Users\bette\AppData\Local\Discord\app-1.0.9004\Discord.exe [14/03/2022 15:45:09] 22344 | [Owner : bette | Parent : 20028(NZXT CAM.exe) | 85.29 Mo] - (.NZXT, Inc. - NZXT CAM.) - (4.34.1.12) = C:\Program Files\NZXT CAM\NZXT CAM.exe [25/03/2022 22:30:32] 27452 | [Owner : bette | Parent : 20028(NZXT CAM.exe) | 39.31 Mo] - (.NZXT, Inc. - NZXT CAM.) - (4.34.1.12) = C:\Program Files\NZXT CAM\NZXT CAM.exe [25/03/2022 22:30:32] 19352 | [Owner : bette | Parent : 7976(EpicGamesLauncher.exe) | 44.7 Mo] - (.Epic Games, Inc. - EpicWebHelper.) - (4.23.0.0) = C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe [14/03/2022 18:52:41] 24900 | [Owner : bette | Parent : 26044() | 133.59 Mo] - (.Spotify Ltd - Spotify.) - (1.1.81.604) = C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe [18/03/2022 15:10:59] 10972 | [Owner : bette | Parent : 24900(Spotify.exe) | 17.84 Mo] - (.Spotify Ltd - Spotify.) - (1.1.81.604) = C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe [18/03/2022 15:10:59] 24076 | [Owner : bette | Parent : 7976(EpicGamesLauncher.exe) | 31.19 Mo] - (.Epic Games, Inc. - EpicWebHelper.) - (4.23.0.0) = C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe [14/03/2022 18:52:41] 17940 | [Owner : bette | Parent : 24900(Spotify.exe) | 40.24 Mo] - (.Spotify Ltd - Spotify.) - (1.1.81.604) = C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe [18/03/2022 15:10:59] 27576 | [Owner : bette | Parent : 24900(Spotify.exe) | 23.65 Mo] - (.Spotify Ltd - Spotify.) - (1.1.81.604) = C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe [18/03/2022 15:10:59] 25376 | [Owner : bette | Parent : 24900(Spotify.exe) | 38.15 Mo] - (.Spotify Ltd - Spotify.) - (1.1.81.604) = C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe [18/03/2022 15:10:59] 2680 | [Owner : bette | Parent : 24900(Spotify.exe) | 111.68 Mo] - (.Spotify Ltd - Spotify.) - (1.1.81.604) = C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe [18/03/2022 15:10:59] 12904 | [Owner : bette | Parent : 20028(NZXT CAM.exe) | 131.14 Mo] - (.NZXT, Inc. - NZXT CAM.) - (4.34.1.12) = C:\Program Files\NZXT CAM\NZXT CAM.exe [25/03/2022 22:30:32] 15892 | [Owner : bette | Parent : 22916(Discord.exe) | 187.72 Mo] - (.Discord Inc. - Discord.) - (1.0.9004.0) = C:\Users\bette\AppData\Local\Discord\app-1.0.9004\Discord.exe [14/03/2022 15:45:09] 17396 | [Owner : bette | Parent : 12904(NZXT CAM.exe) | 10.77 Mo] - (.-.) - (3.3.2.0) = C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\target\x86_64-pc-windows-msvc\release\cam_helper.exe [25/03/2022 22:30:32] 16284 | [Owner : bette | Parent : 17396(cam_helper.exe) | 13.48 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.19041.1566) = C:\Windows\System32\conhost.exe [16/03/2022 17:22:38] 11332 | [Owner : bette | Parent : 17396(cam_helper.exe) | 10.05 Mo] - (.-.) - (3.3.2.0) = C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\target\x86_64-pc-windows-msvc\release\cam_helper.exe [25/03/2022 22:30:32] 25904 | [Owner : bette | Parent : 17396(cam_helper.exe) | 10.3 Mo] - (.-.) - (3.3.2.0) = C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\target\x86_64-pc-windows-msvc\release\cam_helper.exe [25/03/2022 22:30:32] 2984 | [Owner : bette | Parent : 17396(cam_helper.exe) | 31.43 Mo] - (.-.) - (3.3.2.0) = C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\target\x86_64-pc-windows-msvc\release\cam_helper.exe [25/03/2022 22:30:32] 19196 | [Owner : Système | Parent : 504(svchost.exe) | 10.74 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.19041.546) = C:\Windows\System32\wbem\WmiPrvSE.exe [06/10/2021 14:30:16] 11972 | [Owner : bette | Parent : 20028(NZXT CAM.exe) | 87.64 Mo] - (.NZXT, Inc. - NZXT CAM.) - (4.34.1.12) = C:\Program Files\NZXT CAM\NZXT CAM.exe [25/03/2022 22:30:32] 13548 | [Owner : bette | Parent : 504(svchost.exe) | 58.3 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.19041.1320) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [16/03/2022 17:23:22] 13940 | [Owner : bette | Parent : 504(svchost.exe) | 21.9 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe [06/10/2021 14:29:50] 30008 | [Owner : SERVICE RÉSEAU | Parent : 928(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 12564 | [Owner : bette | Parent : 504(svchost.exe) | 79.44 Mo] - (.Microsoft Corporation - Xbox Game Bar.) - (5.721.12013.0) = C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBar.exe [16/03/2022 14:29:23] 29720 | [Owner : bette | Parent : 504(svchost.exe) | 51.72 Mo] - (.-.) - (10.22011.1003.0) = C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.22011.10031.0_x64__8wekyb3d8bbwe\Video.UI.exe [16/03/2022 14:30:55] 25392 | [Owner : Système | Parent : 928(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 22416 | [Owner : bette | Parent : 22916(Discord.exe) | 60.45 Mo] - (.Discord Inc. - Discord.) - (1.0.9004.0) = C:\Users\bette\AppData\Local\Discord\app-1.0.9004\Discord.exe [14/03/2022 15:45:09] 24408 | [Owner : bette | Parent : 504(svchost.exe) | 10.35 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe [06/10/2021 14:29:50] 24488 | [Owner : bette | Parent : 928(services.exe) | 22.12 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 23004 | [Owner : bette | Parent : 504(svchost.exe) | 26.03 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe [06/10/2021 14:29:50] 23176 | [Owner : bette | Parent : 504(svchost.exe) | 25.04 Mo] - (.Microsoft Corporation - Xbox Game Bar Full Trust COM Server.) - (5.721.12013.0) = C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe [16/03/2022 14:29:23] 27700 | [Owner : bette | Parent : 928(services.exe) | 37.97 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [16/03/2022 17:22:39] 17996 | [Owner : bette | Parent : 504(svchost.exe) | 31.82 Mo] - (.Microsoft Corporation - Application Frame Host.) - (10.0.19041.746) = C:\Windows\System32\ApplicationFrameHost.exe [06/10/2021 14:30:16] 8604 | [Owner : bette | Parent : 504(svchost.exe) | 38.3 Mo] - (.-.) - (10.21102.1141.0) = C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21102.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe [16/03/2022 14:29:54] 20036 | [Owner : bette | Parent : 504(svchost.exe) | 61.77 Mo] - (.Microsoft Corporation - Paramètres.) - (10.0.19041.1566) = C:\Windows\ImmersiveControlPanel\SystemSettings.exe [16/03/2022 17:23:27] 10976 | [Owner : bette | Parent : 504(svchost.exe) | 10.55 Mo] - (.Microsoft Corporation - User OOBE Broker.) - (10.0.19041.746) = C:\Windows\System32\oobe\UserOOBEBroker.exe [06/10/2021 14:30:37] 11180 | [Owner : bette | Parent : 10308() | 92.84 Mo] - (.Valve Corporation - Steam.) - (7.15.2.67) = C:\Program Files (x86)\Steam\steam.exe [05/02/2021 00:13:58] 2752 | [Owner : bette | Parent : 11180(steam.exe) | 90.56 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (7.15.2.67) = C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [14/03/2022 19:33:26] 3712 | [Owner : bette | Parent : 2752(steamwebhelper.exe) | 15.58 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (7.15.2.67) = C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [14/03/2022 19:33:26] 13008 | [Owner : bette | Parent : 2752(steamwebhelper.exe) | 111.35 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (7.15.2.67) = C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [14/03/2022 19:33:26] 10808 | [Owner : bette | Parent : 2752(steamwebhelper.exe) | 32.02 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (7.15.2.67) = C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [14/03/2022 19:33:26] 19120 | [Owner : Système | Parent : 928(services.exe) | 12.49 Mo] - (.Valve Corporation - Steam Client Service.) - (7.15.2.67) = C:\Program Files (x86)\Common Files\Steam\steamservice.exe [14/03/2022 19:33:05] 2824 | [Owner : bette | Parent : 10360(explorer.exe) | 204.34 Mo] - (.Google LLC - Google Chrome.) - (99.0.4844.82) = C:\Program Files\Google\Chrome\Application\chrome.exe [14/03/2022 14:42:12] 7920 | [Owner : bette | Parent : 2824(chrome.exe) | 8.28 Mo] - (.Google LLC - Google Chrome.) - (99.0.4844.82) = C:\Program Files\Google\Chrome\Application\chrome.exe [14/03/2022 14:42:12] 1564 | [Owner : bette | Parent : 2824(chrome.exe) | 141.84 Mo] - (.Google LLC - Google Chrome.) - (99.0.4844.82) = C:\Program Files\Google\Chrome\Application\chrome.exe [14/03/2022 14:42:12] 3444 | [Owner : bette | Parent : 2824(chrome.exe) | 42.51 Mo] - (.Google LLC - Google Chrome.) - (99.0.4844.82) = C:\Program Files\Google\Chrome\Application\chrome.exe [14/03/2022 14:42:12] 9304 | [Owner : bette | Parent : 2824(chrome.exe) | 19.67 Mo] - (.Google LLC - Google Chrome.) - (99.0.4844.82) = C:\Program Files\Google\Chrome\Application\chrome.exe [14/03/2022 14:42:12] 6444 | [Owner : bette | Parent : 2824(chrome.exe) | 60.43 Mo] - (.Google LLC - Google Chrome.) - (99.0.4844.82) = C:\Program Files\Google\Chrome\Application\chrome.exe [14/03/2022 14:42:12] 21892 | [Owner : bette | Parent : 2824(chrome.exe) | 72.19 Mo] - (.Google LLC - Google Chrome.) - (99.0.4844.82) = C:\Program Files\Google\Chrome\Application\chrome.exe [14/03/2022 14:42:12] 4752 | [Owner : bette | Parent : 2824(chrome.exe) | 123.57 Mo] - (.Google LLC - Google Chrome.) - (99.0.4844.82) = C:\Program Files\Google\Chrome\Application\chrome.exe [14/03/2022 14:42:12] 8664 | [Owner : bette | Parent : 2824(chrome.exe) | 41.43 Mo] - (.Google LLC - Google Chrome.) - (99.0.4844.82) = C:\Program Files\Google\Chrome\Application\chrome.exe [14/03/2022 14:42:12] 14048 | [Owner : bette | Parent : 2824(chrome.exe) | 48.06 Mo] - (.Google LLC - Google Chrome.) - (99.0.4844.82) = C:\Program Files\Google\Chrome\Application\chrome.exe [14/03/2022 14:42:12] 4628 | [Owner : bette | Parent : 504(svchost.exe) | 51.18 Mo] - (.Microsoft Corporation -.) - (121.9202.4105.0) = C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe [16/03/2022 17:23:25] 14288 | [Owner : bette | Parent : 2824(chrome.exe) | 60.68 Mo] - (.Google LLC - Google Chrome.) - (99.0.4844.82) = C:\Program Files\Google\Chrome\Application\chrome.exe [14/03/2022 14:42:12] 1684 | [Owner : bette | Parent : 2824(chrome.exe) | 126.16 Mo] - (.Google LLC - Google Chrome.) - (99.0.4844.82) = C:\Program Files\Google\Chrome\Application\chrome.exe [14/03/2022 14:42:12] 1004 | [Owner : bette | Parent : 2824(chrome.exe) | 52.4 Mo] - (.Google LLC - Google Chrome.) - (99.0.4844.82) = C:\Program Files\Google\Chrome\Application\chrome.exe [14/03/2022 14:42:12] 15400 | [Owner : bette | Parent : 2824(chrome.exe) | 73.62 Mo] - (.Google LLC - Google Chrome.) - (99.0.4844.82) = C:\Program Files\Google\Chrome\Application\chrome.exe [14/03/2022 14:42:12] 18616 | [Owner : bette | Parent : 2752(steamwebhelper.exe) | 90.03 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (7.15.2.67) = C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [14/03/2022 19:33:26] 1056 | [Owner : bette | Parent : 2752(steamwebhelper.exe) | 127.12 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (7.15.2.67) = C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [14/03/2022 19:33:26] 15288 | [Owner : bette | Parent : 2752(steamwebhelper.exe) | 109.02 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (7.15.2.67) = C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [14/03/2022 19:33:26] 21024 | [Owner : bette | Parent : 2824(chrome.exe) | 18.08 Mo] - (.Google LLC - Google Chrome.) - (99.0.4844.82) = C:\Program Files\Google\Chrome\Application\chrome.exe [14/03/2022 14:42:12] 4224 | [Owner : bette | Parent : 2824(chrome.exe) | 288.06 Mo] - (.Google LLC - Google Chrome.) - (99.0.4844.82) = C:\Program Files\Google\Chrome\Application\chrome.exe [14/03/2022 14:42:12] 9252 | [Owner : bette | Parent : 2752(steamwebhelper.exe) | 50.64 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (7.15.2.67) = C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [14/03/2022 19:33:26] 3136 | [Owner : bette | Parent : 22212(AvastUI.exe) | 42.76 Mo] - (.AVAST Software - Avast Antivirus.) - (22.2.7013.0) = C:\Program Files\Avast Software\Avast\AvastUI.exe [14/03/2022 21:57:55] 17484 | [Owner : bette | Parent : 22212(AvastUI.exe) | 34.96 Mo] - (.AVAST Software - Avast Antivirus.) - (22.2.7013.0) = C:\Program Files\Avast Software\Avast\AvastUI.exe [14/03/2022 21:57:55] 3472 | [Owner : bette | Parent : 22212(AvastUI.exe) | 41.22 Mo] - (.AVAST Software - Avast Antivirus.) - (22.2.7013.0) = C:\Program Files\Avast Software\Avast\AvastUI.exe [14/03/2022 21:57:55] 18008 | [Owner : bette | Parent : 2824(chrome.exe) | 50.97 Mo] - (.SosVirus - QuickDiag.) - (8.28.22.1) = C:\Users\bette\Downloads\QuickDiag.exe [26/03/2022 18:23:27] 28184 | [Owner : SERVICE RÉSEAU | Parent : 504(svchost.exe) | 12.66 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.19041.546) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [06/10/2021 14:30:47] ---------- | Locked Applications ---------- | Policy Restrictions ---------- | Explorer.exe Modules (Microsoft Files Whitelisted) (.AVAST Software.-.Avast Hook Library.) - (22.2.7013.0) -- C:\Program Files\Avast Software\Avast\aswhook.dll (..-..) - (0.0.0.0) -- C:\Windows\SYSTEM32\UMPDC.dll (..-..) - (0.0.0.0) -- C:\Windows\SYSTEM32\TextShaping.dll (.NVIDIA Corporation.-.NVIDIA Driver Loader, Version 511.79.) - (30.0.15.1179) -- C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_3b12ac0f95b18b9d\nvldumdx.dll (.NVIDIA Corporation.-.NVIDIA D3D10 Driver, Version 511.79.) - (30.0.15.1179) -- C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_3b12ac0f95b18b9d\nvwgf2umx_cfg.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\WindowManagementAPI.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\VirtualMonitorManager.dll (.AVAST Software.-.Avast Shell Extension.) - (22.2.7013.0) -- C:\Program Files\Avast Software\Avast\ashShell.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\Windows.Internal.UI.Shell.WindowTabManager.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellExperiences\TileControl.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellComponents\TaskFlowUI.dll (.The ICU Project.-.ICU Combined Library.) - (64.2.0.0) -- C:\Windows\System32\icu.dll ---------- | Winlogon.exe Modules (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\Windows\System32\UMPDC.dll ---------- | svchost.exe Modules (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- c:\windows\system32\UMPDC.dll (..-..) - (0.0.0.0) -- c:\windows\system32\TextShaping.dll (.AVAST Software.-.Avast AMSI COM object.) - (22.2.7013.0) -- C:\Program Files\Avast Software\Avast\aswAMSI.dll (.SQLite Development Team.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.29.0.0) -- c:\windows\system32\winsqlite3.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\WindowManagementAPI.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\usocoreps.dll (.NVIDIA Corporation.-.NVIDIA H.264 Encoder MFT, Version 511.79.) - (30.0.15.1179) -- C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_3b12ac0f95b18b9d\nvEncMFTH264x.dll ---------- | Windows Installer Installations (Advanced Micro Devices, Inc.) AMD Ryzen Balanced Driver - Install. : 14/03/2022 - Package : C:\Windows\Installer\17bba.msi (Google LLC) Google Chrome - Install. : 14/03/2022 - Package : C:\Windows\Installer\9e0b2.msi (Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 - Install. : 14/03/2022 - Package : c:\Windows\Installer\95664.msi (Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - Install. : 14/03/2022 - Package : c:\Windows\Installer\9671d.msi (Microsoft Corporation) Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 - Install. : 14/03/2022 - Package : C:\Windows\Installer\17b80.msi (Microsoft Corporation) Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 - Install. : 14/03/2022 - Package : C:\Windows\Installer\17b84.msi (Microsoft Corporation) Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 - Install. : 14/03/2022 - Package : C:\Windows\Installer\17b68.msi (Epic Games, Inc.) Epic Games Launcher - Install. : 14/03/2022 - Package : C:\Windows\Installer\43589b.msi (Microsoft Corporation) Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 - Install. : 14/03/2022 - Package : C:\Windows\Installer\17b6c.msi (Epic Games, Inc.) Epic Online Services - Install. : 14/03/2022 - Package : C:\Windows\Installer\43589f.msi (Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) - Install. : 14/03/2022 - Package : C:\Windows\Installer\4358a3.msi (Microsoft Corporation) Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.27.29016 - Install. : 21/03/2022 - Package : C:\Windows\Installer\a7df056.msi (Microsoft Corporation) Microsoft Visual C++ 2019 X64 Additional Runtime - 14.27.29016 - Install. : 21/03/2022 - Package : C:\Windows\Installer\a7df06a.msi (Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 - Install. : 14/03/2022 - Package : C:\Windows\Installer\17b94.msi (Advanced Micro Devices, Inc.) AMD_Chipset_Drivers - Install. : 14/03/2022 - Package : C:\Windows\Installer\17ba2.msi (Cybelsoft) DriversCloud.com - Install. : 14/03/2022 - Package : C:\Windows\Installer\9e0b5.msi (Microsoft Corporation) Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 - Install. : 14/03/2022 - Package : C:\Windows\Installer\17b90.msi (Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 - Install. : 14/03/2022 - Package : C:\Windows\Installer\3831d2.msi (Microsoft Corporation) Microsoft Visual C++ 2019 X86 Additional Runtime - 14.22.27821 - Install. : 14/03/2022 - Package : C:\Windows\Installer\17bde.msi (Advanced Micro Devices, Inc.) AMD PSP Driver - Install. : 14/03/2022 - Package : C:\Windows\Installer\17bb2.msi (Microsoft Corporation) Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.22.27821 - Install. : 14/03/2022 - Package : C:\Windows\Installer\17bca.msi (Advanced Micro Devices, Inc.) AMD Embedded SMBus Driver - Install. : 14/03/2022 - Package : C:\Windows\Installer\17bbe.msi (Microsoft Corporation) Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 - Install. : 14/03/2022 - Package : C:\Windows\Installer\3831b7.msi (Microsoft Corporation) Microsoft Update Health Tools - Install. : 16/03/2022 - Package : C:\Windows\Installer\90a19.msi (Advanced Micro Devices, Inc.) AMD SBxxx SMBus Driver - Install. : 14/03/2022 - Package : C:\Windows\Installer\17bae.msi (Advanced Micro Devices, Inc.) AMD Software - Install. : 14/03/2022 - Package : C:\Windows\Installer\17b98.msi (Advanced Micro Devices, Inc.) AMD WDT Driver - Install. : 14/03/2022 - Package : C:\Windows\Installer\17bb6.msi (Advanced Micro Devices, Inc.) Balanced - Install. : 14/03/2022 - Package : C:\Windows\Installer\17b9c.msi (Advanced Micro Devices, Inc.) AMD PCI Driver - Install. : 14/03/2022 - Package : C:\Windows\Installer\17baa.msi (Advanced Micro Devices, Inc.) AMD GPIO2 Driver - Install. : 14/03/2022 - Package : C:\Windows\Installer\17ba6.msi ---------- | Windows Updates KB5009467 - Installed On : 03/16/2022 - [Update] KB5003791 - Installed On : 10/06/2021 - [Update] KB5011487 - Installed On : 03/16/2022 - [Security Update] KB5011352 - Installed On : 03/16/2022 - [Security Update] KB5005699 - Installed On : 10/06/2021 - [Security Update] ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up [HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[OneDriveSetup] : C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[OneDriveSetup] : C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[OneDrive] : "C:\Users\bette\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Discord] : C:\Users\bette\AppData\Local\Discord\Update.exe --processStart Discord.exe [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[EpicGamesLauncher] : "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[Steam] : "C:\Program Files (x86)\Steam\steam.exe" -silent [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[NZXT.CAM] : C:\Program Files\NZXT CAM\NZXT CAM.exe --startup [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[SecurityHealth] : %windir%\system32\SecurityHealthSystray.exe [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]|[AvastUI.exe] : "C:\Program Files\Avast Software\Avast\AvLaunch.exe" /gui [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\bette\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background "Discord"=C:\Users\bette\AppData\Local\Discord\Update.exe --processStart Discord.exe "EpicGamesLauncher"="C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent "Steam"="C:\Program Files (x86)\Steam\steam.exe" -silent "NZXT.CAM"=C:\Program Files\NZXT CAM\NZXT CAM.exe --startup [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "OneDrive"=0x020000000000000000000000 "Discord"=0x020000000000000000000000 "EpicGamesLauncher"=0x020000000000000000000000 "Steam"=0x020000000000000000000000 "NZXT.CAM"=0x020000000000000000000000 [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "Device"=Microsoft Print to PDF,winspool,Ne01: "IsMRUEstablished"=0 "LegacyDefaultPrinterMode"=0 "MenuDropAlignment"=0 [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "SecurityHealth"=%windir%\system32\SecurityHealthSystray.exe "AvastUI.exe"="C:\Program Files\Avast Software\Avast\AvLaunch.exe" /gui [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "SecurityHealth"=0x040000000000000000000000 "AvastUI.exe"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32] "Discord"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 "Win32kLastWriteTime"=1D83952094A997D [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "Discord"=C:\ProgramData\SquirrelMachineInstalls\Discord.exe --checkInstall [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Win.ini : ---------- | System.ini : ---------- | Tasks List AMD Updater Avast Emergency Update Avast SecureLine VPN Update GoogleUpdateTaskMachineCore{EB9EF458-87F1-4D2F-BA34-E8F5B4B97BB0} GoogleUpdateTaskMachineUA{90AB78CA-1892-4D23-BA18-DD0DC834E488} MicrosoftEdgeShadowStackRollbackTask MicrosoftEdgeUpdateTaskMachineCore MicrosoftEdgeUpdateTaskMachineUA NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} OneDrive Reporting Task-S-1-5-21-3647221497-3949391349-1226619127-1001 OneDrive Standalone Update Task-S-1-5-21-3647221497-3949391349-1226619127-1001 ---------- | Startings up registry ¦ Folder ---------- | Control - lsa - SecurityProviders - Session Manager - Terminal Server [HKLM\System\CurrentControlSet\Control] "BootDriverFlags"=28 "CurrentUser"=USERNAME "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM AppIdSvc "PreshutdownOrder"=DeviceInstall UsoSvc gpsvc trustedinstaller "SvcHostSplitThresholdInKB"=3670016 "WaitToKillServiceTimeout"=2000 "SystemStartOptions"= NOEXECUTE=OPTIN NOVGA "SystemBootDevice"=multi(0)disk(0)rdisk(1)partition(3) "FirmwareBootDevice"=multi(0)disk(0)rdisk(1)partition(1) "LastBootSucceeded"=1 "LastBootShutdown"=1 "DirtyShutdownCount"=8 [HKLM\System\CurrentControlSet\Control\lsa] "auditbasedirectories"=0 "auditbaseobjects"=0 "Bounds"=0x0030000000200000 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Security Packages"="" [14/03/2022 14:33:54] "Notification Packages"=scecli "Authentication Packages"=msv1_0 "LsaPid"=944 "LsaCfgFlagsDefault"=0 "SecureBoot"=1 "ProductType"=6 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "restrictanonymous"=0 "restrictanonymoussam"=1 "SamConnectedAccountsExist"=1 [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Session Manager] "AutoChkTimeout"=8 "BootExecute"=autocheck autochk * "BootShell"=%SystemRoot%\system32\bootim.exe "CriticalSectionTimeout"=2592000 "ExcludeFromKnownDlls"= "GlobalFlag"=0 "GlobalFlag2"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "InitConsoleFlags"=0 "NumberOfInitialSessions"=2 "ObjectDirectories"=\Windows \RPC Control "ProcessorControl"=2 "ProtectionMode"=1 "ResourceTimeoutCount"=150 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager "SETUPEXECUTE"= "AutoChkSkipSystemPartition"=0 "PendingFileRenameOperations"=\??\C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe.icarus.backup.1648126978 \??\C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe.to_delete.1648126978 \??\C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\temp\asw-27d4b368-3213-4d1d-a43e-6df89243a648\common1\product-info.xml \??\C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\temp\asw-27d4b368-3213-4d1d-a43e-6df89243a648\common1\product-def.xml \??\C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\temp\asw-27d4b368-3213-4d1d-a43e-6df89243a648\common1\icarus.exe \??\C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\temp\asw-27d4b368-3213-4d1d-a43e-6df89243a648\common1\dump_process.exe \??\C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\temp\asw-27d4b368-3213-4d1d-a43e-6df89243a648\common1\config.def \??\C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\temp\asw-27d4b368-3213-4d1d-a43e-6df89243a648\common1\bug_report.exe \??\C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\temp\asw-27d4b368-3213-4d1d-a43e-6df89243a648\common1 \??\C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\temp\asw-27d4b368-3213-4d1d-a43e-6df89243a648 \??\C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\temp \??\C:\Users\bette\AppData\Local\Temp\nshFF84.tmp\nsProcess.dll \??\C:\Users\bette\AppData\Local\Temp\nshFF84.tmp\ \??\C:\Windows\Temp\7f49027f-647f-47e8-8e8c-99a969dee4c0.tmp [HKLM\System\CurrentControlSet\Control\Terminal Server] "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "DeleteTempDirsOnExit"=1 "fDenyTSConnections"=1 "fSingleSessionPerUser"=1 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "ProductVersion"=5.1 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "StartRCM"=0 "TSUserEnabled"=0 "RailShowallNotifyIcons"=1 "RDPVGCInstalled"=1 "InstanceID"=a61d2f47-469c-46c1-9142-8e4ac77 "GlassSessionId"=3 ---------- | .LNK with Arguments ---------- | AppCertDlls ---------- | Dnsapi.dll C:\Windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Control Panel\Desktop] "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretTimeout"=5000 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "MouseWheelRouting"=2 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "ScreenSaveActive"=1 "SnapSizing"=1 "TileWallpaper"=0 "WallPaper"=C:\Users\bette\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\fire watch.jpg [14/03/2022 14:39:38] "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "Win8DpiScaling"=0 "DpiScalingVer"=4096 "UserPreferencesMask"=0x9E1E078012000000 "MaxVirtualDesktopDimension"=3840 "MaxMonitorDimension"=1920 "TranscodedImageCount"=2 "LastUpdated"=4294967295 "TranscodedImageCache"=0x7AC301002BB407008007000038040000930E22F3A837D80143003A005C00550073006500720073005C00620065007400740065005C0041007000700044006100740061005C004C006F00630061006C005C004D006900630072006F0073006F00660074005C00570069006E0064006F00770073005C005400680065006D00650073005C0052006F0061006D00650064005400680065006D006500460069006C00650073005C004400650073006B0074006F0070004200610063006B00670072006F0075006E0064005C0066006900720065002000770061007400630068002E006A0070006700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "WaitToKillAppTimeout"=2000 "HungAppTimeout"=2000 [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{018D5C66-4533-4307-9B53-224DE2ED1FE6}"=1 [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Microsoft\Windows\CurrentVersion\Explorer] "ExplorerStartupTraceRecorded"=1 "ShellState"=0x240000003528000000000000000000000000000001000000130000000000000062000000 "UserSignedIn"=1 "SIDUpdatedOnLibraries"=1 "LocalKnownFoldersMigrated"=1 "TelemetrySalt"=0 "GlobalAssocChangedCounter"=35 "FirstRunTelemetryComplete"=1 "AppReadinessLogonComplete"=1 "PostAppInstallTasksCompleted"=1 "ExcludedFromStableAnaheimDownloadPromotionSL"=1 "SlowContextMenuEntries"=0x6024B221EA3A6910A2DC08002B30309DD50100000114020000000000C00000000000004623020000B083204722C5CF11876300608CC02F246D00000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "link"=0x16000000 [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=1 "ShowCompColor"=1 "HideFileExt"=1 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "ShowSuperHidden"=0 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ShowStatusBar"=1 "StoreAppsOnTaskbar"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "ShowCortanaButton"=1 "StartMenuInit"=13 "TaskbarStateLastRun"=0x9E7F386200000000 "ReindexedProfile"=1 "NavPaneShowAllFolders"=1 [HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "AccessDeniedDialog"={100B4FC8-74C1-470F-B1B7-DD7B6BAE79BD} "GlobalAssocChangedCounter"=3 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "AccessDeniedDialog"={100B4FC8-74C1-470F-B1B7-DD7B6BAE79BD} "GlobalAssocChangedCounter"=7 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders "BuildNumber"=19044 "FirstLogon"=0 "ParseAutoexec"=1 "PUUActive"=0x23E86B57010007001B0048007600030054BC030054BC0300D200000002001800F6EB71FF6D4B09002B5A040051CE0100DAB701003FCF0000000000000000000000000000D3FD0300100D0000760100009A10F693AE40D80176000300000000000100000076000300644A00006D1D00008BFAA80000000000 "DP"=0xD200E800150007001B00000023E86B57000000000000000022E598CC3541D80122E598CC3541D801000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000F03F80510100CCF100C00F26BE619F26BE61FCEB00C0D0340200D0350200691B008098B1000D99B1090D6A4C0080340804283408052CB607018000200300002003100BA2008081500121817901317E7D00C02901B0212923F02147410100026504030265042F8E0F00802206B026A206F436892000800412024115163A41083100004020804344228043 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "DisableBackButton"=1 "EnableSIHostIntegration"=1 "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "ReportBootOk"=1 "Shell"=explorer.exe "ShellCritical"=0 "ShellInfrastructure"=sihost.exe "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "Userinit"=C:\Windows\system32\userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "WinStationsDisabled"=0 "scremoveoption"=0 "DisableCAD"=1 "LastLogOffEndTimePerfCounter"=1303757838474 "ShutdownFlags"=51 "DisableLockWorkstation"=0 "EnableFirstLogonAnimation"=1 "AutoLogonSID"=S-1-5-21-3647221497-3949391349-1226619127-1001 "LastUsedUsername"=bette [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultDomainName"= "DefaultUserName"= "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell"=explorer.exe "ShellCritical"=0 "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\Classes\Folder] ""=Folder "AppUserModelID"=Microsoft.Windows.Explorer "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\WOW6432Node\Classes\Folder] ""=Folder "AppUserModelID"=Microsoft.Windows.Explorer "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [16/03/2022 17:23:25] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\Clients\StartMenuInternet\Microsoft Edge\Shell\open\Command] ""="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" [HKLM\Software\Clients\StartMenuInternet\Microsoft Edge\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [16/03/2022 17:23:25] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Microsoft Edge\Shell\open\Command] ""="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Microsoft Edge\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --make-default-browser ---------- | AppcompatFlags [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\Users\bette\AppData\Local\Temp\7zSCADED965\setup.exe"=1 "C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe"=33 "C:\Program Files (x86)\Realtek\NICDRV_8169\RTINSTALLER64.EXE"=1 [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\Users\bette\AppData\Local\Microsoft\OneDrive\19.043.0304.0013\FileSyncConfig.exe"=0x534143500100000000000000070000002800000060AE040085EF040001000000000000000000000A0021000050BB64EDDDACD5010000000100000000 "C:\Users\bette\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe"=0x534143500100000000000000070000002800000078A7080067EF080001000000000000000000000A0021000050BB64EDDDACD5010000000100000000 "C:\Users\bette\Downloads\Ninite Chrome Discord Spotify WinRAR Installer.exe"=0x5341435001000000000000000700000028000000587D060060F7060001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000063C50000000000000100000001000000 "C:\Program Files\WinRAR\Uninstall.exe"=0x53414350010000000000000007000000280000009872060096BE060001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000080000000000000000000000000000000006D000000000000000100000001000000 "C:\Users\bette\AppData\Local\Temp\81a333ce-a39c-11ec-b778-d8bbc14ac601\DiscordSetup.exe"=0x5341435001000000000000000700000028000000A814F204AB0BF3040100000000000000000003060001000050BB64EDDDACD5010000000000000000 "C:\Users\bette\AppData\Roaming\Spotify\Spotify.exe"=0x5341435001000000000000000700000028000000B80326017DC7260101000000000000000000000A0021000050BB64EDDDACD5010000000000000000 "C:\Users\bette\AppData\Local\Discord\Update.exe"=0x5341435001000000000000000700000028000000A01417002BF8170001000000000000000000000A7522000050BB64EDDDACD5010000000000000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.180.699.0_x86__zpdnekdrzrea0\SpotifyStartupTask.exe"=0x5341435001000000000000000700000028000000B8D701002AEF010001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000D05B8A01000000000400000004000000 "C:\Program Files (x86)\Call of Duty Modern Warfare\Modern Warfare Launcher.exe"=0x5341435001000000000000000700000028000000B04D4A009FC34A0001000000000000000000000A0021000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000800000000200000028000000000000008000000000000000000000000000000000000000E0CF2800000000000300000003000000 "C:\Users\bette\Desktop\DriversCloud_Install\drivers_70560_amd-chipset-drivers-software-17.10rcp22-apr27.exe"=0x53414350010000000000000007000000280000004F65030C0000000001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000EE450100000000000100000001000000 "C:\Users\bette\Desktop\DriversCloud_Install\drivers_70699_sp80253.exe"=0x5341435001000000000000000700000028000000588F0500B0C305000100000000000000000001057100000050BB64EDDDACD5010000000000000000020000002800000000000000000800400000000000000000000000000000000016330000000000000100000001000000 "C:\Program Files\WinRAR\WinRAR.exe"=0x5341435001000000000000000700000028000000988A2500EB55260001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000E9DE0600000000001500000015000000 "C:\Users\bette\Desktop\DriversCloud_Install\drivers_75047_511.79-desktop-win10-win11-64bit-international-dch-whql.exe"=0x534143500100000000000000070000002800000088742B3150932B310100000000000000000002060001000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000C8330200000000000100000001000000 "C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"=0x5341435001000000000000000700000028000000D0F4320027FE320001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000DA3E0400000000000300000003000000 "C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe"=0x5341435001000000000000000700000028000000903B0300B1BF030001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000008000000000000000000000000000000000000000A8734C00000000000100000001000000 "C:\Program Files\CPUID\HWMonitor\HWMonitor.exe"=0x534143500100000000000000070000002800000098D9280087B3290001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000040000000000000000000000000000000006967AA00000000000300000003000000 "C:\Program Files (x86)\Origin\Origin.exe"=0x5341435001000000000000000700000028000000B8043000A15F300001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000041E40501000000000400000004000000 "C:\Program Files (x86)\Epic Games\Launcher\Portal\SelfUpdateStaging\Install\Portal\Extras\Redist\LauncherPrereqSetup_x64.exe"=0x53414350010000000000000007000000280000001833B1000C5DB1000100000000000000000003060001000050BB64EDDDACD50100000000000000000200000028000000000000008000004000000000000000000000000000000000D91D0000000000000100000001000000 "C:\Users\bette\AppData\Roaming\EasyAntiCheat\154\EasyAntiCheat.exe"=0x5341435001000000000000000700000028000000E8650C0036320D000100000000000000000003060001000050BB64EDDDACD5010000000000000000020000002800000000000000800000C00000000000000000000000000000000010000000000000000100000001000000 "C:\Program Files (x86)\Origin Games\Apex\r5apex.exe"=0x534143500100000000000000070000002800000070C9FE0191C5FF0101000000000000000000000A7320000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000043F33702000000001D0000001D000000 "SIGN.MEDIA=77C5BAEA Setup.exe"=0x534143500100000000000000070000002800000002B74000000000000100000000000000000001060001000050BB64EDDDACD501000000000000000002000000280000000000000000000040000000000000000000000000000000001F4D4D00000000000100000001000000 "C:\Program Files\Avast Software\Avast\AvastUI.exe"=0x534143500100000000000000070000002800000018E50801EFC4090101000000000000000000000A0021000050BB64EDDDACD5010000000000000000 "C:\Program Files (x86)\by Decepticon\Red Dead Redemption 2\Launcher.exe"=0x5341435001000000000000000700000028000000002402000000000001000000000000000000000A7320000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000CA2F0000000000000300000003000000 "C:\Program Files (x86)\by Decepticon\Red Dead Redemption 2\Uninstall\unins000.exe"=0x5341435001000000000000000700000028000000FE500E00000000000100000000000000000001060001000050BB64EDDDACD501000000000000000002000000280000000000000000000000000200000000000000000000000000007C150000000000000100000001000000 "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe"=0x5341435001000000000000000700000028000000E0A3010230C1010201000000000000000000000A0021000050BB64EDDDACD501000000000000000005000000100000000000000000000000000000000000000002000000500000000000000000000000000000000000000000000000000000005202000000000000010000000100000000000000000000400000000000000000000000000000000069060000000000000100000000000000 "C:\Program Files\Rockstar Games\Launcher\LauncherPatcher.exe"=0x534143500100000000000000070000002800000098CB07001C68080001000000000000000000000A7322000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000001DAC5D01000000000200000002000000 "C:\Users\bette\AppData\Local\Microsoft\OneDrive\22.033.0213.0002\FileSyncConfig.exe"=0x534143500100000000000000070000002800000078D90A00AE930B0001000000000000000000000A0021000050BB64EDDDACD5010000000100000000 "C:\Riot Games\Riot Client\RiotClientServices.exe"=0x5341435001000000000000000700000028000000282E2404FFDF240401000000000000000000000A7122000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000023155B00000000000300000003000000 "C:\Program Files (x86)\Steam\steam.exe"=0x5341435001000000000000000700000028000000A84B410041FC410001000000000000000000000A0021000050BB64EDDDACD5010000000100000000 "C:\Program Files\Rockstar Games\Red Dead Redemption 2\RDR2.exe"=0x534143500100000000000000070000002800000098FF5A05D20C5B0501000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000019FB3800000000000100000001000000 "C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\SpotifyStartupTask.exe"=0x5341435001000000000000000700000028000000B8D70100AB99020001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000056FC6F00000000000100000001000000 "C:\Users\bette\AppData\Local\Programs\gamcore\Gamcore.exe"=0x53414350010000000000000007000000280000000064D2050000000001000000000000000000000A0021000050BB64EDDDACD5010000000000000000 "C:\Users\bette\AppData\Local\Programs\gamcore\Uninstall Gamcore.exe"=0x534143500100000000000000070000002800000000F701000000000001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000005A0B0000000000000100000001000000 "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"=0x5341435001000000000000000700000028000000A0B135001C51360001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000100000000000000000000000000000000052020000000000000C0000000C000000 "C:\Users\bette\Documents\Abelton\Ableton Live Suite 11 WiN R2R Racky\Ableton Live 11 Suite Installer.exe"=0x534143500100000000000000070000002800000078272D01483A2D0101000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000037740300000000000100000001000000 "C:\Users\bette\Desktop\Ableton_KeyGen.exe"=0x5341435001000000000000000700000028000000F6B211000000000001000000000000000000000A0021000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000B2F90000000000000100000001000000 "C:\ProgramData\Ableton\Live 11 Suite\Program\Ableton Live 11 Suite.exe"=0x534143500100000000000000070000002800000000B6C905D26FCA0501000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000A8BE1800000000000500000005000000 "C:\Program Files\Google\Chrome\Application\chrome.exe"=0x5341435001000000000000000700000028000000580B2800F506290001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000BB397101000000000F0000000F000000 "C:\ProgramData\Package Cache\{92d4040b-4cb4-4710-802b-a742c194a235}\Ableton Live 11 Suite Installer.exe"=0x5341435001000000000000000700000028000000A0D80800B8ED080001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000AB441A00000000000100000001000000 "C:\Users\bette\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"=0x5341435001000000000000000700000028000000786D5103F380510301000000000000000000000A0021000050BB64EDDDACD5010000000100000000 "C:\Users\bette\AppData\Local\Microsoft\OneDrive\22.045.0227.0004\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000A0E50A007E340B0001000000000000000000000A0021000050BB64EDDDACD5010000000100000000 "C:\Users\bette\Downloads\Image Line - FLStudio 20.8.3 WiN AUDiOWAREZ\flstudio_win_20.8.3.2304.exe"=0x53414350010000000000000007000000280000007830093ACE270A3A01000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000639E6600000000000100000001000000 "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe"=0x5341435001000000000000000700000028000000E0892A00E5452B0001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000800000000000000000000000000000000000000071020000000000000100000001000000 "C:\Program Files\Image-Line\FL Studio 20\FL64.exe"=0x534143500100000000000000070000002800000048560400822705000100000000000000000003060001000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000995A0C00000000000600000006000000 "C:\Users\bette\Downloads\Xfer Serum 1.33b4 WiN MacOS r4e MORiA\WiN\Setup.exe"=0x534143500100000000000000070000002800000022B2CB09000000000100000000000000000001060001000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000F7000400000000000100000001000000 "C:\Program Files (x86)\Steinberg\VSTPlugins\Serum.exe"=0x534143500100000000000000070000002800000090582C0037A62C0001000000000000000000000A7122000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000CB000000000000000100000001000000 "C:\Users\bette\Desktop\FL STUDIO\VST\Nicky.Romero.Kickstart.v1.0.9\Nicky.Romero.Kickstart.v1.0.9\WIN\Nicky Romero - Kickstart 1.0.9 Setup.exe"=0x5341435001000000000000000700000028000000F15A8100000000000100000000000000000003060001000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000DFE70000000000000300000003000000 ---------- | IFEO ---------- | Mountpoints2 ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=132917384024791606 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "RemediationExe"=windowsdefender:// "ProductType"=2 "InstallTime"=0xE0F79029E337D801 "InstallLocation"=C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2201.10-0\ "ManagedDefenderProductType"=0 "OOBEInstallTime"=0x5C65EF85A837D801 "ProductStatus"=0 "HybridModeEnabled"=0 "VerifiedAndReputableTrustModeEnabled"=0 "DisableAntiSpyware"=1 "DisableAntiVirus"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CBDHSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MsQuic] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NgcCtnrSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NgcSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] ---------- | Winsock (Whitelist) ---------- | Hosts ---------- | Ping Envoi d'une requ?te 'ping' sur google.com [142.250.201.174] avec 32 octets de donn?es?: R?ponse de 142.250.201.174?: octets=32 temps=4 ms TTL=118 R?ponse de 142.250.201.174?: octets=32 temps=36 ms TTL=118 R?ponse de 142.250.201.174?: octets=32 temps=31 ms TTL=118 R?ponse de 142.250.201.174?: octets=32 temps=5 ms TTL=118 Statistiques Ping pour 142.250.201.174: Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%), Dur?e approximative des boucles en millisecondes : Minimum = 4ms, Maximum = 36ms, Moyenne = 19ms ---------- | @ [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Cache_Update_Frequency"=yes "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=%11%\blank.htm "Save_Session_History_On_Exit"=no "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "UseClearType"=no "XMLHTTP"=1 "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "ImageStoreRandomFolder"=zclcij0 [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Microsoft\Internet Explorer\TypedURLs] "url1"=http://go.microsoft.com/fwlink/p/?LinkId=255141 [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "CertificateRevocation"=1 "DisableCachingOfSSLPages"=0 "IE5_UA_Backup_Flag"=5.0 "PrivacyAdvanced"=1 "SecureProtocols"=2688 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "ZonesSecurityUpgrade"=0x5E032CCD7039D801 "WarnonZoneCrossing"=0 "EnableNegotiate"=1 "ProxyEnable"=0 "MigrateProxy"=1 "LockDatabase"=132917385952115847 [HKLM\Software\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings] "CallLegacyWCMPolicies"=0 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\SysWOW64\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\CurrentVersion\Internet Settings] "CallLegacyWCMPolicies"=0 ---------- | Proxy ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | Execution FileExts ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw] - {472083B0-C522-11CF-8763-00608CC02F24} -- C:\Program Files\Avast Software\Avast\ashShell.dll [14/03/2022 21:55:28] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- C:\Windows\System32\EhStorShell.dll [06/10/2021 14:30:30] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81} -- %SystemRoot%\System32\cscui.dll [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw] - {472083B0-C522-11CF-8763-00608CC02F24} -- C:\Program Files\Avast Software\Avast\x86\ashShell.dll [14/03/2022 21:55:24] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks] "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"= ---------- | Toolbar [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ---------- | Extensions ---------- | SearchScopes [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}] -> (IEToEdge BHO) : C:\Program Files (x86)\Microsoft\Edge\Application\99.0.1150.52\BHO\ie_to_edge_bho.dll [26/03/2022 18:23:24] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}] -> (IEToEdge BHO) : C:\Program Files (x86)\Microsoft\Edge\Application\99.0.1150.52\BHO\ie_to_edge_bho.dll [26/03/2022 18:23:24] ---------- | Chrome C:\Users\bette\AppData\Local\Google\Chrome\User Data\Default\extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb = : __MSG_5636646071825253269__ - __MSG_8969005060131950570__ - matches:[\u003Call_urls>] - https://clients2.google.com/service/update2/crx C:\Users\bette\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\bette\AppData\Local\Google\Chrome\User Data\Default\extensions\abopacaefhbognnmeigicfpgnmpideag = : The easiest way to create floor plans - http://floorplanner.com/chromedrive - Floorplanner - [*://floorplanner.com/] - http://clients2.google.com/service/update2/crx C:\Users\bette\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\bette\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\bette\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\bette\AppData\Local\Google\Chrome\User Data\Default\extensions\cfhdojbkjhnklbpkdaibdccddilifddb = : __MSG_description__ - short_name: __MSG_name__ - permissions:[tabs\u003Call_urls>contextMenuswebRequestwebRequestBlockingwebNavigationstorageunlimitedStoragenotifications] - https://clients2.google.com/service/update2/crx C:\Users\bette\AppData\Local\Google\Chrome\User Data\Default\extensions\cmhmcmgkegfffbbfobhjpdbimgmoohap = : Slate is cool and composed - Slate - https://clients2.google.com/service/update2/crx C:\Users\bette\AppData\Local\Google\Chrome\User Data\Default\extensions\ejkiikneibegknkgimmihdpcbcedgmpo = - Volume Booster - https://clients2.google.com/service/update2/crx C:\Users\bette\AppData\Local\Google\Chrome\User Data\Default\extensions\elnpfaoipdfdhikjacbpcfhpnehjjaii = : Tenez vous informé des lives de Sardoche ! Si vous êtes abonné profitez de pandora.com sans restrictions ainsi que youtube-HQ ! - Sardalert - https://clients2.google.com/service/update2/crx C:\Users\bette\AppData\Local\Google\Chrome\User Data\Default\extensions\emnoomldgleagdjapdeckpmebokijail = : __MSG_description__ - wanteeed - https://clients2.google.com/service/update2/crx C:\Users\bette\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\bette\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\bette\AppData\Local\Google\Chrome\User Data\Default\extensions\gighmmpiobklfepjocnamgkkbiglidom = : __MSG_description__ - short_name: __MSG_name__ - permissions:[tabs\u003Call_urls>contextMenuswebRequestwebRequestBlockingwebNavigationstorageunlimitedStoragenotificationsidlealarms] - https://clients2.google.com/service/update2/crx C:\Users\bette\AppData\Local\Google\Chrome\User Data\Default\extensions\nbcojefnccbanplpoffopkoepjmhgdgh = : Hoxx VPN Proxy service to unblock blocked websites and encrypt your connection. Completely free. - short_name: Hoxx VPN - permissions:[proxystoragewebRequestwebRequestBlockingnotifications\u003Call_urls>tabsmanagement] - https://clients2.google.com/service/update2/crx C:\Users\bette\AppData\Local\Google\Chrome\User Data\Default\extensions\nblhpecglllndfihipmpdoikimcmgkha = : Socrative Student Chrome App - http://b.socrative.com/login/student/ - short_name: Socrative - [http://b.socrative.com/student/http://b.socrative.com/login/student/] - https://clients2.google.com/service/update2/crx C:\Users\bette\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\bette\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail - Google & co - [*://mail.google.com/mail] - https://clients2.google.com/service/update2/crx ---------- | Opera ---------- | Firefox ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.5.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{b14837ef-1f0c-42ac-bf55-ac473ee3bd9b}] "DhcpNameServer"=192.168.5.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{b14837ef-1f0c-42ac-bf55-ac473ee3bd9b}] "DhcpNameServer"=192.168.5.1 ---------- | Applications [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | SvcHost (Whitelist) [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=Power LSM BrokerInfrastructure PlugPlay DcomLaunch SystemEventsBroker DeviceInstall "rdxgroup"=RetailDemo "Camera"=FrameS "LocalServiceNoNetworkFirewall"=BFE mpssvc "diagnostics"=DiagSvc "AarSvcGroup"=AarSvc "PrintWorkflow"=PrintWorkflowUserSvc "wusvcs"=WaaSMedicSvc "BcastDVRUserService"=BcastDVRUserService "GraphicsPerfSvcGroup"=GraphicsPerfSvc "autoTimeSvc"=autoTimeSvc "ClipboardSvcGroup"=cbdhsvc "BthAppGroup"=BluetoothUserService "smbsvcs"=lanmanserver "UdkSvcGroup"=UdkUserSvc "DevicesFlow"=DeviceAssociationBrokerSvc DevicesFlowUserSvc ConsentUxUserSvc DevicePickerUserSvc "PeerDist"=PeerDistSvc "AssignedAccessManagerSvc"=AssignedAccessManagerSvc "DialogBlockingService"=DialogBlockingService "CloudIdServiceGroup"=cloudidsvc [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=DcomLaunch DeviceInstall "PrintWorkflow"=PrintWorkflowUserSvc "AarSvcGroup"=AarSvc "DevicesFlow"=DeviceAssociationBrokerSvc "smbsvcs"=lanmanserver ---------- | SvcHost - Netsvcs (Whitelist) ---------- | Software [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Ableton] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\AMD] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\AppDataLow] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\AVAST Software] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Blizzard Entertainment] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Chromium] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Discord] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Eidos Montreal] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Electronic Arts] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Epic Games] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Google] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Image-Line] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Khronos] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Logitech] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Microsoft] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\NanoHost] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\NVIDIA Corporation] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Policies] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\QtProject] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\RegisteredApplications] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Rockstar Games] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\SoftVoice] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\SyncEngines] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\TeamViewer] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Valve] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\WinRAR] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\WinRAR SFX] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Wow6432Node] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Accessibility] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Active Setup] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\ActiveMovie] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\ActiveSync] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Assistance] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\AuthCookies] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Avalon.Graphics] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Clipboard] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Common] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\CommsAPHost] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\CTF] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\DeviceDirectory] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\DirectInput] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\DirectX Diagnostic Tool] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Edge] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\EdgeUpdate] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\EventSystem] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\F12] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Fax] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Feeds] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\FTP] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\GameBar] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\GameBarApi] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\IdentityCRL] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\IME] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Input] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\InputMethod] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\InputPersonalization] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Internet Connection Wizard] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Internet Explorer] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Keyboard] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\LanguageOverlay] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\MediaPlayer] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\MobilePC] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\MSF] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Multimedia] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Narrator] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\NGC] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Notepad] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Office] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\OneDrive] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Osk] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\PeerNet] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Personalization] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Phone] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Pim] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\PlayToReceiver] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Poom] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Remote Assistance] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\RPM] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\ScreenMagnifier] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Sensors] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\SkyDrive] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Speech] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Speech Virtual] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Speech_OneCore] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Spelling] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\SQMClient] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\StorageLibrary] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\SystemCertificates] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\TabletTip] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\TPG] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\UEV] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Unified Store] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Unistore] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\UserData] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\WAB] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\WcmSvc] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\wfs] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Windows] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Windows Defender Security Center] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Windows NT] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Windows Script] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Windows Script Host] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Windows Search] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Windows Security Health] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\Wisp] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\XboxLive] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Microsoft\Windows\AssignedAccessConfiguration] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Microsoft\Windows\Winlogon] [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\Ableton] [HKLM\Software\ac0666ae-ee66-5310-ac01-9d6348133b2d] [HKLM\Software\AGEIA Technologies] [HKLM\Software\Apple Inc.] [HKLM\Software\ASIO] [HKLM\Software\ATI Technologies] [HKLM\Software\Avast Software] [HKLM\Software\Caphyon] [HKLM\Software\Clients] [HKLM\Software\CPUID] [HKLM\Software\CVSM] [HKLM\Software\Cybelsoft] [HKLM\Software\DefaultUserEnvironment] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\Google] [HKLM\Software\Image-Line] [HKLM\Software\INextUUID] [HKLM\Software\Intel] [HKLM\Software\Khronos] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\OpenSSH] [HKLM\Software\Partner] [HKLM\Software\Policies] [HKLM\Software\Propellerhead Software] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Respawn] [HKLM\Software\RTLSetup] [HKLM\Software\SoftVoice] [HKLM\Software\TeamViewer] [HKLM\Software\Windows] [HKLM\Software\WinRAR] [HKLM\Software\WOW6432Node] [HKLM\Software\XferRecords] [HKLM\SOFTWARE\Microsoft\.NETFramework] [HKLM\SOFTWARE\Microsoft\AccountsControl] [HKLM\SOFTWARE\Microsoft\Active Setup] [HKLM\SOFTWARE\Microsoft\ActiveSync] [HKLM\SOFTWARE\Microsoft\ADs] [HKLM\SOFTWARE\Microsoft\Advanced INF Setup] [HKLM\SOFTWARE\Microsoft\ALG] [HKLM\SOFTWARE\Microsoft\AllUserInstallAgent] [HKLM\SOFTWARE\Microsoft\AMSI] [HKLM\SOFTWARE\Microsoft\Analog] [HKLM\SOFTWARE\Microsoft\AppServiceProtocols] [HKLM\SOFTWARE\Microsoft\AppV] [HKLM\SOFTWARE\Microsoft\ASP.NET] [HKLM\SOFTWARE\Microsoft\Assistance] [HKLM\SOFTWARE\Microsoft\AuthHost] [HKLM\SOFTWARE\Microsoft\BidInterface] [HKLM\SOFTWARE\Microsoft\BitLockerCsp] [HKLM\SOFTWARE\Microsoft\CallAndMessagingEnhancement] [HKLM\SOFTWARE\Microsoft\Cellular] [HKLM\SOFTWARE\Microsoft\Chkdsk] [HKLM\SOFTWARE\Microsoft\Clipboard] [HKLM\SOFTWARE\Microsoft\ClipboardServer] [HKLM\SOFTWARE\Microsoft\CloudManagedUpdate] [HKLM\SOFTWARE\Microsoft\COM3] [HKLM\SOFTWARE\Microsoft\Command Processor] [HKLM\SOFTWARE\Microsoft\CommsAPHost] [HKLM\SOFTWARE\Microsoft\CoreShell] [HKLM\SOFTWARE\Microsoft\Cryptography] [HKLM\SOFTWARE\Microsoft\CTF] [HKLM\SOFTWARE\Microsoft\DataAccess] [HKLM\SOFTWARE\Microsoft\DataCollection] [HKLM\SOFTWARE\Microsoft\DataSharing] [HKLM\SOFTWARE\Microsoft\DDDS] [HKLM\SOFTWARE\Microsoft\DevDiv] [HKLM\SOFTWARE\Microsoft\Device Association Framework] [HKLM\SOFTWARE\Microsoft\DeviceReg] [HKLM\SOFTWARE\Microsoft\Dfrg] [HKLM\SOFTWARE\Microsoft\DFS] [HKLM\SOFTWARE\Microsoft\DiagnosticLogCSP] [HKLM\SOFTWARE\Microsoft\DirectDraw] [HKLM\SOFTWARE\Microsoft\DirectInput] [HKLM\SOFTWARE\Microsoft\DirectMusic] [HKLM\SOFTWARE\Microsoft\DirectPlay8] [HKLM\SOFTWARE\Microsoft\DirectPlayNATHelp] [HKLM\SOFTWARE\Microsoft\DirectShow] [HKLM\SOFTWARE\Microsoft\DirectX] [HKLM\SOFTWARE\Microsoft\DownloadManager] [HKLM\SOFTWARE\Microsoft\Driver Signing] [HKLM\SOFTWARE\Microsoft\DRM] [HKLM\SOFTWARE\Microsoft\DusmSvc] [HKLM\SOFTWARE\Microsoft\DVDNavigator] [HKLM\SOFTWARE\Microsoft\DVR] [HKLM\SOFTWARE\Microsoft\DXP] [HKLM\SOFTWARE\Microsoft\EAPSIMMethods] [HKLM\SOFTWARE\Microsoft\Edge] [HKLM\SOFTWARE\Microsoft\Enrollment] [HKLM\SOFTWARE\Microsoft\Enrollments] [HKLM\SOFTWARE\Microsoft\EnterpriseCertificates] [HKLM\SOFTWARE\Microsoft\EnterpriseResourceManager] [HKLM\SOFTWARE\Microsoft\EventSounds] [HKLM\SOFTWARE\Microsoft\EventSystem] [HKLM\SOFTWARE\Microsoft\F12] [HKLM\SOFTWARE\Microsoft\FamilyStore] [HKLM\SOFTWARE\Microsoft\Fax] [HKLM\SOFTWARE\Microsoft\FaxServer] [HKLM\SOFTWARE\Microsoft\Feeds] [HKLM\SOFTWARE\Microsoft\FilePicker] [HKLM\SOFTWARE\Microsoft\FilterDS] [HKLM\SOFTWARE\Microsoft\FingerKB] [HKLM\SOFTWARE\Microsoft\FTH] [HKLM\SOFTWARE\Microsoft\Function Discovery] [HKLM\SOFTWARE\Microsoft\Fusion] [HKLM\SOFTWARE\Microsoft\FuzzyDS] [HKLM\SOFTWARE\Microsoft\GameOverlay] [HKLM\SOFTWARE\Microsoft\HTMLHelp] [HKLM\SOFTWARE\Microsoft\Hvsi] [HKLM\SOFTWARE\Microsoft\IdentityCRL] [HKLM\SOFTWARE\Microsoft\IdentityStore] [HKLM\SOFTWARE\Microsoft\IHDS] [HKLM\SOFTWARE\Microsoft\ImageTimeSettings] [HKLM\SOFTWARE\Microsoft\IMAPI] [HKLM\SOFTWARE\Microsoft\IME] [HKLM\SOFTWARE\Microsoft\IMEJP] [HKLM\SOFTWARE\Microsoft\IMEKR] [HKLM\SOFTWARE\Microsoft\IMETC] [HKLM\SOFTWARE\Microsoft\InProcLogger] [HKLM\SOFTWARE\Microsoft\Input] [HKLM\SOFTWARE\Microsoft\InputMethod] [HKLM\SOFTWARE\Microsoft\InputPersonalization] [HKLM\SOFTWARE\Microsoft\Internet Account Manager] [HKLM\SOFTWARE\Microsoft\Internet Domains] [HKLM\SOFTWARE\Microsoft\Internet Explorer] [HKLM\SOFTWARE\Microsoft\IsoBurn] [HKLM\SOFTWARE\Microsoft\KGL] [HKLM\SOFTWARE\Microsoft\LanguageOverlay] [HKLM\SOFTWARE\Microsoft\LexiconUpdate] [HKLM\SOFTWARE\Microsoft\Managed Desktop] [HKLM\SOFTWARE\Microsoft\MdmCommon] [HKLM\SOFTWARE\Microsoft\MdmDiagnostics] [HKLM\SOFTWARE\Microsoft\MediaEngine] [HKLM\SOFTWARE\Microsoft\MediaPlayer] [HKLM\SOFTWARE\Microsoft\MemoryDiagnostic] [HKLM\SOFTWARE\Microsoft\Messaging] [HKLM\SOFTWARE\Microsoft\MessengerService] [HKLM\SOFTWARE\Microsoft\Microsoft Camera Codec Pack] [HKLM\SOFTWARE\Microsoft\MiracastReceiver] [HKLM\SOFTWARE\Microsoft\MMC] [HKLM\SOFTWARE\Microsoft\Mobile] [HKLM\SOFTWARE\Microsoft\MpSigStub] [HKLM\SOFTWARE\Microsoft\MSBuild] [HKLM\SOFTWARE\Microsoft\MSDE] [HKLM\SOFTWARE\Microsoft\MSDRM] [HKLM\SOFTWARE\Microsoft\MSDTC] [HKLM\SOFTWARE\Microsoft\MSF] [HKLM\SOFTWARE\Microsoft\MSIME] [HKLM\SOFTWARE\Microsoft\MSLicensing] [HKLM\SOFTWARE\Microsoft\MSMQ] [HKLM\SOFTWARE\Microsoft\MSN Apps] [HKLM\SOFTWARE\Microsoft\MTF] [HKLM\SOFTWARE\Microsoft\MTFFuzzyFactors] [HKLM\SOFTWARE\Microsoft\MTFInputType] [HKLM\SOFTWARE\Microsoft\MTFKeyboardMappings] [HKLM\SOFTWARE\Microsoft\Multimedia] [HKLM\SOFTWARE\Microsoft\Multivariant] [HKLM\SOFTWARE\Microsoft\NET Framework Setup] [HKLM\SOFTWARE\Microsoft\NetSh] [HKLM\SOFTWARE\Microsoft\Network] [HKLM\SOFTWARE\Microsoft\Non-Driver Signing] [HKLM\SOFTWARE\Microsoft\Notepad] [HKLM\SOFTWARE\Microsoft\ODBC] [HKLM\SOFTWARE\Microsoft\OEM] [HKLM\SOFTWARE\Microsoft\Office] [HKLM\SOFTWARE\Microsoft\OfficeCSP] [HKLM\SOFTWARE\Microsoft\Ole] [HKLM\SOFTWARE\Microsoft\OnlineProviders] [HKLM\SOFTWARE\Microsoft\Outlook Express] [HKLM\SOFTWARE\Microsoft\Palm] [HKLM\SOFTWARE\Microsoft\Personalization] [HKLM\SOFTWARE\Microsoft\Phone] [HKLM\SOFTWARE\Microsoft\Photos] [HKLM\SOFTWARE\Microsoft\Pim] [HKLM\SOFTWARE\Microsoft\PLA] [HKLM\SOFTWARE\Microsoft\PlayToReceiver] [HKLM\SOFTWARE\Microsoft\PointOfService] [HKLM\SOFTWARE\Microsoft\Policies] [HKLM\SOFTWARE\Microsoft\PolicyManager] [HKLM\SOFTWARE\Microsoft\Poom] [HKLM\SOFTWARE\Microsoft\PowerShell] [HKLM\SOFTWARE\Microsoft\Print] [HKLM\SOFTWARE\Microsoft\Provisioning] [HKLM\SOFTWARE\Microsoft\PushRouter] [HKLM\SOFTWARE\Microsoft\RADAR] [HKLM\SOFTWARE\Microsoft\Ras] [HKLM\SOFTWARE\Microsoft\RcsPresence] [HKLM\SOFTWARE\Microsoft\Reliability Analysis] [HKLM\SOFTWARE\Microsoft\Remediation] [HKLM\SOFTWARE\Microsoft\RemovalTools] [HKLM\SOFTWARE\Microsoft\RendezvousApps] [HKLM\SOFTWARE\Microsoft\Router] [HKLM\SOFTWARE\Microsoft\Rpc] [HKLM\SOFTWARE\Microsoft\SchedulingAgent] [HKLM\SOFTWARE\Microsoft\Security Center] [HKLM\SOFTWARE\Microsoft\SecurityManager] [HKLM\SOFTWARE\Microsoft\SEMgr] [HKLM\SOFTWARE\Microsoft\Sensors] [HKLM\SOFTWARE\Microsoft\Shared Tools] [HKLM\SOFTWARE\Microsoft\Shared Tools Location] [HKLM\SOFTWARE\Microsoft\Shell] [HKLM\SOFTWARE\Microsoft\SIH] [HKLM\SOFTWARE\Microsoft\Siuf] [HKLM\SOFTWARE\Microsoft\SoftGrid] [HKLM\SOFTWARE\Microsoft\Software] [HKLM\SOFTWARE\Microsoft\Speech] [HKLM\SOFTWARE\Microsoft\Speech_OneCore] [HKLM\SOFTWARE\Microsoft\SQMClient] [HKLM\SOFTWARE\Microsoft\Sync Framework] [HKLM\SOFTWARE\Microsoft\Sysprep] [HKLM\SOFTWARE\Microsoft\SystemCertificates] [HKLM\SOFTWARE\Microsoft\SystemSettings] [HKLM\SOFTWARE\Microsoft\TableTextService] [HKLM\SOFTWARE\Microsoft\TabletTip] [HKLM\SOFTWARE\Microsoft\TaskFlowDataEngine] [HKLM\SOFTWARE\Microsoft\Tcpip] [HKLM\SOFTWARE\Microsoft\TelemetryClient] [HKLM\SOFTWARE\Microsoft\Terminal Server Client] [HKLM\SOFTWARE\Microsoft\TermServLicensing] [HKLM\SOFTWARE\Microsoft\TouchPrediction] [HKLM\SOFTWARE\Microsoft\TPG] [HKLM\SOFTWARE\Microsoft\Tpm] [HKLM\SOFTWARE\Microsoft\Tracing] [HKLM\SOFTWARE\Microsoft\Transaction Server] [HKLM\SOFTWARE\Microsoft\TV System Services] [HKLM\SOFTWARE\Microsoft\uDRM] [HKLM\SOFTWARE\Microsoft\UEV] [HKLM\SOFTWARE\Microsoft\Unified Store] [HKLM\SOFTWARE\Microsoft\UNP] [HKLM\SOFTWARE\Microsoft\UPnP Control Point] [HKLM\SOFTWARE\Microsoft\UPnP Device Host] [HKLM\SOFTWARE\Microsoft\UserData] [HKLM\SOFTWARE\Microsoft\UserManager] [HKLM\SOFTWARE\Microsoft\Virtual Machine] [HKLM\SOFTWARE\Microsoft\VisualStudio] [HKLM\SOFTWARE\Microsoft\WAB] [HKLM\SOFTWARE\Microsoft\Wallet] [HKLM\SOFTWARE\Microsoft\Wbem] [HKLM\SOFTWARE\Microsoft\WcmSvc] [HKLM\SOFTWARE\Microsoft\WIMMount] [HKLM\SOFTWARE\Microsoft\Windows] [HKLM\SOFTWARE\Microsoft\Windows Advanced Threat Protection] [HKLM\SOFTWARE\Microsoft\Windows Defender] [HKLM\SOFTWARE\Microsoft\Windows Defender Security Center] [HKLM\SOFTWARE\Microsoft\Windows Desktop Search] [HKLM\SOFTWARE\Microsoft\Windows Embedded] [HKLM\SOFTWARE\Microsoft\Windows Mail] [HKLM\SOFTWARE\Microsoft\Windows Media Device Manager] [HKLM\SOFTWARE\Microsoft\Windows Media Foundation] [HKLM\SOFTWARE\Microsoft\Windows Media Player NSS] [HKLM\SOFTWARE\Microsoft\Windows Messaging Subsystem] [HKLM\SOFTWARE\Microsoft\Windows NT] [HKLM\SOFTWARE\Microsoft\Windows Photo Viewer] [HKLM\SOFTWARE\Microsoft\Windows Portable Devices] [HKLM\SOFTWARE\Microsoft\Windows Script Host] [HKLM\SOFTWARE\Microsoft\Windows Search] [HKLM\SOFTWARE\Microsoft\Windows Security Health] [HKLM\SOFTWARE\Microsoft\WindowsRuntime] [HKLM\SOFTWARE\Microsoft\WindowsSelfHost] [HKLM\SOFTWARE\Microsoft\WindowsUpdate] [HKLM\SOFTWARE\Microsoft\Wisp] [HKLM\SOFTWARE\Microsoft\WlanSvc] [HKLM\SOFTWARE\Microsoft\Wlpasvc] [HKLM\SOFTWARE\Microsoft\Wow64] [HKLM\SOFTWARE\Microsoft\WSDAPI] [HKLM\SOFTWARE\Microsoft\WwanSvc] [HKLM\SOFTWARE\Microsoft\XAML] [HKLM\SOFTWARE\Microsoft\XboxLive] [HKLM\Software\Microsoft\Windows\AssignedAccessConfiguration] [HKLM\Software\Microsoft\Windows\AssignedAccessCsp] [HKLM\Software\Microsoft\Windows\Autopilot] [HKLM\Software\Microsoft\Windows\ClickNote] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\DeviceUpdateCenter] [HKLM\Software\Microsoft\Windows\Dwm] [HKLM\Software\Microsoft\Windows\DynamicManagement] [HKLM\Software\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\Microsoft\Windows\Heat] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\NcsiUwpApp] [HKLM\Software\Microsoft\Windows\Notepad] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\TenantRestrictions] [HKLM\Software\Microsoft\Windows\UpdateApi] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AarSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AssignedAccessManagerSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\autotimesvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BcastDVRUserService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\btagservice] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BthAppGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\Camera] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ClipboardSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\DevicesFlow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\diagnostics] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\DialogBlockingService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GraphicsPerfSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\rdxgroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\RmSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UdkSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs] [HKLM\Software\WOW6432Node\AGEIA Technologies] [HKLM\Software\WOW6432Node\AMD] [HKLM\Software\WOW6432Node\ASIO] [HKLM\Software\WOW6432Node\ASIO4ALL] [HKLM\Software\WOW6432Node\ATI Technologies] [HKLM\Software\WOW6432Node\Avast Software] [HKLM\Software\WOW6432Node\Blizzard Entertainment] [HKLM\Software\WOW6432Node\EasyAntiCheat] [HKLM\Software\WOW6432Node\Electronic Arts] [HKLM\Software\WOW6432Node\Epic Games] [HKLM\Software\WOW6432Node\EpicGames] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\Image-Line] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\NVIDIA Corporation] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\Origin] [HKLM\Software\WOW6432Node\Origin Games] [HKLM\Software\WOW6432Node\Propellerhead Software] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Respawn] [HKLM\Software\WOW6432Node\Rockstar Games] [HKLM\Software\WOW6432Node\SoftVoice] [HKLM\Software\WOW6432Node\TVInstallTemp] [HKLM\Software\WOW6432Node\Valve] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\.NETFramework] [HKLM\Software\WOW6432Node\Microsoft\Active Setup] [HKLM\Software\WOW6432Node\Microsoft\ADs] [HKLM\Software\WOW6432Node\Microsoft\Advanced INF Setup] [HKLM\Software\WOW6432Node\Microsoft\AMSI] [HKLM\Software\WOW6432Node\Microsoft\AppServiceProtocols] [HKLM\Software\WOW6432Node\Microsoft\AppV] [HKLM\Software\WOW6432Node\Microsoft\ASP.NET] [HKLM\Software\WOW6432Node\Microsoft\Assistance] [HKLM\Software\WOW6432Node\Microsoft\AudioCompressionManager] [HKLM\Software\WOW6432Node\Microsoft\AuthHost] [HKLM\Software\WOW6432Node\Microsoft\BidInterface] [HKLM\Software\WOW6432Node\Microsoft\BitLockerCsp] [HKLM\Software\WOW6432Node\Microsoft\ClipboardServer] [HKLM\Software\WOW6432Node\Microsoft\Command Processor] [HKLM\Software\WOW6432Node\Microsoft\Cryptography] [HKLM\Software\WOW6432Node\Microsoft\CTF] [HKLM\Software\WOW6432Node\Microsoft\DataAccess] [HKLM\Software\WOW6432Node\Microsoft\DevDiv] [HKLM\Software\WOW6432Node\Microsoft\Device Association Framework] [HKLM\Software\WOW6432Node\Microsoft\Direct3D] [HKLM\Software\WOW6432Node\Microsoft\DirectDraw] [HKLM\Software\WOW6432Node\Microsoft\DirectInput] [HKLM\Software\WOW6432Node\Microsoft\DirectMusic] [HKLM\Software\WOW6432Node\Microsoft\DirectPlay] [HKLM\Software\WOW6432Node\Microsoft\DirectPlay8] [HKLM\Software\WOW6432Node\Microsoft\DirectPlayNATHelp] [HKLM\Software\WOW6432Node\Microsoft\DirectShow] [HKLM\Software\WOW6432Node\Microsoft\DirectX] [HKLM\Software\WOW6432Node\Microsoft\DownloadManager] [HKLM\Software\WOW6432Node\Microsoft\DRM] [HKLM\Software\WOW6432Node\Microsoft\DVDNavigator] [HKLM\Software\WOW6432Node\Microsoft\DVR] [HKLM\Software\WOW6432Node\Microsoft\EAPSIMMethods] [HKLM\Software\WOW6432Node\Microsoft\Edge] [HKLM\Software\WOW6432Node\Microsoft\EdgeUpdate] [HKLM\Software\WOW6432Node\Microsoft\ENROLLMENTS] [HKLM\Software\WOW6432Node\Microsoft\EnterpriseResourceManager] [HKLM\Software\WOW6432Node\Microsoft\Exchange] [HKLM\Software\WOW6432Node\Microsoft\F12] [HKLM\Software\WOW6432Node\Microsoft\Fax] [HKLM\Software\WOW6432Node\Microsoft\Feeds] [HKLM\Software\WOW6432Node\Microsoft\FilePicker] [HKLM\Software\WOW6432Node\Microsoft\Function Discovery] [HKLM\Software\WOW6432Node\Microsoft\Fusion] [HKLM\Software\WOW6432Node\Microsoft\GameOverlay] [HKLM\Software\WOW6432Node\Microsoft\HTMLHelp] [HKLM\Software\WOW6432Node\Microsoft\IdentityCRL] [HKLM\Software\WOW6432Node\Microsoft\IdentityStore] [HKLM\Software\WOW6432Node\Microsoft\IMAPI] [HKLM\Software\WOW6432Node\Microsoft\IME] [HKLM\Software\WOW6432Node\Microsoft\IMEJP] [HKLM\Software\WOW6432Node\Microsoft\IMEKR] [HKLM\Software\WOW6432Node\Microsoft\IMETC] [HKLM\Software\WOW6432Node\Microsoft\InputMethod] [HKLM\Software\WOW6432Node\Microsoft\InputPersonalization] [HKLM\Software\WOW6432Node\Microsoft\Internet Account Manager] [HKLM\Software\WOW6432Node\Microsoft\Internet Domains] [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer] [HKLM\Software\WOW6432Node\Microsoft\IsoBurn] [HKLM\Software\WOW6432Node\Microsoft\Jet] [HKLM\Software\WOW6432Node\Microsoft\MediaEngine] [HKLM\Software\WOW6432Node\Microsoft\MediaPlayer] [HKLM\Software\WOW6432Node\Microsoft\MessengerService] [HKLM\Software\WOW6432Node\Microsoft\Microsoft Camera Codec Pack] [HKLM\Software\WOW6432Node\Microsoft\MiracastReceiver] [HKLM\Software\WOW6432Node\Microsoft\MMC] [HKLM\Software\WOW6432Node\Microsoft\MSBuild] [HKLM\Software\WOW6432Node\Microsoft\MSDE] [HKLM\Software\WOW6432Node\Microsoft\MSDRM] [HKLM\Software\WOW6432Node\Microsoft\MSDTC] [HKLM\Software\WOW6432Node\Microsoft\MSF] [HKLM\Software\WOW6432Node\Microsoft\MSLicensing] [HKLM\Software\WOW6432Node\Microsoft\MSN Apps] [HKLM\Software\WOW6432Node\Microsoft\Multimedia] [HKLM\Software\WOW6432Node\Microsoft\NET Framework Setup] [HKLM\Software\WOW6432Node\Microsoft\NetSh] [HKLM\Software\WOW6432Node\Microsoft\Network] [HKLM\Software\WOW6432Node\Microsoft\Notepad] [HKLM\Software\WOW6432Node\Microsoft\ODBC] [HKLM\Software\WOW6432Node\Microsoft\OEM] [HKLM\Software\WOW6432Node\Microsoft\Office] [HKLM\Software\WOW6432Node\Microsoft\Office Server] [HKLM\Software\WOW6432Node\Microsoft\OnlineProviders] [HKLM\Software\WOW6432Node\Microsoft\Outlook Express] [HKLM\Software\WOW6432Node\Microsoft\Palm] [HKLM\Software\WOW6432Node\Microsoft\Personalization] [HKLM\Software\WOW6432Node\Microsoft\Photos] [HKLM\Software\WOW6432Node\Microsoft\PLA] [HKLM\Software\WOW6432Node\Microsoft\Policies] [HKLM\Software\WOW6432Node\Microsoft\PowerShell] [HKLM\Software\WOW6432Node\Microsoft\Print] [HKLM\Software\WOW6432Node\Microsoft\Provisioning] [HKLM\Software\WOW6432Node\Microsoft\RADAR] [HKLM\Software\WOW6432Node\Microsoft\RendezvousApps] [HKLM\Software\WOW6432Node\Microsoft\SchedulingAgent] [HKLM\Software\WOW6432Node\Microsoft\Security Center] [HKLM\Software\WOW6432Node\Microsoft\Sensors] [HKLM\Software\WOW6432Node\Microsoft\Shared Tools] [HKLM\Software\WOW6432Node\Microsoft\Shared Tools Location] [HKLM\Software\WOW6432Node\Microsoft\Software] [HKLM\Software\WOW6432Node\Microsoft\SPEECH] [HKLM\Software\WOW6432Node\Microsoft\Speech_OneCore] [HKLM\Software\WOW6432Node\Microsoft\SQMClient] [HKLM\Software\WOW6432Node\Microsoft\Sync Framework] [HKLM\Software\WOW6432Node\Microsoft\SystemSettings] [HKLM\Software\WOW6432Node\Microsoft\TableTextService] [HKLM\Software\WOW6432Node\Microsoft\TabletTip] [HKLM\Software\WOW6432Node\Microsoft\Tcpip] [HKLM\Software\WOW6432Node\Microsoft\Terminal Server Client] [HKLM\Software\WOW6432Node\Microsoft\TouchPrediction] [HKLM\Software\WOW6432Node\Microsoft\TPG] [HKLM\Software\WOW6432Node\Microsoft\Tpm] [HKLM\Software\WOW6432Node\Microsoft\Tracing] [HKLM\Software\WOW6432Node\Microsoft\TV System Services] [HKLM\Software\WOW6432Node\Microsoft\uDRM] [HKLM\Software\WOW6432Node\Microsoft\UEV] [HKLM\Software\WOW6432Node\Microsoft\Updates] [HKLM\Software\WOW6432Node\Microsoft\UPnP Control Point] [HKLM\Software\WOW6432Node\Microsoft\UPnP Device Host] [HKLM\Software\WOW6432Node\Microsoft\VisualStudio] [HKLM\Software\WOW6432Node\Microsoft\WAB] [HKLM\Software\WOW6432Node\Microsoft\WBEM] [HKLM\Software\WOW6432Node\Microsoft\WIMMount] [HKLM\Software\WOW6432Node\Microsoft\Windows] [HKLM\Software\WOW6432Node\Microsoft\Windows Desktop Search] [HKLM\Software\WOW6432Node\Microsoft\Windows Mail] [HKLM\Software\WOW6432Node\Microsoft\Windows Media Device Manager] [HKLM\Software\WOW6432Node\Microsoft\Windows Media Foundation] [HKLM\Software\WOW6432Node\Microsoft\Windows Media Player NSS] [HKLM\Software\WOW6432Node\Microsoft\Windows Messaging Subsystem] [HKLM\Software\WOW6432Node\Microsoft\Windows NT] [HKLM\Software\WOW6432Node\Microsoft\Windows Photo Viewer] [HKLM\Software\WOW6432Node\Microsoft\Windows Portable Devices] [HKLM\Software\WOW6432Node\Microsoft\Windows Script Host] [HKLM\Software\WOW6432Node\Microsoft\WindowsRuntime] [HKLM\Software\WOW6432Node\Microsoft\WindowsUpdate] [HKLM\Software\WOW6432Node\Microsoft\Wisp] [HKLM\Software\WOW6432Node\Microsoft\WlanSvc] [HKLM\Software\WOW6432Node\Microsoft\WSDAPI] [HKLM\Software\WOW6432Node\Microsoft\Cellular] [HKLM\Software\WOW6432Node\Microsoft\COM3] [HKLM\Software\WOW6432Node\Microsoft\DeviceReg] [HKLM\Software\WOW6432Node\Microsoft\DFS] [HKLM\Software\WOW6432Node\Microsoft\Driver Signing] [HKLM\Software\WOW6432Node\Microsoft\EnterpriseCertificates] [HKLM\Software\WOW6432Node\Microsoft\EventSystem] [HKLM\Software\WOW6432Node\Microsoft\FingerKB] [HKLM\Software\WOW6432Node\Microsoft\FuzzyDS] [HKLM\Software\WOW6432Node\Microsoft\Input] [HKLM\Software\WOW6432Node\Microsoft\LanguageOverlay] [HKLM\Software\WOW6432Node\Microsoft\Messaging] [HKLM\Software\WOW6432Node\Microsoft\MSMQ] [HKLM\Software\WOW6432Node\Microsoft\MTF] [HKLM\Software\WOW6432Node\Microsoft\MTFFuzzyFactors] [HKLM\Software\WOW6432Node\Microsoft\MTFInputType] [HKLM\Software\WOW6432Node\Microsoft\MTFKeyboardMappings] [HKLM\Software\WOW6432Node\Microsoft\Non-Driver Signing] [HKLM\Software\WOW6432Node\Microsoft\Ole] [HKLM\Software\WOW6432Node\Microsoft\Phone] [HKLM\Software\WOW6432Node\Microsoft\Pim] [HKLM\Software\WOW6432Node\Microsoft\Poom] [HKLM\Software\WOW6432Node\Microsoft\Ras] [HKLM\Software\WOW6432Node\Microsoft\Rpc] [HKLM\Software\WOW6432Node\Microsoft\SecurityManager] [HKLM\Software\WOW6432Node\Microsoft\Semgr] [HKLM\Software\WOW6432Node\Microsoft\Shell] [HKLM\Software\WOW6432Node\Microsoft\SystemCertificates] [HKLM\Software\WOW6432Node\Microsoft\TermServLicensing] [HKLM\Software\WOW6432Node\Microsoft\Transaction Server] [HKLM\Software\WOW6432Node\Microsoft\Unified Store] [HKLM\Software\WOW6432Node\Microsoft\UserData] [HKLM\Software\WOW6432Node\Microsoft\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\XAML] [HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\Dwm] [HKLM\Software\WOW6432Node\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\WOW6432Node\Microsoft\Windows\Heat] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\UpdateApi] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\AarSvc] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs] ---------- | Drives D: ---------- | C: [14/03/2022 22:56:37] - |HD| - [38387670] - C:\$AV_ASW [07/12/2019 10:14:52] - |SHD| - [990849921] - C:\$Recycle.Bin [16/03/2022 17:18:10] - |HD| - [0] - C:\$WinREAgent [14/03/2022 16:17:52] - |D| - [589549622] - C:\AMD [14/03/2022 16:19:30] - |SHD| - [0] - C:\Config.Msi [14/03/2022 21:37:35] - |SHD| - [0] - C:\Documents and Settings [MD5.D41D8CD98F00B204E9800998ECF8427E] - [14/03/2022 21:36:13] - |ASH| - (.-.) - [8192] - (0.0.0.0) - C:\DumpStack.log.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - [14/03/2022 21:37:27] - |ASH| - (.-.) - [6840737792] - (0.0.0.0) - C:\hiberfil.sys [14/03/2022 14:37:19] - |HD| - [0] - C:\OneDriveTemp [MD5.D41D8CD98F00B204E9800998ECF8427E] - [14/03/2022 21:36:13] - |ASH| - (.-.) - [8053063680] - (0.0.0.0) - C:\pagefile.sys [07/12/2019 10:14:52] - |D| - [0] - C:\PerfLogs [07/12/2019 10:14:52] - |RD| - [137845035648] - C:\Program Files [07/12/2019 10:14:52] - |RD| - [97313317628] - C:\Program Files (x86) [07/12/2019 10:14:52] - |HD| - [2479416602] - C:\ProgramData [26/03/2022 18:24:21] - |D| - [34] - C:\QuickDiag [MD5.D302A0D4BAC0B56731C3F64040F121C6] - [26/03/2022 18:24:33] - |A| - (.-.) - [184052] - (0.0.0.0) - C:\QuickDiag.txt [14/03/2022 21:37:37] - |SHD| - [2302472] - C:\Recovery [14/03/2022 14:49:37] - |D| - [17605568767] - C:\Riot Games [MD5.D41D8CD98F00B204E9800998ECF8427E] - [14/03/2022 21:36:13] - |ASH| - (.-.) - [16777216] - (0.0.0.0) - C:\swapfile.sys [14/03/2022 16:19:11] - |D| - [159700] - C:\Swsetup [14/03/2022 21:36:12] - |SHD| - [0] - C:\System Volume Information [07/12/2019 10:03:44] - |RD| - [15498221025] - C:\Users [07/12/2019 10:03:44] - |D| - [20806899787] - C:\Windows ---------- | C:\Windows [07/12/2019 15:51:43] - |D| - [802] - C:\Windows\addins [07/12/2019 10:14:52] - |D| - [11585147] - C:\Windows\appcompat [07/12/2019 10:14:52] - |D| - [9914974] - C:\Windows\apppatch [07/12/2019 10:14:52] - |D| - [0] - C:\Windows\AppReadiness [07/12/2019 10:14:52] - |RSD| - [992378967] - C:\Windows\assembly [07/12/2019 10:14:52] - |D| - [785153] - C:\Windows\bcastdvr [MD5.820B97429E4153A743708B376807EE69] - [06/10/2021 14:29:38] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [81408] - (10.0.19041.1237) - C:\Windows\bfsvc.exe [07/12/2019 15:53:51] - |SHD| - [578547] - C:\Windows\BitLockerDiscoveryVolumeContents [07/12/2019 10:14:52] - |D| - [40891632] - C:\Windows\Boot [MD5.87329A318BD3DD6A0960F226D84BCD4E] - [14/03/2022 21:36:50] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\Windows\bootstat.dat [07/12/2019 10:14:52] - |D| - [2450432] - C:\Windows\Branding [07/12/2019 10:03:44] - |D| - [0] - C:\Windows\CbsTemp [07/12/2019 10:14:52] - |D| - [68470390] - C:\Windows\Containers [14/03/2022 14:31:57] - |D| - [0] - C:\Windows\CSC [07/12/2019 10:14:52] - |D| - [11501377] - C:\Windows\Cursors [07/12/2019 10:14:52] - |D| - [3193] - C:\Windows\debug [07/12/2019 10:14:52] - |D| - [4308864] - C:\Windows\diagnostics [07/12/2019 10:14:52] - |D| - [1702804] - C:\Windows\DiagTrack [07/12/2019 15:50:20] - |D| - [0] - C:\Windows\DigitalLocker [MD5.0E610C0EDA0B08A31DD59079D3550ECE] - [14/03/2022 18:39:16] - |A| - (.-.) - [27885] - (0.0.0.0) - C:\Windows\DirectX.log [07/12/2019 10:14:52] - |SD| - [65] - C:\Windows\Downloaded Program Files [MD5.E8E2452E6CB5F48D4E973B23AAD9F2B3] - [14/03/2022 16:20:14] - |A| - (.-.) - [19632] - (0.0.0.0) - C:\Windows\DPINST.LOG [MD5.ABF153BDF3BDC6D1BEADF937E69EDB7D] - [07/12/2019 10:17:33] - |A| - (.-.) - [1947] - (0.0.0.0) - C:\Windows\DtcInstall.log [07/12/2019 10:14:52] - |HD| - [68624] - C:\Windows\ELAMBKUP [07/12/2019 15:50:20] - |D| - [0] - C:\Windows\en-US [MD5.25C8B9AE873248CD98AB17539F5B1F15] - [16/03/2022 17:22:18] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4967688] - (10.0.19041.1586) - C:\Windows\explorer.exe [07/12/2019 10:14:52] - |RSD| - [361286958] - C:\Windows\Fonts [07/12/2019 15:50:20] - |D| - [111616] - C:\Windows\fr-FR [07/12/2019 10:14:52] - |D| - [0] - C:\Windows\GameBarPresenceWriter [07/12/2019 10:14:52] - |D| - [57013276] - C:\Windows\Globalization [07/12/2019 10:14:52] - |D| - [1315831] - C:\Windows\Help [MD5.7E8FAEC2E175C8B45B6D380A6A4C9503] - [06/10/2021 14:31:10] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [1075712] - (10.0.19041.1151) - C:\Windows\HelpPane.exe [MD5.2C8FE78D53C8CA27523A71DFD2938241] - [07/12/2019 10:09:39] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [18432] - (10.0.19041.1) - C:\Windows\hh.exe [07/12/2019 10:14:52] - |D| - [30327] - C:\Windows\IdentityCRL [07/12/2019 10:14:52] - |D| - [28822470] - C:\Windows\IME [07/12/2019 10:14:52] - |RD| - [8206917] - C:\Windows\ImmersiveControlPanel [07/12/2019 10:13:02] - |D| - [58541528] - C:\Windows\INF [MD5.4DE822EC3B14E20E6ABAD056E4846A92] - [08/12/2021 11:56:14] - |A| - (.-.) - [9381] - (0.0.0.0) - C:\Windows\Info.xml [07/12/2019 10:14:52] - |D| - [38193580] - C:\Windows\InputMethod [07/12/2019 10:14:52] - |SHD| - [449470604] - C:\Windows\Installer [07/12/2019 10:14:52] - |D| - [109650] - C:\Windows\L2Schemas [07/12/2019 10:14:52] - |HD| - [0] - C:\Windows\LanguageOverlayCache [07/12/2019 10:14:52] - |D| - [2097152] - C:\Windows\LiveKernelReports [07/12/2019 10:14:52] - |D| - [41750352] - C:\Windows\Logs [MD5.EB8A4D5928A653AA3CB4429BF4E5CA6B] - [14/03/2022 21:36:13] - |A| - (.-.) - [1380] - (0.0.0.0) - C:\Windows\lsasetup.log [07/12/2019 10:14:52] - |RSD| - [20063519] - C:\Windows\Media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [07/12/2019 10:08:58] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\Windows\mib.bin [07/12/2019 10:14:52] - |RD| - [851545862] - C:\Windows\Microsoft.NET [07/12/2019 10:14:52] - |D| - [3323] - C:\Windows\Migration [07/12/2019 10:14:52] - |D| - [0] - C:\Windows\ModemLogs [14/03/2022 22:56:29] - |HD| - [0] - C:\Windows\msdownld.tmp [MD5.BBE80313CF12098D3FC4D8A42E9DBB33] - [16/03/2022 17:23:25] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [201728] - (10.0.19041.1566) - C:\Windows\notepad.exe [MD5.74F28574BB8F61FFC7DD419FE6B6E0D5] - [14/03/2022 16:22:51] - |A| - (.-.) - [1951] - (0.0.0.0) - C:\Windows\NvContainerRecovery.bat [07/12/2019 15:52:32] - |D| - [199472] - C:\Windows\OCR [07/12/2019 10:14:52] - |RD| - [65] - C:\Windows\Offline Web Pages [14/03/2022 21:35:56] - |D| - [4063273] - C:\Windows\Panther [07/12/2019 10:14:52] - |D| - [528287] - C:\Windows\Performance [MD5.F20442ADC4A6C9195F0298591E295765] - [14/03/2022 15:57:25] - |A| - (.-.) - [23154] - (0.0.0.0) - C:\Windows\PFRO.log [07/12/2019 10:14:52] - |D| - [1136442] - C:\Windows\PLA [07/12/2019 10:14:52] - |D| - [7487085] - C:\Windows\PolicyDefinitions [14/03/2022 21:36:12] - |D| - [5853047] - C:\Windows\Prefetch [07/12/2019 10:14:52] - |RD| - [2234380] - C:\Windows\PrintDialog [MD5.C186EF70E6825D333E0077831C58BAAA] - [07/12/2019 15:54:16] - |A| - (.-.) - [30831] - (0.0.0.0) - C:\Windows\Professional.xml [07/12/2019 10:14:52] - |D| - [6083225] - C:\Windows\Provisioning [MD5.999A30979F6195BF562068639FFC4426] - [06/10/2021 14:31:17] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [370176] - (10.0.19041.746) - C:\Windows\regedit.exe [07/12/2019 10:14:52] - |D| - [22588] - C:\Windows\Registration [07/12/2019 15:53:51] - |D| - [0] - C:\Windows\RemotePackages [07/12/2019 10:14:52] - |D| - [4379184] - C:\Windows\rescache [07/12/2019 10:14:52] - |D| - [3471899] - C:\Windows\Resources [07/12/2019 10:14:52] - |D| - [0] - C:\Windows\SchCache [07/12/2019 10:14:52] - |D| - [198334] - C:\Windows\schemas [07/12/2019 10:14:52] - |D| - [5352407] - C:\Windows\security [14/03/2022 21:36:13] - |D| - [61846068] - C:\Windows\ServiceProfiles [07/12/2019 10:14:52] - |D| - [4466] - C:\Windows\ServiceState [07/12/2019 10:03:44] - |D| - [1145050409] - C:\Windows\servicing [07/12/2019 10:18:25] - |D| - [42] - C:\Windows\Setup [MD5.AD69D2C629EFE793256B5C1CADCFDB30] - [14/03/2022 21:36:20] - |A| - (.-.) - [13754] - (0.0.0.0) - C:\Windows\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [14/03/2022 21:36:20] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\setuperr.log [07/12/2019 10:14:52] - |D| - [5526016] - C:\Windows\ShellComponents [07/12/2019 10:14:52] - |D| - [19040768] - C:\Windows\ShellExperiences [07/12/2019 10:14:52] - |D| - [3070736] - C:\Windows\SKB [14/03/2022 14:31:34] - |D| - [54786595] - C:\Windows\SoftwareDistribution [07/12/2019 10:14:52] - |D| - [86037697] - C:\Windows\Speech [07/12/2019 10:14:52] - |D| - [64508236] - C:\Windows\Speech_OneCore [MD5.74EEC977273BEB6F80B3BB3887B78A33] - [16/03/2022 17:22:18] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [136192] - (10.0.19041.1415) - C:\Windows\splwow64.exe [07/12/2019 10:14:52] - |D| - [31039] - C:\Windows\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [07/12/2019 10:14:54] - |A| - (.-.) - [219] - (0.0.0.0) - C:\Windows\system.ini [07/12/2019 10:03:44] - |D| - [5418540425] - C:\Windows\System32 [07/12/2019 10:14:52] - |D| - [148525890] - C:\Windows\SystemApps [07/12/2019 10:14:52] - |D| - [167968409] - C:\Windows\SystemResources [16/03/2022 22:01:34] - |D| - [0] - C:\Windows\SystemTemp [07/12/2019 10:14:52] - |D| - [1214571785] - C:\Windows\SysWOW64 [07/12/2019 10:14:52] - |D| - [0] - C:\Windows\TAPI [07/12/2019 10:14:52] - |D| - [6] - C:\Windows\Tasks [07/12/2019 10:14:52] - |D| - [45455962] - C:\Windows\Temp [07/12/2019 10:14:52] - |D| - [0] - C:\Windows\tracing [07/12/2019 10:14:52] - |D| - [7680] - C:\Windows\twain_32 [MD5.AFE119DD4E17891B227684F38AA25D4D] - [07/12/2019 10:10:00] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [65024] - (1.7.1.3) - C:\Windows\twain_32.dll [07/12/2019 10:14:52] - |D| - [12420] - C:\Windows\Vss [07/12/2019 10:14:52] - |D| - [33198] - C:\Windows\WaaS [07/12/2019 10:14:52] - |D| - [16568315] - C:\Windows\Web [MD5.23CF8138F49416231807E6DE371FB9E6] - [07/12/2019 10:14:54] - |A| - (.-.) - [92] - (0.0.0.0) - C:\Windows\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [07/12/2019 10:09:09] - |RAH| - (.-.) - [670] - (0.0.0.0) - C:\Windows\WindowsShell.Manifest [MD5.2CC83D93DD1DDE691158CF5E9882420B] - [14/03/2022 14:31:34] - |A| - (.-.) - [276] - (0.0.0.0) - C:\Windows\WindowsUpdate.log [MD5.0629E6D130F226C009EA9AB329F37ACC] - [07/12/2019 10:10:00] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [11776] - (10.0.19041.1) - C:\Windows\winhlp32.exe [07/12/2019 10:03:44] - |D| - [9243602074] - C:\Windows\WinSxS [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [07/12/2019 10:10:11] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\Windows\WMSysPr9.prx [MD5.B947CCA7F485F6C1156F4D02E8C9874F] - [07/12/2019 15:52:57] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.19041.1) - C:\Windows\write.exe ---------- | C:\Windows\System32\GroupPolicy [MD5.E0F237220B596D9E1E2596C0C93AC8E5] - [21/03/2022 16:15:48] - |A| - (.-.) - [127] - (0.0.0.0) - C:\Windows\System32\GroupPolicy\gpt.ini [21/03/2022 16:15:48] - |D| - [148] - C:\Windows\System32\GroupPolicy\Machine [21/03/2022 16:15:48] - |D| - [0] - C:\Windows\System32\GroupPolicy\User ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [12/04/2017 15:07:08] - C:\Windows\Installer\17b9c.msi : (Balanced - Advanced Micro Devices, Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [14/03/2022 16:20:08] - C:\Windows\Installer\17ba2.msi : (AMD_Chipset_Drivers - Advanced Micro Devices, Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [17/11/2021 07:08:22] - C:\Windows\Installer\17ba6.msi : (AMD GPIO2 Driver - Advanced Micro Devices, Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [18/11/2021 01:22:26] - C:\Windows\Installer\17baa.msi : (AMD PCI Driver - Advanced Micro Devices, Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [07/12/2021 04:51:20] - C:\Windows\Installer\17bae.msi : (AMD SBxxx SMBus Driver - Advanced Micro Devices, Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [07/12/2021 04:50:08] - C:\Windows\Installer\17bb2.msi : (AMD PSP Driver - Advanced Micro Devices, Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [07/12/2021 03:24:36] - C:\Windows\Installer\17bb6.msi : (AMD WDT Driver - Advanced Micro Devices, Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [08/12/2021 04:04:00] - C:\Windows\Installer\17bba.msi : (AMD Ryzen Balanced Driver - Advanced Micro Devices, Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [07/12/2021 03:25:14] - C:\Windows\Installer\17bbe.msi : (AMD Embedded SMBus Driver - Advanced Micro Devices, Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [18/06/2020 11:28:42] - C:\Windows\Installer\4358a3.msi : (Epic Games Launcher Prerequisites (x64) - Epic Games, Inc.) [Header ok : D0CF11E0A1B11AE10000000000000000] [15/02/2022 11:16:17] - C:\Windows\Installer\9e0b5.msi : (DriversCloud.com - Cybelsoft) [Header ok : D0CF11E0A1B11AE10000000000000000] ---------- | %System%\*.in* [07/12/2019 10:09:39] - [3329] - C:\Windows\System32\ieuinit.inf [14/03/2022 14:35:14] - [1771434] - C:\Windows\System32\PerfStringBackup.INI [07/12/2019 10:09:05] - [60124] - C:\Windows\System32\tcpmon.ini [07/12/2019 10:08:46] - [2404] - C:\Windows\System32\WimBootCompress.ini [07/12/2019 10:10:00] - [3329] - C:\Windows\Syswow64\ieuinit.inf [07/12/2019 10:09:22] - [2404] - C:\Windows\Syswow64\WimBootCompress.ini ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [0 Ko] - C:\Windows\AppPatch\Custom\Custom64 [MD5.00000000000000000000000000000000] - |D| - [14/03/2022 21:57:55] - [0 Ko] - C:\Windows\Temp\avast_ash2 [MD5.F347BABA22AF59A07946B4F4ABF69083] - |A| - [14/03/2022 14:42:08] - (.-.) - [82.67 Ko] - (0.0.0.0) - C:\Windows\Temp\chrome_installer.log [MD5.00000000000000000000000000000000] - |D| - [25/03/2022 22:30:37] - [35 Ko] - C:\Windows\Temp\cpuz152 [MD5.00000000000000000000000000000000] - |D| - [14/03/2022 14:42:08] - [0.04 Ko] - C:\Windows\Temp\Crashpad [MD5.00000000000000000000000000000000] - |D| - [14/03/2022 16:40:01] - [0 Ko] - C:\Windows\Temp\EEF9C237-0B55-4583-83F2-B792A93E10B0-Sigs [MD5.00000000000000000000000000000000] - |D| - [14/03/2022 21:36:22] - [0 Ko] - C:\Windows\Temp\MsEdgeCrashpad [MD5.D3D86C18E722BEEA6F0C4BBFF42FA0B5] - |A| - [14/03/2022 21:36:22] - (.-.) - [227.45 Ko] - (0.0.0.0) - C:\Windows\Temp\msedge_installer.log [MD5.00000000000000000000000000000000] - |D| - [14/03/2022 16:15:39] - [0 Ko] - C:\Windows\Temp\NvidiaLogging [MD5.00000000000000000000000000000000] - |D| - [14/03/2022 23:35:25] - [0 Ko] - C:\Windows\Temp\TeamViewer [MD5.00000000000000000000000000000000] - |D| - [15/03/2022 15:11:28] - [0 Ko] - C:\Windows\Temp\WinSAT [MD5.00000000000000000000000000000000] - |D| - [24/03/2022 14:00:02] - [20448 Ko] - C:\Windows\Temp\_016CB883-9B07-4068-986D-5FBCDDE4E86D [MD5.00000000000000000000000000000000] - |D| - [14/03/2022 21:56:35] - [0 Ko] - C:\Windows\Temp\_avast_ [MD5.00000000000000000000000000000000] - |D| - [24/03/2022 14:00:03] - [20480 Ko] - C:\Windows\Temp\_D1B1A0CC-73CF-4E63-A7C0-27AAC086ECF6 [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 15:50:21] - [0 Ko] - C:\Windows\System32\0409 [MD5.C652A5EA6545C98CE71684018E0640E7] - |A| - [07/12/2019 10:09:00] - (.-.) - [3.1 Ko] - (0.0.0.0) - C:\Windows\System32\@AdvancedKeySettingsNotification.png [MD5.D6F8DD9F561B8A67FFAC2BAD7E989770] - |A| - [07/12/2019 10:08:44] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\Windows\System32\@AppHelpToast.png [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [07/12/2019 10:08:45] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\Windows\System32\@AudioToastIcon.png [MD5.8E4B25CC8E98F63DBD54176DFAB539E0] - |A| - [07/12/2019 10:08:21] - (.-.) - [0.44 Ko] - (0.0.0.0) - C:\Windows\System32\@BackgroundAccessToastIcon.png [MD5.3937359E324E15F6A7A7092D4DAEBD64] - |A| - [07/12/2019 10:08:52] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\Windows\System32\@bitlockertoastimage.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [07/12/2019 10:08:52] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\Windows\System32\@EnrollmentToastIcon.png [MD5.C2A332DE50FE519DA21AFB8BD6E134F4] - |A| - [07/12/2019 10:08:58] - (.-.) - [0.55 Ko] - (0.0.0.0) - C:\Windows\System32\@language_notification_icon.png [MD5.A119D69B4C29845D3F8CE2E5638C8E65] - |A| - [07/12/2019 10:09:45] - (.-.) - [0.47 Ko] - (0.0.0.0) - C:\Windows\System32\@optionalfeatures.png [MD5.A3437673F5766635A8378F67645B81C0] - |A| - [07/12/2019 10:09:37] - (.-.) - [0.35 Ko] - (0.0.0.0) - C:\Windows\System32\@StorageSenseToastIcon.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [07/12/2019 10:09:07] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\Windows\System32\@VpnToastIcon.png [MD5.79166EAF65485F1432DD72B72870026B] - |A| - [07/12/2019 10:09:32] - (.-.) - [190.86 Ko] - (0.0.0.0) - C:\Windows\System32\@windows-hello-V4.1.gif [MD5.13EF2C8D799F7B6E9D8E3D6BACB9C779] - |A| - [07/12/2019 10:09:32] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsHelloFaceToastIcon.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [07/12/2019 10:08:39] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsUpdateToastIcon.contrast-black.png [MD5.DAD405CBDE259DE527EBF71BCC28099C] - |A| - [07/12/2019 10:08:39] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsUpdateToastIcon.contrast-white.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [07/12/2019 10:08:39] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsUpdateToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [07/12/2019 10:08:19] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\Windows\System32\@WirelessDisplayToast.png [MD5.147B047B46B79A91CC34499D4F89119E] - |A| - [07/12/2019 10:09:05] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\Windows\System32\@WLOGO_48x48.png [MD5.31A16C523B62500F83C82217F056A538] - |A| - [07/12/2019 10:08:39] - (.-.) - [8.13 Ko] - (0.0.0.0) - C:\Windows\System32\ActiveHours.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [2786.8 Ko] - C:\Windows\System32\AdvancedInstallers [MD5.A49C26AA0CADD994DE158F51CB7EEFBC] - |A| - [06/10/2021 14:29:37] - (.-.) - [13 Ko] - (0.0.0.0) - C:\Windows\System32\agentactivationruntimestarter.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [5.97 Ko] - C:\Windows\System32\am-et [MD5.1263C12E8B63EE05514E0486F8DF527A] - |A| - [06/12/2021 08:12:14] - (.Copyright (c) 2013 - 2021 Advanced Micro Devices, Inc. - amdtee_api dll.) - [432.8 Ko] - (5.17.0.0) - C:\Windows\System32\amdtee_api.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [0 Ko] - C:\Windows\System32\AppLocker [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [2894.22 Ko] - C:\Windows\System32\appraiser [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 15:53:51] - [287.51 Ko] - C:\Windows\System32\AppV [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [279.5 Ko] - C:\Windows\System32\ar-SA [MD5.7605725C6464C7272BF3115901DF5776] - |A| - [16/03/2022 17:23:04] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [665.5 Ko] - (3.5.1.0) - C:\Windows\System32\archiveint.dll [MD5.C4E526D30AA8F2534BBCEDA89D8F9820] - |A| - [06/10/2021 14:31:36] - (.-.) - [469 Ko] - (0.0.0.0) - C:\Windows\System32\AssignedAccessCsp.dll [MD5.4C03C39D34073C399C6417820BCBE844] - |A| - [14/03/2022 21:55:44] - (.Copyright (c) 2022 AVAST Software - Avast Antivirus start-up scanner.) - [332.77 Ko] - (22.2.7013.0) - C:\Windows\System32\aswBoot.exe [MD5.C03F0062C0749CDB59A4D60862C3E83E] - |A| - [07/12/2019 10:08:07] - (.-.) - [134.86 Ko] - (0.0.0.0) - C:\Windows\System32\AverageRoom.bin [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [258.5 Ko] - C:\Windows\System32\bg-BG [MD5.705628497C0012302212A46ADD463E6E] - |A| - [07/12/2019 10:08:05] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\Windows\System32\BluetoothPairingSystemToastIcon.contrast-black.png [MD5.F63C615733A3337BF2BEA96C6EE9B568] - |A| - [07/12/2019 10:08:05] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\Windows\System32\BluetoothPairingSystemToastIcon.contrast-high.png [MD5.705628497C0012302212A46ADD463E6E] - |A| - [07/12/2019 10:08:05] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\Windows\System32\BluetoothPairingSystemToastIcon.contrast-white.png [MD5.DAF1DCB4AEE839A1965F4CC160C49A53] - |A| - [07/12/2019 10:08:05] - (.-.) - [8.34 Ko] - (0.0.0.0) - C:\Windows\System32\BluetoothPairingSystemToastIcon.png [MD5.28ECA83D7F9D10D69E969675D1FF6725] - |A| - [07/12/2019 10:08:05] - (.-.) - [1.29 Ko] - (0.0.0.0) - C:\Windows\System32\BluetoothSystemToastIcon.contrast-white.png [MD5.A620186FF1CDE4EE117FC4CAD648B9CC] - |A| - [07/12/2019 10:08:05] - (.-.) - [1.2 Ko] - (0.0.0.0) - C:\Windows\System32\BluetoothSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [5947.72 Ko] - C:\Windows\System32\Boot [MD5.3149A16CF39B9A49BD9A1EF98A1C527B] - |A| - [06/10/2021 14:30:21] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [186.5 Ko] - (1.0.0.1) - C:\Windows\System32\BthpanContextHandler.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [0.1 Ko] - C:\Windows\System32\Bthprops [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:03:44] - [54019.49 Ko] - C:\Windows\System32\CatRoot [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [44442.82 Ko] - C:\Windows\System32\catroot2 [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [25.49 Ko] - C:\Windows\System32\CodeIntegrity [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [377.5 Ko] - C:\Windows\System32\Com [MD5.535884123FABC2C15AA7DEC9834B55D4] - |A| - [07/12/2019 10:08:05] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\Windows\System32\ComputerToastIcon.contrast-white.png [MD5.89F92266DFC6F93961DFFBB2D6C61A15] - |A| - [07/12/2019 10:08:05] - (.-.) - [0.38 Ko] - (0.0.0.0) - C:\Windows\System32\ComputerToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:03:44] - [259118.28 Ko] - C:\Windows\System32\config [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 10:14:52] - [53.11 Ko] - C:\Windows\System32\Configuration [MD5.C113EC3ABF481A1B41F99BD721B513C3] - |A| - [06/10/2021 14:30:11] - (.-.) - [225.83 Ko] - (0.0.0.0) - C:\Windows\System32\containerdevicemanagement.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [0.34 Ko] - C:\Windows\System32\ContainerSettingsProviders [MD5.A41C1754A956E37B5E7D06D5167548E7] - |A| - [06/10/2021 14:29:37] - (.-.) - [280.5 Ko] - (0.0.0.0) - C:\Windows\System32\CoreMas.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [322.5 Ko] - C:\Windows\System32\cs-CZ [MD5.05DE2EB0889D77D447BCA7BD597819CF] - |A| - [16/03/2022 17:23:04] - (.© 1996 - 2021 Daniel Stenberg, . - The curl executable.) - [511.5 Ko] - (7.79.1.0) - C:\Windows\System32\curl.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [326 Ko] - C:\Windows\System32\da-DK [MD5.908694591B882879050057989F01E946] - |A| - [16/03/2022 17:22:20] - (.-.) - [159 Ko] - (0.0.0.0) - C:\Windows\System32\DataStoreCacheDumpTool.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [272.44 Ko] - C:\Windows\System32\DDFs [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [363.5 Ko] - C:\Windows\System32\de-DE [MD5.C1684AACAAD62889ACFCA988AA46562D] - |A| - [07/12/2019 10:08:21] - (.-.) - [28.83 Ko] - (0.0.0.0) - C:\Windows\System32\DefaultAccountTile.png [MD5.057C75B5735EEF2A75ABF8F6770BCA34] - |A| - [06/10/2021 14:29:38] - (.-.) - [4128.04 Ko] - (0.0.0.0) - C:\Windows\System32\DefaultHrtfs.bin [MD5.664AA698FC0106A2B075A641E8DC6302] - |A| - [07/12/2019 10:14:56] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\Windows\System32\DefaultQuestions.json [MD5.041A7B079E9776721847031A7CF533E1] - |A| - [07/12/2019 10:09:34] - (.-.) - [15.97 Ko] - (0.0.0.0) - C:\Windows\System32\DeliveryOptimizationMIProv.mof [MD5.59D5500F74109D59522F5A9457B8D9A2] - |A| - [07/12/2019 10:09:34] - (.-.) - [0.89 Ko] - (0.0.0.0) - C:\Windows\System32\DeliveryOptimizationMIProvUninstall.mof [MD5.B924F1A7DE5ED8331B3375A778B3FE38] - |A| - [07/12/2019 10:08:52] - (.-.) - [35.5 Ko] - (0.0.0.0) - C:\Windows\System32\deploymentcsphelper.exe [MD5.851A9305E14B348CA0D9C7FB75391FDB] - |A| - [07/12/2019 10:08:39] - (.-.) - [272.34 Ko] - (0.0.0.0) - C:\Windows\System32\DesktopKeepOnToastImg.gif [MD5.4A6FA3C0EFD237F104E09A22883D9388] - |A| - [07/12/2019 10:08:43] - (.-.) - [3.85 Ko] - (0.0.0.0) - C:\Windows\System32\DetailedReading-Default.xml [MD5.4B0DA098F52E1DDDB3169B30477E22C8] - |A| - [06/10/2021 14:31:33] - (.-.) - [166.5 Ko] - (0.0.0.0) - C:\Windows\System32\DeviceUpdateCenterCsp.dll [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 10:14:52] - [886 Ko] - C:\Windows\System32\DiagSvcs [MD5.037DF43BCC9F9A4DF6548FED8F4503AF] - |A| - [07/12/2019 10:08:37] - (.-.) - [82.96 Ko] - (0.0.0.0) - C:\Windows\System32\DiskSnapshot.conf [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [9898.77 Ko] - C:\Windows\System32\Dism [MD5.6AB2B935BF38EB13CFCB9506223FD6E7] - |A| - [07/12/2019 10:08:05] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\Windows\System32\DisplaySystemToastIcon.contrast-white.png [MD5.FF004E0B30E5E4EC747B3D8EF6E3B89E] - |A| - [07/12/2019 10:08:05] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\Windows\System32\DisplaySystemToastIcon.png [MD5.C82AC2461534ACC47F6403A4BF8FB853] - |A| - [16/03/2022 17:23:03] - (.-.) - [11.63 Ko] - (0.0.0.0) - C:\Windows\System32\DrtmAuthTxt.wim [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 10:14:52] - [161.5 Ko] - C:\Windows\System32\dsc [MD5.9F3FA96F301CBE828AA9E98F13506F4A] - |A| - [16/03/2022 17:22:38] - (.-.) - [2201.5 Ko] - (0.0.0.0) - C:\Windows\System32\dwmscene.dll [MD5.DF84EB7B44D1414284BA384F0061D1DC] - |A| - [07/12/2019 10:08:07] - (.-.) - [728.08 Ko] - (0.0.0.0) - C:\Windows\System32\DynamicLong.bin [MD5.346870077DFD18867A9693C7A59AA3E6] - |A| - [07/12/2019 10:08:07] - (.-.) - [503.08 Ko] - (0.0.0.0) - C:\Windows\System32\DynamicMedium.bin [MD5.2BEC13D68312ADE8C0065D8BCC146D2F] - |A| - [07/12/2019 10:08:07] - (.-.) - [315.58 Ko] - (0.0.0.0) - C:\Windows\System32\DynamicShort.bin [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [366.5 Ko] - C:\Windows\System32\el-GR [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 15:50:21] - [0 Ko] - C:\Windows\System32\en [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [244 Ko] - C:\Windows\System32\en-GB [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [1591.5 Ko] - C:\Windows\System32\en-US [MD5.1D0A840D731A2C1F2E1FB5B8596B4C34] - |A| - [06/10/2021 14:30:19] - (.-.) - [148.5 Ko] - (0.0.0.0) - C:\Windows\System32\EoAExperiences.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [348 Ko] - C:\Windows\System32\es-ES [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [271 Ko] - C:\Windows\System32\es-MX [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [238 Ko] - C:\Windows\System32\et-EE [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 10:14:52] - [16718.64 Ko] - C:\Windows\System32\F12 [MD5.4DED57BD7ACB9B0EBBE82034EC44645A] - |A| - [07/12/2019 10:08:41] - (.-.) - [43.22 Ko] - (0.0.0.0) - C:\Windows\System32\FeatureToastBulldogImg.png [MD5.7F65C93283F31EB39E311DDDC00DFBA6] - |A| - [06/10/2021 14:30:23] - (.-.) - [16.54 Ko] - (0.0.0.0) - C:\Windows\System32\FeatureToastDlpImg.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [7.11 Ko] - C:\Windows\System32\ff-Adlm-SN [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [330.5 Ko] - C:\Windows\System32\fi-FI [MD5.6B33A21BB6C09B61C2B13AA984122B29] - |A| - [14/03/2022 21:36:13] - (.-.) - [261.43 Ko] - (0.0.0.0) - C:\Windows\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 15:50:21] - [3490.5 Ko] - C:\Windows\System32\fr [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [279 Ko] - C:\Windows\System32\fr-CA [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [48328.3 Ko] - C:\Windows\System32\fr-FR [MD5.EB37DB663DC19E7C4D7F23A12DA07E99] - |A| - [06/10/2021 14:31:18] - (.-.) - [657 Ko] - (0.0.0.0) - C:\Windows\System32\FsNVSDeviceSource.dll [MD5.287BFB8FB79B50B3042E4D350326373F] - |A| - [14/03/2022 16:22:54] - (.-.) - [80.5 Ko] - (0.0.0.0) - C:\Windows\System32\FvSDK_x64.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 15:51:43] - [0 Ko] - C:\Windows\System32\FxsTmp [MD5.41FD64AE28A0C932CA7B2A250993D675] - |A| - [07/12/2019 10:08:05] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\Windows\System32\GameSystemToastIcon.contrast-white.png [MD5.6DC77FD8B062264AF1C6DA325ABB7010] - |A| - [07/12/2019 10:08:05] - (.-.) - [1.11 Ko] - (0.0.0.0) - C:\Windows\System32\GameSystemToastIcon.png [MD5.2E6AF4D5BF6E31E728F409984C3045D4] - |A| - [07/12/2019 10:09:48] - (.-.) - [86.7 Ko] - (0.0.0.0) - C:\Windows\System32\gatherNetworkInfo.vbs [MD5.00000000000000000000000000000000] - |D| - [14/03/2022 21:56:35] - [0.02 Ko] - C:\Windows\System32\gf2engine [MD5.00000000000000000000000000000000] - |HD| - [07/12/2019 10:14:52] - [0.27 Ko] - C:\Windows\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [0 Ko] - C:\Windows\System32\GroupPolicyUsers [MD5.EA99A87E98D995DE6E280CF85CEAD413] - |A| - [07/12/2019 10:08:05] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\Windows\System32\HandwritingSystemToastIcon.contrast-white.png [MD5.B8E586ED92DB703FFA480E254996160E] - |A| - [07/12/2019 10:08:05] - (.-.) - [0.89 Ko] - (0.0.0.0) - C:\Windows\System32\HandwritingSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [256.5 Ko] - C:\Windows\System32\he-IL [MD5.6E9E9D56B192B2995493E529CFF2BBFE] - |A| - [07/12/2019 10:08:05] - (.-.) - [1.43 Ko] - (0.0.0.0) - C:\Windows\System32\HeadphoneSystemToastIcon.contrast-white.png [MD5.7F1E9502267F778F3A8139C35A352190] - |A| - [07/12/2019 10:08:05] - (.-.) - [1.09 Ko] - (0.0.0.0) - C:\Windows\System32\HeadphoneSystemToastIcon.png [MD5.202A07E4526B050E22624328E64E0470] - |A| - [07/12/2019 10:08:05] - (.-.) - [1.52 Ko] - (0.0.0.0) - C:\Windows\System32\HeadsetSystemToastIcon.contrast-white.png [MD5.1892ACC10CAC009BCAC146AD650ABA58] - |A| - [07/12/2019 10:08:05] - (.-.) - [1.17 Ko] - (0.0.0.0) - C:\Windows\System32\HeadsetSystemToastIcon.png [MD5.031713BFD5F30E63336D3CA5D2767BE9] - |A| - [07/12/2019 10:08:05] - (.-.) - [1.79 Ko] - (0.0.0.0) - C:\Windows\System32\HealthSystemToastIcon.contrast-white.png [MD5.C1BD7976C99830E33A713D02374054EC] - |A| - [07/12/2019 10:08:05] - (.-.) - [1.62 Ko] - (0.0.0.0) - C:\Windows\System32\HealthSystemToastIcon.png [MD5.6D2BA2902199292D57806E3C53C587BF] - |A| - [06/10/2021 14:30:05] - (.-.) - [299.5 Ko] - (0.0.0.0) - C:\Windows\System32\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [250 Ko] - C:\Windows\System32\hr-HR [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [329.5 Ko] - C:\Windows\System32\hu-HU [MD5.B6037A4AD99A567A34F7A014F8B42069] - |A| - [06/10/2021 14:31:36] - (.-.) - [134.82 Ko] - (0.0.0.0) - C:\Windows\System32\HvsiManagementApi.dll [MD5.871CA2345825E86D1D2D2A2E9E475D4F] - |A| - [06/10/2021 14:31:20] - (.-.) - [44.8 Ko] - (0.0.0.0) - C:\Windows\System32\HvSocket.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 15:53:51] - [149.55 Ko] - C:\Windows\System32\Hydrogen [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [5.36 Ko] - C:\Windows\System32\ias [MD5.FEA69F5B59ED161AA62FA9E2CCB9C717] - |A| - [14/03/2022 21:56:24] - (.© 2022 Avast Software - Avast Installer.) - [35.27 Ko] - (21.21.4143.0) - C:\Windows\System32\icarus_rvrt.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [36.27 Ko] - C:\Windows\System32\icsxml [MD5.947D07FA32ABB13DB520016769EB901B] - |A| - [06/10/2021 14:30:09] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Combined Library.) - [2207.5 Ko] - (64.2.0.0) - C:\Windows\System32\icu.dll [MD5.A7B574704574F326B92DCEA872F1E9E1] - |A| - [06/10/2021 14:30:09] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N Forwarder DLL.) - [24.5 Ko] - (64.2.0.0) - C:\Windows\System32\icuin.dll [MD5.4A85A9DEA3D47D95CEF5525586756EA6] - |A| - [06/10/2021 14:30:09] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common Forwarder DLL.) - [29 Ko] - (64.2.0.0) - C:\Windows\System32\icuuc.dll [MD5.388BE35F952EC7F057CDD79E8EDF9A18] - |A| - [06/10/2021 14:29:36] - (.-.) - [193 Ko] - (0.0.0.0) - C:\Windows\System32\IHDS.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [26851.41 Ko] - C:\Windows\System32\IME [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [0 Ko] - C:\Windows\System32\inetsrv [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [6943 Ko] - C:\Windows\System32\InputMethod [MD5.8DE9AE82152650C178BF1E24014E8503] - |A| - [07/12/2019 10:08:05] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\Windows\System32\InputSystemToastIcon.contrast-white.png [MD5.0B9FBD6F3ED617CD36D042D3422F1C2B] - |A| - [07/12/2019 10:08:05] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\Windows\System32\InputSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [0 Ko] - C:\Windows\System32\Ipmi [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [350.5 Ko] - C:\Windows\System32\it-IT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [265.84 Ko] - C:\Windows\System32\ja-jp [MD5.23AC7515B6D8A794BCC01B582F044078] - |A| - [07/12/2019 10:08:05] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\Windows\System32\KeyboardSystemToastIcon.contrast-white.png [MD5.3DF873E16CCEA9B42857FB5FA085CB00] - |A| - [07/12/2019 10:08:05] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\Windows\System32\KeyboardSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [10192.95 Ko] - C:\Windows\System32\Keywords [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [239 Ko] - C:\Windows\System32\ko-KR [MD5.9451D4436E2EA67EB33FCC764E4AABED] - |A| - [07/12/2019 10:08:39] - (.-.) - [186.29 Ko] - (0.0.0.0) - C:\Windows\System32\LaptopPlugInToastImg.gif [MD5.F0CC83E1BA7E24F9B3292160C28AECD7] - |A| - [07/12/2019 10:08:07] - (.-.) - [145.56 Ko] - (0.0.0.0) - C:\Windows\System32\LargeRoom.bin [MD5.14BE6A1C21780D85AD3F1D09283C56DA] - |A| - [06/10/2021 14:31:51] - (.-.) - [1647.5 Ko] - (3.0.2.0) - C:\Windows\System32\libcrypto.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [454.91 Ko] - C:\Windows\System32\Licenses [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [28982.27 Ko] - C:\Windows\System32\LogFiles [MD5.00000000000000000000000000000000] - |D| - [16/03/2022 17:25:44] - [128 Ko] - C:\Windows\System32\Logs [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [246.5 Ko] - C:\Windows\System32\lt-LT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [247.5 Ko] - C:\Windows\System32\lv-LV [MD5.00000000000000000000000000000000] - |D| - [14/03/2022 14:33:53] - [93777.68 Ko] - C:\Windows\System32\lxss [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 15:52:40] - [32.68 Ko] - C:\Windows\System32\MailContactsCalendarSync [MD5.7A495CA1402C2F9F5D035092AD808669] - |A| - [07/12/2019 10:10:41] - (.-.) - [0.85 Ko] - (0.0.0.0) - C:\Windows\System32\manage-bde.wsf [MD5.4BFD587C99FE34EEA0E74622C798B3BE] - |A| - [06/10/2021 14:30:42] - (.-.) - [1137 Ko] - (0.0.0.0) - C:\Windows\System32\MBR2GPT.EXE [MD5.F23EB28468FC8B62AF941308EC30387F] - |A| - [07/12/2019 10:08:05] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\Windows\System32\MediaSystemToastIcon.contrast-white.png [MD5.6E27512E38D598E0A60F8E5ADCF032CD] - |A| - [07/12/2019 10:08:05] - (.-.) - [0.83 Ko] - (0.0.0.0) - C:\Windows\System32\MediaSystemToastIcon.png [MD5.69D04DE701CF1E8CE69C65D1671D2B3F] - |A| - [07/12/2019 10:08:07] - (.-.) - [107.46 Ko] - (0.0.0.0) - C:\Windows\System32\MediumRoom.bin [MD5.00000000000000000000000000000000] - |SD| - [14/03/2022 21:36:13] - [1.88 Ko] - C:\Windows\System32\Microsoft [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [6856.2 Ko] - C:\Windows\System32\migration [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [45392.46 Ko] - C:\Windows\System32\migwiz [MD5.08749DCC252AE1148E3BEA32B3FFFBFC] - |A| - [07/12/2019 10:10:11] - (.-.) - [0.11 Ko] - (0.0.0.0) - C:\Windows\System32\MixedRealityRuntime.json [MD5.C8BF077B236ED2803347BD95DE29BF68] - |A| - [07/12/2019 10:14:56] - (.-.) - [3.03 Ko] - (0.0.0.0) - C:\Windows\System32\mmc.exe.config [MD5.B43E43FFFDD0F06A6925C7C89594042B] - |A| - [07/12/2019 10:08:05] - (.-.) - [1.35 Ko] - (0.0.0.0) - C:\Windows\System32\MouseSystemToastIcon.contrast-white.png [MD5.5D2F0D3E50BF1129D260AC1405FF2A18] - |A| - [07/12/2019 10:08:05] - (.-.) - [1.06 Ko] - (0.0.0.0) - C:\Windows\System32\MouseSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [16/03/2022 14:28:56] - [0 Ko] - C:\Windows\System32\MRT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [45.5 Ko] - C:\Windows\System32\MSDRM [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [4148.28 Ko] - C:\Windows\System32\MsDtc [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [21.37 Ko] - C:\Windows\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [45.64 Ko] - C:\Windows\System32\my-mm [MD5.74FDEEAC0C0C0F62F4D0D484A36DA23A] - |A| - [07/12/2019 10:08:44] - (.-.) - [30.09 Ko] - (0.0.0.0) - C:\Windows\System32\NarratorControlTemplates.xml [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [319 Ko] - C:\Windows\System32\nb-NO [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [0 Ko] - C:\Windows\System32\NDF [MD5.C146E873B22C3B300B21A859FE66C27A] - |A| - [07/12/2019 10:09:48] - (.-.) - [21.15 Ko] - (0.0.0.0) - C:\Windows\System32\NetTrace.PLA.Diagnostics.xml [MD5.0E2D5DA1C7A1A97E46172AC33AD354EC] - |A| - [07/12/2019 10:09:48] - (.-.) - [70.5 Ko] - (0.0.0.0) - C:\Windows\System32\nettraceex.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [51 Ko] - C:\Windows\System32\networklist [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [343 Ko] - C:\Windows\System32\nl-NL [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 10:14:52] - [3781.5 Ko] - C:\Windows\System32\Nui [MD5.BD34474E22AA535E2D6A0792F840B1C5] - |A| - [14/03/2022 16:14:20] - (.-.) - [87.16 Ko] - (0.0.0.0) - C:\Windows\System32\nvinfo.pb [MD5.3C5133AB9722AD274973CBFE396D1275] - |A| - [14/03/2022 16:14:20] - (.-.) - [779.44 Ko] - (0.0.0.0) - C:\Windows\System32\nvofapi64.dll [MD5.D55B689DF6269B40E170EAFBCC0C34C4] - |A| - [07/12/2019 15:53:51] - (.-.) - [20.42 Ko] - (0.0.0.0) - C:\Windows\System32\OEMDefaultAssociations.xml [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [07/12/2019 10:08:39] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\Windows\System32\OkDone_80.contrast-black.png [MD5.BFE1CCA08FEFC8A3422F7DA615567D75] - |A| - [07/12/2019 10:08:39] - (.-.) - [0.43 Ko] - (0.0.0.0) - C:\Windows\System32\OkDone_80.contrast-white.png [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [07/12/2019 10:08:39] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\Windows\System32\OkDone_80.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [15194.54 Ko] - C:\Windows\System32\oobe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 15:51:31] - [3625 Ko] - C:\Windows\System32\OpenSSH [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [3.81 Ko] - C:\Windows\System32\osa-Osge-001 [MD5.459FB33AA2114A28C5932FEAA115B072] - |A| - [07/12/2019 10:08:07] - (.-.) - [45.82 Ko] - (0.0.0.0) - C:\Windows\System32\OutdoorAudioEnvironment.bin [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [1724.83 Ko] - C:\Windows\System32\PerceptionSimulation [MD5.879409F562D56A2F1685D23251EAC441] - |A| - [07/12/2019 10:17:25] - (.-.) - [130.24 Ko] - (0.0.0.0) - C:\Windows\System32\perfc009.dat [MD5.1655B8063EB6730B7AE16FD0A25F200B] - |A| - [07/12/2019 15:50:23] - (.-.) - [146.54 Ko] - (0.0.0.0) - C:\Windows\System32\perfc00C.dat [MD5.1E60BC5E525063B96078DF17FBD3C4E1] - |A| - [07/12/2019 10:17:25] - (.-.) - [32.64 Ko] - (0.0.0.0) - C:\Windows\System32\perfd009.dat [MD5.9F9AF8517189B0D61B2615007E071084] - |A| - [07/12/2019 15:50:23] - (.-.) - [39.74 Ko] - (0.0.0.0) - C:\Windows\System32\perfd00C.dat [MD5.9162313C09D657634E00FA4934F171AF] - |A| - [07/12/2019 10:17:25] - (.-.) - [685.08 Ko] - (0.0.0.0) - C:\Windows\System32\perfh009.dat [MD5.5381FDC0FF2BE35DE47E41301E6A6CD4] - |A| - [07/12/2019 15:50:23] - (.-.) - [773.33 Ko] - (0.0.0.0) - C:\Windows\System32\perfh00C.dat [MD5.5669F8F0BD33290363D47339F255C667] - |A| - [14/03/2022 14:35:14] - (.-.) - [1729.92 Ko] - (0.0.0.0) - C:\Windows\System32\PerfStringBackup.INI [MD5.79D34E3B62076D4C875C748F5BE71ECA] - |A| - [07/12/2019 10:08:05] - (.-.) - [2.21 Ko] - (0.0.0.0) - C:\Windows\System32\PhoneSystemToastIcon.contrast-white.png [MD5.4D9495349D00D9AD907F227FF51F289F] - |A| - [07/12/2019 10:08:05] - (.-.) - [1.92 Ko] - (0.0.0.0) - C:\Windows\System32\PhoneSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [343.5 Ko] - C:\Windows\System32\pl-PL [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [456 Ko] - C:\Windows\System32\PointOfService [MD5.7700A1F5ECACFB07A92C5960448AFAB8] - |A| - [07/12/2019 10:08:28] - (.-.) - [43 Ko] - (0.0.0.0) - C:\Windows\System32\pospaymentsworker.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 15:50:21] - [420.74 Ko] - C:\Windows\System32\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [0 Ko] - C:\Windows\System32\ProximityToast [MD5.007893E8374C766471239EB291BA8C17] - |A| - [07/12/2019 10:08:19] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\Windows\System32\psmodulediscoveryprovider.mof [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [337 Ko] - C:\Windows\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [339.5 Ko] - C:\Windows\System32\pt-PT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [23.75 Ko] - C:\Windows\System32\ras [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [0 Ko] - C:\Windows\System32\RasToast [MD5.7852D37790807E55BD71A65183E0F1ED] - |A| - [06/10/2021 14:31:17] - (.-.) - [2315.5 Ko] - (1.0.2104.14003) - C:\Windows\System32\rdpnano.dll [MD5.42577ED1BA5199ADD53E1186EC4E28A4] - |A| - [06/10/2021 14:29:38] - (.-.) - [72.5 Ko] - (0.0.0.0) - C:\Windows\System32\rdsxvmaudio.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [1.08 Ko] - C:\Windows\System32\Recovery [MD5.826549DF7B1333179BA8CA939B12DAD3] - |A| - [07/12/2019 10:08:05] - (.-.) - [1.58 Ko] - (0.0.0.0) - C:\Windows\System32\RemoteSystemToastIcon.contrast-white.png [MD5.B4DEEC96F9DF6961D5DE054F11BF9C2B] - |A| - [07/12/2019 10:08:05] - (.-.) - [1.1 Ko] - (0.0.0.0) - C:\Windows\System32\RemoteSystemToastIcon.png [MD5.19B5EEEC29F044451D5E8E89B1BE6F5E] - |A| - [07/12/2019 10:09:33] - (.-.) - [110.5 Ko] - (0.0.0.0) - C:\Windows\System32\ResBParser.dll [MD5.31924C8E78CDBD81DA7905E87B185387] - |A| - [07/12/2019 10:09:54] - (.-.) - [9.35 Ko] - (0.0.0.0) - C:\Windows\System32\ResPriHMImageList [MD5.5504F7F27D0AB178346D643D444A612C] - |A| - [07/12/2019 10:09:54] - (.-.) - [8.98 Ko] - (0.0.0.0) - C:\Windows\System32\ResPriHMImageListLowCost [MD5.85CF16AF388AE12AAE3E48A883C17A06] - |A| - [07/12/2019 10:09:54] - (.-.) - [8.77 Ko] - (0.0.0.0) - C:\Windows\System32\ResPriImageList [MD5.1391FB4E005C208A35E77DF6F3F055E2] - |A| - [07/12/2019 10:09:54] - (.-.) - [8.49 Ko] - (0.0.0.0) - C:\Windows\System32\ResPriImageListLowCost [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [07/12/2019 10:08:39] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\Windows\System32\RestartNowPower_80.contrast-black.png [MD5.DF286186041C6BF73C5DC21CEEEFFED5] - |A| - [07/12/2019 10:08:39] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\Windows\System32\RestartNowPower_80.contrast-white.png [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [07/12/2019 10:08:39] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\Windows\System32\RestartNowPower_80.png [MD5.AE9FE55FED83149715734CB83339055A] - |A| - [07/12/2019 10:08:39] - (.-.) - [1.07 Ko] - (0.0.0.0) - C:\Windows\System32\RestartTonight_80.png [MD5.AE9FE55FED83149715734CB83339055A] - |A| - [07/12/2019 10:08:39] - (.-.) - [1.07 Ko] - (0.0.0.0) - C:\Windows\System32\RestartTonight_80_contrast-black.png [MD5.891AD355AB777A95695FC8A8A623A614] - |A| - [07/12/2019 10:08:39] - (.-.) - [0.98 Ko] - (0.0.0.0) - C:\Windows\System32\RestartTonight_80_contrast-white.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [0.07 Ko] - C:\Windows\System32\restore [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [262 Ko] - C:\Windows\System32\ro-RO [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [334.5 Ko] - C:\Windows\System32\ru-RU [MD5.8BB7F1C55F4DF7CEFF9291FDB77F780B] - |A| - [16/03/2022 17:22:40] - (.-.) - [59.5 Ko] - (0.0.0.0) - C:\Windows\System32\runexehelper.exe [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [07/12/2019 10:10:32] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\Windows\System32\ScavengeSpace.xml [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [07/12/2019 10:08:39] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\Windows\System32\ScheduleTime_80.contrast-black.png [MD5.E72B1B6800DE45AA9AE7E10F899E5999] - |A| - [07/12/2019 10:08:39] - (.-.) - [0.54 Ko] - (0.0.0.0) - C:\Windows\System32\ScheduleTime_80.contrast-white.png [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [07/12/2019 10:08:39] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\Windows\System32\ScheduleTime_80.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [4.85 Ko] - C:\Windows\System32\SecureBootUpdates [MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |A| - [07/12/2019 10:08:41] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\System32\settings.dat [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [78.59 Ko] - C:\Windows\System32\Sgrm [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [1839 Ko] - C:\Windows\System32\ShellExperiences [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [23.7 Ko] - C:\Windows\System32\si-lk [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [254.5 Ko] - C:\Windows\System32\sk-SK [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [251.5 Ko] - C:\Windows\System32\sl-SI [MD5.00000000000000000000000000000000] - |D| - [14/03/2022 21:36:13] - [20971.57 Ko] - C:\Windows\System32\SleepStudy [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 15:50:21] - [52.14 Ko] - C:\Windows\System32\slmgr [MD5.DAC275ABAAD2B689D7BB3685E4032072] - |A| - [07/12/2019 10:08:07] - (.-.) - [68.15 Ko] - (0.0.0.0) - C:\Windows\System32\SmallRoom.bin [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:03:44] - [12625.02 Ko] - C:\Windows\System32\SMI [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [07/12/2019 10:08:39] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\Windows\System32\Snooze_80.contrast-black.png [MD5.E30B7D226E7B5B0EC2B9FC2316694ECC] - |A| - [07/12/2019 10:08:39] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\Windows\System32\Snooze_80.contrast-white.png [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [07/12/2019 10:08:39] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\Windows\System32\Snooze_80.png [MD5.DE3EAAF17BC934C77C4FC0C626EEA03B] - |A| - [07/12/2019 10:08:05] - (.-.) - [1.48 Ko] - (0.0.0.0) - C:\Windows\System32\SpeakersSystemToastIcon.contrast-white.png [MD5.3308374DB8D20CFDA4D4204E2B5E559E] - |A| - [07/12/2019 10:08:05] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\Windows\System32\SpeakersSystemToastIcon.png [MD5.6DB032025BD266E5A3A52259F57F9247] - |A| - [07/12/2019 10:09:51] - (.-.) - [40 Ko] - (0.0.0.0) - C:\Windows\System32\SpectrumSyncClient.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [7625.3 Ko] - C:\Windows\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [12465.68 Ko] - C:\Windows\System32\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [38386.98 Ko] - C:\Windows\System32\spool [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [15749.13 Ko] - C:\Windows\System32\spp [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [23.63 Ko] - C:\Windows\System32\sppui [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [253.5 Ko] - C:\Windows\System32\sr-Latn-RS [MD5.BA7D4E5FAE64BD0403C7F7E91CD93F77] - |A| - [07/12/2019 10:09:54] - (.-.) - [11.03 Ko] - (0.0.0.0) - C:\Windows\System32\srms-apr-v.dat [MD5.DC9450258D80F46AEF8EF063A7C629B0] - |A| - [07/12/2019 10:09:54] - (.-.) - [19.03 Ko] - (0.0.0.0) - C:\Windows\System32\srms-apr.dat [MD5.67894C70461ABD4EF6C116637EBB218A] - |A| - [07/12/2019 10:09:45] - (.-.) - [58.16 Ko] - (0.0.0.0) - C:\Windows\System32\srms.dat [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [12248 Ko] - C:\Windows\System32\sru [MD5.862E9C75593E9BB1A90961975276F7FE] - |A| - [06/10/2021 14:29:37] - (.-.) - [444.5 Ko] - (0.0.0.0) - C:\Windows\System32\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [324.5 Ko] - C:\Windows\System32\sv-SE [MD5.26D2D82E2DD08761EAACF5BB5099D65B] - |A| - [06/10/2021 14:30:13] - (.-.) - [1265.67 Ko] - (0.0.0.0) - C:\Windows\System32\SvBannerBackground.png [MD5.20C4FE2B130D9F0C92D7629E71AFBB66] - |A| - [07/12/2019 10:10:18] - (.-.) - [1.68 Ko] - (0.0.0.0) - C:\Windows\System32\SyncAppvPublishingServer.vbs [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [1419.62 Ko] - C:\Windows\System32\Sysprep [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [938.28 Ko] - C:\Windows\System32\SystemResetPlatform [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [8.16 Ko] - C:\Windows\System32\ta-in [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [10.73 Ko] - C:\Windows\System32\ta-lk [MD5.3596DC15B6F6CBBB6EC8B143CBD57F24] - |A| - [16/03/2022 17:23:04] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [53.5 Ko] - (3.5.1.0) - C:\Windows\System32\tar.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [688.42 Ko] - C:\Windows\System32\Tasks [MD5.D602CA245CC6774A0981B607F0675609] - |A| - [07/12/2019 10:09:05] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\Windows\System32\tcpmon.ini [MD5.518F44081E6F4B3236CBF4FB17E41F9B] - |A| - [16/03/2022 17:22:29] - (.-.) - [2208 Ko] - (0.0.0.0) - C:\Windows\System32\TextInputMethodFormatter.dll [MD5.4C528AE5D512E3901BACAA5D75240381] - |A| - [06/10/2021 14:30:04] - (.-.) - [689.98 Ko] - (0.0.0.0) - C:\Windows\System32\TextShaping.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [240 Ko] - C:\Windows\System32\th-TH [MD5.CF7677327BE3C6395B9F3333CC0F1C15] - |A| - [06/10/2021 14:30:23] - (.-.) - [1.34 Ko] - (0.0.0.0) - C:\Windows\System32\ThirdPartyNoticesBySHS.txt [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [5.97 Ko] - C:\Windows\System32\ti-et [MD5.25551715B57E10FAFFAAA72B07641075] - |A| - [16/03/2022 17:22:18] - (.-.) - [266.5 Ko] - (0.0.0.0) - C:\Windows\System32\TpmTool.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [312.5 Ko] - C:\Windows\System32\tr-TR [MD5.B88B8D017386A00D7724519F475317A0] - |A| - [07/12/2019 10:08:13] - (.-.) - [10.33 Ko] - (0.0.0.0) - C:\Windows\System32\TransformPPSToWlan.xslt [MD5.2F05390B798363D51EBE65D6320CD45E] - |A| - [07/12/2019 10:08:13] - (.-.) - [1.65 Ko] - (0.0.0.0) - C:\Windows\System32\TransformPPSToWlanCredentials.xslt [MD5.D200497DD3A24F138123F0EB6C385D1D] - |A| - [07/12/2019 10:10:19] - (.-.) - [0.14 Ko] - (0.0.0.0) - C:\Windows\System32\UevAppMonitor.exe.config [MD5.4AAEE8D86EC81DA2A1514ABC77E71F57] - |A| - [07/12/2019 10:10:19] - (.-.) - [3.34 Ko] - (0.0.0.0) - C:\Windows\System32\UevCustomActionTypes.tlb [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [249 Ko] - C:\Windows\System32\uk-UA [MD5.8CDD866E0707A71952FBA8BE899B7512] - |A| - [06/10/2021 14:29:38] - (.-.) - [63.04 Ko] - (0.0.0.0) - C:\Windows\System32\umpdc.dll [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 10:14:52] - [2204.14 Ko] - C:\Windows\System32\UNP [MD5.8ADD5935D83D0A425C39E369520C4095] - |A| - [07/12/2019 10:08:37] - (.-.) - [48 Ko] - (0.0.0.0) - C:\Windows\System32\UsbPmApi.dll [MD5.46A6DF60907700A148D42CCF1219522E] - |A| - [07/12/2019 10:08:39] - (.-.) - [38.5 Ko] - (0.0.0.0) - C:\Windows\System32\usocoreps.dll [MD5.240DD49E1DC6C9232898CC6A7D6E6274] - |A| - [16/03/2022 17:23:19] - (.-.) - [191 Ko] - (0.0.0.0) - C:\Windows\System32\uwfcfgmgmt.dll [MD5.16719E1C38A003C40783E7528421AA3B] - |A| - [06/10/2021 14:31:36] - (.-.) - [154.5 Ko] - (0.0.0.0) - C:\Windows\System32\uwfcsp.dll [MD5.9F5C9E33D356A3EC62EBD5046B5EFD46] - |A| - [06/10/2021 14:31:36] - (.-.) - [40 Ko] - (0.0.0.0) - C:\Windows\System32\uwfservicingapi.dll [MD5.1E630731AFDFC63DEC4074301D342E4B] - |A| - [07/12/2019 10:08:09] - (.-.) - [36.5 Ko] - (0.0.0.0) - C:\Windows\System32\VhfUm.dll [MD5.A10725A4632FFFEAE250E09ADA553F94] - |A| - [06/10/2021 14:31:43] - (.-.) - [93.5 Ko] - (0.0.0.0) - C:\Windows\System32\VirtualMonitorManager.dll [MD5.6D3243BF8EA1458DE3AFEE3C4251FD52] - |A| - [14/03/2022 16:14:25] - (.Copyright (C) 2015-2021 - Vulkan Loader.) - [1397.73 Ko] - (1.3.198.1) - C:\Windows\System32\vulkan-1-999-0-0-0.dll [MD5.6D3243BF8EA1458DE3AFEE3C4251FD52] - |A| - [14/03/2022 16:14:25] - (.Copyright (C) 2015-2021 - Vulkan Loader.) - [1397.73 Ko] - (1.3.198.1) - C:\Windows\System32\vulkan-1.dll [MD5.B5B10ACD9A9706303305818662728455] - |A| - [14/03/2022 16:14:25] - (.Copyright (C) 2015-2021 - Vulkan Loader.) - [1860.23 Ko] - (1.3.198.1) - C:\Windows\System32\vulkaninfo-1-999-0-0-0.exe [MD5.B5B10ACD9A9706303305818662728455] - |A| - [14/03/2022 16:14:25] - (.Copyright (C) 2015-2021 - Vulkan Loader.) - [1860.23 Ko] - (1.3.198.1) - C:\Windows\System32\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [87436.27 Ko] - C:\Windows\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 15:50:22] - [0 Ko] - C:\Windows\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [139218.73 Ko] - C:\Windows\System32\WDI [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [07/12/2019 10:08:46] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\Windows\System32\WdsUnattendTemplate.xml [MD5.1D64ACF3675288CC086E6361EAC748C4] - |A| - [07/12/2019 10:08:52] - (.-.) - [144.51 Ko] - (0.0.0.0) - C:\Windows\System32\Win32AppSettingsProvider.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [1.12 Ko] - C:\Windows\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [53493.83 Ko] - C:\Windows\System32\WinBioPlugIns [MD5.3F376202BE6A0EC0C866D97ED2E0F16D] - |A| - [06/10/2021 14:30:09] - (.-.) - [642.05 Ko] - (0.0.0.0) - C:\Windows\System32\WindowManagementAPI.dll [MD5.E9CA21D71E952448B75C45B2467E4DE7] - |A| - [07/12/2019 10:08:27] - (.-.) - [123 Ko] - (0.0.0.0) - C:\Windows\System32\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [11921.15 Ko] - C:\Windows\System32\WindowsPowerShell [MD5.28E98ED0B6B08B7F1D163FFD184B28AF] - |A| - [07/12/2019 10:08:41] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\Windows\System32\WindowsSecurityIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [121920 Ko] - C:\Windows\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [6281.34 Ko] - C:\Windows\System32\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 15:50:22] - [107.56 Ko] - C:\Windows\System32\winrm [MD5.1B46E2E85D401A629966A8F62D9B0775] - |A| - [07/12/2019 10:08:12] - (.-.) - [9.91 Ko] - (0.0.0.0) - C:\Windows\System32\wpcatltoast.png [MD5.C30C621748C66CE751B19B2788559A3E] - |A| - [07/12/2019 10:08:12] - (.-.) - [4.58 Ko] - (0.0.0.0) - C:\Windows\System32\wpcmon.png [MD5.69FEC1494F4C454E994D27CA6750832B] - |A| - [07/12/2019 10:08:49] - (.-.) - [0.71 Ko] - (0.0.0.0) - C:\Windows\System32\wpr.config.xml [MD5.C8A7EAA0B83E05DDD11F37A833F754AC] - |A| - [07/12/2019 10:08:21] - (.-.) - [83 Ko] - (0.0.0.0) - C:\Windows\System32\xboxgipsynthetic.dll [MD5.F7B865265606C41B0E07779D3317E0A8] - |A| - [07/12/2019 10:08:39] - (.-.) - [0.61 Ko] - (0.0.0.0) - C:\Windows\System32\X_80.contrast-black.png [MD5.6FF92221AF9D6CDF0966C4E44C367975] - |A| - [07/12/2019 10:08:39] - (.-.) - [0.57 Ko] - (0.0.0.0) - C:\Windows\System32\X_80.contrast-white.png [MD5.F7B865265606C41B0E07779D3317E0A8] - |A| - [07/12/2019 10:08:39] - (.-.) - [0.61 Ko] - (0.0.0.0) - C:\Windows\System32\X_80.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [238.49 Ko] - C:\Windows\System32\zh-CN [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [208 Ko] - C:\Windows\System32\zh-TW [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 15:50:22] - [0 Ko] - C:\Windows\SysWOW64\0409 [MD5.D6F8DD9F561B8A67FFAC2BAD7E989770] - |A| - [07/12/2019 10:09:21] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@AppHelpToast.png [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [07/12/2019 10:09:21] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@AudioToastIcon.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [07/12/2019 10:09:26] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@EnrollmentToastIcon.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [07/12/2019 10:09:32] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@VpnToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [07/12/2019 10:09:15] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@WirelessDisplayToast.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [1864.83 Ko] - C:\Windows\SysWOW64\AdvancedInstallers [MD5.E556115BD4E751178310F842E457CA22] - |A| - [06/10/2021 14:30:43] - (.-.) - [10.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\agentactivationruntimestarter.exe [MD5.D9CC256B6A9920AC8EA7E43A1517A820] - |A| - [06/12/2021 08:12:14] - (.Copyright (c) 2013 - 2021 Advanced Micro Devices, Inc. - amdtee_api dll.) - [348.3 Ko] - (5.17.0.0) - C:\Windows\SysWOW64\amdtee_api.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [0 Ko] - C:\Windows\SysWOW64\AppLocker [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [97.5 Ko] - C:\Windows\SysWOW64\ar-SA [MD5.DD0F04B43362A7C7660C1DF405D416F0] - |A| - [16/03/2022 17:23:13] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [563 Ko] - (3.5.1.0) - C:\Windows\SysWOW64\archiveint.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [58.5 Ko] - C:\Windows\SysWOW64\bg-BG [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [0.1 Ko] - C:\Windows\SysWOW64\Bthprops [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [0 Ko] - C:\Windows\SysWOW64\catroot [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [316.5 Ko] - C:\Windows\SysWOW64\Com [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [7.89 Ko] - C:\Windows\SysWOW64\config [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 10:14:52] - [53.11 Ko] - C:\Windows\SysWOW64\Configuration [MD5.6545DE4EF5217AA2FFC7FFD27725A971] - |A| - [06/10/2021 14:30:43] - (.-.) - [235 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\CoreMas.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [118.5 Ko] - C:\Windows\SysWOW64\cs-CZ [MD5.A2F18DAD6F7BE95ED9FC7A37B7D94FF7] - |A| - [16/03/2022 17:23:13] - (.© 1996 - 2021 Daniel Stenberg, . - The curl executable.) - [453.5 Ko] - (7.79.1.0) - C:\Windows\SysWOW64\curl.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [119.5 Ko] - C:\Windows\SysWOW64\da-DK [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [131 Ko] - C:\Windows\SysWOW64\de-DE [MD5.C1684AACAAD62889ACFCA988AA46562D] - |A| - [07/12/2019 10:09:15] - (.-.) - [28.83 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\DefaultAccountTile.png [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 10:14:52] - [188 Ko] - C:\Windows\SysWOW64\DiagSvcs [MD5.00000000000000000000000000000000] - |D| - [14/03/2022 22:56:29] - [0 Ko] - C:\Windows\SysWOW64\directx [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [7607.02 Ko] - C:\Windows\SysWOW64\Dism [MD5.9E02FBDBB86794441E31031B992F2573] - |A| - [14/03/2022 16:22:54] - (.-.) - [69.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\FvSDK_x86.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 15:51:43] - [0 Ko] - C:\Windows\SysWOW64\FxsTmp [MD5.B873A5ABCFBC42B1BAC9EBE8741C6162] - |A| - [07/12/2019 15:51:24] - (.Copyright (C) 2019 - Gracenote SDK component.) - [244 Ko] - (3.9.511.0) - C:\Windows\SysWOW64\gnsdk_fp.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [93 Ko] - C:\Windows\SysWOW64\he-IL [MD5.DF0C9C776F8367E213210FB256AC30EC] - |A| - [06/10/2021 14:30:51] - (.-.) - [230 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [55.5 Ko] - C:\Windows\SysWOW64\hr-HR [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [123 Ko] - C:\Windows\SysWOW64\hu-HU [MD5.AD15BB3A8973A1118386B87289E22322] - |A| - [06/10/2021 14:31:39] - (.-.) - [99.32 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\HvsiManagementApi.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [36.27 Ko] - C:\Windows\SysWOW64\icsxml [MD5.8226A1A91F01432A0CB10CAABF1B9C6D] - |A| - [06/10/2021 14:30:53] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Combined Library.) - [1820.5 Ko] - (64.2.0.0) - C:\Windows\SysWOW64\icu.dll [MD5.FB475B41189AACF1C607C1E9DC0EBB0B] - |RA| - [07/12/2019 10:09:18] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N Forwarder DLL.) - [24 Ko] - (64.2.0.0) - C:\Windows\SysWOW64\icuin.dll [MD5.B17445D0DF2C22C924899B5DF8E84475] - |RA| - [07/12/2019 10:09:18] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common Forwarder DLL.) - [28.5 Ko] - (64.2.0.0) - C:\Windows\SysWOW64\icuuc.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [21634.72 Ko] - C:\Windows\SysWOW64\IME [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [0 Ko] - C:\Windows\SysWOW64\inetsrv [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [215 Ko] - C:\Windows\SysWOW64\InputMethod [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [1160 Ko] - C:\Windows\SysWOW64\InstallShield [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [0 Ko] - C:\Windows\SysWOW64\Ipmi [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [125 Ko] - C:\Windows\SysWOW64\it-IT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [89 Ko] - C:\Windows\SysWOW64\ja-JP [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [10192.95 Ko] - C:\Windows\SysWOW64\Keywords [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [91 Ko] - C:\Windows\SysWOW64\ko-KR [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [454.91 Ko] - C:\Windows\SysWOW64\Licenses [MD5.21414FD81773E61D9B16A2F6AAF899C1] - |A| - [14/03/2022 16:20:34] - (.-.) - [0.16 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\log.txt [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [0 Ko] - C:\Windows\SysWOW64\LogFiles [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [56.5 Ko] - C:\Windows\SysWOW64\lt-LT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [56 Ko] - C:\Windows\SysWOW64\lv-LV [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 15:52:40] - [32.68 Ko] - C:\Windows\SysWOW64\MailContactsCalendarSync [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [2851.11 Ko] - C:\Windows\SysWOW64\migration [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [816.8 Ko] - C:\Windows\SysWOW64\migwiz [MD5.08749DCC252AE1148E3BEA32B3FFFBFC] - |A| - [07/12/2019 10:10:14] - (.-.) - [0.11 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\MixedRealityRuntime.json [MD5.C8BF077B236ED2803347BD95DE29BF68] - |A| - [07/12/2019 10:15:00] - (.-.) - [3.03 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\mmc.exe.config [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [45.5 Ko] - C:\Windows\SysWOW64\MSDRM [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [52.28 Ko] - C:\Windows\SysWOW64\Msdtc [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [21.37 Ko] - C:\Windows\SysWOW64\MUI [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [116 Ko] - C:\Windows\SysWOW64\nb-NO [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [0 Ko] - C:\Windows\SysWOW64\NDF [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [51 Ko] - C:\Windows\SysWOW64\networklist [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [122 Ko] - C:\Windows\SysWOW64\nl-NL [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 10:14:52] - [3781.5 Ko] - C:\Windows\SysWOW64\Nui [MD5.7B0B3965081D64E3C3BC7939ED01846C] - |A| - [14/03/2022 16:14:20] - (.-.) - [622.14 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\nvofapi.dll [MD5.B3B9C8925432FDA674ACCA908FE3CFDE] - |A| - [07/12/2019 10:10:14] - (.-.) - [36.79 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\OneDrive.ico [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [764.83 Ko] - C:\Windows\SysWOW64\oobe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [79.5 Ko] - C:\Windows\SysWOW64\PerceptionSimulation [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [124 Ko] - C:\Windows\SysWOW64\pl-PL [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 15:50:22] - [420.74 Ko] - C:\Windows\SysWOW64\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [122 Ko] - C:\Windows\SysWOW64\pt-BR [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [123 Ko] - C:\Windows\SysWOW64\pt-PT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [23.75 Ko] - C:\Windows\SysWOW64\ras [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [0 Ko] - C:\Windows\SysWOW64\RasToast [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [0.82 Ko] - C:\Windows\SysWOW64\Recovery [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [0 Ko] - C:\Windows\SysWOW64\restore [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [57.5 Ko] - C:\Windows\SysWOW64\ro-RO [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [121.5 Ko] - C:\Windows\SysWOW64\ru-RU [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [57 Ko] - C:\Windows\SysWOW64\sk-SK [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [57 Ko] - C:\Windows\SysWOW64\sl-SI [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 15:50:22] - [52.14 Ko] - C:\Windows\SysWOW64\slmgr [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [0 Ko] - C:\Windows\SysWOW64\SMI [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [4040.33 Ko] - C:\Windows\SysWOW64\Speech [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [8699.16 Ko] - C:\Windows\SysWOW64\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [1948.35 Ko] - C:\Windows\SysWOW64\spp [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [23.63 Ko] - C:\Windows\SysWOW64\sppui [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [56.5 Ko] - C:\Windows\SysWOW64\sr-Latn-RS [MD5.BA7D4E5FAE64BD0403C7F7E91CD93F77] - |A| - [07/12/2019 10:10:05] - (.-.) - [11.03 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\srms-apr-v.dat [MD5.DC9450258D80F46AEF8EF063A7C629B0] - |A| - [07/12/2019 10:10:05] - (.-.) - [19.03 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\srms-apr.dat [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [0 Ko] - C:\Windows\SysWOW64\sru [MD5.BDC53957962AFBEBE6A25EF941C261B3] - |A| - [06/10/2021 14:30:43] - (.-.) - [323 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [117 Ko] - C:\Windows\SysWOW64\sv-SE [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 15:50:22] - [0 Ko] - C:\Windows\SysWOW64\sysprep [MD5.D7128869A4759CCBDC5D4BC55A40D4CC] - |A| - [16/03/2022 17:23:13] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [43.5 Ko] - (3.5.1.0) - C:\Windows\SysWOW64\tar.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [0 Ko] - C:\Windows\SysWOW64\Tasks [MD5.1D2D564BC91E46A54533B8ABBEF460DD] - |A| - [06/10/2021 14:30:51] - (.-.) - [1302.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\TextInputMethodFormatter.dll [MD5.4C58C812BB19C065CB0ED7FC8FBBAC12] - |A| - [06/10/2021 14:30:51] - (.-.) - [597.62 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\TextShaping.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [50.5 Ko] - C:\Windows\SysWOW64\th-TH [MD5.CE4E73FA1555E59A16BEE1DFF1EE353A] - |A| - [16/03/2022 17:22:52] - (.-.) - [218.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\TpmTool.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [115 Ko] - C:\Windows\SysWOW64\tr-TR [MD5.01E96A85B337B702AE2BC7F838AE7B65] - |A| - [07/12/2019 10:10:22] - (.-.) - [3.34 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\UevCustomActionTypes.tlb [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [57 Ko] - C:\Windows\SysWOW64\uk-UA [MD5.7E0273A51BDD51DFB58F905C8F501061] - |A| - [06/10/2021 14:30:54] - (.-.) - [46.36 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\umpdc.dll [MD5.DFB63C2D8B925718739CAD1D6FE0158A] - |A| - [14/03/2022 16:14:25] - (.Copyright (C) 2015-2021 - Vulkan Loader.) - [1117.73 Ko] - (1.3.198.1) - C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll [MD5.DFB63C2D8B925718739CAD1D6FE0158A] - |A| - [14/03/2022 16:14:25] - (.Copyright (C) 2015-2021 - Vulkan Loader.) - [1117.73 Ko] - (1.3.198.1) - C:\Windows\SysWOW64\vulkan-1.dll [MD5.E0E79B7EA89782D50B858811BBBA3E97] - |A| - [14/03/2022 16:14:25] - (.Copyright (C) 2015-2021 - Vulkan Loader.) - [1442.73 Ko] - (1.3.198.1) - C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe [MD5.E0E79B7EA89782D50B858811BBBA3E97] - |A| - [14/03/2022 16:14:25] - (.Copyright (C) 2015-2021 - Vulkan Loader.) - [1442.73 Ko] - (1.3.198.1) - C:\Windows\SysWOW64\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [17010.77 Ko] - C:\Windows\SysWOW64\wbem [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 15:50:22] - [0 Ko] - C:\Windows\SysWOW64\WCN [MD5.A22B636328327A4EA6F6AB3F48A5B5B1] - |A| - [06/10/2021 14:30:53] - (.-.) - [457.46 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\WindowManagementAPI.dll [MD5.BEDEDB102316C696D36F0D4331E1C2AE] - |A| - [07/12/2019 10:09:17] - (.-.) - [104.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [10465.44 Ko] - C:\Windows\SysWOW64\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [6281.07 Ko] - C:\Windows\SysWOW64\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 15:50:22] - [107.56 Ko] - C:\Windows\SysWOW64\winrm [MD5.7A015A6F199516A06C5AFB56FEE7AC51] - |A| - [07/12/2019 10:09:17] - (.-.) - [59 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [14/03/2022 14:51:01] - [10.16 Ko] - C:\Windows\SysWOW64\XPSViewer [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [82 Ko] - C:\Windows\SysWOW64\zh-CN [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 10:14:52] - [82 Ko] - C:\Windows\SysWOW64\zh-TW ---------- | [bette] [14/03/2022 16:39:16] - |D| - [0] - C:\Users\bette\.Origin [14/03/2022 16:39:17] - |D| - [0] - C:\Users\bette\.QtWebEngineProcess [14/03/2022 14:35:28] - |RD| - [298] - C:\Users\bette\3D Objects [14/03/2022 16:23:37] - |D| - [0] - C:\Users\bette\ansel [14/03/2022 14:33:54] - |HD| - [5270315357] - C:\Users\bette\AppData [14/03/2022 14:33:54] - |SHD| - [0] - C:\Users\bette\Application Data [14/03/2022 14:35:28] - |RD| - [412] - C:\Users\bette\Contacts [14/03/2022 14:33:54] - |SHD| - [0] - C:\Users\bette\Cookies [14/03/2022 14:33:54] - |RD| - [64183416] - C:\Users\bette\Desktop [14/03/2022 14:33:54] - |RD| - [5031541925] - C:\Users\bette\Documents [14/03/2022 14:33:54] - |RD| - [2545089821] - C:\Users\bette\Downloads [14/03/2022 14:33:54] - |RD| - [690] - C:\Users\bette\Favorites [14/03/2022 14:33:54] - |RD| - [1953] - C:\Users\bette\Links [14/03/2022 14:33:54] - |SHD| - [0] - C:\Users\bette\Local Settings [14/03/2022 14:33:54] - |SHD| - [0] - C:\Users\bette\Menu Démarrer [14/03/2022 14:33:54] - |SHD| - [0] - C:\Users\bette\Mes documents [14/03/2022 14:33:54] - |SHD| - [0] - C:\Users\bette\Modèles [14/03/2022 14:33:54] - |RD| - [504] - C:\Users\bette\Music [14/03/2022 14:33:54] - |AH| - [1835008] - C:\Users\bette\NTUSER.DAT [14/03/2022 14:33:54] - |ASH| - [909312] - C:\Users\bette\ntuser.dat.LOG1 [14/03/2022 14:33:54] - |ASH| - [540672] - C:\Users\bette\ntuser.dat.LOG2 [14/03/2022 14:33:54] - |ASH| - [65536] - C:\Users\bette\NTUSER.DAT{53b39e88-18c4-11ea-a811-000d3aa4692b}.TM.blf [14/03/2022 14:33:54] - |ASH| - [524288] - C:\Users\bette\NTUSER.DAT{53b39e88-18c4-11ea-a811-000d3aa4692b}.TMContainer00000000000000000001.regtrans-ms [14/03/2022 14:33:54] - |ASH| - [524288] - C:\Users\bette\NTUSER.DAT{53b39e88-18c4-11ea-a811-000d3aa4692b}.TMContainer00000000000000000002.regtrans-ms [14/03/2022 14:33:54] - |SH| - [20] - C:\Users\bette\ntuser.ini [14/03/2022 14:36:52] - |RAD| - [85359589] - C:\Users\bette\OneDrive [14/03/2022 14:33:54] - |RD| - [884] - C:\Users\bette\Pictures [14/03/2022 14:33:54] - |SHD| - [0] - C:\Users\bette\Recent [14/03/2022 14:33:54] - |RD| - [8358219] - C:\Users\bette\Saved Games [14/03/2022 14:35:28] - |RD| - [1879] - C:\Users\bette\Searches [14/03/2022 14:33:54] - |SHD| - [0] - C:\Users\bette\SendTo [14/03/2022 14:33:54] - |RD| - [7903811] - C:\Users\bette\Videos [14/03/2022 14:33:54] - |SHD| - [0] - C:\Users\bette\Voisinage d'impression [14/03/2022 14:33:54] - |SHD| - [0] - C:\Users\bette\Voisinage réseau [14/03/2022 14:33:54] - |D| - [4936380195] - C:\Users\bette\AppData\Local [14/03/2022 14:33:54] - |D| - [247828] - C:\Users\bette\AppData\LocalLow [14/03/2022 14:33:54] - |D| - [333687334] - C:\Users\bette\AppData\Roaming [21/03/2022 16:18:32] - |D| - [7524479] - C:\Users\bette\AppData\Local\Ableton [14/03/2022 14:33:54] - |SHD| - [0] - C:\Users\bette\AppData\Local\Application Data [14/03/2022 22:01:03] - |D| - [5701] - C:\Users\bette\AppData\Local\Avast Software [14/03/2022 14:59:07] - |D| - [101295839] - C:\Users\bette\AppData\Local\Battle.net [14/03/2022 14:58:41] - |D| - [42] - C:\Users\bette\AppData\Local\Blizzard Entertainment [14/03/2022 16:19:38] - |D| - [58284] - C:\Users\bette\AppData\Local\cache [14/03/2022 14:49:48] - |D| - [2097152] - C:\Users\bette\AppData\Local\CEF [14/03/2022 14:52:36] - |D| - [18571268] - C:\Users\bette\AppData\Local\Comms [14/03/2022 14:35:27] - |D| - [1469518] - C:\Users\bette\AppData\Local\ConnectedDevicesPlatform [18/03/2022 14:13:21] - |D| - [20237145] - C:\Users\bette\AppData\Local\CrashDumps [14/03/2022 14:35:29] - |D| - [796552] - C:\Users\bette\AppData\Local\D3DSCache [14/03/2022 14:42:22] - |D| - [379285223] - C:\Users\bette\AppData\Local\Discord [14/03/2022 18:52:24] - |D| - [17507375] - C:\Users\bette\AppData\Local\Epic Games [14/03/2022 18:52:26] - |D| - [84685793] - C:\Users\bette\AppData\Local\EpicGamesLauncher [19/03/2022 17:42:49] - |D| - [72981314] - C:\Users\bette\AppData\Local\gamcore-updater [14/03/2022 14:42:42] - |D| - [1220780865] - C:\Users\bette\AppData\Local\Google [14/03/2022 14:33:54] - |SHD| - [0] - C:\Users\bette\AppData\Local\Historique [14/03/2022 16:27:39] - |AH| - [65410] - C:\Users\bette\AppData\Local\IconCache.db [14/03/2022 14:33:54] - |D| - [914043326] - C:\Users\bette\AppData\Local\Microsoft [14/03/2022 14:38:35] - |D| - [557431547] - C:\Users\bette\AppData\Local\NVIDIA [14/03/2022 16:23:35] - |D| - [112355418] - C:\Users\bette\AppData\Local\NVIDIA Corporation [25/03/2022 22:30:33] - |D| - [75295392] - C:\Users\bette\AppData\Local\nzxt cam-updater [14/03/2022 16:39:13] - |D| - [230720826] - C:\Users\bette\AppData\Local\Origin [14/03/2022 14:35:28] - |D| - [571768116] - C:\Users\bette\AppData\Local\Packages [15/03/2022 15:09:38] - |D| - [0] - C:\Users\bette\AppData\Local\PeerDistRepub [14/03/2022 14:37:14] - |D| - [12429] - C:\Users\bette\AppData\Local\PlaceholderTileLogoFolder [14/03/2022 17:08:32] - |D| - [0] - C:\Users\bette\AppData\Local\Programs [14/03/2022 14:35:31] - |D| - [0] - C:\Users\bette\AppData\Local\Publishers [14/03/2022 15:30:08] - |A| - [7602] - C:\Users\bette\AppData\Local\Resmon.ResmonCfg [14/03/2022 14:49:34] - |D| - [2652544] - C:\Users\bette\AppData\Local\Riot Games [15/03/2022 14:30:40] - |D| - [3568257] - C:\Users\bette\AppData\Local\Rockstar Games [14/03/2022 16:19:37] - |D| - [404600] - C:\Users\bette\AppData\Local\setup [14/03/2022 14:42:21] - |D| - [6161] - C:\Users\bette\AppData\Local\SquirrelTemp [14/03/2022 19:33:37] - |D| - [234754120] - C:\Users\bette\AppData\Local\Steam [14/03/2022 23:35:16] - |D| - [65536] - C:\Users\bette\AppData\Local\TeamViewer [14/03/2022 14:33:54] - |D| - [305932334] - C:\Users\bette\AppData\Local\Temp [14/03/2022 14:33:54] - |SHD| - [0] - C:\Users\bette\AppData\Local\Temporary Internet Files [14/03/2022 18:52:26] - |D| - [27] - C:\Users\bette\AppData\Local\UnrealEngine [14/03/2022 18:52:27] - |D| - [0] - C:\Users\bette\AppData\Local\UnrealEngineLauncher [14/03/2022 14:35:28] - |D| - [0] - C:\Users\bette\AppData\Local\VirtualStore [24/03/2022 14:31:36] - |D| - [0] - C:\Users\bette\AppData\Local\Xfer [14/03/2022 14:35:28] - |SD| - [247828] - C:\Users\bette\AppData\LocalLow\Microsoft [21/03/2022 16:18:32] - |D| - [578133] - C:\Users\bette\AppData\Roaming\Ableton [14/03/2022 14:35:28] - |D| - [0] - C:\Users\bette\AppData\Roaming\Adobe [14/03/2022 16:19:29] - |D| - [12677120] - C:\Users\bette\AppData\Roaming\AMD [14/03/2022 21:58:17] - |D| - [9333817] - C:\Users\bette\AppData\Roaming\Avast Software [14/03/2022 14:59:07] - |D| - [1981] - C:\Users\bette\AppData\Roaming\Battle.net [14/03/2022 14:45:32] - |D| - [0] - C:\Users\bette\AppData\Roaming\Cybelsoft [21/03/2022 16:20:07] - |D| - [0] - C:\Users\bette\AppData\Roaming\Cycling '74 [14/03/2022 14:42:25] - |D| - [180920242] - C:\Users\bette\AppData\Roaming\discord [14/03/2022 19:15:37] - |D| - [10318350] - C:\Users\bette\AppData\Roaming\EasyAntiCheat [15/03/2022 10:22:30] - |D| - [19720] - C:\Users\bette\AppData\Roaming\Eidos Montreal [19/03/2022 17:42:50] - |D| - [107992934] - C:\Users\bette\AppData\Roaming\Gamcore [14/03/2022 14:33:54] - |SD| - [519559] - C:\Users\bette\AppData\Roaming\Microsoft [14/03/2022 16:52:37] - |D| - [0] - C:\Users\bette\AppData\Roaming\NVIDIA [25/03/2022 22:30:33] - |D| - [11173540] - C:\Users\bette\AppData\Roaming\NZXT CAM [14/03/2022 16:39:15] - |D| - [44474] - C:\Users\bette\AppData\Roaming\Origin [14/03/2022 14:42:20] - |D| - [0] - C:\Users\bette\AppData\Roaming\Spotify [14/03/2022 23:35:15] - |D| - [987] - C:\Users\bette\AppData\Roaming\TeamViewer [14/03/2022 16:19:16] - |D| - [12] - C:\Users\bette\AppData\Roaming\WinRAR [24/03/2022 14:31:17] - |D| - [106465] - C:\Users\bette\AppData\Roaming\Xfer [14/03/2022 14:35:28] - |SH| - [174] - C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [14/03/2022 14:33:54] - |SHD| - [0] - C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [14/03/2022 14:33:54] - |RD| - [34659] - C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [14/03/2022 14:33:54] - |RD| - [3888] - C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [14/03/2022 14:33:54] - |RD| - [1678] - C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [14/03/2022 14:35:28] - |RD| - [174] - C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [24/03/2022 14:10:21] - |D| - [3340] - C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2 [14/03/2022 14:33:54] - |SH| - [264] - C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [14/03/2022 14:42:26] - |D| - [2245] - C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc [24/03/2022 14:10:05] - |D| - [3773] - C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line [14/03/2022 14:33:54] - |D| - [170] - C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [14/03/2022 14:33:54] - |A| - [2421] - C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [14/03/2022 14:49:37] - |D| - [0] - C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Riot Games [15/03/2022 14:30:22] - |D| - [1964] - C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games [14/03/2022 14:35:28] - |RD| - [174] - C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [14/03/2022 14:33:54] - |RD| - [4913] - C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [14/03/2022 14:33:54] - |D| - [5078] - C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [14/03/2022 14:42:13] - |D| - [4577] - C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [14/03/2022 14:35:28] - |SH| - [174] - C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [Public] [14/03/2022 14:35:28] - |RHD| - [82507] - C:\Users\Public\AccountPictures [07/12/2019 10:14:52] - |RHD| - [21290] - C:\Users\Public\Desktop [07/12/2019 10:14:54] - |ASH| - [174] - C:\Users\Public\desktop.ini [07/12/2019 10:14:52] - |RD| - [278] - C:\Users\Public\Documents [07/12/2019 10:14:52] - |RD| - [174] - C:\Users\Public\Downloads [07/12/2019 10:14:52] - |RHD| - [1174] - C:\Users\Public\Libraries [07/12/2019 10:14:52] - |RD| - [380] - C:\Users\Public\Music [07/12/2019 10:14:52] - |RD| - [380] - C:\Users\Public\Pictures [07/12/2019 10:14:52] - |RD| - [380] - C:\Users\Public\Videos ---------- | C:\ProgramData [21/03/2022 16:14:39] - |D| - [0] - C:\ProgramData\Ableton [14/03/2022 21:37:35] - |SHD| - [0] - C:\ProgramData\Application Data [14/03/2022 21:53:44] - |D| - [96570258] - C:\ProgramData\Avast Software [14/03/2022 14:58:25] - |D| - [18500940] - C:\ProgramData\Battle.net [14/03/2022 15:03:52] - |D| - [0] - C:\ProgramData\Battle.net_components [14/03/2022 15:03:29] - |D| - [15625] - C:\ProgramData\Blizzard Entertainment [14/03/2022 21:37:35] - |SHD| - [0] - C:\ProgramData\Bureau [14/03/2022 21:37:35] - |SHD| - [0] - C:\ProgramData\Documents [14/03/2022 14:45:49] - |D| - [2468642] - C:\ProgramData\driverscloud.com [14/03/2022 16:39:57] - |D| - [433] - C:\ProgramData\Electronic Arts [14/03/2022 18:51:56] - |D| - [168901054] - C:\ProgramData\Epic [21/03/2022 16:20:07] - |D| - [0] - C:\ProgramData\Max 8 [14/03/2022 21:37:35] - |SHD| - [0] - C:\ProgramData\Menu Démarrer [07/12/2019 10:14:52] - |SD| - [680898197] - C:\ProgramData\Microsoft [14/03/2022 14:36:45] - |D| - [25] - C:\ProgramData\Microsoft OneDrive [14/03/2022 21:37:35] - |SHD| - [0] - C:\ProgramData\Modèles [21/03/2022 16:15:48] - |RASH| - [430] - C:\ProgramData\ntuser.pol [14/03/2022 14:33:54] - |D| - [222518025] - C:\ProgramData\NVIDIA [14/03/2022 14:33:54] - |D| - [717294008] - C:\ProgramData\NVIDIA Corporation [14/03/2022 16:39:16] - |D| - [378429014] - C:\ProgramData\Origin [14/03/2022 16:18:53] - |D| - [70977583] - C:\ProgramData\Package Cache [14/03/2022 14:34:06] - |D| - [163840] - C:\ProgramData\Packages [07/12/2019 10:14:52] - |D| - [999] - C:\ProgramData\regid.1991-06.com.microsoft [14/03/2022 14:49:34] - |D| - [23151735] - C:\ProgramData\Riot Games [15/03/2022 14:30:43] - |D| - [1822714] - C:\ProgramData\Rockstar Games [07/12/2019 10:14:52] - |D| - [0] - C:\ProgramData\SoftwareDistribution [14/03/2022 14:42:21] - |D| - [82973864] - C:\ProgramData\SquirrelMachineInstalls [06/10/2021 14:36:25] - |D| - [0] - C:\ProgramData\ssh [07/12/2019 10:14:52] - |D| - [8142848] - C:\ProgramData\USOPrivate [07/12/2019 10:14:52] - |D| - [6586368] - C:\ProgramData\USOShared [07/12/2019 15:53:51] - |D| - [0] - C:\ProgramData\WindowsHolographicDevices ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [07/12/2019 10:14:54] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [14/03/2022 21:37:35] - |SHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [07/12/2019 10:14:52] - |RD| - [92184] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [07/12/2019 10:14:52] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [07/12/2019 10:14:52] - |RD| - [14467] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [07/12/2019 10:14:52] - |RD| - [25497] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [14/03/2022 18:39:43] - |D| - [5907] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apex Legends [14/03/2022 21:58:12] - |A| - [2154] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast One.lnk [14/03/2022 14:59:03] - |D| - [886] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net [14/03/2022 17:08:44] - |D| - [2147] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID [07/12/2019 10:14:54] - |ASH| - [400] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [14/03/2022 14:45:49] - |D| - [4302] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com [14/03/2022 18:52:00] - |A| - [1270] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk [14/03/2022 14:42:12] - |A| - [2245] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [24/03/2022 14:10:05] - |D| - [3451] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line [07/12/2019 10:10:31] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [07/12/2019 10:14:52] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [14/03/2022 21:36:22] - |A| - [2442] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk [14/03/2022 16:22:54] - |D| - [1465] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [25/03/2022 22:30:33] - |A| - [1796] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NZXT CAM.lnk [14/03/2022 16:39:48] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin [14/03/2022 14:49:37] - |D| - [3172] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games [07/12/2019 10:14:52] - |RD| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [14/03/2022 19:33:05] - |D| - [1112] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [07/12/2019 10:14:52] - |RD| - [1458] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [14/03/2022 23:35:15] - |A| - [889] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk [07/12/2019 15:53:04] - |RD| - [2800] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [14/03/2022 14:42:13] - |D| - [4505] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [24/03/2022 14:30:05] - |D| - [5512] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xfer Records ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [07/12/2019 10:14:54] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [14/03/2022 16:19:03] - |D| - [111040976] - C:\Program Files (x86)\AMD [24/03/2022 14:10:21] - |D| - [561489] - C:\Program Files (x86)\ASIO4ALL v2 [14/03/2022 14:58:50] - |D| - [293334020] - C:\Program Files (x86)\Battle.net [14/03/2022 21:45:26] - |D| - [0] - C:\Program Files (x86)\by Decepticon [14/03/2022 15:03:47] - |D| - [56192426] - C:\Program Files (x86)\Call of Duty Modern Warfare [07/12/2019 10:14:52] - |D| - [71955526] - C:\Program Files (x86)\Common Files [07/12/2019 10:14:54] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [14/03/2022 18:39:43] - |D| - [8263168] - C:\Program Files (x86)\EasyAntiCheat [14/03/2022 18:51:56] - |D| - [1241290260] - C:\Program Files (x86)\Epic Games [14/03/2022 14:41:58] - |D| - [11465784] - C:\Program Files (x86)\Google [14/03/2022 16:23:51] - |HD| - [9878745] - C:\Program Files (x86)\InstallShield Installation Information [07/12/2019 10:14:52] - |D| - [1996367] - C:\Program Files (x86)\Internet Explorer [06/10/2021 14:36:52] - |D| - [937695217] - C:\Program Files (x86)\Microsoft [07/12/2019 10:14:52] - |D| - [23935] - C:\Program Files (x86)\Microsoft.NET [14/03/2022 14:51:00] - |D| - [25757] - C:\Program Files (x86)\MSBuild [14/03/2022 16:15:42] - |D| - [286241633] - C:\Program Files (x86)\NVIDIA Corporation [14/03/2022 16:39:44] - |D| - [372493230] - C:\Program Files (x86)\Origin [14/03/2022 16:40:30] - |D| - [92748307815] - C:\Program Files (x86)\Origin Games [14/03/2022 16:23:51] - |D| - [6137093] - C:\Program Files (x86)\Realtek [14/03/2022 14:51:00] - |D| - [38479105] - C:\Program Files (x86)\Reference Assemblies [15/03/2022 14:31:11] - |D| - [160165917] - C:\Program Files (x86)\Rockstar Games [14/03/2022 19:33:04] - |D| - [921973853] - C:\Program Files (x86)\Steam [24/03/2022 14:29:48] - |D| - [11539600] - C:\Program Files (x86)\Steinberg [24/03/2022 14:10:08] - |D| - [4908176] - C:\Program Files (x86)\VstPlugins [14/03/2022 23:08:48] - |D| - [9145] - C:\Program Files (x86)\VulkanRT [07/12/2019 10:14:52] - |D| - [1823008] - C:\Program Files (x86)\Windows Defender [07/12/2019 10:14:52] - |D| - [625664] - C:\Program Files (x86)\Windows Mail [07/12/2019 15:53:51] - |D| - [3237786] - C:\Program Files (x86)\Windows Media Player [07/12/2019 15:53:51] - |D| - [40232] - C:\Program Files (x86)\Windows Multimedia Platform [07/12/2019 10:14:52] - |D| - [6058840] - C:\Program Files (x86)\Windows NT [07/12/2019 15:53:51] - |D| - [5261760] - C:\Program Files (x86)\Windows Photo Viewer [07/12/2019 15:53:51] - |D| - [40232] - C:\Program Files (x86)\Windows Portable Devices [07/12/2019 10:14:52] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar [07/12/2019 10:14:52] - |D| - [2250695] - C:\Program Files (x86)\WindowsPowerShell ---------- | C:\Program Files [14/03/2022 16:18:18] - |D| - [109217452] - C:\Program Files\AMD [14/03/2022 21:54:58] - |D| - [1840596056] - C:\Program Files\Avast Software [07/12/2019 10:14:52] - |D| - [164078180] - C:\Program Files\Common Files [14/03/2022 17:08:43] - |D| - [3417184] - C:\Program Files\CPUID [14/03/2022 14:45:49] - |D| - [23561287] - C:\Program Files\Cybelsoft [07/12/2019 10:14:54] - |ASH| - [174] - C:\Program Files\desktop.ini [14/03/2022 23:30:27] - |D| - [0] - C:\Program Files\Epic Games [14/03/2022 21:37:35] - |SHD| - [0] - C:\Program Files\Fichiers communs [14/03/2022 14:42:08] - |D| - [558039543] - C:\Program Files\Google [24/03/2022 14:08:11] - |D| - [2404388665] - C:\Program Files\Image-Line [07/12/2019 10:14:52] - |D| - [2676834] - C:\Program Files\Internet Explorer [16/03/2022 17:25:44] - |D| - [1916128] - C:\Program Files\Microsoft Update Health Tools [07/12/2019 10:14:52] - |D| - [0] - C:\Program Files\ModifiableWindowsApps [14/03/2022 14:51:00] - |D| - [25757] - C:\Program Files\MSBuild [25/03/2022 17:08:46] - |D| - [722560] - C:\Program Files\Nicky Romero [14/03/2022 14:33:55] - |D| - [769440610] - C:\Program Files\NVIDIA Corporation [25/03/2022 22:30:31] - |D| - [296171754] - C:\Program Files\NZXT CAM [14/03/2022 14:51:00] - |D| - [36883625] - C:\Program Files\Reference Assemblies [15/03/2022 14:30:21] - |D| - [128593582944] - C:\Program Files\Rockstar Games [24/03/2022 14:29:48] - |D| - [18820752] - C:\Program Files\Steinberg [14/03/2022 23:35:10] - |D| - [123907751] - C:\Program Files\TeamViewer [14/03/2022 21:36:23] - |HD| - [0] - C:\Program Files\Uninstall Information [07/12/2019 10:14:52] - |D| - [13853406] - C:\Program Files\Windows Defender [07/12/2019 15:53:51] - |D| - [48116871] - C:\Program Files\Windows Defender Advanced Threat Protection [07/12/2019 10:14:52] - |D| - [639488] - C:\Program Files\Windows Mail [07/12/2019 15:53:51] - |D| - [4601278] - C:\Program Files\Windows Media Player [07/12/2019 15:53:51] - |D| - [48536] - C:\Program Files\Windows Multimedia Platform [07/12/2019 10:14:52] - |D| - [6403928] - C:\Program Files\Windows NT [07/12/2019 15:53:51] - |D| - [6179784] - C:\Program Files\Windows Photo Viewer [07/12/2019 15:53:51] - |D| - [48528] - C:\Program Files\Windows Portable Devices [07/12/2019 10:14:52] - |D| - [112213] - C:\Program Files\Windows Security [07/12/2019 10:14:52] - |SHD| - [0] - C:\Program Files\Windows Sidebar [07/12/2019 10:14:52] - |HD| - [2806580661] - C:\Program Files\WindowsApps [07/12/2019 10:14:52] - |D| - [2545983] - C:\Program Files\WindowsPowerShell [14/03/2022 14:42:13] - |D| - [8457716] - C:\Program Files\WinRAR ---------- | C:\Program Files (x86)\Common Files [24/03/2022 14:29:46] - |D| - [19581926] - C:\Program Files (x86)\Common Files\Avid [07/12/2019 10:14:52] - |D| - [14891010] - C:\Program Files (x86)\Common Files\Microsoft Shared [24/03/2022 14:10:08] - |D| - [1435256] - C:\Program Files (x86)\Common Files\Propellerhead Software [07/12/2019 10:14:52] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [14/03/2022 19:33:05] - |D| - [26471373] - C:\Program Files (x86)\Common Files\Steam [07/12/2019 10:14:52] - |D| - [9573259] - C:\Program Files (x86)\Common Files\System ---------- | C:\Program Files\Common files [14/03/2022 21:55:41] - |D| - [88540582] - C:\Program Files\Common files\Avast Software [24/03/2022 14:29:46] - |D| - [19581926] - C:\Program Files\Common files\Avid [14/03/2022 18:39:43] - |HD| - [1006986] - C:\Program Files\Common files\EAInstaller [07/12/2019 10:14:52] - |D| - [34828085] - C:\Program Files\Common files\microsoft shared [21/03/2022 16:15:47] - |D| - [2081280] - C:\Program Files\Common files\Propellerhead Software [07/12/2019 10:14:52] - |D| - [2702] - C:\Program Files\Common files\Services [07/12/2019 10:14:52] - |D| - [10581899] - C:\Program Files\Common files\System [24/03/2022 14:10:08] - |D| - [7454720] - C:\Program Files\Common files\VST2 ---------- | Links to files C:\$Recycle.Bin\S-1-5-21-3647221497-3949391349-1226619127-1001\$RR3C6YP.lnk -> C:\Program Files\Steinberg\VSTPlugins\Serum_x64.exe - Status : OK C:\$Recycle.Bin\S-1-5-21-3647221497-3949391349-1226619127-1001\$RW38FZV.lnk -> C:\ProgramData\Ableton\Live 11 Suite\Program\Ableton Live 11 Suite.exe - Status : OK C:\Program Files\Image-Line\FL Studio 20\Plugins\Fruity\Generators\Serum\Xfer Records\Serum\Xfer Serum (32Bit).lnk -> C:\Program Files (x86)\Steinberg\VSTPlugins\Serum.exe - Status : OK C:\Program Files\Image-Line\FL Studio 20\Plugins\Fruity\Generators\Serum\Xfer Records\Serum\Xfer Serum (64Bit).lnk -> C:\Program Files\Steinberg\VSTPlugins\Serum_x64.exe - Status : OK C:\Program Files\Image-Line\Shared\Start\Diagnostic.lnk -> C:\Program Files\Image-Line\FL Studio 20\System\Tools\Diagnostics\fldiagnostic.exe - Status : OK C:\Program Files\Image-Line\Shared\Start\FL Studio 20\FL Studio online.lnk -> C:\Program Files\Image-Line\FL Studio 20\System\Internet\FL Studio online.url - Status : OK C:\Program Files\Image-Line\Shared\Start\FL Studio 20\Help.lnk -> C:\Program Files\Image-Line\FL Studio 20\Help\FL.chm - Status : OK C:\Program Files\Image-Line\Shared\Start\FL Studio 20\Install plugin version (32bit).lnk -> C:\Program Files\Image-Line\FL Studio 20\FL.exe - Status : OK C:\Program Files\Image-Line\Shared\Start\FL Studio 20\Install plugin version (64bit).lnk -> C:\Program Files\Image-Line\FL Studio 20\FL64.exe - Status : OK C:\Program Files\Image-Line\Shared\Start\FL Studio 20\Plugin Manager.lnk -> C:\Program Files\Image-Line\FL Studio 20\System\Tools\Plugin Manager\PluginManager.exe - Status : OK C:\Program Files\Image-Line\Shared\Start\FL Studio 20\Reset settings.lnk -> C:\Program Files\Image-Line\FL Studio 20\FL.exe - Status : OK C:\Program Files\Image-Line\Shared\Start\FL Studio 20\Uninstall.lnk -> C:\Program Files\Image-Line\FL Studio 20\uninstall.exe - Status : OK C:\Program Files\Image-Line\Shared\Start\FL Studio 20\Unregister ReWire client (32bit).lnk -> C:\Program Files\Image-Line\FL Studio 20\FL.exe - Status : OK C:\Program Files\Image-Line\Shared\Start\FL Studio 20\Unregister ReWire client (64bit).lnk -> C:\Program Files\Image-Line\FL Studio 20\FL64.exe - Status : OK C:\Program Files\Image-Line\Shared\Start\FL Studio 20\What's new.lnk -> C:\Program Files\Image-Line\FL Studio 20\WhatsNew.rtf - Status : OK C:\Program Files\Image-Line\Shared\Start\FL Studio 20 (32bit).lnk -> C:\Program Files\Image-Line\FL Studio 20\FL.exe - Status : OK C:\Program Files\Image-Line\Shared\Start\FL Studio 20.lnk -> C:\Program Files\Image-Line\FL Studio 20\FL64.exe - Status : OK C:\Program Files\Image-Line\Shared\Start\Image-Line website.lnk -> C:\Program Files\Image-Line\FL Studio 20\System\Internet\About\Image-Line homepage.url - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\system32\notepad.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\system32\mspaint.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\system32\quickassist.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\system32\mstsc.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\system32\SnippingTool.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\system32\psr.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\system32\charmap.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\system32\WFS.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\system32\comexp.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\system32\compmgmt.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\system32\dfrgui.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\system32\cleanmgr.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\system32\eventvwr.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\system32\iscsicpl.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\system32\MdSched.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\syswow64\odbcad32.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\system32\odbcad32.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\system32\perfmon.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\system32\printmanagement.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\RecoveryDrive.lnk -> C:\Windows\system32\RecoveryDrive.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Registry Editor.lnk -> C:\Windows\regedit.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\system32\perfmon.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\system32\secpol.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\system32\services.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\system32\msconfig.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\system32\msinfo32.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\system32\taskschd.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\system32\WF.msc - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apex Legends\Apex Legends.lnk -> C:\Program Files (x86)\Origin Games\Apex\r5apex.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apex Legends\Assistance technique.lnk -> C:\Program Files (x86)\Origin Games\Apex\Support\EA Help\Assistance technique.fr_FR.rtf - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apex Legends\Contrat Utilisateur d'Electronic Arts.lnk -> C:\Program Files (x86)\Origin Games\Apex\Support\User Agreement\fr_FR.html - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apex Legends\Politique relative à la protection des données personnelles et aux cookies.lnk -> C:\Program Files (x86)\Origin Games\Apex\Support\Privacy and Cookie Policy\fr_FR.html - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast One.lnk -> C:\Program Files\Avast Software\Avast\AvastUI.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net\Battle.net.lnk -> C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\HWMonitor\HWMonitor.lnk -> C:\Program Files\CPUID\HWMonitor\HWMonitor.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\HWMonitor\Uninstall HWMonitor.lnk -> C:\Program Files\CPUID\HWMonitor\unins000.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com\DriversCloud.com - Démarrer la détection.lnk -> C:\Program Files\Cybelsoft\DriversCloud.com\DriversCloud.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com\DriversCloud.com.lnk -> C:\Program Files\Cybelsoft\DriversCloud.com\DriversCloud.html - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com\Désinstaller DriversCloud.com 11.1.1.0.lnk -> C:\Windows\SysWOW64\msiexec.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk -> C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 20.lnk -> C:\Program Files\Image-Line\FL Studio 20\FL64.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line\More....lnk -> C:\Program Files\Image-Line\Shared\Start - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\Control.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NZXT CAM.lnk -> C:\Program Files\NZXT CAM\NZXT CAM.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games\Client Riot.lnk -> C:\Riot Games\Riot Client\RiotClientServices.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games\League of Legends.lnk -> C:\Riot Games\Riot Client\RiotClientServices.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\system32\taskmgr.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk -> C:\Program Files\TeamViewer\TeamViewer.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\syswow64\WindowsPowerShell\v1.0\PowerShell_ISE.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Aide de WinRAR.lnk -> C:\Program Files\WinRAR\winrar.chm - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Manuel de la console RAR.lnk -> C:\Program Files\WinRAR\Rar.txt - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Quelles sont les nouveautés de la dernière version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xfer Records\Serum\Serum Manual.lnk -> C:\Users\bette\Documents\Xfer\Serum Presets\Serum_Manual.pdf - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xfer Records\Serum\Uninstall.lnk -> C:\Program Files\Image-Line\FL Studio 20\Plugins\Fruity\Generators\Serum\Xfer Records\Serum\Uninstall\unins000.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xfer Records\Serum\Xfer Serum (32Bit).lnk -> C:\Program Files (x86)\Steinberg\VSTPlugins\Serum.exe - Status : OK C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xfer Records\Serum\Xfer Serum (64Bit).lnk -> C:\Program Files\Steinberg\VSTPlugins\Serum_x64.exe - Status : OK C:\Users\bette\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe - Status : OK C:\Users\bette\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe - Status : OK C:\Users\bette\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe - Status : OK C:\Users\bette\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe - Status : OK C:\Users\bette\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> - Status : OK C:\Users\bette\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\system32\taskmgr.exe - Status : OK C:\Users\bette\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Users\bette\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\bette\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Users\bette\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\bette\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\system32\compmgmt.msc - Status : OK C:\Users\bette\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\system32\diskmgmt.msc - Status : OK C:\Users\bette\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> - Status : OK C:\Users\bette\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Users\bette\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> - Status : OK C:\Users\bette\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\system32\eventvwr.exe - Status : OK C:\Users\bette\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> - Status : OK C:\Users\bette\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\system32\mblctr.exe - Status : OK C:\Users\bette\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\81f60f1222210b45\League of Legends.lnk -> C:\Riot Games\League of Legends\LeagueClient.exe - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Abelton (2).lnk -> C:\Users\bette\Documents\Abelton - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Abelton.lnk -> C:\Users\bette\Documents\Abelton - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Ableton Live 11 Suite Installer Data 1.lnk -> C:\Users\bette\Documents\Abelton\Ableton Live Suite 11 WiN R2R Racky\Ableton Live 11 Suite Installer Data 1.cab - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Ableton Live Suite 11 WiN R2R Racky (2).lnk -> C:\Users\bette\Documents\Abelton\Ableton Live Suite 11 WiN R2R Racky - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Ableton Live Suite 11 WiN R2R Racky.lnk -> C:\Users\bette\Documents\Abelton\Ableton Live Suite 11 WiN R2R Racky.rar - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Authorize.lnk -> C:\ProgramData\Ableton\Live 11 Suite\Program\Authorize.auz - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Autorisation d'Ableton Live hors connexion.lnk -> C:\Users\bette\Desktop\Autorisation d'Ableton Live hors connexion.txt - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Bureau.lnk -> C:\Users\bette\Desktop - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\c8149b79-fb63-41f4-a20a-f6817a652876.lnk -> C:\Users\bette\Desktop\FL STUDIO\Sample pack\c8149b79-fb63-41f4-a20a-f6817a652876.zip - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\caca.lnk -> C:\Users\bette\Desktop\FL STUDIO\caca.flp - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Ce PC.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Data.lnk -> C:\Program Files\Image-Line\FL Studio 20\Data - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Documents.lnk -> C:\Users\bette\Documents - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\etc.lnk -> C:\Windows\System32\drivers\etc - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\FL STUDIO (2).lnk -> C:\Users\bette\Desktop\FL STUDIO - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\FL STUDIO.lnk -> C:\Users\bette\Desktop\FL STUDIO - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Foley Percussion 1.lnk -> C:\Users\bette\Desktop\FL STUDIO\Sample pack\Space 92 Techno Tutorial Files(Julien Earle)\Samples\Imported\Foley Percussion 1.wav - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Foley Percussion 2.lnk -> C:\Users\bette\Desktop\FL STUDIO\Sample pack\Space 92 Techno Tutorial Files(Julien Earle)\Samples\Imported\Foley Percussion 2.wav - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\FoxTech10_Nicky.Romero.Kickstart.v1.0.9.lnk -> C:\Users\bette\Desktop\FL STUDIO\VST\FoxTech10_Nicky.Romero.Kickstart.v1.0.9.rar - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Fruity.lnk -> C:\Program Files\Image-Line\FL Studio 20\Plugins\Fruity - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Fx 9 R.lnk -> C:\Users\bette\Desktop\FL STUDIO\Sample pack\Space 92 Techno Tutorial Files(Julien Earle)\Space 92 Techno Tutorial Project\Samples\Processed\Reverse\Fx 9 R.wav - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Generators.lnk -> C:\Program Files\Image-Line\FL Studio 20\Plugins\Fruity\Generators - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Hihat 3.lnk -> C:\Users\bette\Desktop\FL STUDIO\Sample pack\Space 92 Techno Tutorial Files(Julien Earle)\Samples\Imported\Hihat 3.wav - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\hosts.lnk -> C:\Windows\System32\drivers\etc\hosts - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Image Line - FLStudio 20.8.3 WiN AUDiOWAREZ.lnk -> C:\Users\bette\Downloads\Image Line - FLStudio 20.8.3 WiN AUDiOWAREZ.rar - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Images.lnk -> C:\Users\bette\Pictures - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\IMG_20220322_143407.lnk -> C:\Users\bette\Documents\VINTED\IMG_20220322_143407.jpg - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\IMG_20220322_143442.lnk -> C:\Users\bette\Documents\VINTED\IMG_20220322_143442.jpg - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\IMG_20220322_143507.lnk -> C:\Users\bette\Documents\VINTED\IMG_20220322_143507.jpg - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\IMG_20220322_143541.lnk -> C:\Users\bette\Documents\VINTED\IMG_20220322_143541.jpg - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\IMG_20220322_143959.lnk -> C:\Users\bette\Documents\VINTED\IMG_20220322_143959.jpg - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\IMG_20220322_144038.lnk -> C:\Users\bette\Documents\VINTED\IMG_20220322_144038.jpg - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\IMG_20220322_144118.lnk -> C:\Users\bette\Documents\VINTED\IMG_20220322_144118.jpg - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Imported.lnk -> C:\Users\bette\Desktop\FL STUDIO\Sample pack\Space 92 Techno Tutorial Files(Julien Earle)\Samples\Imported - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Internet (2).lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Internet.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Loop 6 Hihat 1.lnk -> C:\Users\bette\Desktop\FL STUDIO\Sample pack\Space 92 Techno Tutorial Files(Julien Earle)\Samples\Imported\Loop 6 Hihat 1.wav - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\luv8ad5s0oi81.lnk -> C:\Users\bette\Pictures\luv8ad5s0oi81.jpg - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Mes Samples.lnk -> C:\Program Files\Image-Line\FL Studio 20\Data\Patches\Mes Samples - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay---.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--kglcheck-.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=10008&WindowId=1181344.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=10252&WindowId=1638516.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=10932&WindowId=1509216.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=13276&WindowId=2164238.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=13520&WindowId=198104.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=14308&WindowId=394460.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=1468&WindowId=131352.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=1508&WindowId=132516.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=1644&WindowId=67102.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=16788&WindowId=525764.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=16900&WindowId=67052.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=17140&WindowId=1508852.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=17164&WindowId=328388.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=17164&WindowId=4064836.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=1772&WindowId=460428.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=18680&WindowId=263664.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=18976&WindowId=2033164.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=19200&WindowId=592146.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=19256&WindowId=328906.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=20048&WindowId=459620.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=26652&WindowId=3147682.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=2844&WindowId=67188.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=3224&WindowId=788178.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=4012&WindowId=67260.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=5128&WindowId=798602.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=5640&WindowId=1048762.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=7032&WindowId=2107390.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=7756&WindowId=459992.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=8212&WindowId=394990.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=8304&WindowId=394790.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=8640&WindowId=657262.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=9368&WindowId=264026.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1628516715&ProcessId=9520&WindowId=591378.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1811699532&ProcessId=1168&WindowId=395180.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1811699532&ProcessId=13976&WindowId=198998.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1811699532&ProcessId=15924&WindowId=263702.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1811699532&ProcessId=17964&WindowId=1115760.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1811699532&ProcessId=21136&WindowId=2623296.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=1811699532&ProcessId=9152&WindowId=39585602.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=2110108557&ProcessId=15940&WindowId=19203618.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=2110108557&ProcessId=5548&WindowId=132356.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=2110108557&ProcessId=5548&WindowId=197892.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-gamingoverlay--startuptips-TitleId=2110108557&ProcessId=5548&WindowId=263428.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-screensketcheditisTemporary=true&source=screenclip&sharedAccessToken=ADA135A1-705D-441D-B179-B0A3CADCC3C6&secondarySharedAccessToken=C0FB73BE-4EAD-40A0-9FC0-94F04CEB88F3&viewId=-67485.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\ms-settingswindowsupdate.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\new kick 14.lnk -> C:\Users\bette\Desktop\FL STUDIO\Sample pack\Space 92 Techno Tutorial Files(Julien Earle)\Samples\Imported\new kick 14.wav - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\new kick 54.lnk -> C:\Users\bette\Desktop\FL STUDIO\Sample pack\Space 92 Techno Tutorial Files(Julien Earle)\Samples\Imported\new kick 54.wav - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Nicky.Romero.Kickstart.v1.0.9.Incl_.Keygen-R2R.lnk -> C:\Users\bette\Desktop\FL STUDIO\VST\Nicky.Romero.Kickstart.v1.0.9.Incl_.Keygen-R2R.zip - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\NickyRomero Kickstart 1.0.6 (1).lnk -> C:\Users\bette\Desktop\FL STUDIO\VST\NickyRomero Kickstart 1.0.6 (1).rar - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\NickyRomero Kickstart 1.0.6.lnk -> C:\Users\bette\Desktop\FL STUDIO\VST\NickyRomero Kickstart 1.0.6.rar - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Nouveau dossier.lnk -> C:\Users\bette\Documents\Nouveau dossier - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Password 123.lnk -> C:\Users\bette\Desktop\FL STUDIO\VST\Password 123.txt - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Patches.lnk -> C:\Program Files\Image-Line\FL Studio 20\Data\Patches - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Program.lnk -> C:\ProgramData\Ableton\Live 11 Suite\Program - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\R2R (2).lnk -> C:\Users\bette\Documents\Abelton\Ableton Live Suite 11 WiN R2R Racky\R2R - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\R2R.lnk -> C:\Users\bette\Documents\Abelton\Ableton Live Suite 11 WiN R2R Racky\R2R\R2R.txt - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Reverse.lnk -> C:\Users\bette\Desktop\FL STUDIO\Sample pack\Space 92 Techno Tutorial Files(Julien Earle)\Space 92 Techno Tutorial Project\Samples\Processed\Reverse - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Sample pack.lnk -> C:\Users\bette\Desktop\FL STUDIO\Sample pack - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Serum.lnk -> C:\Program Files\Image-Line\FL Studio 20\Plugins\Fruity\Generators\Serum - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Space-92-1605-Techno-Tutorial-Files.lnk -> C:\Users\bette\Desktop\FL STUDIO\Sample pack\Space-92-1605-Techno-Tutorial-Files.zip - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Téléchargements (2).lnk -> C:\Users\bette\Downloads - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Téléchargements.lnk -> C:\Users\bette\Downloads - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\VINTED.lnk -> C:\Users\bette\Documents\VINTED - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\VST.lnk -> C:\Users\bette\Desktop\FL STUDIO\VST - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\wetransfer_img_20220322_144258-jpg_2022-03-22_1350.lnk -> C:\Users\bette\Documents\Abelton\VINTED\wetransfer_img_20220322_144258-jpg_2022-03-22_1350.zip - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Recent\Xfer Serum 1.33b4 WiN MacOS r4e MORiA.lnk -> C:\Users\bette\Downloads\Xfer Serum 1.33b4 WiN MacOS r4e MORiA.zip - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\system32\WFS.exe - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files\TeamViewer\TeamViewer.exe - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\SendTo\Transfert de fichiers Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\system32\magnify.exe - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\system32\narrator.exe - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\system32\osk.exe - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2\ASIO4ALL v2 Instruction Manual.lnk -> C:\Program Files (x86)\ASIO4ALL v2\ASIO4ALL v2 Instruction Manual.pdf - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2\ASIO4ALL Web Site.lnk -> C:\Program Files (x86)\ASIO4ALL v2\ASIO4ALL Web Site.url - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2\Uninstall.lnk -> C:\Program Files (x86)\ASIO4ALL v2\uninstall.exe - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc\Discord.lnk -> C:\Users\bette\AppData\Local\Discord\Update.exe - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 20.lnk -> C:\Program Files\Image-Line\FL Studio 20\FL64.exe - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\More....lnk -> C:\Program Files\Image-Line\Shared\Start - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\bette\AppData\Local\Microsoft\OneDrive\OneDrive.exe - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games\Rockstar Games Launcher.lnk -> C:\Program Files\Rockstar Games\Launcher\LauncherPatcher.exe - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Aide de WinRAR.lnk -> C:\Program Files\WinRAR\winrar.chm - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Manuel de la console RAR.lnk -> C:\Program Files\WinRAR\Rar.txt - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Quelles sont les nouveautés de la dernière version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt - Status : OK C:\Users\bette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe - Status : OK C:\Users\bette\Desktop\ASIO4ALL v2 Instruction Manual.lnk -> C:\Program Files (x86)\ASIO4ALL v2\ASIO4ALL v2 Instruction Manual.pdf - Status : OK C:\Users\bette\Desktop\Discord.lnk -> C:\Users\bette\AppData\Local\Discord\Update.exe - Status : OK C:\Users\bette\Desktop\RDR2.lnk -> C:\Program Files\Rockstar Games\Red Dead Redemption 2\RDR2.exe - Status : OK C:\Users\bette\Desktop\Rockstar Games Launcher.lnk -> C:\Program Files\Rockstar Games\Launcher\LauncherPatcher.exe - Status : OK C:\Users\bette\Desktop\Spotify.lnk -> - Status : OK C:\Users\bette\Links\Desktop.lnk -> C:\Users\bette\Desktop - Status : OK C:\Users\bette\Links\Downloads.lnk -> C:\Users\bette\Downloads - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\system32\taskmgr.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\system32\compmgmt.msc - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\system32\diskmgmt.msc - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\system32\eventvwr.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\system32\mblctr.exe - Status : OK C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\system32\WFS.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\TeamViewer.lnk -> C:\Program Files\TeamViewer\TeamViewer.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\system32\magnify.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\system32\narrator.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\system32\osk.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\OneDrive\OneDrive.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Users\Public\Desktop\Apex Legends.lnk -> C:\Program Files (x86)\Origin Games\Apex\r5apex.exe - Status : OK C:\Users\Public\Desktop\Avast One.lnk -> C:\Program Files\Avast Software\Avast\AvastUI.exe - Status : OK C:\Users\Public\Desktop\Battle.net.lnk -> C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe - Status : OK C:\Users\Public\Desktop\Client Riot.lnk -> C:\Riot Games\Riot Client\RiotClientServices.exe - Status : OK C:\Users\Public\Desktop\CPUID HWMonitor.lnk -> C:\Program Files\CPUID\HWMonitor\HWMonitor.exe - Status : OK C:\Users\Public\Desktop\Epic Games Launcher.lnk -> C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe - Status : OK C:\Users\Public\Desktop\FL Studio 20.lnk -> C:\Program Files\Image-Line\FL Studio 20\FL64.exe - Status : OK C:\Users\Public\Desktop\GeForce Experience.lnk -> C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe - Status : OK C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe - Status : OK C:\Users\Public\Desktop\League of Legends.lnk -> C:\Riot Games\Riot Client\RiotClientServices.exe - Status : OK C:\Users\Public\Desktop\NZXT CAM.lnk -> C:\Program Files\NZXT CAM\NZXT CAM.exe - Status : OK C:\Users\Public\Desktop\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe - Status : OK C:\Users\Public\Desktop\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe - Status : OK C:\Users\Public\Desktop\TeamViewer.lnk -> C:\Program Files\TeamViewer\TeamViewer.exe - Status : OK C:\Users\Public\Desktop\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\system32\taskmgr.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\system32\compmgmt.msc - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\system32\diskmgmt.msc - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\system32\eventvwr.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\system32\mblctr.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\SendTo\Destinataire de télécopie.lnk -> C:\Windows\System32\WFS.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\system32\WFS.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\system32\magnify.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\system32\narrator.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\system32\osk.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\OneDrive\OneDrive.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\system32\taskmgr.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\system32\compmgmt.msc - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\system32\diskmgmt.msc - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\system32\eventvwr.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\system32\mblctr.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\SendTo\Destinataire de télécopie.lnk -> C:\Windows\System32\WFS.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\system32\WFS.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\system32\magnify.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\system32\narrator.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\system32\osk.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\OneDrive\OneDrive.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Administrative Tools.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe - Status : OK C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe - Status : OK C:\Windows\WinSxS\amd64_eventviewersettings_31bf3856ad364e35_10.0.19041.1_none_aae8e58aa310aa7d\Event Viewer.lnk -> C:\Windows\system32\eventvwr.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-hyper-v-management-clients_31bf3856ad364e35_10.0.19041.1_none_a87cce111f2d21d5\Hyper-V Manager.lnk -> C:\Windows\System32\mmc.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-a..roblemstepsrecorder_31bf3856ad364e35_10.0.19041.746_none_b8eadbf8a9c907b3\Steps Recorder.lnk -> C:\Windows\system32\psr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-advancedtaskmanager_31bf3856ad364e35_10.0.19041.1202_none_23a707c9a0b5a8e1\Task Manager.lnk -> C:\Windows\system32\taskmgr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-c..-disposableclientvm_31bf3856ad364e35_10.0.19041.985_none_c3639a9e3ab1a351\Windows Sandbox.lnk -> C:\Windows\system32\WindowsSandbox.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-c..s-admin-compsvclink_31bf3856ad364e35_10.0.19041.1_none_88835f4d79d6a242\Component Services.lnk -> C:\Windows\system32\comexp.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-c..termanagementsnapin_31bf3856ad364e35_10.0.19041.746_none_290f6af7d5263efa\Computer Management.lnk -> C:\Windows\system32\compmgmt.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-charmap_31bf3856ad364e35_10.0.19041.1_none_a84acae243b8ad63\Character Map.lnk -> C:\Windows\system32\charmap.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-cleanmgr_31bf3856ad364e35_10.0.19041.1266_none_e20a09e712bd275c\Disk Cleanup.lnk -> C:\Windows\system32\cleanmgr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-commandprompt-shortcut_31bf3856ad364e35_10.0.19041.1_none_efaf63248e6d4479\Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-d..-tools-mmc-adsiedit_31bf3856ad364e35_10.0.19041.1466_none_27d69d4b8f185d67\ADSIEdit.lnk -> C:\Windows\system32\adsiedit.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-d..-tools-mmc-adsiedit_31bf3856ad364e35_10.0.19041.746_none_911fb46a38a61421\ADSIEdit.lnk -> C:\Windows\system32\adsiedit.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-d..mc-sitesandservices_31bf3856ad364e35_10.0.19041.746_none_7d35d325c812757b\Active Directory Sites and Services.lnk -> C:\Windows\system32\dssite.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-d..services-adam-setup_31bf3856ad364e35_10.0.19041.746_none_1a1e8292dcf10728\ADAM Install.lnk -> C:\Windows\ADAM\adaminstall.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-defrag-adminui_31bf3856ad364e35_10.0.19041.746_none_770f598aef14382e\dfrgui.lnk -> C:\Windows\system32\dfrgui.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-e..er-server-shortcuts_31bf3856ad364e35_10.0.19041.1_none_5e85a7ed6f490164\Administrative Tools.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\01 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\01a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\02 - Command Prompt.lnk -> C:\Windows\system32\cmd.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\02a - Windows PowerShell.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\03 - Computer Management.lnk -> C:\Windows\system32\compmgmt.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\04 - Disk Management.lnk -> C:\Windows\system32\diskmgmt.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\04-1 - NetworkStatus.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\05 - Device Manager.lnk -> C:\Windows\system32\control.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\06 - SystemAbout.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\07 - Event Viewer.lnk -> C:\Windows\system32\eventvwr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\08 - PowerAndSleep.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\09 - Mobility Center.lnk -> C:\Windows\system32\mblctr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\1 - Desktop.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\1 - Run.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\10 - AppsAndFeatures.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\2 - Search.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\4 - Control Panel.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\5 - Task Manager.lnk -> C:\Windows\system32\taskmgr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\computer.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\Control Panel.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\File Explorer.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\Run.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\Shows Desktop.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-explorer-shortcuts_31bf3856ad364e35_10.0.19041.1_none_6da8f779b049952c\Window Switcher.lnk -> - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-f..client-applications_31bf3856ad364e35_10.0.19041.1586_none_eda110bcddae418b\Fax Recipient.lnk -> C:\Windows\system32\WFS.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-f..client-applications_31bf3856ad364e35_10.0.19041.1586_none_eda110bcddae418b\Windows Fax and Scan.lnk -> C:\Windows\system32\WFS.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-f..client-applications_31bf3856ad364e35_10.0.19041.746_none_56f2f7338735a9a6\Fax Recipient.lnk -> C:\Windows\system32\WFS.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-f..client-applications_31bf3856ad364e35_10.0.19041.746_none_56f2f7338735a9a6\Windows Fax and Scan.lnk -> C:\Windows\system32\WFS.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-i..ntrolpanel.appxmain_31bf3856ad364e35_10.0.19041.1202_none_8f7e37524c3e1a13\Immersive Control Panel.lnk -> C:\Windows\System32\Control.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-i..ntrolpanel.appxmain_31bf3856ad364e35_10.0.19041.1566_none_8f636e2a4c516c74\Immersive Control Panel.lnk -> C:\Windows\System32\Control.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-iis-clientshortcuts_31bf3856ad364e35_10.0.19041.1_none_9f9e4023b60d2433\IIS Client Manager.lnk -> C:\Windows\system32\inetsrv\InetMgr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-iis-legacysnapin_31bf3856ad364e35_10.0.19041.906_none_5f45625010b4cd19\IIS6 Manager.lnk -> C:\Windows\system32\inetsrv\InetMgr6.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-iis-managementconsole_31bf3856ad364e35_10.0.19041.906_none_65f82ba919c64b11\IIS Manager.lnk -> C:\Windows\system32\inetsrv\InetMgr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-iscsi_initiator_ui_31bf3856ad364e35_10.0.19041.1_none_8ddc3834fb6f659f\iSCSI Initiator.lnk -> C:\Windows\system32\iscsicpl.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-m..-odbc-administrator_31bf3856ad364e35_10.0.19041.1_none_fa40f4e1dd1492a8\ODBC Data Sources (64-bit).lnk -> C:\Windows\system32\odbcad32.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-m..diagnostic-schedule_31bf3856ad364e35_10.0.19041.1_none_49c7a9c019150ac4\Memory Diagnostics Tool.lnk -> C:\Windows\system32\MdSched.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-magnify_31bf3856ad364e35_10.0.19041.1266_none_e2f3aaf24de135ec\Magnify.lnk -> C:\Windows\system32\magnify.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-magnify_31bf3856ad364e35_10.0.19041.1566_none_e2d33b2e4df989bf\Magnify.lnk -> C:\Windows\system32\magnify.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-mediaplayer-shortcut_31bf3856ad364e35_10.0.19041.1_none_64c27fc7ed12e401\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-msconfig-exe_31bf3856ad364e35_10.0.19041.1110_none_4f46693352ed3250\System Configuration.lnk -> C:\Windows\system32\msconfig.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-msinfo32-exe_31bf3856ad364e35_10.0.19041.1110_none_20a89186aedb6af7\System Information.lnk -> C:\Windows\system32\msinfo32.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-mspaint_31bf3856ad364e35_10.0.19041.746_none_6c16d1714d60fddf\Paint.lnk -> C:\Windows\system32\mspaint.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-narrator_31bf3856ad364e35_10.0.19041.789_none_9beee4eb02a5f8c7\Narrator.lnk -> C:\Windows\system32\narrator.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-nfs-adminmmc_31bf3856ad364e35_10.0.19041.1_none_9da8f6be034114e3\Services For Network File System.lnk -> C:\Windows\system32\nfsmgmt.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-notepad_31bf3856ad364e35_10.0.19041.1081_none_e3f87355251e8c43\Notepad.lnk -> C:\Windows\system32\notepad.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-notepad_31bf3856ad364e35_10.0.19041.1566_none_e3bff13d2549656f\Notepad.lnk -> C:\Windows\system32\notepad.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-osk_31bf3856ad364e35_10.0.19041.1_none_60ade0eff94c37fc\On-Screen Keyboard.lnk -> C:\Windows\system32\osk.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-p..erandprintui-pmcppc_31bf3856ad364e35_10.0.19041.1_none_c1594f70200f2c03\Print Management.lnk -> C:\Windows\system32\printmanagement.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-performancetoolsgui_31bf3856ad364e35_10.0.19041.746_none_7a0308f7ffc334d5\Performance Monitor.lnk -> C:\Windows\system32\perfmon.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-performancetoolsgui_31bf3856ad364e35_10.0.19041.746_none_7a0308f7ffc334d5\Resource Monitor.lnk -> C:\Windows\system32\perfmon.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-powershell-ise_31bf3856ad364e35_10.0.19041.1_none_1ed6cb15a1b51b10\Windows PowerShell ISE (x86).lnk -> C:\Windows\syswow64\WindowsPowerShell\v1.0\PowerShell_ISE.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-powershell-ise_31bf3856ad364e35_10.0.19041.1_none_1ed6cb15a1b51b10\Windows PowerShell ISE.lnk -> C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell_ISE.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-quickassist_31bf3856ad364e35_10.0.19041.1266_none_72c6a00123f43c47\Quick Assist.lnk -> C:\Windows\system32\quickassist.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-quickassist_31bf3856ad364e35_10.0.19041.1566_none_72a6303d240c901a\Quick Assist.lnk -> C:\Windows\system32\quickassist.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-recoverydrive_31bf3856ad364e35_10.0.19041.1237_none_9d556cf140e198b4\RecoveryDrive.lnk -> C:\Windows\system32\RecoveryDrive.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_10.0.19041.746_none_d22800313aa7eb5c\Registry Editor.lnk -> C:\Windows\regedit.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-s..ment-policytools-ex_31bf3856ad364e35_10.0.19041.1_none_0f506321e073254e\Security Configuration Management.lnk -> C:\Windows\system32\secpol.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_10.0.19041.1_none_8554f027e5186b5e\services.lnk -> C:\Windows\system32\services.msc - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-snippingtool-app_31bf3856ad364e35_10.0.19041.746_none_77bd4cfbe87238a7\Snipping Tool.lnk -> C:\Windows\system32\SnippingTool.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-speech-userexperience_31bf3856ad364e35_10.0.19041.746_none_fa033ad7aa9be481\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-t..etpc-mathinputpanel_31bf3856ad364e35_10.0.19041.746_none_a89acde4afbab635\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\Ink\mip.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-t..minalservicesclient_31bf3856ad364e35_10.0.19041.1266_none_c2a2211ad648e627\Remote Desktop Connection.lnk -> C:\Windows\system32\mstsc.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-wordpad_31bf3856ad364e35_10.0.19041.1202_none_a27aa61d221bdc5c\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft-windows-wordpad_31bf3856ad364e35_10.0.19041.1566_none_a25fdcf5222f2ebd\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft.windows.powershell.common_31bf3856ad364e35_10.0.19041.1_none_e6d05ddbba96a35b\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\WinSxS\amd64_microsoft.windows.powershell.common_31bf3856ad364e35_10.0.19041.1_none_e6d05ddbba96a35b\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - Status : OK C:\Windows\WinSxS\amd64_multipoint-logcollector_31bf3856ad364e35_10.0.19041.1_none_56138d203a7fc4cf\MultiPoint Log Collector.lnk -> C:\Program Files\Windows MultiPoint Server\LogCollector.exe - Status : OK C:\Windows\WinSxS\amd64_multipoint-wmsmanager_31bf3856ad364e35_10.0.19041.1_none_d1ffdc3927836528\MultiPoint Manager.lnk -> C:\Program Files\Windows MultiPoint Server\WmsManager.exe - Status : OK C:\Windows\WinSxS\amd64_networking-mpssvc-shortcut_31bf3856ad364e35_10.0.19041.1_none_3b48028dac22b3be\Windows Defender Firewall with Advanced Security.lnk -> C:\Windows\system32\WF.msc - Status : OK C:\Windows\WinSxS\amd64_taskschedulersettings_31bf3856ad364e35_10.0.19041.1_none_00dc114da3ba6b01\Task Scheduler.lnk -> C:\Windows\system32\taskschd.msc - Status : OK C:\Windows\WinSxS\msil_hyperv-ux-ui-vmcreate_31bf3856ad364e35_10.0.19041.1_none_8d387dde0a6c6d14\VMCreate.lnk -> C:\Program Files\Hyper-V\VMCreate.exe - Status : OK C:\Windows\WinSxS\msil_multipoint-wmsdashboard_31bf3856ad364e35_10.0.19041.1_none_061d84508b376f80\MultiPoint Dashboard.lnk -> C:\Program Files\Windows MultiPoint Server\WmsDashboard.exe - Status : OK C:\Windows\WinSxS\wow64_microsoft-windows-m..-odbc-administrator_31bf3856ad364e35_10.0.19041.1_none_04959f34117554a3\ODBC Data Sources (32-bit).lnk -> C:\Windows\syswow64\odbcad32.exe - Status : OK C:\Windows\WinSxS\wow64_microsoft-windows-onedrive-setup_31bf3856ad364e35_10.0.19041.1_none_e585f901f9ce93e6\OneDrive.lnk -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\OneDrive\OneDrive.exe - Status : OK ---------- | Tasks [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [14/03/2022 21:36:19] - |AH| - [6] - C:\Windows\Tasks\SA.DAT [MD5.34297844B0A494E4D2D20DF14974766B] - [14/03/2022 16:19:03] - |A| - [4292] - C:\Windows\System32\Tasks\AMD Updater : "C:\Program Files\AMD\CIM\\Bin64\RadeonInstaller.exe" [MD5.01A8ACDA2A2C84FB94CE9CF8B839EB33] - [14/03/2022 21:55:53] - |A| - [3990] - C:\Windows\System32\Tasks\Avast Emergency Update : C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [MD5.56DB14BF3EF2D74DCB899F9260119FE9] - [14/03/2022 21:57:12] - |A| - [4028] - C:\Windows\System32\Tasks\Avast SecureLine VPN Update : C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [MD5.00000000000000000000000000000000] - [14/03/2022 21:56:35] - |D| - [28980] - C:\Windows\System32\Tasks\Avast Software [MD5.215928FB55E460ACA1BF66A47C735AB1] - [14/03/2022 14:42:05] - |A| - [3542] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore{EB9EF458-87F1-4D2F-BA34-E8F5B4B97BB0} : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.3E4F20D16259408C5B1E67E109E582A2] - [14/03/2022 14:42:05] - |A| - [3666] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA{90AB78CA-1892-4D23-BA18-DD0DC834E488} : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] - [07/12/2019 10:14:52] - |D| - [602342] - C:\Windows\System32\Tasks\Microsoft [MD5.AB1E0FBA4D41BD306C59CD8E647D44D4] - [14/03/2022 14:31:47] - |A| - [4782] - C:\Windows\System32\Tasks\MicrosoftEdgeShadowStackRollbackTask : C:\Program Files (x86)\Microsoft\Edge\Application\99.0.1150.52\Installer\setup.exe [MD5.1FE52C3304B6305FF3CC35E442C52659] - [14/03/2022 21:36:21] - |A| - [3510] - C:\Windows\System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore : C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [MD5.68FA8587F98ED545EA12564F15D1DD64] - [14/03/2022 21:36:21] - |A| - [3634] - C:\Windows\System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA : C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [MD5.33C71058DBC20BDC385FC47490A66F57] - [14/03/2022 16:22:51] - |A| - [4308] - C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [MD5.F55B2F72E563AB4B2C6F011BD0C0A3BC] - [14/03/2022 16:22:54] - |A| - [3976] - C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : "C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe" [MD5.9200A7AEAD4C78C61F5CA9964667C70D] - [14/03/2022 16:22:54] - |A| - [3940] - C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [MD5.1A98B4CE6DD2A0370F2E80F69F66A9C4] - [14/03/2022 16:22:47] - |A| - [3894] - C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [MD5.4C1943F7A098FE04B84E9B3BDC3715BF] - [14/03/2022 16:22:47] - |A| - [3654] - C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [MD5.52966EEC540E1490EC011B32E7397F7C] - [14/03/2022 16:22:51] - |A| - [3858] - C:\Windows\System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [MD5.24B9F7F02262FB7F23828F1650B50C40] - [14/03/2022 16:22:51] - |A| - [3858] - C:\Windows\System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [MD5.7364850F4611AAE4FB098329FEE95BEF] - [14/03/2022 16:22:51] - |A| - [3858] - C:\Windows\System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [MD5.DF8E8F265DA407FF31C73A69122711D2] - [14/03/2022 16:22:52] - |A| - [3858] - C:\Windows\System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [MD5.30D4CF663CE59737B815C69C84B986D3] - [14/03/2022 14:37:15] - |A| - [3592] - C:\Windows\System32\Tasks\OneDrive Reporting Task-S-1-5-21-3647221497-3949391349-1226619127-1001 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.6B22F058A4713049D899FEBED57C8020] - [14/03/2022 14:36:52] - |A| - [3380] - C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3647221497-3949391349-1226619127-1001 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.00000000000000000000000000000000] - [07/12/2019 10:14:52] - |D| - [0] - C:\Windows\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "WiFiDirect-KM-Driver-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=System|Name=@wlansvc.dll,-37378|Desc=@wlansvc.dll,-37890|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=System|Name=@wlansvc.dll,-37379|Desc=@wlansvc.dll,-37891|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-In-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=System|Name=@wlansvc.dll,-37380|Desc=@wlansvc.dll,-37892|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=System|Name=@wlansvc.dll,-37381|Desc=@wlansvc.dll,-37893|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "DeliveryOptimization-TCP-In"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "DeliveryOptimization-UDP-In"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "WirelessDisplay-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Infra-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7250|App=%systemroot%\system32\CastSrv.exe|Name=@wifidisplay.dll,-10206|Desc=@wifidisplay.dll,-10207|EmbedCtxt=@wifidisplay.dll,-100| "{69426D9D-7162-4810-AFAF-02B39821C176}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Edge|Desc=Microsoft Edge|LUOwn=S-1-5-21-3647221497-3949391349-1226619127-1001|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=Microsoft Edge|Platform=2:6:2|Platform2=GTEQ| "{ED1A4A22-ECA6-42C2-B4AB-BFFBE17810CA}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Edge|Desc=Microsoft Edge|LUOwn=S-1-5-21-3647221497-3949391349-1226619127-1001|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=Microsoft Edge|Platform=2:6:2|Platform2=GTEQ| "{57083347-6263-406E-9CE0-4806BBD95F90}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\Cybelsoft\DriversCloud.com\DriversCloud.exe|Name=DriversCloud| "{7153C779-534A-4F55-B1F7-3B92705A9FDC}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\Cybelsoft\DriversCloud.com\DriversCloud.exe|Name=DriversCloud| "{37685EDD-7877-466C-9441-5A301C2F9934}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=NcsiUwpApp|Desc=NcsiUwpApp|LUOwn=S-1-5-21-3647221497-3949391349-1226619127-1001|AppPkgId=S-1-15-2-138780814-3997110584-2874353029-2041838810-3659441231-3169655024-3643974355|EmbedCtxt=NcsiUwpApp|Platform=2:6:2|Platform2=GTEQ| "{D34177DB-0000-4147-8902-80957D378644}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Pay|Desc=Microsoft Pay|LUOwn=S-1-5-21-3647221497-3949391349-1226619127-1001|AppPkgId=S-1-15-2-567501097-281763132-502764112-1855211022-3143306454-2372101908-561929011|EmbedCtxt=Microsoft Pay|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{A42640B9-962D-47AD-B395-2FE6461E8556}C:\users\bette\appdata\roaming\spotify\spotify.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\bette\appdata\roaming\spotify\spotify.exe|Name=spotify.exe|Desc=spotify.exe|Defer=User| "UDP Query User{D0FDF778-967F-40BE-8E8E-282D76DC111F}C:\users\bette\appdata\roaming\spotify\spotify.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\bette\appdata\roaming\spotify\spotify.exe|Name=spotify.exe|Desc=spotify.exe|Defer=User| "TCP Query User{95E49728-50D4-495A-A0AE-A4B40DF50875}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\call of duty modern warfare\modernwarfare.exe|Name=Call of Duty®: Modern Warfare®|Desc=Call of Duty®: Modern Warfare®|Defer=User| "UDP Query User{0A7C1E8F-3CA0-4BE1-AC07-A42D61A85671}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\call of duty modern warfare\modernwarfare.exe|Name=Call of Duty®: Modern Warfare®|Desc=Call of Duty®: Modern Warfare®|Defer=User| "{9AF37D46-8998-49C1-8FEE-65FBDB20D785}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe|Name=Apex Legends (Français) fr_FR| "{8BBE60B5-C510-4DC9-BAEB-2A6C4F0E5697}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe|Name=Apex Legends (Français) fr_FR| "TCP Query User{50FB3370-B8CA-4392-B1D8-7BB43C5F1B0F}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe|Name=EpicWebHelper|Desc=EpicWebHelper|Defer=User| "UDP Query User{9C5DF179-E9C4-43FB-82AB-CCFEBB3A3DB2}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe|Name=EpicWebHelper|Desc=EpicWebHelper|Defer=User| "{E8D02CFB-AD44-4F1A-BDC0-C25F41AC4654}"=v2.30|Action=Block|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files\Avast Software\Avast\AvastUI.exe|Name=Avast UI (TCP-In)|Desc=Allow all incoming traffic to UI|EmbedCtxt=Avast UI| "{CF199D23-6A65-45C1-BE7F-D8EBD28FC6CC}"=v2.30|Action=Block|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files\Avast Software\Avast\AvastUI.exe|Name=Avast UI (UDP-In)|Desc=Allow all incoming traffic to UI|EmbedCtxt=Avast UI| "{CD2C4307-CE1C-464F-BB81-962AB75F5391}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\TeamViewer\TeamViewer.exe|Name=Teamviewer Remote Control Application| "{CF2AC5BC-A166-459D-868A-F84880A4D488}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\TeamViewer\TeamViewer.exe|Name=Teamviewer Remote Control Application| "{51A0F63A-D934-4859-A926-BBAAE9BDDC14}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\TeamViewer\TeamViewer_Service.exe|Name=Teamviewer Remote Control Service| "{14D34B2F-CE92-4290-A81B-D7D70B62A3B6}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\TeamViewer\TeamViewer_Service.exe|Name=Teamviewer Remote Control Service| "{92F4C70E-921C-470F-9FA2-73C4F5C65F6E}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Cortana|Desc=Cortana|LUOwn=S-1-5-21-3647221497-3949391349-1226619127-1001|AppPkgId=S-1-15-2-1880626798-2296700190-2192216202-2581987570-949377748-777141861-2889999867|EmbedCtxt=Cortana|Platform=2:6:2|Platform2=GTEQ| "{13C8D16A-0F34-4019-9303-6403FD6213CD}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Cortana|Desc=Cortana|LUOwn=S-1-5-21-3647221497-3949391349-1226619127-1001|AppPkgId=S-1-15-2-1880626798-2296700190-2192216202-2581987570-949377748-777141861-2889999867|EmbedCtxt=Cortana|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{F1759749-5FCB-4CD2-86D9-8CC462FCBB47}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-3647221497-3949391349-1226619127-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{DC0D276B-ECF0-4EEE-B776-EB32ED8D99B7}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-3647221497-3949391349-1226619127-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{73E488D5-A312-4E6C-997C-B96AD49AB68D}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox TCUI|Desc=Xbox TCUI|LUOwn=S-1-5-21-3647221497-3949391349-1226619127-1001|AppPkgId=S-1-15-2-2603511428-3224021693-1028932517-3941269705-3349582775-2312504883-4057327947|EmbedCtxt=Xbox TCUI|Platform=2:6:2|Platform2=GTEQ| "{A49369F6-F9CD-4E52-AD8F-82DC6010D9B4}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox Game Bar|Desc=Xbox Game Bar|LUOwn=S-1-5-21-3647221497-3949391349-1226619127-1001|AppPkgId=S-1-15-2-1714399563-1326177402-2048222277-143663168-2151391019-765408921-4098702777|EmbedCtxt=Xbox Game Bar|Platform=2:6:2|Platform2=GTEQ| "{F9155044-0C2F-4826-9591-AAA7B5B84CC4}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox Game Bar|Desc=Xbox Game Bar|LUOwn=S-1-5-21-3647221497-3949391349-1226619127-1001|AppPkgId=S-1-15-2-1714399563-1326177402-2048222277-143663168-2151391019-765408921-4098702777|EmbedCtxt=Xbox Game Bar|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{34C68BC5-102B-4143-AE8D-EDE5A0E4F21F}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox Game Bar Plugin|Desc=Xbox Game Bar Plugin|LUOwn=S-1-5-21-3647221497-3949391349-1226619127-1001|AppPkgId=S-1-15-2-1823635404-1364722122-2170562666-1762391777-2399050872-3465541734-3732476201|EmbedCtxt=Xbox Game Bar Plugin|Platform=2:6:2|Platform2=GTEQ| "{D76D7CF3-7616-4A1C-9F82-560E860AD514}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=OneNote for Windows 10|Desc=OneNote for Windows 10|LUOwn=S-1-5-21-3647221497-3949391349-1226619127-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote for Windows 10|Platform=2:6:2|Platform2=GTEQ| "{496E5754-A261-4C6D-A63B-0B5002994966}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote for Windows 10|Desc=OneNote for Windows 10|LUOwn=S-1-5-21-3647221497-3949391349-1226619127-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote for Windows 10|Platform=2:6:2|Platform2=GTEQ| "{AF55C62F-B56C-4F0F-9E66-6872DB39831B}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4371-4379|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{CD4164BE-A778-4052-9E64-F32D14D676C8}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4381-4389|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{9FA887A8-4C2E-43D5-B9A9-FECB0C34E016}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{EA157990-176F-43A4-A03C-1750EA783BB5}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{ECC3E2BC-6E27-4E6D-9752-E0AB2B0FF364}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=57621|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{A3220A21-89B4-453B-8973-0AC0F8D35207}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=57621-57631|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{EC0A68E7-B2A5-4B73-BFCD-42D7A51EBF5A}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{47905EE4-8F28-413F-8E91-1F00C5CFA66D}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{4BCB7F4C-145B-4AB2-8602-2E805B1E70B3}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Spotify Music|Desc=Spotify Music|LUOwn=S-1-5-21-3647221497-3949391349-1226619127-1001|AppPkgId=S-1-15-2-557819504-3144503769-3460048582-2468406004-2969798954-3397036932-4166026031|EmbedCtxt=Spotify Music|Platform=2:6:2|Platform2=GTEQ| "{3D852004-480B-4FD7-9D57-CC36717CE6E2}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome| "{B29E24A3-1E36-054A-92E0-327A17521D33}"=v2.10|Action=Block|Active=TRUE|Dir=Out|App=C:\Program Files\Image-Line\FL Studio 20\FL (scaled).exe|Name=FL (scaled).exe|Desc=FL (scaled).exe| "{1CC2B0B6-E96E-B1E5-0561-4B022AB735B6}"=v2.10|Action=Block|Active=TRUE|Dir=Out|App=C:\Program Files\Image-Line\FL Studio 20\FL.exe|Name=FL.exe|Desc=FL.exe| "{683B6E3A-5969-22A7-BB84-4BFB8FDA138E}"=v2.10|Action=Block|Active=TRUE|Dir=Out|App=C:\Program Files\Image-Line\FL Studio 20\FL64 (scaled).exe|Name=FL64 (scaled).exe|Desc=FL64 (scaled).exe| "{BBC6C0F3-A4A5-9173-90DD-35E07ACCA428}"=v2.10|Action=Block|Active=TRUE|Dir=Out|App=C:\Program Files\Image-Line\FL Studio 20\FL64.exe|Name=FL64.exe|Desc=FL64.exe| "{62DA6464-3C1D-6F0A-3B8F-09A950B0C55B}"=v2.10|Action=Block|Active=TRUE|Dir=Out|App=C:\Program Files\Image-Line\FL Studio 20\Misc\Shared\ILMinihostBridge32.exe|Name=ILMinihostBridge32.exe|Desc=ILMinihostBridge32.exe| "{6D9B7FF6-D852-B77E-F904-98311D24DFA9}"=v2.10|Action=Block|Active=TRUE|Dir=Out|App=C:\Program Files\Image-Line\FL Studio 20\Misc\Shared\ILMinihostBridge64.exe|Name=ILMinihostBridge64.exe|Desc=ILMinihostBridge64.exe| "{821DB61B-0FBC-4766-76EF-B640B50C1346}"=v2.10|Action=Block|Active=TRUE|Dir=Out|App=C:\Program Files\Image-Line\FL Studio 20\Misc\Shared\ILPluginScanner32.exe|Name=ILPluginScanner32.exe|Desc=ILPluginScanner32.exe| "{2451CCC3-5919-81C2-42E6-C24625362852}"=v2.10|Action=Block|Active=TRUE|Dir=Out|App=C:\Program Files\Image-Line\FL Studio 20\Misc\Shared\ILPluginScanner64.exe|Name=ILPluginScanner64.exe|Desc=ILPluginScanner64.exe| "{68B9F813-ECD4-F47C-D9D5-DA5205895269}"=v2.10|Action=Block|Active=TRUE|Dir=Out|App=C:\Program Files\Image-Line\FL Studio 20\System\Tools\Bridge\32bit\ilbridge.exe|Name=ilbridge.exe|Desc=ilbridge.exe| "{AC212463-7F8F-6836-70C3-F25EE5DD7B80}"=v2.10|Action=Block|Active=TRUE|Dir=Out|App=C:\Program Files\Image-Line\FL Studio 20\System\Tools\Bridge\64bit\ilbridge.exe|Name=ilbridge.exe|Desc=ilbridge.exe| "{98DA7F55-9BB0-4723-B08B-514A571D8D36}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Disney+|Desc=Disney+|LUOwn=S-1-5-21-3647221497-3949391349-1226619127-1001|AppPkgId=S-1-15-2-1506460561-1341734037-3349002888-506307744-218960278-1810463568-3806631498|EmbedCtxt=Disney+|Platform=2:6:2|Platform2=GTEQ| "{C21DEFE4-FEF3-40C5-B77D-97AA825A35DB}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Disney+|Desc=Disney+|LUOwn=S-1-5-21-3647221497-3949391349-1226619127-1001|AppPkgId=S-1-15-2-1506460561-1341734037-3349002888-506307744-218960278-1810463568-3806631498|EmbedCtxt=Disney+|Platform=2:6:2|Platform2=GTEQ| "{76F6615D-17CF-4EDC-9480-4A0943BF6E2C}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Store|Desc=Microsoft Store|LUOwn=S-1-5-21-3647221497-3949391349-1226619127-1001|AppPkgId=S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157|EmbedCtxt=Microsoft Store|Platform=2:6:2|Platform2=GTEQ| "{41332942-8BC8-494B-A19C-949F22FF89C6}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Store|Desc=Microsoft Store|LUOwn=S-1-5-21-3647221497-3949391349-1226619127-1001|AppPkgId=S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157|EmbedCtxt=Microsoft Store|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{F4B78BEC-E86E-4AB0-8E7A-F1270FE2ED1A}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe|Name=Microsoft Edge (mDNS-In)|Desc=Règle de trafic entrant pour Microsoft Edge pour autoriser le trafic mDNS.|EmbedCtxt=Microsoft Edge| ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760f-a5c8-4bfe-b314-d56a7b44a362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (SecurityAccelerator) [] -> @c_sslaccel.inf,%ClassName%;Security accelerators [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2db15374-706e-4131-a0c7-d7c78eb0289a}] : (SystemRecovery) [] -> @c_fssystemrecovery.inf,%ClassDesc%;FS System recovery filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2ea9b43f-3045-43b5-80f2-fd06c55fbb90}] : (vhdmp) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163c566-d381-4467-87bc-a65a18d5b648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163c566-d381-4467-87bc-a65a18d5b649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3e3f0674-c83c-4558-bb26-9820e1eba5c5}] : (ContentScreener) [] -> @c_fscontentscreener.inf,%ClassDesc%;FS Content screener filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @c_mcx.inf,%ClassDesc%;Media Center Extenders [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48d3ebc4-4cf8-48ff-b869-9c68ad42eb9f}] : (Replication) [] -> @c_fsreplication.inf,%ClassDesc%;FS Replication filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @c_diskdrive.inf,%ClassDesc%;Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @c_display.inf,%ClassDesc%;Display adapters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (FDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (HDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @c_media.inf,%ClassDesc%;Sound, video and game controllers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4fc9541c-0fe6-4480-a4f6-9495a0d17cd2}] : (HidLineDisplay) [] -> @c_linedisplay.inf,%ClassName%;POS Line Display [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53487c23-680f-4585-acc3-1f10d6777e82}] : (SmrDisk) [] -> @c_smrdisk.inf,%ClassDesc%;Shingled magnetic recording disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53966cb1-4d46-4166-bf23-c522403cd495}] : (ScmDisk) [] -> @c_scmdisk.inf,%ClassDesc%;Persistent memory disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53b3cf03-8f5a-4788-91b6-d19ed9fcccbf}] : (SmrVolume) [] -> @c_smrvolume.inf,%ClassDesc%;Shingled magnetic recording volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53ccb149-e543-4c84-b6e0-bce4f6b7e806}] : (ScmVolume) [] -> @c_scmvolume.inf,%ClassDesc%;Storage Class Memory volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5989fce8-9cd0-467d-8a6a-5419e31529d4}] : (AudioProcessingObject) [] -> @c_apo.inf,%ClassDesc%;Audio Processing Objects (APOs) [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5aea001d-9372-4ed7-97f3-b79bf15a53c5}] : (OposLegacyDevice) [] -> @oposdrv.inf,%ClassName%;OPOS Legacy Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5c4c3332-344d-483c-8739-259e934c9cc8}] : (SoftwareComponent) [] -> @c_swcomponent.inf,%ClassDesc%;Software components [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5d1b9aaa-01e2-46af-849f-272b3f324c46}] : (FSFilterSystem) [] -> @c_fssystem.inf,%ClassDesc%;FS System filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{645ad99b-1344-4316-837a-08a3e73db222}] : (PerceptionSimulation) [] -> @PerceptionSimulationSixDof.inf,%ClassName%;Perception Simulation Controllers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6a0a8e78-bba6-4fc4-a709-1e33cd09d67e}] : (PhysicalQuotaManagement) [] -> @c_fsphysicalquotamgmt.inf,%ClassDesc%;FS Physical quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6fae73b7-b735-4b50-a0da-0dc2484b1f1a}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @c_volume.inf,%ClassDesc%;Storage volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71aa14f8-6fad-4622-ad77-92bb9d7e6947}] : (ContinuousBackup) [] -> @c_fscontinuousbackup.inf,%ClassDesc%;FS Continuous backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{81c87465-de07-4efc-9d93-61e891d52fd2}] : (RdpVideoMiniport) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8503c911-a6c7-4919-8f79-5028f5866b0c}] : (QuotaManagement) [] -> @c_fsquotamgmt.inf,%ClassDesc%;FS Quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87ef9ad1-8f70-49ee-b215-ab1fcadcbe3c}] : (NetDriver) [] -> @c_netdriver.inf,%ClassDesc%;Universal Network Drivers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{89786ff1-9c12-402f-9c9e-17753c7f4375}] : (CopyProtection) [] -> @c_fscopyprotection.inf,%ClassDesc%;FS Copy protection filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a701c0-a511-42ff-aa6c-06dc0395576f}] : (Encryption) [] -> @c_fsencryption.inf,%ClassDesc%;FS Encryption filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a3e32dba-ba89-4f17-8386-2d0127fbd4cc}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a73c93f1-9727-4d1d-ace1-0e333ba4e7db}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{aa018edf-4915-415e-9c17-d7ebec8917d2}] : (NvModuleTracker) [] -> @oem23.inf,%ClassName%;NvModuleTracker [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b1d1a169-c54f-4379-81db-bee7d88d7454}] : (AntiVirus) [] -> @c_fsantivirus.inf,%ClassDesc%;FS Anti-virus filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b2728d24-ac56-42db-9e02-8edaf5db652f}] : (RDCamera) [] -> @rdcameradriver.inf,%ClassName%;Remote Desktop Camera devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b86dff51-a31e-4bac-b3cf-e8cfe75c9fc2}] : (ActivityMonitor) [] -> @c_fsactivitymonitor.inf,%ClassDesc%;FS Activity monitor filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ca3e7ab9-b4c3-4ae6-8251-579ef933890f}] : (Camera) [] -> @c_camera.inf,%ClassDesc%;Cameras [HKLM\SYSTEM\CurrentControlSet\Control\Class\{cdcf0939-b75b-4630-bf76-80f7ba655884}] : (CFSMetadataServer) [] -> @c_fscfsmetadataserver.inf,%ClassDesc%;FS CFS metadata server filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d02bc3da-0c8e-4945-9bd5-f1883c226c8c}] : (SecurityEnhancer) [] -> @c_fssecurityenhancer.inf,%ClassDesc%;FS Security enhancer filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d546500a-2aeb-45f6-9482-f4b1799c3177}] : (HSM) [] -> @c_fshsm.inf,%ClassDesc%;FS HSM filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d612553d-06b1-49ca-8938-e39ef80eb16f}] : (Holographic) [] -> @c_holographic.inf,%ClassName%;Mixed Reality devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e55fa6f9-128c-4d04-abab-630c74b1453a}] : (Infrastructure) [] -> @c_fsinfrastructure.inf,%ClassDesc%;FS Infrastructure filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e6f1aa1c-7f3b-4473-b2e8-c97d8ac71d53}] : (UCM) [] -> @c_ucm.inf,%ClassDesc%;USB Connector Managers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f01a9d53-3ff6-48d2-9f97-c8a7004be10c}] : (ComputeAccelerator) [] -> @c_computeaccelerator.inf,%ClassDesc%;Compute accelerators [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f3586baf-b5aa-49b5-8d6c-0569284c639f}] : (Compression) [] -> @c_fscompression.inf,%ClassDesc%;FS Compression filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f75a86c0-10d8-4c3a-b233-ed60e4cdfaac}] : (Virtualization) [] -> @c_fsvirtualization.inf,%ClassDesc%;FS Virtualization filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f8ecafa6-66d1-41a5-899b-66585d7216b7}] : (OpenFileBackup) [] -> @c_fsopenfilebackup.inf,%ClassDesc%;FS Open file backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{fe8f1572-c67a-48c0-bbac-0b5c6d66cafb}] : (Undelete) [] -> @c_fsundelete.inf,%ClassDesc%;FS Undelete filters [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [06/10/2021 14:30:11] - (0.0.0.0) - ( -) - C:\Windows\System32\Drivers\CimFS.SYS [14/03/2022 16:14:20] - (30.0.15.1179) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 511.79) - C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_3b12ac0f95b18b9d\nvlddmkm.sys [14/03/2022 16:22:11] - (4.39.0.0) - (NVIDIA Corporation - NVIDIA Virtual Audio Driver) - C:\Windows\system32\drivers\nvvad64v.sys [14/03/2022 16:22:11] - (100.0.0.0) - (NVIDIA Corporation - Process and module monitoring driver) - C:\Windows\System32\drivers\NvModuleTracker.sys [14/03/2022 16:22:11] - (304.0.0.0) - (NVIDIA Corporation - Virtual USB Host Controller driver) - C:\Windows\System32\drivers\nvvhci.sys [14/03/2022 14:33:40] - (1.3.39.3) - (NVIDIA Corporation - NVIDIA HDMI Audio Driver) - C:\Windows\system32\drivers\nvhda64v.sys [25/03/2022 22:30:37] - (1.0.5.2) - (CPUID - CPUID Driver) - C:\Windows\temp\cpuz152\cpuz152_x64.sys ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service S0 - [Kernel Driver] - 3ware (3ware) -> C:\Windows\system32\drivers\3ware.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - ACPI (Pilote ACPI Microsoft) -> C:\Windows\system32\drivers\ACPI.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> C:\Windows\system32\Drivers\acpiex.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - ADP80XX (ADP80XX) -> C:\Windows\system32\drivers\ADP80XX.SYS - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - amdpsp (AMD PSP Service) -> C:\Windows\system32\drivers\amdpsp.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - amdsata (amdsata) -> C:\Windows\system32\drivers\amdsata.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - amdsbs (amdsbs) -> C:\Windows\system32\drivers\amdsbs.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - amdxata (amdxata) -> C:\Windows\system32\drivers\amdxata.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - arcsas (Pilote miniport Storport Adaptec SAS/SATA-II RAID) -> C:\Windows\system32\drivers\arcsas.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - aswArDisk (aswArDisk) -> C:\Windows\system32\drivers\aswArDisk.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [File System Driver] - aswbidsh (aswbidsh) -> C:\Windows\system32\drivers\aswbidsh.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [File System Driver] - aswbuniv (aswbuniv) -> C:\Windows\system32\drivers\aswbuniv.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - aswElam (aswElam) -> C:\Windows\system32\drivers\aswElam.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - aswRvrt (aswRvrt) -> C:\Windows\system32\drivers\aswRvrt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - aswVmm (aswVmm) -> C:\Windows\system32\drivers\aswVmm.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - atapi (Canal IDE) -> C:\Windows\system32\drivers\atapi.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - b06bdrv (Carte réseau QLogic VBD) -> C:\Windows\system32\drivers\bxvbda.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - bttflt (Filtre Microsoft Hyper-V VHDPMEM BTT) -> C:\Windows\system32\drivers\bttflt.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - cht4iscsi (cht4iscsi) -> C:\Windows\system32\drivers\cht4sx64.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - CLFS (Common Log (CLFS)) -> C:\Windows\system32\drivers\CLFS.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - CNG (CNG) -> C:\Windows\system32\Drivers\cng.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - disk (Pilote de disque) -> C:\Windows\system32\drivers\disk.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - ebdrv (Carte QLogic 10 Gigabit Ethernet VBD) -> C:\Windows\system32\drivers\evbda.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - EhStorClass (Enhanced Storage Filter Driver) -> C:\Windows\system32\drivers\EhStorClass.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - EhStorTcgDrv (Pilote Microsoft pour dispositif de stockage prenant en charge les protocoles IEEE 1667 et TCG) -> C:\Windows\system32\drivers\EhStorTcgDrv.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [File System Driver] - FileInfo (File Information FS MiniFilter) -> C:\Windows\system32\drivers\fileinfo.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [File System Driver] - FltMgr (FltMgr) -> C:\Windows\system32\drivers\fltmgr.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - fvevol (Pilote de filtre de chiffrement de lecteur BitLocker) -> C:\Windows\system32\DRIVERS\fvevol.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - HpSAMD (HpSAMD) -> C:\Windows\system32\drivers\HpSAMD.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - hwpolicy (Hardware Policy Driver) -> C:\Windows\system32\drivers\hwpolicy.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - iaStorAVC (Contrôleur RAID SATA de circuit microprogrammé Intel) -> C:\Windows\system32\drivers\iaStorAVC.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - iaStorV (Contrôleur RAID Intel Windows 7) -> C:\Windows\system32\drivers\iaStorV.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - intelide (intelide) -> C:\Windows\system32\drivers\intelide.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - intelpep (Pilote de plug-in du moteur d’alimentation Intel(R)) -> C:\Windows\system32\drivers\intelpep.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - iorate (Pilote du filtre du taux d’E/S du disque) -> C:\Windows\system32\drivers\iorate.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - isapnp (isapnp) -> C:\Windows\system32\drivers\isapnp.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - ItSas35i (ItSas35i) -> C:\Windows\system32\drivers\ItSas35i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - KSecDD (KSecDD) -> C:\Windows\system32\Drivers\ksecdd.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - KSecPkg (KSecPkg) -> C:\Windows\system32\Drivers\ksecpkg.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - LSI_SAS (LSI_SAS) -> C:\Windows\system32\drivers\lsi_sas.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - LSI_SAS2i (LSI_SAS2i) -> C:\Windows\system32\drivers\lsi_sas2i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - LSI_SAS3i (LSI_SAS3i) -> C:\Windows\system32\drivers\lsi_sas3i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - LSI_SSS (LSI_SSS) -> C:\Windows\system32\drivers\lsi_sss.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - megasas (megasas) -> C:\Windows\system32\drivers\megasas.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - megasas2i (megasas2i) -> C:\Windows\system32\drivers\MegaSas2i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - megasas35i (megasas35i) -> C:\Windows\system32\drivers\megasas35i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - megasr (megasr) -> C:\Windows\system32\drivers\megasr.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - mountmgr (Gestionnaire des points de montage) -> C:\Windows\system32\drivers\mountmgr.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - msisadrv (msisadrv) -> C:\Windows\system32\drivers\msisadrv.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - MsSecFlt (Minifiltre du composant Événements de sécurité de Microsoft) -> C:\Windows\system32\drivers\mssecflt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [File System Driver] - Mup (Mup) -> C:\Windows\system32\Drivers\mup.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - mvumis (mvumis) -> C:\Windows\system32\drivers\mvumis.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - NDIS (Pilote système NDIS) -> C:\Windows\system32\drivers\ndis.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - nvdimm (Pilote de périphérique NVDIMM Microsoft) -> C:\Windows\system32\drivers\nvdimm.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - nvraid (nvraid) -> C:\Windows\system32\drivers\nvraid.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - nvstor (nvstor) -> C:\Windows\system32\drivers\nvstor.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - partmgr (Gestionnaire de partitions) -> C:\Windows\system32\drivers\partmgr.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - pci (Pilote de bus PCI) -> C:\Windows\system32\drivers\pci.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - pciide (pciide) -> C:\Windows\system32\drivers\pciide.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - pcmcia (pcmcia) -> C:\Windows\system32\drivers\pcmcia.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> C:\Windows\system32\drivers\pcw.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - pdc (CDP) -> C:\Windows\system32\drivers\pdc.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - percsas2i (percsas2i) -> C:\Windows\system32\drivers\percsas2i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - percsas3i (percsas3i) -> C:\Windows\system32\drivers\percsas3i.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - pmem (Pilote de disque de mémoire persistante Microsoft) -> C:\Windows\system32\drivers\pmem.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - Ramdisk (Windows RAM Disk Driver) -> C:\Windows\system32\DRIVERS\ramdisk.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> C:\Windows\system32\drivers\rdyboost.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - sbp2port (Pilote de bus de transport/protocole SBP-2) -> C:\Windows\system32\drivers\sbp2port.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - scmbus (Pilote de bus de mémoire de classe stockage Microsoft) -> C:\Windows\system32\drivers\scmbus.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - SgrmAgent (System Guard Runtime Monitor Agent) -> C:\Windows\system32\drivers\SgrmAgent.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - SiSRaid2 (SiSRaid2) -> C:\Windows\system32\drivers\SiSRaid2.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - SiSRaid4 (SiSRaid4) -> C:\Windows\system32\drivers\sisraid4.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - SmartSAMD (SmartSAMD) -> C:\Windows\system32\drivers\SmartSAMD.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - spaceport (Pilote des espaces de stockage) -> C:\Windows\system32\drivers\spaceport.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - stexstor (stexstor) -> C:\Windows\system32\drivers\stexstor.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - storahci (Lecteur AHCI SATA Microsoft standard) -> C:\Windows\system32\drivers\storahci.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - storflt (Accélérateur de stockage Microsoft Hyper-V) -> C:\Windows\system32\drivers\vmstorfl.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - stornvme (Pilote NVM Express standard de Microsoft) -> C:\Windows\system32\drivers\stornvme.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - storufs (Pilote Universal Flash Storage (UFS) Microsoft) -> C:\Windows\system32\drivers\storufs.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - storvsc (storvsc) -> C:\Windows\system32\drivers\storvsc.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - Tcpip (Pilote pour protocole TCP/IP) -> C:\Windows\system32\drivers\tcpip.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - Telemetry (Service de télémétrie Intel(R)) -> C:\Windows\system32\drivers\IntelTA.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - vdrvroot (Énumérateur de lecteur virtuel Microsoft) -> C:\Windows\system32\drivers\vdrvroot.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - vmbus (Bus VMBus) -> C:\Windows\system32\drivers\vmbus.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - volmgr (Pilote du gestionnaire de volumes) -> C:\Windows\system32\drivers\volmgr.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - volmgrx (Gestionnaire de volumes dynamiques) -> C:\Windows\system32\drivers\volmgrx.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - volsnap (Pilote de cliché instantané du volume) -> C:\Windows\system32\drivers\volsnap.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - volume (Pilote de volume) -> C:\Windows\system32\drivers\volume.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S0 - [Kernel Driver] - vpci (Bus PCI virtuel Microsoft Hyper-V) -> C:\Windows\system32\drivers\vpci.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - vsmraid (vsmraid) -> C:\Windows\system32\drivers\vsmraid.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False S0 - [Kernel Driver] - VSTXRAID (Pilote Windows du contrôleur RAID de stockage VIA StorX) -> C:\Windows\system32\drivers\vstxraid.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R0 - [Kernel Driver] - Wdf01000 (Service Infrastructure de pilote en mode noyau) -> C:\Windows\system32\drivers\Wdf01000.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - WFPLWFS (Plateforme de filtrage Microsoft Windows) -> C:\Windows\system32\drivers\wfplwfs.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> C:\Windows\system32\drivers\WindowsTrustedRT.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [Kernel Driver] - WindowsTrustedRTProxy (Service sécurisé d'exécution approuvée Microsoft Windows) -> C:\Windows\system32\drivers\WindowsTrustedRTProxy.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R0 - [File System Driver] - Wof (Windows Overlay File System Filter Driver) -> C:\Windows\system32\drivers\Wof.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - AFD (Pilote de fonction connexe pour Winsock) -> C:\Windows\system32\drivers\afd.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - afunix (afunix) -> C:\Windows\system32\drivers\afunix.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - ahcache (Application Compatibility Cache) -> C:\Windows\system32\DRIVERS\ahcache.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - aswArPot (aswArPot) -> C:\Windows\system32\drivers\aswArPot.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - aswbidsdriver (aswbidsdriver) -> C:\Windows\system32\drivers\aswbidsdriver.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - aswKbd (aswKbd) -> C:\Windows\system32\drivers\aswKbd.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - aswMonFlt (aswMonFlt) -> C:\Windows\system32\drivers\aswMonFlt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - aswNetHub (aswNetHub) -> C:\Windows\system32\drivers\aswNetHub.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - aswRdr (aswRdr) -> C:\Windows\system32\drivers\aswRdr2.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - aswSnx (aswSnx) -> C:\Windows\system32\drivers\aswSnx.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - aswSP (aswSP) -> C:\Windows\system32\drivers\aswSP.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - bam (Background Activity Moderator Driver) -> C:\Windows\system32\drivers\bam.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - BasicDisplay (BasicDisplay) -> C:\Windows\system32\DriverStore\FileRepository\basicdisplay.inf_amd64_65ab9a260dbf7467\BasicDisplay.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - BasicRender (BasicRender) -> C:\Windows\system32\DriverStore\FileRepository\basicrender.inf_amd64_df49c4daa6251397\BasicRender.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - Beep (Beep) -> C:\Windows\system32\drivers\Beep.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - cdrom (Pilote de CD-ROM) -> C:\Windows\system32\drivers\cdrom.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - CimFS (CimFS) -> C:\Windows\system32\drivers\CimFS.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - CSC (Pilote Fichiers hors connexion) -> C:\Windows\system32\drivers\csc.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False S1 - [Kernel Driver] - dam (Desktop Activity Moderator Driver) -> C:\Windows\system32\drivers\dam.sys - AcceptPause : False - AcceptStop : False - DesktopInteract : False R1 - [File System Driver] - Dfsc (Pilote du client de l’espace de noms DFS) -> C:\Windows\system32\Drivers\dfsc.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - DXGKrnl (LDDM Graphics Subsystem) -> C:\Windows\system32\drivers\dxgkrnl.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - FileCrypt (FileCrypt) -> C:\Windows\system32\drivers\filecrypt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - GpuEnergyDrv (GPU Energy Driver) -> C:\Windows\system32\drivers\gpuenergydrv.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - Msfs (Msfs) -> C:\Windows\system32\drivers\Msfs.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - mssmbios (Microsoft System Management BIOS Driver) -> C:\Windows\system32\drivers\mssmbios.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - NdisCap (Capture NDIS Microsoft) -> C:\Windows\system32\drivers\ndiscap.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - NetBIOS (NetBIOS Interface) -> C:\Windows\system32\drivers\netbios.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - NetBT (NetBT) -> C:\Windows\system32\DRIVERS\netbt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - Npfs (Npfs) -> C:\Windows\system32\drivers\Npfs.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - npsvctrig (Named pipe service trigger provider) -> C:\Windows\system32\drivers\npsvctrig.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - nsiproxy (NSI Proxy Service Driver) -> C:\Windows\system32\drivers\nsiproxy.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - Null (Null) -> C:\Windows\system32\drivers\Null.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - Psched (Planificateur de paquets QoS) -> C:\Windows\system32\drivers\pacer.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [File System Driver] - rdbss (Sous-système de mise en mémoire tampon redirigée) -> C:\Windows\system32\DRIVERS\rdbss.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - tdx (Pilote de prise en charge TDI héritée NetIO) -> C:\Windows\system32\DRIVERS\tdx.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - Vid (Vid) -> C:\Windows\system32\drivers\Vid.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R1 - [Kernel Driver] - vwififlt (Virtual WiFi Filter Driver) -> C:\Windows\system32\drivers\vwififlt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - aswStm (aswStm) -> C:\Windows\system32\drivers\aswStm.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [File System Driver] - bindflt (Windows Bind Filter Driver) -> C:\Windows\system32\drivers\bindflt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [File System Driver] - CldFlt (Windows Cloud Files Filter Driver) -> C:\Windows\system32\drivers\cldflt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - AudioEndpointBuilder (Générateur de points de terminaison du service Audio Windows) -> C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - Audiosrv (Audio Windows) -> C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - avast! Antivirus (Avast Antivirus) -> "C:\Program Files\Avast Software\Avast\AvastSvc.exe" /runassvc - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - avast! Firewall (Avast Firewall Service) -> "C:\Program Files\Avast Software\Avast\afwServ.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - avast! Tools (Avast Tools) -> "C:\Program Files\Avast Software\Avast\aswToolsSvc.exe" /runassvc - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - AvastWscReporter (AvastWscReporter) -> "C:\Program Files\Avast Software\Avast\wsc_proxy.exe" /runassvc /rpcserver - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - BFE (Moteur de filtrage de base) -> C:\Windows\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - BITS (Service de transfert intelligent en arrière-plan) -> C:\Windows\System32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - BrokerInfrastructure (Service d’infrastructure des tâches en arrière-plan) -> C:\Windows\system32\svchost.exe -k DcomLaunch -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - CDPSvc (Service de plateforme des appareils connectés) -> C:\Windows\system32\svchost.exe -k LocalService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - CleanupPSvc (Avast Cleanup) -> "C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - CoreMessagingRegistrar (CoreMessaging) -> C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - CryptSvc (Services de chiffrement) -> C:\Windows\system32\svchost.exe -k NetworkService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - DcomLaunch (Lanceur de processus serveur DCOM) -> C:\Windows\system32\svchost.exe -k DcomLaunch -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Kernel Driver] - lltdio (Pilote E/S de mappage de découverte de topologie de la couche de liaison) -> C:\Windows\system32\drivers\lltdio.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [File System Driver] - luafv (Virtualisation de fichier UAC) -> C:\Windows\system32\drivers\luafv.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - MMCSS (Multimedia Class Scheduler) -> C:\Windows\system32\drivers\mmcss.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - MsLldp (Protocole LLDP (Link Layer Discovery Protocol) Microsoft) -> C:\Windows\system32\drivers\mslldp.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - Ndu (Windows Network Data Usage Monitoring Driver) -> C:\Windows\system32\drivers\Ndu.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> C:\Windows\system32\drivers\peauth.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - rspndr (Répondeur de découverte de la topologie de la couche de liaison) -> C:\Windows\system32\drivers\rspndr.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [File System Driver] - storqosflt (Pilote de filtre de qualité de service de stockage) -> C:\Windows\system32\drivers\storqosflt.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> C:\Windows\system32\drivers\tcpipreg.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - Dhcp (Client DHCP) -> C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - DiagTrack (Expériences des utilisateurs connectés et télémétrie) -> C:\Windows\System32\svchost.exe -k utcsvc -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - DispBrokerDesktopSvc (Service de stratégie d'affichage) -> C:\Windows\system32\svchost.exe -k LocalService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - Dnscache (Client DNS) -> C:\Windows\system32\svchost.exe -k NetworkService -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - DPS (Service de stratégie de diagnostic) -> C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - DriverUpdSvc (Avast Driver Updater) -> "C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - DusmSvc (Consommation des données) -> C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False S2 - [Own Process] - edgeupdate (Microsoft Edge Update Service (edgeupdate)) -> "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - EventLog (Journal d’événements Windows) -> C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - EventSystem (Système d’événement COM+) -> C:\Windows\system32\svchost.exe -k LocalService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - FontCache (Service de cache de police Windows) -> C:\Windows\system32\svchost.exe -k LocalService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - gpsvc (Client de stratégie de groupe) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False S2 - [Own Process] - gupdate (Service Google Update (gupdate)) -> "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Kernel Driver] - wanarp (Pilote ARP IP d’accès à distance) -> C:\Windows\system32\DRIVERS\wanarp.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [File System Driver] - wcifs (Windows Container Isolation) -> C:\Windows\system32\drivers\wcifs.sys - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - IKEEXT (Modules de génération de clés IKE et AuthIP) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - iphlpsvc (Assistance IP) -> C:\Windows\System32\svchost.exe -k NetSvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - LanmanServer (Serveur) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - LanmanWorkstation (Station de travail) -> C:\Windows\System32\svchost.exe -k NetworkService -p - AcceptPause : True - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - LSM (Gestionnaire de session locale) -> C:\Windows\system32\svchost.exe -k DcomLaunch -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False S2 - [Own Process] - MapsBroker (Gestionnaire des cartes téléchargées) -> C:\Windows\System32\svchost.exe -k NetworkService -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - mpssvc (Pare-feu Windows Defender) -> C:\Windows\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - NlaSvc (Connaissance des emplacements réseau) -> C:\Windows\System32\svchost.exe -k NetworkService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - nsi (Service Interface du magasin réseau) -> C:\Windows\system32\svchost.exe -k LocalService -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - NvContainerLocalSystem (NVIDIA LocalSystem Container) -> "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - NVDisplay.ContainerLocalSystem (NVIDIA Display Container LS) -> C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_3b12ac0f95b18b9d\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_3b12ac0f95b18b9d\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - Origin Web Helper Service (Origin Web Helper Service) -> "C:\Program Files (x86)\Origin\OriginWebHelperService.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - Power (Alimentation) -> C:\Windows\system32\svchost.exe -k DcomLaunch -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - ProfSvc (Service de profil utilisateur) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - RasMan (Gestionnaire des connexions d’accès à distance) -> C:\Windows\System32\svchost.exe -k netsvcs - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - RpcEptMapper (Mappeur de point de terminaison RPC) -> C:\Windows\system32\svchost.exe -k RPCSS -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - RpcSs (Appel de procédure distante (RPC)) -> C:\Windows\system32\svchost.exe -k rpcss -p - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - SamSs (Gestionnaire de comptes de sécurité) -> C:\Windows\system32\lsass.exe - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - Schedule (Planificateur de tâches) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - SecureLine (Avast SecureLine VPN) -> "C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - SENS (Service de notification d’événements système) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - SgrmBroker (Service Broker du moniteur d'exécution System Guard) -> C:\Windows\system32\SgrmBroker.exe - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - ShellHWDetection (Détection matériel noyau) -> C:\Windows\System32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - Spooler (Spouleur d’impression) -> C:\Windows\System32\spoolsv.exe - AcceptPause : False - AcceptStop : True - DesktopInteract : True S2 - [Own Process] - sppsvc (Protection logicielle) -> C:\Windows\system32\sppsvc.exe - AcceptPause : False - AcceptStop : False - DesktopInteract : False R2 - [Share Process] - StorSvc (Service de stockage) -> C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - SysMain (SysMain) -> C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - SystemEventsBroker (Service Broker des événements système) -> C:\Windows\system32\svchost.exe -k DcomLaunch -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - TeamViewer (TeamViewer) -> "C:\Program Files\TeamViewer\TeamViewer_Service.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - Themes (Thèmes) -> C:\Windows\System32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - TrkWks (Client de suivi de lien distribué) -> C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - UserManager (Gestionnaire des utilisateurs) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - UsoSvc (Mettre à jour le service Orchestrator) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - Wcmsvc (Gestionnaire des connexions Windows) -> C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - Winmgmt (Infrastructure de gestion Windows) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : True - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - WpnService (Service du système de notifications Push Windows) -> C:\Windows\system32\svchost.exe -k netsvcs -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Share Process] - wscsvc (Centre de sécurité) -> C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - WSearch (Windows Search) -> C:\Windows\system32\SearchIndexer.exe /Embedding - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Own Process] - CAMService (CAM Service) -> "C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\target\x86_64-pc-windows-msvc\release\service.exe" - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Unknown] - CDPUserSvc_5fb247a (Service pour utilisateur de plateforme d’appareils connectés_5fb247a) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Unknown] - OneSyncSvc_5fb247a (Hôte de synchronisation_5fb247a) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup - AcceptPause : False - AcceptStop : True - DesktopInteract : False R2 - [Unknown] - WpnUserService_5fb247a (Service utilisateur de notifications Push Windows_5fb247a) -> C:\Windows\system32\svchost.exe -k UnistackSvcGroup - AcceptPause : False - AcceptStop : True - DesktopInteract : False ---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted) ---------- | Uninstall (Whitelist) [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Discord] : (Discord.-.Discord Inc.) -> C:\Users\bette\AppData\Local\Discord\Update.exe --uninstall [HKU\S-1-5-21-3647221497-3949391349-1226619127-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Riot Game league_of_legends.live] : (League of Legends.-.Riot Games, Inc) -> "C:\Riot Games\Riot Client\RiotClientServices.exe" --uninstall-product=league_of_legends --uninstall-patchline=live [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\ac0666ae-ee66-5310-ac01-9d6348133b2d] : (NZXT CAM 4.34.1.-.NZXT, Inc.) -> "C:\Program Files\NZXT CAM\Uninstall NZXT CAM.exe" /allusers [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AMD Catalyst Install Manager] : (AMD Software.-.Advanced Micro Devices, Inc.) -> "C:\Program Files\AMD\CIM\Bin64\RadeonInstaller.exe" /EXPRESS_UNINSTALL /IGNORE_UPGRADE /ON_REBOOT_MESSAGE:NO [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Avast Antivirus] : (Avast One.-.Avast Software) -> C:\Program Files\Avast Software\Avast\setup\Instup.exe /control_panel ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CPUID HWMonitor_is1] : (CPUID HWMonitor 1.45.-.CPUID, Inc.) -> "C:\Program Files\CPUID\HWMonitor\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Kickstart_is1] : (Nicky Romero Kickstart 1.0.9.-.Nicky Romero) -> "C:\Program Files\Nicky Romero\Kickstart\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\TeamViewer] : (TeamViewer.-.TeamViewer) -> "C:\Program Files\TeamViewer\uninstall.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WinRAR archiver] : (WinRAR 6.10 (64-bit).-.win.rar GmbH) -> C:\Program Files\WinRAR\uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Xfer Records Serum-r4e_is1] : (Xfer Records Serum 1.33b4.-.Xfer Records) -> "C:\Program Files\Image-Line\FL Studio 20\Plugins\Fruity\Generators\Serum\Xfer Records\Serum\Uninstall\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0666EDD6-4E2A-4D0B-B525-585F7D777BCA}] : (DriversCloud.com.-.Cybelsoft) -> MsiExec.exe /I{0666EDD6-4E2A-4D0B-B525-585F7D777BCA} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A49A0C51-914A-36A0-B6C2-D34A4BF8710A}] : (Google Chrome.-.Google LLC) -> MsiExec.exe /X{A49A0C51-914A-36A0-B6C2-D34A4BF8710A} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver] : (NVIDIA Pilote graphique 511.79.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience] : (NVIDIA GeForce Experience 3.25.0.84.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus] : (NVIDIA Optimus Update 39.3.0.0.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX] : (NVIDIA Logiciel système PhysX 9.21.0713.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] : (Mises à jour NVIDIA 39.3.0.0.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk] : (NVIDIA FrameView SDK 1.2.7321.30900954.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage FrameViewSdk ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv] : (NVIDIA SHIELD Streaming.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GpxCommon.Oss] : (NVIDIA GPX Common OSS binaries (POCO, OpenSSL, libprotobuf).-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver] : (NVIDIA Pilote audio HD : 1.3.39.3.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage HDAudio.Driver ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] : (NVIDIA Install Application.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend] : (NVIDIA Backend.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer] : (NVIDIA Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ContainerTelemetryApiHelper] : (NVIDIA TelemetryApi helper for NvContainer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem] : (NVIDIA LocalSystem Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus] : (NVIDIA Message Bus for NvContainer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor] : (NVIDIA NVAPI Monitor plugin for NvContainer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.ServiceUser] : (NVIDIA NetworkService Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session] : (NVIDIA Session Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User] : (NVIDIA User Container.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver] : (NvModuleTracker.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs] : (NVIDIA NodeJS.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog] : (NVIDIA Watchdog Plugin for NvContainer.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry] : (NVIDIA Telemetry Client.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvVHCI] : (NVIDIA Virtual Host Controller.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC] : (Nvidia Share.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay] : (NVIDIA ShadowPlay 3.25.0.84.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController] : (NVIDIA SHIELD Wireless Controller Driver.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core] : (NVIDIA Update Core.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver] : (NVIDIA Virtual Audio 4.39.0.0.-.NVIDIA Corporation) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{CA3ADD9D-8FE5-5415-FCE1-E698A5F69B34}] : (AMD Software.-.Advanced Micro Devices, Inc.) -> msiexec /q/x{CA3ADD9D-8FE5-5415-FCE1-E698A5F69B34} REBOOT=ReallySuppress ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}] : (Epic Games Launcher Prerequisites (x64).-.Epic Games, Inc.) -> MsiExec.exe /X{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AMD_Chipset_IODrivers] : (AMD Chipset Software.-.Advanced Micro Devices, Inc.) -> "C:\Program Files (x86)\AMD\Chipset_Software\QT_Dependencies\Setup.exe" /U {dbcf4266-3862-4a04-b4bd-2d0c58af4186} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\ASIO4ALL] : (ASIO4ALL.-.Michael Tippach) -> C:\Program Files (x86)\ASIO4ALL v2\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Battle.net] : (Battle.net.-.Blizzard Entertainment) -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=frFR --uid=battle.net --displayname="Battle.net" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\FL Studio 20] : (FL Studio 20.-.Image-Line) -> C:\Program Files\Image-Line\FL Studio 20\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\FL Studio ASIO] : (FL Studio ASIO.-.Image-Line) -> C:\Program Files\Image-Line\FL Studio ASIO\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Microsoft Edge Update] : (Microsoft Edge Update.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Origin] : (Origin.-.Electronic Arts, Inc.) -> C:\Program Files (x86)\Origin\OriginUninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Red Dead Redemption 2] : (Red Dead Redemption 2.-.Rockstar Games) -> "C:\Program Files\Rockstar Games\Launcher\Launcher.exe" -enableFullMode -uninstall=rdr2 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Rockstar Games Launcher] : (Rockstar Games Launcher.-.Rockstar Games) -> "C:\Program Files\Rockstar Games\Launcher\uninstall.exe" -enableFullMode -uninstall=launcher [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Rockstar Games Social Club] : (Rockstar Games Social Club.-.Rockstar Games) -> C:\Program Files\Rockstar Games\Social Club\uninstallRGSCRedistributable.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam] : (Steam.-.Valve Corporation) -> C:\Program Files (x86)\Steam\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{32C68D93-D32F-4B01-8250-61642BFC22F8}] : (Epic Online Services.-.Epic Games, Inc.) -> MsiExec.exe /X{32C68D93-D32F-4B01-8250-61642BFC22F8} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{43a03b9c-4770-409c-a999-587b60700b63}] : (Launcher Prerequisites (x64).-.Epic Games, Inc.) -> "C:\ProgramData\Package Cache\{43a03b9c-4770-409c-a999-587b60700b63}\LauncherPrereqSetup_x64.exe" /uninstall ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7777BD2B-3159-481F-B7BE-CDCA7437506E}] : (AMD Embedded SMBus Driver.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{7777BD2B-3159-481F-B7BE-CDCA7437506E} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}] : (AMD PCI Driver.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{80EC3CEE-2940-42A1-A776-B5D810D39F1E} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{829757CD-C7EC-470B-A384-5C81698CDB1D}] : (AMD WDT Driver.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{829757CD-C7EC-470B-A384-5C81698CDB1D} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}] : (Realtek Ethernet Controller Driver.-.Realtek) -> "C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe" -runfromtemp -removeonly ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{988F14B8-79A8-475D-BAC7-83F96AD3D821}] : (AMD PSP Driver.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{988F14B8-79A8-475D-BAC7-83F96AD3D821} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}] : (AMD Ryzen Balanced Driver.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{A171D320-C42C-4F3B-A2D8-C6A09F6788CC} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}] : (AMD SBxxx SMBus Driver.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{AAE0E27D-C88A-49BA-8715-77ADCD4286A3} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BE9FFAD2-2901-4F9B-8A0C-59EA51773212}] : (Epic Games Launcher.-.Epic Games, Inc.) -> MsiExec.exe /X{BE9FFAD2-2901-4F9B-8A0C-59EA51773212} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D7FBF176-382D-484E-863A-DFD1124A2A1C}] : (Apex Legends.-.Electronic Arts, Inc.) -> "C:\Program Files\Common Files\EAInstaller\Apex\Cleanup.exe" uninstall_game -autologging ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{dbcf4266-3862-4a04-b4bd-2d0c58af4186}] : (AMD_Chipset_Drivers.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{dbcf4266-3862-4a04-b4bd-2d0c58af4186} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}] : (AMD GPIO2 Driver.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EFD0705E-598B-46D4-8D5B-4539431764B8}] : (Balanced.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{EFD0705E-598B-46D4-8D5B-4539431764B8} ---------- | Ports ---------- | Installer [HKCR\Installer\Products\023D171AC24CB3F42A8D6C0AF97688CC] : AMD Ryzen Balanced Driver -> C:\Windows\Installer\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}\ARPPRODUCTICON.exe [HKCR\Installer\Products\15C0A94AA4190A636B2C3DA4B48F17A0] : Google Chrome -> C:\Windows\Installer\{A49A0C51-914A-36A0-B6C2-D34A4BF8710A}\icon.ico [HKCR\Installer\Products\2DAFF9EB1092B9F4A8C095AE15772321] : Epic Games Launcher -> C:\Windows\Installer\{BE9FFAD2-2901-4F9B-8A0C-59EA51773212}\Installer.ico [HKCR\Installer\Products\39D86C23F23D10B428051646B2CF228F] : Epic Online Services -> C:\Windows\Installer\{32C68D93-D32F-4B01-8250-61642BFC22F8}\Installer.ico [HKCR\Installer\Products\499C5C9F9B6F57D43B7EDA108B04379E] : Epic Games Launcher Prerequisites (x64) -> C:\Windows\Installer\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}\UnrealEngineLauncher.ico [HKCR\Installer\Products\6624fcbd268340a44bdbd2c085fa1468] : AMD_Chipset_Drivers -> C:\Windows\Installer\{dbcf4266-3862-4a04-b4bd-2d0c58af4186}\ARPPRODUCTICON.exe [HKCR\Installer\Products\6DDE6660A2E4B0D45B5285F5D777B7AC] : DriversCloud.com -> C:\Windows\Installer\{0666EDD6-4E2A-4D0B-B525-585F7D777BCA}\DriversCloud.exe [HKCR\Installer\Products\8B41F8898A97D574AB7C389FA63D8D12] : AMD PSP Driver -> C:\Windows\Installer\{988F14B8-79A8-475D-BAC7-83F96AD3D821}\ARPPRODUCTICON.exe [HKCR\Installer\Products\B2DB77779513F1847BEBDCAC477305E6] : AMD Embedded SMBus Driver -> C:\Windows\Installer\{7777BD2B-3159-481F-B7BE-CDCA7437506E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D72E0EAAA88CAB94785177DADC24683A] : AMD SBxxx SMBus Driver -> C:\Windows\Installer\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D9DDA3AC5EF85145CF1E6E895A6FB943] : AMD Software -> C:\Windows\Installer\{CA3ADD9D-8FE5-5415-FCE1-E698A5F69B34}\ARPPRODUCTICON.exe [HKCR\Installer\Products\DC757928CE7CB0743A48C51896C8BDD1] : AMD WDT Driver -> C:\Windows\Installer\{829757CD-C7EC-470B-A384-5C81698CDB1D}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E5070DFEB8954D64D8B554933471468B] : Balanced -> C:\Windows\Installer\{EFD0705E-598B-46D4-8D5B-4539431764B8}\ARPPRODUCTICON.exe [HKCR\Installer\Products\EEC3CE0804921A247A675B8D013DF9E1] : AMD PCI Driver -> C:\Windows\Installer\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F993DD9E3A12E9747AFD6DFCB4A2BD3F] : AMD GPIO2 Driver -> C:\Windows\Installer\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}\ARPPRODUCTICON.exe ---------- | UserSettings [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\381b4222-f694-41f0-9685-ff5bb260df2e]~[Description] : @%SystemRoot%\system32\powrprof.dll,-14,Automatically balances performance with energy consumption on capable hardware. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\381b4222-f694-41f0-9685-ff5bb260df2e]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-15,Balanced (recommended) [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\3af9B8d9-7c97-431d-ad78-34a8bfea439f]~[Description] : @%SystemRoot%\system32\powrprof.dll,-1400,Favor performance instead of energy savings. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\3af9B8d9-7c97-431d-ad78-34a8bfea439f]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-1401,High Performance Overlay [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c]~[Description] : @%SystemRoot%\system32\powrprof.dll,-12,Favors performance, but may use more energy. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-13,High Performance [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\961cc777-2547-4f9d-8174-7d86181b8a7a]~[Description] : @%SystemRoot%\system32\powrprof.dll,-1404,Favor energy savings over performance. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\961cc777-2547-4f9d-8174-7d86181b8a7a]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-1405,Better Battery-life Overlay [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\a1841308-3541-4fab-bc81-f71556f20b4a]~[Description] : @%SystemRoot%\system32\powrprof.dll,-10,Saves energy by reducing your computer performance where possible. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\a1841308-3541-4fab-bc81-f71556f20b4a]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-11,Power Saver [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\ded574b5-45a0-4f42-8737-46345c09c238]~[Description] : @%SystemRoot%\system32\powrprof.dll,-1402,Maximize bias towards performance instead of energy savings. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\ded574b5-45a0-4f42-8737-46345c09c238]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-1403,Max Performance Overlay [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\e9a42b02-d5df-448d-aa00-03f14749eb61]~[Description] : @%SystemRoot%\system32\powrprof.dll,-18,Provides ultimate performance on higher end PCs. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Power\User\PowerSchemes\e9a42b02-d5df-448d-aa00-03f14749eb61]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-19,Ultimate Performance [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|Version [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|SequenceNumber [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|Microsoft.Windows.Search_cw5n1h2txyewy [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Windows\explorer.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|MicrosoftWindows.Client.CBS_cw5n1h2txyewy [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Windows\System32\ApplicationFrameHost.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|windows.immersivecontrolpanel_cw5n1h2txyewy [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Windows\SysWOW64\msiexec.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Riot Games\Riot Client\UX\RiotClientUx.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Riot Games\League of Legends\LeagueClient.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Riot Games\League of Legends\LeagueClientUx.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|Microsoft.XboxGamingOverlay_8wekyb3d8bbwe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Windows\System32\rundll32.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|Microsoft.WindowsStore_8wekyb3d8bbwe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Riot Games\League of Legends\Game\League of Legends.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|Microsoft.SkypeApp_kzf8qxf38zg5c [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Windows\System32\Taskmgr.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Users\bette\AppData\Local\Discord\app-1.0.9004\Discord.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|SpotifyAB.SpotifyMusic_zpdnekdrzrea0 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files\WinRAR\WinRAR.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files (x86)\Origin\Origin.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|Microsoft.ScreenSketch_8wekyb3d8bbwe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|Microsoft.LockApp_cw5n1h2txyewy [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files (x86)\Origin Games\Apex\r5apex.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files (x86)\Steam\Steam.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|Microsoft.ZuneVideo_8wekyb3d8bbwe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files\Rockstar Games\Launcher\Launcher.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files\Rockstar Games\Social Club\SocialClubHelper.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files\Rockstar Games\Red Dead Redemption 2\RDR2.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files (x86)\Origin\EALink.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Users\bette\AppData\Local\Temp\~nsu.tmp\Un_A.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Windows\System32\notepad.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|Microsoft.Windows.Photos_8wekyb3d8bbwe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Notification.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Users\bette\Downloads\Image Line - FLStudio 20.8.3 WiN AUDiOWAREZ\flstudio_win_20.8.3.2304.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files\Image-Line\FL Studio 20\ASIO4ALL.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Windows\regedit.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Windows\System32\OpenWith.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files\Image-Line\FL Studio 20\FL64.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Users\bette\AppData\Local\Temp\is-HO47N.tmp\Setup.tmp [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files\Image-Line\FL Studio 20\System\Tools\Plugin Manager\PluginManager.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Windows\System32\cmd.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|Microsoft.ZuneMusic_8wekyb3d8bbwe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Users\bette\AppData\Local\Temp\is-882KV.tmp\Nicky Romero - Kickstart 1.0.9 Setup.tmp [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Users\bette\AppData\Local\Temp\is-VIRJ0.tmp\Nicky Romero - Kickstart 1.0.9 Setup.tmp [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Users\bette\AppData\Local\Temp\is-DKITH.tmp\Nicky Romero - Kickstart 1.0.9 Setup.tmp [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Users\bette\AppData\Local\Temp\is-U6UHS.tmp\Nicky Romero - Kickstart 1.0.9 Setup.tmp [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Users\bette\AppData\Local\Temp\is-PGGUA.tmp\Nicky Romero - Kickstart 1.0.9 Setup.tmp [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Users\bette\AppData\Local\Temp\is-4RKHC.tmp\Nicky Romero - Kickstart 1.0.9 Setup.tmp [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files\CPUID\HWMonitor\HWMonitor.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Users\bette\Downloads\NZXT-CAM-Setup.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files\NZXT CAM\NZXT CAM.exe [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Users\bette\Downloads\QuickDiag.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\381b4222-f694-41f0-9685-ff5bb260df2e]~[Description] : @%SystemRoot%\system32\powrprof.dll,-14,Automatically balances performance with energy consumption on capable hardware. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\381b4222-f694-41f0-9685-ff5bb260df2e]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-15,Balanced (recommended) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\3af9B8d9-7c97-431d-ad78-34a8bfea439f]~[Description] : @%SystemRoot%\system32\powrprof.dll,-1400,Favor performance instead of energy savings. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\3af9B8d9-7c97-431d-ad78-34a8bfea439f]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-1401,High Performance Overlay [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c]~[Description] : @%SystemRoot%\system32\powrprof.dll,-12,Favors performance, but may use more energy. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-13,High Performance [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\961cc777-2547-4f9d-8174-7d86181b8a7a]~[Description] : @%SystemRoot%\system32\powrprof.dll,-1404,Favor energy savings over performance. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\961cc777-2547-4f9d-8174-7d86181b8a7a]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-1405,Better Battery-life Overlay [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\a1841308-3541-4fab-bc81-f71556f20b4a]~[Description] : @%SystemRoot%\system32\powrprof.dll,-10,Saves energy by reducing your computer performance where possible. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\a1841308-3541-4fab-bc81-f71556f20b4a]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-11,Power Saver [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\ded574b5-45a0-4f42-8737-46345c09c238]~[Description] : @%SystemRoot%\system32\powrprof.dll,-1402,Maximize bias towards performance instead of energy savings. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\ded574b5-45a0-4f42-8737-46345c09c238]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-1403,Max Performance Overlay [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\e9a42b02-d5df-448d-aa00-03f14749eb61]~[Description] : @%SystemRoot%\system32\powrprof.dll,-18,Provides ultimate performance on higher end PCs. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\e9a42b02-d5df-448d-aa00-03f14749eb61]~[FriendlyName] : @%SystemRoot%\system32\powrprof.dll,-19,Ultimate Performance [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|Version [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|SequenceNumber [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|Microsoft.Windows.Search_cw5n1h2txyewy [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Windows\explorer.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|MicrosoftWindows.Client.CBS_cw5n1h2txyewy [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|NVIDIACorp.NVIDIAControlPanel_56jybvy8sckqj [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Windows\System32\ApplicationFrameHost.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|windows.immersivecontrolpanel_cw5n1h2txyewy [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Windows\SysWOW64\msiexec.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Riot Games\Riot Client\UX\RiotClientUx.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Riot Games\League of Legends\LeagueClient.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Riot Games\League of Legends\LeagueClientUx.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|Microsoft.XboxGamingOverlay_8wekyb3d8bbwe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Windows\System32\rundll32.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|Microsoft.WindowsStore_8wekyb3d8bbwe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Riot Games\League of Legends\Game\League of Legends.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|Microsoft.SkypeApp_kzf8qxf38zg5c [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Windows\System32\Taskmgr.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Users\bette\AppData\Local\Discord\app-1.0.9004\Discord.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|SpotifyAB.SpotifyMusic_zpdnekdrzrea0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files\WinRAR\WinRAR.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files (x86)\Origin\Origin.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|Microsoft.ScreenSketch_8wekyb3d8bbwe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|Microsoft.LockApp_cw5n1h2txyewy [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files (x86)\Origin Games\Apex\r5apex.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files (x86)\Steam\Steam.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|Microsoft.ZuneVideo_8wekyb3d8bbwe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files\Rockstar Games\Launcher\Launcher.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files\Rockstar Games\Social Club\SocialClubHelper.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files\Rockstar Games\Red Dead Redemption 2\RDR2.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files (x86)\Origin\EALink.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Users\bette\AppData\Local\Temp\~nsu.tmp\Un_A.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Windows\System32\notepad.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|Microsoft.Windows.Photos_8wekyb3d8bbwe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Notification.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Users\bette\Downloads\Image Line - FLStudio 20.8.3 WiN AUDiOWAREZ\flstudio_win_20.8.3.2304.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files\Image-Line\FL Studio 20\ASIO4ALL.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Windows\regedit.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Windows\System32\OpenWith.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files\Image-Line\FL Studio 20\FL64.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Users\bette\AppData\Local\Temp\is-HO47N.tmp\Setup.tmp [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files\Image-Line\FL Studio 20\System\Tools\Plugin Manager\PluginManager.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Windows\System32\cmd.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|Microsoft.ZuneMusic_8wekyb3d8bbwe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Users\bette\AppData\Local\Temp\is-882KV.tmp\Nicky Romero - Kickstart 1.0.9 Setup.tmp [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Users\bette\AppData\Local\Temp\is-VIRJ0.tmp\Nicky Romero - Kickstart 1.0.9 Setup.tmp [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Users\bette\AppData\Local\Temp\is-DKITH.tmp\Nicky Romero - Kickstart 1.0.9 Setup.tmp [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Users\bette\AppData\Local\Temp\is-U6UHS.tmp\Nicky Romero - Kickstart 1.0.9 Setup.tmp [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Users\bette\AppData\Local\Temp\is-PGGUA.tmp\Nicky Romero - Kickstart 1.0.9 Setup.tmp [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Users\bette\AppData\Local\Temp\is-4RKHC.tmp\Nicky Romero - Kickstart 1.0.9 Setup.tmp [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files\CPUID\HWMonitor\HWMonitor.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Users\bette\Downloads\NZXT-CAM-Setup.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Program Files\NZXT CAM\NZXT CAM.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3647221497-3949391349-1226619127-1001]|\Device\HarddiskVolume3\Users\bette\Downloads\QuickDiag.exe ---------- | ADS ---------- | 20 LastEventLog request thread encountered an error: Failed to send result: Io(Os { code: 232, kind: BrokenPipe, message: "Le canal de communication est sur le point d’être fermé." }) ------------ Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\DESKTOP-91QNL1K$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep : GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Thu, 24 Mar 2022 16:00:02 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 20c20bb1-c8f8-49ea-b261-029dab30ee6a Méthode : GET(250ms) Étape : GetCACaps Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) ------------ Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\DESKTOP-91QNL1K$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep : GetCACaps Méthode : GET(32ms) Étape : GetCACaps L’adresse ou le nom de serveur n’a pas pu être résolu 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED) ------------ La ruche utilisateur est chargée par un autre processus (verrouillage de Registre) Nom du processus : C:\Program Files\Avast Software\Avast\aswToolsSvc.exe, PID : 3696, PID ProfSvc : 1332. ------------ La ruche utilisateur est chargée par un autre processus (verrouillage de Registre) Nom du processus : C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe, PID : 4556, PID ProfSvc : 1332. ------------ Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\DESKTOP-91QNL1K$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep : GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Tue, 22 Mar 2022 14:47:15 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 58b1af8f-9874-47b8-8eb6-7c278f5afc60 Méthode : GET(250ms) Étape : GetCACaps Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) ------------ Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\DESKTOP-91QNL1K$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep : GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Tue, 22 Mar 2022 13:44:35 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 675126d4-07db-4211-a90d-a3998f67e214 Méthode : GET(281ms) Étape : GetCACaps Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) ------------ Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\DESKTOP-91QNL1K$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep : GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Mon, 21 Mar 2022 18:56:12 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 969488f3-0aa7-4852-88ec-6697796923ba Méthode : GET(266ms) Étape : GetCACaps Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) ------------ Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\DESKTOP-91QNL1K$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep : GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Sat, 19 Mar 2022 14:19:57 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 6944a25d-47cf-41a9-b410-999f34c5c293 Méthode : GET(297ms) Étape : GetCACaps Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) ------------ Nom de l’application défaillante GameBar.exe, version : 5.721.12013.0, horodatage : 0x61a7f69b Nom du module défaillant : combase.dll, version : 10.0.19041.1566, horodatage : 0xf865610e Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000000835e5 ID du processus défaillant : 0x125c Heure de début de l’application défaillante : 0x01d83ac9ed0e460d Chemin d’accès de l’application défaillante : C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBar.exe Chemin d’accès du module défaillant: C:\Windows\System32\combase.dll ID de rapport : 2a183a43-8bc1-4aca-b1c4-8e62cca5dc88 Nom complet du package défaillant : Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe ID de l’application relative au package défaillant : App ------------ Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\DESKTOP-91QNL1K$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep : GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Thu, 17 Mar 2022 11:24:30 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: a5b75d12-a174-4b34-87fd-f7f5c9aa8569 Méthode : GET(250ms) Étape : GetCACaps Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) ------------ Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours. . ------------ Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours. ] ------------ Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\DESKTOP-91QNL1K$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep : GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Wed, 16 Mar 2022 21:02:35 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: d1c4f333-896e-4316-8484-d18a3d42669d Méthode : GET(297ms) Étape : GetCACaps Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) ------------ Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\DESKTOP-91QNL1K$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep : GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Wed, 16 Mar 2022 16:16:03 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: e94cbb15-d988-4783-8900-5ac5f93f5e1a Méthode : GET(218ms) Étape : GetCACaps Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) ------------ Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\DESKTOP-91QNL1K$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep : GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Wed, 16 Mar 2022 13:26:34 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 3c3c4882-2c00-4613-8f8f-57087ec2fd98 Méthode : GET(1141ms) Étape : GetCACaps Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) ------------ Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\DESKTOP-91QNL1K$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep : GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Mon, 14 Mar 2022 22:10:06 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: d47ba8a2-efeb-40c0-9398-69d13e44973b Méthode : GET(266ms) Étape : GetCACaps Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) ------------ Échec de l’initialisation de l’inscription du certificat SCEP pour WORKGROUP\DESKTOP-91QNL1K$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep : GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Mon, 14 Mar 2022 16:38:40 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: d8dc8328-109f-4b5f-9958-43f7b4d5c4b0 Méthode : GET(204ms) Étape : GetCACaps Non trouvé (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) ------------ La création du contexte d’activation a échoué pour « C:\Program Files\AMD\CIM\Bin64\SetACL64.exe ». Assembly dépendant Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. ------------ ----------( EOF)---------- - 5059 | 18:28:22