Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-12-2024 01 Ran by Aymene (25-12-2024 19:17:22) Running from C:\Users\Aymene\Desktop Microsoft Windows 11 Professionnel Version 24H2 26100.2605 (X64) (2024-11-23 18:05:17) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= (If an entry is included in the fixlist, it will be removed.) Administrateur (S-1-5-21-1130916198-2286890699-2815164863-500 - Administrator - Disabled) Aymene (S-1-5-21-1130916198-2286890699-2815164863-1001 - Administrator - Enabled) => C:\Users\Aymene DefaultAccount (S-1-5-21-1130916198-2286890699-2815164863-503 - Limited - Disabled) Invité (S-1-5-21-1130916198-2286890699-2815164863-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-1130916198-2286890699-2815164863-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FF00-7760-BC15014EA700}) (Version: 24.005.20320 - Adobe) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.4.0.361 - Adobe Inc.) Adobe Photoshop 2024 (HKLM-x32\...\PHSP_25_6) (Version: 25.6.0.433 - Adobe Inc.) Adobe Premiere Pro 2023 (HKLM-x32\...\PPRO_23_6) (Version: 23.6 - Adobe Inc.) Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601102}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden AntiCheatExpert (HKLM\...\AntiCheatExpert) (Version: 15.0.2405.347 - ) Antidote - Connectix 12 (HKLM\...\{C9A3C767-F1E3-4B93-AA8D-03FD6AAFA4D4}) (Version: 12.1.1307 - Druide informatique inc.) Assistant de téléchargement (HKLM-x32\...\{93154A3C-9BB7-49D7-A571-4EB6373FA602}) (Version: 6.71.0 - Druide informatique inc.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) blender (HKLM\...\{1ADD9FE1-B5B3-4B8C-9F62-D63F0D761D39}) (Version: 4.1.1 - Blender Foundation) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 131.1.73.104 - Les auteurs de Brave) Canva (HKU\S-1-5-21-1130916198-2286890699-2815164863-1001\...\3d0ba22d-e02b-5c6d-93a1-4e2a9af9c1f2) (Version: 1.100.0 - Canva Pty Ltd) Cisco Secure Client - AnyConnect VPN (HKLM-x32\...\Cisco Secure Client - AnyConnect VPN) (Version: 5.1.6.103 - Cisco Systems, Inc.) Cisco Secure Client - AnyConnect VPN (HKLM-x32\...\{CFB51224-438D-48BC-BE42-1F8B53730609}) (Version: 5.1.6.103 - Cisco Systems, Inc.) Hidden Corsair Device Control Service (HKLM\...\{3761F1BA-5697-4562-B677-E3CE0F944679}) (Version: 1.3.1 - Corsair) Corsair iCUE5 Software (HKLM\...\{A9B0B2D7-8C59-4413-A2FB-99EDBE65A608}) (Version: 5.22.86 - Corsair) CPUID CPU-Z MSI 2.10 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 2.10 - CPUID, Inc.) Digilent Software (HKLM-x32\...\Digilent Software) (Version: 1.5.8 - Digilent, Inc.) Discord (HKU\S-1-5-21-1130916198-2286890699-2815164863-1001\...\Discord) (Version: 1.0.9011 - Discord Inc.) Docker Desktop (HKLM\...\Docker Desktop) (Version: 4.22.1 - Docker Inc.) Documentation Manager (HKLM\...\{6F6D9B30-6201-467D-A56B-8DDC01B6E100}) (Version: 23.100.0.4 - Intel Corporation) Hidden Dynamic Application Loader Host Interface Service (HKLM\...\{74DF895B-001F-456C-BEA4-9254A3FCC5E6}) (Version: 1.0.0.0 - Intel Corporation) Hidden Elgato Camera Hub (HKLM\...\{B7ABB05D-A97B-4C43-925C-5E40491B5AE9}) (Version: 1.11.0.4066 - Corsair Memory, Inc.) EndNote 21 (HKLM-x32\...\{86B3F2D6-AC2B-0021-8AE1-F2F77F781B0C}) (Version: 21.4.0.18113 - Clarivate Analytics) Epic Games Launcher (HKLM-x32\...\{5716F90C-C4A5-4EB1-89FB-A28D77A93400}) (Version: 1.3.67.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{4757C19B-4CE3-418C-91D2-E15E938091FB}) (Version: 2.0.39.0 - Epic Games, Inc.) FireStorm version 3.0.0.039 (HKLM-x32\...\FireStorm_is1) (Version: 3.0.0.039 - ) FiveM (HKU\S-1-5-21-1130916198-2286890699-2815164863-1001\...\CitizenFX_FiveM) (Version: - Cfx.re) Git (HKLM\...\Git_is1) (Version: 2.42.0.2 - The Git Development Community) GitHub Desktop (HKU\S-1-5-21-1130916198-2286890699-2815164863-1001\...\GitHubDesktop) (Version: 3.4.5 - GitHub, Inc.) iCloud Outlook (HKLM\...\{F4523358-0218-44DA-8A86-7C40FAF2262B}) (Version: 15.0.0.215 - Apple Inc.) Intel Driver && Support Assistant (HKLM-x32\...\{E2412D7F-3FB3-4638-819A-953908EA116E}) (Version: 24.6.49.8 - Intel) Hidden Intel(R) Arc Software & Drivers (HKLM\...\Intel(R) Arc Software & Drivers) (Version: 1.0.993.8 - Intel(R) Corporation) Intel(R) Chipset Device Software (HKLM\...\{22987D97-5A46-4BD9-B1A5-2FFE44201081}) (Version: 10.1.19199.8340 - Intel Corporation) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{e6ecf35a-b1bb-4e59-9d90-4c98fde2ffa8}) (Version: 10.1.19199.8340 - Intel(R) Corporation) Intel(R) Computing Improvement Program (HKLM\...\{318C30A1-C7AF-414E-890F-6345E6E0FD33}) (Version: 2.4.09084 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2218.2.2.0 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{72F03A9B-21C6-4599-95FC-FFB4D9B7F50C}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Driver (HKLM\...\{B9C358AF-2012-4BD3-A476-CAFB5761B5BC}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) ME WMI Provider (HKLM\...\{96EC8F94-3894-4F08-8FEF-227E9F790FFC}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Network Connections 27.0.0.3 (HKLM\...\{01FD1770-03E3-4949-88FE-BD77BA60F51E}) (Version: 27.0.0.3 - Intel) Hidden Intel(R) Network Connections 27.0.0.3 (HKLM\...\PROSetDX) (Version: 27.0.0.3 - Intel) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00001100-0230-1036-84C8-B8D95FA3C8C3}) (Version: 23.100.1.1 - Intel Corporation) Intel® Driver & Support Assistant (HKLM-x32\...\{E5FB0A2C-49A5-41B5-B5AB-249A3A05405E}) (Version: 24.6.49.8 - Intel) Intel® Graphics Software (HKLM\...\{5085D89C-1E1E-4A1B-BB7E-C4378391A533}) (Version: 24.48.47.5 - Intel Corporation) Intel® Graphics Software (HKLM\...\{FD8575DF-732C-4CF6-A66E-07B2C6DD864B}) (Version: 24.48.47.5 - Intel Corporation) Hidden Intel® Software Installer (HKLM-x32\...\{04b8044d-0f6e-4c7e-af9e-5057a0156baa}) (Version: 22.110.1.1 - Intel Corporation) Hidden Intel® Software Installer (HKLM-x32\...\{2c72022c-65e7-4325-a04b-997e0fe74225}) (Version: 23.100.0.4 - Intel Corporation) Hidden Java 8 Update 351 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180351F0}) (Version: 8.0.3510.10 - Oracle Corporation) JetBrains Toolbox (HKU\S-1-5-21-1130916198-2286890699-2815164863-1001\...\Toolbox) (Version: 2.1.3.18901 - JetBrains) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2024.9.649333 - Logitech) Microsoft .NET Core Host - 3.1.32 (x64) (HKLM\...\{8A8E3A04-83BC-4CDE-9259-893B666C1AB1}) (Version: 24.192.31915 - Microsoft Corporation) Hidden Microsoft .NET Core Host FX Resolver - 3.1.32 (x64) (HKLM\...\{ABC6B3C2-1A8D-4C5E-AC16-C2AE44F02743}) (Version: 24.192.31915 - Microsoft Corporation) Hidden Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM\...\{A741B803-3F0E-4684-81EF-FC128D15A92C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM-x32\...\{784973c8-d618-4ac8-97ed-1fd52c5bdf2f}) (Version: 3.1.32.31915 - Microsoft Corporation) Microsoft .NET Host - 6.0.23 (x64) (HKLM\...\{1870DD0E-1583-44FF-8265-A9D1692CD89C}) (Version: 48.92.2594 - Microsoft Corporation) Hidden Microsoft .NET Host - 7.0.7 (x64) (HKLM\...\{E914E975-A0B1-49F7-AB71-28DACD495C44}) (Version: 56.31.61636 - Microsoft Corporation) Hidden Microsoft .NET Host - 8.0.10 (x64) (HKLM\...\{3A80EBC5-6B68-49B9-BEBD-E1A6C966B416}) (Version: 64.40.21578 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 6.0.23 (x64) (HKLM\...\{995CC82C-E3E8-4BB5-9AB8-2B95C611D59D}) (Version: 48.92.2594 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 7.0.7 (x64) (HKLM\...\{62A9DE14-DB7A-41D9-9D7E-ED494E6FCBAF}) (Version: 56.31.61636 - Microsoft Corporation) Hidden Microsoft .NET Host FX Resolver - 8.0.10 (x64) (HKLM\...\{062CD1ED-0A3C-483C-A871-50173240C545}) (Version: 64.40.21578 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 6.0.23 (x64) (HKLM\...\{7C0437DA-6703-47F1-A116-CD138B0768AD}) (Version: 48.92.2594 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 7.0.7 (x64) (HKLM\...\{ECCA3DB0-6DEF-42CD-A21A-F2F7B918FB59}) (Version: 56.31.61636 - Microsoft Corporation) Hidden Microsoft .NET Runtime - 8.0.10 (x64) (HKLM\...\{15B7D0C2-F209-4C28-AF1C-FD8326F4D58A}) (Version: 64.40.21578 - Microsoft Corporation) Hidden Microsoft 365 Apps for enterprise - fr-fr (HKLM\...\O365ProPlusRetail - fr-fr) (Version: 16.0.18227.20162 - Microsoft Corporation) Microsoft ASP.NET Core 7.0.7 - Shared Framework (x64) (HKLM-x32\...\{4a749a1a-b799-41b4-a328-33a7b2355e76}) (Version: 7.0.7.23274 - Microsoft Corporation) Microsoft ASP.NET Core 7.0.7 Shared Framework (x64) (HKLM\...\{5ECA54B7-62F2-39EE-9514-31F7DFFFC968}) (Version: 7.0.7.23274 - Microsoft Corporation) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 131.0.2903.112 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.112 - Microsoft Corporation) Hidden Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.226.1110.0004 - Microsoft Corporation) Microsoft Teams classic (HKU\S-1-5-21-1130916198-2286890699-2815164863-1001\...\Teams) (Version: 1.7.00.6058 - Microsoft Corporation) Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.28402 - Microsoft) Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.40.33810 (HKLM-x32\...\{5af95fd8-a22e-458f-acee-c61bd787178e}) (Version: 14.40.33810.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.40.33810 (HKLM-x32\...\{47109d57-d746-4f8b-9618-ed6a17cc922b}) (Version: 14.40.33810.0 - Microsoft Corporation) Microsoft Visual C++ 2022 X64 Additional Runtime - 14.40.33810 (HKLM\...\{59CED48F-EBFE-480C-8A38-FC079C2BEC0F}) (Version: 14.40.33810 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.40.33810 (HKLM\...\{B8B3BB4A-A10D-4F51-91B7-A64FFAC31EA7}) (Version: 14.40.33810 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Additional Runtime - 14.40.33810 (HKLM-x32\...\{5EA6C998-D5AC-4ED9-89C3-9F25B17CCD3D}) (Version: 14.40.33810 - Microsoft Corporation) Hidden Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.40.33810 (HKLM-x32\...\{0C3457A0-3DCE-4A33-BEF0-9B528C557771}) (Version: 14.40.33810 - Microsoft Corporation) Hidden Microsoft Visual Studio Code (User) (HKU\S-1-5-21-1130916198-2286890699-2815164863-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.96.2 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 6.0.23 (x64) (HKLM\...\{AA393199-374C-4AD1-9245-6CBB254D8146}) (Version: 48.92.2594 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 6.0.23 (x64) (HKLM-x32\...\{fbe8ac13-7063-40e6-81dd-7ddcc3781ecd}) (Version: 6.0.23.32930 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 7.0.7 (x64) (HKLM\...\{593F16DC-C2D3-4740-ABD4-A171B4E32B06}) (Version: 56.31.61651 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 7.0.7 (x64) (HKLM-x32\...\{e875fc20-9a37-4344-b046-0bb037cb2d57}) (Version: 7.0.7.32525 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 8.0.10 (x64) (HKLM\...\{614C9740-3FD4-4788-A277-7C35CB4C323B}) (Version: 64.40.21605 - Microsoft Corporation) Hidden Microsoft Windows Desktop Runtime - 8.0.10 (x64) (HKLM-x32\...\{d990096d-6282-42c5-8d16-71272c5be274}) (Version: 8.0.10.34118 - Microsoft Corporation) MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2024.0919.01 - MSI) NVIDIA app 11.0.1.189 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.1.189 - NVIDIA Corporation) NVIDIA FrameView SDK 1.4.10624.35034762 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.4.10624.35034762 - NVIDIA Corporation) NVIDIA Graphics Driver 566.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 566.36 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.4.2.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.2.6 - NVIDIA Corporation) NVIDIA Logiciel système PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation) OBS Studio (HKLM-x32\...\OBS Studio) (Version: 30.2.2 - OBS Project) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18227.20082 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18227.20162 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.18227.20082 - Microsoft Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) PyCharm 2024.3 (HKLM-x32\...\PyCharm 2024.3) (Version: 243.21565.199 - JetBrains s.r.o.) Python 3.11.4 (64-bit) (HKU\S-1-5-21-1130916198-2286890699-2815164863-1001\...\{3d45edf4-44bb-483f-9e08-43c38c81e118}) (Version: 3.11.4150.0 - Python Software Foundation) Python 3.11.4 Add to Path (64-bit) (HKLM\...\{77489A51-D174-4D9A-BD61-C4883157BA60}) (Version: 3.11.4150.0 - Python Software Foundation) Hidden Python 3.11.4 Core Interpreter (64-bit) (HKLM\...\{FEF98C01-0C8A-4A0F-88AE-F164A787286C}) (Version: 3.11.4150.0 - Python Software Foundation) Hidden Python 3.11.4 Development Libraries (64-bit) (HKLM\...\{1C6E1CE6-CA4E-4B38-BAFF-32BD94DBFFEF}) (Version: 3.11.4150.0 - Python Software Foundation) Hidden Python 3.11.4 Documentation (64-bit) (HKLM\...\{FABA3DAC-829C-4C83-BC27-F3AFFD27B465}) (Version: 3.11.4150.0 - Python Software Foundation) Hidden Python 3.11.4 Executables (64-bit) (HKLM\...\{DA4B94FB-D8BB-4DB9-85A7-FA5067A5CEDF}) (Version: 3.11.4150.0 - Python Software Foundation) Hidden Python 3.11.4 pip Bootstrap (64-bit) (HKLM\...\{D86BDA9F-D389-445E-B3E6-C35EF9FD41C7}) (Version: 3.11.4150.0 - Python Software Foundation) Hidden Python 3.11.4 Standard Library (64-bit) (HKLM\...\{7EB8F17E-4AA7-4F9E-B908-42A28799523A}) (Version: 3.11.4150.0 - Python Software Foundation) Hidden Python 3.11.4 Tcl/Tk Support (64-bit) (HKLM\...\{A32FE961-D579-4E46-B3D6-0B777F8F51E8}) (Version: 3.11.4150.0 - Python Software Foundation) Hidden Python 3.11.4 Test Suite (64-bit) (HKLM\...\{52DE4CC1-22CF-498B-B50F-E66877E4850B}) (Version: 3.11.4150.0 - Python Software Foundation) Hidden Python 3.11.4 Utility Scripts (64-bit) (HKLM\...\{90A235DF-4CF1-415D-AD85-6AC578B5DFB4}) (Version: 3.11.4150.0 - Python Software Foundation) Hidden Python Launcher (HKLM-x32\...\{23514291-DEF3-42FD-A67C-A96E35C92F24}) (Version: 3.11.4150.0 - Python Software Foundation) Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.2391 - Realtek Semiconductor Corp.) REDlauncher (HKU\S-1-5-21-1130916198-2286890699-2815164863-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com) ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version: 1.0.21.3540 - Clarivate Analytics) Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.90.1977 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.3.2.5 - Rockstar Games) Samsung NVM Express Driver (HKLM-x32\...\{ff94c273-58d5-40b5-b03a-9bd41d5cff1e}) (Version: 3.3.0.2003 - Samsung Electronics) Samsung NVM Express Driver 3.3.0.2003 (HKLM\...\{89D55DD5-FE94-497B-B5E5-91915D52DBF2}) (Version: 3.3.0.2003 - Samsung Electronics Co., Ltd) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TavernWorker for Dark and Darker - Steam (HKLM\...\TavernWorker for Dark and Darker - Steam) (Version: - IRONMACE) Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.5.0.30767 - Microsoft Corporation) TeamSpeak (HKLM\...\{EE883F28-D7AF-48E5-87B6-1F59D856362F}) (Version: 5.0.0 - TeamSpeak) TeamViewer (HKLM\...\TeamViewer) (Version: 15.42.7 - TeamViewer) TLauncher (HKLM-x32\...\TLauncher) (Version: 2.885 - TLauncher Inc.) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 158.0.11194 - Ubisoft) UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.) VALORANT (HKU\S-1-5-21-1130916198-2286890699-2815164863-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc) Windows Subsystem for Linux (HKLM\...\{9123DBDC-D242-4A68-9E97-841E2A788E7C}) (Version: 2.3.26.0 - Microsoft Corporation) Hidden WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) WinRAR 6.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.21.0 - win.rar GmbH) XDefiant (HKLM-x32\...\Uplay Install 15657) (Version: - Ubisoft) Xilinx Design Tools Vivado ML Standard 2024.1 (C:\Xilinx) (HKLM\...\Xilinx_Vivado ML Standard_2024.1#0) (Version: 2024.1.2 - Xilinx Inc.) Xilinx DocNav (C:\Xilinx) (HKLM\...\Xilinx_DocNav_2024.1#0) (Version: 2024.1 - Xilinx Inc.) Xilinx ECM driver v2.51.0.0 (HKLM-x32\...\Software_Xilinx_Xilinx ECM driver_DriverSetup) (Version: 2.51.0.0 - Xilinx) Xilinx Information Center (C:\Xilinx) (HKLM\...\Xilinx_Xilinx Information Center_2024.1#0) (Version: 2024.1 - Xilinx Inc.) Zoom Workplace (HKU\S-1-5-21-1130916198-2286890699-2815164863-1001\...\ZoomUMX) (Version: 6.1.11 (45504) - Zoom Video Communications, Inc.) Packages: ========= Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-12-13] () AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2024-11-10] (INTEL CORP) [Startup Task] Arc -> C:\Program Files\WindowsApps\TheBrowserCompany.Arc_1.33.0.3189_x64__ttt1ap7aakyb4 [2024-12-21] (The Browser Company of New York) Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_2024.3.211.0_neutral__6rarf9sa4v8jt [2024-08-05] (Disney) ESPN -> C:\Program Files\WindowsApps\22364Disney.ESPNBetaPWA_16.0.1.0_neutral__6rarf9sa4v8jt [2024-08-05] (Disney) ESPN -> C:\Program Files\WindowsApps\www.espn.com-D672769_8.0.1.1_neutral__d56jvsjt25em0 [2024-11-23] (www.espn.com) Goodnotes -> C:\Program Files\WindowsApps\GoodnotesLimited.GoodNotesforWindows_1.0.5.0_neutral__wjqdg2qn10y2j [2024-08-05] (Goodnotes Limited) Goodnotes -> C:\Program Files\WindowsApps\web.goodnotes.com-351C2828_1.0.3.1_neutral__yjfmr72mwqpw2 [2024-11-23] (web.goodnotes.com) HyperX NGENUITY -> C:\Program Files\WindowsApps\33C30B79.HyperXNGenuity_5.27.4.0_x64__0a78dr3hq0pvt [2024-10-20] (HP Inc.) [Startup Task] iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_15.3.138.0_x64__nzyj5cx40ttqa [2024-11-13] (Apple Inc.) [Startup Task] Ink.Handwriting.en-CA.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.en-CA.1.0_0.645.1237.0_x64__8wekyb3d8bbwe [2024-10-09] (Microsoft Corporation) Ink.Handwriting.en-CA.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.en-CA.1.0_0.645.1237.0_x86__8wekyb3d8bbwe [2024-10-09] (Microsoft Corporation) Ink.Handwriting.en-US.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.en-US.1.0_0.645.1237.0_x64__8wekyb3d8bbwe [2024-10-31] (Microsoft Corporation) Ink.Handwriting.en-US.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.en-US.1.0_0.645.1237.0_x86__8wekyb3d8bbwe [2024-10-31] (Microsoft Corporation) Ink.Handwriting.fr-FR.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.fr-FR.1.0_0.598.1811.0_x64__8wekyb3d8bbwe [2024-11-23] (Microsoft Corporation) Ink.Handwriting.fr-FR.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.fr-FR.1.0_0.598.1811.0_x86__8wekyb3d8bbwe [2024-11-23] (Microsoft Corporation) Ink.Handwriting.Main.en-CA.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.Main.en-CA.1.0_0.645.1237.0_x64__8wekyb3d8bbwe [2024-10-09] (Microsoft Corporation) Ink.Handwriting.Main.en-US.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.Main.en-US.1.0.1_0.645.1237.0_x64__8wekyb3d8bbwe [2024-10-31] (Microsoft Corporation) Ink.Handwriting.Main.fr-FR.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.Main.fr-FR.1.0_0.237.110.0_x64__8wekyb3d8bbwe [2024-04-27] (Microsoft Corporation) Intel® Unison™ -> C:\Program Files\WindowsApps\AppUp.IntelTechnologyMDE_20.26.10481.0_x64__8j3eq9eme6ctt [2024-12-10] (INTEL CORP) iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa [2024-10-26] (Apple Inc.) [Startup Task] Lively Wallpaper -> C:\Program Files\WindowsApps\12030rocksdanister.LivelyWallpaper_1.0.144.0_x64__97hta09mmv6hy [2024-06-06] (rocksdanister) [Startup Task] Microsoft 365 (Office) -> C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2412.1162.0_x64__8wekyb3d8bbwe [2024-12-19] (Microsoft Corporation) [Startup Task] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2024-11-23] (Microsoft Corporation) [MS Ad] Moodle Desktop -> C:\Program Files\WindowsApps\3312ADB7.MoodleDesktop_3.9.2.0_x64__t8q4t8fsbshw4 [2023-11-11] (Moodle Pty Ltd.) MSI Center -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.45.0_x64__kzh8wxbdkxb8p [2024-11-29] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task] MSI Game Bar -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSIGameBar_3.0.6.0_x64__kzh8wxbdkxb8p [2024-10-18] (MICRO-STAR INTERNATIONAL CO., LTD) NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2024-12-25] (NVIDIA Corp.) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.51.334.0_x64__dt26b99r8h8gj [2024-08-09] (Realtek Semiconductor Corp) SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0 [2024-12-20] (Spotify AB) [Startup Task] TranslucentTB -> C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2024.3.0.0_x64__v826wp6bftszj [2024-12-13] (Charles Milette) [Startup Task] WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2450.6.0_x64__cv1g1gvanyjgm [2024-12-19] (WhatsApp Inc.) [Startup Task] WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.311.2039.0_x64__8wekyb3d8bbwe [2024-11-13] (Microsoft Corp.) WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_6000.318.2304.0_x64__8wekyb3d8bbwe [2024-11-19] (Microsoft Corp.) WinRAR -> C:\Program Files\WinRAR [2023-11-11] (win.rar GmbH) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1130916198-2286890699-2815164863-1001_Classes\CLSID\{04271989-C4D2-38F7-9588-F2DBF9D8B6DB} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6} CustomCLSID: HKU\S-1-5-21-1130916198-2286890699-2815164863-1001_Classes\CLSID\{04271989-C4D2-5E3B-6568-4BFF952F74D1} -> [OneDrive - polymtlus] => C:\Users\Aymene\OneDrive - polymtlus [2024-09-21 17:23] CustomCLSID: HKU\S-1-5-21-1130916198-2286890699-2815164863-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe) CustomCLSID: HKU\S-1-5-21-1130916198-2286890699-2815164863-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Aymene\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.24.28402\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1130916198-2286890699-2815164863-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.) CustomCLSID: HKU\S-1-5-21-1130916198-2286890699-2815164863-1001_Classes\CLSID\{32696747-d167-38ad-6e20-2fec78940514}\localserver32 -> "C:\Program Files\Microsoft PC Manager\MSPCManager.exe" -ToastActivated => No File CustomCLSID: HKU\S-1-5-21-1130916198-2286890699-2815164863-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe) CustomCLSID: HKU\S-1-5-21-1130916198-2286890699-2815164863-1001_Classes\CLSID\{414022CB-AE34-4682-BBDB-653EACAFA0CA}\InprocServer32 -> C:\Program Files\Druide\Connectix 12\Connect\Excel\Bin\Antidote.Excel.P500_64.dll (Druide informatique inc. -> Druide informatique inc.) CustomCLSID: HKU\S-1-5-21-1130916198-2286890699-2815164863-1001_Classes\CLSID\{5563940C-ABF0-47B4-BB0E-B5D8680B570A}\localserver32 -> "C:\Program Files (x86)\Druide\Connectix 10\Application\Bin64\MoteurIntegration.exe" -activex => No File CustomCLSID: HKU\S-1-5-21-1130916198-2286890699-2815164863-1001_Classes\CLSID\{5563940D-49FD-4F1A-96AA-147B474290EE}\localserver32 -> "C:\Program Files (x86)\Druide\Connectix 10\Application\Bin64\MoteurIntegration.exe" -activex => No File CustomCLSID: HKU\S-1-5-21-1130916198-2286890699-2815164863-1001_Classes\CLSID\{5C4D8D77-5B87-40CA-884E-F56858227E5C}\localserver32 -> C:\Users\Aymene\AppData\Local\Programs\TeamSpeak\notification_helper.exe => No File CustomCLSID: HKU\S-1-5-21-1130916198-2286890699-2815164863-1001_Classes\CLSID\{9801B4CE-1C74-4D92-9DE9-3F85C9BD26D8}\InprocServer32 -> C:\Program Files\Druide\Connectix 12\Connect\Outlook\Bin\Antidote.Outlook.P500_64.dll (Druide informatique inc. -> Druide informatique inc.) CustomCLSID: HKU\S-1-5-21-1130916198-2286890699-2815164863-1001_Classes\CLSID\{9c1d65ab-f03c-4fe7-afca-b25ab39fedf4}\localserver32 -> "C:\Program Files\Microsoft PC Manager\MSPCManager.exe" -ToastActivated => No File CustomCLSID: HKU\S-1-5-21-1130916198-2286890699-2815164863-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8E}\localserver32 -> C:\Program Files\Druide\Connectix 12\Application\Bin64\ServiceConnectixAntidote.exe (Druide informatique inc. -> Druide informatique inc.) CustomCLSID: HKU\S-1-5-21-1130916198-2286890699-2815164863-1001_Classes\CLSID\{A12A9CAB-1C75-4AA3-A980-74F25AB94C8F}\localserver32 -> C:\Program Files\Druide\Connectix 12\Application\Bin64\ServiceConnectixAntidote.exe (Druide informatique inc. -> Druide informatique inc.) CustomCLSID: HKU\S-1-5-21-1130916198-2286890699-2815164863-1001_Classes\CLSID\{A9694941-C924-4D17-8F67-80F4A27642BC}\InprocServer32 -> C:\Program Files\Druide\Connectix 12\Connect\PowerPoint\Bin\Antidote.PowerPoint.P500_64.dll (Druide informatique inc. -> Druide informatique inc.) CustomCLSID: HKU\S-1-5-21-1130916198-2286890699-2815164863-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\Aymene\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1130916198-2286890699-2815164863-1001_Classes\CLSID\{E15BAA7F-7AA4-4C00-9588-A00642432DB0}\localserver32 -> c:\program files\intel\intel graphics software\intelgraphicssoftware.exe (Intel Corporation -> Intel Corporation) CustomCLSID: HKU\S-1-5-21-1130916198-2286890699-2815164863-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) CustomCLSID: HKU\S-1-5-21-1130916198-2286890699-2815164863-1001_Classes\CLSID\{FEA8F8D1-3ADB-4B77-908F-C2E811EE12E1}\InprocServer32 -> C:\Program Files\Druide\Connectix 12\Connect\Word\Bin\Antidote.Word.P500_64.dll (Druide informatique inc. -> Druide informatique inc.) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-04-06] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-04-06] (Adobe Inc. -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-04-06] (Adobe Inc. -> ) ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-16] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-16] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-16] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-04-06] (Adobe Inc. -> ) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-16] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-16] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9425e4c3b1ac1c47\nvshext.dll [2024-12-04] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-04-06] (Adobe Inc. -> ) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\Aymene\Desktop\Vivado files\Vitis HLS 2024.1.lnk -> C:\Xilinx\Vitis_HLS\2024.1\bin\vitis_hls.bat () Shortcut: C:\Users\Aymene\Desktop\Vivado files\Vitis Model Composer 2024.1.lnk -> C:\Xilinx\Model_Composer\2024.1\bin\model_composer.bat () Shortcut: C:\Users\Aymene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\Vitis_HLS 2024.1\Vitis HLS 2024.1 Command Prompt.lnk -> C:\Xilinx\Vitis_HLS\2024.1\bin\vitis_hls_cmd.bat () Shortcut: C:\Users\Aymene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\Vitis_HLS 2024.1\Vitis HLS 2024.1.lnk -> C:\Xilinx\Vitis_HLS\2024.1\bin\vitis_hls.bat () Shortcut: C:\Users\Aymene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\Model Composer 2024.1\Vitis Model Composer 2024.1.lnk -> C:\Xilinx\Model_Composer\2024.1\bin\model_composer.bat () ShortcutWithArgument: C:\Users\Aymene\Desktop\Vivado 2024.1.lnk -> C:\Xilinx\Vivado\2024.1\bin\unwrapped\win64.o\vvgl.exe () -> C:\Xilinx\Vivado\2024.1\bin\vivado.bat ShortcutWithArgument: C:\Users\Aymene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\Manage Licenses 2024.1.lnk -> C:\Xilinx\Vivado\2024.1\bin\unwrapped\win64.o\vvgl.exe () -> C:\Xilinx\Vivado\2024.1\bin\vlm.bat ShortcutWithArgument: C:\Users\Aymene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\Vivado 2024.1\Vivado 2024.1 Tcl Shell.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k C:\Xilinx\Vivado/2024.1\bin\vivado.bat -mode tcl ShortcutWithArgument: C:\Users\Aymene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xilinx Design Tools\Vivado 2024.1\Vivado 2024.1.lnk -> C:\Xilinx\Vivado\2024.1\bin\unwrapped\win64.o\vvgl.exe () -> C:\Xilinx\Vivado\2024.1\bin\vivado.bat ==================== Loaded Modules (Whitelisted) ============= 2024-12-13 16:37 - 2024-12-13 16:36 - 000707584 _____ () [File not signed] C:\Program Files\LGHUB\resources\app.asar.unpacked\keytar.node 2023-02-24 22:02 - 2023-02-24 22:02 - 002165760 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [6866] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Docker Desktop.lnk:CBB8C4555E [6002] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk:A1B76439FE [6866] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk:7661CCE9BF [6866] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2024.lnk:D6CCC992C2 [6866] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2023.lnk:FB95DB72C9 [6002] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [6866] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [6002] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [6002] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCUE.lnk:36398BE0BF [3442] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCUE.lnk:97831153DE [6866] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk:60EC9648C0 [6002] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook (classic).lnk:5465085A2F [4306] AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook (classic).lnk:BE800952D3 [6002] AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [10074] ==================== Safe Mode (Whitelisted) ================== ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ============= BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-12-19] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_351\bin\ssv.dll [2024-01-28] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_351\bin\jp2ssv.dll [2024-01-28] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-12-19] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-19] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-12-19] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-19] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-12-19] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-19] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-12-19] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-19] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-12-19] (Microsoft Corporation -> Microsoft Corporation) (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-1130916198-2286890699-2815164863-1001\...\sharepoint.com -> hxxps://cmaisonneuveqcca-files.sharepoint.com ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2019-12-07 04:14 - 2023-09-02 21:55 - 000001052 _____ C:\WINDOWS\system32\drivers\etc\hosts 10.0.0.100 host.docker.internal 10.0.0.100 gateway.docker.internal 127.0.0.1 kubernetes.docker.internal 2023-09-02 22:09 - 2024-05-20 21:19 - 000000443 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 172.20.128.1 DESKTOP-OM3J3M1.mshome.net # 2029 5 0 20 2 19 13 555 ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\dotnet\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Docker\Docker\resources\bin;C:\Program Files\Git\cmd;C:\Program Files\NVIDIA Corporation\NVIDIA app\NvDLISR HKU\S-1-5-21-1130916198-2286890699-2815164863-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Aymene\Downloads\themajesticsombrerogalaxym104.jpg DNS Servers: 24.201.245.77 - 24.200.243.189 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. Network Binding: ============= Ethernet 2: Cisco AnyConnect Virtual Miniport Adapter for Windows x64 -> vpnva64-6.sys Wi-Fi: Intel(R) Wi-Fi 6E AX210 160MHz -> Netwtw14.sys Ethernet: Intel(R) Ethernet Controller (3) I225-V -> e2f.sys vms_vsf: Hyper-V Virtual Switch Extension Filter ms_l1vhlwf: Nested Network Virtualization vms_vsp: Hyper-V Virtual Switch Extension Protocol ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) HKLM\...\StartupApproved\Run: => "Riot Vanguard" HKLM\...\StartupApproved\Run32: => "Intel® Arc™ Control" HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKLM\...\StartupApproved\Run32: => "Intel® Graphics Software" HKU\S-1-5-21-1130916198-2286890699-2815164863-1001\...\StartupApproved\StartupFolder: => "Envoyer * OneNote.lnk<*>" HKU\S-1-5-21-1130916198-2286890699-2815164863-1001\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-1130916198-2286890699-2815164863-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-1130916198-2286890699-2815164863-1001\...\StartupApproved\Run: => "CanvaAutoLaunchAvailabilityCheckAgent" HKU\S-1-5-21-1130916198-2286890699-2815164863-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" HKU\S-1-5-21-1130916198-2286890699-2815164863-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_397B304D2C0F592B4832E5E0DC966C67" HKU\S-1-5-21-1130916198-2286890699-2815164863-1001\...\StartupApproved\Run: => "Camera Hub" HKU\S-1-5-21-1130916198-2286890699-2815164863-1001\...\StartupApproved\Run: => "RiotClient" HKU\S-1-5-21-1130916198-2286890699-2815164863-1001\...\StartupApproved\Run: => "Docker Desktop" HKU\S-1-5-21-1130916198-2286890699-2815164863-1001\...\StartupApproved\Run: => "JetBrains Toolbox" HKU\S-1-5-21-1130916198-2286890699-2815164863-1001\...\StartupApproved\Run: => "Overwolf" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{953BE3F0-D11C-453A-8D72-8EE5E8787C04}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24295.605.3225.8804_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E5265B6E-560B-413A-A52F-A4508DAF3024}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24295.605.3225.8804_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{78F29DAE-4F7B-45B5-8A00-5BC33F9DA571}] => (Allow) C:\Program Files\Elgato\CameraHub\Camera Hub.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) FirewallRules: [UDP Query User{F1B5BCC0-C4E8-4FC7-A464-64D74AAA5A11}C:\program files\elgato\camerahub\camera hub.exe] => (Allow) C:\program files\elgato\camerahub\camera hub.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) FirewallRules: [TCP Query User{3A6F0100-0ADE-4224-97F1-7E28BCE83D61}C:\program files\elgato\camerahub\camera hub.exe] => (Allow) C:\program files\elgato\camerahub\camera hub.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) FirewallRules: [UDP Query User{2B8FBFDD-33DD-4811-93FE-31061F72B760}C:\xilinx\vivado\2024.1\bin\unwrapped\win64.o\hw_server.exe] => (Allow) C:\xilinx\vivado\2024.1\bin\unwrapped\win64.o\hw_server.exe () [File not signed] FirewallRules: [TCP Query User{CD41CA50-F609-4D76-A7AD-F9D7C3860719}C:\xilinx\vivado\2024.1\bin\unwrapped\win64.o\hw_server.exe] => (Allow) C:\xilinx\vivado\2024.1\bin\unwrapped\win64.o\hw_server.exe () [File not signed] FirewallRules: [{64C0D088-5107-4C19-9264-D847B13E4DA0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{E21E787F-92C9-477E-9503-C9F0C5A85090}C:\users\aymene\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\aymene\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{11EBBE62-307A-4B5E-9D54-65860D4556DB}C:\users\aymene\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\aymene\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D8AD9271-339A-491E-BB55-616176E6CBED}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{6493051B-7991-49BA-A95C-5CD483151088}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{6B84483A-26D6-4CC8-A38C-63E302D62A5E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{7682CD00-9558-4BA3-B645-1EACE1F5E7AC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{884568A4-E9F3-4B00-9971-E91198C1B998}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{3874FF27-67AB-403E-B0C2-78A95C08D108}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{25767106-78FF-4509-A3EE-847FEE26989A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [{3EDFCDD2-58FC-4CA3-A4F3-C3B11DB6872E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) FirewallRules: [UDP Query User{FC030D46-1462-4A35-9209-A7FE6B5A4FB8}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{7C07C8AC-035B-4794-A74B-9E53F8E74D05}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Block) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{F10EBFA6-8213-4166-B464-9443BD45A733}C:\programdata\aymene\discord\app-1.0.9166\discord.exe] => (Allow) C:\programdata\aymene\discord\app-1.0.9166\discord.exe => No File FirewallRules: [TCP Query User{90B4A679-1CFA-4E8D-87CD-A68B0A603E8F}C:\programdata\aymene\discord\app-1.0.9166\discord.exe] => (Allow) C:\programdata\aymene\discord\app-1.0.9166\discord.exe => No File FirewallRules: [UDP Query User{304E0DE2-8638-4CEF-ABE6-30AE2B478F5D}C:\xilinx\vivado\2024.1\bin\unwrapped\win64.o\vivado.exe] => (Allow) C:\xilinx\vivado\2024.1\bin\unwrapped\win64.o\vivado.exe () [File not signed] FirewallRules: [TCP Query User{463627EF-4B65-4C99-8E36-D1DBA47ADB16}C:\xilinx\vivado\2024.1\bin\unwrapped\win64.o\vivado.exe] => (Allow) C:\xilinx\vivado\2024.1\bin\unwrapped\win64.o\vivado.exe () [File not signed] FirewallRules: [UDP Query User{8063AC00-D516-4374-98CC-8B59E342D562}C:\program files\java\jre1.8.0_351\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_351\bin\javaw.exe FirewallRules: [TCP Query User{9FD3ECE2-C493-468F-8FE4-AAA1D037B8E5}C:\program files\java\jre1.8.0_351\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_351\bin\javaw.exe FirewallRules: [UDP Query User{6885F032-1359-40E7-B65B-98A661985F3C}C:\xilinx\xic\tps\win64\jre21.0.1_12\bin\java.exe] => (Allow) C:\xilinx\xic\tps\win64\jre21.0.1_12\bin\java.exe FirewallRules: [TCP Query User{2C56CE46-B74E-4C3C-8CDB-0010D36B36AF}C:\xilinx\xic\tps\win64\jre21.0.1_12\bin\java.exe] => (Allow) C:\xilinx\xic\tps\win64\jre21.0.1_12\bin\java.exe FirewallRules: [UDP Query User{4CD122E0-1112-47EB-8902-0F04021ABB4F}C:\users\aymene\appdata\local\temp\xlnxsfxc088338f\tps\win64\jre21.0.1_12\bin\java.exe] => (Allow) C:\users\aymene\appdata\local\temp\xlnxsfxc088338f\tps\win64\jre21.0.1_12\bin\java.exe => No File FirewallRules: [TCP Query User{50641E42-E504-47E8-9E8D-6899777AE759}C:\users\aymene\appdata\local\temp\xlnxsfxc088338f\tps\win64\jre21.0.1_12\bin\java.exe] => (Allow) C:\users\aymene\appdata\local\temp\xlnxsfxc088338f\tps\win64\jre21.0.1_12\bin\java.exe => No File FirewallRules: [UDP Query User{44EFB4EF-D456-4E44-8293-BA3B7570300A}C:\program files\jetbrains\pycharm community edition 2023.1.2\bin\pycharm64.exe] => (Block) C:\program files\jetbrains\pycharm community edition 2023.1.2\bin\pycharm64.exe => No File FirewallRules: [TCP Query User{26D9C06F-6087-4D5A-8D38-6EFD51CD9C34}C:\program files\jetbrains\pycharm community edition 2023.1.2\bin\pycharm64.exe] => (Block) C:\program files\jetbrains\pycharm community edition 2023.1.2\bin\pycharm64.exe => No File FirewallRules: [{41DD9CF4-8707-44CE-93DF-FC6A8EF6ADF9}] => (Allow) C:\Users\Aymene\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{04838AC1-9FF6-4EBD-AA80-DA8B1A6927CB}] => (Allow) C:\Users\Aymene\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{2163E350-4FCD-4799-ABFF-D766EF4CEE4B}] => (Allow) C:\Users\Aymene\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [UDP Query User{8FA115B5-14D5-4D3B-9CDE-D982BE934FD5}C:\program files (x86)\call of duty\_retail_\mp24\mp24-cod.exe] => (Allow) C:\program files (x86)\call of duty\_retail_\mp24\mp24-cod.exe => No File FirewallRules: [TCP Query User{FDD89237-405E-4AD9-AD3C-4696640E8DA4}C:\program files (x86)\call of duty\_retail_\mp24\mp24-cod.exe] => (Allow) C:\program files (x86)\call of duty\_retail_\mp24\mp24-cod.exe => No File FirewallRules: [UDP Query User{0377EDBF-77ED-4273-BC59-ED78D04EA971}C:\program files (x86)\call of duty\_retail_\cod.exe] => (Allow) C:\program files (x86)\call of duty\_retail_\cod.exe => No File FirewallRules: [TCP Query User{ECB914AA-9064-4E61-9A12-404D3892544C}C:\program files (x86)\call of duty\_retail_\cod.exe] => (Allow) C:\program files (x86)\call of duty\_retail_\cod.exe => No File FirewallRules: [UDP Query User{6D1EFD07-1D6A-4705-911A-459120927B5F}C:\users\aymene\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\bin\java.exe] => (Block) C:\users\aymene\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\bin\java.exe FirewallRules: [TCP Query User{00923C95-1AE6-4572-9527-0A99095D8B4C}C:\users\aymene\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\bin\java.exe] => (Block) C:\users\aymene\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\bin\java.exe FirewallRules: [UDP Query User{91AAE784-1DB8-448E-BC9B-53EC077345B3}C:\users\aymene\appdata\roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\bin\javaw.exe] => (Block) C:\users\aymene\appdata\roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\bin\javaw.exe FirewallRules: [TCP Query User{F20C5BAD-473E-4B07-97A5-6EC3994EC14E}C:\users\aymene\appdata\roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\bin\javaw.exe] => (Block) C:\users\aymene\appdata\roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\bin\javaw.exe FirewallRules: [UDP Query User{82C3C6F8-189E-43F3-9C02-C5E2A3D5BA31}C:\users\aymene\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.11-windows-x64\bin\java.exe] => (Block) C:\users\aymene\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.11-windows-x64\bin\java.exe FirewallRules: [TCP Query User{C619C3B2-F90F-4C9A-882F-BCEE6EA5CA9B}C:\users\aymene\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.11-windows-x64\bin\java.exe] => (Block) C:\users\aymene\appdata\roaming\.tlauncher\starter\jre_default\jre-17.0.11-windows-x64\bin\java.exe FirewallRules: [{545ECD34-9C2F-436B-A6F3-423D8A28CF53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ChainedTogether\ChainedTogether.exe (Epic Games, Inc.) [File not signed] FirewallRules: [{9A078121-1464-4193-BE4B-5C7AC9BD7C9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ChainedTogether\ChainedTogether.exe (Epic Games, Inc.) [File not signed] FirewallRules: [UDP Query User{7E3E9ADE-88FD-4CE3-8B2D-26AE958C1EBF}C:\programdata\aymene\discord\app-1.0.9157\discord.exe] => (Block) C:\programdata\aymene\discord\app-1.0.9157\discord.exe => No File FirewallRules: [TCP Query User{C2FC31D3-EC55-4A2F-97D8-EC523D788F90}C:\programdata\aymene\discord\app-1.0.9157\discord.exe] => (Block) C:\programdata\aymene\discord\app-1.0.9157\discord.exe => No File FirewallRules: [UDP Query User{D00480DD-0ECB-46BD-B6C6-E1EE6DDF67B3}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (Ubisoft Entertainment Sweden AB -> Ubisoft) FirewallRules: [TCP Query User{3C2E2442-9008-43F0-9557-8CD4C791EBA3}C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe] => (Block) C:\program files (x86)\ubisoft\ubisoft game launcher\uplaywebcore.exe (Ubisoft Entertainment Sweden AB -> Ubisoft) FirewallRules: [{9628368B-A471-42BA-958B-E2A3D7B4B576}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShareX\ShareX_Launcher.exe (ShareX Team) [File not signed] FirewallRules: [{062DF855-D9D2-44A8-9C13-E913BE04A791}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ShareX\ShareX_Launcher.exe (ShareX Team) [File not signed] FirewallRules: [UDP Query User{C6AB58D2-EFFB-4493-8FA7-176416086A1B}C:\users\aymene\appdata\local\ubisoft\r6siege\rainbowsix_vulkan.exe] => (Allow) C:\users\aymene\appdata\local\ubisoft\r6siege\rainbowsix_vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [TCP Query User{AAF6AEE6-3079-41E6-85ED-5F24DAB3F89B}C:\users\aymene\appdata\local\ubisoft\r6siege\rainbowsix_vulkan.exe] => (Allow) C:\users\aymene\appdata\local\ubisoft\r6siege\rainbowsix_vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [UDP Query User{8BB26B0F-BCE7-4B35-A8A1-38BCD34609D2}C:\users\aymene\appdata\local\ubisoft\r6siege\rainbowsix.exe] => (Allow) C:\users\aymene\appdata\local\ubisoft\r6siege\rainbowsix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [TCP Query User{FDBF25BC-9BBE-4A6E-B919-B8771C62E049}C:\users\aymene\appdata\local\ubisoft\r6siege\rainbowsix.exe] => (Allow) C:\users\aymene\appdata\local\ubisoft\r6siege\rainbowsix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [{477C17B9-F243-4093-BA97-0A6128579399}] => (Allow) D:\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe => No File FirewallRules: [{1F2FE707-370D-42E6-A054-FA51631CF907}] => (Allow) D:\Tom Clancy's Rainbow Six Siege\RainbowSix_Vulkan.exe => No File FirewallRules: [{523E5E1A-B3A8-410D-8A91-8508A3386AEF}] => (Allow) D:\Tom Clancy's Rainbow Six Siege\RainbowSix.exe => No File FirewallRules: [{467AE268-D3C6-47DE-A89C-F93ACCD7C749}] => (Allow) D:\Tom Clancy's Rainbow Six Siege\RainbowSix.exe => No File FirewallRules: [{AE2D6A17-531D-4753-9FC3-A161E2802F11}] => (Allow) D:\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe => No File FirewallRules: [{EF1297D7-B0F5-46B9-82DD-A8F6C7006EB9}] => (Allow) D:\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe => No File FirewallRules: [{605E8A2A-0632-4079-8D69-7F1C08D03786}] => (Allow) C:\Users\Aymene\Downloads\Red.Dead.Redemption.2.v1436.28 (1)\Red.Dead.Redemption.2.v1436.28\Red Dead Redemption 2\RDR2.exe => No File FirewallRules: [{6BFDE96A-5404-498E-96CA-6CD2F6528A76}] => (Allow) C:\Users\Aymene\Downloads\Red.Dead.Redemption.2.v1436.28 (1)\Red.Dead.Redemption.2.v1436.28\Red Dead Redemption 2\RDR2.exe => No File FirewallRules: [UDP Query User{3116AFC9-20D3-4A05-8976-14FA23CCD0A9}C:\users\aymene\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\aymene\appdata\roaming\utorrent\utorrent.exe => No File FirewallRules: [TCP Query User{F5E31327-C569-4CBC-9B23-B7D9997AEFDE}C:\users\aymene\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\aymene\appdata\roaming\utorrent\utorrent.exe => No File FirewallRules: [UDP Query User{8F52875F-DC7C-49E3-B8B0-8405D9E238DD}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => No File FirewallRules: [TCP Query User{9A503635-9324-4423-AA70-913851AB67F1}C:\program files\epic games\gtav\gta5.exe] => (Allow) C:\program files\epic games\gtav\gta5.exe => No File FirewallRules: [UDP Query User{497F7D35-2C08-4602-B90E-28ABE25C7C7E}C:\users\aymene\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe] => (Block) C:\users\aymene\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe (Cfx.re) [File not signed] FirewallRules: [TCP Query User{EF6E6A89-E63C-4904-BD3A-E70ED4755EEC}C:\users\aymene\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe] => (Block) C:\users\aymene\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe (Cfx.re) [File not signed] FirewallRules: [UDP Query User{202BEEA8-DFC9-4BA9-A058-096B84A2EB66}C:\users\aymene\appdata\local\fivem\fivem.exe] => (Block) C:\users\aymene\appdata\local\fivem\fivem.exe (Rockstar Games, Inc. -> Cfx.re) FirewallRules: [TCP Query User{672E9B56-C48B-4A16-8C39-960ACD26A5A9}C:\users\aymene\appdata\local\fivem\fivem.exe] => (Block) C:\users\aymene\appdata\local\fivem\fivem.exe (Rockstar Games, Inc. -> Cfx.re) FirewallRules: [{B7021359-D0CF-4439-A796-D1961CCE2FB2}] => (Allow) C:\Users\Aymene\AppData\Local\ArenaBreakoutInfiniteMiniloader\ArenaBreakoutInfiniteMiniloader.exe (PROXIMA BETA PTE. LIMITED -> ) FirewallRules: [{48559333-BF00-4C88-966B-4D3C0EABBDC0}] => (Allow) C:\Users\Aymene\AppData\Local\ArenaBreakoutInfiniteMiniloader\ArenaBreakoutInfiniteMiniloader.exe (PROXIMA BETA PTE. LIMITED -> ) FirewallRules: [{1A12EF68-03EA-4604-9936-DC0BF5A5C236}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta Software GmbH -> ) FirewallRules: [{1E149403-2FBE-4906-8ACF-026DF64F44EB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta Software GmbH -> ) FirewallRules: [{C3D82143-C749-4E3F-8329-C96898137D71}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{94310D35-18C2-40C7-818B-FA100D0D6BDD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{A5227149-D8FE-416E-9C7C-6A9E85BD537A}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{F7E43E17-200E-4C43-A31D-E327612BECBB}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{5B362FBD-2FEE-49E3-95DB-6F761579D55D}] => (Block) C:\Program Files\Adobe\Adobe Photoshop 2024\Photoshop.exe (Adobe Inc. -> Adobe) [File not signed] FirewallRules: [{A86BF27B-CF4D-405A-B8A9-04C7354BD1E0}] => (Block) C:\Program Files\Adobe\Adobe Photoshop 2024\Photoshop.exe (Adobe Inc. -> Adobe) [File not signed] FirewallRules: [{3E75C093-4D97-48A5-BFCB-D11734D6F7A5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{1C52AC46-CE42-4D58-9964-A0057D07F6DA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{36D233C3-C857-4095-9A63-476D1AC39369}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [TCP Query User{A6167BEF-1DAC-43B6-879C-E705FD2C13AE}C:\riot games\riot client\riotclientelectron\riot client.exe] => (Allow) C:\riot games\riot client\riotclientelectron\riot client.exe (Riot Games, Inc. -> Riot Games, Inc.) FirewallRules: [UDP Query User{3F1A27CD-8641-4580-9A41-0C6FAFF4E14D}C:\program files (x86)\zotacfirestorm\firestorm.exe] => (Block) C:\program files (x86)\zotacfirestorm\firestorm.exe (ZOTAC Co.Ltd) [File not signed] FirewallRules: [TCP Query User{58D8DDBC-4695-4678-B538-7CA859C44343}C:\program files (x86)\zotacfirestorm\firestorm.exe] => (Block) C:\program files (x86)\zotacfirestorm\firestorm.exe (ZOTAC Co.Ltd) [File not signed] FirewallRules: [{2530216F-036A-4662-9259-4BDB80D1CF99}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{ED8F694C-75D2-4D58-86D3-9F940CC2ADDB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{0E7C2BEF-B87B-4DD8-B4C4-A34227160E8E}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{8CACC801-814B-4DD1-A797-BB9D60A84622}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{433A3D96-0DEC-4B25-9E70-BB404705DFD8}C:\users\aymene\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Block) C:\users\aymene\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe FirewallRules: [TCP Query User{54D1E135-11AA-4565-8353-90F3350C8F33}C:\users\aymene\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe] => (Block) C:\users\aymene\appdata\roaming\.minecraft\runtime\java-runtime-gamma\windows\java-runtime-gamma\bin\javaw.exe FirewallRules: [UDP Query User{C2D9FB71-9B82-44B3-8FF7-D20C8E8D4649}C:\users\aymene\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Block) C:\users\aymene\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe FirewallRules: [TCP Query User{F9BE259D-525C-4C3F-BEBF-B8BB34892812}C:\users\aymene\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Block) C:\users\aymene\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe FirewallRules: [{A38AFFDE-D006-433B-B039-5E10748D691B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [{E0B40892-2AFD-4C46-98A3-28EAF7608FAE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [{FDB5898B-D922-4165-8108-457D46932B63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_DX11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [{0FD238D4-A28D-4BF8-B7E5-D67300628D46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_DX11.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [{829724DF-1785-4142-A4E7-638B43918E6D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [{CEE1F24B-2263-43EA-B624-AC9A45E1BA5F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations) FirewallRules: [TCP Query User{3017FD79-4E8F-4213-BD57-5FBF8DE92737}C:\program files\jetbrains\pycharm 2024.3\bin\pycharm64.exe] => (Allow) C:\program files\jetbrains\pycharm 2024.3\bin\pycharm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.) FirewallRules: [UDP Query User{524B3391-230A-48A4-BB10-FFAA8667D8E9}C:\program files\jetbrains\pycharm 2024.3\bin\pycharm64.exe] => (Allow) C:\program files\jetbrains\pycharm 2024.3\bin\pycharm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.) FirewallRules: [TCP Query User{CED0794F-D12B-4FBC-8B46-3DE47E5CAE8B}C:\programdata\aymene\discord\app-1.0.9172\discord.exe] => (Allow) C:\programdata\aymene\discord\app-1.0.9172\discord.exe => No File FirewallRules: [UDP Query User{34F0A8FE-8F10-44F1-B838-3D6A456C12C3}C:\programdata\aymene\discord\app-1.0.9172\discord.exe] => (Allow) C:\programdata\aymene\discord\app-1.0.9172\discord.exe => No File FirewallRules: [TCP Query User{8C871526-F83D-40D6-840C-ACB7F0E6632B}C:\users\aymene\appdata\local\ubisoft\r6siege\scimitar_engine_win64_2022_flto_dx12.exe] => (Allow) C:\users\aymene\appdata\local\ubisoft\r6siege\scimitar_engine_win64_2022_flto_dx12.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [UDP Query User{A477BB68-9A06-459C-9DCF-535C0A3C52A6}C:\users\aymene\appdata\local\ubisoft\r6siege\scimitar_engine_win64_2022_flto_dx12.exe] => (Allow) C:\users\aymene\appdata\local\ubisoft\r6siege\scimitar_engine_win64_2022_flto_dx12.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft) FirewallRules: [{5C06AE86-07A4-4C0C-9DC5-2C83F7C5E2CB}] => (Allow) C:\Program Files\WindowsApps\AppUp.IntelTechnologyMDE_20.26.10481.0_x64__8j3eq9eme6ctt\IntelUnison.exe (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) FirewallRules: [{C8407850-57F7-4157-AA5A-B111B9687413}] => (Allow) C:\Program Files\WindowsApps\AppUp.IntelTechnologyMDE_20.26.10481.0_x64__8j3eq9eme6ctt\IntelUnison.exe (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) FirewallRules: [{D728956A-8C50-4230-B792-5A75C5B6D45D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{6EF5BF86-20DC-489C-99F2-211986B9B123}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{15B1B8BC-74B4-4C41-84CF-8BB262555A89}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{9DAA9160-7CE3-40CA-AC9E-689E514505B4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{7F93DCAA-9371-49AB-9B09-1B79C5397AE9}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) FirewallRules: [{B7EF472F-108E-4CE3-B4A2-9EA46CE53011}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{0AE53C37-C444-4C8F-8048-2328CD3F32FF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{F613556E-F780-4494-A0A7-D9634508CFAB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{B368075A-BBEA-496B-B607-4269B7618A16}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{80C2CDB7-32DA-438E-862A-4BF202107827}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{03B6E9F7-C300-4224-B45B-F3550292FF38}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{C7EA8F4B-5A51-40E1-B827-A91558DF9276}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{5EFC9130-03AA-4DF6-B715-CF4D46DFD3B9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{0A43FDB4-7148-4EF5-A59A-EEA5C12136F0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{C85E924B-86B2-4E70-8248-FAE8C6D7E0B2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.438.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) FirewallRules: [{59BDF879-F8D9-4CA5-9399-C44D350F0950}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.112\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{8BDAE128-D9F7-4FFF-B395-0E30C75FE422}] => (Allow) C:\Program Files\WindowsApps\TheBrowserCompany.Arc_1.33.0.3189_x64__ttt1ap7aakyb4\Arc.exe (THE BROWSER COMPANY OF NEW YORK INC. -> ) FirewallRules: [{25809D24-F58D-4897-B571-75B744C3A837}] => (Allow) C:\Program Files\WindowsApps\TheBrowserCompany.Arc_1.33.0.3189_x64__ttt1ap7aakyb4\Arc.exe (THE BROWSER COMPANY OF NEW YORK INC. -> ) FirewallRules: [{ABD0C16A-75A2-4087-99B7-730E0568EAC9}] => (Allow) LPort=32683 FirewallRules: [{D2998A33-E6FB-410E-A08F-495FA166AA18}] => (Allow) LPort=33683 FirewallRules: [{CDEE92A0-57A0-4943-A529-6B701DBAF636}] => (Allow) LPort=26822 ==================== Restore Points ========================= ==================== Faulty Device Manager Devices ============ Name: Cisco AnyConnect Virtual Miniport Adapter for Windows x64 Description: Cisco AnyConnect Virtual Miniport Adapter for Windows x64 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Cisco Systems Service: vpnva Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ======================== Application errors: ================== Error: (12/25/2024 01:38:35 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY) Description: Faulting application name: iCUEDevicePluginHost.exe, version: 5.22.86.0, time stamp: 0x675c1abf Faulting module name: SMBCtrl.dll, version: 24.3.7.1, time stamp: 0x65e977e0 Exception code: 0xc0000409 Fault offset: 0x00000000001a23a4 Faulting process id: 0x4f90 Faulting application start time: 0x1db56fc34cbdbbb Faulting application path: C:\Program Files\Corsair\Corsair iCUE5 Software\iCUEDevicePluginHost.exe Faulting module path: C:\Program Files\Corsair\Corsair iCUE5 Software\plugins\Gigabyte\SMBCtrl.dll Report Id: 2aa53ec1-400d-4cf3-bcef-71a892809f0d Faulting package full name: Faulting package-relative application ID: Error: (12/25/2024 01:38:14 PM) (Source: Universal Print) (EventID: 1) (User: ) Description: Failed to GetUserSid. hr: 0x8001012d Error: (12/24/2024 08:52:45 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY) Description: Faulting application name: Connectix.exe, version: 12.1.1157.0, time stamp: 0x670b2b9c Faulting module name: ntdll.dll, version: 10.0.26100.2454, time stamp: 0x7cb6b6a8 Exception code: 0xc0000374 Fault offset: 0x00000000000881f5 Faulting process id: 0x5860 Faulting application start time: 0x1db566facd6cca5 Faulting application path: C:\Program Files\Druide\Connectix 12\Application\Bin64\Connectix.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: 6ee2917c-1191-4792-acaa-66f851975c6c Faulting package full name: Faulting package-relative application ID: Error: (12/24/2024 08:52:34 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-OM3J3M1) Description: Faulting application name: Connectix.exe, version: 12.1.1157.0, time stamp: 0x670b2b9c Faulting module name: ntdll.dll, version: 10.0.26100.2454, time stamp: 0x7cb6b6a8 Exception code: 0xc0000374 Fault offset: 0x00000000000881f5 Faulting process id: 0x4cb8 Faulting application start time: 0x1db566fa82e799b Faulting application path: C:\Program Files\Druide\Connectix 12\Application\Bin64\Connectix.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: 91d02a97-636e-4049-b266-dfbc65428b84 Faulting package full name: Faulting package-relative application ID: Error: (12/24/2024 08:52:23 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-OM3J3M1) Description: Faulting application name: Connectix.exe, version: 12.1.1157.0, time stamp: 0x670b2b9c Faulting module name: ntdll.dll, version: 10.0.26100.2454, time stamp: 0x7cb6b6a8 Exception code: 0xc0000374 Fault offset: 0x00000000000881f5 Faulting process id: 0x32bc Faulting application start time: 0x1db566fa257fedc Faulting application path: C:\Program Files\Druide\Connectix 12\Application\Bin64\Connectix.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: 585ef292-bba5-41a9-abbd-7f2745485ea1 Faulting package full name: Faulting package-relative application ID: Error: (12/24/2024 07:18:53 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY) Description: Faulting application name: iCUEDevicePluginHost.exe, version: 5.22.86.0, time stamp: 0x675c1abf Faulting module name: SMBCtrl.dll, version: 24.3.7.1, time stamp: 0x65e977e0 Exception code: 0xc0000409 Fault offset: 0x00000000001a23a4 Faulting process id: 0x3a7c Faulting application start time: 0x1db56629438768e Faulting application path: C:\Program Files\Corsair\Corsair iCUE5 Software\iCUEDevicePluginHost.exe Faulting module path: C:\Program Files\Corsair\Corsair iCUE5 Software\plugins\Gigabyte\SMBCtrl.dll Report Id: 791b8d5e-1649-4fbf-a245-d0f272a6f6aa Faulting package full name: Faulting package-relative application ID: Error: (12/24/2024 07:18:10 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-OM3J3M1) Description: Faulting application name: Connectix.exe, version: 12.1.1157.0, time stamp: 0x670b2b9c Faulting module name: ntdll.dll, version: 10.0.26100.2454, time stamp: 0x7cb6b6a8 Exception code: 0xc0000374 Fault offset: 0x00000000000881f5 Faulting process id: 0x3108 Faulting application start time: 0x1db56627627f92d Faulting application path: C:\Program Files\Druide\Connectix 12\Application\Bin64\Connectix.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: 70a0f384-0d32-4135-a91d-cfa03f636468 Faulting package full name: Faulting package-relative application ID: Error: (12/23/2024 06:18:02 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY) Description: Faulting application name: iCUEDevicePluginHost.exe, version: 5.22.86.0, time stamp: 0x675c1abf Faulting module name: SMBCtrl.dll, version: 24.3.7.1, time stamp: 0x65e977e0 Exception code: 0xc0000409 Fault offset: 0x00000000001a23a4 Faulting process id: 0x4c40 Faulting application start time: 0x1db5590e9f3924f Faulting application path: C:\Program Files\Corsair\Corsair iCUE5 Software\iCUEDevicePluginHost.exe Faulting module path: C:\Program Files\Corsair\Corsair iCUE5 Software\plugins\Gigabyte\SMBCtrl.dll Report Id: 2d40fc67-ba20-48fc-a76e-2f177ddb118e Faulting package full name: Faulting package-relative application ID: System errors: ============= Error: (12/25/2024 01:48:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Intel(R) SUR QC Software Asset Manager service to connect. Error: (12/25/2024 01:39:25 PM) (Source: volsnap) (EventID: 36) (User: ) Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. Error: (12/25/2024 01:38:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The l1vhlwf service failed to start due to the following error: A hypervisor feature is not available to the user. Error: (12/25/2024 01:38:08 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 00:29:29 on ‎2024-‎12-‎25 was unexpected. Error: (12/24/2024 09:00:20 PM) (Source: HTTP) (EventID: 15005) (User: ) Description: Unable to bind to the underlying transport for [::]:54288. The IP Listen-Only list may contain a reference to an interface which may not exist on this machine. The data field contains the error number. Error: (12/24/2024 08:59:18 PM) (Source: HTTP) (EventID: 15005) (User: ) Description: Unable to bind to the underlying transport for [::]:54288. The IP Listen-Only list may contain a reference to an interface which may not exist on this machine. The data field contains the error number. Error: (12/24/2024 07:32:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Intel(R) SUR QC Software Asset Manager service to connect. Error: (12/23/2024 11:18:43 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OM3J3M1) Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout. Windows Defender: ================ Date: 2024-12-25 13:53:08 Description: Antivirus Microsoft Defender has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/crack&threatid=2147734096&enterprise=0 Name: HackTool:Win32/crack Severity: Élevée Category: Outil Path: containerfile:_D:\FileHistory\Aymene\DESKTOP-OM3J3M1\Data\C\Users\Aymene\Downloads\Red.Dead.Redemption.2.v1436.28 (1) (2024_06_11 02_06_19 UTC).zip; file:_D:\FileHistory\Aymene\DESKTOP-OM3J3M1\Data\C\Users\Aymene\Downloads\Red.Dead.Redemption.2.v1436.28 (1) (2024_06_11 02_06_19 UTC).zip->Red.Dead.Redemption.2.v1436.28/Red Dead Redemption 2/EMP.dll; file:_D:\FileHistory\Aymene\DESKTOP-OM3J3M1\Data\C\Users\Aymene\Downloads\Red.Dead.Redemption.2.v1436.28 (1)\Red.Dead.Redemption.2.v1436.28\Red Dead Redemption 2\EMP (2024_11_23 20_06_45 UTC).dll Detection Origin: Ordinateur local Detection Type: Chemin rapide Detection Source: Système Process Name: Unknown Security intelligence Version: AV: 1.421.987.0, AS: 1.421.987.0, NIS: 1.421.987.0 Engine Version: AM: 1.1.24090.11, NIS: 1.1.24090.11 Date: 2024-12-25 00:04:09 Description: Antivirus Microsoft Defender has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/crack&threatid=2147734096&enterprise=0 Name: HackTool:Win32/crack Severity: Élevée Category: Outil Path: containerfile:_D:\FileHistory\Aymene\DESKTOP-OM3J3M1\Data\C\Users\Aymene\Downloads\Red.Dead.Redemption.2.v1436.28 (1) (2024_06_11 02_06_19 UTC).zip; file:_D:\FileHistory\Aymene\DESKTOP-OM3J3M1\Data\C\Users\Aymene\Downloads\Red.Dead.Redemption.2.v1436.28 (1) (2024_06_11 02_06_19 UTC).zip->Red.Dead.Redemption.2.v1436.28/Red Dead Redemption 2/EMP.dll; file:_D:\FileHistory\Aymene\DESKTOP-OM3J3M1\Data\C\Users\Aymene\Downloads\Red.Dead.Redemption.2.v1436.28 (1)\Red.Dead.Redemption.2.v1436.28\Red Dead Redemption 2\EMP (2024_11_23 20_06_45 UTC).dll Detection Origin: Ordinateur local Detection Type: Chemin rapide Detection Source: Utilisateur Process Name: Unknown Security intelligence Version: AV: 1.421.987.0, AS: 1.421.987.0, NIS: 1.421.987.0 Engine Version: AM: 1.1.24090.11, NIS: 1.1.24090.11 Date: 2024-12-25 00:04:09 Description: Antivirus Microsoft Defender has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Crack!MTB&threatid=2147745913&enterprise=0 Name: HackTool:Win32/Crack!MTB Severity: Élevée Category: Outil Path: containerfile:_D:\FileHistory\Aymene\DESKTOP-OM3J3M1\Data\$OF\58966\58971 (2024_03_21 22_25_36 UTC).iso; file:_D:\FileHistory\Aymene\DESKTOP-OM3J3M1\Data\$OF\58966\58971 (2024_03_21 22_25_36 UTC).iso->Adobe 2024\packages\setup.exe Detection Origin: Ordinateur local Detection Type: Concret Detection Source: Utilisateur Process Name: Unknown Security intelligence Version: AV: 1.421.987.0, AS: 1.421.987.0, NIS: 1.421.987.0 Engine Version: AM: 1.1.24090.11, NIS: 1.1.24090.11 Date: 2024-12-24 22:47:28 Description: Antivirus Microsoft Defender scan has been stopped before completion. Scan Type: Logiciel anti-programme malveillant Scan Parameters: Analyse rapide Date: 2024-12-24 22:17:35 Description: Antivirus Microsoft Defender has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/crack&threatid=2147734096&enterprise=0 Name: HackTool:Win32/crack Severity: Élevée Category: Outil Path: file:_C:\Users\Aymene\Downloads\Red.Dead.Redemption.2.v1436.28 (1)\Red.Dead.Redemption.2.v1436.28\Red Dead Redemption 2\EMP.dll Detection Origin: Ordinateur local Detection Type: Chemin rapide Detection Source: Protection en temps réel Process Name: C:\Windows\explorer.exe Security intelligence Version: AV: 1.421.987.0, AS: 1.421.987.0, NIS: 1.421.987.0 Engine Version: AM: 1.1.24090.11, NIS: 1.1.24090.11  CodeIntegrity: =============== Date: 2024-12-25 19:13:28 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\ProgramData\Aymene\Discord\app-1.0.9175\Discord.exe) attempted to load \Device\HarddiskVolume5\ProgramData\obs-studio-hook\graphics-hook64.dll that did not meet the Microsoft signing level requirements. Date: 2024-12-25 19:13:28 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\ProgramData\Aymene\Discord\app-1.0.9175\Discord.exe) attempted to load \Device\HarddiskVolume5\ProgramData\Aymene\Discord\app-1.0.9175\vulkan-1.dll that did not meet the Microsoft signing level requirements. Date: 2024-12-25 13:51:11 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1bc3d418b5ccbed9\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2024-12-24 20:39:20 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\ProgramData\Aymene\Discord\app-1.0.9175\Discord.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.266.1.25\OWClient.dll that did not meet the Microsoft signing level requirements. Date: 2024-12-24 20:39:20 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\ProgramData\Aymene\Discord\app-1.0.9175\Discord.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.266.1.25\ow-graphics-vulkan.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== BIOS: American Megatrends International, LLC. 1.A0 07/10/2024 Motherboard: Micro-Star International Co., Ltd. MPG Z590 GAMING EDGE WIFI (MS-7D07) Processor: 11th Gen Intel(R) Core(TM) i7-11700K @ 3.60GHz Percentage of memory in use: 66% Total physical RAM: 16193.62 MB Available physical RAM: 5364.52 MB Total Virtual: 26945.62 MB Available Virtual: 13325.88 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:930.66 GB) (Free:327.34 GB) (Model: Samsung SSD 970 EVO Plus 1TB) NTFS Drive d: () (Fixed) (Total:1863 GB) (Free:1205.7 GB) (Model: ST2000DM008-2FR102) NTFS \\?\Volume{afb22062-581f-4363-8144-cf94def14960}\ () (Fixed) (Total:0.73 GB) (Free:0.06 GB) NTFS \\?\Volume{a4f9c0eb-4764-425d-8b38-57b104b04db2}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000) Partition: GPT. ========================================================== Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt =======================