Hello, i suspect that i got a virus as this file "kss.sys" (in C:\ProgramData) keeps coming back everytime i delete it.
Code:
FRST.txt :
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05.03.2024
Ran by PC GAMER (administrator) on DESKTOP-3RPVMEJ (05-03-2024 13:45:12)
Running from C:\Users\PCGAMER\Documents\FRST64English.exe
Loaded Profiles: PC GAMER & Administrateur
Platform: Microsoft Windows 10 Professionnel Version 22H2 19045.4046 (X64) Language: Français (France)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe ->) (Electronic Arts, Inc. -> ) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\compatibility32\EADesktop.exe
(C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EACefSubProcess.exe <6>
(C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe
(C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EASteamProxy.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(D:\Games\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) D:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <9>
(D:\Games\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) D:\Games\Steam\GameOverlayUI.exe
(D:\league of legends\Riot Games\Riot Client\RiotClientServices.exe ->) () [File not signed] D:\league of legends\Riot Games\Riot Client\RiotClientCrashHandler.exe
(Discord Inc. -> Discord Inc.) C:\Users\PCGAMER\AppData\Local\Discord\app-1.0.9034\Discord.exe <6>
(Electronic Arts, Inc. -> Electronic Arts) D:\Games\Steam\steamapps\common\EA Sports FC 24\FC24.exe
(explorer.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <44>
(explorer.exe ->) (Mega Limited -> Mega Limited) C:\Users\PCGAMER\AppData\Local\MEGAsync\MEGAsync.exe
(explorer.exe ->) (Now.gg, INC -> now.gg, Inc.) C:\Users\PCGAMER\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe <4>
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) D:\league of legends\Riot Games\Riot Client\RiotClientServices.exe
(explorer.exe ->) (Skutta, Kristjan -> ) C:\Wallpaper Engine\wallpaper32.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) D:\Games\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(RuntimeBroker.exe ->) () [File not signed] D:\dl\FIIX\FIIX.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\EA\AC\EAAntiCheat.GameService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(services.exe ->) (Maxon Computer GmbH -> Red Giant LLC) [File not signed] C:\Program Files\Red Giant\Services\Red Giant Service.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_493585427225c794\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2407.10.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Mudhook Marketing, Inc -> IPVanish, a Ziff Davis company) D:\IPVanish VPN\IPVanish.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [881440 2019-06-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [SoftEther VPN Client UI Helper] => "C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe" /uihelp (No File)
HKLM\...\Run: [Riot Vanguard] => "C:\Program Files\Riot Vanguard\vgtray.exe" (No File)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (No File)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2022-09-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [AirBackupHelper] => C:\Program Files (x86)\iMobie\AnyTrans\AirBackupHelper.exe (No File)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [381288 2023-06-06] (EXPRSVPN LLC -> ExpressVPN)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [EpicGamesLauncher] => D:\Programmes\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37188048 2024-01-15] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [CCXProcess] => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe" (No File)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [NordVPN] => D:\Programmes\NordVPN\NordVPN.exe [274176 2021-01-18] (TEFINCOM S.A. -> TEFINCOM S.A.)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [Medal] => "C:\Users\PCGAMER\AppData\Local\Medal\update.exe" --processStart "Medal.exe" (No File)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [CCleaner Smart Cleaning] => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR (No File)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [123150712 2022-11-28] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe (No File)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [Steam] => D:\Games\Steam\steam.exe [4388712 2024-02-29] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [AirBackupHelper] => C:\Program Files (x86)\iMobie\AnyTrans\AirBackupHelper.exe (No File)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [AnyTransToolHelper] => C:\Program Files (x86)\iMobie\AnyTrans\AnyTransToolHelper.exe (No File)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [Opera GX Stable] => C:\Users\PCGAMER\AppData\Local\Programs\Opera GX\launcher.exe (No File)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\PCGAMER\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe (No File)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [MicrosoftEdgeAutoLaunch_8A4F577017447BEE25575BAB49C58E77] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060728 2024-03-01] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [2730600 2024-02-27] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [ProtonVPN] => D:\Games\Proton\VPN\ProtonVPN.Launcher.exe (No File)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [WallpaperEngine] => C:\Wallpaper Engine\wallpaper32.exe [3050592 2022-10-08] (Skutta, Kristjan -> )
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [TuxlerChromeExtensionHelperApp] => C:\Program Files (x86)\TuxlerChromeExtensionHelperApp\ExtensionHelperAppManager.exe [1862000 2023-01-27] (TUXLER PRIVACY TECHNOLOGIES, INC. -> Tuxler Privacy Technologies, Inc.)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [RiotClient] => D:\league of legends\Riot Games\Riot Client\RiotClientServices.exe [70921216 2024-03-04] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [electron.app.BlueStacks Services] => C:\Users\PCGAMER\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe [162219656 2023-10-19] (Now.gg, INC -> now.gg, Inc.)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [ut] => "C:\Users\PCGAMER\AppData\Roaming\utorrent\uTorrent.exe" /MINIMIZED (No File)
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Run: [GoogleChromeAutoLaunch_F6368B8427B96056D25FF50064F6289D] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [2772256 2024-02-27] (Google LLC -> Google LLC)
HKU\S-1-5-18\...\Run: [Synapse3] => D:\Games\razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (No File)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\122.0.6261.95\Installer\chrmstp.exe [2024-03-01] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> "C:\Program Files\BraveSoftware\Brave-Browser\Application\114.1.52.130\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2023-11-12]
ShortcutTarget: MEGAsync.lnk -> C:\Users\PCGAMER\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
Startup: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2020-06-19]
ShortcutTarget: Twitch.lnk -> C:\Users\PCGAMER\AppData\Roaming\Twitch\Bin\Twitch.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2020-09-22]
ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (No File)
BootExecute:
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKU\S-1-5-21-13960046-46231223-1468497707-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {4CF3956C-0362-43F7-B136-618B2EE87FDD} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [667808 2021-07-16] (Advanced Micro Devices INC. -> )
Task: {773CE06F-62F6-4EC1-97EB-A77952802BA8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task (No File)
Task: {72619BC7-BC61-4453-A111-B054495D5E6F} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /c (No File)
Task: {AF56477F-AE15-49AD-9542-BDCEC27FD587} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /ua /installsource scheduler (No File)
Task: {242DE1B2-6231-4AA6-8E9B-AF217929FFB2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (No File)
Task: {7C43F02B-54EC-4AED-9AA6-2E925E9262DC} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "b40c0fd8-b177-4ba7-a2e0-b9be32104dac" --version "6.17.10746" --silent
Task: {DF1CB7FD-3D9E-4FA8-B93F-7757FABFA959} - System32\Tasks\CCleanerSkipUAC - PC GAMER => "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0) (No File)
Task: {408CC93A-25EB-495F-A91C-9FC70AAE0BE7} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\Explorer.exe [5577144 2024-02-16] (Microsoft Windows -> Microsoft Corporation)
Task: {86F231EB-3EFB-46E7-B790-A63299856A23} - System32\Tasks\ExclusiveTool => D:\ExclusiveModeTool.exe /a (No File)
Task: {2AD41BE6-8605-4621-9671-F15CE8FF0C26} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-08-29] (Google LLC -> Google LLC)
Task: {8E3CD1A3-76C1-435F-9DFA-D079A4916D14} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-08-29] (Google LLC -> Google LLC)
Task: {EF68D3F6-84AA-45EE-A94C-887240437F7D} - System32\Tasks\GyazoUpdateTaskMachine => "C:\Program Files (x86)\Gyazo\GyazoUpdate.exe" (No File)
Task: {BE374D69-D46E-464C-A895-0636B6596801} - System32\Tasks\GyazoUpdateTaskMachineDaily => "C:\Program Files (x86)\Gyazo\GyazoUpdate.exe" (No File)
Task: {031ABFA5-BE47-4063-85F5-457D7EADF9ED} - System32\Tasks\IPVanish => D:\IPVanish VPN\IPVanish.exe [35941320 2023-07-03] (Mudhook Marketing, Inc -> IPVanish, a Ziff Davis company)
Task: {4561BBF3-D5C6-41BE-B18A-0B7AEA8D1B6B} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-13960046-46231223-1468497707-1001 => C:\Users\PCGAMER\AppData\Local\MEGAsync\MEGAupdater.exe [2531760 2024-02-08] (Mega Limited -> )
Task: {0DB9B5D4-C949-4189-B044-204BFD5AD9AE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {1FDF43DC-E488-411B-9B0F-B1837D2C6423} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {9711E34E-EB11-459F-AA98-4E3239E33627} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306328 2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {223ABF56-C758-4F54-B37F-3030F401F8BF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306328 2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {1F1BA085-DD33-45AC-A917-B6B95F164318} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170128 2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {649EF3E2-524F-4D2D-BBE8-2BEA5540089E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F3B5DC7B-B5EB-41D2-B8BD-DC9A00C41809} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4774451E-3A91-49A9-A032-2FCB7019DDC3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D61B6ABD-0C28-46E9-AB51-5CB082E751A3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MpCmdRun.exe [1646000 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {94A9F561-56EB-4F8B-9E9B-F6CED488A779} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\PLUGScheduler => "%ProgramFiles%\RUXIM\PLUGscheduler.exe" (No File)
Task: {113FF278-9472-49EC-85C4-294D13688D47} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {03CB8E10-2FA7-4A13-B7AD-5781BFDBFF17} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {034C8B0B-2EC6-46B9-BCD1-DFD1F40ED41D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9658690D-B26A-4BF3-8674-7BC9BBE7FCC1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {120E9311-CAAF-4D60-A5E2-865B03367D3E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A3C2EFDE-956B-4302-B9ED-C7EB3545365B} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {71BB4CB3-67B4-4A3F-B748-A88C4D5F3A38} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EC253836-49F4-4EFA-8C3B-6B89D3C5D54A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {389D2A08-F6E1-45E8-B3C7-07FD8398B508} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {78120CD3-0CD7-4104-8C6B-820A18262804} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1684235058 => C:\Users\PCGAMER\AppData\Local\Programs\Opera GX\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\PCGAMER\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {D875F910-D569-4A67-B9CB-86514D939411} - System32\Tasks\Opera GX scheduled Autoupdate 1684077563 => C:\Users\PCGAMER\AppData\Local\Programs\Opera GX\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {A4AC8916-BE15-4014-946C-03F87F0E08D4} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Common\Red Giant Link.exe [136192 2012-06-25] (red giant software llc -> )
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog9 17 %windir%\system32\vsocklib.dll => No File
Winsock: Catalog9 18 %windir%\system32\vsocklib.dll => No File
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog9-x64 17 %windir%\system32\vsocklib.dll => No File
Winsock: Catalog9-x64 18 %windir%\system32\vsocklib.dll => No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{0b9357df-11b6-4d83-bc26-3565105b1aad}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{203d845f-6759-4ae5-a86b-91dbbaa0120b}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{203d845f-6759-4ae5-a86b-91dbbaa0120b}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{203d845f-6759-4ae5-a86b-91dbbaa0120b}\14C484E4D213236414: [NameServer] 8.8.8.8,4.4.4.4
Tcpip\..\Interfaces\{203d845f-6759-4ae5-a86b-91dbbaa0120b}\14C484E4D213236414: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{203d845f-6759-4ae5-a86b-91dbbaa0120b}\649424255402D4149435F4E4: [NameServer] 8.8.8.8,4.4.4.4
Tcpip\..\Interfaces\{203d845f-6759-4ae5-a86b-91dbbaa0120b}\649424255402D4149435F4E4: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{203d845f-6759-4ae5-a86b-91dbbaa0120b}\960586F6E656: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{203d845f-6759-4ae5-a86b-91dbbaa0120b}\960586F6E656: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{9da45d0e-4317-48f1-8df7-13c905ab818a}: [NameServer] 100.64.100.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\PCGAMER\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-01]
Edge HomePage: Default -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\PCGAMER\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2024-02-29]
Edge Extension: (Google Docs hors connexion) - C:\Users\PCGAMER\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-29]
Edge Extension: (Edge relevant text changes) - C:\Users\PCGAMER\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-26]
Edge Extension: (RoSearcher) - C:\Users\PCGAMER\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oobhokhnkgaabegegleakccliicjmelh [2022-06-01]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\dtplugin\npDeployJava1.dll [2023-12-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.341.2 -> C:\Program Files\Java\jre1.8.0_341\bin\plugin2\npjp2.dll [2023-12-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> D:\Games\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> D:\Games\VLC\npvlc.dll [No File]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default [2024-03-05]
CHR DownloadDir: D:\dl
CHR DefaultSearchURL: Default -> hxxps://ozelot379.github.io/ConvertJavaTextureToBedrock/webapp/android-chrome-36x36.png
CHR Extension: (Kahoot AI) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaincicgdmboldkiddgckheekpfecdaf [2024-01-05]
CHR Extension: (RoPro - Améliorez votre expérience Roblox) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbacgifemdbhdkfppmeilbgppmhaobf [2024-01-07]
CHR Extension: (Torrent Scanner) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-09]
CHR Extension: (Exodus Web3 Wallet) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\aholpfdialjgjfhomihkjbmgjidlcdno [2024-02-28]
CHR Extension: (Authenticator) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2024-02-21]
CHR Extension: (Bloqueur de pop-up pour Chrome™ - Poper Blocker) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2024-03-04]
CHR Extension: (FC Enhancer) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\boffdonfioidojlcpmfnkngipappmcoh [2024-02-26]
CHR Extension: (uBlock Origin) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-02-22]
CHR Extension: (Simulateur téléphone mobile - test site responsive) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckejmhbmlajgoklhgbapkiccekfoccmk [2024-02-28]
CHR Extension: (Foxified) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\cldmemdnllncchfahbcnjijheaolemfk [2024-01-07]
CHR Extension: (Pandabuy QC Viewer) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpagnmbabgeeabjjcgmfoekklidoaode [2024-01-05]
CHR Extension: (Shopy - Shopify Spy) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\dehlcjmoincicbhdnkbnmkeaiapljnld [2024-01-05]
CHR Extension: (Tampermonkey) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2024-01-07]
CHR Extension: (Roblox Empty Servers) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnnheiembkgmdnihkghgggcddgealbba [2024-01-05]
CHR Extension: (Moon: Shop online with Bitcoin) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehmpejjklcibliopgbghpgfinhbjopnn [2024-01-05]
CHR Extension: (wanteeed) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\emnoomldgleagdjapdeckpmebokijail [2024-03-02]
CHR Extension: (Urban VPN Proxy) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\eppiocemhmnlbhjplcgkofciiegomcon [2024-02-23]
CHR Extension: (ExpressVPN : proxy VPN sécurisé) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgddmllnllkalaagkghckoinaemmogpe [2024-02-27]
CHR Extension: (BuxBack - Earn R$) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgiaibpabhdkjenjhgpmgcieobcjaonj [2024-01-05]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-02-12]
CHR Extension: (NordVPN - VPN proxy for privacy and security) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2024-02-20]
CHR Extension: (EditThisCookie) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2024-01-07]
CHR Extension: (Google Docs hors connexion) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-28]
CHR Extension: (Shimeji Browser Extension) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\gohjpllcolmccldfdggmamodembldgpc [2024-01-29]
CHR Extension: (BTRoblox - Making Roblox Better) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbkpclpemjeibhioopcebchdmohaieln [2024-01-25]
CHR Extension: (Proxy VPN gratuit et bloqueur de publicité - Planet VPN) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipncndjamdcmphkgngojegjblibadbe [2024-01-08]
CHR Extension: (Picture-in-Picture Extension (by Google)) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgfoiooedgoejojocmhlaklaeopbecg [2024-01-05]
CHR Extension: (Cookie-Editor) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlkenndednhfkekhgcdicdfddnkalmdm [2024-02-27]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-02-28]
CHR Extension: (Automatic Twitch: Drops, Moments and Points) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfhgpagdjjoieckminnmigmpeclkdmjm [2024-01-07]
CHR Extension: (DotVPN: Fast & Private VPN) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpiecbcckbofpmkkkdibbllpinceiihk [2024-02-04]
CHR Extension: (QR Code Reader) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\likadllkkidlligfcdhfnnbkjigdkmci [2024-01-05]
CHR Extension: (WebChatGPT: ChatGPT avec accès à Internet) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpfemeioodjbpieminkklglpmhlngfcn [2024-02-28]
CHR Extension: (Story Saver) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafcolokinicfdmlidhaebadidhdehpk [2024-03-04]
CHR Extension: (Free VPN for Chrome - VPN Proxy VeePN) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\majdfhpaihoncoakbjgbdhglocklcgno [2024-03-01]
CHR Extension: (Coupert - Codes Promo Automatiques & Cashback) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidniedemcgceagapgdekdbmanojomk [2024-02-28]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-05]
CHR Extension: (YouTube Summary with ChatGPT & Claude) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmicjeknamkfloonkhhcjmomieiodli [2024-01-05]
CHR Extension: (Flash Player for Chrome) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\oakbcaafbicdddpdlhbchhpblmhefngh [2024-02-09]
CHR Extension: (Netflix Party is now Teleparty) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2024-03-02]
CHR Extension: (SearchBlox) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfnpibkjgkpifagdbjkckikghnhhmacp [2024-01-05]
CHR Extension: (DocsAfterDark) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pihphjfnfjmdbhakhjifipfdgbpenobg [2024-02-02]
CHR Extension: (FC 24 Coins Generator FUT) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pndeaciecioifmppjadlbaihilojkjnf [2024-03-02]
CHR Profile: C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-03-03]
CHR Profile: C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-03-04]
CHR Extension: (Torrent Scanner) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-03-03]
CHR Extension: (uBlock Origin) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-03-04]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-03-03]
CHR Extension: (Google Docs hors connexion) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-03]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-03-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-03-03]
CHR Profile: C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-03-04]
CHR Extension: (Torrent Scanner) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-03-03]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-03-03]
CHR Extension: (Google Docs hors connexion) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-03]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-03-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-03-03]
CHR Profile: C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 3 [2024-03-02]
CHR Extension: (Zoom to Fill - Ultrawide Video) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\adpjimagbfpknkodpofjphpbdlfkeiho [2024-02-13]
CHR Extension: (Torrent Scanner) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-08]
CHR Extension: (uBlock Origin) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-02-23]
CHR Extension: (Video Downloader Professional) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2024-01-06]
CHR Extension: (Urban VPN Proxy) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\eppiocemhmnlbhjplcgkofciiegomcon [2024-02-23]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-02-12]
CHR Extension: (Google Docs hors connexion) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-29]
CHR Extension: (Cookie-Editor) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\hlkenndednhfkekhgcdicdfddnkalmdm [2024-02-29]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-02-28]
CHR Extension: (Scan Translator) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mnngaddpelmhcgkbeajnbjmkdmpkogbo [2024-01-19]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-04]
CHR Profile: C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 6 [2024-02-05]
CHR Extension: (Torrent Scanner) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-15]
CHR Extension: (Urban VPN Proxy) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\eppiocemhmnlbhjplcgkofciiegomcon [2024-01-25]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-01-20]
CHR Extension: (Google Docs hors connexion) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-15]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-02-05]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-15]
CHR Profile: C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 7 [2024-02-20]
CHR Extension: (Torrent Scanner) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-10]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-02-20]
CHR Extension: (Google Docs hors connexion) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-10]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-02-20]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-10]
CHR Profile: C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 8 [2024-03-02]
CHR Extension: (Torrent Scanner) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-11]
CHR Extension: (uBlock Origin) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-03-01]
CHR Extension: (Video Downloader Professional) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2024-01-21]
CHR Extension: (Urban VPN Proxy) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\eppiocemhmnlbhjplcgkofciiegomcon [2024-03-01]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-02-16]
CHR Extension: (Google Docs hors connexion) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-01]
CHR Extension: (Cookie-Editor) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\hlkenndednhfkekhgcdicdfddnkalmdm [2024-03-01]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-03-01]
CHR Extension: (Story Saver) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\mafcolokinicfdmlidhaebadidhdehpk [2024-03-01]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-04]
CHR Profile: C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 9 [2024-03-02]
CHR DownloadDir: C:\Users\PCGAMER\Downloads
CHR Extension: (Torrent Scanner) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-01-12]
CHR Extension: (uBlock Origin) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-02-26]
CHR Extension: (Video Downloader Professional) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2024-01-27]
CHR Extension: (Urban VPN Proxy) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\eppiocemhmnlbhjplcgkofciiegomcon [2024-02-26]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2024-02-13]
CHR Extension: (Google Docs hors connexion) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-29]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-02-29]
CHR Extension: (Scan Translator) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\mnngaddpelmhcgkbeajnbjmkdmpkogbo [2024-01-12]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-06]
CHR Profile: C:\Users\PCGAMER\AppData\Local\Google\Chrome\User Data\System Profile [2024-03-05]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-13960046-46231223-1468497707-1001) Opera GXStable - "C:\Users\PCGAMER\AppData\Local\Programs\Opera GX\Launcher.exe"
StartMenuInternet: (HKU\S-1-5-21-13960046-46231223-1468497707-1001) OperaStable -
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15772456 2023-12-23] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14048768 2024-02-18] (Microsoft Corporation -> Microsoft Corporation)
R3 EAAntiCheatService; C:\Program Files\EA\AC\eaanticheat.gameservice.exe [57597528 2024-02-23] (Electronic Arts, Inc. -> Electronic Arts)
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [12096104 2024-02-27] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [813032 2023-11-06] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [955816 2023-12-22] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2022-07-11] (Epic Games Inc. -> Epic Games, Inc.)
S4 ExpressVPN App Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.AppService.exe [437096 2023-06-06] (EXPRSVPN LLC -> ExpressVPN)
S4 ExpressVPN System Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.SystemService.exe [437096 2023-06-06] (EXPRSVPN LLC -> ExpressVPN)
S4 ExpressVPN VPN Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.VpnService.exe [437096 2023-06-06] (EXPRSVPN LLC -> ExpressVPN)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-03-05] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-03-05] (Malwarebytes Inc. -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [889400 2024-02-14] (McAfee, LLC -> McAfee, LLC)
S4 nordvpn-service; D:\Programmes\NordVPN\nordvpn-service.exe [275200 2021-01-18] (TEFINCOM S.A. -> TEFINCOM S.A.)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_493585427225c794\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-02-08] (NVIDIA Corporation -> NVIDIA Corporation)
S4 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1995176 2023-03-10] (Razer USA Ltd. -> Razer Inc.)
S4 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [486832 2023-03-09] (Razer USA Ltd. -> Razer Inc.)
S4 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1361360 2023-03-06] (Razer USA Ltd. -> Razer Inc.)
R2 Red Giant Service; C:\Program Files\Red Giant\Services\Red Giant Service.exe [8872232 2022-06-23] (Maxon Computer GmbH -> Red Giant LLC) [File not signed]
S3 Rockstar Service; D:\Games\GTA\RockstarService.exe [4505072 2023-12-17] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\NisSrv.exe [3191256 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24010.12-0\MsMpEng.exe [133576 2024-02-28] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 brave; "C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe" /svc [X]
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\114.1.52.130\elevation_service.exe" [X]
S3 bravem; "C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe" /medsvc [X]
S3 BraveVpnService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\114.1.52.130\brave_vpn_helper.exe" [X]
S3 Browser; %SystemRoot%\System32\browser.dll [X]
S4 CCleanerPerformanceOptimizerService; "C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe" [X]
S3 ComboCleaner.Guard; D:\Games\ComboCleaner.Guard.exe [X]
S3 ComboCleaner.WinService; D:\Games\ComboCleaner.WinService.exe [X]
S4 mxredirect; C:\Program Files\Maxon\Tools\mxredirect.exe [X]
S4 vgc; "C:\Program Files\Riot Vanguard\vgc.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppShopDrv103; C:\Windows\SysWOW64\Drivers\AppShopDrv103.sys [34568 2022-06-28] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
S3 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [802976 2020-12-04] (Bitdefender SRL -> Bitdefender)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2021-03-23] (EldoS Corporation -> EldoS Corporation)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\driver\expressvpnsplittunnel.sys [46712 2023-06-06] (ExprsVPN LLC -> ExpressVPN)
R3 expressvpntun; C:\Windows\System32\drivers\expressvpn-tun.sys [46896 2022-07-27] (Express VPN International Ltd. -> ExpressVPN)
S3 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [176008 2021-09-30] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender LLC)
S3 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [66824 2017-06-15] (IObit Information Technology -> IObit)
R3 kss; C:\ProgramData\kss.sys [18144 2024-03-05] (Shenzhen yundian Technology Co., Ltd -> ) [File not signed]
R1 Ld9BoxNetLwf; C:\Windows\system32\DRIVERS\Ld9BoxNetLwf.sys [252232 2024-01-05] (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation)
R2 Ld9BoxSup; C:\Program Files\ldplayer9box\Ld9BoxSup.sys [376144 2024-01-05] (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation)
R2 LdVBoxDrv; C:\Program Files\ldplayerbox\LdVBoxDrv.sys [315232 2021-07-06] (MyTestCertificate -> Oracle Corporation)
S3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [38136 2020-09-21] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [26672 2020-09-21] (Logitech Inc -> Logitech)
S3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [66808 2020-09-21] (Logitech Inc -> Logitech)
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223296 2024-03-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2024-03-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239576 2024-03-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MFDriver_Driver; C:\Windows\system32\drivers\MFDriver.sys [32224 2023-02-22] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 NDivert; C:\Windows\System32\drivers\NDivert.sys [105184 2021-02-22] (TEFINCOM S.A. -> )
R3 Neo_VPN; C:\Windows\System32\drivers\Neo6_x64_VPN.sys [37824 2020-09-22] (SoftEther Corporation -> SoftEther Corporation)
S3 nlwt; C:\Windows\system32\DRIVERS\nlwt.sys [39360 2020-05-26] (TEFINCOM S.A. -> WireGuard LLC)
R1 nordlwf; C:\Windows\system32\DRIVERS\nordlwf.sys [38608 2020-12-14] (TEFINCOM S.A. -> TEFINCOM S.A.)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 parsecvusba; C:\Windows\System32\drivers\parsecvusba.sys [256560 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Parsec)
R3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [54632 2021-03-30] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_022a; C:\Windows\System32\drivers\RzDev_022a.sys [54160 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0306; C:\Windows\System32\drivers\RzDev_0306.sys [52504 2020-02-17] (Razer USA Ltd. -> Razer Inc)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
R1 SeLow; C:\Windows\system32\DRIVERS\SeLow_x64.sys [50624 2020-09-22] (SoftEther Corporation -> SoftEther Corporation)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\Windows\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\Windows\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapexpressvpn; C:\Windows\System32\drivers\tapexpressvpn.sys [61496 2022-07-27] (ExprsVPN LLC -> The OpenVPN Project)
R3 tapnordvpn; C:\Windows\System32\drivers\tapnordvpn.sys [44896 2020-05-26] (TEFINCOM S.A. -> The OpenVPN Project)
S3 tapprotonvpn; C:\Windows\System32\drivers\tapprotonvpn.sys [49024 2022-10-07] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapwindscribe0901; C:\Windows\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [615840 2021-10-01] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [24064 2020-09-10] (Microsoft Corporation) [File not signed]
S3 usbser; C:\Windows\SysWOW64\drivers\usbser.sys [25600 2020-01-06] (Microsoft Corporation) [File not signed]
R3 VBAudioVACMME; C:\Windows\System32\drivers\vbaudio_cable64_win7.sys [41192 2020-07-31] (Vincent Burel -> Windows (R) Win 7 DDK provider)
S3 VBAudioVMVAIOMME; C:\Windows\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2020-07-06] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 ViGEmBus; C:\Windows\System32\drivers\ViGEmBus.sys [69168 2019-04-04] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
R0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [21040 2024-02-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [608648 2024-02-28] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105752 2024-02-28] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\Windows\System32\drivers\wintun.sys [29592 2023-07-07] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2023-09-19] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
R3 WOVAD; C:\Windows\System32\drivers\womic.sys [51192 2022-01-14] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 EAAntiCheat; system32\drivers\eaanticheat.sys [X]
S1 vgk; \??\C:\Program Files\Riot Vanguard\vgk.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-03-05 13:45 - 2024-03-05 13:46 - 000054846 _____ C:\Users\PCGAMER\Documents\FRST.txt
2024-03-05 13:30 - 2024-03-05 13:23 - 002390016 _____ (Farbar) C:\Users\PCGAMER\Documents\FRST64English.exe
2024-03-05 13:23 - 2024-03-05 13:46 - 000000000 ____D C:\FRST
2024-03-05 13:13 - 2024-03-05 13:13 - 000018144 _____ C:\ProgramData\kss.sys
2024-03-05 00:08 - 2024-03-05 01:13 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\Malwarebytes
2024-03-05 00:08 - 2024-03-05 00:08 - 000002081 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-03-05 00:07 - 2024-03-05 00:07 - 000000000 ____D C:\Program Files\Malwarebytes
2024-03-04 23:14 - 2024-03-04 23:14 - 000335564 _____ C:\Windows\ntbtlog.txt
2024-03-04 23:06 - 2024-03-04 23:25 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\Roblox
2024-03-04 22:32 - 2024-03-04 22:32 - 000001322 _____ C:\Users\PCGAMER\Desktop\Lethal Company.exe - Raccourci.lnk
2024-03-04 01:09 - 2024-03-04 01:09 - 000000000 ____D C:\Users\PCGAMER\Downloads\scraper-main
2024-03-03 20:16 - 2024-03-03 20:16 - 000002430 _____ C:\Users\PCGAMER\Desktop\Animcraft (Ok) - Chrome.lnk
2024-03-03 03:37 - 2024-03-03 03:37 - 000000000 ____D C:\Users\PCGAMER\Downloads\sofifa-web-scraper-main
2024-03-03 03:37 - 2024-03-03 03:37 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\npm-cache
2024-03-02 20:17 - 2024-03-02 20:17 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\Package Cache
2024-03-02 19:02 - 2024-03-02 19:02 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\pypa
2024-02-29 02:06 - 2024-02-29 02:06 - 000000000 ____D C:\Users\PCGAMER\AppData\Roaming\CB_DL
2024-02-28 20:22 - 2024-02-28 20:22 - 000000000 ____D C:\Program Files\ViGEm ViGEmBus
2024-02-28 20:11 - 2024-02-28 20:11 - 000000000 ____D C:\Users\PCGAMER\Documents\FIFA 11
2024-02-28 16:24 - 2024-02-28 20:03 - 000000000 ____D C:\Users\PCGAMER\Documents\FIFA 17
2024-02-28 16:24 - 2024-02-28 16:24 - 000000635 _____ C:\Users\Public\Desktop\FIFA 17 Config.lnk
2024-02-28 16:24 - 2024-02-28 16:24 - 000000501 _____ C:\Users\Public\Desktop\FIFA 17.lnk
2024-02-28 13:32 - 2024-02-28 13:32 - 000000943 _____ C:\Users\PCGAMER\Desktop\µTorrent.lnk
2024-02-28 13:32 - 2024-02-28 13:32 - 000000000 ____D C:\Users\PCGAMER\AppData\LocalLow\uTorrent.WebView2
2024-02-26 21:41 - 2024-03-04 23:08 - 000001434 _____ C:\Users\PCGAMER\Desktop\Roblox Player.lnk
2024-02-18 13:54 - 2024-02-18 13:54 - 000000831 _____ C:\Users\PCGAMER\Desktop\UserBenchmark.lnk
2024-02-18 13:22 - 2024-02-18 13:22 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-02-17 18:40 - 2024-02-17 18:42 - 000000000 ___HD C:\$WinREAgent
2024-02-17 00:52 - 2024-02-17 00:52 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\PlaceholderTileLogoFolder
2024-02-17 00:38 - 2024-02-17 00:38 - 000000000 ____D C:\Users\PCGAMER\AppData\LocalLow\NVIDIA
2024-02-17 00:31 - 2024-03-04 23:06 - 000001262 _____ C:\Users\PCGAMER\Desktop\Roblox Studio.lnk
2024-02-17 00:28 - 2024-02-08 09:25 - 002095464 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2024-02-17 00:28 - 2024-02-08 09:25 - 002095464 _____ C:\Windows\system32\vulkaninfo.exe
2024-02-17 00:28 - 2024-02-08 09:25 - 001655656 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-02-17 00:28 - 2024-02-08 09:25 - 001655656 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2024-02-17 00:28 - 2024-02-08 09:25 - 001278824 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2024-02-17 00:28 - 2024-02-08 09:25 - 001278824 _____ C:\Windows\SysWOW64\vulkan-1.dll
2024-02-17 00:28 - 2024-02-08 09:24 - 001487904 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2024-02-17 00:28 - 2024-02-08 09:24 - 001434368 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2024-02-17 00:28 - 2024-02-08 09:24 - 001434368 _____ C:\Windows\system32\vulkan-1.dll
2024-02-17 00:28 - 2024-02-08 09:24 - 001226760 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2024-02-17 00:28 - 2024-02-08 09:20 - 001542176 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2024-02-17 00:28 - 2024-02-08 09:20 - 001199224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2024-02-17 00:28 - 2024-02-08 09:20 - 001040920 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2024-02-17 00:28 - 2024-02-08 09:20 - 000670240 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2024-02-17 00:28 - 2024-02-08 09:20 - 000505352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2024-02-17 00:28 - 2024-02-08 09:19 - 002173984 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2024-02-17 00:28 - 2024-02-08 09:19 - 001625096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2024-02-17 00:28 - 2024-02-08 09:19 - 001024136 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2024-02-17 00:28 - 2024-02-08 09:19 - 000842376 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2024-02-17 00:28 - 2024-02-08 09:18 - 000459272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2024-02-17 00:28 - 2024-02-08 09:17 - 016033312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2024-02-17 00:28 - 2024-02-08 09:17 - 012928648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2024-02-17 00:28 - 2024-02-08 09:17 - 006780424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2024-02-17 00:28 - 2024-02-08 09:17 - 005909112 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2024-02-17 00:28 - 2024-02-08 09:17 - 005773448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2024-02-17 00:28 - 2024-02-08 09:17 - 003721232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2024-02-17 00:28 - 2024-02-08 09:17 - 000853112 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2024-02-17 00:28 - 2024-02-08 09:15 - 006030992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2024-02-17 00:27 - 2024-02-07 23:49 - 000120261 _____ C:\Windows\system32\nvinfo.pb
2024-02-16 12:26 - 2024-02-16 12:26 - 000019697 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-02-16 12:25 - 2024-02-16 12:25 - 000019697 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-02-15 23:39 - 2024-02-15 23:39 - 033679437 _____ C:\Users\PCGAMER\Downloads\DevelopMeBoss v0.5 - TU8.fifamod
2024-02-15 23:38 - 2024-02-13 23:31 - 000061658 _____ C:\Users\PCGAMER\Downloads\MCK Realism Mod.fifamod
2024-02-15 22:35 - 2024-02-05 17:10 - 095530155 _____ C:\Users\PCGAMER\Downloads\1.0 Mainmod ERP.fifamod
2024-02-13 13:30 - 2024-02-13 13:30 - 000000633 _____ C:\Users\PCGAMER\Desktop\FIIX.exe - Raccourci (2).lnk
2024-02-11 21:18 - 2024-02-11 21:18 - 000000000 ____D C:\Users\PCGAMER\AppData\Roaming\Microsoft\Word
2024-02-11 21:18 - 2024-02-11 21:18 - 000000000 ____D C:\Users\PCGAMER\AppData\Roaming\Microsoft\Proof
2024-02-08 18:45 - 2024-03-05 13:13 - 000000633 _____ C:\Users\PCGAMER\Desktop\FIIX.exe - Raccourci.lnk
2024-02-05 01:13 - 2024-02-05 01:13 - 066368270 _____ C:\Users\PCGAMER\Downloads\FC BARCELONA 6-1 PSG | Match highlights [h4m68r8kWAc].f616.mp4.part
2024-02-05 01:13 - 2024-02-05 01:13 - 000523264 _____ C:\Users\PCGAMER\Downloads\FC BARCELONA 6-1 PSG | Match highlights [h4m68r8kWAc].f616.mp4.part-Frag21.part
2024-02-05 01:13 - 2024-02-05 01:13 - 000000070 _____ C:\Users\PCGAMER\Downloads\FC BARCELONA 6-1 PSG | Match highlights [h4m68r8kWAc].f616.mp4.ytdl
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-03-05 13:29 - 2022-04-16 12:45 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\Discord
2024-03-05 13:22 - 2022-07-07 22:12 - 000000000 ____D C:\Users\PCGAMER\AppData\Roaming\discord
2024-03-05 13:13 - 2024-01-04 18:19 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\CrashDumps
2024-03-05 13:12 - 2024-01-27 18:51 - 000000024 _____ C:\ProgramData\hk.cfg
2024-03-05 12:47 - 2021-12-15 23:20 - 000000000 ____D C:\Windows\SystemTemp
2024-03-05 12:47 - 2019-12-07 08:14 - 000000000 ____D C:\Program Files (x86)\Google
2024-03-05 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-05 12:35 - 2022-12-24 01:19 - 000729568 _____ C:\Windows\system32\perfh00C.dat
2024-03-05 12:35 - 2022-12-24 01:19 - 000141270 _____ C:\Windows\system32\perfc00C.dat
2024-03-05 12:35 - 2022-04-11 22:18 - 001635314 _____ C:\Windows\system32\PerfStringBackup.INI
2024-03-05 12:35 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2024-03-05 12:32 - 2020-12-02 14:43 - 000004176 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{19A6FE44-570A-429F-8243-8335DC9DE5DF}
2024-03-05 12:32 - 2019-12-07 08:08 - 000000000 ____D C:\ProgramData\NVIDIA
2024-03-05 12:29 - 2024-01-05 13:16 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\BitTorrentHelper
2024-03-05 12:29 - 2023-11-24 20:06 - 000000000 ____D C:\Users\PCGAMER\AppData\Roaming\bluestacks-services
2024-03-05 12:29 - 2023-09-19 19:02 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\IPVanish
2024-03-05 12:28 - 2019-12-07 07:58 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-03-05 01:22 - 2019-12-07 10:03 - 000786432 _____ C:\Windows\system32\config\BBI
2024-03-05 00:08 - 2023-02-11 13:09 - 000223296 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2024-03-05 00:08 - 2022-10-04 23:41 - 000239576 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2024-03-05 00:08 - 2022-07-02 19:43 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-03-05 00:07 - 2022-07-02 19:42 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-03-04 23:31 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2024-03-04 23:14 - 2022-12-24 00:56 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2024-03-04 23:08 - 2021-10-13 21:22 - 000000000 ____D C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2024-03-04 22:33 - 2023-05-31 02:16 - 000002340 ____H C:\Users\PCGAMER\Documents\Default.rdp
2024-03-04 19:12 - 2019-12-07 07:58 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-03-04 19:04 - 2021-10-10 01:29 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\D3DSCache
2024-03-04 15:20 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-04 01:12 - 2022-07-04 23:12 - 000000000 ____D C:\Users\PCGAMER\AppData\Roaming\Code
2024-03-02 23:25 - 2021-04-22 02:20 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-02 20:37 - 2020-06-19 12:13 - 000000000 ____D C:\Users\PCGAMER\AppData\Roaming\obs-studio
2024-03-02 20:17 - 2024-01-08 11:52 - 000000000 ____D C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.12
2024-03-02 15:31 - 2019-12-07 08:02 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\Packages
2024-03-02 12:37 - 2022-10-21 18:19 - 000108136 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2024-03-02 12:37 - 2022-10-21 18:19 - 000075368 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2024-03-02 12:37 - 2021-11-18 18:23 - 000202344 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2024-03-02 12:37 - 2020-09-06 19:30 - 002713080 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2024-03-02 12:37 - 2020-09-06 19:30 - 000689768 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2024-03-02 12:37 - 2020-09-06 19:30 - 000218616 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2024-03-02 12:37 - 2020-09-06 19:30 - 000144888 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2024-03-02 01:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2024-03-01 23:49 - 2019-12-07 08:14 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-01 23:49 - 2019-12-07 08:14 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-03-01 20:09 - 2023-03-29 17:37 - 000000000 ____D C:\ProgramData\EA Desktop
2024-02-29 22:30 - 2020-09-05 00:05 - 000000000 ____D C:\ProgramData\Riot Games
2024-02-29 13:39 - 2023-06-29 22:18 - 000000000 ____D C:\ProgramData\Packer
2024-02-29 13:07 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2024-02-29 02:03 - 2023-06-29 23:47 - 000000000 ____D C:\Program Files\EA
2024-02-28 18:25 - 2019-12-07 08:08 - 000000000 ____D C:\ProgramData\Package Cache
2024-02-28 18:24 - 2020-10-04 01:24 - 000000000 ____D C:\Windows\SysWOW64\directx
2024-02-28 12:37 - 2019-12-07 07:58 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-02-27 14:15 - 2023-09-23 12:22 - 000000000 ____D C:\Users\PCGAMER\Documents\FC 24
2024-02-26 20:35 - 2020-06-18 17:53 - 000000000 ____D C:\Users\PCGAMER\AppData\Roaming\.minecraft
2024-02-26 20:07 - 2020-06-18 17:53 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher
2024-02-25 22:19 - 2019-12-07 08:01 - 000000000 ____D C:\Users\PCGAMER
2024-02-25 18:01 - 2023-06-29 23:55 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\Steam
2024-02-25 11:18 - 2021-03-13 21:35 - 000003690 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-02-25 11:18 - 2021-03-13 21:35 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-02-21 16:17 - 2020-06-18 17:39 - 000002278 _____ C:\Users\PCGAMER\Desktop\Discord.lnk
2024-02-18 15:18 - 2019-12-07 08:09 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\NVIDIA
2024-02-18 13:22 - 2024-01-28 16:28 - 000000000 ____D C:\Program Files\Microsoft Office
2024-02-17 22:37 - 2022-01-26 10:26 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\ElevatedDiagnostics
2024-02-17 00:47 - 2022-07-01 21:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox
2024-02-17 00:43 - 2020-06-17 22:48 - 000000000 ____D C:\temp
2024-02-17 00:38 - 2019-12-07 08:08 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2024-02-16 13:44 - 2019-12-07 07:58 - 000296432 _____ C:\Windows\system32\FNTCACHE.DAT
2024-02-16 13:43 - 2021-06-12 11:32 - 000000000 ___SD C:\Windows\system32\lxss
2024-02-16 13:43 - 2019-12-07 15:53 - 000000000 ___SD C:\Windows\system32\AppV
2024-02-16 13:43 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-02-16 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-02-16 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-02-16 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2024-02-16 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2024-02-16 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2024-02-16 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-02-16 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2024-02-16 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2024-02-16 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser
2024-02-16 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellComponents
2024-02-16 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2024-02-16 12:29 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2024-02-16 12:25 - 2019-12-07 08:02 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-02-16 03:42 - 2020-11-08 12:31 - 000000000 ____D C:\Windows\system32\MRT
2024-02-16 03:38 - 2020-11-08 12:31 - 191155960 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-02-15 23:24 - 2024-01-02 18:09 - 000000699 _____ C:\Users\PCGAMER\Desktop\RDBM 24.lnk
2024-02-15 22:29 - 2024-01-10 18:36 - 000001487 _____ C:\Users\PCGAMER\Desktop\FIFA Mod Manager.exe - Raccourci.lnk
2024-02-15 18:29 - 2019-12-07 10:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2024-02-12 21:48 - 2024-01-28 10:42 - 000001747 _____ C:\ProgramData\ff6.cfg
2024-02-12 21:48 - 2024-01-28 10:42 - 000001203 _____ C:\ProgramData\ff1.cfg
2024-02-12 21:48 - 2024-01-28 10:42 - 000000760 _____ C:\ProgramData\ff2.cfg
2024-02-12 21:48 - 2024-01-28 10:42 - 000000753 _____ C:\ProgramData\ff0.cfg
2024-02-12 21:48 - 2024-01-28 10:42 - 000000737 _____ C:\ProgramData\ff3.cfg
2024-02-12 21:48 - 2024-01-28 10:42 - 000000197 _____ C:\ProgramData\ff4.cfg
2024-02-12 21:48 - 2024-01-28 10:42 - 000000159 _____ C:\ProgramData\ff5.cfg
2024-02-11 21:35 - 2023-06-16 14:20 - 000000000 ____D C:\Windows\Minidumps
2024-02-11 21:18 - 2024-01-28 16:36 - 000000000 ____D C:\Users\PCGAMER\AppData\Roaming\Microsoft\Office
2024-02-08 18:31 - 2023-11-12 00:20 - 000000000 ____D C:\Users\PCGAMER\AppData\Local\MEGAsync
2024-02-08 09:19 - 2023-09-01 20:45 - 000786960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2024-02-08 09:15 - 2019-12-07 08:07 - 006943344 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2024-02-07 23:49 - 2019-12-07 08:07 - 000121880 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
==================== Files in the root of some directories ========
2020-10-29 18:35 - 2021-12-03 22:11 - 001679360 _____ (Igor Pavlov) C:\ProgramData\7z.dll
2020-10-29 18:35 - 2021-12-25 11:56 - 000468992 _____ (Igor Pavlov) C:\ProgramData\7z.exe
2020-06-22 15:43 - 2020-06-22 15:43 - 000000979 _____ () C:\Users\PCGAMER\AppData\Roaming\AdobeWLCMR2Cache.dat
2021-10-30 18:56 - 2022-01-29 12:36 - 000000117 _____ () C:\Users\PCGAMER\AppData\Roaming\D2Info0
2021-10-30 18:56 - 2022-01-29 00:04 - 000000008 _____ () C:\Users\PCGAMER\AppData\Roaming\DofusAppId0_1
2022-01-29 12:36 - 2022-01-29 13:54 - 000000008 _____ () C:\Users\PCGAMER\AppData\Roaming\DofusAppId0_2
2020-11-21 00:16 - 2023-11-24 20:46 - 000000016 _____ () C:\Users\PCGAMER\AppData\Roaming\obs-virtualcam.txt
2023-04-17 00:18 - 2023-04-17 00:19 - 001041528 _____ () C:\Users\PCGAMER\AppData\Roaming\TI Connect CE-6.0.0.2688-Installation.log
2020-07-06 11:41 - 2021-07-07 16:13 - 000006095 _____ () C:\Users\PCGAMER\AppData\Roaming\VoiceMeeterDefault.xml
2022-09-02 20:46 - 2023-11-30 14:26 - 000000128 _____ () C:\Users\PCGAMER\AppData\Roaming\winscp.rnd
2020-11-18 18:54 - 2021-03-18 23:16 - 000000003 _____ () C:\Users\PCGAMER\AppData\Local\Autosofted License.txt
2021-03-04 09:37 - 2021-03-17 23:34 - 000000049 _____ () C:\Users\PCGAMER\AppData\Local\link.txt
2020-10-04 18:58 - 2020-10-04 18:58 - 000016438 _____ () C:\Users\PCGAMER\AppData\Local\partner.bmp
2023-01-31 23:24 - 2023-11-30 14:26 - 000000128 _____ () C:\Users\PCGAMER\AppData\Local\PUTTY.RND
2024-01-04 17:32 - 2024-01-04 17:32 - 000001699 _____ () C:\Users\PCGAMER\AppData\Local\recently-used.xbel
2024-01-09 21:14 - 2024-01-09 21:14 - 000000017 _____ () C:\Users\PCGAMER\AppData\Local\resmon.resmoncfg
2023-11-19 13:21 - 2023-11-19 13:21 - 000000723 _____ () C:\Users\PCGAMER\AppData\Local\Roblox.lnk
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Addition.txt:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05.03.2024
Ran by PC GAMER (05-03-2024 13:46:56)
Running from C:\Users\PCGAMER\Documents
Microsoft Windows 10 Professionnel Version 22H2 19045.4046 (X64) (2019-12-07 07:00:36)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrateur (S-1-5-21-13960046-46231223-1468497707-500 - Administrator - Disabled) => C:\Users\Administrateur
DefaultAccount (S-1-5-21-13960046-46231223-1468497707-503 - Limited - Disabled)
hermi (S-1-5-21-13960046-46231223-1468497707-1002 - Limited - Enabled)
Invité (S-1-5-21-13960046-46231223-1468497707-501 - Limited - Disabled)
PC GAMER (S-1-5-21-13960046-46231223-1468497707-1001 - Administrator - Enabled) => C:\Users\PCGAMER
WDAGUtilityAccount (S-1-5-21-13960046-46231223-1468497707-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Disabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\uTorrent) (Version: 3.6.0.47016 - BitTorrent Limited)
Adobe After Effects 2022 (HKLM-x32\...\AEFT_22_6) (Version: 22.6 - Adobe Inc.)
Adobe Media Encoder 2022 (HKLM-x32\...\AME_22_6_1) (Version: 22.6.1 - Adobe Inc.)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0) (Version: 21.0 - Adobe Systems Incorporated)
Adobe Photoshop 2024 (HKLM\...\{CB7E0A11-F6CB-4B71-A3EC-B87AA6D8805C}_is1) (Version: 25.3.1.241 - CyberMania)
Advanced IP Scanner 2.5 (HKLM-x32\...\{8C4D9115-8CE7-4292-86BD-27540D62473B}) (Version: 2.5.3850 - Famatech)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.16 - Advanced Micro Devices, Inc.)
AMD StoreMI (HKLM\...\{03554C1E-FCBE-4CC3-8EC9-D2FD236842FC}) (Version: 2.1.0.218 - Advanced Micro Devices, Inc.) Hidden
AMD StoreMI (HKLM\...\AMD_StoreMI) (Version: 2.1.0.218 - Advanced Micro Devices, Inc.)
Ankama Launcher 3.6.2 (HKLM\...\410fcd79-1be8-5bf1-986e-ea09c55f7edf) (Version: 3.6.2 - Ankama)
AnyTrans (HKLM-x32\...\AnyTrans) (Version: 8.8.4.3 - iMobie Inc.)
APP Shop v1.0.41 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.41 - ASRock Inc.)
Apple Mobile Device Support (HKLM\...\{74CC99EB-7DC0-4CB0-847A-F8C2FE39690C}) (Version: 14.5.0.7 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
ASRock Restart to UEFI v1.0.6 (HKLM-x32\...\ASRock Restart to UEFI_is1) (Version: 1.0.6 - ASRock Inc.)
Auto Keyboard v7.1 (HKLM-x32\...\{71E16EE4-BBED-44A8-8724-9E68D05EE945}_is1) (Version: 7.1 - MurGee.com)
Badlion Client (HKLM\...\1de14785-dd8c-5cd2-aae8-d4a376f81d78) (Version: 3.11.0 - Badlion)
Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden
Blender (HKLM\...\{A0C803A1-310C-4EFF-B881-CA10CF7CD6A7}) (Version: 2.90.1 - Blender Foundation)
BlueStacks Services (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\BlueStacksServices) (Version: 3.0.2 - now.gg, Inc.)
BlueStacks X (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\BlueStacks X) (Version: 10.5.0.1016 - now.gg, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Boris FX Continuum 2023 Plug-ins for Adobe and Compatible Products (HKLM\...\{4488274F-E3B1-4895-BDEE-6AAB9FE70208}_is1) (Version: 16.0.1 - Boris FX, Inc.)
Boris FX Continuum 2023 Plug-ins for OpenFX and Compatible Products (HKLM\...\{CD3E4D20-4EAA-461F-9025-FAD60661D06D}_is1) (Version: 16.0.1 - Boris FX, Inc.)
Boris FX Sapphire Plug-ins 2023.0 for After Effects and Compatible Products (HKLM\...\GenArts Sapphire AE_is1) (Version: 16.000 - Boris FX, Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 114.1.52.130 - Auteurs de Brave)
CapCut (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\CapCut) (Version: 3.1.0.1070 - Bytedance Pte. Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 6.17 - Piriform)
Combo Cleaner (HKLM\...\{8C9F8853-52F7-46F3-BC78-98001D3FF40C}) (Version: 1.0.58.0 - RCS LT) Hidden
Combo Cleaner (HKLM-x32\...\InstallShield_{8C9F8853-52F7-46F3-BC78-98001D3FF40C}) (Version: 1.0.58.0 - RCS LT)
Composer - Php Dependency Manager (HKLM-x32\...\{7315AF68-E777-496A-A6A2-4763A98ED35A}_is1) (Version: - getcomposer.org)
Contrôle d’intégrité du PC Windows (HKLM\...\{90C6971F-ABF1-4FBF-BD98-24F14C5F5AB4}) (Version: 3.6.2204.08001 - Microsoft Corporation)
CPU Stress MT 1.0.4 (HKLM-x32\...\CPU Stress MT_is1) (Version: 1.0.4 - Foudge)
CPUID HWMonitor 1.48 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.48 - CPUID, Inc.)
CrewLink 2.0.1 (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\f844a100-2ca0-51d4-8013-d11548b01669) (Version: 2.0.1 - Ottomated)
CurseForge 0.227.1-11043 (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\ca0e291c-abd4-5fc3-b6a0-3d4333eccbd7) (Version: 0.227.1-11043 - Overwolf)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.140.0.5653 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{c5f530ac-f23b-4a35-ad63-582378749d17}) (Version: 13.140.0.5653 - Electronic Arts)
Epic Games Launcher (HKLM-x32\...\{E8FDD9E1-BEB2-4E7F-A179-22962E4C377A}) (Version: 1.3.82.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{19695986-25CE-41AC-9C6F-54794653EDBA}) (Version: 2.0.36.0 - Epic Games, Inc.)
ExpressVPN (HKLM-x32\...\{6c4bfa07-2536-464d-b059-57b12b4da8f3}) (Version: 12.51.0.4 - ExpressVPN)
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B899FD7835}) (Version: 12.51.0.4 - ExpressVPN) Hidden
Faceform Wrap (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\{7e1ac978-4fd5-4e07-83a3-e7c52fe16245}) (Version: 2023.11.4 - Faceform)
FC 24 (HKLM-x32\...\{D599A8A7-E083-496C-B891-5752CD4E04F3}) (Version: 1.0.83.56686 - Electronic Arts, Inc.)
FIFA 17 (HKLM-x32\...\FIFA 17_is1) (Version: - )
FileZilla 3.60.1 (HKLM-x32\...\FileZilla Client) (Version: 3.60.1 - Tim Kosse)
Filius 2.2.0 (HKLM-x32\...\Filius) (Version: 2.2.0 - Stefan Freischlad)
FontForge version 01-01-2023 (HKLM-x32\...\{56748B9C-19AE-4689-B8C5-5A45AE0A993A}_is1) (Version: 01-01-2023 - FontForgeBuilds)
GalaxyGame (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\726756096122814545) (Version: - )
Git (HKLM\...\Git_is1) (Version: 2.42.0.2 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 122.0.6261.95 - Google LLC)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Gyazo 4.3.4.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
HandBrake 1.5.1 (HKLM-x32\...\HandBrake) (Version: 1.5.1 - )
Helios Launcher 1.8.0 (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\22789c4f-79c4-5364-9ee1-c5a09f5035b1) (Version: 1.8.0 - Daniel Scalzi)
Hogwarts Legacy (HKLM-x32\...\Hogwarts Legacy_is1) (Version: - )
Inno Setup version 6.1.0-beta (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Inno Setup 6_is1) (Version: 6.1.0-beta - jrsoftware.org)
InputMapper (HKLM-x32\...\{026D2025-A7FA-4F5C-AF8C-A6F7A9B917FC}) (Version: 1.6.10.19991 - DSDCS)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
IntelliJ IDEA 2020.3 (HKLM-x32\...\IntelliJ IDEA 2020.3) (Version: 203.5981.155 - JetBrains s.r.o.)
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1.2.1 - IObit)
IPVanish (HKLM\...\{95466B3C-9955-4698-9732-A7486E3E14B0}) (Version: 4.2.1.208 - IPVanish, a Ziff Davis company) Hidden
IPVanish (HKLM-x32\...\{a35af1e1-a948-432c-8ab8-7190093cad5a}) (Version: 4.2.1.208 - IPVanish, a Ziff Davis company)
Java 8 Update 341 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180341F0}) (Version: 8.0.3410.10 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LDPlayer (HKLM-x32\...\LDPlayer9) (Version: 9.0.65 - XUANZHI INTERNATIONAL CO., LIMITED)
League of Legends (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Magic Bullet Suite 64-bit (HKLM\...\{3C09DE13-867C-4289-9F95-4510BB3A5F57}) (Version: 11.4.0 - Red Giant Software) Hidden
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{3C09DE13-867C-4289-9F95-4510BB3A5F57}) (Version: 11.4.0 - Red Giant Software)
MagicMic (HKLM\...\{E7B1C677-D850-4917-BCBD-23C938805736}_is1) (Version: 5.0.0.6 - Shenzhen iMyFone Technology Co., Ltd.)
Malwarebytes version 5.0.17.99 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.0.17.99 - Malwarebytes)
mBot simulator version 1.111 (HKLM-x32\...\{8F762BD2-8016-4B6A-B2FC-2497CEA9D3CE}_is1) (Version: 1.111 - Irai)
MCC Tool Chest PE (HKLM-x32\...\{822D45B5-B729-4511-8967-2714CE611B8D}) (Version: 0.00.0100 - MCCToolChest)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Metal Gear Rising: Revengeance (HKLM-x32\...\Metal Gear Rising: Revengeance_is1) (Version: - )
Microsoft .NET Framework 4.8 Developer Pack (Français) (HKLM-x32\...\{6d4e0482-0b21-4ce7-8a59-49b055bdd9e1}) (Version: 4.8.3761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 SDK (Français) (HKLM-x32\...\{D5668CE0-1BC5-4B73-B435-707FDA9A614C}) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 Targeting Pack (Français) (HKLM-x32\...\{2FD45BD9-6FC8-4F28-BD8A-D111808667A2}) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Host - 5.0.10 (x64) (HKLM\...\{D1368E0E-D6FB-4C42-9132-885E5C23DB05}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.13 (x64) (HKLM\...\{9511601E-12FF-4972-BF9C-2992F2CA5A32}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.4 (x64) (HKLM\...\{6C1E1983-8DF2-4863-A392-DCA0A81E4324}) (Version: 56.19.56696 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.10 (x64) (HKLM\...\{0FFA44C0-CFC0-4C1B-AACC-2C4BE1CDDB37}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.13 (x64) (HKLM\...\{8CDACE3C-0064-4A17-A02C-49F831D5F73A}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.4 (x64) (HKLM\...\{6E34B759-680E-4C25-B289-47199AD8B49A}) (Version: 56.19.56696 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.10 (x64) (HKLM\...\{607A9135-1477-43AB-A8B0-7690DC1C58D3}) (Version: 40.40.30412 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.10 (x64) (HKLM-x32\...\{a5d9614c-78d2-4d81-8f74-5dfea9206cc6}) (Version: 5.0.10.30412 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.13 (x64) (HKLM\...\{5F0DB006-2AE3-4D36-8077-65247FD687D4}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.4 (x64) (HKLM\...\{7AF0827F-6735-4FB1-B209-5E984F899D1B}) (Version: 56.19.56696 - Microsoft Corporation) Hidden
Microsoft Build Tools 14.0 (amd64) (HKLM\...\{79750C81-714E-45F2-B5DE-42DEF00687B8}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
Microsoft Build Tools 14.0 (x86) (HKLM-x32\...\{6BF8837D-67E1-4359-89FB-C08BFD6F2138}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
Microsoft Build Tools Language Resources 14.0 (amd64) (HKLM\...\{34BFF66C-9A7E-4778-8A9F-1DA1F0F4C22E}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
Microsoft Build Tools Language Resources 14.0 (x86) (HKLM-x32\...\{5127B392-8820-4822-A21F-1CB78C2E25AD}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.66 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.66 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft Office LTSC Professionnel Plus 2024 - fr-fr (HKLM\...\ProPlus2024Volume - fr-fr) (Version: 16.0.17231.20236 - Microsoft Corporation)
Microsoft Office LTSC Professionnel Plus 2024 - fr-fr.proof (HKLM\...\ProPlus2024Volume - fr-fr.proof) (Version: 16.0.17231.20236 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Debug Runtime - 14.0.24210 (HKLM\...\{D94D812C-B20F-3DB9-82D2-A57AC2CAF9CA}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Debug Runtime - 14.0.24210 (HKLM-x32\...\{2509566A-3416-3B50-B2FC-F7A0254C24CE}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ Build Tools (HKLM-x32\...\{a9528995-e130-4501-ae19-bbfaddb779cc}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.61.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.10 (x64) (HKLM\...\{008667B9-294F-45C3-BB03-E6FBC58B26AF}) (Version: 40.40.30418 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.10 (x64) (HKLM-x32\...\{422d8da1-2e1a-4704-b462-db5439c6d1b9}) (Version: 5.0.10.30418 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.13 (x64) (HKLM\...\{8484730A-68A4-4C63-93B4-52628D3B488D}) (Version: 48.55.53270 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.13 (x64) (HKLM-x32\...\{96cf40b0-81d6-43ed-ad0e-611e67899196}) (Version: 6.0.13.32001 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 7.0.4 (x64) (HKLM\...\{5EEC39AC-9491-4339-BA44-14AC375AA779}) (Version: 56.19.56739 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.4 (x64) (HKLM-x32\...\{2ee0e4e2-f7aa-4697-9077-75f15774a376}) (Version: 7.0.4.32218 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{F6678473-0198-46D0-A88F-2A247E6FA03C}) (Version: 1.0.0.0 - Mojang)
MSVCRT Redists (HKLM\...\{E83D6FA1-B27C-11E9-B0DB-A5146957F833}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
Mumble (client) (HKLM\...\{7668CA93-7D82-43E5-AA6D-BCA352951877}) (Version: 1.4.287 - Mumble VoIP)
Music Collection version 3.3.3.0 (HKLM-x32\...\{DE4BC92E-B3DD-4B7D-B4C7-CF7C175155CE}_is1) (Version: 3.3.3.0 - GSoft4U)
NationsGlory 5.0.77 (HKLM\...\da60f423-202e-5908-a438-cd6fbbc819c8) (Version: 5.0.77 - WebNations SARL,)
Node.js (HKLM\...\{4ACCDAEB-B4CB-4AAC-AFE6-AC3517234257}) (Version: 16.15.1 - Node.js Foundation)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.35.9.0 - TEFINCOM S.A.)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{BD0E4F38-D3F6-452D-A32E-B14D721839AC}) (Version: 1.0.1 - NordVPN)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Pilote graphique 551.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.52 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 29.1.2 - OBS Project)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-040C-1000-0000000FF1CE}) (Version: 16.0.17231.20236 - Microsoft Corporation) Hidden
OpenIV (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\OpenIV) (Version: 4.1.1502 - .black/OpenIV Team)
Opera GX Stable 105.0.4970.74 (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Opera GX 105.0.4970.74) (Version: 105.0.4970.74 - Opera Software)
paint.net (HKLM\...\{2025DAA7-0653-4F18-B66F-900E6F2320EC}) (Version: 4.2.13 - dotPDN LLC)
PhpStorm 2020.2 (HKLM-x32\...\PhpStorm 2020.2) (Version: 202.6397.115 - JetBrains s.r.o.)
Plague Inc Evolved MULTi14 - ElAmigos version 1.18.4.0 (HKLM-x32\...\{BDF7DD42-37BE-43A2-8F9C-44EE65466076}_is1) (Version: 1.18.4.0 - Ndemic Creations)
Process Hacker 2.39 (r124) (HKLM\...\Process_Hacker2_is1) (Version: 2.39.0.124 - wj32)
PuTTY release 0.78 (64-bit) (HKLM\...\{4EEF2644-700F-46F8-9655-915145248986}) (Version: 0.78.0.0 - Simon Tatham)
PuTTY release 0.79 (64-bit) (HKLM\...\{E07417FF-E888-4648-878C-73E25D64D50D}) (Version: 0.79.0.0 - Simon Tatham)
Python 3.11.3 Add to Path (64-bit) (HKLM\...\{9EB782CC-B2A5-4B67-BFEC-C91F5B755CAF}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Core Interpreter (64-bit) (HKLM\...\{611F1238-29A9-495F-B1F4-CFFCC98D9421}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Development Libraries (64-bit) (HKLM\...\{D307D056-AF62-4F53-810E-052AAAF0EFB2}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Documentation (64-bit) (HKLM\...\{25DC2A6F-FDC2-40D0-AA9D-3BF392BDF500}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Executables (64-bit) (HKLM\...\{A2BCB6C1-272D-437F-A5BC-92431FC521B4}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 pip Bootstrap (64-bit) (HKLM\...\{55BEEF7A-9288-497D-B5CE-960D2F3C70A3}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Standard Library (64-bit) (HKLM\...\{0D289858-69D1-4CB6-946E-659F028DDC27}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Tcl/Tk Support (64-bit) (HKLM\...\{C321A7FC-E479-4E2A-AA09-2698EFEA4CA3}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Test Suite (64-bit) (HKLM\...\{BA9ABB78-751C-4488-80A9-60E44290C060}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Utility Scripts (64-bit) (HKLM\...\{5BF6CA5B-E057-413A-B87A-CCD47600E465}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.12.2 (64-bit) (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\{b6178a40-1665-4565-b73e-48dd6e039a65}) (Version: 3.12.2150.0 - Python Software Foundation)
Python 3.12.2 Core Interpreter (64-bit) (HKLM\...\{4534F2ED-1616-434D-98A6-0DA358DCD466}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python 3.12.2 Development Libraries (64-bit) (HKLM\...\{F131E2DD-B8C5-42F3-85B7-3D4BAC9582CD}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python 3.12.2 Documentation (64-bit) (HKLM\...\{BD32BDE9-835D-4013-8F9A-45FF11456F02}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python 3.12.2 Executables (64-bit) (HKLM\...\{097D2A37-E94B-4FAD-8C89-D63443BD4D4A}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python 3.12.2 pip Bootstrap (64-bit) (HKLM\...\{BDE73EDC-76AE-475D-8885-9B583631B0FC}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python 3.12.2 Standard Library (64-bit) (HKLM\...\{E172CAF3-ABC7-4B62-BA8C-3A2472DE44F6}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python 3.12.2 Tcl/Tk Support (64-bit) (HKLM\...\{B50C92E9-2780-433A-AA61-E9F06D0AFF8A}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python 3.12.2 Test Suite (64-bit) (HKLM\...\{94087C99-E4F5-4637-A789-3B6059DF787B}) (Version: 3.12.2150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{3B36061E-A25F-4E12-BFD1-68E724723D48}) (Version: 3.12.2150.0 - Python Software Foundation)
RDBM 24 (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\RDBM 24) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.35.510.2019 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8730.1 - Realtek Semiconductor Corp.)
Regressi (HKLM-x32\...\{4A7037E7-14DE-4D36-82D3-F95C366B231E}) (Version: 4.8.5 - Evariste) Hidden
Regressi (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Regressi) (Version: 4.8.5 - Evariste)
Riot Client (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Riot Game Riot_Client.) (Version: - Riot Games, Inc)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Roblox Player for PC GAMER (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\roblox-player) (Version: - Roblox Corporation)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.83.1767 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.2.6.9 - Rockstar Games)
SAOFrance Launcher 1.0.1 (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\0046085e-ca7d-5ae0-84da-edb50a69f027) (Version: 1.0.1 - SAOFrance)
Shooter Suite (HKLM\...\Shooter Suite v13.1.13) (Version: - Red Giant LLC)
Skype version 8.92 (HKLM-x32\...\Skype_is1) (Version: 8.92 - Skype Technologies S.A.)
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.34.9745 - SoftEther VPN Project)
SoundWire Server version 2.5 (HKLM-x32\...\{E15658BC-7742-4397-999F-98B1BD11B784}_is1) (Version: 2.5 - GeorgieLabs)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Splitter 9.26.0.7 (HKLM-x32\...\P3 Splitter_is1) (Version: 9.26.0.7 - One Software)
SSO (HKLM-x32\...\SSO) (Version: 1.8.7.7 - Hallowed Fate Map.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SzNativeMessage 7.0.0.89 (HKLM-x32\...\SzNativeMessage_is1) (Version: - IZbit Software, Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
Topaz Gigapixel AI (HKLM\...\Topaz Gigapixel AI 6.3.3) (Version: 6.3.3 - Topaz Labs LLC)
Topaz Video Enhance AI (HKLM\...\Topaz Video Enhance AI 2.6.4) (Version: 2.6.4 - Topaz Labs LLC)
TuxlerChromeExtensionHelperApp (HKLM-x32\...\TuxlerChromeExtensionHelperApp_is1) (Version: 1.1.5.0 - Tuxler Privacy Technologies, Inc.)
Twitch (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
Universal CRT Extension SDK (HKLM-x32\...\{1FBCBC17-4527-2340-0832-B1D49C41FF67}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{8BFBEC30-33CC-13B4-849F-3B036F27466A}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universe (HKLM\...\Universe v3.0.2) (Version: - Red Giant LLC)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
uTorrent Web (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\utweb) (Version: 1.4.0 - BitTorrent Limited)
VALORANT (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software)
Visual C++ Compiler/Tools X64 ARM Cross Package (HKLM-x32\...\{5CC47701-1421-32CC-9A9D-F2C82779382F}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X64 ARM Cross Resource Package (HKLM-x32\...\{B26170D0-9490-3187-9775-43E5306F2B68}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X64 Base Package (HKLM-x32\...\{8F970CE1-5B0C-3B94-9501-8BC6677CDC56}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X64 Base Resource Package (HKLM-x32\...\{EDAA5381-AA40-373D-9465-8B9465548D3A}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X64 Native Package (HKLM-x32\...\{03E91A69-138A-30D9-B040-08A9F9203009}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X64 Native Resource Package (HKLM-x32\...\{9242F9AB-C717-3E9C-8118-1CE0041449EF}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X64 X86 Cross Package (HKLM-x32\...\{020A6FCE-0528-32CD-8BFA-B6CFE1A078F7}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X64 X86 Cross Resource Package (HKLM-x32\...\{C7BEC23B-B359-3D3E-94B1-A86C6BE0F391}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X86 ARM Cross Package (HKLM-x32\...\{514EE7D8-5166-3EC9-97D6-9818A816EC6F}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X86 ARM Cross Resource Package (HKLM-x32\...\{26D902E5-999B-3635-9260-A5231BE67BA8}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X86 Base Package (HKLM-x32\...\{7BC93EE9-44F1-3783-AD76-F6BD6C8F6B58}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X86 Base Package (HKLM-x32\...\{BFEC9D45-BAD4-3D7C-B6A7-887D21E6C25A}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X86 Base Resource Package (HKLM-x32\...\{62505F19-7D2A-3FD0-B1A2-D8E2FA2F96B3}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X86 Base Resource Package (HKLM-x32\...\{85658238-483F-3148-967E-ECD533AE6FE7}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X86 Native Package (HKLM-x32\...\{992BA429-8653-3A21-AD6E-3B9EEDF6BE32}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X86 Native Resource Package (HKLM-x32\...\{68EB16F2-B3CF-3E45-A78D-828369F7CAFC}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X86 X64 Cross Package (HKLM-x32\...\{23478A3A-98E7-3B27-8347-97B86143C01D}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Compiler/Tools X86 X64 Cross Resource Package (HKLM-x32\...\{516233EF-0F6B-3F87-A70E-00E7E08A51AE}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Core Build Toolset (HKLM-x32\...\{A3ECCE28-0B16-4CFB-9A99-15FA98B04E7D}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
Visual C++ CRT Headers Package (HKLM-x32\...\{729FD64C-2AE0-3E25-83A8-A93520DCDE7A}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Library CRT ARM Desktop Package (HKLM-x32\...\{EE91146B-E37B-3649-865D-1FB1ED190A0A}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Library CRT ARM Redist Package (HKLM-x32\...\{952FA3F4-FC7E-3164-B489-124ED8ECBEF9}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Library CRT ARM Store Package (HKLM-x32\...\{33F4C5B2-032D-3827-8BA8-5429F9022F8C}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Library CRT Source Package (HKLM-x32\...\{9EBE5CEF-E60E-33C2-8A29-E29FF4F23968}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Library CRT X64 Desktop Package (HKLM-x32\...\{1AB3E77E-E073-3F39-BA16-C3119D16851A}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Library CRT X64 Redist Package (HKLM-x32\...\{61BFEC08-5739-3AE4-8AA4-B768B2AB46ED}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Library CRT X64 Store Package (HKLM-x32\...\{DEB9C4B1-3B98-3CEE-83A7-E055B23CBFD6}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Library CRT X86 Desktop Package (HKLM-x32\...\{1B8AF45A-1511-3984-B2BB-D5AC4A0C756A}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Library CRT X86 Redist Package (HKLM-x32\...\{15435A00-F7BA-31E7-B83D-AE7A3AF1A304}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ Library CRT X86 Store Package (HKLM-x32\...\{C1C02687-7834-3499-87E0-6036AFF6B297}) (Version: 14.0.24210 - Microsoft Corporation) Hidden
Visual C++ MSBuild ARM Package (HKLM-x32\...\{51547499-4A12-3CC6-AE3D-3C5E87D72909}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
Visual C++ MSBuild Base Package (HKLM-x32\...\{35433594-85A3-3EEA-963E-0E5E860B82D6}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
Visual C++ MSBuild Base Resource Package (HKLM-x32\...\{D073E568-C258-381C-B9DB-965434B1DF53}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
Visual C++ MSBuild X64 Package (HKLM-x32\...\{EE527713-BE8A-348A-8854-DACBCE5316F2}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
Visual C++ MSBuild X86 Package (HKLM-x32\...\{8CB498C5-672B-3F6C-9143-84B0BBC1EAB3}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WebAdvisor par McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.866 - McAfee, LLC)
WFDownloaderApp (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\{wfdownloaderapp}}_is1) (Version: BETA - WFDownloaderApp)
Windows App Certification Kit Native Components (HKLM\...\{1D2CEC61-C3F0-C27E-7280-F9D6B10378BE}) (Version: 8.100.26629 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (HKLM-x32\...\{F395FD4F-40E5-7B56-2BCB-B3CF52B3B52C}) (Version: 8.100.26795 - Microsoft Corporation) Hidden
Windows Runtime Intellisense Content - en-us (HKLM-x32\...\{0610DFB0-CCEA-6EC0-E3C3-A0160AD7FD98}) (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit (HKLM-x32\...\{984022F2-9BCA-A41D-6A38-1AE658F01415}) (Version: 8.100.26936 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (HKLM\...\{5247E16E-BCF8-95AB-1653-B3F8FBF8B3F1}) (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (HKLM-x32\...\{A1CB8286-CFB3-A985-D799-721A0F2A27F3}) (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (HKLM-x32\...\{37464E70-B0B9-9DFF-649A-CBE169BAD657}) (Version: 8.100.26936 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (HKLM\...\{96F4525A-470D-F15C-796E-58D9988C3E5F}) (Version: 8.100.26936 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (HKLM-x32\...\{56AD3004-0B49-967F-F682-B05650B61A78}) (Version: 8.100.26936 - Microsoft Corporation) Hidden
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
WinSCP 5.21.6 (HKLM-x32\...\winscp3_is1) (Version: 5.21.6 - Martin Prikryl)
WO Mic Client (HKLM-x32\...\WOMic) (Version: - )
Youtubers Life 2 (HKLM-x32\...\Youtubers Life 2_is1) (Version: - )
Chrome apps:
============
Ad-Link Bypass by bypass.city (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\28c08e5165844e51e2e24c8b60dab072) (Version: 1.0 - Google\Chrome)
Docs (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\104f2e8409a458754515a514e446db78) (Version: 1.0 - Google\Chrome)
Docs (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\3a735baa1e1972a302edd5c07441b63a) (Version: 1.0 - Google\Chrome)
Docs (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\98eede9935c2881e24c03da218af02d7) (Version: 1.0 - Google\Chrome)
Docs (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\f0b04039e81b55e43c4d2078ec0d4b29) (Version: 1.0 - Google\Chrome)
Feuilles de calcul (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\0aeac2c0909be73431f6b073301e58e8) (Version: 1.0 - Google\Chrome)
Feuilles de calcul (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\63923eba9160b01419c971f9f66da79e) (Version: 1.0 - Google\Chrome)
Feuilles de calcul (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\733a794eb2f7caa24e40306fdef05900) (Version: 1.0 - Google\Chrome)
Feuilles de calcul (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\7837ae13983105634bc07bdbca87e853) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\54b99296d6d52157449d2429e0671856) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\648b098988c5ae505e2a76161a0ba1a2) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\8ea1add956ed845b3eb4d2f4399a28eb) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\ba96b19f8ccb93c0fac3d842e127f1ff) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\5e2f3997cb8c2688a81a61598e40939e) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\72b865a4851c3e973ba9be9de8cfd23f) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\cc356ad2f57d5fd78d2c7315eb3618bd) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\fd2e488fc7b2ecefaf9c525683b12fe7) (Version: 1.0 - Google\Chrome)
Google Lens (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\6fa83d078514342e1ab4b325f69bd522) (Version: 1.0 - Google\Chrome)
Google Lens (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\c454f8477ccce025818b234ace6e536f) (Version: 1.0 - Google\Chrome)
Google Drive (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\20cbd5ffa83c520c29635a555476a76f) (Version: 1.0 - Google\Chrome)
Myinstants App (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\ab0ab30b5a2237d80743c35d025c78d1) (Version: 1.0 - Google\Chrome)
Photopea (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\c63cecc06db04192ab5056fff92ebf5a) (Version: 1.0 - Google\Chrome)
Présentations (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\45d5b0053bda1bc44cc568b16e1d97db) (Version: 1.0 - Google\Chrome)
Présentations (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\65453bb45a5d63cf39e956c95ee2847b) (Version: 1.0 - Google\Chrome)
Présentations (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\6809ce799310396a156fca85b426596a) (Version: 1.0 - Google\Chrome)
Présentations (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\ada6c2ddebf6cdd7b417bc1a99493fdf) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\5077e7b70034256fd99b995050c43403) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\7fe67a18dc9897d4eeb91941f5d59ed6) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\aa52f38a776022193d0a2199f3deed0a) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\cf04ac7bc770d07cb0fd1a7558990072) (Version: 1.0 - Google\Chrome)
Packages:
=========
Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-10-09] (Microsoft Corporation)
Extension Photos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-05-26] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-12-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-12-24] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2024-02-17] (NVIDIA Corp.)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.613.510.0_x64__55nm5eh3cm0pr [2024-02-27] (Roblox Corporation)
Snapchat -> C:\Program Files\WindowsApps\SnapInc.Snapchat_2.0.1.0_neutral__k1zn018256b8e [2023-12-28] (Snap Inc.)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2407.10.0_x64__cv1g1gvanyjgm [2024-02-28] (WhatsApp Inc.) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-13960046-46231223-1468497707-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-13960046-46231223-1468497707-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-13960046-46231223-1468497707-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-13960046-46231223-1468497707-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-13960046-46231223-1468497707-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-13960046-46231223-1468497707-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-13960046-46231223-1468497707-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\PC GAMER\AppData\Local\Microsoft\OneDrive\20.114.0607.0001\FileCoAuth.exe => No File
CustomCLSID: HKU\S-1-5-21-13960046-46231223-1468497707-1001_Classes\CLSID\{a398e697-bd60-4066-9498-8488353f3a21}\localserver32 -> C:\Program Files\Maxon\Tools\MxNotify.exe => No File
CustomCLSID: HKU\S-1-5-21-13960046-46231223-1468497707-1001_Classes\CLSID\{BEA218D2-6950-497B-9434-61683EC065FE}\InprocServer32 -> C:\Users\PCGAMER\AppData\Local\Programs\Python\Launcher\pyshellext.amd64.dll (Python Software Foundation -> Python Software Foundation)
CustomCLSID: HKU\S-1-5-21-13960046-46231223-1468497707-1001_Classes\CLSID\{d936918b-9c4b-555e-074a-c79314be04e1}\localserver32 -> "C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-13960046-46231223-1468497707-1001_Classes\CLSID\{ebf97929-5ab8-fcfd-948a-ddb83e4a49b2}\localserver32 -> "D:\dl\concours\SCrawler_2024.1.26.0_x64\SCrawler.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\PCGAMER\AppData\Local\MEGAsync\ShellExtX64.dll [2024-02-08] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\PCGAMER\AppData\Local\MEGAsync\ShellExtX64.dll [2024-02-08] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\PCGAMER\AppData\Local\MEGAsync\ShellExtX64.dll [2024-02-08] (Mega Limited -> )
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\PCGAMER\AppData\Local\MEGAsync\ShellExtX64.dll [2024-02-08] (Mega Limited -> )
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2018-05-17] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\PCGAMER\AppData\Local\MEGAsync\ShellExtX64.dll [2024-02-08] (Mega Limited -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-03-05] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\PCGAMER\AppData\Local\MEGAsync\ShellExtX64.dll [2024-02-08] (Mega Limited -> )
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\PCGAMER\AppData\Local\MEGAsync\ShellExtX64.dll [2024-02-08] (Mega Limited -> )
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2018-05-17] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_493585427225c794\nvshext.dll [2024-02-08] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-03-05] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2018-05-17] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\PCGAMER\Desktop\Animcraft (Ok) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\PCGAMER\Desktop\Google Lens.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 3" --app-id=heoipgnfgkeehcobmdojpdbjeeacndkj
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Ad-Link Bypass by bypass.city.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 3" --app-id=okigdlpgobjjfnlipcmninihfjfdpdni
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Docs (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 6" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Docs.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 7" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Feuilles de calcul (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 6" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Feuilles de calcul.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 7" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Gmail (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 6" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 7" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Google Drive (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 6" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Google Drive.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 7" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Google Lens (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 3" --app-id=heoipgnfgkeehcobmdojpdbjeeacndkj
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Google Lens.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=heoipgnfgkeehcobmdojpdbjeeacndkj
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Photopea.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jdklklfpinionkgpmghaghehojplfjio
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Présentations (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 6" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Présentations.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 7" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\YouTube (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 6" --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 7" --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d755e1040e5d38ac\msn - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 8"
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b42be1c9c51179ef\Anim' - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 7"
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\skibidi (CryZz) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Laboss - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\600fb694c0849943\penaldo - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 9"
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\371b6590bc8d800\ChatGPT - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 6"
ShortcutWithArgument: C:\Users\PCGAMER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\le 3 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"
==================== Loaded Modules (Whitelisted) =============
2024-03-05 12:29 - 2024-03-05 12:29 - 002319872 _____ () [File not signed] \\?\C:\Users\PCGAMER\AppData\Local\Temp\17847649-1d0d-4014-96c2-2260ca1d0064.tmp.node
2024-02-27 23:37 - 2024-02-27 23:37 - 196495872 _____ () [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcef.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000473088 _____ () [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libEGL.DLL
2024-02-27 23:37 - 2024-02-27 23:37 - 007472640 _____ () [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libGLESv2.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 004950528 _____ () [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\vk_swiftshader.dll
2023-11-24 20:06 - 2023-10-19 07:28 - 002862080 _____ () [File not signed] C:\Users\PCGAMER\AppData\Local\Programs\bluestacks-services\ffmpeg.dll
2023-11-24 20:06 - 2023-10-19 07:28 - 000479232 _____ () [File not signed] C:\Users\PCGAMER\AppData\Local\Programs\bluestacks-services\libegl.dll
2023-11-24 20:06 - 2023-10-19 07:28 - 007513600 _____ () [File not signed] C:\Users\PCGAMER\AppData\Local\Programs\bluestacks-services\libglesv2.dll
2023-11-24 20:06 - 2023-10-19 07:28 - 005209088 _____ () [File not signed] C:\Users\PCGAMER\AppData\Local\Programs\bluestacks-services\vk_swiftshader.dll
2024-02-28 12:56 - 2024-01-26 22:04 - 007470592 _____ () [File not signed] D:\Games\Steam\aom.dll
2024-02-28 12:56 - 2024-01-26 22:04 - 000231424 _____ () [File not signed] D:\Games\Steam\avif-16.dll
2024-02-28 12:56 - 2024-01-26 22:04 - 001066496 _____ () [File not signed] D:\Games\Steam\dav1d.dll
2022-05-23 13:46 - 2022-05-23 13:46 - 001646080 _____ () [File not signed] D:\IPVanish VPN\e_sqlite3.DLL
2024-02-27 23:37 - 2024-02-27 23:37 - 001416192 _____ (The Chromium Authors) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\chrome_elf.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 002849280 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000685056 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000046592 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qgif.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000039936 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qicns.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000031232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qico.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qjpeg.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qsvg.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qtga.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000380416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qtiff.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qwbmp.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\imageformats\qwebp.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 001455616 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\platforms\qwindows.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000227328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt\labs\platform\qtlabsplatformplugin.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 006947328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Gui.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 001389568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 003798528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Qml.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000440832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QmlModels.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000054784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QmlWorkerScript.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 004254720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Quick.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000171520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickControls2.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000222208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickShapes.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 001128960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5QuickTemplates2.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000334848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Svg.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000133120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebChannel.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000157184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 005611520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Widgets.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WinExtras.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000210432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Xml.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000056832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000018432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick.2\qtquick2plugin.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000294400 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000106496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Layouts\qquicklayoutsplugin.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Shapes\qmlshapesplugin.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000045568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\QtQuick\Window.2\windowplugin.dll
2024-02-27 23:37 - 2024-02-27 23:37 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\styles\qwindowsvistastyle.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:jhqduwvxlctbqqijsf`usjbm`vovtfe.qpsu.obnfjhjjiihq [0]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [6920]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_341\bin\ssv.dll [2023-12-07] (Oracle America, Inc. -> Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2020-06-18] (Google Inc -> Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_341\bin\jp2ssv.dll [2023-12-07] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2020-06-18] (Google Inc -> Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2020-06-18] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2020-06-18] (Google Inc -> Google Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2022-12-24 01:10 - 000000855 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;C:\Program Files\PuTTY\;C:\PHP7;C:\ProgramData\ComposerSetup\bin;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\dotnet\;D:\nodejs\;C:\FFMPEG;D:\Git\cmd
HKU\S-1-5-21-13960046-46231223-1468497707-1001\Control Panel\Desktop\\Wallpaper -> D:\PCGAMER\Pictures\Capture d’écran 2023-09-02 213943.png
HKU\S-1-5-21-13960046-46231223-1468497707-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
Network Binding:
=============
Ethernet 3: SoftEther Lightweight Network Protocol -> SeLow (enabled)
Ethernet 3: VirtualBox NDIS6 Bridged Networking Driver(Ld9BoxNetLwf) -> oracle_Ld9BoxNetLwf (enabled)
Ethernet 3: NordVPN LightWeight Firewall -> NordLwf (enabled)
Connexion réseau Bluetooth: SoftEther Lightweight Network Protocol -> SeLow (enabled)
Connexion au réseau local 3: SoftEther Lightweight Network Protocol -> SeLow (enabled)
Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 2: SoftEther Lightweight Network Protocol -> SeLow (enabled)
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver(Ld9BoxNetLwf) -> oracle_Ld9BoxNetLwf (enabled)
VPN - VPN Client: SoftEther Lightweight Network Protocol -> SeLow (enabled)
VPN - VPN Client: NordVPN LightWeight Firewall -> NordLwf (enabled)
VPN - VPN Client: VirtualBox NDIS6 Bridged Networking Driver(Ld9BoxNetLwf) -> oracle_Ld9BoxNetLwf (enabled)
Wi-Fi 3: SoftEther Lightweight Network Protocol -> SeLow (enabled)
Wi-Fi 3: NordVPN LightWeight Firewall -> NordLwf (enabled)
Wi-Fi 3: VirtualBox NDIS6 Bridged Networking Driver(Ld9BoxNetLwf) -> oracle_Ld9BoxNetLwf (enabled)
Ethernet: SoftEther Lightweight Network Protocol -> SeLow (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver(Ld9BoxNetLwf) -> oracle_Ld9BoxNetLwf (enabled)
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: CCleanerPerformanceOptimizerService => 2
MSCONFIG\Services: ExpressVPN App Service => 2
MSCONFIG\Services: ExpressVPN System Service => 2
MSCONFIG\Services: ExpressVPN VPN Service => 2
MSCONFIG\Services: Flixmate.UpdateService => 2
MSCONFIG\Services: FlixmateService => 2
MSCONFIG\Services: FvSvc => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: mxredirect => 2
MSCONFIG\Services: Razer Chroma SDK Server => 2
MSCONFIG\Services: Razer Chroma SDK Service => 2
MSCONFIG\Services: Razer Chroma Stream Server => 2
MSCONFIG\Services: Razer Game Manager Service => 2
MSCONFIG\Services: UrbanVPNServiceInteractive => 2
MSCONFIG\Services: UrbanVPNUpdater => 3
MSCONFIG\Services: vgc => 3
HKLM\...\StartupApproved\StartupFolder: => "SoftEther VPN Client Manager Startup.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run: => "SoftEther VPN Client UI Helper"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "ExpressVPNNotificationService"
HKLM\...\StartupApproved\Run32: => "AirBackupHelper"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_D00FC699AD4D89B83A0CB9F3A076B816"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "NordVPN"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "Medal"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "DiscordPTB"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_8A4F577017447BEE25575BAB49C58E77"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "Gyazo"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "AirBackupHelper"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "AnyTransToolHelper"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "Opera GX Stable"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "Opera GX Browser Assistant"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "UrbanVPN"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "ProtonVPN"
HKU\S-1-5-21-13960046-46231223-1468497707-1001\...\StartupApproved\Run: => "TuxlerChromeExtensionHelperApp"
HKU\S-1-5-21-13960046-46231223-1468497707-500\...\StartupApproved\Run: => "OneDriveSetup"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D32AB782-C48B-477A-902B-ADDB30FC5618}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8657C43D-EAAE-404C-B20C-D49702BA50D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{054F899F-69CF-41FF-9094-23470486B18B}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe => No File
FirewallRules: [{52A8D5C4-3ECE-498E-A4A6-7C01B70FF495}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe => No File
FirewallRules: [{6F2656D5-DAC2-494B-8AC5-F1C940E917D0}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe => No File
FirewallRules: [{D80C575A-6BF5-4B08-89E8-D2B357D605AC}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe => No File
FirewallRules: [{F2600EF7-7D81-4469-A507-F102CACE96C9}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe => No File
FirewallRules: [{2E37D311-0554-4AD5-A926-57B1E5865BCF}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe => No File
FirewallRules: [TCP Query User{3E3703EC-B21D-47FF-B37C-B89E95CCCEC4}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{BA7B8257-B255-407E-8E73-CF9A761BD077}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{461F8528-F311-4A7E-885A-AC850F76DC52}C:\users\pc gamer\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\pc gamer\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{9DCE9CEF-B02C-45CA-A8BA-7ED65D677082}C:\users\pc gamer\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\pc gamer\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{F0F9CEDE-01AC-41C7-9A57-20CB78C80AC6}D:\atm 4\install\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\atm 4\install\runtime\jre-x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{091BD920-0D2D-4D80-ABF0-0EDB950CB248}D:\atm 4\install\runtime\jre-x64\bin\javaw.exe] => (Allow) D:\atm 4\install\runtime\jre-x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{5A555C77-CBF8-4546-8FC4-73CF1DDC484E}C:\programdata\badlionclient\jre\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre\bin\javaw.exe => No File
FirewallRules: [UDP Query User{BFABD0FD-53D1-43E3-91CD-1D5EB0A05EB1}C:\programdata\badlionclient\jre\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre\bin\javaw.exe => No File
FirewallRules: [TCP Query User{B5F08545-1D41-40DA-9DD5-0CE3643D711A}C:\users\pcgamer\appdata\local\nationsglory\java\bin\java.exe] => (Allow) C:\users\pcgamer\appdata\local\nationsglory\java\bin\java.exe => No File
FirewallRules: [UDP Query User{01667896-6D7C-45D5-8675-72C6C96E1AFA}C:\users\pcgamer\appdata\local\nationsglory\java\bin\java.exe] => (Allow) C:\users\pcgamer\appdata\local\nationsglory\java\bin\java.exe => No File
FirewallRules: [TCP Query User{5E372279-B1BA-44FE-82B6-34FC67E7E3BC}D:\games\among us\among us.exe] => (Allow) D:\games\among us\among us.exe => No File
FirewallRules: [UDP Query User{B7FE1546-70FC-488E-95F5-5523F3BB4FE4}D:\games\among us\among us.exe] => (Allow) D:\games\among us\among us.exe => No File
FirewallRules: [TCP Query User{E7C90998-A48E-4C93-ADAC-A4369FD5A71B}C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe => No File
FirewallRules: [UDP Query User{43552EF8-77F4-4BB5-B8A7-2E884D9A4B6C}C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe => No File
FirewallRules: [TCP Query User{B3681FD2-368F-4DAA-B8D8-72F080F51BB0}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{CBC3FE3C-FE81-402A-85A2-ED6629785E9D}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{6BB1658E-743E-4AE0-BE0E-A3A09DCA73BF}D:\anydesk.exe] => (Allow) D:\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [UDP Query User{AA52F03A-69C4-4813-AD73-F7466F8F5F07}D:\anydesk.exe] => (Allow) D:\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [TCP Query User{43F63E3A-C1FE-4D8B-B847-CFEE702ADB28}D:\soundwire server\soundwireserver.exe] => (Allow) D:\soundwire server\soundwireserver.exe => No File
FirewallRules: [UDP Query User{D64E04B8-25B2-46F7-804E-8F1909E32960}D:\soundwire server\soundwireserver.exe] => (Allow) D:\soundwire server\soundwireserver.exe => No File
FirewallRules: [TCP Query User{4DE38A99-F59D-4A58-B44D-A05A40B1F658}C:\program files\badlion client\badlion client.exe] => (Allow) C:\program files\badlion client\badlion client.exe => No File
FirewallRules: [UDP Query User{4E564661-88E1-4C6A-8921-DF98D67DEB6A}C:\program files\badlion client\badlion client.exe] => (Allow) C:\program files\badlion client\badlion client.exe => No File
FirewallRules: [TCP Query User{0FE3900E-3EC7-43F0-8208-A1E1627B049C}D:\anydesk (1).exe] => (Allow) D:\anydesk (1).exe => No File
FirewallRules: [UDP Query User{8500CE12-5DAD-4EEE-817F-A9C328D69664}D:\anydesk (1).exe] => (Allow) D:\anydesk (1).exe => No File
FirewallRules: [{D2E48565-C82B-41D0-9F0F-CF58A671AB1B}] => (Block) D:\anydesk (1).exe => No File
FirewallRules: [{5C000B5B-4194-44C0-A39E-959CEC1A02EA}] => (Block) D:\anydesk (1).exe => No File
FirewallRules: [TCP Query User{DBE432D1-30F8-4AA7-8DB3-733C186A082C}D:\gang beasts\gang beasts.exe] => (Allow) D:\gang beasts\gang beasts.exe => No File
FirewallRules: [UDP Query User{45D30406-96B2-4AD5-BAFF-50542BCE4EF8}D:\gang beasts\gang beasts.exe] => (Allow) D:\gang beasts\gang beasts.exe => No File
FirewallRules: [TCP Query User{39FD0A09-9D46-4663-8C1E-88852104C313}D:\games\bigfoot.v3.0\bigfoot\binaries\win64\bigfoot-win64-shipping.exe] => (Allow) D:\games\bigfoot.v3.0\bigfoot\binaries\win64\bigfoot-win64-shipping.exe => No File
FirewallRules: [UDP Query User{1D00AAF5-6B1D-4843-9421-F557FBB59E60}D:\games\bigfoot.v3.0\bigfoot\binaries\win64\bigfoot-win64-shipping.exe] => (Allow) D:\games\bigfoot.v3.0\bigfoot\binaries\win64\bigfoot-win64-shipping.exe => No File
FirewallRules: [TCP Query User{23FBF0ED-B7C4-4228-B2B9-4D9ED97D0EA0}D:\games\my hero one's justice 2\herogame\binaries\win64\mhoj2.exe] => (Allow) D:\games\my hero one's justice 2\herogame\binaries\win64\mhoj2.exe => No File
FirewallRules: [UDP Query User{E1B5B2FA-C341-48EE-AF46-60AE555E8A20}D:\games\my hero one's justice 2\herogame\binaries\win64\mhoj2.exe] => (Allow) D:\games\my hero one's justice 2\herogame\binaries\win64\mhoj2.exe => No File
FirewallRules: [{A48A4393-CAFB-4CB4-982F-1CCE4F4AF9C7}] => (Allow) D:\SteamLibrary\steamapps\common\Spacewar\SteamworksExample.exe () [File not signed]
FirewallRules: [{95C9CDCF-830F-4FCC-AD6A-49DA3D73FAEA}] => (Allow) D:\SteamLibrary\steamapps\common\Spacewar\SteamworksExample.exe () [File not signed]
FirewallRules: [TCP Query User{A9F3B87E-68F9-4940-AB0E-82A6EA0CE868}D:\atm 4\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\atm 4\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => No File
FirewallRules: [UDP Query User{DF62DAC2-4766-41A1-9CBE-60885361F967}D:\atm 4\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) D:\atm 4\install\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe => No File
FirewallRules: [TCP Query User{3EE771CC-5E58-4335-90AA-3D2DB3DC433F}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [UDP Query User{397A7734-13C6-4B4E-84FF-245F58E4AB0F}C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-alpha\windows-x64\java-runtime-alpha\bin\javaw.exe
FirewallRules: [TCP Query User{7F2CC62A-669A-4813-8C44-F4BB2F64AD5E}D:\games\badlion\badlion client\badlion client.exe] => (Allow) D:\games\badlion\badlion client\badlion client.exe => No File
FirewallRules: [UDP Query User{628F819E-E90E-4CD6-9F1A-8EB0F8967A48}D:\games\badlion\badlion client\badlion client.exe] => (Allow) D:\games\badlion\badlion client\badlion client.exe => No File
FirewallRules: [TCP Query User{B86F4447-A327-4BB6-8BB1-DEFA90E2BE82}C:\program files\ldplayerbox\ldvboxheadless.exe] => (Allow) C:\program files\ldplayerbox\ldvboxheadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation)
FirewallRules: [UDP Query User{B7F2B6AB-C140-4CC4-BD97-3CC701A28848}C:\program files\ldplayerbox\ldvboxheadless.exe] => (Allow) C:\program files\ldplayerbox\ldvboxheadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation)
FirewallRules: [TCP Query User{8F4C6AF1-08CB-471D-A3EF-236D0CADA9BF}D:\altbotv3.exe] => (Allow) D:\altbotv3.exe => No File
FirewallRules: [UDP Query User{D206C602-F511-4742-9310-6A1E8D4E531C}D:\altbotv3.exe] => (Allow) D:\altbotv3.exe => No File
FirewallRules: [TCP Query User{E6BA6D57-CDAD-407A-920B-7D5C5F1A52D0}C:\users\pcgamer\appdata\local\programs\elundus-core\elundus core.exe] => (Allow) C:\users\pcgamer\appdata\local\programs\elundus-core\elundus core.exe => No File
FirewallRules: [UDP Query User{28390895-C81E-44F2-A0D8-4BE9D90DE687}C:\users\pcgamer\appdata\local\programs\elundus-core\elundus core.exe] => (Allow) C:\users\pcgamer\appdata\local\programs\elundus-core\elundus core.exe => No File
FirewallRules: [TCP Query User{F281444F-765B-4060-B0B0-89CC28BCEEA6}D:\games\valorant\riot games\riot client\riotclientservices.exe] => (Allow) D:\games\valorant\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [UDP Query User{877CE66E-156B-4157-A101-3DC2E17BAEF1}D:\games\valorant\riot games\riot client\riotclientservices.exe] => (Allow) D:\games\valorant\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [TCP Query User{E4F7D61C-42F1-4023-9059-9B0AD964ECC5}D:\technic\runtimes\jre-legacy\bin\javaw.exe] => (Allow) D:\technic\runtimes\jre-legacy\bin\javaw.exe => No File
FirewallRules: [UDP Query User{AE1C3400-28F3-47BF-BF3C-B0EC85D0490E}D:\technic\runtimes\jre-legacy\bin\javaw.exe] => (Allow) D:\technic\runtimes\jre-legacy\bin\javaw.exe => No File
FirewallRules: [TCP Query User{DD915D3E-C3A8-4955-9DAD-471FCE956988}D:\altbotv3 (1).exe] => (Allow) D:\altbotv3 (1).exe => No File
FirewallRules: [UDP Query User{C5BCAFF3-4FC6-49AC-99C2-8433B9D831D1}D:\altbotv3 (1).exe] => (Allow) D:\altbotv3 (1).exe => No File
FirewallRules: [TCP Query User{EEB26702-CC2C-479B-A3FC-A6C3E3293913}D:\altbotv3 (2).exe] => (Allow) D:\altbotv3 (2).exe => No File
FirewallRules: [UDP Query User{34E34C75-778A-4279-8C23-5D34996549D6}D:\altbotv3 (2).exe] => (Allow) D:\altbotv3 (2).exe => No File
FirewallRules: [TCP Query User{B2027027-07D1-47AE-AB79-1CA3366B77A0}D:\altbotv3-win.exe] => (Allow) D:\altbotv3-win.exe => No File
FirewallRules: [UDP Query User{5DEC33E0-A5B6-46FA-8146-3BA6FE01C045}D:\altbotv3-win.exe] => (Allow) D:\altbotv3-win.exe => No File
FirewallRules: [TCP Query User{4DC1C4B6-AF81-4B01-B33A-FBEA0178B834}C:\programdata\badlionclient\jre1.16.0_1\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.16.0_1\bin\javaw.exe => No File
FirewallRules: [UDP Query User{73B11A55-B088-4E68-99F8-885C4504DD03}C:\programdata\badlionclient\jre1.16.0_1\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.16.0_1\bin\javaw.exe => No File
FirewallRules: [TCP Query User{4FC3C30F-CC88-4AC3-82A2-1E996D4DA092}D:\games\fightcade\emulator\fcade.exe] => (Allow) D:\games\fightcade\emulator\fcade.exe => No File
FirewallRules: [UDP Query User{616ABAF4-E8FE-4511-ACAA-02A47466E365}D:\games\fightcade\emulator\fcade.exe] => (Allow) D:\games\fightcade\emulator\fcade.exe => No File
FirewallRules: [TCP Query User{16CA2836-A3E5-4098-A7E4-CACE0B6C2DD3}D:\games\fightcade\emulator\fbneo\fcadefbneo.exe] => (Allow) D:\games\fightcade\emulator\fbneo\fcadefbneo.exe => No File
FirewallRules: [UDP Query User{66476DEC-E316-418F-9B49-CDD254B3426C}D:\games\fightcade\emulator\fbneo\fcadefbneo.exe] => (Allow) D:\games\fightcade\emulator\fbneo\fcadefbneo.exe => No File
FirewallRules: [TCP Query User{D525AEEB-E583-4A84-BCFF-84B4EF08D82B}C:\programdata\badlionclient\jdk-17.0.1_12\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jdk-17.0.1_12\bin\javaw.exe => No File
FirewallRules: [UDP Query User{0B4A4047-82F9-4CC3-A86F-37D2DAE8CD01}C:\programdata\badlionclient\jdk-17.0.1_12\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jdk-17.0.1_12\bin\javaw.exe => No File
FirewallRules: [TCP Query User{589A89D2-DDAD-4076-B061-8CB33286A09B}D:\altbotv3-win (1).exe] => (Allow) D:\altbotv3-win (1).exe => No File
FirewallRules: [UDP Query User{8474B6F5-1BF9-4B18-A08E-D720BB8A0F8E}D:\altbotv3-win (1).exe] => (Allow) D:\altbotv3-win (1).exe => No File
FirewallRules: [TCP Query User{1B8A6A23-D3E2-41F7-B247-53C7A3A4E81D}D:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{E7CE471F-D7B3-4EE0-BD31-0BB572E78D2F}D:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{3FE69AAF-6D65-4673-A384-CC864443DA52}D:\mbs\mblock\mblock.exe] => (Allow) D:\mbs\mblock\mblock.exe => No File
FirewallRules: [UDP Query User{B337E1D5-A775-4E08-A5D2-335D9FAF0E33}D:\mbs\mblock\mblock.exe] => (Allow) D:\mbs\mblock\mblock.exe => No File
FirewallRules: [TCP Query User{ABAFC365-1B4C-4489-8C38-60CB56A301E9}D:\techniclauncher\runtimes\jre-legacy\bin\javaw.exe] => (Allow) D:\techniclauncher\runtimes\jre-legacy\bin\javaw.exe => No File
FirewallRules: [UDP Query User{726A9481-D457-4B13-9623-0130708B3B52}D:\techniclauncher\runtimes\jre-legacy\bin\javaw.exe] => (Allow) D:\techniclauncher\runtimes\jre-legacy\bin\javaw.exe => No File
FirewallRules: [TCP Query User{FE2B493D-8BFE-4F2E-A795-57F47A5594DE}D:\games\gtav\gta5.exe] => (Allow) D:\games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{B682205A-701E-41F3-960C-DF2CEE9BD125}D:\games\gtav\gta5.exe] => (Allow) D:\games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{0B88333A-0494-44EA-8893-D5161B2A1EA9}D:\games\spellbreak\g3\binaries\win64\spellbreak.exe] => (Allow) D:\games\spellbreak\g3\binaries\win64\spellbreak.exe => No File
FirewallRules: [UDP Query User{6D61F061-71CA-43D1-B9D3-453E37994D82}D:\games\spellbreak\g3\binaries\win64\spellbreak.exe] => (Allow) D:\games\spellbreak\g3\binaries\win64\spellbreak.exe => No File
FirewallRules: [TCP Query User{8138961B-B368-4E5E-8213-21A8E08282E1}D:\anydesk (2).exe] => (Allow) D:\anydesk (2).exe => No File
FirewallRules: [UDP Query User{E5E7D3DF-5F8C-4E47-AD44-CFABE29E359E}D:\anydesk (2).exe] => (Allow) D:\anydesk (2).exe => No File
FirewallRules: [TCP Query User{FC7ED016-C06C-4236-B5F1-A957612FB8A8}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{BB3D5DBB-90B5-4BDC-B7EE-4B81A9D16699}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [TCP Query User{D51A77DD-D378-40A3-B142-66A6699EB8F4}D:\badlion\badlion client\badlion client.exe] => (Allow) D:\badlion\badlion client\badlion client.exe => No File
FirewallRules: [UDP Query User{6A78B6C6-0783-4735-87BA-A7226AA647FE}D:\badlion\badlion client\badlion client.exe] => (Allow) D:\badlion\badlion client\badlion client.exe => No File
FirewallRules: [TCP Query User{62E941B9-9756-4FA4-869B-81AF63A00EE5}C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe => No File
FirewallRules: [UDP Query User{118E2C40-CD22-4CD0-8941-D1E6A0FE8A4A}C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe] => (Allow) C:\programdata\badlionclient\jre1.8.0_202\bin\javaw.exe => No File
FirewallRules: [TCP Query User{2F94ADDC-7E0A-442A-9067-D62C4A8A7239}D:\resanance\resanance\resanance.exe] => (Allow) D:\resanance\resanance\resanance.exe => No File
FirewallRules: [UDP Query User{6FD1E189-014D-4B41-AD21-A13C3CA8E797}D:\resanance\resanance\resanance.exe] => (Allow) D:\resanance\resanance\resanance.exe => No File
FirewallRules: [{F9EED100-7024-461E-99AB-49A46BA1A2FD}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{03BDF9D9-00EB-4655-9754-35D1553CAA11}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7393F0F5-06EA-4AD3-A07E-53B39325C63A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{977E24DE-A464-497F-93A8-2153DCDB8528}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CEA2FE61-04D7-408A-908E-2CC51AFF1B10}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C68CC861-0452-41E3-88B6-429BE917C94D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{F890D5CF-9404-490C-8646-2F967A4AC995}C:\users\pcgamer\appdata\local\discord\app-1.0.9008\discord.exe] => (Allow) C:\users\pcgamer\appdata\local\discord\app-1.0.9008\discord.exe => No File
FirewallRules: [UDP Query User{803285D5-C094-4C3F-A366-EE520FD46A91}C:\users\pcgamer\appdata\local\discord\app-1.0.9008\discord.exe] => (Allow) C:\users\pcgamer\appdata\local\discord\app-1.0.9008\discord.exe => No File
FirewallRules: [TCP Query User{2B579A76-CE82-4A73-8E91-8C60568B1613}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{5A823CE0-DB0E-47EA-98AF-5B425A114519}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{F69F0E99-6B6E-498C-9A9B-D28BB1AB4167}D:\games\gtav\gta5.exe] => (Allow) D:\games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{FF618F90-26DE-4CF6-B02A-E716880FFBD9}D:\games\gtav\gta5.exe] => (Allow) D:\games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{6CC32D59-E453-4186-921A-D73AA31C1F31}] => (Allow) D:\Games\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9FFCF17F-DD33-49C1-ADB3-715A23AE68FB}] => (Allow) D:\Games\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DD4EFFF3-AE3D-4427-8AC6-27EBD38B7F76}] => (Allow) D:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{34F54C6B-C16B-4245-B3C6-5B59ACFC3AC9}] => (Allow) D:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{2C90682F-2808-44D8-9209-0A455D36D0FE}D:\games\steam\steamapps\common\fifa 23\fifa23.exe] => (Allow) D:\games\steam\steamapps\common\fifa 23\fifa23.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [UDP Query User{2470B447-FEC3-4D6E-9E4F-8788304E42F1}D:\games\steam\steamapps\common\fifa 23\fifa23.exe] => (Allow) D:\games\steam\steamapps\common\fifa 23\fifa23.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{0CF4394A-EF46-4E05-AF49-EAC52F3B33B2}] => (Block) C:\Program Files\Maxon\App Manager\Maxon.exe => No File
FirewallRules: [{B3F87F20-EF9B-4754-8411-564162319E99}] => (Block) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxon App () <==== ATTENTION [zero byte File/Folder]
FirewallRules: [{24395309-2230-430E-8145-54411C4EAD81}] => (Block) %ProgramFiles%\Maxon\App Manager\Maxon.exe => No File
FirewallRules: [{EE23A3F4-46CA-4873-B014-9C3930C0A3A4}] => (Allow) C:\Program Files\Red Giant\Offload\Offload.exe (Red Giant LLC -> Red Giant)
FirewallRules: [{ECD81706-B343-4542-A943-2C928B1CD1FD}] => (Allow) C:\Program Files\Red Giant\PluralEyes 4\PluralEyes 4.exe (Red Giant LLC -> Red Giant, LLC)
FirewallRules: [{00E82512-9CC0-464F-8FB9-99002A3F8B41}] => (Allow) C:\Program Files\Red Giant\PluralEyes 4\PEServer.exe (Red Giant, LLC) [File not signed]
FirewallRules: [{330981A8-D1B6-4AC1-8DC5-950B57ECD534}] => (Allow) C:\Users\PCGAMER\AppData\Roaming\uTorrent Web\utweb.exe => No File
FirewallRules: [{BD1C02E5-C231-4333-B308-785A49DD8DEF}] => (Allow) C:\Users\PCGAMER\AppData\Roaming\uTorrent Web\utweb.exe => No File
FirewallRules: [TCP Query User{41DABC74-2BC4-41A5-A930-35CD35FC671C}C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{2849BE34-3937-4A4D-A27C-30720477D00A}C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{1149EB89-F6A0-4341-87A1-2B19C48F1FEA}C:\users\pcgamer\appdata\local\discord\app-1.0.9011\discord.exe] => (Allow) C:\users\pcgamer\appdata\local\discord\app-1.0.9011\discord.exe => No File
FirewallRules: [UDP Query User{9BB6F776-1F53-489E-83DE-1B648E6A9DB8}C:\users\pcgamer\appdata\local\discord\app-1.0.9011\discord.exe] => (Allow) C:\users\pcgamer\appdata\local\discord\app-1.0.9011\discord.exe => No File
FirewallRules: [TCP Query User{C8C3D496-E674-49C2-88AE-E31CCB8908EA}D:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Allow) D:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [UDP Query User{087C6CDC-05D4-4E0C-9F6C-9FE5504857AA}D:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Allow) D:\games\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [TCP Query User{FBF8B67E-807B-4C90-A598-BC968AD02645}D:\soundwire server\soundwireserver.exe] => (Allow) D:\soundwire server\soundwireserver.exe => No File
FirewallRules: [UDP Query User{3B445C85-896F-4AEF-A0BC-E8F742FF1A6A}D:\soundwire server\soundwireserver.exe] => (Allow) D:\soundwire server\soundwireserver.exe => No File
FirewallRules: [{4753BE11-2C94-4F6D-8784-FC9BC25C6735}] => (Allow) D:\ianygo.exe => No File
FirewallRules: [{2F909DFB-B4ED-4FC4-B216-DD10494A1C19}] => (Allow) D:\ianygo.exe => No File
FirewallRules: [TCP Query User{DEB738EF-20B7-4EF7-AC3F-A1977D2430A2}C:\program files (x86)\tenorshare\tenorshare ianygo\tenorshare ianygo.exe] => (Allow) C:\program files (x86)\tenorshare\tenorshare ianygo\tenorshare ianygo.exe => No File
FirewallRules: [UDP Query User{16D4A734-A9D7-408F-B908-30CBE2690C78}C:\program files (x86)\tenorshare\tenorshare ianygo\tenorshare ianygo.exe] => (Allow) C:\program files (x86)\tenorshare\tenorshare ianygo\tenorshare ianygo.exe => No File
FirewallRules: [TCP Query User{AD8225CB-6A00-4EED-8F67-BBCF2D193129}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [UDP Query User{6E5D8B61-4536-409F-9774-468B856A77ED}C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe
FirewallRules: [TCP Query User{9D927F74-F0A5-4864-A82C-CDC1D48A5010}C:\program files (x86)\jeulin\atelier scientifique eleve physique chimie\esaostudio.exe] => (Allow) C:\program files (x86)\jeulin\atelier scientifique eleve physique chimie\esaostudio.exe => No File
FirewallRules: [UDP Query User{CE3D5BA6-37B7-4A1A-B7CB-278A5BA7E327}C:\program files (x86)\jeulin\atelier scientifique eleve physique chimie\esaostudio.exe] => (Allow) C:\program files (x86)\jeulin\atelier scientifique eleve physique chimie\esaostudio.exe => No File
FirewallRules: [TCP Query User{99487954-43DD-40FC-817B-9DC62E78ED02}D:\nodejs\node.exe] => (Allow) D:\nodejs\node.exe (OpenJS Foundation -> Node.js)
FirewallRules: [UDP Query User{4325294A-9DC5-4B07-B7C0-77D7C9CAD3CA}D:\nodejs\node.exe] => (Allow) D:\nodejs\node.exe (OpenJS Foundation -> Node.js)
FirewallRules: [TCP Query User{71BA53DB-4809-4D1C-8CCE-5F8D21433D10}D:\anydesk (7).exe] => (Block) D:\anydesk (7).exe => No File
FirewallRules: [UDP Query User{136FD1FA-10F4-4767-818A-8EC46C63CF3F}D:\anydesk (7).exe] => (Block) D:\anydesk (7).exe => No File
FirewallRules: [TCP Query User{C3B77FAB-F3E9-4CFC-9AE8-9A8C89876B25}C:\program files (x86)\imobie\anytrans\anytrans.exe] => (Allow) C:\program files (x86)\imobie\anytrans\anytrans.exe => No File
FirewallRules: [UDP Query User{C84B9A55-6474-47F9-825B-F629AF9BF31A}C:\program files (x86)\imobie\anytrans\anytrans.exe] => (Allow) C:\program files (x86)\imobie\anytrans\anytrans.exe => No File
FirewallRules: [{527690EB-5A2E-4393-B162-548510F5D144}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{049B499A-ADDE-4C0B-8AB4-127CFE8E8BA3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{90C83765-14AB-4356-B497-AF3A53C3BFBC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4DB95E3C-34E8-4390-AF70-17E98CF17EFE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{DD8430A5-BE1E-4889-AD44-22697068C75F}C:\program files (x86)\imobie\anytrans\airbackuphelper.exe] => (Block) C:\program files (x86)\imobie\anytrans\airbackuphelper.exe => No File
FirewallRules: [UDP Query User{FA942569-5B44-4F67-AB59-F9DFD2556550}C:\program files (x86)\imobie\anytrans\airbackuphelper.exe] => (Block) C:\program files (x86)\imobie\anytrans\airbackuphelper.exe => No File
FirewallRules: [{C7930689-5C58-46E1-BBB0-0EA11B5D2D83}] => (Allow) C:\Users\PCGAMER\AppData\Local\Programs\Opera GX\98.0.4759.74\opera.exe => No File
FirewallRules: [TCP Query User{CAC5188A-C778-424D-93A6-95D3620663A8}D:\anydesk (8).exe] => (Block) D:\anydesk (8).exe => No File
FirewallRules: [UDP Query User{88EB6471-BB48-43A7-AC87-01DAF5EEC311}D:\anydesk (8).exe] => (Block) D:\anydesk (8).exe => No File
FirewallRules: [TCP Query User{7E2D5E29-934A-41CF-8EF3-EAABA6CA6A38}C:\users\pcgamer\appdata\local\discord\app-1.0.9013\discord.exe] => (Allow) C:\users\pcgamer\appdata\local\discord\app-1.0.9013\discord.exe => No File
FirewallRules: [UDP Query User{E58F9B2A-5B4C-4E61-BCE5-E9A28B482B1B}C:\users\pcgamer\appdata\local\discord\app-1.0.9013\discord.exe] => (Allow) C:\users\pcgamer\appdata\local\discord\app-1.0.9013\discord.exe => No File
FirewallRules: [TCP Query User{B9E50D82-5D35-4D4A-AEB2-96A62FC1DC7D}C:\users\pcgamer\appdata\roaming\paladium-group\java\legacy\java\bin\java.exe] => (Allow) C:\users\pcgamer\appdata\roaming\paladium-group\java\legacy\java\bin\java.exe
FirewallRules: [UDP Query User{6CC4C2EE-BDBF-4CDF-9B4C-4D03A15E9069}C:\users\pcgamer\appdata\roaming\paladium-group\java\legacy\java\bin\java.exe] => (Allow) C:\users\pcgamer\appdata\roaming\paladium-group\java\legacy\java\bin\java.exe
FirewallRules: [TCP Query User{3551C385-7BC3-42BF-A68A-C33526809187}C:\users\pcgamer\appdata\local\programs\elundus-core\elundus core.exe] => (Block) C:\users\pcgamer\appdata\local\programs\elundus-core\elundus core.exe => No File
FirewallRules: [UDP Query User{339078DF-BE41-4A05-90BC-D28CB320BD0C}C:\users\pcgamer\appdata\local\programs\elundus-core\elundus core.exe] => (Block) C:\users\pcgamer\appdata\local\programs\elundus-core\elundus core.exe => No File
FirewallRules: [TCP Query User{FD98942B-3624-4FAF-8D5F-6CFAE79599FC}D:\games\steam\steamapps\common\fifa 23\fifa23.exe] => (Allow) D:\games\steam\steamapps\common\fifa 23\fifa23.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [UDP Query User{44B7A9DA-78D4-42D1-8D52-3823646C69C9}D:\games\steam\steamapps\common\fifa 23\fifa23.exe] => (Allow) D:\games\steam\steamapps\common\fifa 23\fifa23.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{CC20B854-ABDA-4B77-88C9-FEFAA24A8ADD}C:\users\pcgamer\curseforge\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\pcgamer\curseforge\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File
FirewallRules: [UDP Query User{7D64F896-77E2-4477-A08F-A91E739E15C9}C:\users\pcgamer\curseforge\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe] => (Allow) C:\users\pcgamer\curseforge\minecraft\install\runtime\java-runtime-beta\windows-x64\java-runtime-beta\bin\javaw.exe => No File
FirewallRules: [{C70D4954-27F7-4F93-BB9C-9A7AFE6CED21}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe => No File
FirewallRules: [{2BDFC9DA-3397-47B6-A7ED-EF5A2D6C6105}] => (Allow) D:\fifaa\EA SPORTS FC 24\EAAntiCheat.GameServiceLauncher.exe => No File
FirewallRules: [{EC01975B-1A1F-45A7-BBA9-1438C13D019A}] => (Allow) D:\fifaa\EA SPORTS FC 24\EAAntiCheat.GameServiceLauncher.exe => No File
FirewallRules: [{995572DE-189E-44CF-928E-801732DDF813}] => (Allow) C:\Program Files (x86)\TuxlerChromeExtensionHelperApp\ExtensionHelperAppManager.exe (TUXLER PRIVACY TECHNOLOGIES, INC. -> Tuxler Privacy Technologies, Inc.)
FirewallRules: [{4D2B39CE-8BED-4BBC-A806-859A43CFE2BD}] => (Allow) C:\Program Files (x86)\TuxlerChromeExtensionHelperApp\ExtensionHelperApp.exe (TUXLER PRIVACY TECHNOLOGIES, INC. -> Tuxler Privacy Technologies, Inc.)
FirewallRules: [{7393AB7A-A0A3-46F2-B57A-58F54F1103DE}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe () [File not signed]
FirewallRules: [{0BF29E62-6B99-40F1-98BC-E6DA5F883549}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe () [File not signed]
FirewallRules: [{18030275-0E62-4BB8-8BB2-893A6967BD3D}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe () [File not signed]
FirewallRules: [{87BE9D37-17B7-48D1-9D82-6276C6FD3F63}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe () [File not signed]
FirewallRules: [{8108DB6C-B3A9-45D9-969E-F814A6F1ACA3}] => (Allow) C:\Program Files (x86)\TuxlerChromeExtensionHelperApp\ExtensionHelperAppManager.exe (TUXLER PRIVACY TECHNOLOGIES, INC. -> Tuxler Privacy Technologies, Inc.)
FirewallRules: [{B50E8090-477D-43EE-A9F3-86954867EB55}] => (Allow) C:\Program Files (x86)\TuxlerChromeExtensionHelperApp\ExtensionHelperApp.exe (TUXLER PRIVACY TECHNOLOGIES, INC. -> Tuxler Privacy Technologies, Inc.)
FirewallRules: [{4E5BB771-6050-464B-99A0-4B437015E3E9}] => (Allow) C:\Program Files (x86)\TuxlerChromeExtensionHelperApp\ExtensionHelperAppManager.exe (TUXLER PRIVACY TECHNOLOGIES, INC. -> Tuxler Privacy Technologies, Inc.)
FirewallRules: [{C08F13CE-1503-4189-A0E5-E709A0923228}] => (Allow) C:\Program Files (x86)\TuxlerChromeExtensionHelperApp\ExtensionHelperApp.exe (TUXLER PRIVACY TECHNOLOGIES, INC. -> Tuxler Privacy Technologies, Inc.)
FirewallRules: [{B28C1179-9F70-4DC4-BA01-2BE4703FF328}] => (Allow) C:\Program Files (x86)\TuxlerChromeExtensionHelperApp\ExtensionHelperAppManager.exe (TUXLER PRIVACY TECHNOLOGIES, INC. -> Tuxler Privacy Technologies, Inc.)
FirewallRules: [{F06A3F06-53E9-45E1-B920-877BB9D8EC84}] => (Allow) C:\Program Files (x86)\TuxlerChromeExtensionHelperApp\ExtensionHelperApp.exe (TUXLER PRIVACY TECHNOLOGIES, INC. -> Tuxler Privacy Technologies, Inc.)
FirewallRules: [{F4D9F815-19C6-496A-9A45-FCA930203391}] => (Allow) C:\Program Files (x86)\TuxlerChromeExtensionHelperApp\ExtensionHelperAppManager.exe (TUXLER PRIVACY TECHNOLOGIES, INC. -> Tuxler Privacy Technologies, Inc.)
FirewallRules: [{18F292D3-CB27-4F00-B82A-FC29D85E821C}] => (Allow) C:\Program Files (x86)\TuxlerChromeExtensionHelperApp\ExtensionHelperApp.exe (TUXLER PRIVACY TECHNOLOGIES, INC. -> Tuxler Privacy Technologies, Inc.)
FirewallRules: [{3E45F791-9283-46C8-B0E7-4FB537E1BEFE}] => (Allow) C:\Program Files (x86)\TuxlerChromeExtensionHelperApp\ExtensionHelperAppManager.exe (TUXLER PRIVACY TECHNOLOGIES, INC. -> Tuxler Privacy Technologies, Inc.)
FirewallRules: [{E9E05F04-F96D-4C1A-B99F-CA576E4F0273}] => (Allow) C:\Program Files (x86)\TuxlerChromeExtensionHelperApp\ExtensionHelperApp.exe (TUXLER PRIVACY TECHNOLOGIES, INC. -> Tuxler Privacy Technologies, Inc.)
FirewallRules: [{FDE1AC49-CED5-437E-A6E4-5978BBA86BE0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1B697DC5-58FF-4597-AD81-5590B96646EB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EB6F549E-5581-4A44-A1D7-6BFD007199BC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{460925D7-204D-42AD-A559-A82E9B07AA3F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{55799818-002F-42EB-A473-C3471318D753}] => (Allow) D:\bstacks\BlueStacks X\BlueStacksWeb.exe (Now.gg, INC -> Bluestack Systems, Inc.)
FirewallRules: [{AF150354-7336-4B09-A8AD-886008481BE1}] => (Allow) D:\bstacks\BlueStacks X\Cloud Game.exe (Now.gg, INC -> COMPANY NAME)
FirewallRules: [{1277D12C-7377-4927-BE11-DE6FAFB15A1E}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{9FFF0CA7-AE20-4474-8132-6B7942F61901}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe => No File
FirewallRules: [{F921757B-CD57-4A64-9651-4EA396CB60C5}] => (Allow) C:\Program Files (x86)\TuxlerChromeExtensionHelperApp\ExtensionHelperAppManager.exe (TUXLER PRIVACY TECHNOLOGIES, INC. -> Tuxler Privacy Technologies, Inc.)
FirewallRules: [{84C4503C-AED3-483B-8B8F-C47AC815E57D}] => (Allow) C:\Program Files (x86)\TuxlerChromeExtensionHelperApp\ExtensionHelperApp.exe (TUXLER PRIVACY TECHNOLOGIES, INC. -> Tuxler Privacy Technologies, Inc.)
FirewallRules: [{9388745F-5822-41F1-BF5D-91832D79EBB1}] => (Allow) C:\Users\PCGAMER\AppData\Local\Programs\Opera GX\105.0.4970.63\opera.exe => No File
FirewallRules: [{B82E25E1-5A7B-42F7-963F-89789C0C8AD1}] => (Allow) C:\Users\PCGAMER\AppData\Local\Programs\Opera GX\105.0.4970.74\opera.exe => No File
FirewallRules: [{0AFFFAC8-AC1E-45AA-BE71-B74DCDEF2E37}] => (Allow) D:\Games\Steam\steamapps\common\eFootball\eFootball\Binaries\Win64\eFootball.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{D262156A-C6B8-4EE2-AFC0-0540CB6B004A}] => (Allow) D:\Games\Steam\steamapps\common\eFootball\eFootball\Binaries\Win64\eFootball.exe (Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{8d2670d5-a65e-4b8d-bbaa-5033ff7487ce}] => (Allow) C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation)
FirewallRules: [{e09cedcb-0de4-4712-b495-514dfbbf24c5}] => (Allow) C:\Program Files\ldplayer9box\VBoxNetNAT.exe (Shanghai Chang Zhi Network Technology Co,. Ltd. -> Oracle Corporation)
FirewallRules: [{ed1498d0-5229-4da1-98b2-618d65e11e28}] => (Allow) D:\LDPlayer\LDPlayer9\dnplayer.exe (Shanghai Baizhi Network Technology Co., Ltd. -> )
FirewallRules: [{F3576494-2B76-4A49-8817-38BDC2225778}] => (Allow) C:\Users\PCGAMER\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{EE89B096-B703-4D5D-9CF4-A746C61CA269}] => (Allow) C:\Users\PCGAMER\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{BF5EE8FD-6AE8-4DF8-B7C4-A090E8B970E4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{3C795058-BC67-4805-B093-75EC74ED2160}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.66\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FA334DA1-C8F0-4585-81FF-1BB749A0860A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{4D284CF3-3E40-49FB-863B-E735F5FC2D11}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{7BAF155F-64A8-4F66-A233-511D42098DB2}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{6E741E10-3C29-4DBC-BD73-412CB4D0CA78}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{D6C300AF-1704-45E5-A70F-ED6905F84D5A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{AA71DC68-7258-47A0-984F-0A9B1D91EABB}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{7BB9B9EC-8E08-4078-A009-B7DBB0532C81}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{C414A35A-4B4E-4C56-923D-A13D97E6D144}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{8C84930F-1DB2-4CBC-AA12-CA4F68EB43A5}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{75FA534E-E354-42DC-9D58-3C2F47D1B7BD}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{6B9E4DB4-5B27-4BEC-A812-D2C596758A44}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
Name: ExpressVPN TAP Adapter
Description: ExpressVPN TAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ExpressVPN
Service: tapexpressvpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (03/05/2024 01:14:31 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: La création du contexte d’activation a échoué pour « D:\capcut\CapCut.exe ». Erreur dans le fichier de manifeste ou de stratégie « » à la ligne .
Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active.
Les composants en conflit sont :
Composant 1 : C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.3636_none_a863d714867441db.manifest.
Composant 2 : C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.3636_none_60b6a03d71f818d5.manifest.
Error: (03/05/2024 01:13:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante RobloxPlayerBeta.exe, version : 0.614.274.45570, horodatage : 0xc77e005c
Nom du module défaillant : RobloxPlayerBeta.exe, version : 0.614.274.45570, horodatage : 0xc77e005c
Code d’exception : 0x80000003
Décalage d’erreur : 0x000000000058f530
ID du processus défaillant : 0x588
Heure de début de l’application défaillante : 0x01da6ef05b8b2779
Chemin d’accès de l’application défaillante : C:\Users\PCGAMER\AppData\Local\Roblox\Versions\version-6c9c3d4458db4041\RobloxPlayerBeta.exe
Chemin d’accès du module défaillant: C:\Users\PCGAMER\AppData\Local\Roblox\Versions\version-6c9c3d4458db4041\RobloxPlayerBeta.exe
ID de rapport : fa8586e4-850d-4c55-81f6-0bd974dbf6d8
Nom complet du package défaillant :
ID de l’application relative au package défaillant :
Error: (03/05/2024 12:30:56 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0xC004F074
Arguments de la ligne de commande :
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (03/05/2024 12:30:30 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0xC004F074
Arguments de la ligne de commande :
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (03/05/2024 12:30:04 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0xC004F074
Arguments de la ligne de commande :
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent
Error: (03/05/2024 01:17:38 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0xC004F074
Arguments de la ligne de commande :
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent
Error: (03/05/2024 01:16:20 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0xC004F074
Arguments de la ligne de commande :
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=TimerEvent
Error: (03/05/2024 12:17:11 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erreur lors de la mise à jour du statut vers SECURITY_PRODUCT_STATE_ON.
System errors:
=============
Error: (03/05/2024 01:13:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service kss n’a pas pu démarrer en raison de l’erreur :
Le fichier spécifié est introuvable.
Error: (03/05/2024 01:13:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service kss n’a pas pu démarrer en raison de l’erreur :
Le fichier spécifié est introuvable.
Error: (03/05/2024 01:07:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service kss n’a pas pu démarrer en raison de l’erreur :
Le fichier spécifié est introuvable.
Error: (03/05/2024 01:07:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service kss n’a pas pu démarrer en raison de l’erreur :
Le fichier spécifié est introuvable.
Error: (03/05/2024 01:02:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service kss n’a pas pu démarrer en raison de l’erreur :
Le fichier spécifié est introuvable.
Error: (03/05/2024 01:02:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service kss n’a pas pu démarrer en raison de l’erreur :
Le fichier spécifié est introuvable.
Error: (03/05/2024 12:57:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service kss n’a pas pu démarrer en raison de l’erreur :
Le fichier spécifié est introuvable.
Error: (03/05/2024 12:57:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service kss n’a pas pu démarrer en raison de l’erreur :
Le fichier spécifié est introuvable.
Windows Defender:
================
Date: 2024-03-05 12:43:57
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
[URL unfurl="true"]https://go.microsoft.com/fwlink/?linkid=37020&name=PUABundler:Win32/CheatEngine&threatid=365468&enterprise=0[/URL]
Nom : PUABundler:Win32/CheatEngine
ID : 365468
Gravité : Faible
Catégorie : Logiciel potentiellement non désiré
Chemin : file:_D:\CheatEngine75 (1).exe
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur :
Nom du processus : C:\Users\PCGAMER\AppData\Local\Roblox\Versions\version-6c9c3d4458db4041\RobloxPlayerBeta.exe
Version de la veille de sécurité : AV: 1.405.1086.0, AS: 1.405.1086.0, NIS: 0.0.0.0
Version du moteur : AM: 1.1.24010.10, NIS: 0.0.0.0
Date: 2024-03-05 12:39:54
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
[URL unfurl="true"]https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:Win32/DefenderTamperingRestore&threatid=2147741622&enterprise=0[/URL]
Nom : VirTool:Win32/DefenderTamperingRestore
ID : 2147741622
Gravité : Grave
Catégorie : Outil
Chemin : regkeyvalue:_hklm\software\policies\microsoft\windows defender\real-time protection\\DisableBehaviorMonitoring
Origine de la détection : Inconnu
Type de détection : Concret
Source de détection : Système
Utilisateur : AUTORITE NT\Système
Nom du processus : Unknown
Version de la veille de sécurité : AV: 1.405.1086.0, AS: 1.405.1086.0, NIS: 0.0.0.0
Version du moteur : AM: 1.1.24010.10, NIS: 0.0.0.0
Date: 2024-03-04 23:35:43
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
[URL unfurl="true"]https://go.microsoft.com/fwlink/?linkid=37020&name=PUABundler:Win32/CheatEngine&threatid=365468&enterprise=0[/URL]
Nom : PUABundler:Win32/CheatEngine
ID : 365468
Gravité : Faible
Catégorie : Logiciel potentiellement non désiré
Chemin : file:_D:\CheatEngine75 (1).exe
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Protection en temps réel
Utilisateur :
Nom du processus : C:\Users\PCGAMER\AppData\Local\Roblox\Versions\version-6c9c3d4458db4041\RobloxPlayerBeta.exe
Version de la veille de sécurité : AV: 1.405.1052.0, AS: 1.405.1052.0, NIS: 0.0.0.0
Version du moteur : AM: 1.1.24010.10, NIS: 0.0.0.0
Date: 2024-03-04 15:22:58
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
[URL unfurl="true"]https://go.microsoft.com/fwlink/?linkid=37020&name=VirTool:Win32/DefenderTamperingRestore&threatid=2147741622&enterprise=0[/URL]
Nom : VirTool:Win32/DefenderTamperingRestore
ID : 2147741622
Gravité : Grave
Catégorie : Outil
Chemin : regkeyvalue:_hklm\software\policies\microsoft\windows defender\\DisableAntiSpyware
Origine de la détection : Inconnu
Type de détection : Concret
Source de détection : Système
Utilisateur : AUTORITE NT\Système
Nom du processus : Unknown
Version de la veille de sécurité : AV: 1.405.976.0, AS: 1.405.976.0, NIS: 1.405.976.0
Version du moteur : AM: 1.1.24010.10, NIS: 1.1.24010.10
Date: 2024-03-02 22:19:54
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
[URL unfurl="true"]https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Znyonm&threatid=2147890445&enterprise=0[/URL]
Nom : Trojan:Win32/Znyonm
ID : 2147890445
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : file:_D:\dl\utweb_installer.exe
Origine de la détection : Ordinateur local
Type de détection : Chemin rapide
Source de détection : Protection en temps réel
Utilisateur : DESKTOP-3RPVMEJ\PC GAMER
Nom du processus : C:\Windows\explorer.exe
Version de la veille de sécurité : AV: 1.405.913.0, AS: 1.405.913.0, NIS: 1.405.913.0
Version du moteur : AM: 1.1.24010.10, NIS: 1.1.24010.10
Event[0]:
Date: 2024-03-04 23:14:28
Description:
La fonctionnalité de protection en temps réel Antivirus Microsoft Defender a rencontré une erreur et échoué.
Fonctionnalité : Sur accès
Code d’erreur : 0x8007043c
Description de l’erreur : Ce service ne peut pas être démarré en mode sans échec
Raison : La veille de sécurité contre les logiciels malveillants a cessé de fonctionner pour une raison inconnue. Dans certains cas, le redémarrage du service peut résoudre le problème.
Date: 2023-11-20 19:08:11
Description:
Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.401.908.0
Source de mise à jour : Serveur Microsoft Update
Type de veille de sécurité : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\Système
Version actuelle du moteur :
Version précédente du moteur : 1.1.23100.2009
Code d’erreur : 0x8024402c
Description de l’erreur : Un problème inattendu s’est produit lors de la vérification des mises à jour. Pour plus d’informations sur l’installation ou la résolution des problèmes de mise à jour, voir Aide et support.
Date: 2023-08-31 20:09:49
Description:
Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.391.4019.0
Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants
Type de veille de sécurité : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\Système
Version actuelle du moteur :
Version précédente du moteur : 1.1.23050.3
Code d’erreur : 0x80070070
Description de l’erreur : Espace insuffisant sur le disque.
Date: 2023-08-31 20:09:49
Description:
Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.391.4019.0
Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants
Type de veille de sécurité : Logiciel anti-espion
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\Système
Version actuelle du moteur :
Version précédente du moteur : 1.1.23050.3
Code d’erreur : 0x80070070
Description de l’erreur : Espace insuffisant sur le disque.
Date: 2023-08-31 20:09:49
Description:
Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.391.4019.0
Source de mise à jour : Centre de protection Microsoft contre les logiciels malveillants
Type de veille de sécurité : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\Système
Version actuelle du moteur :
Version précédente du moteur : 1.1.23050.3
Code d’erreur : 0x80070070
Description de l’erreur : Espace insuffisant sur le disque.
CodeIntegrity:
===============
Date: 2024-03-05 13:44:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.
Date: 2024-03-05 13:38:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. P3.70 11/14/2019
Motherboard: ASRock B450M-HDV R4.0
Processor: AMD Ryzen 5 3600 6-Core Processor
Percentage of memory in use: 74%
Total physical RAM: 16313.86 MB
Available physical RAM: 4085.22 MB
Total Virtual: 30649.86 MB
Available Virtual: 11387 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.17 GB) (Free:5.65 GB) (Model: KINGSTON SA400S3 SCSI Disk Device) NTFS
Drive d: (Nouveau nom) (Fixed) (Total:931.5 GB) (Free:394.58 GB) (Model: WDC WD10EZEX-60W SCSI Disk Device) NTFS
\\?\Volume{d2ce56ce-ee7d-493e-a267-efedbcadf977}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{8a32d6c7-be1f-437f-8b1e-aa2acfc51829}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Last edited by a moderator: