• Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

kss.sys unknown file

Status
Not open for further replies.
I

Ichigo

PCHF Member
Dec 19, 2022
71
2
24
#1
Hello, i suspect that i got a virus as this file "kss.sys" (in C:\ProgramData) keeps coming back everytime i delete it.

Code: 
FRST.txt :
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05.03.2024
Ran by PC GAMER (administrator) on DESKTOP-3RPVMEJ (05-03-2024 13:45:12)
Running from C:\Users\PCGAMER\Documents\FRST64English.exe
Loaded Profiles: PC GAMER & Administrateur
Platform: Microsoft Windows 10 Professionnel Version 22H2 19045.4046 (X64) Language: Français (France)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe ->) (Electronic Arts, Inc. -> ) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\compatibility32\EADesktop.exe
(C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EACefSubProcess.exe <6>
(C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe
(C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EASteamProxy.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(D:\Games\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) D:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <9>
(D:\Games\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) D:\Games\Steam\GameOverlayUI.exe
(D:\league of legends\Riot Games\Riot Client\RiotClientServices.exe ->) () [File not signed] D:\league of legends\Riot Games\Riot Client\RiotClientCrashHandler.exe
(Discord Inc. -> Discord Inc.) C:\Users\PCGAMER\AppData\Local\Discord\app-1.0.9034\Discord.exe <6>
(Electronic Arts, Inc. -> Electronic Arts) D:\Games\Steam\steamapps\common\EA Sports FC 24\FC24.exe
(explorer.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <44>
(explorer.exe ->) (Mega Limited -> Mega Limited) C:\Users\PCGAMER\AppData\Local\MEGAsync\MEGAsync.exe
(explorer.exe ->) (Now.gg, INC -> now.gg, Inc.) C:\Users\PCGAMER\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe <4>
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) D:\league of legends\Riot Games\Riot Client\RiotClientServices.exe
(explorer.exe ->) (Skutta, Kristjan -> ) C:\Wallpaper Engine\wallpaper32.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) D:\Games\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(RuntimeBroker.exe ->) () [File not signed] D:\dl\FIIX\FIIX.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\EA\AC\EAAntiCheat.GameService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(services.exe ->) (Maxon Computer GmbH -> Red Giant LLC) [File not signed] C:\Program Files\Red Giant\Services\Red Giant Service.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_493585427225c794\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2407.10.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Mudhook Marketing, Inc -> IPVanish, a Ziff Davis company) D:\IPVanish VPN\IPVanish.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [881440 2019-06-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [SoftEther VPN Client UI Helper] => "C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe" /uihelp (No File)
HKLM\...\Run: [Riot Vanguard] => "C:\Program Files\Riot Vanguard\vgtray.exe" (No File)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (No File)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2022-09-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [AirBackupHelper] => C:\Program Files (x86)\iMobie\AnyTrans\AirBackupHelper.exe (No File)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [381288 2023-06-06] (EXPRSVPN LLC -> ExpressVPN)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [EpicGamesLauncher] => D:\Programmes\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37188048 2024-01-15] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [CCXProcess] => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe" (No File)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [NordVPN] => D:\Programmes\NordVPN\NordVPN.exe [274176 2021-01-18] (TEFINCOM S.A. -> TEFINCOM S.A.)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [Medal] => "C:\Users\PCGAMER\AppData\Local\Medal\update.exe" --processStart "Medal.exe" (No File)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [CCleaner Smart Cleaning] => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR (No File)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [123150712 2022-11-28] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe (No File)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [Steam] => D:\Games\Steam\steam.exe [4388712 2024-02-29] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [AirBackupHelper] => C:\Program Files (x86)\iMobie\AnyTrans\AirBackupHelper.exe (No File)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [AnyTransToolHelper] => C:\Program Files (x86)\iMobie\AnyTrans\AnyTransToolHelper.exe (No File)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [Opera GX Stable] => C:\Users\PCGAMER\AppData\Local\Programs\Opera GX\launcher.exe (No File)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\PCGAMER\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe (No File)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [MicrosoftEdgeAutoLaunch_8A4F577017447BEE25575BAB49C58E77] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060728 2024-03-01] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2730600 2024-02-27] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [ProtonVPN] => D:\Games\Proton\VPN\ProtonVPN.Launcher.exe (No File)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [WallpaperEngine] => C:\Wallpaper Engine\wallpaper32.exe [3050592 2022-10-08] (Skutta, Kristjan -> )
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [TuxlerChromeExtensionHelperApp] => C:\Program Files (x86)\TuxlerChromeExtensionHelperApp\ExtensionHelperAppManager.exe [1862000 2023-01-27] (TUXLER PRIVACY TECHNOLOGIES, INC. -> Tuxler Privacy Technologies, Inc.)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [RiotClient] => D:\league of legends\Riot Games\Riot Client\RiotClientServices.exe [70921216 2024-03-04] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [electron.app.BlueStacks Services] => C:\Users\PCGAMER\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe [162219656 2023-10-19] (Now.gg, INC -> now.gg, Inc.)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [ut] => "C:\Users\PCGAMER\AppData\Roaming\utorrent\uTorrent.exe"  /MINIMIZED (No File)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [GoogleChromeAutoLaunch_F6368B8427B96056D25FF50064F6289D] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [2772256 2024-02-27] (Google LLC -> Google LLC)
HKU\S-1-5-18\...\Run: [Synapse3] => D:\Games\razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (No File)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\122.0.6261.95\Installer\chrmstp.exe [2024-03-01] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> "C:\Program Files\BraveSoftware\Brave-Browser\Application\114.1.52.130\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2023-11-12]
ShortcutTarget: MEGAsync.lnk -> C:\Users\PCGAMER\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
Startup: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2020-06-19]
ShortcutTarget: Twitch.lnk -> C:\Users\PCGAMER\AppData\Roaming\Twitch\Bin\Twitch.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2020-09-22]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (No File)
BootExecute:
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKU\S-1-5-21-13960046-46231223-1468497707-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {4CF3956C-0362-43F7-B136-618B2EE87FDD} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [667808 2021-07-16] (Advanced Micro Devices INC. -> )
Task: {773CE06F-62F6-4EC1-97EB-A77952802BA8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe  -task (No File)
Task: {72619BC7-BC61-4453-A111-B054495D5E6F} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe  /c (No File)
Task: {AF56477F-AE15-49AD-9542-BDCEC27FD587} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe  /ua /installsource scheduler (No File)
Task: {242DE1B2-6231-4AA6-8E9B-AF217929FFB2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe  (No File)
Task: {7C43F02B-54EC-4AED-9AA6-2E925E9262DC} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe  -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "b40c0fd8-b177-4ba7-a2e0-b9be32104dac" --version "6.17.10746" --silent
Task: {DF1CB7FD-3D9E-4FA8-B93F-7757FABFA959} - System32\Tasks\CCleanerSkipUAC - PC GAMER => "C:\Program Files\CCleaner\CCleaner.exe"  $(Arg0) (No File)
Task: {408CC93A-25EB-495F-A91C-9FC70AAE0BE7} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\Explorer.exe [5577144 2024-02-16] (Microsoft Windows -> Microsoft Corporation)
Task: {86F231EB-3EFB-46E7-B790-A63299856A23} - System32\Tasks\ExclusiveTool => D:\ExclusiveModeTool.exe  /a (No File)
Task: {2AD41BE6-8605-4621-9671-F15CE8FF0C26} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-08-29] (Google LLC -> Google LLC)
Task: {8E3CD1A3-76C1-435F-9DFA-D079A4916D14} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-08-29] (Google LLC -> Google LLC)
Task: {EF68D3F6-84AA-45EE-A94C-887240437F7D} - System32\Tasks\GyazoUpdateTaskMachine => "C:\Program Files (x86)\Gyazo\GyazoUpdate.exe"  (No File)
Task: {BE374D69-D46E-464C-A895-0636B6596801} - System32\Tasks\GyazoUpdateTaskMachineDaily => "C:\Program Files (x86)\Gyazo\GyazoUpdate.exe"  (No File)
Task: {031ABFA5-BE47-4063-85F5-457D7EADF9ED} - System32\Tasks\IPVanish => D:\IPVanish VPN\IPVanish.exe [35941320 2023-07-03] (Mudhook Marketing, Inc -> IPVanish, a Ziff Davis company)
Task: {4561BBF3-D5C6-41BE-B18A-0B7AEA8D1B6B} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-13960046-46231223-1468497707-1001 => C:\Users\PCGAMER\AppData\Local\MEGAsync\MEGAupdater.exe [2531760 2024-02-08] (Mega Limited -> )
Task: {0DB9B5D4-C949-4189-B044-204BFD5AD9AE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {1FDF43DC-E488-411B-9B0F-B1837D2C6423} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {9711E34E-EB11-459F-AA98-4E3239E33627} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306328 2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {223ABF56-C758-4F54-B37F-3030F401F8BF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306328 2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {1F1BA085-DD33-45AC-A917-B6B95F164318} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170128 2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {649EF3E2-524F-4D2D-BBE8-2BEA5540089E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F3B5DC7B-B5EB-41D2-B8BD-DC9A00C41809} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4774451E-3A91-49A9-A032-2FCB7019DDC3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D61B6ABD-0C28-46E9-AB51-5CB082E751A3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {94A9F561-56EB-4F8B-9E9B-F6CED488A779} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\PLUGScheduler => "%ProgramFiles%\RUXIM\PLUGscheduler.exe"  (No File)
Task: {113FF278-9472-49EC-85C4-294D13688D47} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {03CB8E10-2FA7-4A13-B7AD-5781BFDBFF17} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {034C8B0B-2EC6-46B9-BCD1-DFD1F40ED41D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9658690D-B26A-4BF3-8674-7BC9BBE7FCC1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {120E9311-CAAF-4D60-A5E2-865B03367D3E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A3C2EFDE-956B-4302-B9ED-C7EB3545365B} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {71BB4CB3-67B4-4A3F-B748-A88C4D5F3A38} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EC253836-49F4-4EFA-8C3B-6B89D3C5D54A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {389D2A08-F6E1-45E8-B3C7-07FD8398B508} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {78120CD3-0CD7-4104-8C6B-820A18262804} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1684235058 => C:\Users\PCGAMER\AppData\Local\Programs\Opera GX\launcher.exe  -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\PCGAMER\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {D875F910-D569-4A67-B9CB-86514D939411} - System32\Tasks\Opera GX scheduled Autoupdate 1684077563 => C:\Users\PCGAMER\AppData\Local\Programs\Opera GX\launcher.exe  --scheduledautoupdate $(Arg0) (No File)
Task: {A4AC8916-BE15-4014-946C-03F87F0E08D4} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Common\Red Giant Link.exe [136192 2012-06-25] (red giant software llc -> )

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog9 17 %windir%\system32\vsocklib.dll => No File
Winsock: Catalog9 18 %windir%\system32\vsocklib.dll => No File
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog9-x64 17 %windir%\system32\vsocklib.dll => No File
Winsock: Catalog9-x64 18 %windir%\system32\vsocklib.dll => No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{0b9357df-11b6-4d83-bc26-3565105b1aad}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{203d845f-6759-4ae5-a86b-91dbbaa0120b}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{203d845f-6759-4ae5-a86b-91dbbaa0120b}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{203d845f-6759-4ae5-a86b-91dbbaa0120b}\14C484E4D213236414: [NameServer] 8.8.8.8,4.4.4.4
Tcpip\..\Interfaces\{203d845f-6759-4ae5-a86b-91dbbaa0120b}\14C484E4D213236414: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{203d845f-6759-4ae5-a86b-91dbbaa0120b}\649424255402D4149435F4E4: [NameServer] 8.8.8.8,4.4.4.4
Tcpip\..\Interfaces\{203d845f-6759-4ae5-a86b-91dbbaa0120b}\649424255402D4149435F4E4: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{203d845f-6759-4ae5-a86b-91dbbaa0120b}\960586F6E656: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{203d845f-6759-4ae5-a86b-91dbbaa0120b}\960586F6E656: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{9da45d0e-4317-48f1-8df7-13c905ab818a}: [NameServer] 100.64.100.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\PCGAMER\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-01]
Edge HomePage: Default -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\PCGAMER\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2024-02-29]
Edge Extension: (Google Docs hors connexion) - C:\Users\PCGAMER\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-29]
Edge Extension: (Edge relevant text changes) - C:\Users\PCGAMER\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-26]
Edge Extension: (RoSearcher) - C:\Users\PCGAMER\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oobhokhnkgaabegegleakccliicjmelh [2022-06-01]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2023-12-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2023-12-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> D:\Games\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> D:\Games\VLC\npvlc.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default [2024-03-05]
CHR DownloadDir: D:\dl
CHR DefaultSearchURL: Default -> hxxps://ozelot379.github.io/ConvertJavaTextureToBedrock/webapp/android-chrome-36x36.png
CHR Extension: (Kahoot AI) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaincicgdmboldkiddgckheekpfecdaf [2024-01-05]
CHR Extension: (RoPro - Améliorez votre expérience Roblox) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbacgifemdbhdkfppmeilbgppmhaobf [2024-01-07]
CHR Extension: (Torrent Scanner) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-09]
CHR Extension: (Exodus Web3 Wallet) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aholpfdialjgjfhomihkjbmgjidlcdno [2024-02-28]
CHR Extension: (Authenticator) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2024-02-21]
CHR Extension: (Bloqueur de pop-up pour Chrome™ - Poper Blocker) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2024-03-04]
CHR Extension: (FC Enhancer) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\boffdonfioidojlcpmfnkngipappmcoh [2024-02-26]
CHR Extension: (uBlock Origin) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-02-22]
CHR Extension: (Simulateur téléphone mobile - test site responsive) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckejmhbmlajgoklhgbapkiccekfoccmk [2024-02-28]
CHR Extension: (Foxified) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\cldmemdnllncchfahbcnjijheaolemfk [2024-01-07]
CHR Extension: (Pandabuy QC Viewer) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpagnmbabgeeabjjcgmfoekklidoaode [2024-01-05]
CHR Extension: (Shopy - Shopify Spy) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\dehlcjmoincicbhdnkbnmkeaiapljnld [2024-01-05]
CHR Extension: (Tampermonkey) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2024-01-07]
CHR Extension: (Roblox Empty Servers) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnnheiembkgmdnihkghgggcddgealbba [2024-01-05]
CHR Extension: (Moon: Shop online with Bitcoin) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehmpejjklcibliopgbghpgfinhbjopnn [2024-01-05]
CHR Extension: (wanteeed) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\emnoomldgleagdjapdeckpmebokijail [2024-03-02]
CHR Extension: (Urban VPN Proxy) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\eppiocemhmnlbhjplcgkofciiegomcon [2024-02-23]
CHR Extension: (ExpressVPN : proxy VPN sécurisé) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgddmllnllkalaagkghckoinaemmogpe [2024-02-27]
CHR Extension: (BuxBack - Earn R$) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgiaibpabhdkjenjhgpmgcieobcjaonj [2024-01-05]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-02-12]
CHR Extension: (NordVPN - VPN proxy for privacy and security) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2024-02-20]
CHR Extension: (EditThisCookie) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2024-01-07]
CHR Extension: (Google Docs hors connexion) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-28]
CHR Extension: (Shimeji Browser Extension) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\gohjpllcolmccldfdggmamodembldgpc [2024-01-29]
CHR Extension: (BTRoblox - Making Roblox Better) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbkpclpemjeibhioopcebchdmohaieln [2024-01-25]
CHR Extension: (Proxy VPN gratuit et bloqueur de publicité - Planet VPN) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipncndjamdcmphkgngojegjblibadbe [2024-01-08]
CHR Extension: (Picture-in-Picture Extension (by Google)) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgfoiooedgoejojocmhlaklaeopbecg [2024-01-05]
CHR Extension: (Cookie-Editor) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlkenndednhfkekhgcdicdfddnkalmdm [2024-02-27]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-02-28]
CHR Extension: (Automatic Twitch: Drops, Moments and Points) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfhgpagdjjoieckminnmigmpeclkdmjm [2024-01-07]
CHR Extension: (DotVPN: Fast & Private VPN) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpiecbcckbofpmkkkdibbllpinceiihk [2024-02-04]
CHR Extension: (QR Code Reader) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\likadllkkidlligfcdhfnnbkjigdkmci [2024-01-05]
CHR Extension: (WebChatGPT: ChatGPT avec accès à Internet) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpfemeioodjbpieminkklglpmhlngfcn [2024-02-28]
CHR Extension: (Story Saver) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafcolokinicfdmlidhaebadidhdehpk [2024-03-04]
CHR Extension: (Free VPN for Chrome - VPN Proxy VeePN) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\majdfhpaihoncoakbjgbdhglocklcgno [2024-03-01]
CHR Extension: (Coupert - Codes Promo Automatiques & Cashback) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidniedemcgceagapgdekdbmanojomk [2024-02-28]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-05]
CHR Extension: (YouTube Summary with ChatGPT & Claude) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmicjeknamkfloonkhhcjmomieiodli [2024-01-05]
CHR Extension: (Flash Player for Chrome) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\oakbcaafbicdddpdlhbchhpblmhefngh [2024-02-09]
CHR Extension: (Netflix Party is now Teleparty) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2024-03-02]
CHR Extension: (SearchBlox) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfnpibkjgkpifagdbjkckikghnhhmacp [2024-01-05]
CHR Extension: (DocsAfterDark) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pihphjfnfjmdbhakhjifipfdgbpenobg [2024-02-02]
CHR Extension: (FC 24 Coins Generator FUT) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pndeaciecioifmppjadlbaihilojkjnf [2024-03-02]
CHR Profile: C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-03-03]
CHR Profile: C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-03-04]
CHR Extension: (Torrent Scanner) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-03-03]
CHR Extension: (uBlock Origin) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-03-04]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-03-03]
CHR Extension: (Google Docs hors connexion) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-03]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-03-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-03-03]
CHR Profile: C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-03-04]
CHR Extension: (Torrent Scanner) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-03-03]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-03-03]
CHR Extension: (Google Docs hors connexion) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-03]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-03-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-03-03]
CHR Profile: C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 3 [2024-03-02]
CHR Extension: (Zoom to Fill - Ultrawide Video) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\adpjimagbfpknkodpofjphpbdlfkeiho [2024-02-13]
CHR Extension: (Torrent Scanner) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-08]
CHR Extension: (uBlock Origin) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-02-23]
CHR Extension: (Video Downloader Professional) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2024-01-06]
CHR Extension: (Urban VPN Proxy) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\eppiocemhmnlbhjplcgkofciiegomcon [2024-02-23]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-02-12]
CHR Extension: (Google Docs hors connexion) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-29]
CHR Extension: (Cookie-Editor) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\hlkenndednhfkekhgcdicdfddnkalmdm [2024-02-29]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-02-28]
CHR Extension: (Scan Translator) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mnngaddpelmhcgkbeajnbjmkdmpkogbo [2024-01-19]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-04]
CHR Profile: C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 6 [2024-02-05]
CHR Extension: (Torrent Scanner) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-15]
CHR Extension: (Urban VPN Proxy) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\eppiocemhmnlbhjplcgkofciiegomcon [2024-01-25]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-01-20]
CHR Extension: (Google Docs hors connexion) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-15]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-02-05]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-15]
CHR Profile: C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 7 [2024-02-20]
CHR Extension: (Torrent Scanner) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-10]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-02-20]
CHR Extension: (Google Docs hors connexion) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-10]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-02-20]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-10]
CHR Profile: C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 8 [2024-03-02]
CHR Extension: (Torrent Scanner) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-11]
CHR Extension: (uBlock Origin) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-03-01]
CHR Extension: (Video Downloader Professional) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2024-01-21]
CHR Extension: (Urban VPN Proxy) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\eppiocemhmnlbhjplcgkofciiegomcon [2024-03-01]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-02-16]
CHR Extension: (Google Docs hors connexion) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-01]
CHR Extension: (Cookie-Editor) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\hlkenndednhfkekhgcdicdfddnkalmdm [2024-03-01]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-03-01]
CHR Extension: (Story Saver) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\mafcolokinicfdmlidhaebadidhdehpk [2024-03-01]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-04]
CHR Profile: C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 9 [2024-03-02]
CHR DownloadDir: C:\Users\PCGAMER\Downloads
CHR Extension: (Torrent Scanner) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-12]
CHR Extension: (uBlock Origin) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-02-26]
CHR Extension: (Video Downloader Professional) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2024-01-27]
CHR Extension: (Urban VPN Proxy) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\eppiocemhmnlbhjplcgkofciiegomcon [2024-02-26]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-02-13]
CHR Extension: (Google Docs hors connexion) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-29]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-02-29]
CHR Extension: (Scan Translator) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\mnngaddpelmhcgkbeajnbjmkdmpkogbo [2024-01-12]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-06]
CHR Profile: C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\System Profile [2024-03-05]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-13960046-46231223-1468497707-1001) Opera GXStable - "C:\Users\PCGAMER\AppData\Local\Programs\Opera GX\Launcher.exe"
StartMenuInternet: (HKU\S-1-5-21-13960046-46231223-1468497707-1001) OperaStable -

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15772456 2023-12-23] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14048768 2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
R3 EAAntiCheatService; C:\Program Files\EA\AC\eaanticheat.gameservice.exe [57597528 2024-02-23] (Electronic Arts, Inc. -> Electronic Arts)
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [12096104 2024-02-27] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [813032 2023-11-06] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [955816 2023-12-22] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2022-07-11] (Epic Games Inc. -> Epic Games, Inc.)
S4 ExpressVPN App Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.AppService.exe [437096 2023-06-06] (EXPRSVPN LLC -> ExpressVPN)
S4 ExpressVPN System Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.SystemService.exe [437096 2023-06-06] (EXPRSVPN LLC -> ExpressVPN)
S4 ExpressVPN VPN Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.VpnService.exe [437096 2023-06-06] (EXPRSVPN LLC -> ExpressVPN)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-03-05] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-03-05] (Malwarebytes Inc. -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [889400 2024-02-14] (McAfee, LLC -> McAfee, LLC)
S4 nordvpn-service; D:\Programmes\NordVPN\nordvpn-service.exe [275200 2021-01-18] (TEFINCOM S.A. -> TEFINCOM S.A.)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_493585427225c794\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-02-08] (NVIDIA Corporation -> NVIDIA Corporation)
S4 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1995176 2023-03-10] (Razer USA Ltd. -> Razer Inc.)
S4 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [486832 2023-03-09] (Razer USA Ltd. -> Razer Inc.)
S4 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1361360 2023-03-06] (Razer USA Ltd. -> Razer Inc.)
R2 Red Giant Service; C:\Program Files\Red Giant\Services\Red Giant Service.exe [8872232 2022-06-23] (Maxon Computer GmbH -> Red Giant LLC) [File not signed]
S3 Rockstar Service; D:\Games\GTA\RockstarService.exe [4505072 2023-12-17] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\NisSrv.exe [3191256 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe [133576 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 brave; "C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe" /svc [X]
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\114.1.52.130\elevation_service.exe" [X]
S3 bravem; "C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe" /medsvc [X]
S3 BraveVpnService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\114.1.52.130\brave_vpn_helper.exe" [X]
S3 Browser; %SystemRoot%\System32\browser.dll [X]
S4 CCleanerPerformanceOptimizerService; "C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe" [X]
S3 ComboCleaner.Guard; D:\Games\ComboCleaner.Guard.exe [X]
S3 ComboCleaner.WinService; D:\Games\ComboCleaner.WinService.exe [X]
S4 mxredirect; C:\Program Files\Maxon\Tools\mxredirect.exe [X]
S4 vgc; "C:\Program Files\Riot Vanguard\vgc.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppShopDrv103; C:\Windows\SysWOW64\Drivers\AppShopDrv103.sys [34568 2022-06-28] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
S3 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [802976 2020-12-04] (Bitdefender SRL -> Bitdefender)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2021-03-23] (EldoS Corporation -> EldoS Corporation)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\driver\expressvpnsplittunnel.sys [46712 2023-06-06] (ExprsVPN LLC -> ExpressVPN)
R3 expressvpntun; C:\Windows\System32\drivers\expressvpn-tun.sys [46896 2022-07-27] (Express VPN International Ltd. -> ExpressVPN)
S3 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [176008 2021-09-30] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender LLC)
S3 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [66824 2017-06-15] (IObit Information Technology -> IObit)
R3 kss; C:\ProgramData\kss.sys [18144 2024-03-05] (Shenzhen yundian Technology Co., Ltd -> ) [File not signed]
R1 Ld9BoxNetLwf; C:\Windows\system32\DRIVERS\Ld9BoxNetLwf.sys [252232 2024-01-05] (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation)
R2 Ld9BoxSup; C:\Program Files\ldplayer9box\Ld9BoxSup.sys [376144 2024-01-05] (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation)
R2 LdVBoxDrv; C:\Program Files\ldplayerbox\LdVBoxDrv.sys [315232 2021-07-06] (MyTestCertificate -> Oracle Corporation)
S3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [38136 2020-09-21] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [26672 2020-09-21] (Logitech Inc -> Logitech)
S3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [66808 2020-09-21] (Logitech Inc -> Logitech)
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223296 2024-03-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2024-03-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239576 2024-03-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MFDriver_Driver; C:\Windows\system32\drivers\MFDriver.sys [32224 2023-02-22] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 NDivert; C:\Windows\System32\drivers\NDivert.sys [105184 2021-02-22] (TEFINCOM S.A. -> )
R3 Neo_VPN; C:\Windows\System32\drivers\Neo6_x64_VPN.sys [37824 2020-09-22] (SoftEther Corporation -> SoftEther Corporation)
S3 nlwt; C:\Windows\system32\DRIVERS\nlwt.sys [39360 2020-05-26] (TEFINCOM S.A. -> WireGuard LLC)
R1 nordlwf; C:\Windows\system32\DRIVERS\nordlwf.sys [38608 2020-12-14] (TEFINCOM S.A. -> TEFINCOM S.A.)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 parsecvusba; C:\Windows\System32\drivers\parsecvusba.sys [256560 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Parsec)
R3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [54632 2021-03-30] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_022a; C:\Windows\System32\drivers\RzDev_022a.sys [54160 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0306; C:\Windows\System32\drivers\RzDev_0306.sys [52504 2020-02-17] (Razer USA Ltd. -> Razer Inc)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
R1 SeLow; C:\Windows\system32\DRIVERS\SeLow_x64.sys [50624 2020-09-22] (SoftEther Corporation -> SoftEther Corporation)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\Windows\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\Windows\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapexpressvpn; C:\Windows\System32\drivers\tapexpressvpn.sys [61496 2022-07-27] (ExprsVPN LLC -> The OpenVPN Project)
R3 tapnordvpn; C:\Windows\System32\drivers\tapnordvpn.sys [44896 2020-05-26] (TEFINCOM S.A. -> The OpenVPN Project)
S3 tapprotonvpn; C:\Windows\System32\drivers\tapprotonvpn.sys [49024 2022-10-07] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapwindscribe0901; C:\Windows\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [615840 2021-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [24064 2020-09-10] (Microsoft Corporation) [File not signed]
S3 usbser; C:\Windows\SysWOW64\drivers\usbser.sys [25600 2020-01-06] (Microsoft Corporation) [File not signed]
R3 VBAudioVACMME; C:\Windows\System32\drivers\vbaudio_cable64_win7.sys [41192 2020-07-31] (Vincent Burel -> Windows (R) Win 7 DDK provider)
S3 VBAudioVMVAIOMME; C:\Windows\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2020-07-06] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 ViGEmBus; C:\Windows\System32\drivers\ViGEmBus.sys [69168 2019-04-04] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
R0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [21040 2024-02-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [608648 2024-02-28] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105752 2024-02-28] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\Windows\System32\drivers\wintun.sys [29592 2023-07-07] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2023-09-19] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
R3 WOVAD; C:\Windows\System32\drivers\womic.sys [51192 2022-01-14] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 EAAntiCheat; system32\drivers\eaanticheat.sys [X]
S1 vgk; \??\C:\Program Files\Riot Vanguard\vgk.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-05 13:45 - 2024-03-05 13:46 - 000054846 _____ C:\Users\PCGAMER\Documents\FRST.txt
2024-03-05 13:30 - 2024-03-05 13:23 - 002390016 _____ (Farbar) C:\Users\PCGAMER\Documents\FRST64English.exe
2024-03-05 13:23 - 2024-03-05 13:46 - 000000000 ____D C:\FRST
2024-03-05 13:13 - 2024-03-05 13:13 - 000018144 _____ C:\ProgramData\kss.sys
2024-03-05 00:08 - 2024-03-05 01:13 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\Malwarebytes
2024-03-05 00:08 - 2024-03-05 00:08 - 000002081 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-03-05 00:07 - 2024-03-05 00:07 - 000000000 ____D C:\Program Files\Malwarebytes
2024-03-04 23:14 - 2024-03-04 23:14 - 000335564 _____ C:\Windows\ntbtlog.txt
2024-03-04 23:06 - 2024-03-04 23:25 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\Roblox
2024-03-04 22:32 - 2024-03-04 22:32 - 000001322 _____ C:\Users\PCGAMER\Desktop\Lethal Company.exe - Raccourci.lnk
2024-03-04 01:09 - 2024-03-04 01:09 - 000000000 ____D C:\Users\PCGAMER\Downloads\scraper-main
2024-03-03 20:16 - 2024-03-03 20:16 - 000002430 _____ C:\Users\PCGAMER\Desktop\Animcraft (Ok) - Chrome.lnk
2024-03-03 03:37 - 2024-03-03 03:37 - 000000000 ____D C:\Users\PCGAMER\Downloads\sofifa-web-scraper-main
2024-03-03 03:37 - 2024-03-03 03:37 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\npm-cache
2024-03-02 20:17 - 2024-03-02 20:17 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\Package Cache
2024-03-02 19:02 - 2024-03-02 19:02 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\pypa
2024-02-29 02:06 - 2024-02-29 02:06 - 000000000 ____D C:\Users\PCGAMER\AppData\Roaming\CB_DL
2024-02-28 20:22 - 2024-02-28 20:22 - 000000000 ____D C:\Program Files\ViGEm ViGEmBus
2024-02-28 20:11 - 2024-02-28 20:11 - 000000000 ____D C:\Users\PCGAMER\Documents\FIFA 11
2024-02-28 16:24 - 2024-02-28 20:03 - 000000000 ____D C:\Users\PCGAMER\Documents\FIFA 17
2024-02-28 16:24 - 2024-02-28 16:24 - 000000635 _____ C:\Users\Public\Desktop\FIFA 17 Config.lnk
2024-02-28 16:24 - 2024-02-28 16:24 - 000000501 _____ C:\Users\Public\Desktop\FIFA 17.lnk
2024-02-28 13:32 - 2024-02-28 13:32 - 000000943 _____ C:\Users\PCGAMER\Desktop\µTorrent.lnk
2024-02-28 13:32 - 2024-02-28 13:32 - 000000000 ____D C:\Users\PCGAMER\AppData\LocalLow\uTorrent.WebView2
2024-02-26 21:41 - 2024-03-04 23:08 - 000001434 _____ C:\Users\PCGAMER\Desktop\Roblox Player.lnk
2024-02-18 13:54 - 2024-02-18 13:54 - 000000831 _____ C:\Users\PCGAMER\Desktop\UserBenchmark.lnk
2024-02-18 13:22 - 2024-02-18 13:22 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-02-17 18:40 - 2024-02-17 18:42 - 000000000 ___HD C:\$WinREAgent
2024-02-17 00:52 - 2024-02-17 00:52 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\PlaceholderTileLogoFolder
2024-02-17 00:38 - 2024-02-17 00:38 - 000000000 ____D C:\Users\PCGAMER\AppData\LocalLow\NVIDIA
2024-02-17 00:31 - 2024-03-04 23:06 - 000001262 _____ C:\Users\PCGAMER\Desktop\Roblox Studio.lnk
2024-02-17 00:28 - 2024-02-08 09:25 - 002095464 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2024-02-17 00:28 - 2024-02-08 09:25 - 002095464 _____ C:\Windows\system32\vulkaninfo.exe
2024-02-17 00:28 - 2024-02-08 09:25 - 001655656 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-02-17 00:28 - 2024-02-08 09:25 - 001655656 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2024-02-17 00:28 - 2024-02-08 09:25 - 001278824 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2024-02-17 00:28 - 2024-02-08 09:25 - 001278824 _____ C:\Windows\SysWOW64\vulkan-1.dll
2024-02-17 00:28 - 2024-02-08 09:24 - 001487904 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2024-02-17 00:28 - 2024-02-08 09:24 - 001434368 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2024-02-17 00:28 - 2024-02-08 09:24 - 001434368 _____ C:\Windows\system32\vulkan-1.dll
2024-02-17 00:28 - 2024-02-08 09:24 - 001226760 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2024-02-17 00:28 - 2024-02-08 09:20 - 001542176 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2024-02-17 00:28 - 2024-02-08 09:20 - 001199224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2024-02-17 00:28 - 2024-02-08 09:20 - 001040920 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2024-02-17 00:28 - 2024-02-08 09:20 - 000670240 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2024-02-17 00:28 - 2024-02-08 09:20 - 000505352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2024-02-17 00:28 - 2024-02-08 09:19 - 002173984 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2024-02-17 00:28 - 2024-02-08 09:19 - 001625096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2024-02-17 00:28 - 2024-02-08 09:19 - 001024136 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2024-02-17 00:28 - 2024-02-08 09:19 - 000842376 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2024-02-17 00:28 - 2024-02-08 09:18 - 000459272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2024-02-17 00:28 - 2024-02-08 09:17 - 016033312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2024-02-17 00:28 - 2024-02-08 09:17 - 012928648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2024-02-17 00:28 - 2024-02-08 09:17 - 006780424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2024-02-17 00:28 - 2024-02-08 09:17 - 005909112 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2024-02-17 00:28 - 2024-02-08 09:17 - 005773448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2024-02-17 00:28 - 2024-02-08 09:17 - 003721232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2024-02-17 00:28 - 2024-02-08 09:17 - 000853112 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2024-02-17 00:28 - 2024-02-08 09:15 - 006030992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2024-02-17 00:27 - 2024-02-07 23:49 - 000120261 _____ C:\Windows\system32\nvinfo.pb
2024-02-16 12:26 - 2024-02-16 12:26 - 000019697 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-02-16 12:25 - 2024-02-16 12:25 - 000019697 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-02-15 23:39 - 2024-02-15 23:39 - 033679437 _____ C:\Users\PCGAMER\Downloads\DevelopMeBoss v0.5 - TU8.fifamod
2024-02-15 23:38 - 2024-02-13 23:31 - 000061658 _____ C:\Users\PCGAMER\Downloads\MCK Realism Mod.fifamod
2024-02-15 22:35 - 2024-02-05 17:10 - 095530155 _____ C:\Users\PCGAMER\Downloads\1.0 Mainmod ERP.fifamod
2024-02-13 13:30 - 2024-02-13 13:30 - 000000633 _____ C:\Users\PCGAMER\Desktop\FIIX.exe - Raccourci (2).lnk
2024-02-11 21:18 - 2024-02-11 21:18 - 000000000 ____D C:\Users\PCGAMER\AppData\Roaming\Microsoft\Word
2024-02-11 21:18 - 2024-02-11 21:18 - 000000000 ____D C:\Users\PCGAMER\AppData\Roaming\Microsoft\Proof
2024-02-08 18:45 - 2024-03-05 13:13 - 000000633 _____ C:\Users\PCGAMER\Desktop\FIIX.exe - Raccourci.lnk
2024-02-05 01:13 - 2024-02-05 01:13 - 066368270 _____ C:\Users\PCGAMER\Downloads\FC BARCELONA 6-1 PSG | Match highlights [h4m68r8kWAc].f616.mp4.part
2024-02-05 01:13 - 2024-02-05 01:13 - 000523264 _____ C:\Users\PCGAMER\Downloads\FC BARCELONA 6-1 PSG | Match highlights [h4m68r8kWAc].f616.mp4.part-Frag21.part
2024-02-05 01:13 - 2024-02-05 01:13 - 000000070 _____ C:\Users\PCGAMER\Downloads\FC BARCELONA 6-1 PSG | Match highlights [h4m68r8kWAc].f616.mp4.ytdl

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-05 13:29 - 2022-04-16 12:45 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\Discord
2024-03-05 13:22 - 2022-07-07 22:12 - 000000000 ____D C:\Users\PCGAMER\AppData\Roaming\discord
2024-03-05 13:13 - 2024-01-04 18:19 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\CrashDumps
2024-03-05 13:12 - 2024-01-27 18:51 - 000000024 _____ C:\ProgramData\hk.cfg
2024-03-05 12:47 - 2021-12-15 23:20 - 000000000 ____D C:\Windows\SystemTemp
2024-03-05 12:47 - 2019-12-07 08:14 - 000000000 ____D C:\Program Files (x86)\Google
2024-03-05 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-05 12:35 - 2022-12-24 01:19 - 000729568 _____ C:\Windows\system32\perfh00C.dat
2024-03-05 12:35 - 2022-12-24 01:19 - 000141270 _____ C:\Windows\system32\perfc00C.dat
2024-03-05 12:35 - 2022-04-11 22:18 - 001635314 _____ C:\Windows\system32\PerfStringBackup.INI
2024-03-05 12:35 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2024-03-05 12:32 - 2020-12-02 14:43 - 000004176 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{19A6FE44-570A-429F-8243-8335DC9DE5DF}
2024-03-05 12:32 - 2019-12-07 08:08 - 000000000 ____D C:\ProgramData\NVIDIA
2024-03-05 12:29 - 2024-01-05 13:16 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\BitTorrentHelper
2024-03-05 12:29 - 2023-11-24 20:06 - 000000000 ____D C:\Users\PCGAMER\AppData\Roaming\bluestacks-services
2024-03-05 12:29 - 2023-09-19 19:02 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\IPVanish
2024-03-05 12:28 - 2019-12-07 07:58 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-03-05 01:22 - 2019-12-07 10:03 - 000786432 _____ C:\Windows\system32\config\BBI
2024-03-05 00:08 - 2023-02-11 13:09 - 000223296 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2024-03-05 00:08 - 2022-10-04 23:41 - 000239576 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2024-03-05 00:08 - 2022-07-02 19:43 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-03-05 00:07 - 2022-07-02 19:42 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-03-04 23:31 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2024-03-04 23:14 - 2022-12-24 00:56 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2024-03-04 23:08 - 2021-10-13 21:22 - 000000000 ____D C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2024-03-04 22:33 - 2023-05-31 02:16 - 000002340 ____H C:\Users\PCGAMER\Documents\Default.rdp
2024-03-04 19:12 - 2019-12-07 07:58 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-03-04 19:04 - 2021-10-10 01:29 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\D3DSCache
2024-03-04 15:20 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-04 01:12 - 2022-07-04 23:12 - 000000000 ____D C:\Users\PCGAMER\AppData\Roaming\Code
2024-03-02 23:25 - 2021-04-22 02:20 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-02 20:37 - 2020-06-19 12:13 - 000000000 ____D C:\Users\PCGAMER\AppData\Roaming\obs-studio
2024-03-02 20:17 - 2024-01-08 11:52 - 000000000 ____D C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.12
2024-03-02 15:31 - 2019-12-07 08:02 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\Packages
2024-03-02 12:37 - 2022-10-21 18:19 - 000108136 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2024-03-02 12:37 - 2022-10-21 18:19 - 000075368 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2024-03-02 12:37 - 2021-11-18 18:23 - 000202344 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2024-03-02 12:37 - 2020-09-06 19:30 - 002713080 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2024-03-02 12:37 - 2020-09-06 19:30 - 000689768 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2024-03-02 12:37 - 2020-09-06 19:30 - 000218616 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2024-03-02 12:37 - 2020-09-06 19:30 - 000144888 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2024-03-02 01:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2024-03-01 23:49 - 2019-12-07 08:14 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-01 23:49 - 2019-12-07 08:14 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-03-01 20:09 - 2023-03-29 17:37 - 000000000 ____D C:\ProgramData\EA Desktop
2024-02-29 22:30 - 2020-09-05 00:05 - 000000000 ____D C:\ProgramData\Riot Games
2024-02-29 13:39 - 2023-06-29 22:18 - 000000000 ____D C:\ProgramData\Packer
2024-02-29 13:07 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2024-02-29 02:03 - 2023-06-29 23:47 - 000000000 ____D C:\Program Files\EA
2024-02-28 18:25 - 2019-12-07 08:08 - 000000000 ____D C:\ProgramData\Package Cache
2024-02-28 18:24 - 2020-10-04 01:24 - 000000000 ____D C:\Windows\SysWOW64\directx
2024-02-28 12:37 - 2019-12-07 07:58 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-02-27 14:15 - 2023-09-23 12:22 - 000000000 ____D C:\Users\PCGAMER\Documents\FC 24
2024-02-26 20:35 - 2020-06-18 17:53 - 000000000 ____D C:\Users\PCGAMER\AppData\Roaming\.minecraft
2024-02-26 20:07 - 2020-06-18 17:53 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher
2024-02-25 22:19 - 2019-12-07 08:01 - 000000000 ____D C:\Users\PCGAMER
2024-02-25 18:01 - 2023-06-29 23:55 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\Steam
2024-02-25 11:18 - 2021-03-13 21:35 - 000003690 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-02-25 11:18 - 2021-03-13 21:35 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-02-21 16:17 - 2020-06-18 17:39 - 000002278 _____ C:\Users\PCGAMER\Desktop\Discord.lnk
2024-02-18 15:18 - 2019-12-07 08:09 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\NVIDIA
2024-02-18 13:22 - 2024-01-28 16:28 - 000000000 ____D C:\Program Files\Microsoft Office
2024-02-17 22:37 - 2022-01-26 10:26 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\ElevatedDiagnostics
2024-02-17 00:47 - 2022-07-01 21:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox
2024-02-17 00:43 - 2020-06-17 22:48 - 000000000 ____D C:\temp
2024-02-17 00:38 - 2019-12-07 08:08 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2024-02-16 13:44 - 2019-12-07 07:58 - 000296432 _____ C:\Windows\system32\FNTCACHE.DAT
2024-02-16 13:43 - 2021-06-12 11:32 - 000000000 ___SD C:\Windows\system32\lxss
2024-02-16 13:43 - 2019-12-07 15:53 - 000000000 ___SD C:\Windows\system32\AppV
2024-02-16 13:43 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-02-16 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-02-16 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-02-16 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2024-02-16 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2024-02-16 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2024-02-16 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-02-16 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2024-02-16 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2024-02-16 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser
2024-02-16 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellComponents
2024-02-16 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2024-02-16 12:29 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2024-02-16 12:25 - 2019-12-07 08:02 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-02-16 03:42 - 2020-11-08 12:31 - 000000000 ____D C:\Windows\system32\MRT
2024-02-16 03:38 - 2020-11-08 12:31 - 191155960 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-02-15 23:24 - 2024-01-02 18:09 - 000000699 _____ C:\Users\PCGAMER\Desktop\RDBM 24.lnk
2024-02-15 22:29 - 2024-01-10 18:36 - 000001487 _____ C:\Users\PCGAMER\Desktop\FIFA Mod Manager.exe - Raccourci.lnk
2024-02-15 18:29 - 2019-12-07 10:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2024-02-12 21:48 - 2024-01-28 10:42 - 000001747 _____ C:\ProgramData\ff6.cfg
2024-02-12 21:48 - 2024-01-28 10:42 - 000001203 _____ C:\ProgramData\ff1.cfg
2024-02-12 21:48 - 2024-01-28 10:42 - 000000760 _____ C:\ProgramData\ff2.cfg
2024-02-12 21:48 - 2024-01-28 10:42 - 000000753 _____ C:\ProgramData\ff0.cfg
2024-02-12 21:48 - 2024-01-28 10:42 - 000000737 _____ C:\ProgramData\ff3.cfg
2024-02-12 21:48 - 2024-01-28 10:42 - 000000197 _____ C:\ProgramData\ff4.cfg
2024-02-12 21:48 - 2024-01-28 10:42 - 000000159 _____ C:\ProgramData\ff5.cfg
2024-02-11 21:35 - 2023-06-16 14:20 - 000000000 ____D C:\Windows\Minidumps
2024-02-11 21:18 - 2024-01-28 16:36 - 000000000 ____D C:\Users\PCGAMER\AppData\Roaming\Microsoft\Office
2024-02-08 18:31 - 2023-11-12 00:20 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\MEGAsync
2024-02-08 09:19 - 2023-09-01 20:45 - 000786960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2024-02-08 09:15 - 2019-12-07 08:07 - 006943344 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2024-02-07 23:49 - 2019-12-07 08:07 - 000121880 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys

==================== Files in the root of some directories ========

2020-10-29 18:35 - 2021-12-03 22:11 - 001679360 _____ (Igor Pavlov) C:\ProgramData\7z.dll
2020-10-29 18:35 - 2021-12-25 11:56 - 000468992 _____ (Igor Pavlov) C:\ProgramData\7z.exe
2020-06-22 15:43 - 2020-06-22 15:43 - 000000979 _____ () C:\Users\PCGAMER\AppData\Roaming\AdobeWLCMR2Cache.dat
2021-10-30 18:56 - 2022-01-29 12:36 - 000000117 _____ () C:\Users\PCGAMER\AppData\Roaming\D2Info0
2021-10-30 18:56 - 2022-01-29 00:04 - 000000008 _____ () C:\Users\PCGAMER\AppData\Roaming\DofusAppId0_1
2022-01-29 12:36 - 2022-01-29 13:54 - 000000008 _____ () C:\Users\PCGAMER\AppData\Roaming\DofusAppId0_2
2020-11-21 00:16 - 2023-11-24 20:46 - 000000016 _____ () C:\Users\PCGAMER\AppData\Roaming\obs-virtualcam.txt
2023-04-17 00:18 - 2023-04-17 00:19 - 001041528 _____ () C:\Users\PCGAMER\AppData\Roaming\TI Connect CE-6.0.0.2688-Installation.log
2020-07-06 11:41 - 2021-07-07 16:13 - 000006095 _____ () C:\Users\PCGAMER\AppData\Roaming\VoiceMeeterDefault.xml
2022-09-02 20:46 - 2023-11-30 14:26 - 000000128 _____ () C:\Users\PCGAMER\AppData\Roaming\winscp.rnd
2020-11-18 18:54 - 2021-03-18 23:16 - 000000003 _____ () C:\Users\PCGAMER\AppData\Local\Autosofted License.txt
2021-03-04 09:37 - 2021-03-17 23:34 - 000000049 _____ () C:\Users\PCGAMER\AppData\Local\link.txt
2020-10-04 18:58 - 2020-10-04 18:58 - 000016438 _____ () C:\Users\PCGAMER\AppData\Local\partner.bmp
2023-01-31 23:24 - 2023-11-30 14:26 - 000000128 _____ () C:\Users\PCGAMER\AppData\Local\PUTTY.RND
2024-01-04 17:32 - 2024-01-04 17:32 - 000001699 _____ () C:\Users\PCGAMER\AppData\Local\recently-used.xbel
2024-01-09 21:14 - 2024-01-09 21:14 - 000000017 _____ () C:\Users\PCGAMER\AppData\Local\resmon.resmoncfg
2023-11-19 13:21 - 2023-11-19 13:21 - 000000723 _____ () C:\Users\PCGAMER\AppData\Local\Roblox.lnk

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Addition.txt:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05.03.2024
Ran by PC GAMER (05-03-2024 13:46:56)
Running from C:\Users\PCGAMER\Documents
Microsoft Windows 10 Professionnel Version 22H2 19045.4046 (X64) (2019-12-07 07:00:36)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrateur (S-1-5-21-13960046-46231223-1468497707-500 - Administrator - Disabled) => C:\Users\Administrateur
DefaultAccount (S-1-5-21-13960046-46231223-1468497707-503 - Limited - Disabled)
hermi (S-1-5-21-13960046-46231223-1468497707-1002 - Limited - Enabled)
Invité (S-1-5-21-13960046-46231223-1468497707-501 - Limited - Disabled)
PC GAMER (S-1-5-21-13960046-46231223-1468497707-1001 - Administrator - Enabled) => C:\Users\PCGAMER
WDAGUtilityAccount (S-1-5-21-13960046-46231223-1468497707-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Disabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\uTorrent) (Version: 3.6.0.47016 - BitTorrent Limited)
Adobe After Effects 2022 (HKLM-x32\...\AEFT_22_6) (Version: 22.6 - Adobe Inc.)
Adobe Media Encoder 2022 (HKLM-x32\...\AME_22_6_1) (Version: 22.6.1 - Adobe Inc.)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0) (Version: 21.0 - Adobe Systems Incorporated)
Adobe Photoshop 2024 (HKLM\...\{CB7E0A11-F6CB-4B71-A3EC-B87AA6D8805C}_is1) (Version: 25.3.1.241 - CyberMania)
Advanced IP Scanner 2.5 (HKLM-x32\...\{8C4D9115-8CE7-4292-86BD-27540D62473B}) (Version: 2.5.3850 - Famatech)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.16 - Advanced Micro Devices, Inc.)
AMD StoreMI (HKLM\...\{03554C1E-FCBE-4CC3-8EC9-D2FD236842FC}) (Version: 2.1.0.218 - Advanced Micro Devices, Inc.) Hidden
AMD StoreMI (HKLM\...\AMD_StoreMI) (Version: 2.1.0.218 - Advanced Micro Devices, Inc.)
Ankama Launcher 3.6.2 (HKLM\...\410fcd79-1be8-5bf1-986e-ea09c55f7edf) (Version: 3.6.2 - Ankama)
AnyTrans (HKLM-x32\...\AnyTrans) (Version: 8.8.4.3 - iMobie Inc.)
APP Shop v1.0.41 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.41 - ASRock Inc.)
Apple Mobile Device Support (HKLM\...\{74CC99EB-7DC0-4CB0-847A-F8C2FE39690C}) (Version: 14.5.0.7 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
ASRock Restart to UEFI v1.0.6 (HKLM-x32\...\ASRock Restart to UEFI_is1) (Version: 1.0.6 - ASRock Inc.)
Auto Keyboard v7.1 (HKLM-x32\...\{71E16EE4-BBED-44A8-8724-9E68D05EE945}_is1) (Version: 7.1 - MurGee.com)
Badlion Client (HKLM\...\1de14785-dd8c-5cd2-aae8-d4a376f81d78) (Version: 3.11.0 - Badlion)
Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden
Blender (HKLM\...\{A0C803A1-310C-4EFF-B881-CA10CF7CD6A7}) (Version: 2.90.1 - Blender Foundation)
BlueStacks Services (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\BlueStacksServices) (Version: 3.0.2 - now.gg, Inc.)
BlueStacks X (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\BlueStacks X) (Version: 10.5.0.1016 - now.gg, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Boris FX Continuum 2023 Plug-ins for Adobe and Compatible Products (HKLM\...\{4488274F-E3B1-4895-BDEE-6AAB9FE70208}_is1) (Version: 16.0.1 - Boris FX, Inc.)
Boris FX Continuum 2023 Plug-ins for OpenFX and Compatible Products (HKLM\...\{CD3E4D20-4EAA-461F-9025-FAD60661D06D}_is1) (Version: 16.0.1 - Boris FX, Inc.)
Boris FX Sapphire Plug-ins 2023.0 for After Effects and Compatible Products (HKLM\...\GenArts Sapphire AE_is1) (Version: 16.000 - Boris FX, Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 114.1.52.130 - Auteurs de Brave)
CapCut (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\CapCut) (Version: 3.1.0.1070 - Bytedance Pte. Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 6.17 - Piriform)
Combo Cleaner (HKLM\...\{8C9F8853-52F7-46F3-BC78-98001D3FF40C}) (Version: 1.0.58.0 - RCS LT) Hidden
Combo Cleaner (HKLM-x32\...\InstallShield_{8C9F8853-52F7-46F3-BC78-98001D3FF40C}) (Version: 1.0.58.0 - RCS LT)
Composer - Php Dependency Manager (HKLM-x32\...\{7315AF68-E777-496A-A6A2-4763A98ED35A}_is1) (Version:  - getcomposer.org)
Contrôle d’intégrité du PC Windows (HKLM\...\{90C6971F-ABF1-4FBF-BD98-24F14C5F5AB4}) (Version: 3.6.2204.08001 - Microsoft Corporation)
CPU Stress MT 1.0.4 (HKLM-x32\...\CPU Stress MT_is1) (Version: 1.0.4 - Foudge)
CPUID HWMonitor 1.48 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.48 - CPUID, Inc.)
CrewLink 2.0.1 (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\f844a100-2ca0-51d4-8013-d11548b01669) (Version: 2.0.1 - Ottomated)
CurseForge 0.227.1-11043 (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\ca0e291c-abd4-5fc3-b6a0-3d4333eccbd7) (Version: 0.227.1-11043 - Overwolf)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.140.0.5653 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{c5f530ac-f23b-4a35-ad63-582378749d17}) (Version: 13.140.0.5653 - Electronic Arts)
Epic Games Launcher (HKLM-x32\...\{E8FDD9E1-BEB2-4E7F-A179-22962E4C377A}) (Version: 1.3.82.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{19695986-25CE-41AC-9C6F-54794653EDBA}) (Version: 2.0.36.0 - Epic Games, Inc.)
ExpressVPN (HKLM-x32\...\{6c4bfa07-2536-464d-b059-57b12b4da8f3}) (Version: 12.51.0.4 - ExpressVPN)
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B899FD7835}) (Version: 12.51.0.4 - ExpressVPN) Hidden
Faceform Wrap (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\{7e1ac978-4fd5-4e07-83a3-e7c52fe16245}) (Version: 2023.11.4 - Faceform)
FC 24 (HKLM-x32\...\{D599A8A7-E083-496C-B891-5752CD4E04F3}) (Version: 1.0.83.56686 - Electronic Arts, Inc.)
FIFA 17 (HKLM-x32\...\FIFA 17_is1) (Version:  - )
FileZilla 3.60.1 (HKLM-x32\...\FileZilla Client) (Version: 3.60.1 - Tim Kosse)
Filius 2.2.0 (HKLM-x32\...\Filius) (Version: 2.2.0 - Stefan Freischlad)
FontForge version 01-01-2023 (HKLM-x32\...\{56748B9C-19AE-4689-B8C5-5A45AE0A993A}_is1) (Version: 01-01-2023 - FontForgeBuilds)
GalaxyGame (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\726756096122814545) (Version:  - )
Git (HKLM\...\Git_is1) (Version: 2.42.0.2 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 122.0.6261.95 - Google LLC)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Gyazo 4.3.4.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
HandBrake 1.5.1 (HKLM-x32\...\HandBrake) (Version: 1.5.1 - )
Helios Launcher 1.8.0 (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\22789c4f-79c4-5364-9ee1-c5a09f5035b1) (Version: 1.8.0 - Daniel Scalzi)
Hogwarts Legacy (HKLM-x32\...\Hogwarts Legacy_is1) (Version:  - )
Inno Setup version 6.1.0-beta (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Inno Setup 6_is1) (Version: 6.1.0-beta - jrsoftware.org)
InputMapper (HKLM-x32\...\{026D2025-A7FA-4F5C-AF8C-A6F7A9B917FC}) (Version: 1.6.10.19991 - DSDCS)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
IntelliJ IDEA 2020.3 (HKLM-x32\...\IntelliJ IDEA 2020.3) (Version: 203.5981.155 - JetBrains s.r.o.)
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1.2.1 - IObit)
IPVanish (HKLM\...\{95466B3C-9955-4698-9732-A7486E3E14B0}) (Version: 4.2.1.208 - IPVanish, a Ziff Davis company) Hidden
IPVanish (HKLM-x32\...\{a35af1e1-a948-432c-8ab8-7190093cad5a}) (Version: 4.2.1.208 - IPVanish, a Ziff Davis company)
Java 8 Update 341 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180341F0}) (Version: 8.0.3410.10 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LDPlayer (HKLM-x32\...\LDPlayer9) (Version: 9.0.65 - XUANZHI INTERNATIONAL CO., LIMITED)
League of Legends (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
Magic Bullet Suite 64-bit (HKLM\...\{3C09DE13-867C-4289-9F95-4510BB3A5F57}) (Version: 11.4.0 - Red Giant Software) Hidden
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{3C09DE13-867C-4289-9F95-4510BB3A5F57}) (Version: 11.4.0 - Red Giant Software)
MagicMic (HKLM\...\{E7B1C677-D850-4917-BCBD-23C938805736}_is1) (Version: 5.0.0.6 - Shenzhen iMyFone Technology Co., Ltd.)
Malwarebytes version 5.0.17.99 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.0.17.99 - Malwarebytes)
mBot simulator version 1.111 (HKLM-x32\...\{8F762BD2-8016-4B6A-B2FC-2497CEA9D3CE}_is1) (Version: 1.111 - Irai)
MCC Tool Chest PE (HKLM-x32\...\{822D45B5-B729-4511-8967-2714CE611B8D}) (Version: 0.00.0100 - MCCToolChest)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Metal Gear Rising: Revengeance (HKLM-x32\...\Metal Gear Rising: Revengeance_is1) (Version:  - )
Microsoft .NET Framework 4.8 Developer Pack (Français) (HKLM-x32\...\{6d4e0482-0b21-4ce7-8a59-49b055bdd9e1}) (Version: 4.8.3761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 SDK (Français) (HKLM-x32\...\{D5668CE0-1BC5-4B73-B435-707FDA9A614C}) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 Targeting Pack (Français) (HKLM-x32\...\{2FD45BD9-6FC8-4F28-BD8A-D111808667A2}) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Host - 5.0.10 (x64) (HKLM\...\{D1368E0E-D6FB-4C42-9132-885E5C23DB05}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.13 (x64) (HKLM\...\{9511601E-12FF-4972-BF9C-2992F2CA5A32}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.4 (x64) (HKLM\...\{6C1E1983-8DF2-4863-A392-DCA0A81E4324}) (Version: 56.19.56696 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.10 (x64) (HKLM\...\{0FFA44C0-CFC0-4C1B-AACC-2C4BE1CDDB37}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.13 (x64) (HKLM\...\{8CDACE3C-0064-4A17-A02C-49F831D5F73A}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.4 (x64) (HKLM\...\{6E34B759-680E-4C25-B289-47199AD8B49A}) (Version: 56.19.56696 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.10 (x64) (HKLM\...\{607A9135-1477-43AB-A8B0-7690DC1C58D3}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.10 (x64) (HKLM-x32\...\{a5d9614c-78d2-4d81-8f74-5dfea9206cc6}) (Version: 5.0.10.30412 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.13 (x64) (HKLM\...\{5F0DB006-2AE3-4D36-8077-65247FD687D4}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.4 (x64) (HKLM\...\{7AF0827F-6735-4FB1-B209-5E984F899D1B}) (Version: 56.19.56696 - Microsoft Corporation) Hidden
Microsoft Build Tools 14.0 (amd64) (HKLM\...\{79750C81-714E-45F2-B5DE-42DEF00687B8}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
Microsoft Build Tools 14.0 (x86) (HKLM-x32\...\{6BF8837D-67E1-4359-89FB-C08BFD6F2138}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
Microsoft Build Tools Language Resources 14.0 (amd64) (HKLM\...\{34BFF66C-9A7E-4778-8A9F-1DA1F0F4C22E}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
Microsoft Build Tools Language Resources 14.0 (x86) (HKLM-x32\...\{5127B392-8820-4822-A21F-1CB78C2E25AD}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.66 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.66 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Office LTSC Professionnel Plus 2024 - fr-fr (HKLM\...\ProPlus2024Volume - fr-fr) (Version: 16.0.17231.20236 - Microsoft Corporation)
Microsoft Office LTSC Professionnel Plus 2024 - fr-fr.proof (HKLM\...\ProPlus2024Volume - fr-fr.proof) (Version: 16.0.17231.20236 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Debug Runtime - 14.0.24210 (HKLM\...\{D94D812C-B20F-3DB9-82D2-A57AC2CAF9CA}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Debug Runtime - 14.0.24210 (HKLM-x32\...\{2509566A-3416-3B50-B2FC-F7A0254C24CE}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ Build Tools (HKLM-x32\...\{a9528995-e130-4501-ae19-bbfaddb779cc}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.61.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.10 (x64) (HKLM\...\{008667B9-294F-45C3-BB03-E6FBC58B26AF}) (Version: 40.40.30418 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.10 (x64) (HKLM-x32\...\{422d8da1-2e1a-4704-b462-db5439c6d1b9}) (Version: 5.0.10.30418 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.13 (x64) (HKLM\...\{8484730A-68A4-4C63-93B4-52628D3B488D}) (Version: 48.55.53270 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.13 (x64) (HKLM-x32\...\{96cf40b0-81d6-43ed-ad0e-611e67899196}) (Version: 6.0.13.32001 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 7.0.4 (x64) (HKLM\...\{5EEC39AC-9491-4339-BA44-14AC375AA779}) (Version: 56.19.56739 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.4 (x64) (HKLM-x32\...\{2ee0e4e2-f7aa-4697-9077-75f15774a376}) (Version: 7.0.4.32218 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{F6678473-0198-46D0-A88F-2A247E6FA03C}) (Version: 1.0.0.0 - Mojang)
MSVCRT Redists (HKLM\...\{E83D6FA1-B27C-11E9-B0DB-A5146957F833}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
Mumble (client) (HKLM\...\{7668CA93-7D82-43E5-AA6D-BCA352951877}) (Version: 1.4.287 - Mumble VoIP)
Music Collection version 3.3.3.0 (HKLM-x32\...\{DE4BC92E-B3DD-4B7D-B4C7-CF7C175155CE}_is1) (Version: 3.3.3.0 - GSoft4U)
NationsGlory 5.0.77 (HKLM\...\da60f423-202e-5908-a438-cd6fbbc819c8) (Version: 5.0.77 - WebNations SARL,)
Node.js (HKLM\...\{4ACCDAEB-B4CB-4AAC-AFE6-AC3517234257}) (Version: 16.15.1 - Node.js Foundation)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.35.9.0 - TEFINCOM S.A.)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{BD0E4F38-D3F6-452D-A32E-B14D721839AC}) (Version: 1.0.1 - NordVPN)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Pilote graphique 551.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.52 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 29.1.2 - OBS Project)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
OpenIV (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\OpenIV) (Version: 4.1.1502 - .black/OpenIV Team)
Opera GX Stable 105.0.4970.74 (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Opera GX 105.0.4970.74) (Version: 105.0.4970.74 - Opera Software)
paint.net (HKLM\...\{2025DAA7-0653-4F18-B66F-900E6F2320EC}) (Version: 4.2.13 - dotPDN LLC)
PhpStorm 2020.2 (HKLM-x32\...\PhpStorm 2020.2) (Version: 202.6397.115 - JetBrains s.r.o.)
Plague Inc Evolved MULTi14 - ElAmigos version 1.18.4.0 (HKLM-x32\...\{BDF7DD42-37BE-43A2-8F9C-44EE65466076}_is1) (Version: 1.18.4.0 - Ndemic Creations)
Process Hacker 2.39 (r124) (HKLM\...\Process_Hacker2_is1) (Version: 2.39.0.124 - wj32)
PuTTY release 0.78 (64-bit) (HKLM\...\{4EEF2644-700F-46F8-9655-915145248986}) (Version: 0.78.0.0 - Simon Tatham)
PuTTY release 0.79 (64-bit) (HKLM\...\{E07417FF-E888-4648-878C-73E25D64D50D}) (Version: 0.79.0.0 - Simon Tatham)
Python 3.11.3 Add to Path (64-bit) (HKLM\...\{9EB782CC-B2A5-4B67-BFEC-C91F5B755CAF}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Core Interpreter (64-bit) (HKLM\...\{611F1238-29A9-495F-B1F4-CFFCC98D9421}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Development Libraries (64-bit) (HKLM\...\{D307D056-AF62-4F53-810E-052AAAF0EFB2}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Documentation (64-bit) (HKLM\...\{25DC2A6F-FDC2-40D0-AA9D-3BF392BDF500}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Executables (64-bit) (HKLM\...\{A2BCB6C1-272D-437F-A5BC-92431FC521B4}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 pip Bootstrap (64-bit) (HKLM\...\{55BEEF7A-9288-497D-B5CE-960D2F3C70A3}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Standard Library (64-bit) (HKLM\...\{0D289858-69D1-4CB6-946E-659F028DDC27}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Tcl/Tk Support (64-bit) (HKLM\...\{C321A7FC-E479-4E2A-AA09-2698EFEA4CA3}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Test Suite (64-bit) (HKLM\...\{BA9ABB78-751C-4488-80A9-60E44290C060}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Utility Scripts (64-bit) (HKLM\...\{5BF6CA5B-E057-413A-B87A-CCD47600E465}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.12.2 (64-bit) (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\{b6178a40-1665-4565-b73e-48dd6e039a65}) (Version: 3.12.2150.0 - Python Software Foundation)
Python 3.12.2 Core Interpreter (64-bit) (HKLM\...\{4534F2ED-1616-434D-98A6-0DA358DCD466}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python 3.12.2 Development Libraries (64-bit) (HKLM\...\{F131E2DD-B8C5-42F3-85B7-3D4BAC9582CD}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python 3.12.2 Documentation (64-bit) (HKLM\...\{BD32BDE9-835D-4013-8F9A-45FF11456F02}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python 3.12.2 Executables (64-bit) (HKLM\...\{097D2A37-E94B-4FAD-8C89-D63443BD4D4A}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python 3.12.2 pip Bootstrap (64-bit) (HKLM\...\{BDE73EDC-76AE-475D-8885-9B583631B0FC}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python 3.12.2 Standard Library (64-bit) (HKLM\...\{E172CAF3-ABC7-4B62-BA8C-3A2472DE44F6}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python 3.12.2 Tcl/Tk Support (64-bit) (HKLM\...\{B50C92E9-2780-433A-AA61-E9F06D0AFF8A}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python 3.12.2 Test Suite (64-bit) (HKLM\...\{94087C99-E4F5-4637-A789-3B6059DF787B}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{3B36061E-A25F-4E12-BFD1-68E724723D48}) (Version: 3.12.2150.0 - Python Software Foundation)
RDBM 24 (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\RDBM 24) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.35.510.2019 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8730.1 - Realtek Semiconductor Corp.)
Regressi (HKLM-x32\...\{4A7037E7-14DE-4D36-82D3-F95C366B231E}) (Version: 4.8.5 - Evariste) Hidden
Regressi (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Regressi) (Version: 4.8.5 - Evariste)
Riot Client  (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Riot Game Riot_Client.) (Version:  - Riot Games, Inc)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version:  - Riot Games, Inc.)
Roblox Player for PC GAMER (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\roblox-player) (Version:  - Roblox Corporation)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.83.1767 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.2.6.9 - Rockstar Games)
SAOFrance Launcher 1.0.1 (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\0046085e-ca7d-5ae0-84da-edb50a69f027) (Version: 1.0.1 - SAOFrance)
Shooter Suite (HKLM\...\Shooter Suite v13.1.13) (Version:  - Red Giant LLC)
Skype version 8.92 (HKLM-x32\...\Skype_is1) (Version: 8.92 - Skype Technologies S.A.)
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.34.9745 - SoftEther VPN Project)
SoundWire Server version 2.5 (HKLM-x32\...\{E15658BC-7742-4397-999F-98B1BD11B784}_is1) (Version: 2.5 - GeorgieLabs)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Splitter 9.26.0.7 (HKLM-x32\...\P3 Splitter_is1) (Version: 9.26.0.7 - One Software)
SSO (HKLM-x32\...\SSO) (Version: 1.8.7.7 - Hallowed Fate Map.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SzNativeMessage 7.0.0.89 (HKLM-x32\...\SzNativeMessage_is1) (Version:  - IZbit Software, Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
Topaz Gigapixel AI (HKLM\...\Topaz Gigapixel AI 6.3.3) (Version: 6.3.3 - Topaz Labs LLC)
Topaz Video Enhance AI (HKLM\...\Topaz Video Enhance AI 2.6.4) (Version: 2.6.4 - Topaz Labs LLC)
TuxlerChromeExtensionHelperApp (HKLM-x32\...\TuxlerChromeExtensionHelperApp_is1) (Version: 1.1.5.0 - Tuxler Privacy Technologies, Inc.)
Twitch (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
Universal CRT Extension SDK (HKLM-x32\...\{1FBCBC17-4527-2340-0832-B1D49C41FF67}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{8BFBEC30-33CC-13B4-849F-3B036F27466A}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universe (HKLM\...\Universe v3.0.2) (Version:  - Red Giant LLC)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
uTorrent Web (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\utweb) (Version: 1.4.0 - BitTorrent Limited)
VALORANT (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Riot Game valorant.live) (Version:  - Riot Games, Inc)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version:  - VB-Audio Software)
Visual C++ Compiler/Tools X64 ARM Cross Package (HKLM-x32\...\{5CC47701-1421-32CC-9A9D-F2C82779382F}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X64 ARM Cross Resource Package (HKLM-x32\...\{B26170D0-9490-3187-9775-43E5306F2B68}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X64 Base Package (HKLM-x32\...\{8F970CE1-5B0C-3B94-9501-8BC6677CDC56}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X64 Base Resource Package (HKLM-x32\...\{EDAA5381-AA40-373D-9465-8B9465548D3A}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X64 Native Package (HKLM-x32\...\{03E91A69-138A-30D9-B040-08A9F9203009}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X64 Native Resource Package (HKLM-x32\...\{9242F9AB-C717-3E9C-8118-1CE0041449EF}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X64 X86 Cross Package (HKLM-x32\...\{020A6FCE-0528-32CD-8BFA-B6CFE1A078F7}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X64 X86 Cross Resource Package (HKLM-x32\...\{C7BEC23B-B359-3D3E-94B1-A86C6BE0F391}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X86 ARM Cross Package (HKLM-x32\...\{514EE7D8-5166-3EC9-97D6-9818A816EC6F}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X86 ARM Cross Resource Package (HKLM-x32\...\{26D902E5-999B-3635-9260-A5231BE67BA8}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X86 Base Package (HKLM-x32\...\{7BC93EE9-44F1-3783-AD76-F6BD6C8F6B58}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X86 Base Package (HKLM-x32\...\{BFEC9D45-BAD4-3D7C-B6A7-887D21E6C25A}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X86 Base Resource Package (HKLM-x32\...\{62505F19-7D2A-3FD0-B1A2-D8E2FA2F96B3}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X86 Base Resource Package (HKLM-x32\...\{85658238-483F-3148-967E-ECD533AE6FE7}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X86 Native Package (HKLM-x32\...\{992BA429-8653-3A21-AD6E-3B9EEDF6BE32}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X86 Native Resource Package (HKLM-x32\...\{68EB16F2-B3CF-3E45-A78D-828369F7CAFC}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X86 X64 Cross Package (HKLM-x32\...\{23478A3A-98E7-3B27-8347-97B86143C01D}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X86 X64 Cross Resource Package (HKLM-x32\...\{516233EF-0F6B-3F87-A70E-00E7E08A51AE}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Core Build Toolset (HKLM-x32\...\{A3ECCE28-0B16-4CFB-9A99-15FA98B04E7D}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
Visual C++ CRT Headers Package (HKLM-x32\...\{729FD64C-2AE0-3E25-83A8-A93520DCDE7A}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Library CRT ARM Desktop Package (HKLM-x32\...\{EE91146B-E37B-3649-865D-1FB1ED190A0A}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Library CRT ARM Redist Package (HKLM-x32\...\{952FA3F4-FC7E-3164-B489-124ED8ECBEF9}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Library CRT ARM Store Package (HKLM-x32\...\{33F4C5B2-032D-3827-8BA8-5429F9022F8C}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Library CRT Source Package (HKLM-x32\...\{9EBE5CEF-E60E-33C2-8A29-E29FF4F23968}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Library CRT X64 Desktop Package (HKLM-x32\...\{1AB3E77E-E073-3F39-BA16-C3119D16851A}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Library CRT X64 Redist Package (HKLM-x32\...\{61BFEC08-5739-3AE4-8AA4-B768B2AB46ED}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Library CRT X64 Store Package (HKLM-x32\...\{DEB9C4B1-3B98-3CEE-83A7-E055B23CBFD6}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Library CRT X86 Desktop Package (HKLM-x32\...\{1B8AF45A-1511-3984-B2BB-D5AC4A0C756A}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Library CRT X86 Redist Package (HKLM-x32\...\{15435A00-F7BA-31E7-B83D-AE7A3AF1A304}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Library CRT X86 Store Package (HKLM-x32\...\{C1C02687-7834-3499-87E0-6036AFF6B297}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ MSBuild ARM Package (HKLM-x32\...\{51547499-4A12-3CC6-AE3D-3C5E87D72909}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
Visual C++ MSBuild Base Package (HKLM-x32\...\{35433594-85A3-3EEA-963E-0E5E860B82D6}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
Visual C++ MSBuild Base Resource Package (HKLM-x32\...\{D073E568-C258-381C-B9DB-965434B1DF53}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
Visual C++ MSBuild X64 Package (HKLM-x32\...\{EE527713-BE8A-348A-8854-DACBCE5316F2}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
Visual C++ MSBuild X86 Package (HKLM-x32\...\{8CB498C5-672B-3F6C-9143-84B0BBC1EAB3}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WebAdvisor par McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.866 - McAfee, LLC)
WFDownloaderApp (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\{wfdownloaderapp}}_is1) (Version: BETA - WFDownloaderApp)
Windows App Certification Kit Native Components (HKLM\...\{1D2CEC61-C3F0-C27E-7280-F9D6B10378BE}) (Version: 8.100.26629 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (HKLM-x32\...\{F395FD4F-40E5-7B56-2BCB-B3CF52B3B52C}) (Version: 8.100.26795 - Microsoft Corporation) Hidden
Windows Runtime Intellisense Content - en-us (HKLM-x32\...\{0610DFB0-CCEA-6EC0-E3C3-A0160AD7FD98}) (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit (HKLM-x32\...\{984022F2-9BCA-A41D-6A38-1AE658F01415}) (Version: 8.100.26936 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (HKLM\...\{5247E16E-BCF8-95AB-1653-B3F8FBF8B3F1}) (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (HKLM-x32\...\{A1CB8286-CFB3-A985-D799-721A0F2A27F3}) (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (HKLM-x32\...\{37464E70-B0B9-9DFF-649A-CBE169BAD657}) (Version: 8.100.26936 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (HKLM\...\{96F4525A-470D-F15C-796E-58D9988C3E5F}) (Version: 8.100.26936 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (HKLM-x32\...\{56AD3004-0B49-967F-F682-B05650B61A78}) (Version: 8.100.26936 - Microsoft Corporation) Hidden
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
WinSCP 5.21.6 (HKLM-x32\...\winscp3_is1) (Version: 5.21.6 - Martin Prikryl)
WO Mic Client (HKLM-x32\...\WOMic) (Version:  - )
Youtubers Life 2 (HKLM-x32\...\Youtubers Life 2_is1) (Version:  - )

Chrome apps:
============
Ad-Link Bypass by bypass.city (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\28c08e5165844e51e2e24c8b60dab072) (Version: 1.0 - Google\Chrome)
Docs (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\104f2e8409a458754515a514e446db78) (Version: 1.0 - Google\Chrome)
Docs (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\3a735baa1e1972a302edd5c07441b63a) (Version: 1.0 - Google\Chrome)
Docs (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\98eede9935c2881e24c03da218af02d7) (Version: 1.0 - Google\Chrome)
Docs (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\f0b04039e81b55e43c4d2078ec0d4b29) (Version: 1.0 - Google\Chrome)
Feuilles de calcul (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\0aeac2c0909be73431f6b073301e58e8) (Version: 1.0 - Google\Chrome)
Feuilles de calcul (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\63923eba9160b01419c971f9f66da79e) (Version: 1.0 - Google\Chrome)
Feuilles de calcul (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\733a794eb2f7caa24e40306fdef05900) (Version: 1.0 - Google\Chrome)
Feuilles de calcul (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\7837ae13983105634bc07bdbca87e853) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\54b99296d6d52157449d2429e0671856) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\648b098988c5ae505e2a76161a0ba1a2) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\8ea1add956ed845b3eb4d2f4399a28eb) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\ba96b19f8ccb93c0fac3d842e127f1ff) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\5e2f3997cb8c2688a81a61598e40939e) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\72b865a4851c3e973ba9be9de8cfd23f) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\cc356ad2f57d5fd78d2c7315eb3618bd) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\fd2e488fc7b2ecefaf9c525683b12fe7) (Version: 1.0 - Google\Chrome)
Google Lens (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\6fa83d078514342e1ab4b325f69bd522) (Version: 1.0 - Google\Chrome)
Google Lens (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\c454f8477ccce025818b234ace6e536f) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\20cbd5ffa83c520c29635a555476a76f) (Version: 1.0 - Google\Chrome)
Myinstants App (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\ab0ab30b5a2237d80743c35d025c78d1) (Version: 1.0 - Google\Chrome)
Photopea (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\c63cecc06db04192ab5056fff92ebf5a) (Version: 1.0 - Google\Chrome)
Présentations (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\45d5b0053bda1bc44cc568b16e1d97db) (Version: 1.0 - Google\Chrome)
Présentations (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\65453bb45a5d63cf39e956c95ee2847b) (Version: 1.0 - Google\Chrome)
Présentations (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\6809ce799310396a156fca85b426596a) (Version: 1.0 - Google\Chrome)
Présentations (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\ada6c2ddebf6cdd7b417bc1a99493fdf) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\5077e7b70034256fd99b995050c43403) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\7fe67a18dc9897d4eeb91941f5d59ed6) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\aa52f38a776022193d0a2199f3deed0a) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\cf04ac7bc770d07cb0fd1a7558990072) (Version: 1.0 - Google\Chrome)

Packages:
=========

Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-10-09] (Microsoft Corporation)
Extension Photos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-05-26] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-12-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-12-24] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2024-02-17] (NVIDIA Corp.)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.613.510.0_x64__55nm5eh3cm0pr [2024-02-27] (Roblox Corporation)
Snapchat -> C:\Program Files\WindowsApps\SnapInc.Snapchat_2.0.1.0_neutral__k1zn018256b8e [2023-12-28] (Snap Inc.)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2407.10.0_x64__cv1g1gvanyjgm [2024-02-28] (WhatsApp Inc.) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-13960046-46231223-1468497707-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-13960046-46231223-1468497707-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-13960046-46231223-1468497707-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-13960046-46231223-1468497707-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-13960046-46231223-1468497707-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-13960046-46231223-1468497707-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-13960046-46231223-1468497707-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\PC GAMER\AppData\Local\Microsoft\OneDrive\20.114.0607.0001\FileCoAuth.exe => No File
CustomCLSID: HKU\S-1-5-21-13960046-46231223-1468497707-1001_Classes\CLSID\{a398e697-bd60-4066-9498-8488353f3a21}\localserver32 -> C:\Program Files\Maxon\Tools\MxNotify.exe => No File
CustomCLSID: HKU\S-1-5-21-13960046-46231223-1468497707-1001_Classes\CLSID\{BEA218D2-6950-497B-9434-61683EC065FE}\InprocServer32 -> C:\Users\PCGAMER\AppData\Local\Programs\Python\Launcher\pyshellext.amd64.dll (Python Software Foundation -> Python Software Foundation)
CustomCLSID: HKU\S-1-5-21-13960046-46231223-1468497707-1001_Classes\CLSID\{d936918b-9c4b-555e-074a-c79314be04e1}\localserver32 -> "C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-13960046-46231223-1468497707-1001_Classes\CLSID\{ebf97929-5ab8-fcfd-948a-ddb83e4a49b2}\localserver32 -> "D:\dl\concours\SCrawler_2024.1.26.0_x64\SCrawler.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\PCGAMER\AppData\Local\MEGAsync\ShellExtX64.dll [2024-02-08] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\PCGAMER\AppData\Local\MEGAsync\ShellExtX64.dll [2024-02-08] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\PCGAMER\AppData\Local\MEGAsync\ShellExtX64.dll [2024-02-08] (Mega Limited -> )
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\PCGAMER\AppData\Local\MEGAsync\ShellExtX64.dll [2024-02-08] (Mega Limited -> )
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2018-05-17] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\PCGAMER\AppData\Local\MEGAsync\ShellExtX64.dll [2024-02-08] (Mega Limited -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-03-05] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\PCGAMER\AppData\Local\MEGAsync\ShellExtX64.dll [2024-02-08] (Mega Limited -> )
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\PCGAMER\AppData\Local\MEGAsync\ShellExtX64.dll [2024-02-08] (Mega Limited -> )
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2018-05-17] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_493585427225c794\nvshext.dll [2024-02-08] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-03-05] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2018-05-17] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\PCGAMER\Desktop\Animcraft (Ok) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\PCGAMER\Desktop\Google Lens.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 3" --app-id=heoipgnfgkeehcobmdojpdbjeeacndkj
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Ad-Link Bypass by bypass.city.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 3" --app-id=okigdlpgobjjfnlipcmninihfjfdpdni
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Docs (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 6" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Docs.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 7" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Feuilles de calcul (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 6" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Feuilles de calcul.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 7" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Gmail (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 6" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 7" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Google Drive (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 6" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Google Drive.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 7" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Google Lens (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 3" --app-id=heoipgnfgkeehcobmdojpdbjeeacndkj
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Google Lens.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=heoipgnfgkeehcobmdojpdbjeeacndkj
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Photopea.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=jdklklfpinionkgpmghaghehojplfjio
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Présentations (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 6" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Présentations.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 7" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\YouTube (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 6" --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 7" --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d755e1040e5d38ac\msn - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 8"
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b42be1c9c51179ef\Anim' - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 7"
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\skibidi (CryZz) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Laboss - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\600fb694c0849943\penaldo - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 9"
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\371b6590bc8d800\ChatGPT - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 6"
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\le 3 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"

==================== Loaded Modules (Whitelisted) =============

2024-03-05 12:29 - 2024-03-05 12:29 - 002319872 _____ () [File not signed] \\?\C:\Users\PCGAMER\AppData\Local\Temp\17847649-1d0d-4014-96c2-2260ca1d0064.tmp.node
2024-02-27 23:37 - 2024-02-27 23:37 - 196495872 _____ () [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcef.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000473088 _____ () [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libEGL.DLL
2024-02-27 23:37 - 2024-02-27 23:37 - 007472640 _____ () [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libGLESv2.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 004950528 _____ () [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\vk_swiftshader.dll
2023-11-24 20:06 - 2023-10-19 07:28 - 002862080 _____ () [File not signed] C:\Users\PCGAMER\AppData\Local\Programs\bluestacks-services\ffmpeg.dll
2023-11-24 20:06 - 2023-10-19 07:28 - 000479232 _____ () [File not signed] C:\Users\PCGAMER\AppData\Local\Programs\bluestacks-services\libegl.dll
2023-11-24 20:06 - 2023-10-19 07:28 - 007513600 _____ () [File not signed] C:\Users\PCGAMER\AppData\Local\Programs\bluestacks-services\libglesv2.dll
2023-11-24 20:06 - 2023-10-19 07:28 - 005209088 _____ () [File not signed] C:\Users\PCGAMER\AppData\Local\Programs\bluestacks-services\vk_swiftshader.dll
2024-02-28 12:56 - 2024-01-26 22:04 - 007470592 _____ () [File not signed] D:\Games\Steam\aom.dll
2024-02-28 12:56 - 2024-01-26 22:04 - 000231424 _____ () [File not signed] D:\Games\Steam\avif-16.dll
2024-02-28 12:56 - 2024-01-26 22:04 - 001066496 _____ () [File not signed] D:\Games\Steam\dav1d.dll
2022-05-23 13:46 - 2022-05-23 13:46 - 001646080 _____ () [File not signed] D:\IPVanish VPN\e_sqlite3.DLL
2024-02-27 23:37 - 2024-02-27 23:37 - 001416192 _____ (The Chromium Authors) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\chrome_elf.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 002849280 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000685056 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000046592 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qgif.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000039936 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qicns.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000031232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qico.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qjpeg.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qsvg.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qtga.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000380416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qtiff.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qwbmp.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qwebp.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 001455616 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\platforms\qwindows.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000227328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt\labs\platform\qtlabsplatformplugin.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 006947328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Gui.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 001389568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 003798528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Qml.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000440832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QmlModels.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000054784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QmlWorkerScript.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 004254720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Quick.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000171520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickControls2.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000222208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickShapes.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 001128960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickTemplates2.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000334848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Svg.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000133120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebChannel.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000157184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 005611520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Widgets.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WinExtras.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000210432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Xml.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000056832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000018432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick.2\qtquick2plugin.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000294400 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000106496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Layouts\qquicklayoutsplugin.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Shapes\qmlshapesplugin.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000045568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Window.2\windowplugin.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\styles\qwindowsvistastyle.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:jhqduwvxlctbqqijsf`usjbm`vovtfe.qpsu.obnfjhjjiihq [0]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [6920]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_341\bin\ssv.dll [2023-12-07] (Oracle America, Inc. -> Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2020-06-18] (Google Inc -> Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_341\bin\jp2ssv.dll [2023-12-07] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2020-06-18] (Google Inc -> Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2020-06-18] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2020-06-18] (Google Inc -> Google Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2022-12-24 01:10 - 000000855 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;C:\Program Files\PuTTY\;C:\PHP7;C:\ProgramData\ComposerSetup\bin;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\dotnet\;D:\nodejs\;C:\FFMPEG;D:\Git\cmd
HKU\S-1-5-21-13960046-46231223-1468497707-1001\Control Panel\Desktop\\Wallpaper -> D:\PCGAMER\Pictures\Capture d’écran 2023-09-02 213943.png
HKU\S-1-5-21-13960046-46231223-1468497707-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

Network Binding:
=============
Ethernet 3: SoftEther Lightweight Network Protocol -> SeLow (enabled)
Ethernet 3: VirtualBox NDIS6 Bridged Networking Driver(Ld9BoxNetLwf) -> oracle_Ld9BoxNetLwf (enabled)
Ethernet 3: NordVPN LightWeight Firewall -> NordLwf (enabled)
Connexion réseau Bluetooth: SoftEther Lightweight Network Protocol -> SeLow (enabled)
Connexion au réseau local 3: SoftEther Lightweight Network Protocol -> SeLow (enabled)
Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 2: SoftEther Lightweight Network Protocol -> SeLow (enabled)
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver(Ld9BoxNetLwf) -> oracle_Ld9BoxNetLwf (enabled)
VPN - VPN Client: SoftEther Lightweight Network Protocol -> SeLow (enabled)
VPN - VPN Client: NordVPN LightWeight Firewall -> NordLwf (enabled)
VPN - VPN Client: VirtualBox NDIS6 Bridged Networking Driver(Ld9BoxNetLwf) -> oracle_Ld9BoxNetLwf (enabled)
Wi-Fi 3: SoftEther Lightweight Network Protocol -> SeLow (enabled)
Wi-Fi 3: NordVPN LightWeight Firewall -> NordLwf (enabled)
Wi-Fi 3: VirtualBox NDIS6 Bridged Networking Driver(Ld9BoxNetLwf) -> oracle_Ld9BoxNetLwf (enabled)
Ethernet: SoftEther Lightweight Network Protocol -> SeLow (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver(Ld9BoxNetLwf) -> oracle_Ld9BoxNetLwf (enabled)
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: CCleanerPerformanceOptimizerService => 2
MSCONFIG\Services: ExpressVPN App Service => 2
MSCONFIG\Services: ExpressVPN System Service => 2
MSCONFIG\Services: ExpressVPN VPN Service => 2
MSCONFIG\Services: Flixmate.UpdateService => 2
MSCONFIG\Services: FlixmateService => 2
MSCONFIG\Services: FvSvc => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: mxredirect => 2
MSCONFIG\Services: Razer Chroma SDK Server => 2
MSCONFIG\Services: Razer Chroma SDK Service => 2
MSCONFIG\Services: Razer Chroma Stream Server => 2
MSCONFIG\Services: Razer Game Manager Service => 2
MSCONFIG\Services: UrbanVPNServiceInteractive => 2
MSCONFIG\Services: UrbanVPNUpdater => 3
MSCONFIG\Services: vgc => 3
HKLM\...\StartupApproved\StartupFolder: => "SoftEther VPN Client Manager Startup.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run: => "SoftEther VPN Client UI Helper"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "ExpressVPNNotificationService"
HKLM\...\StartupApproved\Run32: => "AirBackupHelper"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_D00FC699AD4D89B83A0CB9F3A076B816"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "NordVPN"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "Medal"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "DiscordPTB"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_8A4F577017447BEE25575BAB49C58E77"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "Gyazo"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "AirBackupHelper"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "AnyTransToolHelper"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "Opera GX Stable"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "Opera GX Browser Assistant"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "UrbanVPN"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "ProtonVPN"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "TuxlerChromeExtensionHelperApp"
HKU\S-1-5-21-13960046-46231223-1468497707-500\...\StartupApproved\Run: => "OneDriveSetup"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D32AB782-C48B-477A-902B-ADDB30FC5618}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8657C43D-EAAE-404C-B20C-D49702BA50D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{054F899F-69CF-41FF-9094-23470486B18B}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe => No File
FirewallRules: [{52A8D5C4-3ECE-498E-A4A6-7C01B70FF495}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe => No File
FirewallRules: [{6F2656D5-DAC2-494B-8AC5-F1C940E917D0}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe => No File
FirewallRules: [{D80C575A-6BF5-4B08-89E8-D2B357D605AC}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe => No File
FirewallRules: [{F2600EF7-7D81-4469-A507-F102CACE96C9}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe => No File
FirewallRules: [{2E37D311-0554-4AD5-A926-57B1E5865BCF}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe => No File
FirewallRules: [TCP Query User{3E3703EC-B21D-47FF-B37C-B89E95CCCEC4}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{BA7B8257-B255-407E-8E73-CF9A761BD077}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{461F8528-F311-4A7E-885A-AC850F76DC52}C:\users\pc gamer\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\pc gamer\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{9DCE9CEF-B02C-45CA-A8BA-7ED65D677082}C:\users\pc gamer\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\pc gamer\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{F0F9CEDE-01AC-41C7-9A57-20CB78C80AC6}D:\atm 4\install\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\atm 4\install\runtime\jre-x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{091BD920-0D2D-4D80-ABF0-0EDB950CB248}D:\atm 4\install\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\atm 4\install\runtime\jre-x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{5A555C77-CBF8-4546-8FC4-73CF1DDC484E}C:\programdata\badlionclient\jre\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre\bin\javaw.exe => No File
FirewallRules: [UDP Query User{BFABD0FD-53D1-43E3-91CD-1D5EB0A05EB1}C:\programdata\badlionclient\jre\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre\bin\javaw.exe => No File
FirewallRules: [TCP Query User{B5F08545-1D41-40DA-9DD5-0CE3643D711A}C:\users\pcgamer\appdata\local\nationsglory\java\bin\java.exe] => (Allow) C:\users\pcgamer\appdata\local\nationsglory\java\bin\java.exe => No File
FirewallRules: [UDP Query User{01667896-6D7C-45D5-8675-72C6C96E1AFA}C:\users\pcgamer\appdata\local\nationsglory\java\bin\java.exe] => (Allow) C:\users\pcgamer\appdata\local\nationsglory\java\bin\java.exe => No File
FirewallRules: [TCP Query User{5E372279-B1BA-44FE-82B6-34FC67E7E3BC}D:\games\among us\among us.exe] => (Allow) D:\games\among us\among us.exe => No File
FirewallRules: [UDP Query User{B7FE1546-70FC-488E-95F5-5523F3BB4FE4}D:\games\among us\among us.exe] => (Allow) D:\games\among us\among us.exe => No File
FirewallRules: [TCP Query User{E7C90998-A48E-4C93-ADAC-A4369FD5A71B}C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe => No File
FirewallRules: [UDP Query User{43552EF8-77F4-4BB5-B8A7-2E884D9A4B6C}C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe => No File
FirewallRules: [TCP Query User{B3681FD2-368F-4DAA-B8D8-72F080F51BB0}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{CBC3FE3C-FE81-402A-85A2-ED6629785E9D}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{6BB1658E-743E-4AE0-BE0E-A3A09DCA73BF}D:\anydesk.exe] => (Allow) D:\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [UDP Query User{AA52F03A-69C4-4813-AD73-F7466F8F5F07}D:\anydesk.exe] => (Allow) D:\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [TCP Query User{43F63E3A-C1FE-4D8B-B847-CFEE702ADB28}D:\soundwire server\soundwireserver.exe] => (Allow) D:\soundwire server\soundwireserver.exe => No File
FirewallRules: [UDP Query User{D64E04B8-25B2-46F7-804E-8F1909E32960}D:\soundwire server\soundwireserver.exe] => (Allow) D:\soundwire server\soundwireserver.exe => No File
FirewallRules: [TCP Query User{4DE38A99-F59D-4A58-B44D-A05A40B1F658}C:\program files\badlion client\badlion client.exe] => (Allow) C:\program files\badlion client\badlion client.exe => No File
FirewallRules: [UDP Query User{4E564661-88E1-4C6A-8921-DF98D67DEB6A}C:\program files\badlion client\badlion client.exe] => (Allow) C:\program files\badlion client\badlion client.exe => No File
FirewallRules: [TCP Query User{0FE3900E-3EC7-43F0-8208-A1E1627B049C}D:\anydesk (1).exe] => (Allow) D:\anydesk (1).exe => No File
FirewallRules: [UDP Query User{8500CE12-5DAD-4EEE-817F-A9C328D69664}D:\anydesk (1).exe] => (Allow) D:\anydesk (1).exe => No File
FirewallRules: [{D2E48565-C82B-41D0-9F0F-CF58A671AB1B}] => (Block) D:\anydesk (1).exe => No File
FirewallRules: [{5C000B5B-4194-44C0-A39E-959CEC1A02EA}] => (Block) D:\anydesk (1).exe => No File
FirewallRules: [TCP Query User{DBE432D1-30F8-4AA7-8DB3-733C186A082C}D:\gang beasts\gang beasts.exe] => (Allow) D:\gang beasts\gang beasts.exe => No File
FirewallRules: [UDP Query User{45D30406-96B2-4AD5-BAFF-50542BCE4EF8}D:\gang beasts\gang beasts.exe] => (Allow) D:\gang beasts\gang beasts.exe => No File
FirewallRules: [TCP Query User{39FD0A09-9D46-4663-8C1E-88852104C313}D:\games\bigfoot.v3.0\bigfoot\binaries\win64\bigfoot-win64-shipping.exe] => (Allow) D:\games\bigfoot.v3.0\bigfoot\binaries\win64\bigfoot-win64-shipping.exe => No File
FirewallRules: [UDP Query User{1D00AAF5-6B1D-4843-9421-F557FBB59E60}D:\games\bigfoot.v3.0\bigfoot\binaries\win64\bigfoot-win64-shipping.exe] => (Allow) D:\games\bigfoot.v3.0\bigfoot\binaries\win64\bigfoot-win64-shipping.exe => No File
FirewallRules: [TCP Query User{23FBF0ED-B7C4-4228-B2B9-4D9ED97D0EA0}D:\games\my hero one's justice 2\herogame\binaries\win64\mhoj2.exe] => (Allow) D:\games\my hero one's justice 2\herogame\binaries\win64\mhoj2.exe => No File
FirewallRules: [UDP Query User{E1B5B2FA-C341-48EE-AF46-60AE555E8A20}D:\games\my hero one's justice 2\herogame\binaries\win64\mhoj2.exe] => (Allow) D:\games\my hero one's justice 2\herogame\binaries\win64\mhoj2.exe => No File
FirewallRules: [{A48A4393-CAFB-4CB4-982F-1CCE4F4AF9C7}] => (Allow) D:\SteamLibrary\steamapps\common\Spacewar\SteamworksExample.exe () [File not signed]
FirewallRules: [{95C9CDCF-830F-4FCC-AD6A-49DA3D73FAEA}] => (Allow) D:\SteamLibrary\steamapps\common\Spacewar\SteamworksExample.exe () [File not signed]
FirewallRules: [TCP Query User{A9F3B87E-68F9-4940-AB0E-82A6EA0CE868}D:\atm 4\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\atm 4\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => No File
FirewallRules: [UDP Query User{DF62DAC2-4766-41A1-9CBE-60885361F967}D:\atm 4\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\atm 4\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => No File
FirewallRules: [TCP Query User{3EE771CC-5E58-4335-90AA-3D2DB3DC433F}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{397A7734-13C6-4B4E-84FF-245F58E4AB0F}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [TCP Query User{7F2CC62A-669A-4813-8C44-F4BB2F64AD5E}D:\games\badlion\badlion client\badlion client.exe] => (Allow) D:\games\badlion\badlion client\badlion client.exe => No File
FirewallRules: [UDP Query User{628F819E-E90E-4CD6-9F1A-8EB0F8967A48}D:\games\badlion\badlion client\badlion client.exe] => (Allow) D:\games\badlion\badlion client\badlion client.exe => No File
FirewallRules: [TCP Query User{B86F4447-A327-4BB6-8BB1-DEFA90E2BE82}C:\program files\ldplayerbox\ldvboxheadless.exe] => (Allow) C:\program files\ldplayerbox\ldvboxheadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation)
FirewallRules: [UDP Query User{B7F2B6AB-C140-4CC4-BD97-3CC701A28848}C:\program files\ldplayerbox\ldvboxheadless.exe] => (Allow) C:\program files\ldplayerbox\ldvboxheadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation)
FirewallRules: [TCP Query User{8F4C6AF1-08CB-471D-A3EF-236D0CADA9BF}D:\altbotv3.exe] => (Allow) D:\altbotv3.exe => No File
FirewallRules: [UDP Query User{D206C602-F511-4742-9310-6A1E8D4E531C}D:\altbotv3.exe] => (Allow) D:\altbotv3.exe => No File
FirewallRules: [TCP Query User{E6BA6D57-CDAD-407A-920B-7D5C5F1A52D0}C:\users\pcgamer\appdata\local\programs\elundus-core\elundus core.exe] => (Allow) C:\users\pcgamer\appdata\local\programs\elundus-core\elundus core.exe => No File
FirewallRules: [UDP Query User{28390895-C81E-44F2-A0D8-4BE9D90DE687}C:\users\pcgamer\appdata\local\programs\elundus-core\elundus core.exe] => (Allow) C:\users\pcgamer\appdata\local\programs\elundus-core\elundus core.exe => No File
FirewallRules: [TCP Query User{F281444F-765B-4060-B0B0-89CC28BCEEA6}D:\games\valorant\riot games\riot client\riotclientservices.exe] => (Allow) D:\games\valorant\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [UDP Query User{877CE66E-156B-4157-A101-3DC2E17BAEF1}D:\games\valorant\riot games\riot client\riotclientservices.exe] => (Allow) D:\games\valorant\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [TCP Query User{E4F7D61C-42F1-4023-9059-9B0AD964ECC5}D:\technic\runtimes\jre-legacy\bin\javaw.exe] => (Allow) D:\technic\runtimes\jre-legacy\bin\javaw.exe => No File
FirewallRules: [UDP Query User{AE1C3400-28F3-47BF-BF3C-B0EC85D0490E}D:\technic\runtimes\jre-legacy\bin\javaw.exe] => (Allow) D:\technic\runtimes\jre-legacy\bin\javaw.exe => No File
FirewallRules: [TCP Query User{DD915D3E-C3A8-4955-9DAD-471FCE956988}D:\altbotv3 (1).exe] => (Allow) D:\altbotv3 (1).exe => No File
FirewallRules: [UDP Query User{C5BCAFF3-4FC6-49AC-99C2-8433B9D831D1}D:\altbotv3 (1).exe] => (Allow) D:\altbotv3 (1).exe => No File
FirewallRules: [TCP Query User{EEB26702-CC2C-479B-A3FC-A6C3E3293913}D:\altbotv3 (2).exe] => (Allow) D:\altbotv3 (2).exe => No File
FirewallRules: [UDP Query User{34E34C75-778A-4279-8C23-5D34996549D6}D:\altbotv3 (2).exe] => (Allow) D:\altbotv3 (2).exe => No File
FirewallRules: [TCP Query User{B2027027-07D1-47AE-AB79-1CA3366B77A0}D:\altbotv3-win.exe] => (Allow) D:\altbotv3-win.exe => No File
FirewallRules: [UDP Query User{5DEC33E0-A5B6-46FA-8146-3BA6FE01C045}D:\altbotv3-win.exe] => (Allow) D:\altbotv3-win.exe => No File
FirewallRules: [TCP Query User{4DC1C4B6-AF81-4B01-B33A-FBEA0178B834}C:\programdata\badlionclient\jre1.16.0_1\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.16.0_1\bin\javaw.exe => No File
FirewallRules: [UDP Query User{73B11A55-B088-4E68-99F8-885C4504DD03}C:\programdata\badlionclient\jre1.16.0_1\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.16.0_1\bin\javaw.exe => No File
FirewallRules: [TCP Query User{4FC3C30F-CC88-4AC3-82A2-1E996D4DA092}D:\games\fightcade\emulator\fcade.exe] => (Allow) D:\games\fightcade\emulator\fcade.exe => No File
FirewallRules: [UDP Query User{616ABAF4-E8FE-4511-ACAA-02A47466E365}D:\games\fightcade\emulator\fcade.exe] => (Allow) D:\games\fightcade\emulator\fcade.exe => No File
FirewallRules: [TCP Query User{16CA2836-A3E5-4098-A7E4-CACE0B6C2DD3}D:\games\fightcade\emulator\fbneo\fcadefbneo.exe] => (Allow) D:\games\fightcade\emulator\fbneo\fcadefbneo.exe => No File
FirewallRules: [UDP Query User{66476DEC-E316-418F-9B49-CDD254B3426C}D:\games\fightcade\emulator\fbneo\fcadefbneo.exe] => (Allow) D:\games\fightcade\emulator\fbneo\fcadefbneo.exe => No File
FirewallRules: [TCP Query User{D525AEEB-E583-4A84-BCFF-84B4EF08D82B}C:\programdata\badlionclient\jdk-17.0.1_12\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jdk-17.0.1_12\bin\javaw.exe => No File
FirewallRules: [UDP Query User{0B4A4047-82F9-4CC3-A86F-37D2DAE8CD01}C:\programdata\badlionclient\jdk-17.0.1_12\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jdk-17.0.1_12\bin\javaw.exe => No File
FirewallRules: [TCP Query User{589A89D2-DDAD-4076-B061-8CB33286A09B}D:\altbotv3-win (1).exe] => (Allow) D:\altbotv3-win (1).exe => No File
FirewallRules: [UDP Query User{8474B6F5-1BF9-4B18-A08E-D720BB8A0F8E}D:\altbotv3-win (1).exe] => (Allow) D:\altbotv3-win (1).exe => No File
FirewallRules: [TCP Query User{1B8A6A23-D3E2-41F7-B247-53C7A3A4E81D}D:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{E7CE471F-D7B3-4EE0-BD31-0BB572E78D2F}D:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{3FE69AAF-6D65-4673-A384-CC864443DA52}D:\mbs\mblock\mblock.exe] => (Allow) D:\mbs\mblock\mblock.exe => No File
FirewallRules: [UDP Query User{B337E1D5-A775-4E08-A5D2-335D9FAF0E33}D:\mbs\mblock\mblock.exe] => (Allow) D:\mbs\mblock\mblock.exe => No File
FirewallRules: [TCP Query User{ABAFC365-1B4C-4489-8C38-60CB56A301E9}D:\techniclauncher\runtimes\jre-legacy\bin\javaw.exe] => (Allow) D:\techniclauncher\runtimes\jre-legacy\bin\javaw.exe => No File
FirewallRules: [UDP Query User{726A9481-D457-4B13-9623-0130708B3B52}D:\techniclauncher\runtimes\jre-legacy\bin\javaw.exe] => (Allow) D:\techniclauncher\runtimes\jre-legacy\bin\javaw.exe => No File
FirewallRules: [TCP Query User{FE2B493D-8BFE-4F2E-A795-57F47A5594DE}D:\games\gtav\gta5.exe] => (Allow) D:\games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{B682205A-701E-41F3-960C-DF2CEE9BD125}D:\games\gtav\gta5.exe] => (Allow) D:\games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{0B88333A-0494-44EA-8893-D5161B2A1EA9}D:\games\spellbreak\g3\binaries\win64\spellbreak.exe] => (Allow) D:\games\spellbreak\g3\binaries\win64\spellbreak.exe => No File
FirewallRules: [UDP Query User{6D61F061-71CA-43D1-B9D3-453E37994D82}D:\games\spellbreak\g3\binaries\win64\spellbreak.exe] => (Allow) D:\games\spellbreak\g3\binaries\win64\spellbreak.exe => No File
FirewallRules: [TCP Query User{8138961B-B368-4E5E-8213-21A8E08282E1}D:\anydesk (2).exe] => (Allow) D:\anydesk (2).exe => No File
FirewallRules: [UDP Query User{E5E7D3DF-5F8C-4E47-AD44-CFABE29E359E}D:\anydesk (2).exe] => (Allow) D:\anydesk (2).exe => No File
FirewallRules: [TCP Query User{FC7ED016-C06C-4236-B5F1-A957612FB8A8}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{BB3D5DBB-90B5-4BDC-B7EE-4B81A9D16699}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [TCP Query User{D51A77DD-D378-40A3-B142-66A6699EB8F4}D:\badlion\badlion client\badlion client.exe] => (Allow) D:\badlion\badlion client\badlion client.exe => No File
FirewallRules: [UDP Query User{6A78B6C6-0783-4735-87BA-A7226AA647FE}D:\badlion\badlion client\badlion client.exe] => (Allow) D:\badlion\badlion client\badlion client.exe => No File
FirewallRules: [TCP Query User{62E941B9-9756-4FA4-869B-81AF63A00EE5}C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe => No File
FirewallRules: [UDP Query User{118E2C40-CD22-4CD0-8941-D1E6A0FE8A4A}C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe => No File
FirewallRules: [TCP Query User{2F94ADDC-7E0A-442A-9067-D62C4A8A7239}D:\resanance\resanance\resanance.exe] => (Allow) D:\resanance\resanance\resanance.exe => No File
FirewallRules: [UDP Query User{6FD1E189-014D-4B41-AD21-A13C3CA8E797}D:\resanance\resanance\resanance.exe] => (Allow) D:\resanance\resanance\resanance.exe => No File
FirewallRules: [{F9EED100-7024-461E-99AB-49A46BA1A2FD}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{03BDF9D9-00EB-4655-9754-35D1553CAA11}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7393F0F5-06EA-4AD3-A07E-53B39325C63A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{977E24DE-A464-497F-93A8-2153DCDB8528}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CEA2FE61-04D7-408A-908E-2CC51AFF1B10}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C68CC861-0452-41E3-88B6-429BE917C94D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{F890D5CF-9404-490C-8646-2F967A4AC995}C:\users\pcgamer\appdata\local\discord\app-1.0.9008\discord.exe] => (Allow) C:\users\pcgamer\appdata\local\discord\app-1.0.9008\discord.exe => No File
FirewallRules: [UDP Query User{803285D5-C094-4C3F-A366-EE520FD46A91}C:\users\pcgamer\appdata\local\discord\app-1.0.9008\discord.exe] => (Allow) C:\users\pcgamer\appdata\local\discord\app-1.0.9008\discord.exe => No File
FirewallRules: [TCP Query User{2B579A76-CE82-4A73-8E91-8C60568B1613}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{5A823CE0-DB0E-47EA-98AF-5B425A114519}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{F69F0E99-6B6E-498C-9A9B-D28BB1AB4167}D:\games\gtav\gta5.exe] => (Allow) D:\games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{FF618F90-26DE-4CF6-B02A-E716880FFBD9}D:\games\gtav\gta5.exe] => (Allow) D:\games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{6CC32D59-E453-4186-921A-D73AA31C1F31}] => (Allow) D:\Games\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9FFCF17F-DD33-49C1-ADB3-715A23AE68FB}] => (Allow) D:\Games\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DD4EFFF3-AE3D-4427-8AC6-27EBD38B7F76}] => (Allow) D:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{34F54C6B-C16B-4245-B3C6-5B59ACFC3AC9}] => (Allow) D:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{2C90682F-2808-44D8-9209-0A455D36D0FE}D:\games\steam\steamapps\common\fifa 23\fifa23.exe] => (Allow) D:\games\steam\steamapps\common\fifa 23\fifa23.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [UDP Query User{2470B447-FEC3-4D6E-9E4F-8788304E42F1}D:\games\steam\steamapps\common\fifa 23\fifa23.exe] => (Allow) D:\games\steam\steamapps\common\fifa 23\fifa23.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{0CF4394A-EF46-4E05-AF49-EAC52F3B33B2}] => (Block) C:\Program Files\Maxon\App Manager\Maxon.exe => No File
FirewallRules: [{B3F87F20-EF9B-4754-8411-564162319E99}] => (Block) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxon App () <==== ATTENTION [zero byte File/Folder]
FirewallRules: [{24395309-2230-430E-8145-54411C4EAD81}] => (Block) %ProgramFiles%\Maxon\App Manager\Maxon.exe => No File
FirewallRules: [{EE23A3F4-46CA-4873-B014-9C3930C0A3A4}] => (Allow) C:\Program Files\Red Giant\Offload\Offload.exe (Red Giant   LLC -> Red Giant)
FirewallRules: [{ECD81706-B343-4542-A943-2C928B1CD1FD}] => (Allow) C:\Program Files\Red Giant\PluralEyes 4\PluralEyes 4.exe (Red Giant   LLC -> Red Giant, LLC)
FirewallRules: [{00E82512-9CC0-464F-8FB9-99002A3F8B41}] => (Allow) C:\Program Files\Red Giant\PluralEyes 4\PEServer.exe (Red Giant, LLC) [File not signed]
FirewallRules: [{330981A8-D1B6-4AC1-8DC5-950B57ECD534}] => (Allow) C:\Users\PCGAMER\AppData\Roaming\uTorrent Web\utweb.exe => No File
FirewallRules: [{BD1C02E5-C231-4333-B308-785A49DD8DEF}] => (Allow) C:\Users\PCGAMER\AppData\Roaming\uTorrent Web\utweb.exe => No File
FirewallRules: [TCP Query User{41DABC74-2BC4-41A5-A930-35CD35FC671C}C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{2849BE34-3937-4A4D-A27C-30720477D00A}C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{1149EB89-F6A0-4341-87A1-2B19C48F1FEA}C:\users\pcgamer\appdata\local\discord\app-1.0.9011\discord.exe] => (Allow) C:\users\pcgamer\appdata\local\discord\app-1.0.9011\discord.exe => No File
FirewallRules: [UDP Query User{9BB6F776-1F53-489E-83DE-1B648E6A9DB8}C:\users\pcgamer\appdata\local\discord\app-1.0.9011\discord.exe] => (Allow) C:\users\pcgamer\appdata\local\discord\app-1.0.9011\discord.exe => No File
FirewallRules: [TCP Query User{C8C3D496-E674-49C2-88AE-E31CCB8908EA}D:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Allow) D:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [UDP Query User{087C6CDC-05D4-4E0C-9F6C-9FE5504857AA}D:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Allow) D:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [TCP Query User{FBF8B67E-807B-4C90-A598-BC968AD02645}D:\soundwire server\soundwireserver.exe] => (Allow) D:\soundwire server\soundwireserver.exe => No File
FirewallRules: [UDP Query User{3B445C85-896F-4AEF-A0BC-E8F742FF1A6A}D:\soundwire server\soundwireserver.exe] => (Allow) D:\soundwire server\soundwireserver.exe => No File
FirewallRules: [{4753BE11-2C94-4F6D-8784-FC9BC25C6735}] => (Allow) D:\ianygo.exe => No File
FirewallRules: [{2F909DFB-B4ED-4FC4-B216-DD10494A1C19}] => (Allow) D:\ianygo.exe => No File
FirewallRules: [TCP Query User{DEB738EF-20B7-4EF7-AC3F-A1977D2430A2}C:\program files (x86)\tenorshare\tenorshare ianygo\tenorshare ianygo.exe] => (Allow) C:\program files (x86)\tenorshare\tenorshare ianygo\tenorshare ianygo.exe => No File
FirewallRules: [UDP Query User{16D4A734-A9D7-408F-B908-30CBE2690C78}C:\program files (x86)\tenorshare\tenorshare ianygo\tenorshare ianygo.exe] => (Allow) C:\program files (x86)\tenorshare\tenorshare ianygo\tenorshare ianygo.exe => No File
FirewallRules: [TCP Query User{AD8225CB-6A00-4EED-8F67-BBCF2D193129}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{6E5D8B61-4536-409F-9774-468B856A77ED}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [TCP Query User{9D927F74-F0A5-4864-A82C-CDC1D48A5010}C:\program files (x86)\jeulin\atelier scientifique eleve physique chimie\esaostudio.exe] => (Allow) C:\program files (x86)\jeulin\atelier scientifique eleve physique chimie\esaostudio.exe => No File
FirewallRules: [UDP Query User{CE3D5BA6-37B7-4A1A-B7CB-278A5BA7E327}C:\program files (x86)\jeulin\atelier scientifique eleve physique chimie\esaostudio.exe] => (Allow) C:\program files (x86)\jeulin\atelier scientifique eleve physique chimie\esaostudio.exe => No File
FirewallRules: [TCP Query User{99487954-43DD-40FC-817B-9DC62E78ED02}D:\nodejs\node.exe] => (Allow) D:\nodejs\node.exe (OpenJS Foundation -> Node.js)
FirewallRules: [UDP Query User{4325294A-9DC5-4B07-B7C0-77D7C9CAD3CA}D:\nodejs\node.exe] => (Allow) D:\nodejs\node.exe (OpenJS Foundation -> Node.js)
FirewallRules: [TCP Query User{71BA53DB-4809-4D1C-8CCE-5F8D21433D10}D:\anydesk (7).exe] => (Block) D:\anydesk (7).exe => No File
FirewallRules: [UDP Query User{136FD1FA-10F4-4767-818A-8EC46C63CF3F}D:\anydesk (7).exe] => (Block) D:\anydesk (7).exe => No File
FirewallRules: [TCP Query User{C3B77FAB-F3E9-4CFC-9AE8-9A8C89876B25}C:\program files (x86)\imobie\anytrans\anytrans.exe] => (Allow) C:\program files (x86)\imobie\anytrans\anytrans.exe => No File
FirewallRules: [UDP Query User{C84B9A55-6474-47F9-825B-F629AF9BF31A}C:\program files (x86)\imobie\anytrans\anytrans.exe] => (Allow) C:\program files (x86)\imobie\anytrans\anytrans.exe => No File
FirewallRules: [{527690EB-5A2E-4393-B162-548510F5D144}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{049B499A-ADDE-4C0B-8AB4-127CFE8E8BA3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{90C83765-14AB-4356-B497-AF3A53C3BFBC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4DB95E3C-34E8-4390-AF70-17E98CF17EFE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{DD8430A5-BE1E-4889-AD44-22697068C75F}C:\program files (x86)\imobie\anytrans\airbackuphelper.exe] => (Block) C:\program files (x86)\imobie\anytrans\airbackuphelper.exe => No File
FirewallRules: [UDP Query User{FA942569-5B44-4F67-AB59-F9DFD2556550}C:\program files (x86)\imobie\anytrans\airbackuphelper.exe] => (Block) C:\program files (x86)\imobie\anytrans\airbackuphelper.exe => No File
FirewallRules: [{C7930689-5C58-46E1-BBB0-0EA11B5D2D83}] => (Allow) C:\Users\PCGAMER\AppData\Local\Programs\Opera GX\98.0.4759.74\opera.exe => No File
FirewallRules: [TCP Query User{CAC5188A-C778-424D-93A6-95D3620663A8}D:\anydesk (8).exe] => (Block) D:\anydesk (8).exe => No File
FirewallRules: [UDP Query User{88EB6471-BB48-43A7-AC87-01DAF5EEC311}D:\anydesk (8).exe] => (Block) D:\anydesk (8).exe => No File
FirewallRules: [TCP Query User{7E2D5E29-934A-41CF-8EF3-EAABA6CA6A38}C:\users\pcgamer\appdata\local\discord\app-1.0.9013\discord.exe] => (Allow) C:\users\pcgamer\appdata\local\discord\app-1.0.9013\discord.exe => No File
FirewallRules: [UDP Query User{E58F9B2A-5B4C-4E61-BCE5-E9A28B482B1B}C:\users\pcgamer\appdata\local\discord\app-1.0.9013\discord.exe] => (Allow) C:\users\pcgamer\appdata\local\discord\app-1.0.9013\discord.exe => No File
FirewallRules: [TCP Query User{B9E50D82-5D35-4D4A-AEB2-96A62FC1DC7D}C:\users\pcgamer\appdata\roaming\paladium-group\java\legacy\java\bin\java.exe] => (Allow) C:\users\pcgamer\appdata\roaming\paladium-group\java\legacy\java\bin\java.exe
FirewallRules: [UDP Query User{6CC4C2EE-BDBF-4CDF-9B4C-4D03A15E9069}C:\users\pcgamer\appdata\roaming\paladium-group\java\legacy\java\bin\java.exe] => (Allow) C:\users\pcgamer\appdata\roaming\paladium-group\java\legacy\java\bin\java.exe
FirewallRules: [TCP Query User{3551C385-7BC3-42BF-A68A-C33526809187}C:\users\pcgamer\appdata\local\programs\elundus-core\elundus core.exe] => (Block) C:\users\pcgamer\appdata\local\programs\elundus-core\elundus core.exe => No File
FirewallRules: [UDP Query User{339078DF-BE41-4A05-90BC-D28CB320BD0C}C:\users\pcgamer\appdata\local\programs\elundus-core\elundus core.exe] => (Block) C:\users\pcgamer\appdata\local\programs\elundus-core\elundus core.exe => No File
FirewallRules: [TCP Query User{FD98942B-3624-4FAF-8D5F-6CFAE79599FC}D:\games\steam\steamapps\common\fifa 23\fifa23.exe] => (Allow) D:\games\steam\steamapps\common\fifa 23\fifa23.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [UDP Query User{44B7A9DA-78D4-42D1-8D52-3823646C69C9}D:\games\steam\steamapps\common\fifa 23\fifa23.exe] => (Allow) D:\games\steam\steamapps\common\fifa 23\fifa23.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{CC20B854-ABDA-4B77-88C9-FEFAA24A8ADD}C:\users\pcgamer\curseforge\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\pcgamer\curseforge\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File
FirewallRules: [UDP Query User{7D64F896-77E2-4477-A08F-A91E739E15C9}C:\users\pcgamer\curseforge\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\pcgamer\curseforge\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File
FirewallRules: [{C70D4954-27F7-4F93-BB9C-9A7AFE6CED21}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe => No File
FirewallRules: [{2BDFC9DA-3397-47B6-A7ED-EF5A2D6C6105}] => (Allow) D:\fifaa\EA SPORTS FC 24\EAAntiCheat.GameServiceLauncher.exe => No File
FirewallRules: [{EC01975B-1A1F-45A7-BBA9-1438C13D019A}] => (Allow) D:\fifaa\EA SPORTS FC 24\EAAntiCheat.GameServiceLauncher.exe => No File
FirewallRules: [{995572DE-189E-44CF-928E-801732DDF813}] => (Allow) C:\Program Files (x86)\TuxlerChromeExtensionHelperApp\ExtensionHelperAppManager.exe (TUXLER PRIVACY TECHNOLOGIES, INC. -> Tuxler Privacy Technologies, Inc.)
FirewallRules: [{4D2B39CE-8BED-4BBC-A806-859A43CFE2BD}] => (Allow) C:\Program Files (x86)\TuxlerChromeExtensionHelperApp\ExtensionHelperApp.exe (TUXLER PRIVACY TECHNOLOGIES, INC. -> Tuxler Privacy Technologies, Inc.)
FirewallRules: [{7393AB7A-A0A3-46F2-B57A-58F54F1103DE}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe () [File not signed]
FirewallRules: [{0BF29E62-6B99-40F1-98BC-E6DA5F883549}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe () [File not signed]
FirewallRules: [{18030275-0E62-4BB8-8BB2-893A6967BD3D}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe () [File not signed]
FirewallRules: [{87BE9D37-17B7-48D1-9D82-6276C6FD3F63}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe () [File not signed]
FirewallRules: [{8108DB6C-B3A9-45D9-969E-F814A6F1ACA3}] => (Allow) C:\Program Files (x86)\TuxlerChromeExtensionHelperApp\ExtensionHelperAppManager.exe (TUXLER PRIVACY TECHNOLOGIES, INC. -> Tuxler Privacy Technologies, Inc.)
FirewallRules: [{B50E8090-477D-43EE-A9F3-86954867EB55}] => (Allow) C:\Program Files (x86)\TuxlerChromeExtensionHelperApp\ExtensionHelperApp.exe (TUXLER PRIVACY TECHNOLOGIES, INC. -> Tuxler Privacy Technologies, Inc.)
FirewallRules: [{4E5BB771-6050-464B-99A0-4B437015E3E9}] => (Allow) C:\Program Files (x86)\TuxlerChromeExtensionHelperApp\ExtensionHelperAppManager.exe (TUXLER PRIVACY TECHNOLOGIES, INC. -> Tuxler Privacy Technologies, Inc.)
FirewallRules: [{C08F13CE-1503-4189-A0E5-E709A0923228}] => (Allow) C:\Program Files (x86)\TuxlerChromeExtensionHelperApp\ExtensionHelperApp.exe (TUXLER PRIVACY TECHNOLOGIES, INC. -> Tuxler Privacy Technologies, Inc.)
FirewallRules: [{B28C1179-9F70-4DC4-BA01-2BE4703FF328}] => (Allow) C:\Program Files (x86)\TuxlerChromeExtensionHelperApp\ExtensionHelperAppManager.exe (TUXLER PRIVACY TECHNOLOGIES, INC. -> Tuxler Privacy Technologies, Inc.)
FirewallRules: [{F06A3F06-53E9-45E1-B920-877BB9D8EC84}] => (Allow) C:\Program Files (x86)\TuxlerChromeExtensionHelperApp\ExtensionHelperApp.exe (TUXLER PRIVACY TECHNOLOGIES, INC. -> Tuxler Privacy Technologies, Inc.)
FirewallRules: [{F4D9F815-19C6-496A-9A45-FCA930203391}] => (Allow) C:\Program Files (x86)\TuxlerChromeExtensionHelperApp\ExtensionHelperAppManager.exe (TUXLER PRIVACY TECHNOLOGIES, INC. -> Tuxler Privacy Technologies, Inc.)
FirewallRules: [{18F292D3-CB27-4F00-B82A-FC29D85E821C}] => (Allow) C:\Program Files (x86)\TuxlerChromeExtensionHelperApp\ExtensionHelperApp.exe (TUXLER PRIVACY TECHNOLOGIES, INC. -> Tuxler Privacy Technologies, Inc.)
FirewallRules: [{3E45F791-9283-46C8-B0E7-4FB537E1BEFE}] => (Allow) C:\Program Files (x86)\TuxlerChromeExtensionHelperApp\ExtensionHelperAppManager.exe (TUXLER PRIVACY TECHNOLOGIES, INC. -> Tuxler Privacy Technologies, Inc.)
FirewallRules: [{E9E05F04-F96D-4C1A-B99F-CA576E4F0273}] => (Allow) C:\Program Files (x86)\TuxlerChromeExtensionHelperApp\ExtensionHelperApp.exe (TUXLER PRIVACY TECHNOLOGIES, INC. -> Tuxler Privacy Technologies, Inc.)
FirewallRules: [{FDE1AC49-CED5-437E-A6E4-5978BBA86BE0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1B697DC5-58FF-4597-AD81-5590B96646EB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EB6F549E-5581-4A44-A1D7-6BFD007199BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{460925D7-204D-42AD-A559-A82E9B07AA3F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{55799818-002F-42EB-A473-C3471318D753}] => (Allow) D:\bstacks\BlueStacks X\BlueStacksWeb.exe (Now.gg, INC -> Bluestack Systems, Inc.)
FirewallRules: [{AF150354-7336-4B09-A8AD-886008481BE1}] => (Allow) D:\bstacks\BlueStacks X\Cloud Game.exe (Now.gg, INC -> COMPANY NAME)
FirewallRules: [{1277D12C-7377-4927-BE11-DE6FAFB15A1E}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{9FFF0CA7-AE20-4474-8132-6B7942F61901}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe => No File
FirewallRules: [{F921757B-CD57-4A64-9651-4EA396CB60C5}] => (Allow) C:\Program Files (x86)\TuxlerChromeExtensionHelperApp\ExtensionHelperAppManager.exe (TUXLER PRIVACY TECHNOLOGIES, INC. -> Tuxler Privacy Technologies, Inc.)
FirewallRules: [{84C4503C-AED3-483B-8B8F-C47AC815E57D}] => (Allow) C:\Program Files (x86)\TuxlerChromeExtensionHelperApp\ExtensionHelperApp.exe (TUXLER PRIVACY TECHNOLOGIES, INC. -> Tuxler Privacy Technologies, Inc.)
FirewallRules: [{9388745F-5822-41F1-BF5D-91832D79EBB1}] => (Allow) C:\Users\PCGAMER\AppData\Local\Programs\Opera GX\105.0.4970.63\opera.exe => No File
FirewallRules: [{B82E25E1-5A7B-42F7-963F-89789C0C8AD1}] => (Allow) C:\Users\PCGAMER\AppData\Local\Programs\Opera GX\105.0.4970.74\opera.exe => No File
FirewallRules: [{0AFFFAC8-AC1E-45AA-BE71-B74DCDEF2E37}] => (Allow) D:\Games\Steam\steamapps\common\eFootball\eFootball\Binaries\Win64\eFootball.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{D262156A-C6B8-4EE2-AFC0-0540CB6B004A}] => (Allow) D:\Games\Steam\steamapps\common\eFootball\eFootball\Binaries\Win64\eFootball.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{8d2670d5-a65e-4b8d-bbaa-5033ff7487ce}] => (Allow) C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation)
FirewallRules: [{e09cedcb-0de4-4712-b495-514dfbbf24c5}] => (Allow) C:\Program Files\ldplayer9box\VBoxNetNAT.exe (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation)
FirewallRules: [{ed1498d0-5229-4da1-98b2-618d65e11e28}] => (Allow) D:\LDPlayer\LDPlayer9\dnplayer.exe (Shanghai Baizhi Network Technology Co., Ltd. -> )
FirewallRules: [{F3576494-2B76-4A49-8817-38BDC2225778}] => (Allow) C:\Users\PCGAMER\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{EE89B096-B703-4D5D-9CF4-A746C61CA269}] => (Allow) C:\Users\PCGAMER\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{BF5EE8FD-6AE8-4DF8-B7C4-A090E8B970E4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{3C795058-BC67-4805-B093-75EC74ED2160}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.66\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FA334DA1-C8F0-4585-81FF-1BB749A0860A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{4D284CF3-3E40-49FB-863B-E735F5FC2D11}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{7BAF155F-64A8-4F66-A233-511D42098DB2}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{6E741E10-3C29-4DBC-BD73-412CB4D0CA78}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{D6C300AF-1704-45E5-A70F-ED6905F84D5A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{AA71DC68-7258-47A0-984F-0A9B1D91EABB}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{7BB9B9EC-8E08-4078-A009-B7DBB0532C81}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{C414A35A-4B4E-4C56-923D-A13D97E6D144}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{8C84930F-1DB2-4CBC-AA12-CA4F68EB43A5}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{75FA534E-E354-42DC-9D58-3C2F47D1B7BD}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{6B9E4DB4-5B27-4BEC-A812-D2C596758A44}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

Name: ExpressVPN TAP Adapter
Description: ExpressVPN TAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ExpressVPN
Service: tapexpressvpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (03/05/2024 01:14:31 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: La création du contexte d’activation a échoué pour « D:\capcut\CapCut.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne .
Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active.
Les composants en conflit sont :
Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.3636_none_a863d714867441db.manifest.
Composant 2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.3636_none_60b6a03d71f818d5.manifest.

Error: (03/05/2024 01:13:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante RobloxPlayerBeta.exe, version : 0.614.274.45570, horodatage : 0xc77e005c
Nom du module défaillant : RobloxPlayerBeta.exe, version : 0.614.274.45570, horodatage : 0xc77e005c
Code d’exception : 0x80000003
Décalage d’erreur : 0x000000000058f530
ID du processus défaillant : 0x588
Heure de début de l’application défaillante : 0x01da6ef05b8b2779
Chemin d’accès de l’application défaillante : C:\Users\PCGAMER\AppData\Local\Roblox\Versions\version-6c9c3d4458db4041\RobloxPlayerBeta.exe
Chemin d’accès du module défaillant: C:\Users\PCGAMER\AppData\Local\Roblox\Versions\version-6c9c3d4458db4041\RobloxPlayerBeta.exe
ID de rapport : fa8586e4-850d-4c55-81f6-0bd974dbf6d8
Nom complet du package défaillant :
ID de l’application relative au package défaillant :

Error: (03/05/2024 12:30:56 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0xC004F074
Arguments de la ligne de commande :
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (03/05/2024 12:30:30 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0xC004F074
Arguments de la ligne de commande :
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (03/05/2024 12:30:04 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0xC004F074
Arguments de la ligne de commande :
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent

Error: (03/05/2024 01:17:38 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0xC004F074
Arguments de la ligne de commande :
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent

Error: (03/05/2024 01:16:20 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0xC004F074
Arguments de la ligne de commande :
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent

Error: (03/05/2024 12:17:11 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erreur lors de la mise à jour du statut  vers SECURITY_PRODUCT_STATE_ON.


System errors:
=============
Error: (03/05/2024 01:13:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service kss n’a pas pu démarrer en raison de l’erreur :
Le fichier spécifié est introuvable.

Error: (03/05/2024 01:13:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service kss n’a pas pu démarrer en raison de l’erreur :
Le fichier spécifié est introuvable.

Error: (03/05/2024 01:07:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service kss n’a pas pu démarrer en raison de l’erreur :
Le fichier spécifié est introuvable.

Error: (03/05/2024 01:07:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service kss n’a pas pu démarrer en raison de l’erreur :
Le fichier spécifié est introuvable.

Error: (03/05/2024 01:02:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service kss n’a pas pu démarrer en raison de l’erreur :
Le fichier spécifié est introuvable.

Error: (03/05/2024 01:02:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service kss n’a pas pu démarrer en raison de l’erreur :
Le fichier spécifié est introuvable.

Error: (03/05/2024 12:57:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service kss n’a pas pu démarrer en raison de l’erreur :
Le fichier spécifié est introuvable.

Error: (03/05/2024 12:57:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service kss n’a pas pu démarrer en raison de l’erreur :
Le fichier spécifié est introuvable.


Windows Defender:
================
Date: 2024-03-05 12:43:57
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
[URL unfurl="true"]https://go.microsoft.com/fwlink/?linkid=37020&name=PUABundler:Win32/CheatEngine&threatid=365468&enterprise=0[/URL]
Nom : PUABundler:Win32/CheatEngine
ID : 365468
Gravité : Faible
Catégorie : Logiciel potentiellement non désiré
Chemin : file:_D:\CheatEngine75 (1).exe
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur :
Nom du processus : C:\Users\PCGAMER\AppData\Local\Roblox\Versions\version-6c9c3d4458db4041\RobloxPlayerBeta.exe
Version de la veille de sécurité : AV: 1.405.1086.0, AS: 1.405.1086.0, NIS: 0.0.0.0
Version du moteur : AM: 1.1.24010.10, NIS: 0.0.0.0

Date: 2024-03-05 12:39:54
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
[URL unfurl="true"]https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:Win32/DefenderTamperingRestore&threatid=2147741622&enterprise=0[/URL]
Nom : VirTool:Win32/DefenderTamperingRestore
ID : 2147741622
Gravité : Grave
Catégorie : Outil
Chemin : regkeyvalue:_hklm\software\policies\microsoft\windows defender\real-time protection\\DisableBehaviorMonitoring
Origine de la détection : Inconnu
Type de détection : Concret
Source de détection : Système
Utilisateur : AUTORITE NT\Système
Nom du processus : Unknown
Version de la veille de sécurité : AV: 1.405.1086.0, AS: 1.405.1086.0, NIS: 0.0.0.0
Version du moteur : AM: 1.1.24010.10, NIS: 0.0.0.0

Date: 2024-03-04 23:35:43
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
[URL unfurl="true"]https://go.microsoft.com/fwlink/?linkid=37020&name=PUABundler:Win32/CheatEngine&threatid=365468&enterprise=0[/URL]
Nom : PUABundler:Win32/CheatEngine
ID : 365468
Gravité : Faible
Catégorie : Logiciel potentiellement non désiré
Chemin : file:_D:\CheatEngine75 (1).exe
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur :
Nom du processus : C:\Users\PCGAMER\AppData\Local\Roblox\Versions\version-6c9c3d4458db4041\RobloxPlayerBeta.exe
Version de la veille de sécurité : AV: 1.405.1052.0, AS: 1.405.1052.0, NIS: 0.0.0.0
Version du moteur : AM: 1.1.24010.10, NIS: 0.0.0.0

Date: 2024-03-04 15:22:58
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
[URL unfurl="true"]https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:Win32/DefenderTamperingRestore&threatid=2147741622&enterprise=0[/URL]
Nom : VirTool:Win32/DefenderTamperingRestore
ID : 2147741622
Gravité : Grave
Catégorie : Outil
Chemin : regkeyvalue:_hklm\software\policies\microsoft\windows defender\\DisableAntiSpyware
Origine de la détection : Inconnu
Type de détection : Concret
Source de détection : Système
Utilisateur : AUTORITE NT\Système
Nom du processus : Unknown
Version de la veille de sécurité : AV: 1.405.976.0, AS: 1.405.976.0, NIS: 1.405.976.0
Version du moteur : AM: 1.1.24010.10, NIS: 1.1.24010.10

Date: 2024-03-02 22:19:54
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
[URL unfurl="true"]https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Znyonm&threatid=2147890445&enterprise=0[/URL]
Nom : Trojan:Win32/Znyonm
ID : 2147890445
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : file:_D:\dl\utweb_installer.exe
Origine de la détection : Ordinateur local
Type de détection : Chemin rapide
Source de détection : Protection en temps réel
Utilisateur : DESKTOP-3RPVMEJ\PC GAMER
Nom du processus : C:\Windows\explorer.exe
Version de la veille de sécurité : AV: 1.405.913.0, AS: 1.405.913.0, NIS: 1.405.913.0
Version du moteur : AM: 1.1.24010.10, NIS: 1.1.24010.10
Event[0]:

Date: 2024-03-04 23:14:28
Description:
La fonctionnalité de protection en temps réel Antivirus Microsoft Defender a rencontré une erreur et échoué.
Fonctionnalité : Sur accès
Code d’erreur : 0x8007043c
Description de l’erreur : Ce service ne peut pas être démarré en mode sans échec
Raison : La veille de sécurité contre les logiciels malveillants a cessé de fonctionner pour une raison inconnue. Dans certains cas, le redémarrage du service peut résoudre le problème.

Date: 2023-11-20 19:08:11
Description:
Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.401.908.0
Source de mise à jour : Serveur Microsoft Update
Type de veille de sécurité : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\Système
Version actuelle du moteur :
Version précédente du moteur : 1.1.23100.2009
Code d’erreur : 0x8024402c
Description de l’erreur : Un problème inattendu s’est produit lors de la vérification des mises à jour. Pour plus d’informations sur l’installation ou la résolution des problèmes de mise à jour, voir Aide et support.

Date: 2023-08-31 20:09:49
Description:
Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.391.4019.0
Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants
Type de veille de sécurité : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\Système
Version actuelle du moteur :
Version précédente du moteur : 1.1.23050.3
Code d’erreur : 0x80070070
Description de l’erreur : Espace insuffisant sur le disque.

Date: 2023-08-31 20:09:49
Description:
Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.391.4019.0
Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants
Type de veille de sécurité : Logiciel anti-espion
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\Système
Version actuelle du moteur :
Version précédente du moteur : 1.1.23050.3
Code d’erreur : 0x80070070
Description de l’erreur : Espace insuffisant sur le disque.

Date: 2023-08-31 20:09:49
Description:
Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.391.4019.0
Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants
Type de veille de sécurité : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\Système
Version actuelle du moteur :
Version précédente du moteur : 1.1.23050.3
Code d’erreur : 0x80070070
Description de l’erreur : Espace insuffisant sur le disque.

CodeIntegrity:
===============
Date: 2024-03-05 13:44:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2024-03-05 13:38:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. P3.70 11/14/2019
Motherboard: ASRock B450M-HDV R4.0
Processor: AMD Ryzen 5 3600 6-Core Processor
Percentage of memory in use: 74%
Total physical RAM: 16313.86 MB
Available physical RAM: 4085.22 MB
Total Virtual: 30649.86 MB
Available Virtual: 11387 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.17 GB) (Free:5.65 GB) (Model:  KINGSTON SA400S3 SCSI Disk Device) NTFS
Drive d: (Nouveau nom) (Fixed) (Total:931.5 GB) (Free:394.58 GB) (Model:  WDC WD10EZEX-60W SCSI Disk Device) NTFS

\\?\Volume{d2ce56ce-ee7d-493e-a267-efedbcadf977}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{8a32d6c7-be1f-437f-8b1e-aa2acfc51829}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================
 
Last edited by a moderator:
#2
@Ichigo

Adware Cleaner

  • Download AdwCleaner and save it to your Desktop
  • Right-click on AdwCleaner.exeand select, Run as Administrator
  • Accept the EULA (I accept), then click on Scan Now
  • Let the scan complete
  • Once the scan completes, make sure that every item listed in the different tabs is checked and click on the Quarantine and delete.
  • Once the cleaning process is complete, AdwCleaner will ask you to restart your computer
  • Close all other open windows and allow it to restart
  • After the restart, Notepad will open with the AdwCleaner cleaning log
  • Please Attach the contents of that log into your next reply to me
Copy the content of the code box below.
Do not copy the word code!!!
Right Click FRST and run as Administrator.
Click Fix once (!) and wait. The program will create a log file (Fixlog.txt).
Attach it to your next message.

Code: 
start::
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
Unlock: C:\ProgramData\kss.sys
File: C:\ProgramData\kss.sys
VirusTotal: C:\ProgramData\kss.sys
HKLM\...\Run: [SoftEther VPN Client UI Helper] => "C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe" /uihelp (No File)
HKLM\...\Run: [Riot Vanguard] => "C:\Program Files\Riot Vanguard\vgtray.exe" (No File)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (No File)
HKLM-x32\...\Run: [AirBackupHelper] => C:\Program Files (x86)\iMobie\AnyTrans\AirBackupHelper.exe (No File)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [CCXProcess] => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe" (No File)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [Medal] => "C:\Users\PCGAMER\AppData\Local\Medal\update.exe" --processStart "Medal.exe" (No File)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [CCleaner Smart Cleaning] => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR (No File)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe (No File)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [AirBackupHelper] => C:\Program Files (x86)\iMobie\AnyTrans\AirBackupHelper.exe (No File)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [AnyTransToolHelper] => C:\Program Files (x86)\iMobie\AnyTrans\AnyTransToolHelper.exe (No File)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [Opera GX Stable] => C:\Users\PCGAMER\AppData\Local\Programs\Opera GX\launcher.exe (No File)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\PCGAMER\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe (No File)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [ProtonVPN] => D:\Games\Proton\VPN\ProtonVPN.Launcher.exe (No File)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [ut] => "C:\Users\PCGAMER\AppData\Roaming\utorrent\uTorrent.exe"  /MINIMIZED (No File)
HKU\S-1-5-18\...\Run: [Synapse3] => D:\Games\razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (No File)
ShortcutTarget: Twitch.lnk -> C:\Users\PCGAMER\AppData\Roaming\Twitch\Bin\Twitch.exe (No File)
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (No File)
Task: {773CE06F-62F6-4EC1-97EB-A77952802BA8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe  -task (No File)
Task: {72619BC7-BC61-4453-A111-B054495D5E6F} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe  /c (No File)
Task: {AF56477F-AE15-49AD-9542-BDCEC27FD587} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe  /ua /installsource scheduler (No File)
Task: {242DE1B2-6231-4AA6-8E9B-AF217929FFB2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe  (No File)
Task: {DF1CB7FD-3D9E-4FA8-B93F-7757FABFA959} - System32\Tasks\CCleanerSkipUAC - PC GAMER => "C:\Program Files\CCleaner\CCleaner.exe"  $(Arg0) (No File)
Task: {86F231EB-3EFB-46E7-B790-A63299856A23} - System32\Tasks\ExclusiveTool => D:\ExclusiveModeTool.exe  /a (No File)
Task: {EF68D3F6-84AA-45EE-A94C-887240437F7D} - System32\Tasks\GyazoUpdateTaskMachine => "C:\Program Files (x86)\Gyazo\GyazoUpdate.exe"  (No File)
Task: {BE374D69-D46E-464C-A895-0636B6596801} - System32\Tasks\GyazoUpdateTaskMachineDaily => "C:\Program Files (x86)\Gyazo\GyazoUpdate.exe"  (No File)
Task: {94A9F561-56EB-4F8B-9E9B-F6CED488A779} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\PLUGScheduler => "%ProgramFiles%\RUXIM\PLUGscheduler.exe"  (No File)
Task: {D875F910-D569-4A67-B9CB-86514D939411} - System32\Tasks\Opera GX scheduled Autoupdate 1684077563 => C:\Users\PCGAMER\AppData\Local\Programs\Opera GX\launcher.exe  --scheduledautoupdate $(Arg0) (No File)
Winsock: Catalog9 17 %windir%\system32\vsocklib.dll => No File
Winsock: Catalog9 18 %windir%\system32\vsocklib.dll => No File
Winsock: Catalog9-x64 17 %windir%\system32\vsocklib.dll => No File
Winsock: Catalog9-x64 18 %windir%\system32\vsocklib.dll => No File
FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> D:\Games\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> D:\Games\VLC\npvlc.dll [No File]
S2 brave; "C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe" /svc [X]
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\114.1.52.130\elevation_service.exe" [X]
S3 bravem; "C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe" /medsvc [X]
S3 BraveVpnService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\114.1.52.130\brave_vpn_helper.exe" [X]
S4 CCleanerPerformanceOptimizerService; "C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe" [X]
S3 ComboCleaner.Guard; D:\Games\ComboCleaner.Guard.exe [X]
S3 ComboCleaner.WinService; D:\Games\ComboCleaner.WinService.exe [X]
S4 mxredirect; C:\Program Files\Maxon\Tools\mxredirect.exe [X]
S4 vgc; "C:\Program Files\Riot Vanguard\vgc.exe" [X]
R3 EAAntiCheat; system32\drivers\eaanticheat.sys [X]
S1 vgk; \??\C:\Program Files\Riot Vanguard\vgk.sys [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKU\S-1-5-21-13960046-46231223-1468497707-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Winsock: Catalog9 17 %windir%\system32\vsocklib.dll => No File
Winsock: Catalog9 18 %windir%\system32\vsocklib.dll => No File
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog9-x64 17 %windir%\system32\vsocklib.dll => No File
Winsock: Catalog9-x64 18 %windir%\system32\vsocklib.dll => No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{0b9357df-11b6-4d83-bc26-3565105b1aad}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{203d845f-6759-4ae5-a86b-91dbbaa0120b}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{203d845f-6759-4ae5-a86b-91dbbaa0120b}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{203d845f-6759-4ae5-a86b-91dbbaa0120b}\14C484E4D213236414: [NameServer] 8.8.8.8,4.4.4.4
Tcpip\..\Interfaces\{203d845f-6759-4ae5-a86b-91dbbaa0120b}\14C484E4D213236414: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{203d845f-6759-4ae5-a86b-91dbbaa0120b}\649424255402D4149435F4E4: [NameServer] 8.8.8.8,4.4.4.4
Tcpip\..\Interfaces\{203d845f-6759-4ae5-a86b-91dbbaa0120b}\649424255402D4149435F4E4: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{203d845f-6759-4ae5-a86b-91dbbaa0120b}\960586F6E656: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{203d845f-6759-4ae5-a86b-91dbbaa0120b}\960586F6E656: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{9da45d0e-4317-48f1-8df7-13c905ab818a}: [NameServer] 100.64.100.1
S3 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [802976 2020-12-04] (Bitdefender SRL -> Bitdefender)
C:\Windows\system32\DRIVERS\bddci.sys
S3 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [176008 2021-09-30] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender LLC)
C:\Windows\System32\DRIVERS\gzflt.sys
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [615840 2021-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
C:\Windows\System32\DRIVERS\Trufos.sys
2024-03-05 12:35 - 2022-12-24 01:19 - 000729568 _____ C:\Windows\system32\perfh00C.dat
2024-03-05 12:35 - 2022-12-24 01:19 - 000141270 _____ C:\Windows\system32\perfc00C.dat
CustomCLSID: HKU\S-1-5-21-13960046-46231223-1468497707-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\PC GAMER\AppData\Local\Microsoft\OneDrive\20.114.0607.0001\FileCoAuth.exe => No File
CustomCLSID: HKU\S-1-5-21-13960046-46231223-1468497707-1001_Classes\CLSID\{a398e697-bd60-4066-9498-8488353f3a21}\localserver32 -> C:\Program Files\Maxon\Tools\MxNotify.exe => No File
CustomCLSID: HKU\S-1-5-21-13960046-46231223-1468497707-1001_Classes\CLSID\{d936918b-9c4b-555e-074a-c79314be04e1}\localserver32 -> "C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-13960046-46231223-1468497707-1001_Classes\CLSID\{ebf97929-5ab8-fcfd-948a-ddb83e4a49b2}\localserver32 -> "D:\dl\concours\SCrawler_2024.1.26.0_x64\SCrawler.exe" -ToastActivated => No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
AlternateDataStreams: C:\ProgramData\Reprise:jhqduwvxlctbqqijsf`usjbm`vovtfe.qpsu.obnfjhjjiihq [0]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [6920]
FirewallRules: [{054F899F-69CF-41FF-9094-23470486B18B}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe => No File
FirewallRules: [{52A8D5C4-3ECE-498E-A4A6-7C01B70FF495}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe => No File
FirewallRules: [{6F2656D5-DAC2-494B-8AC5-F1C940E917D0}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe => No File
FirewallRules: [{D80C575A-6BF5-4B08-89E8-D2B357D605AC}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe => No File
FirewallRules: [{F2600EF7-7D81-4469-A507-F102CACE96C9}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe => No File
FirewallRules: [{2E37D311-0554-4AD5-A926-57B1E5865BCF}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe => No File
FirewallRules: [TCP Query User{F0F9CEDE-01AC-41C7-9A57-20CB78C80AC6}D:\atm 4\install\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\atm 4\install\runtime\jre-x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{091BD920-0D2D-4D80-ABF0-0EDB950CB248}D:\atm 4\install\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\atm 4\install\runtime\jre-x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{5A555C77-CBF8-4546-8FC4-73CF1DDC484E}C:\programdata\badlionclient\jre\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre\bin\javaw.exe => No File
FirewallRules: [UDP Query User{BFABD0FD-53D1-43E3-91CD-1D5EB0A05EB1}C:\programdata\badlionclient\jre\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre\bin\javaw.exe => No File
FirewallRules: [TCP Query User{B5F08545-1D41-40DA-9DD5-0CE3643D711A}C:\users\pcgamer\appdata\local\nationsglory\java\bin\java.exe] => (Allow) C:\users\pcgamer\appdata\local\nationsglory\java\bin\java.exe => No File
FirewallRules: [UDP Query User{01667896-6D7C-45D5-8675-72C6C96E1AFA}C:\users\pcgamer\appdata\local\nationsglory\java\bin\java.exe] => (Allow) C:\users\pcgamer\appdata\local\nationsglory\java\bin\java.exe => No File
FirewallRules: [TCP Query User{5E372279-B1BA-44FE-82B6-34FC67E7E3BC}D:\games\among us\among us.exe] => (Allow) D:\games\among us\among us.exe => No File
FirewallRules: [UDP Query User{B7FE1546-70FC-488E-95F5-5523F3BB4FE4}D:\games\among us\among us.exe] => (Allow) D:\games\among us\among us.exe => No File
FirewallRules: [TCP Query User{E7C90998-A48E-4C93-ADAC-A4369FD5A71B}C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe => No File
FirewallRules: [UDP Query User{43552EF8-77F4-4BB5-B8A7-2E884D9A4B6C}C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe => No File
FirewallRules: [TCP Query User{43F63E3A-C1FE-4D8B-B847-CFEE702ADB28}D:\soundwire server\soundwireserver.exe] => (Allow) D:\soundwire server\soundwireserver.exe => No File
FirewallRules: [UDP Query User{D64E04B8-25B2-46F7-804E-8F1909E32960}D:\soundwire server\soundwireserver.exe] => (Allow) D:\soundwire server\soundwireserver.exe => No File
FirewallRules: [TCP Query User{4DE38A99-F59D-4A58-B44D-A05A40B1F658}C:\program files\badlion client\badlion client.exe] => (Allow) C:\program files\badlion client\badlion client.exe => No File
FirewallRules: [UDP Query User{4E564661-88E1-4C6A-8921-DF98D67DEB6A}C:\program files\badlion client\badlion client.exe] => (Allow) C:\program files\badlion client\badlion client.exe => No File
FirewallRules: [TCP Query User{0FE3900E-3EC7-43F0-8208-A1E1627B049C}D:\anydesk (1).exe] => (Allow) D:\anydesk (1).exe => No File
FirewallRules: [UDP Query User{8500CE12-5DAD-4EEE-817F-A9C328D69664}D:\anydesk (1).exe] => (Allow) D:\anydesk (1).exe => No File
FirewallRules: [{D2E48565-C82B-41D0-9F0F-CF58A671AB1B}] => (Block) D:\anydesk (1).exe => No File
FirewallRules: [{5C000B5B-4194-44C0-A39E-959CEC1A02EA}] => (Block) D:\anydesk (1).exe => No File
FirewallRules: [TCP Query User{DBE432D1-30F8-4AA7-8DB3-733C186A082C}D:\gang beasts\gang beasts.exe] => (Allow) D:\gang beasts\gang beasts.exe => No File
FirewallRules: [UDP Query User{45D30406-96B2-4AD5-BAFF-50542BCE4EF8}D:\gang beasts\gang beasts.exe] => (Allow) D:\gang beasts\gang beasts.exe => No File
FirewallRules: [TCP Query User{39FD0A09-9D46-4663-8C1E-88852104C313}D:\games\bigfoot.v3.0\bigfoot\binaries\win64\bigfoot-win64-shipping.exe] => (Allow) D:\games\bigfoot.v3.0\bigfoot\binaries\win64\bigfoot-win64-shipping.exe => No File
FirewallRules: [UDP Query User{1D00AAF5-6B1D-4843-9421-F557FBB59E60}D:\games\bigfoot.v3.0\bigfoot\binaries\win64\bigfoot-win64-shipping.exe] => (Allow) D:\games\bigfoot.v3.0\bigfoot\binaries\win64\bigfoot-win64-shipping.exe => No File
FirewallRules: [TCP Query User{23FBF0ED-B7C4-4228-B2B9-4D9ED97D0EA0}D:\games\my hero one's justice 2\herogame\binaries\win64\mhoj2.exe] => (Allow) D:\games\my hero one's justice 2\herogame\binaries\win64\mhoj2.exe => No File
FirewallRules: [UDP Query User{E1B5B2FA-C341-48EE-AF46-60AE555E8A20}D:\games\my hero one's justice 2\herogame\binaries\win64\mhoj2.exe] => (Allow) D:\games\my hero one's justice 2\herogame\binaries\win64\mhoj2.exe => No File
FirewallRules: [TCP Query User{A9F3B87E-68F9-4940-AB0E-82A6EA0CE868}D:\atm 4\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\atm 4\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => No File
FirewallRules: [UDP Query User{DF62DAC2-4766-41A1-9CBE-60885361F967}D:\atm 4\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\atm 4\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => No File
FirewallRules: [TCP Query User{7F2CC62A-669A-4813-8C44-F4BB2F64AD5E}D:\games\badlion\badlion client\badlion client.exe] => (Allow) D:\games\badlion\badlion client\badlion client.exe => No File
FirewallRules: [UDP Query User{628F819E-E90E-4CD6-9F1A-8EB0F8967A48}D:\games\badlion\badlion client\badlion client.exe] => (Allow) D:\games\badlion\badlion client\badlion client.exe => No File
FirewallRules: [TCP Query User{8F4C6AF1-08CB-471D-A3EF-236D0CADA9BF}D:\altbotv3.exe] => (Allow) D:\altbotv3.exe => No File
FirewallRules: [UDP Query User{D206C602-F511-4742-9310-6A1E8D4E531C}D:\altbotv3.exe] => (Allow) D:\altbotv3.exe => No File
FirewallRules: [TCP Query User{E6BA6D57-CDAD-407A-920B-7D5C5F1A52D0}C:\users\pcgamer\appdata\local\programs\elundus-core\elundus core.exe] => (Allow) C:\users\pcgamer\appdata\local\programs\elundus-core\elundus core.exe => No File
FirewallRules: [UDP Query User{28390895-C81E-44F2-A0D8-4BE9D90DE687}C:\users\pcgamer\appdata\local\programs\elundus-core\elundus core.exe] => (Allow) C:\users\pcgamer\appdata\local\programs\elundus-core\elundus core.exe => No File
FirewallRules: [TCP Query User{F281444F-765B-4060-B0B0-89CC28BCEEA6}D:\games\valorant\riot games\riot client\riotclientservices.exe] => (Allow) D:\games\valorant\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [UDP Query User{877CE66E-156B-4157-A101-3DC2E17BAEF1}D:\games\valorant\riot games\riot client\riotclientservices.exe] => (Allow) D:\games\valorant\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [TCP Query User{E4F7D61C-42F1-4023-9059-9B0AD964ECC5}D:\technic\runtimes\jre-legacy\bin\javaw.exe] => (Allow) D:\technic\runtimes\jre-legacy\bin\javaw.exe => No File
FirewallRules: [UDP Query User{AE1C3400-28F3-47BF-BF3C-B0EC85D0490E}D:\technic\runtimes\jre-legacy\bin\javaw.exe] => (Allow) D:\technic\runtimes\jre-legacy\bin\javaw.exe => No File
FirewallRules: [TCP Query User{DD915D3E-C3A8-4955-9DAD-471FCE956988}D:\altbotv3 (1).exe] => (Allow) D:\altbotv3 (1).exe => No File
FirewallRules: [UDP Query User{C5BCAFF3-4FC6-49AC-99C2-8433B9D831D1}D:\altbotv3 (1).exe] => (Allow) D:\altbotv3 (1).exe => No File
FirewallRules: [TCP Query User{EEB26702-CC2C-479B-A3FC-A6C3E3293913}D:\altbotv3 (2).exe] => (Allow) D:\altbotv3 (2).exe => No File
FirewallRules: [UDP Query User{34E34C75-778A-4279-8C23-5D34996549D6}D:\altbotv3 (2).exe] => (Allow) D:\altbotv3 (2).exe => No File
FirewallRules: [TCP Query User{B2027027-07D1-47AE-AB79-1CA3366B77A0}D:\altbotv3-win.exe] => (Allow) D:\altbotv3-win.exe => No File
FirewallRules: [UDP Query User{5DEC33E0-A5B6-46FA-8146-3BA6FE01C045}D:\altbotv3-win.exe] => (Allow) D:\altbotv3-win.exe => No File
FirewallRules: [TCP Query User{4DC1C4B6-AF81-4B01-B33A-FBEA0178B834}C:\programdata\badlionclient\jre1.16.0_1\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.16.0_1\bin\javaw.exe => No File
FirewallRules: [UDP Query User{73B11A55-B088-4E68-99F8-885C4504DD03}C:\programdata\badlionclient\jre1.16.0_1\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.16.0_1\bin\javaw.exe => No File
FirewallRules: [TCP Query User{4FC3C30F-CC88-4AC3-82A2-1E996D4DA092}D:\games\fightcade\emulator\fcade.exe] => (Allow) D:\games\fightcade\emulator\fcade.exe => No File
FirewallRules: [UDP Query User{616ABAF4-E8FE-4511-ACAA-02A47466E365}D:\games\fightcade\emulator\fcade.exe] => (Allow) D:\games\fightcade\emulator\fcade.exe => No File
FirewallRules: [TCP Query User{16CA2836-A3E5-4098-A7E4-CACE0B6C2DD3}D:\games\fightcade\emulator\fbneo\fcadefbneo.exe] => (Allow) D:\games\fightcade\emulator\fbneo\fcadefbneo.exe => No File
FirewallRules: [UDP Query User{66476DEC-E316-418F-9B49-CDD254B3426C}D:\games\fightcade\emulator\fbneo\fcadefbneo.exe] => (Allow) D:\games\fightcade\emulator\fbneo\fcadefbneo.exe => No File
FirewallRules: [TCP Query User{D525AEEB-E583-4A84-BCFF-84B4EF08D82B}C:\programdata\badlionclient\jdk-17.0.1_12\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jdk-17.0.1_12\bin\javaw.exe => No File
FirewallRules: [UDP Query User{0B4A4047-82F9-4CC3-A86F-37D2DAE8CD01}C:\programdata\badlionclient\jdk-17.0.1_12\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jdk-17.0.1_12\bin\javaw.exe => No File
FirewallRules: [TCP Query User{589A89D2-DDAD-4076-B061-8CB33286A09B}D:\altbotv3-win (1).exe] => (Allow) D:\altbotv3-win (1).exe => No File
FirewallRules: [UDP Query User{8474B6F5-1BF9-4B18-A08E-D720BB8A0F8E}D:\altbotv3-win (1).exe] => (Allow) D:\altbotv3-win (1).exe => No File
FirewallRules: [TCP Query User{3FE69AAF-6D65-4673-A384-CC864443DA52}D:\mbs\mblock\mblock.exe] => (Allow) D:\mbs\mblock\mblock.exe => No File
FirewallRules: [UDP Query User{B337E1D5-A775-4E08-A5D2-335D9FAF0E33}D:\mbs\mblock\mblock.exe] => (Allow) D:\mbs\mblock\mblock.exe => No File
FirewallRules: [TCP Query User{ABAFC365-1B4C-4489-8C38-60CB56A301E9}D:\techniclauncher\runtimes\jre-legacy\bin\javaw.exe] => (Allow) D:\techniclauncher\runtimes\jre-legacy\bin\javaw.exe => No File
FirewallRules: [UDP Query User{726A9481-D457-4B13-9623-0130708B3B52}D:\techniclauncher\runtimes\jre-legacy\bin\javaw.exe] => (Allow) D:\techniclauncher\runtimes\jre-legacy\bin\javaw.exe => No File
FirewallRules: [TCP Query User{0B88333A-0494-44EA-8893-D5161B2A1EA9}D:\games\spellbreak\g3\binaries\win64\spellbreak.exe] => (Allow) D:\games\spellbreak\g3\binaries\win64\spellbreak.exe => No File
FirewallRules: [UDP Query User{6D61F061-71CA-43D1-B9D3-453E37994D82}D:\games\spellbreak\g3\binaries\win64\spellbreak.exe] => (Allow) D:\games\spellbreak\g3\binaries\win64\spellbreak.exe => No File
FirewallRules: [TCP Query User{8138961B-B368-4E5E-8213-21A8E08282E1}D:\anydesk (2).exe] => (Allow) D:\anydesk (2).exe => No File
FirewallRules: [UDP Query User{E5E7D3DF-5F8C-4E47-AD44-CFABE29E359E}D:\anydesk (2).exe] => (Allow) D:\anydesk (2).exe => No File
FirewallRules: [TCP Query User{D51A77DD-D378-40A3-B142-66A6699EB8F4}D:\badlion\badlion client\badlion client.exe] => (Allow) D:\badlion\badlion client\badlion client.exe => No File
FirewallRules: [UDP Query User{6A78B6C6-0783-4735-87BA-A7226AA647FE}D:\badlion\badlion client\badlion client.exe] => (Allow) D:\badlion\badlion client\badlion client.exe => No File
FirewallRules: [TCP Query User{62E941B9-9756-4FA4-869B-81AF63A00EE5}C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe => No File
FirewallRules: [UDP Query User{118E2C40-CD22-4CD0-8941-D1E6A0FE8A4A}C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe => No File
FirewallRules: [TCP Query User{2F94ADDC-7E0A-442A-9067-D62C4A8A7239}D:\resanance\resanance\resanance.exe] => (Allow) D:\resanance\resanance\resanance.exe => No File
FirewallRules: [UDP Query User{6FD1E189-014D-4B41-AD21-A13C3CA8E797}D:\resanance\resanance\resanance.exe] => (Allow) D:\resanance\resanance\resanance.exe => No File
FirewallRules: [TCP Query User{F890D5CF-9404-490C-8646-2F967A4AC995}C:\users\pcgamer\appdata\local\discord\app-1.0.9008\discord.exe] => (Allow) C:\users\pcgamer\appdata\local\discord\app-1.0.9008\discord.exe => No File
FirewallRules: [UDP Query User{803285D5-C094-4C3F-A366-EE520FD46A91}C:\users\pcgamer\appdata\local\discord\app-1.0.9008\discord.exe] => (Allow) C:\users\pcgamer\appdata\local\discord\app-1.0.9008\discord.exe => No File
FirewallRules: [{0CF4394A-EF46-4E05-AF49-EAC52F3B33B2}] => (Block) C:\Program Files\Maxon\App Manager\Maxon.exe => No File
FirewallRules: [{24395309-2230-430E-8145-54411C4EAD81}] => (Block) %ProgramFiles%\Maxon\App Manager\Maxon.exe => No File
FirewallRules: [{330981A8-D1B6-4AC1-8DC5-950B57ECD534}] => (Allow) C:\Users\PCGAMER\AppData\Roaming\uTorrent Web\utweb.exe => No File
FirewallRules: [{BD1C02E5-C231-4333-B308-785A49DD8DEF}] => (Allow) C:\Users\PCGAMER\AppData\Roaming\uTorrent Web\utweb.exe => No File
FirewallRules: [TCP Query User{1149EB89-F6A0-4341-87A1-2B19C48F1FEA}C:\users\pcgamer\appdata\local\discord\app-1.0.9011\discord.exe] => (Allow) C:\users\pcgamer\appdata\local\discord\app-1.0.9011\discord.exe => No File
FirewallRules: [UDP Query User{9BB6F776-1F53-489E-83DE-1B648E6A9DB8}C:\users\pcgamer\appdata\local\discord\app-1.0.9011\discord.exe] => (Allow) C:\users\pcgamer\appdata\local\discord\app-1.0.9011\discord.exe => No File
FirewallRules: [TCP Query User{C8C3D496-E674-49C2-88AE-E31CCB8908EA}D:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Allow) D:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [UDP Query User{087C6CDC-05D4-4E0C-9F6C-9FE5504857AA}D:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Allow) D:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [TCP Query User{FBF8B67E-807B-4C90-A598-BC968AD02645}D:\soundwire server\soundwireserver.exe] => (Allow) D:\soundwire server\soundwireserver.exe => No File
FirewallRules: [UDP Query User{3B445C85-896F-4AEF-A0BC-E8F742FF1A6A}D:\soundwire server\soundwireserver.exe] => (Allow) D:\soundwire server\soundwireserver.exe => No File
FirewallRules: [{4753BE11-2C94-4F6D-8784-FC9BC25C6735}] => (Allow) D:\ianygo.exe => No File
FirewallRules: [{2F909DFB-B4ED-4FC4-B216-DD10494A1C19}] => (Allow) D:\ianygo.exe => No File
FirewallRules: [TCP Query User{DEB738EF-20B7-4EF7-AC3F-A1977D2430A2}C:\program files (x86)\tenorshare\tenorshare ianygo\tenorshare ianygo.exe] => (Allow) C:\program files (x86)\tenorshare\tenorshare ianygo\tenorshare ianygo.exe => No File
FirewallRules: [UDP Query User{16D4A734-A9D7-408F-B908-30CBE2690C78}C:\program files (x86)\tenorshare\tenorshare ianygo\tenorshare ianygo.exe] => (Allow) C:\program files (x86)\tenorshare\tenorshare ianygo\tenorshare ianygo.exe => No File
FirewallRules: [TCP Query User{9D927F74-F0A5-4864-A82C-CDC1D48A5010}C:\program files (x86)\jeulin\atelier scientifique eleve physique chimie\esaostudio.exe] => (Allow) C:\program files (x86)\jeulin\atelier scientifique eleve physique chimie\esaostudio.exe => No File
FirewallRules: [UDP Query User{CE3D5BA6-37B7-4A1A-B7CB-278A5BA7E327}C:\program files (x86)\jeulin\atelier scientifique eleve physique chimie\esaostudio.exe] => (Allow) C:\program files (x86)\jeulin\atelier scientifique eleve physique chimie\esaostudio.exe => No File
FirewallRules: [TCP Query User{71BA53DB-4809-4D1C-8CCE-5F8D21433D10}D:\anydesk (7).exe] => (Block) D:\anydesk (7).exe => No File
FirewallRules: [UDP Query User{136FD1FA-10F4-4767-818A-8EC46C63CF3F}D:\anydesk (7).exe] => (Block) D:\anydesk (7).exe => No File
FirewallRules: [TCP Query User{C3B77FAB-F3E9-4CFC-9AE8-9A8C89876B25}C:\program files (x86)\imobie\anytrans\anytrans.exe] => (Allow) C:\program files (x86)\imobie\anytrans\anytrans.exe => No File
FirewallRules: [UDP Query User{C84B9A55-6474-47F9-825B-F629AF9BF31A}C:\program files (x86)\imobie\anytrans\anytrans.exe] => (Allow) C:\program files (x86)\imobie\anytrans\anytrans.exe => No File
FirewallRules: [TCP Query User{DD8430A5-BE1E-4889-AD44-22697068C75F}C:\program files (x86)\imobie\anytrans\airbackuphelper.exe] => (Block) C:\program files (x86)\imobie\anytrans\airbackuphelper.exe => No File
FirewallRules: [UDP Query User{FA942569-5B44-4F67-AB59-F9DFD2556550}C:\program files (x86)\imobie\anytrans\airbackuphelper.exe] => (Block) C:\program files (x86)\imobie\anytrans\airbackuphelper.exe => No File
FirewallRules: [{C7930689-5C58-46E1-BBB0-0EA11B5D2D83}] => (Allow) C:\Users\PCGAMER\AppData\Local\Programs\Opera GX\98.0.4759.74\opera.exe => No File
FirewallRules: [TCP Query User{CAC5188A-C778-424D-93A6-95D3620663A8}D:\anydesk (8).exe] => (Block) D:\anydesk (8).exe => No File
FirewallRules: [UDP Query User{88EB6471-BB48-43A7-AC87-01DAF5EEC311}D:\anydesk (8).exe] => (Block) D:\anydesk (8).exe => No File
FirewallRules: [TCP Query User{7E2D5E29-934A-41CF-8EF3-EAABA6CA6A38}C:\users\pcgamer\appdata\local\discord\app-1.0.9013\discord.exe] => (Allow) C:\users\pcgamer\appdata\local\discord\app-1.0.9013\discord.exe => No File
FirewallRules: [UDP Query User{E58F9B2A-5B4C-4E61-BCE5-E9A28B482B1B}C:\users\pcgamer\appdata\local\discord\app-1.0.9013\discord.exe] => (Allow) C:\users\pcgamer\appdata\local\discord\app-1.0.9013\discord.exe => No File
FirewallRules: [TCP Query User{3551C385-7BC3-42BF-A68A-C33526809187}C:\users\pcgamer\appdata\local\programs\elundus-core\elundus core.exe] => (Block) C:\users\pcgamer\appdata\local\programs\elundus-core\elundus core.exe => No File
FirewallRules: [UDP Query User{339078DF-BE41-4A05-90BC-D28CB320BD0C}C:\users\pcgamer\appdata\local\programs\elundus-core\elundus core.exe] => (Block) C:\users\pcgamer\appdata\local\programs\elundus-core\elundus core.exe => No File
FirewallRules: [TCP Query User{CC20B854-ABDA-4B77-88C9-FEFAA24A8ADD}C:\users\pcgamer\curseforge\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\pcgamer\curseforge\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File
FirewallRules: [UDP Query User{7D64F896-77E2-4477-A08F-A91E739E15C9}C:\users\pcgamer\curseforge\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\pcgamer\curseforge\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File
FirewallRules: [{C70D4954-27F7-4F93-BB9C-9A7AFE6CED21}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe => No File
FirewallRules: [{2BDFC9DA-3397-47B6-A7ED-EF5A2D6C6105}] => (Allow) D:\fifaa\EA SPORTS FC 24\EAAntiCheat.GameServiceLauncher.exe => No File
FirewallRules: [{EC01975B-1A1F-45A7-BBA9-1438C13D019A}] => (Allow) D:\fifaa\EA SPORTS FC 24\EAAntiCheat.GameServiceLauncher.exe => No File
FirewallRules: [{1277D12C-7377-4927-BE11-DE6FAFB15A1E}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{9FFF0CA7-AE20-4474-8132-6B7942F61901}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe => No File
FirewallRules: [{9388745F-5822-41F1-BF5D-91832D79EBB1}] => (Allow) C:\Users\PCGAMER\AppData\Local\Programs\Opera GX\105.0.4970.63\opera.exe => No File
FirewallRules: [{B82E25E1-5A7B-42F7-963F-89789C0C8AD1}] => (Allow) C:\Users\PCGAMER\AppData\Local\Programs\Opera GX\105.0.4970.74\opera.exe => No File
FirewallRules: [{F3576494-2B76-4A49-8817-38BDC2225778}] => (Allow) C:\Users\PCGAMER\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{EE89B096-B703-4D5D-9CF4-A746C61CA269}] => (Allow) C:\Users\PCGAMER\AppData\Roaming\uTorrent\uTorrent.exe => No File
CMD: del /f /s /q %windir%\prefetch\*.*
CMD: del /s /q C:\Windows\SoftwareDistribution\download\*.*
CMD: del /s /q "%userprofile%\AppData\Local\temp\*.*"
Cmd: NETSH winsock reset catalog
Cmd: NETSH int ipv4 reset reset.log
Cmd: NETSH int ipv6 reset reset.log
Cmd: ipconfig /release
Cmd: ipconfig /renew
Cmd: ipconfig /flushdns
Cmd: ipconfig /registerdns
Cmd: bitsadmin /reset /allusers
Cmd: Winmgmt /salvagerepository
Cmd: Winmgmt /resetrepository
Cmd: Winmgmt /resyncperf
C:\Windows\Temp\*.*
C:\WINDOWS\system32\*.tmp
C:\WINDOWS\syswow64\*.tmp
emptytemp:
Reboot:
End::


Running from C:\Users\PCGAMER\Documents\FRST64English.exe I would like you to run the tool from your desktop please.
Please after the Fix re run FRST again, and then post Fresh FRST and Addition.txt logs, due to the high amount of trash in the logs I want to make sure I have not missed anything.

I have included in the logs the C:\ProgramData\kss.sys file, not up for deletion just yet, I am having FRST send it to VirusTotal. and gathering information on it. Having a driver in the program data folder is highly suspicious that much is for sure.



Download ZHP Suite to your desktop.
Unzip it there.
Right Click Run as admin.
Hit the scanner button.
Once it is complete a file name ZHPdiag.txt will be on your desktop.
Attach it.


Just a thought as well, you may consider removing some of those chrome extensions.
 
#3
I got the adwcleaner log but after using the frst fix my pc restarted and it doesnt want to start anymore (image attached)
IMG_4241.jpeg

AdwCleaner log:
# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-07-2024
# Duration: 00:00:01
# OS: Windows 10 (Build 19045.4046)
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Sunisoft

***** [ Chromium (and derivatives) ] *****

Deleted Free VPN for Chrome - VPN Proxy VeePN - majdfhpaihoncoakbjgbdhglocklcgno

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1506 octets] - [07/03/2024 22:31:02]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
 
#6
Strange no windows files were removed with the fix only bitdefender and some redundant files.

Are you able to boot normally now?
 
#12
Malnutrition said:
Strange no windows files were removed with the fix only bitdefender and some redundant files.

Are you able to boot normally now?
Click to expand...
Is resetting the pc the only way? i really need my computer quickly for work, i know you guys are doing it for free but i really need help on this one
Here is what happens when i boot:
 
#14
@Ichigo How are things?

Only files removed with the fix with FRST were related to bitdefender.

S3 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [802976 2020-12-04] (Bitdefender SRL -> Bitdefender)
C:\Windows\system32\DRIVERS\bddci.sys
S3 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [176008 2021-09-30] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender LLC)
C:\Windows\System32\DRIVERS\gzflt.sys
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [615840 2021-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
C:\Windows\System32\DRIVERS\Trufos.sys


The other items in the fix were just redundant files....


Ichigo said:
Actually it’s still there but was moved to the d:/ drive
Click to expand...


Not sure how windows files were moved from the C: to the D:


These were the only directives given in the fix.


CMD: del /f /s /q %windir%\prefetch\*.*
CMD: del /s /q C:\Windows\SoftwareDistribution\download\*.*
CMD: del /s /q "%userprofile%\AppData\Local\temp\*.*"
Cmd: NETSH winsock reset catalog
Cmd: NETSH int ipv4 reset reset.log
Cmd: NETSH int ipv6 reset reset.log
Cmd: ipconfig /release
Cmd: ipconfig /renew
Cmd: ipconfig /flushdns
Cmd: ipconfig /registerdns
Cmd: bitsadmin /reset /allusers
Cmd: Winmgmt /salvagerepository
Cmd: Winmgmt /resetrepository
Cmd: Winmgmt /resyncperf
 
Status
Not open for further replies.
Top Bottom
Back
Forums
Resources
Menu