--------------- QuickDiag | g3n-h@ckm@n | V3_31.01.17.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 05/02/2017 17:00:56 Updated 31/01/2017 | 13.00 by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [Patrick (Administrator)] - [PATRICK-PC] (S-1-5-21-893078023-2179327528-203563115-1000) System: Microsoft Windows 10 Famille - - (10.0.14393) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Famille|C:\WINDOWS|\Device\Harddisk1\Partition2 Boot : Normal boot PC: MS-7846 - MSI - IdNumber: To be filled by O.E.M. - UUID: 00000000-0000-0000-0000-448A5BD27F13 Processor : X64 - 3200 Mhz - Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz BIOS Date: 05/29/15 15:46:39 Ver: V20.8B0 - - American Megatrends Inc. - S/N: To be filled by O.E.M. - V20.8 - ALASKA - 1072009 CoreTemp : 29.8 Celsius ----------| Quick ---------- | SoundDevice Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0887&SUBSYS_1462D846&REV_1003\4&DDA3B71&0&0001 NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0014&SUBSYS_10DE0101&REV_1001\5&1143EBBB&0&0001 NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0014&SUBSYS_10DE0101&REV_1001\5&1143EBBB&0&0101 NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0014&SUBSYS_10DE0101&REV_1001\5&1143EBBB&0&0201 NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0014&SUBSYS_10DE0101&REV_1001\5&1143EBBB&0&0301 Son Intel(R) pour écrans - Status: OK - Manufacturer: Intel(R) Corporation - PNPDeviceID: HDAUDIO\FUNC_01&VEN_8086&DEV_2807&SUBSYS_80860101&REV_1000\4&25A08401&0&0001 ---------- | Video NVIDIA Quadro 600 - Resolution: 2560x1440 - Colors: 4294967296 - RefreshRate: 59 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispwi.inf_amd64_47a89e157843d28c\nvd3dumx,C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispwi.inf_amd64_47a89e157843d28c\nvwgf2umx,C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispwi.inf_amd64_47a89e157843d28c\nvwgf2umx,C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispwi.inf_amd64_47a89e157843d28c\nvwgf2umx,C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispwi.inf_amd64_47a89e157843d28c\nvd3dum,C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispwi.inf_amd64_47a89e157843d28c\nvwgf2um,C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispwi.inf_amd64_47a89e157843d28c\nvwgf2um,C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispwi.inf_amd64_47a89e157843d28c\nvwgf2um - PNPDeviceID: PCI\VEN_10DE&DEV_0DF8&SUBSYS_083510DE&REV_A1\4&124E1DB3&0&0008 - AdapterCompatibility: NVIDIA - RAM: 1073741824 Intel(R) HD Graphics 4600 - Resolution: 1920x1080 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController2 - Drivers: igdumdim64.dll,igd10iumd64.dll,igd10iumd64.dll,igd12umd64.dll,igdumdim32,igd10iumd32,igd10iumd32,igd12umd32 - PNPDeviceID: PCI\VEN_8086&DEV_0412&SUBSYS_78461462&REV_06\3&11583659&0&10 - AdapterCompatibility: Intel Corporation - RAM: 1073741824 Inegrated Video Chipset DeviceName: NVIDIA Quadro 600 - DriverVersion: 21.21.13.7633 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42936 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 17920 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 27648 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 35696 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34640 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 87040 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25352 - Manufacturer: Microsoft Corporation - Status: OK ---------- | CPU CPU #1 value:47 % CPU #2 value:23 % CPU #3 value:35 % CPU #4 value:64 % Total Overall CPU Usage value:42 % ---------- | Network Realtek PCIe GBE Family Controller : SENT:228 bytes/sec / RECVD:228 bytes/sec NETGEAR WNA3100M N300 Wireless Mini USB Adapter : SENT:0 bytes/sec / RECVD:0 bytes/sec Connexion au réseau local* 2 : SENT:0 bytes/sec / RECVD:0 bytes/sec isatap.home : SENT:0 bytes/sec / RECVD:0 bytes/sec Overall -> SEND Maxium:228 bytes/sec, / RECEIVE Maximum:228 bytes/sec Microsoft Kernel Debug Network Adapter - - Microsoft - Status: - PnPID : ROOT\KDNIC\0000 Realtek PCIe GBE Family Controller - Ethernet 802.3 - Realtek - Status: - PnPID : PCI\VEN_10EC&DEV_8168&SUBSYS_78461462&REV_0C\4&2CB84BF6&0&00E2 NETGEAR WNA3100M N300 Wireless Mini USB Adapter - Ethernet 802.3 - NETGEAR Inc. - Status: - PnPID : USB\VID_0846&PID_9021\00E04C000001 Microsoft Hosted Network Virtual Adapter - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_SAP\8&B4B66F8&1&02 Microsoft ISATAP Adapter - - - Status: - PnPID : Microsoft Teredo Tunneling Adapter - Tunnel - Microsoft - Status: - PnPID : SWD\IP_TUNNEL_VBUS\TEREDO_TUNNEL_DEVICE Microsoft ISATAP Adapter #2 - Tunnel - Microsoft - Status: - PnPID : SWD\IP_TUNNEL_VBUS\ISATAP_1 WAN Miniport (SSTP) - - - Status: - PnPID : WAN Miniport (IKEv2) - - - Status: - PnPID : WAN Miniport (L2TP) - - - Status: - PnPID : WAN Miniport (PPTP) - - - Status: - PnPID : WAN Miniport (PPPOE) - - - Status: - PnPID : WAN Miniport (IP) - - - Status: - PnPID : WAN Miniport (IPv6) - - - Status: - PnPID : WAN Miniport (Network Monitor) - - - Status: - PnPID : ---------- | Memory RAM = Total (MB) : 16636 | Free (MB) : 14466 Pagefile = Total (MB) : 33413 | Free (MB) : 31119 Virtual = Total (MB) : 4194 | Free (MB) : 3970 Physical Memory 0 : Capacity: 8589934592 - ChannelA-DIMM0 - Posit.: 1 - Manufacturer: 1315 - PartNumber: BLS8G3D1609DS1S00. - S/N: 594901FE Physical Memory 2 : Capacity: 8589934592 - ChannelB-DIMM0 - Posit.: 2 - Manufacturer: 1315 - PartNumber: BLS8G3D1609DS1S00. - S/N: 594901FF ---------- | SID Users Administrateur : [S-1-5-21-893078023-2179327528-203563115-500] DefaultAccount : [S-1-5-21-893078023-2179327528-203563115-503] Invité : [S-1-5-21-893078023-2179327528-203563115-501] Patrick : [S-1-5-21-893078023-2179327528-203563115-1000] Administrateurs : [S-1-5-32-544] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] System Managed Accounts Group : [S-1-5-32-581] Utilisateurs : [S-1-5-32-545] Utilisateurs de gestion à distance : [S-1-5-32-580] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] ---------- | SystemAccounts Name: Tout le monde - SID: S-1-1-0 - SIDType: 5 - Status: OK Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK Name: CREATEUR PROPRIETAIRE - SID: S-1-3-0 - SIDType: 5 - Status: OK Name: GROUPE CREATEUR - SID: S-1-3-1 - SIDType: 5 - Status: OK Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK Name: DROITS DU PROPRIÉTAIRE - SID: S-1-3-4 - SIDType: 5 - Status: OK Name: LIGNE - SID: S-1-5-1 - SIDType: 5 - Status: OK Name: RESEAU - SID: S-1-5-2 - SIDType: 5 - Status: OK Name: TACHE - SID: S-1-5-3 - SIDType: 5 - Status: OK Name: INTERACTIF - SID: S-1-5-4 - SIDType: 5 - Status: OK Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK Name: Proxy - SID: S-1-5-8 - SIDType: 5 - Status: OK Name: Système - SID: S-1-5-18 - SIDType: 5 - Status: OK Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK Name: Utilisateurs authentifiés - SID: S-1-5-11 - SIDType: 5 - Status: OK Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK Name: UTILISATEUR TERMINAL SERVER - SID: S-1-5-13 - SIDType: 5 - Status: OK Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK Name: SERVICE LOCAL - SID: S-1-5-19 - SIDType: 5 - Status: OK Name: SERVICE RÉSEAU - SID: S-1-5-20 - SIDType: 5 - Status: OK Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK ---------- | Drives C:\ -> [Fixed] | [] | Total : 223.35 Go | Free : 88.65 Go -> NTFS (SSD) [SATA] D:\ -> [Fixed] | [disque 4 To tour] | Total : 3725.9 Go | Free : 1532.09 Go -> NTFS [SATA] E:\ -> [Fixed] | [disque 1 To] | Total : 931.51 Go | Free : 705 Go -> NTFS [SATA] F:\ -> [Fixed] | [PHOTOS] | Total : 2794.39 Go | Free : 757.83 Go -> NTFS [SATA] G:\ -> [Removable] | [] | Total : 7.31 Go | Free : 4.58 Go -> FAT32 [USB] Disk Usage Information [7 total Physical Disks] Physical Drive #0 [F:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [C:] : Read:4,980,251 bytes/sec, Written:5,426,814 bytes/sec Max Read:4,980,251 bytes/sec, Max Write:5,426,814 bytes/sec Physical Drive #2 [D:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #3 [E:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #4 [K:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #5 [X:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #6 [G:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:4,980,251 bytes/sec, Write Maximum:5,426,814 bytes/sec DeviceID: \\.\PHYSICALDRIVE4 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_HP&PROD_PHOTOSMART_6520&REV_1.00\7&220CF084&0&TH3A4480NQ05XP&0 DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 1 Part. - PnPID : SCSI\DISK&VEN_&PROD_ST3000DM001-1ER1\4&356E18AD&0&000000 DeviceID: \\.\PHYSICALDRIVE1 - Status: OK - IDE - Fixed hard disk media - 4 Part. - PnPID : SCSI\DISK&VEN_SAMSUNG&PROD_SSD_850_EVO_250G\4&356E18AD&0&010000 DeviceID: \\.\PHYSICALDRIVE6 - Status: OK - USB - Removable Media - 4 Part. - PnPID : USBSTOR\DISK&VEN_SANDISK&PROD_CRUZER_BLADE&REV_1.27\20044324311B07A1B330&0 DeviceID: \\.\PHYSICALDRIVE3 - Status: OK - IDE - Fixed hard disk media - 4 Part. - PnPID : SCSI\DISK&VEN_&PROD_ST31000528AS\4&356E18AD&0&050000 DeviceID: \\.\PHYSICALDRIVE5 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_GENERIC&PROD_STORAGE_DEVICE&REV_9451\6&12F3E1F&0 DeviceID: \\.\PHYSICALDRIVE2 - Status: OK - IDE - Fixed hard disk media - 1 Part. - PnPID : SCSI\DISK&VEN_WDC&PROD_WD40EFRX-68WT0N0\4&356E18AD&0&040000 ---------- | Windows updates No detected update !!! Windows Is Activated ---------- | Browsers IE : 11.0.14393.0 (© Microsoft Corporation. Tous droits réservés.) FF : 51.0.1.6234 (©Firefox and Mozilla Developers; available under the MPL 2 license.) GC : 56.0.2924.87 (Copyright 2016 Google Inc.) Default : "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" ---------- | FlashPlayer FlashPlayer ActiveX : 24.0.0.194 FlashPlayer Plugin : 24.0.0.194 ---------- | Security AM : Malwarebytes' Anti-Malware ( 2.3.173.0) [Update : 25/09/2016 06:02:13] FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Manual(3)] = stopped AS: Windows Defender [Manual(3)] = stopped WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 432 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.14393.0) = C:\Windows\System32\smss.exe [16/07/2016 12:42:27] CPU Usage:0 % 764 | [Owner : | Parent : 632() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.14393.0) = C:\Windows\System32\wininit.exe [16/07/2016 12:42:27] CPU Usage:0 % 836 | [Owner : | Parent : 764(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.14393.479) = C:\Windows\System32\services.exe [10/12/2016 06:39:03] CPU Usage:0 % 844 | [Owner : | Parent : 764(wininit.exe) | ?????] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.14393.187) = C:\Windows\System32\lsass.exe [14/09/2016 12:01:07] CPU Usage:0 % 944 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 1012 | [Owner : | Parent : 756() | ?????] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.14393.594) = C:\Windows\System32\winlogon.exe [11/01/2017 09:47:13] CPU Usage:0 % 348 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 572 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 1052 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 1060 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 1192 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 1268 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 1376 | [Owner : | Parent : 836(services.exe) | ?????] - (.Intel Corporation - igfxCUIService Module.) - (6.15.10.4531) = C:\Windows\System32\igfxCUIService.exe [04/06/2016 18:42:45] CPU Usage:0 % 1476 | [Owner : | Parent : 836(services.exe) | ?????] - (.NVIDIA Corporation - NVIDIA Container.) - (1.0.0.0) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [11/01/2017 11:21:18] CPU Usage:0 % 1484 | [Owner : | Parent : 836(services.exe) | ?????] - (.NVIDIA Corporation - NVIDIA WMI Provider.) - (2.29.0.0) = C:\Windows\System32\nvwmi64.exe [15/06/2015 17:22:18] CPU Usage:0 % 1572 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 1984 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 1348 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 1844 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 2092 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 2192 | [Owner : | Parent : 836(services.exe) | ?????] - (.AVAST Software - avast! Service.) - (12.3.3154.0) = C:\Program Files\AVAST Software\Avast\AvastSvc.exe [09/09/2016 15:12:42] CPU Usage:0 % 2460 | [Owner : | Parent : 1476(NVDisplay.Container.exe) | ?????] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.7633) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [14/09/2016 11:04:36] CPU Usage:0 % 2568 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.14393.351) = C:\Windows\System32\spoolsv.exe [30/10/2016 16:47:46] CPU Usage:0 % 2612 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 2816 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 2824 | [Owner : | Parent : 836(services.exe) | ?????] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.21.1354) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [19/12/2016 22:38:14] CPU Usage:0 % 2840 | [Owner : | Parent : 836(services.exe) | ?????] - (.Adobe Systems Incorporated - Adobe Update Service.) - (3.9.1.335) = C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [25/10/2016 10:51:06] CPU Usage:0 % 2860 | [Owner : | Parent : 836(services.exe) | ?????] - (.Adobe Systems, Incorporated - Adobe Genuine Software Integrity Service.) - (3.6.0.462) = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [20/08/2015 16:04:56] CPU Usage:0 % 2140 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 3076 | [Owner : | Parent : 836(services.exe) | ?????] - (.X-Rite Inc. - xritedev Application.) - (210.0.0.130) = C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [18/09/2015 15:49:28] CPU Usage:0 % 3096 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 3108 | [Owner : | Parent : 836(services.exe) | ?????] - (.- Wifi Service.) - (2.1.0.24) = C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe [08/10/2015 16:21:20] CPU Usage:0 % 3116 | [Owner : | Parent : 836(services.exe) | ?????] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [11/05/2015 08:12:56] CPU Usage:0 % 3132 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 3156 | [Owner : | Parent : 836(services.exe) | ?????] - (.Micro-Star INT'L CO., LTD. - SuperRAIDSvc.) - (2.0.0.11) = C:\MSI\Smart Utilities\SuperRAIDSvc.exe [15/06/2015 15:33:50] CPU Usage:0 % 3176 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 3200 | [Owner : | Parent : 836(services.exe) | ?????] - (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) - (2.5.8.0) = C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [06/04/2016 05:06:04] CPU Usage:0 % 3324 | [Owner : | Parent : 836(services.exe) | ?????] - (.Nalpeiron Ltd. - This service enables products that use the Nalpeiron Licensing System.) - (6.3.8.0) = C:\Windows\SysWOW64\nlssrv32.exe [22/09/2011 17:30:58] CPU Usage:0 % 3340 | [Owner : | Parent : 836(services.exe) | ?????] - (.Micro-Star INT'L CO., LTD. - MSI Register Service.) - (1.0.0.4) = C:\MSI\MSIRegister\MSIRegisterService.exe [12/12/2016 10:54:20] CPU Usage:0 % 3352 | [Owner : | Parent : 836(services.exe) | ?????] - (.Micro-Star Int'l Co., Ltd. - MSI RAMDisk Service.) - (1.0.0.18) = C:\Program Files (x86)\MSI\RAMDisk\MSI_RAMDisk_Service.exe [14/08/2016 14:28:46] CPU Usage:0 % 3360 | [Owner : | Parent : 836(services.exe) | ?????] - (.MSI -.) - (3.0.0.7) = C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [12/12/2016 10:56:25] CPU Usage:0 % 3376 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Message Queuing Service.) - (5.0.1.1) = C:\Windows\System32\mqsvc.exe [16/07/2016 12:43:08] CPU Usage:0 % 3384 | [Owner : | Parent : 836(services.exe) | ?????] - (.MSI -.) - (3.0.0.10) = C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [12/12/2016 10:56:26] CPU Usage:0 % 3392 | [Owner : | Parent : 836(services.exe) | ?????] - (.MSI - Super Charger Service.) - (1.3.0.7) = C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [23/09/2016 16:29:06] CPU Usage:0 % 3404 | [Owner : | Parent : 836(services.exe) | ?????] - (.Malwarebytes - MBAM Service.) - (3.0.0.571) = C:\Program Files\Malwarebytes\Anti-Ransomware\MB3Service.exe [28/09/2016 08:52:57] CPU Usage:0 % 3492 | [Owner : | Parent : 836(services.exe) | ?????] - (.SafeNet Inc. - Sentinel LDK License Manager Service.) - (17.0.1.48248) = C:\Windows\System32\hasplms.exe [05/09/2015 15:44:44] CPU Usage:0 % 3500 | [Owner : | Parent : 836(services.exe) | ?????] - (.Evoluent - EvoDriverUpdateService.) - (5.5.0.0) = C:\Program Files (x86)\Evoluent\Evoluent Mouse Manager\EvoDriverUpdateService.exe [21/10/2014 18:38:20] CPU Usage:0 % 3508 | [Owner : | Parent : 836(services.exe) | ?????] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [19/05/2015 08:11:04] CPU Usage:0 % 3520 | [Owner : | Parent : 836(services.exe) | ?????] - (.Apple Inc. - Bonjour Service.) - (3.1.0.1) = C:\Program Files\Bonjour\mDNSResponder.exe [12/08/2015 16:03:42] CPU Usage:0 % 3088 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 3916 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - SMSvcHost.exe.) - (4.6.1586.0) = C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [16/07/2016 12:43:55] CPU Usage:0 % 4992 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - SMSvcHost.exe.) - (4.6.1586.0) = C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [16/07/2016 12:43:55] CPU Usage:0 % 5940 | [Owner : | Parent : 1484(nvwmi64.exe) | ?????] - (.NVIDIA Corporation - NVIDIA WMI Provider.) - (2.29.0.0) = C:\Windows\System32\nvwmi64.exe [15/06/2015 17:22:18] CPU Usage:0 % 5956 | [Owner : Patrick | Parent : 1060(svchost.exe) | 19.67 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.14393.0) = C:\Windows\System32\sihost.exe [16/07/2016 12:42:09] CPU Usage:0 % 5964 | [Owner : Patrick | Parent : 836(services.exe) | 32.64 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 6036 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.8763) = C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe [14/09/2016 11:57:10] CPU Usage:0 % 4084 | [Owner : Patrick | Parent : 1060(svchost.exe) | 18.05 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.14393.0) = C:\Windows\System32\taskhostw.exe [16/07/2016 12:42:36] CPU Usage:0 % 6088 | [Owner : Patrick | Parent : 944(svchost.exe) | 48.49 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.14393.0) = C:\Windows\System32\RuntimeBroker.exe [16/07/2016 12:42:05] CPU Usage:0 % 5704 | [Owner : Patrick | Parent : 3544() | 134.97 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.14393.479) = C:\Windows\explorer.exe [10/12/2016 06:38:42] CPU Usage:0 % 5824 | [Owner : Patrick | Parent : 3448() | 13.16 Mo] - (.Intel Corporation - igfxEM Module.) - (6.15.10.4531) = C:\Windows\System32\igfxEM.exe [04/06/2016 18:42:45] CPU Usage:0 % 6736 | [Owner : Patrick | Parent : 944(svchost.exe) | 61.32 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.14393.447) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [09/11/2016 17:05:20] CPU Usage:0 % 6880 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.14393.206) = C:\Windows\System32\SearchIndexer.exe [30/09/2016 07:12:08] CPU Usage:0 % 7064 | [Owner : Patrick | Parent : 944(svchost.exe) | 91.38 Mo] - (.Microsoft Corporation - Search and Cortana application.) - (10.0.14393.693) = C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [11/01/2017 09:46:54] CPU Usage:0 % 5036 | [Owner : Patrick | Parent : 944(svchost.exe) | 56.37 Mo] - (.Microsoft Corporation - Background Task Host.) - (10.0.14393.0) = C:\Windows\System32\backgroundTaskHost.exe [16/07/2016 12:42:09] CPU Usage:0 % 7328 | [Owner : | Parent : 1348(svchost.exe) | ?????] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (10.0.14393.0) = C:\Windows\System32\audiodg.exe [16/07/2016 12:42:22] CPU Usage:0 % 7820 | [Owner : Patrick | Parent : 1060(svchost.exe) | 11.48 Mo] - (.2BrightSparks Pte. Ltd. - SyncBackFree.) - (7.6.50.0) = C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [16/06/2015 17:57:12] CPU Usage:0 % 8064 | [Owner : Patrick | Parent : 944(svchost.exe) | 12.79 Mo] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.14393.594) = C:\Windows\System32\SettingSyncHost.exe [11/01/2017 09:46:58] CPU Usage:0 % 7512 | [Owner : Patrick | Parent : 4764() | 9 Mo] - (.-.) - (6.14.10.14803) = C:\Program Files\NVIDIA Corporation\nview\nviewMain64.exe [13/05/2016 05:48:11] CPU Usage:0 % 7084 | [Owner : Patrick | Parent : 7512(nviewMain64.exe) | 5.3 Mo] - (.-.) - (6.14.10.14803) = C:\Program Files\NVIDIA Corporation\nview\nviewMain.exe [13/05/2016 05:48:11] CPU Usage:0 % 7844 | [Owner : Patrick | Parent : 5704(explorer.exe) | 12.92 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.580.0) = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [27/08/2016 09:08:13] CPU Usage:0 % 7280 | [Owner : Patrick | Parent : 5704(explorer.exe) | 40.16 Mo] - (.Malwarebytes - Malwarebytes Anti-Ransomware.) - (1.0.0.196) = C:\Program Files\Malwarebytes\Anti-Ransomware\mbarw.exe [04/06/2016 07:16:05] CPU Usage:0 % 7792 | [Owner : Patrick | Parent : 5704(explorer.exe) | 81.09 Mo] - (.Google Inc. - Google Chrome.) - (56.0.2924.87) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [15/06/2015 15:07:45] CPU Usage:0 % 7720 | [Owner : Patrick | Parent : 7792(chrome.exe) | 8.15 Mo] - (.Google Inc. - Google Chrome.) - (56.0.2924.87) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [15/06/2015 15:07:45] CPU Usage:0 % 7716 | [Owner : Patrick | Parent : 7792(chrome.exe) | 10.85 Mo] - (.Google Inc. - Google Chrome.) - (56.0.2924.87) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [15/06/2015 15:07:45] CPU Usage:0 % 7612 | [Owner : Patrick | Parent : 7792(chrome.exe) | 67.08 Mo] - (.Google Inc. - Google Chrome.) - (56.0.2924.87) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [15/06/2015 15:07:45] CPU Usage:0 % 8032 | [Owner : Patrick | Parent : 7792(chrome.exe) | 75.01 Mo] - (.Google Inc. - Google Chrome.) - (56.0.2924.87) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [15/06/2015 15:07:45] CPU Usage:0 % 4212 | [Owner : Patrick | Parent : 7792(chrome.exe) | 78.99 Mo] - (.Google Inc. - Google Chrome.) - (56.0.2924.87) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [15/06/2015 15:07:45] CPU Usage:0 % 6772 | [Owner : Patrick | Parent : 7792(chrome.exe) | 72.64 Mo] - (.Google Inc. - Google Chrome.) - (56.0.2924.87) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [15/06/2015 15:07:45] CPU Usage:0 % 5828 | [Owner : Patrick | Parent : 7792(chrome.exe) | 68.63 Mo] - (.Google Inc. - Google Chrome.) - (56.0.2924.87) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [15/06/2015 15:07:45] CPU Usage:0 % 7560 | [Owner : Patrick | Parent : 8164() | 8.89 Mo] - (.Renesas Electronics Corporation - USB 3.0 Monitor.) - (3.0.8.0) = C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [20/09/2011 08:17:44] CPU Usage:0 % 6744 | [Owner : Patrick | Parent : 8164() | 46.42 Mo] - (.AVAST Software - avast! Antivirus.) - (12.3.3154.23) = C:\Program Files\AVAST Software\Avast\avastui.exe [15/11/2016 12:20:56] CPU Usage:0 % 7992 | [Owner : Patrick | Parent : 8164() | 9.86 Mo] - (.ArcSoft Inc. - ArcSoft Connect Daemon.) - (1.1.0.35) = C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [07/01/2017 19:31:03] CPU Usage:0 % 7544 | [Owner : Patrick | Parent : 944(svchost.exe) | 12.45 Mo] - (.Microsoft Corporation - Reminders WinRT OOP Server.) - (10.0.14393.693) = C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe [11/01/2017 09:46:54] CPU Usage:0 % 1036 | [Owner : Patrick | Parent : 6744(avastui.exe) | 8.5 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.14393.0) = C:\Windows\SysWOW64\ctfmon.exe [16/07/2016 12:43:04] CPU Usage:0 % 3608 | [Owner : Patrick | Parent : 5704(explorer.exe) | 34.57 Mo] - (.SosVirus - QuickDiag.) - (31.1.17.1) = E:\Téléchargements\QuickDiag.exe [05/02/2017 16:45:43] CPU Usage:0 % 7680 | [Owner : | Parent : 836(services.exe) | ?????] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (11.0.0.1158) = C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [10/07/2015 22:40:08] CPU Usage:0 % 1592 | [Owner : | Parent : 836(services.exe) | ?????] - (.Intel Corporation - Intel(R) Local Management Service.) - (11.0.0.1158) = C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [10/07/2015 22:38:00] CPU Usage:0 % 4444 | [Owner : | Parent : 836(services.exe) | ?????] - (.Intel(R) Corporation - XtuService.) - (6.0.2.102) = C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [06/10/2015 08:51:56] CPU Usage:0 % 3128 | [Owner : | Parent : 836(services.exe) | ?????] - (.Intel Corporation - Intel(R) Integrated Clock Controller Service - Intel(R) ICCS.) - (1.0.0.1) = C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [15/06/2015 15:31:20] CPU Usage:0 % 7980 | [Owner : Patrick | Parent : 944(svchost.exe) | 51.75 Mo] - (.Microsoft Corporation - Background Task Host.) - (10.0.14393.0) = C:\Windows\System32\backgroundTaskHost.exe [16/07/2016 12:42:09] CPU Usage:0 % 4000 | [Owner : | Parent : 836(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 980 | [Owner : Patrick | Parent : 944(svchost.exe) | 15.35 Mo] - (.Microsoft Corporation - Background Task Host.) - (10.0.14393.0) = C:\Windows\System32\backgroundTaskHost.exe [16/07/2016 12:42:09] CPU Usage:0 % 8364 | [Owner : Patrick | Parent : 944(svchost.exe) | 27.77 Mo] - (.Microsoft Corporation - Background Task Host.) - (10.0.14393.0) = C:\Windows\System32\backgroundTaskHost.exe [16/07/2016 12:42:09] CPU Usage:0 % ---------- | MD5 [MD5.4E10FB1A015B49AC68F76C1A3F4D9C0F] - [10/12/2016 06:38:42] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4563.77 Ko] - (10.0.14393.479) : C:\WINDOWS\Explorer.exe [MD5.F4F684066175B77E0C3A000549D2922C] - [16/07/2016 12:42:36] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [227.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\cmd.exe [MD5.77DBC745D957B4F0404ABABC10696784] - [16/07/2016 12:42:27] - (.© Microsoft Corporation. Tous droits réservés. - Processus d’exécution client-serveur.) - [17.72 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\csrss.exe [MD5.DA63852A2B0340E94D74EAF0CD444979] - [16/07/2016 12:42:27] - (.© Microsoft Corporation. - COM Surrogate.) - [20.84 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\dllhost.exe [MD5.6955067712F2F4752CA12192B08EF860] - [16/07/2016 12:42:16] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [683.48 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Kernel32.dll [MD5.6F8E95716C1A27FF2FE96D30B147F1C1] - [14/09/2016 12:01:07] - (.© Microsoft Corporation. - Local Security Authority Process.) - [56.05 Ko] - (10.0.14393.187) : C:\WINDOWS\System32\lsass.exe [MD5.7BD259FC59CF9C2AE1B979564B374CC6] - [16/07/2016 12:42:27] - (.© Microsoft Corporation. - Distributed COM Services.) - [867.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\rpcss.dll [MD5.C7645D43451C6D94D87F4D07BDE59C89] - [16/07/2016 12:42:42] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [68 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\rundll32.exe [MD5.3C69CC28665854F1AAB4B4005005FA31] - [10/12/2016 06:39:03] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [443.94 Ko] - (10.0.14393.479) : C:\WINDOWS\System32\services.exe [MD5.36F670D89040709013F6A460176767EC] - [16/07/2016 12:42:27] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [43.45 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\svchost.exe [MD5.C46EA86BF0E7C96235E9064CBAD6ED26] - [15/12/2016 02:17:23] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l’API uilisateur de Windows multi-utilisateurs.) - [1426.95 Ko] - (10.0.14393.576) : C:\WINDOWS\System32\user32.dll [MD5.C1B1FFC800BE2F31EB2CF8CB40629C69] - [16/07/2016 12:42:27] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Userinit.) - [32.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\userinit.exe [MD5.99A19C9A74E2F9820E501DCE77F84F70] - [16/07/2016 12:42:27] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [297.11 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Wininit.exe [MD5.917F081E2AB667C44F7D96DE1D16DFAE] - [11/01/2017 09:47:13] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Windows.) - [658 Ko] - (10.0.14393.594) : C:\WINDOWS\System32\Winlogon.exe [MD5.323AA1953ED9C01E23F740FA891FE064] - [30/10/2016 16:48:03] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de fonction connexe pour WinSock.) - [570.34 Ko] - (10.0.14393.351) : C:\WINDOWS\System32\Drivers\afd.sys [MD5.A10F989A812B57B9695F6C305907C9C6] - [16/07/2016 12:41:53] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [27.84 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\atapi.sys [MD5.65DEB05FC234BFF207379F06F0754402] - [16/07/2016 12:41:53] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [187.34 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\ataport.sys [MD5.F8FB51B9EF6372610E9B31A1D86B62FC] - [16/07/2016 12:42:35] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [90 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\cdfs.sys [MD5.613D0137C269187FA298A157E3D14A18] - [16/07/2016 12:41:53] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [169 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\cdrom.sys [MD5.0D1D392ED2597F295956D058D33BD7C3] - [30/10/2016 16:47:23] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [141.5 Ko] - (10.0.14393.321) : C:\WINDOWS\System32\Drivers\dfsc.sys [MD5.10E3515FE5DBA6656FA62C29342EC4A1] - [16/07/2016 12:41:52] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [81.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\hdaudbus.sys [MD5.B54B30992620C97230013A74461C8517] - [16/07/2016 12:41:54] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [111.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\i8042prt.sys [MD5.F1DAECC3B3D6399875D4F10529D6A77C] - [16/07/2016 12:42:39] - (.© Microsoft Corporation. - IP Network Address Translator.) - [207.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\ipnat.sys [MD5.E671EDAB0726E05ECEF4058B4CD73C4D] - [14/09/2016 12:01:05] - (.© Microsoft Corporation. Tous droits réservés. - Minirdr SMB Windows NT.) - [439.84 Ko] - (10.0.14393.187) : C:\WINDOWS\System32\Drivers\mrxsmb.sys [MD5.D5564FC81350458ED570528C4E3B1CCF] - [30/10/2016 16:47:42] - (.© Microsoft Corporation. Tous droits réservés. - NDIS (Network Driver Interface Specification).) - [1153.84 Ko] - (10.0.14393.321) : C:\WINDOWS\System32\Drivers\ndis.sys [MD5.6FEBB0A847FFD5F057B9AC8889F1B9A7] - [16/07/2016 12:42:35] - (.© Microsoft Corporation. - MBT Transport driver.) - [272.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\netbt.sys [MD5.DB69C6DA8B3DDFDC547D455CA23A8250] - [09/11/2016 17:04:59] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [2202.84 Ko] - (10.0.14393.447) : C:\WINDOWS\System32\Drivers\ntfs.sys [MD5.6B81BF7853D161DB8AC62CD8B9C2DE6B] - [16/07/2016 12:41:53] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [94.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\parport.sys [MD5.17E565710172ED71B8531D8822E1C5D1] - [16/07/2016 12:42:39] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [102.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\rasl2tp.sys [MD5.7135785C21CA79D270D11037C43D3F19] - [16/07/2016 12:44:03] - (.© Microsoft Corporation. Tous droits réservés. - Redirecteur de périphérique de Microsoft RDP.) - [173 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\rdpdr.sys [MD5.4F25E481124059CC593B4C68BC485640] - [30/10/2016 16:47:57] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [2478.34 Ko] - (10.0.14393.351) : C:\WINDOWS\System32\Drivers\tcpip.sys [MD5.9D2DD64A0B51C56285512DC9454340F6] - [16/07/2016 12:42:27] - (.© Microsoft Corporation. - TDI Translation Driver.) - [115.34 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\tdx.sys [MD5.BF2546583BB75F01DDA60A7921DFB230] - [16/07/2016 12:42:35] - (.© Microsoft Corporation. - Volume Shadow Copy driver.) - [382.34 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\volsnap.sys ---------- | Locked Applications ---------- | Explorer.exe component call (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\WINDOWS\SYSTEM32\CoreUIComponents.dll (.SQLite Development Team.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.12.2.0) -- C:\WINDOWS\System32\winsqlite3.dll (.NVIDIA Corporation.-.NVIDIA D3D10 Driver, Version 376.33.) - (21.21.13.7633) -- C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispwi.inf_amd64_47a89e157843d28c\nvwgf2umx.dll (.Apple Inc..-.Bonjour Namespace Provider.) - (3.1.0.1) -- C:\Program Files\Bonjour\mdnsNSP.dll (.Google.-.Google Drive shell extension.) - (1.32.4066.7445) -- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (..-.Core Sync.) - (2.3.0.197) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll (..-..) - (6.14.10.14803) -- C:\Program Files\NVIDIA Corporation\nview\nViewH64.dll (.NVIDIA Corporation.-.NVIDIA NVAPI Library, Version 376.33.) - (21.21.13.7633) -- C:\WINDOWS\system32\nvapi64.dll (.Malwarebytes.-.Malwarebytes Anti-Malware.) - (3.1.1.0) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll (.Alexander Roshal.-.WinRAR shell extension.) - (5.40.0.0) -- C:\Program Files\WinRAR\rarext.dll (.Google.-.Google Drive shell extension.) - (1.32.4066.7445) -- C:\Program Files (x86)\Google\Drive\contextmenu64.dll (.AVAST Software.-.avast! Shell Extension.) - (12.3.3154.0) -- C:\Program Files\AVAST Software\Avast\ashShA64.dll (.NVIDIA Corporation.-.NVIDIA Shell Extensions.) - (8.17.13.7633) -- C:\WINDOWS\system32\nv3dappshext.dll ---------- | Svchost.exe component call (Microsoft Files Whitelisted) (.Apple Inc..-.Bonjour Namespace Provider.) - (3.1.0.1) -- C:\Program Files\Bonjour\mdnsNSP.dll (.SQLite Development Team.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.12.2.0) -- C:\WINDOWS\System32\winsqlite3.dll (.Hewlett-Packard.-.Hewlett-Packard WIA 2.0 scanner driver.) - (28.0.64.0) -- C:\WINDOWS\system32\HPWia2_PS6520.dll (.Hewlett-Packard Co..-.HPScanTRDrv Module.) - (28.0.944.0) -- C:\WINDOWS\system32\HPScanTRDrv_PS6520.dll ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU CCleaner Monitoring - ("C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [HKU\S-1-5-21-893078023-2179327528-203563115-1000\SOFTWARE\...\Run]) - User: PATRICK-PC\Patrick DAEMON Tools Lite Automount - ("C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun [HKU\S-1-5-21-893078023-2179327528-203563115-1000\SOFTWARE\...\Run]) - User: PATRICK-PC\Patrick OneDrive - ("C:\Users\Patrick\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [HKU\S-1-5-21-893078023-2179327528-203563115-1000\SOFTWARE\...\Run]) - User: PATRICK-PC\Patrick GoogleChromeAutoLaunch_133FC10A42EC311A0885C7B36F719938 - ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [HKU\S-1-5-21-893078023-2179327528-203563115-1000\SOFTWARE\...\Run]) - User: PATRICK-PC\Patrick Dell Display Manager - (C:\PROGRA~2\Dell\DELLDI~1\ddm.exe [Common Startup]) - User: Public Evoluent Mouse Manager - (C:\Windows\INSTAL~1\{933B0~1\_F419C~1.EXE NO_START_SYSTRAY [Common Startup]) - User: Public NETGEAR WNA3100M Genie - (C:\PROGRA~2\NETGEAR\WNA3100M\WNA3100M.exe [Common Startup]) - User: Public XRGamma - (C:\PROGRA~2\Dell\DELLUL~1\XRGamma.exe [Common Startup]) - User: Public RTHDVCPL - ("C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s [HKLM\SOFTWARE\...\Run]) - User: Public AdobeAAMUpdater-1.0 - ("C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [HKLM\SOFTWARE\...\Run]) - User: Public Malwarebytes Anti-Ransomware - ("C:\Program Files\Malwarebytes\Anti-Ransomware\mbarw.exe"--starttray [HKLM\SOFTWARE\...\Run]) - User: Public [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR "DAEMON Tools Lite Automount"="C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun "OneDrive"="C:\Users\Patrick\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background "GoogleChromeAutoLaunch_133FC10A42EC311A0885C7B36F719938"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Patrick\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"=C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Patrick\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64" "Uninstall C:\Users\Patrick\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_2\amd64"=C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Patrick\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_2\amd64" [HKU\S-1-5-21-893078023-2179327528-203563115-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "CCleaner Monitoring"=0x0300000077CBEC9590B3D101 "DAEMON Tools Lite Automount"=0x030000005786687F90B3D101 "OneDrive"=0x03000000050C307590B3D101 "RESTART_STICKY_NOTES"=0x0300000067DAA88A90B3D101 "Sidebar"=0x020000000000000000000000 "GoogleChromeAutoLaunch_133FC10A42EC311A0885C7B36F719938"=0x020000000000000000000000 [HKU\S-1-5-21-893078023-2179327528-203563115-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU] "a"=cmd\1 "MRUList"=ba "b"=winver\1 [HKU\S-1-5-21-893078023-2179327528-203563115-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "!Do not use this registry key"=Use the SHGetFolderPath or SHGetKnownFolderPath function instead "AppData"=C:\Users\Patrick\AppData\Roaming [14/09/2016 11:05:32] "Local AppData"=C:\Users\Patrick\AppData\Local [14/09/2016 11:05:32] "{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}"=C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Libraries [15/06/2015 15:57:13] "My Video"=C:\Users\Patrick\Videos [15/06/2015 15:57:04] "My Pictures"=C:\Users\Patrick\Pictures [15/06/2015 15:57:04] "Desktop"=C:\Users\Patrick\Desktop [15/06/2015 15:57:04] "History"=C:\Users\Patrick\AppData\Local\Microsoft\Windows\History [15/06/2015 15:57:04] "NetHood"=C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Network Shortcuts [14/09/2016 11:05:32] "{56784854-C6CB-462B-8169-88E350ACB882}"=C:\Users\Patrick\Contacts [15/06/2015 15:57:07] "{00BCFC5A-ED94-4E48-96A1-3F6217F21990}"=C:\Users\Patrick\AppData\Local\Microsoft\Windows\RoamingTiles [10/05/2016 14:29:53] "Cookies"=C:\Users\Patrick\AppData\Local\Microsoft\Windows\INetCookies [15/06/2015 15:57:04] "Favorites"=C:\Users\Patrick\Favorites [15/06/2015 15:57:04] "SendTo"=C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\SendTo [14/09/2016 11:05:32] "Start Menu"=C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu [14/09/2016 11:05:32] "My Music"=E:\Ma musique [14/07/2014 06:50:08] "Programs"=C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [14/09/2016 11:05:32] "Recent"=C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Recent [15/06/2015 15:57:04] "CD Burning"=C:\Users\Patrick\AppData\Local\Microsoft\Windows\Burn\Burn [14/09/2016 11:14:20] "PrintHood"=C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Printer Shortcuts [14/09/2016 11:05:32] "{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}"=C:\Users\Patrick\Searches [15/06/2015 15:57:13] "{374DE290-123F-4565-9164-39C4925E467B}"=E:\Téléchargements [14/07/2014 07:37:31] "{A520A1A4-1780-4FF6-BD18-167343C5AF16}"=C:\Users\Patrick\AppData\LocalLow [15/06/2015 15:57:04] "Startup"=C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [15/06/2015 15:57:13] "Administrative Tools"=C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [15/06/2015 15:57:13] "Personal"=E:\Mes documents [14/07/2014 06:27:07] "{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}"=C:\Users\Patrick\Links [15/06/2015 15:57:04] "Cache"=C:\Users\Patrick\AppData\Local\Microsoft\Windows\INetCache [14/09/2016 11:05:32] "Templates"=C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Templates [14/09/2016 11:05:32] "{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}"=C:\Users\Patrick\Saved Games [15/06/2015 15:57:04] "Fonts"=C:\WINDOWS\Fonts [16/07/2016 12:47:48] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "AppData"=%USERPROFILE%\AppData\Roaming "Desktop"=%USERPROFILE%\Desktop "Favorites"=%USERPROFILE%\Favorites "History"=%USERPROFILE%\AppData\Local\Microsoft\Windows\History "Local AppData"=%USERPROFILE%\AppData\Local "My Pictures"=%USERPROFILE%\Pictures "My Video"=%USERPROFILE%\Videos "NetHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Network Shortcuts "PrintHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Printer Shortcuts "Programs"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs "Recent"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Recent "SendTo"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\SendTo "Start Menu"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu "Startup"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup "Templates"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Templates "{374DE290-123F-4565-9164-39C4925E467B}"=E:\Téléchargements [14/07/2014 07:37:31] "{339719B5-8C47-4894-94C2-D8F77ADD44A6}"=C:\Users\Patrick\OneDrive\Images [02/06/2016 14:55:58] "Cache"=%USERPROFILE%\AppData\Local\Microsoft\Windows\INetCache "Cookies"=C:\Users\Patrick\AppData\Local\Microsoft\Windows\INetCookies [15/06/2015 15:57:04] "My Music"=E:\Ma musique [14/07/2014 06:50:08] "Personal"=E:\Mes documents [14/07/2014 06:27:07] "{F42EE2D3-909F-4907-8871-4C22FC0BF756}"=E:\Mes documents [14/07/2014 06:27:07] "{A0C69A99-21C8-4671-8703-7934162FCF1D}"=E:\Ma musique [14/07/2014 06:50:08] "{7D83EE9B-2244-4E70-B1F5-5393042AF1E4}"=E:\Téléchargements [14/07/2014 07:37:31] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "Device"=HP Photosmart 6520 series,winspool,Ne02: "IsMRUEstablished"=1 "LegacyDefaultPrinterMode"=1 [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "Malwarebytes Anti-Ransomware"="C:\Program Files\Malwarebytes\Anti-Ransomware\mbarw.exe"--starttray [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "RTHDVCPL"=0x060000000000000000000000 "AdobeAAMUpdater-1.0"=0x03000000ADA0956041E0D101 "ISCT Tray"=0x020000000000000000000000 "nwiz"=0x020000000000000000000000 "iTunesHelper"=0x020000000000000000000000 "Malwarebytes Anti-Ransomware"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32] "AdobeCS6ServiceManager"=0x020000000000000000000000 "AvastUI.exe"=0x020000000000000000000000 "USB3MON"=0x020000000000000000000000 "SunJavaUpdateSched"=0x0300000083D50B7B90B3D101 "KeePass 2 PreLoad"=0x03000000D3C4F14841E0D101 "Live Update"=0x030000009545816941E0D101 "Command Center"=0x0300000021B7B48D90B3D101 "Super Charger"=0x03000000CF45BE6F90B3D101 "SwitchBoard"=0x020000000000000000000000 "RUSB3MON"=0x020000000000000000000000 "Adobe Creative Cloud"=0x03000000F464CE3341E0D101 "ArcSoft Connection Service"=0x020000000000000000000000 "MSIRegister"=0x020000000000000000000000 "TrayServer"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [16/07/2016 12:47:48] "Common AppData"=C:\ProgramData [16/07/2016 12:47:48] "Common Desktop"=C:\Users\Public\Desktop [14/07/2009 04:20:08] "Common Documents"=C:\Users\Public\Documents [14/07/2009 04:20:08] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [16/07/2016 12:47:48] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [16/07/2016 12:47:48] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [16/07/2016 12:47:48] "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [14/07/2009 04:20:08] "CommonMusic"=C:\Users\Public\Music [14/07/2009 04:20:08] "CommonPictures"=C:\Users\Public\Pictures [14/07/2009 04:20:08] "CommonVideo"=C:\Users\Public\Videos [14/07/2009 04:20:08] "OEM Links"=C:\ProgramData\OEM\Links [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common AppData"=%ProgramData% "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common Templates"=%ProgramData%\Microsoft\Windows\Templates "CommonMusic"=%PUBLIC%\Music "CommonPictures"=%PUBLIC%\Pictures "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 "Win32kLastWriteTime"=1D255C50DCC143C [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "RUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui "KeePass 2 PreLoad"="C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload "Adobe Creative Cloud"="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true "Super Charger"=C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [23/09/2016 16:29:06] "Live Update"=C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER "MSIRegister"="C:\MSI\MSIRegister\MSIRegister.exe" "Command Center"=C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [12/12/2016 10:56:25] "TrayServer"=C:\Program Files (x86)\MAGIX\Video_deluxe_2008_PLUS\TrayServer.exe [06/01/2017 17:40:30] "ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [07/01/2017 19:31:03] "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [16/07/2016 12:47:48] "Common AppData"=C:\ProgramData [16/07/2016 12:47:48] "Common Desktop"=C:\Users\Public\Desktop [14/07/2009 04:20:08] "Common Documents"=C:\Users\Public\Documents [14/07/2009 04:20:08] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [16/07/2016 12:47:48] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [16/07/2016 12:47:48] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [16/07/2016 12:47:48] "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [14/07/2009 04:20:08] "CommonMusic"=C:\Users\Public\Music [14/07/2009 04:20:08] "CommonPictures"=C:\Users\Public\Pictures [14/07/2009 04:20:08] "CommonVideo"=C:\Users\Public\Videos [14/07/2009 04:20:08] "OEM Links"=C:\ProgramData\OEM\Links [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common AppData"=%ProgramData% "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common Templates"=%ProgramData%\Microsoft\Windows\Templates "CommonMusic"=%PUBLIC%\Music "CommonPictures"=%PUBLIC%\Pictures "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Win.ini : ---------- | System.ini : ---------- | Startings up registry ¦ Folder [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring] : "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Command Center] : C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [12/12/2016 10:56:25] [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite Automount] : "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Fast Boot] : C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [15/06/2015 15:31:11] [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update] : C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [30/05/2013 13:50:10] [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KeePass 2 PreLoad] : "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Live Update] : C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] : "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Super Charger] : C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [23/09/2016 16:29:06] [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe] : "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" ---------- | Other keys [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Terminal Server] "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "DeleteTempDirsOnExit"=1 "fDenyTSConnections"=1 "fSingleSessionPerUser"=1 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "ProductVersion"=5.1 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "StartRCM"=0 "TSUserEnabled"=0 "InstanceID"=8a166041-8641-4c0a-96ed-b99fc05 "GlassSessionId"=1 [HKLM\System\CurrentControlSet\Control\Session Manager] "AutoChkTimeout"=8 "BootExecute"=autocheck autochk * "BootShell"=%SystemRoot%\system32\bootim.exe "CriticalSectionTimeout"=2592000 "ExcludeFromKnownDlls"= "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "InitConsoleFlags"=0 "NumberOfInitialSessions"=2 "ObjectDirectories"=\Windows \RPC Control "ProcessorControl"=2 "ProtectionMode"=1 "ResourceTimeoutCount"=648000 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager "SETUPEXECUTE"= "PendingFileRenameOperations"=\??\C:\Program Files\AVAST Software\Avast\setup\Reboot.txt \??\C:\Program Files\AVAST Software\Avast\setup\Reboot.txt \??\C:\Program Files\AVAST Software\Avast\setup\Reboot.txt \??\C:\Program Files\AVAST Software\Avast\setup \??\C:\Program Files\AVAST Software\Avast \??\C:\Program Files\AVAST Software \??\C:\Program Files \??\C:\WINDOWS\SysWOW64 [HKLM\System\CurrentControlSet\Control] "BootDriverFlags"=28 "CurrentUser"=USERNAME "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM AppIdSvc "PreshutdownOrder"=UsoSvc gpsvc trustedinstaller "WaitToKillServiceTimeout"=200 "SystemStartOptions"= NOEXECUTE=OPTIN "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(2) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1) "LastBootSucceeded"=1 "LastBootShutdown"=1 "DirtyShutdownCount"=5 [HKLM\System\CurrentControlSet\Control\lsa] "auditbasedirectories"=0 "auditbaseobjects"=0 "Bounds"=0x0030000000200000 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "NoLmHash"=1 "Notification Packages"=scecli "Authentication Packages"=msv1_0 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "LimitBlankPasswordUse"=0 "LsaPid"=844 "ProductType"=3 "restrictanonymous"=0 "restrictanonymoussam"=1 "SamConnectedAccountsExist"=1 "SecureBoot"=1 "Security Packages"=kerberos msv1_0 schannel wdigest tspkg pku2u livessp ---------- | .LNK c:\programdata\microsoft\windows\start menu\programs\magix\magix goya burnr\services et support\inscription en ligne.lnk - Encrypted: False - Target: C:\Program Files (x86)\MAGIX\Goya_burnR\explore.exe - Args: (hxxp://www.magix.com/user/register/product_registration/login_screen.php3?VARPROGRAM=Goya_burnR&VARCHARGE=1.3.1.2&VARREGISTER=onlineregister&VARLAND=F) - Hidden: False - Status: OK c:\programdata\microsoft\windows\start menu\programs\magix\magix music manager 2007\commande\upgrade en ligne vers magix mp3 maker 12.lnk - Encrypted: False - Target: C:\Program Files (x86)\MAGIX\Music_Manager_2007\explore.exe - Args: (hxxp://www.magix.com/upgrade/mp3maker/clc/fr/index_upgrade_fr.html) - Hidden: False - Status: OK c:\programdata\microsoft\windows\start menu\programs\magix\magix music manager 2007\services et support\inscription en ligne.lnk - Encrypted: False - Target: C:\Program Files (x86)\MAGIX\Music_Manager_2007\explore.exe - Args: (hxxp://www.magix.com/user/register/product_registration/login_screen.php3?VARPROGRAM=music_manager_2007&VARCHARGE=8.1.1.102&VARREGISTER=onlineregister&VARLAND=F) - Hidden: False - Status: OK c:\programdata\microsoft\windows\start menu\programs\magix\magix photo manager 2007\services et support\inscription en ligne.lnk - Encrypted: False - Target: C:\Program Files (x86)\MAGIX\Photo_Manager_2007\explore.exe - Args: (hxxp://www.magix.com/user/register/product_registration/login_screen.php3?VARPROGRAM=Foto_Manager_2007&VARCHARGE=4.2.0.85&VARREGISTER=onlineregister&VARLAND=F) - Hidden: False - Status: OK c:\programdata\microsoft\windows\start menu\programs\magix\magix video deluxe 2008 plus\services et support\inscription en ligne.lnk - Encrypted: False - Target: C:\Program Files (x86)\MAGIX\Video_deluxe_2008_PLUS\explore.exe - Args: (hxxp://www.magix.com/user/register/product_registration/login_screen.php3?VARPROGRAM=Videodeluxe0708_plus&VARCHARGE=7.0.2.3&VARREGISTER=onlineregister&VARLAND=F) - Hidden: False - Status: OK c:\programdata\microsoft\windows\start menu\programs\magix\magix xtreme photo designer 6\services et support\inscription en ligne.lnk - Encrypted: False - Target: C:\Program Files (x86)\MAGIX\Xtreme_Foto_Designer_6\explore.exe - Args: (hxxp://www.magix.com/user/register/product_registration/login_screen.php3?VARPROGRAM=Xtreme_Foto_Designer_6&VARCHARGE=6.0.20.0&VARREGISTER=onlineregister&VARLAND=F) - Hidden: False - Status: OK c:\programdata\microsoft\windows\start menu\programs\magix\mufin musicfinder base\services et support\inscription en ligne.lnk - Encrypted: False - Target: C:\Program Files (x86)\MAGIX\Mufin MusicFinder\explore.exe - Args: (hxxp://www.magix.com/user/register/product_registration/login_screen.php3?VARPROGRAM=Sonos_e-version_trial&VARCHARGE=1.5.3.249&VARREGISTER=onlineregister&VARLAND=F) - Hidden: False - Status: OK ---------- | AppCertDlls ---------- | Dnsapi.dll C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Control Panel\Desktop] "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=0 "LeftOverlapChars"=3 "MenuShowDelay"=400 "MouseWheelRouting"=2 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallPaper"= "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WindowArrangementActive"=1 "ScreenSaveActive"=1 "WheelScrollLines"=1 "UserPreferencesMask"=0xDF3E078012000000 "LogPixels"=120 "Win8DpiScaling"=0 "DpiScalingVer"=4096 "MaxVirtualDesktopDimension"=6400 "MaxMonitorDimension"=2560 "TranscodedImageCount"=2 "LastUpdated"=4294967295 "TranscodedImageCache"=0x7AC30100BEBE0400000A0000400600006E4D603A57DFD10143003A005C00570049004E0044004F00570053005C007700650062005C00770061006C006C00700061007000650072005C00570069006E0064006F00770073005C0069006D00670030002E006A007000670000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "PreferredUILanguages"=fr-FR "LockScreenAutoLockActive"=0 "AutoColorization"=0 "ImageColor"=3305111551 "ScreenSaverIsSecure"=0 "ScreenSaveTimeOut"=240 "ActiveWndTrkTimeout"=0 "SCRNSAVE.EXE"=C:\WINDOWS\system32\Bubbles.scr [16/07/2016 12:43:51] "LowLevelHooksTimeout"=5000 "WaitToKillAppTimeout"=200 [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=0 "{0E270DAA-1BE6-48F2-AC49-7DC61EEACE02}"=1 "{018D5C66-4533-4307-9B53-224DE2ED1FE6}"=1 [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Microsoft\Windows\CurrentVersion\Explorer] "ShellState"=0x240000003B28000000000000000000000000000001000000130000000000000062000000 "IconUnderline"=3 "ExplorerStartupTraceRecorded"=1 "UserSignedIn"=1 "SIDUpdatedOnLibraries"=1 "LocalKnownFoldersMigrated"=1 "TelemetrySalt"=3 "GlobalAssocChangedCounter"=201 "FirstRunTelemetryComplete"=1 "AppReadinessLogonComplete"=1 "SlowContextMenuEntries"=0x6078A409B011A54DAFA526D86198A7806C15000060B81DB4E464D2119906E49FADC173CA822100006024B221EA3A6910A2DC08002B30309D1B06000005F7542848354C41A11393E27C808C854B2500005D40F1B1A1949246B72FFC8CAF8B870054140000 "Browse For Folder Width"=386 "Browse For Folder Height"=466 "link"=0x15000000 [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=1 "ShowCompColor"=1 "HideFileExt"=0 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "SuperHidden"=1 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StartMenuInit"=13 "ShowSuperHidden"=0 "TaskbarSizeMove"=0 "DisablePreviewDesktop"=0 "TaskbarSmallIcons"=0 "TaskbarGlomLevel"=0 "HideDrivesWithNoMedia"=1 ""=0 "ShowStatusBar"=1 "StoreAppsOnTaskbar"=1 "EnableStartMenu"=1 "ReindexedProfile"=1 "NavPaneShowAllFolders"=0 "NavPaneExpandToCurrentFolder"=0 "ShowTaskViewButton"=1 "MMTaskbarEnabled"=1 "MMTaskbarMode"=0 "MMTaskbarGlomLevel"=0 "DontUsePowerShellOnWinX"=1 "VirtualDesktopTaskbarFilter"=1 "VirtualDesktopAltTabFilter"=1 "TaskbarStateLastRun"=0x88DE8E5800000000 "LaunchTo"=1 [HKLM\Software\Policies\Microsoft\Windows\System] "EnableSmartScreen"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "undockwithoutlogon"=1 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "SoftwareSASGeneration"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "SmartScreenEnabled"=Off "GlobalAssocChangedCounter"=20 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\System] "EnableSmartScreen"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "undockwithoutlogon"=1 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "SoftwareSASGeneration"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=64 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders "BuildNumber"=14393 "FirstLogon"=0 "PUUActive"=0xD477515A070000002D00C4003F620700249A0C00006F1C00D10000002C003400B0654F5598992000B8310D007A3E0800C7C004007767000000000000D2C00C0070420000AD03000010FBA3B0C87FD20121292300000000000100000000000000 "ParseAutoexec"=1 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "DisableBackButton"=1 "EnableSIHostIntegration"=1 "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "ReportBootOk"=1 "Shell"=explorer.exe "ShellCritical"=0 "ShellInfrastructure"=sihost.exe "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "VMApplet"=SystemPropertiesPerformance.exe /pagefile "WinStationsDisabled"=0 "LastLogOffEndTimePerfCounter"=7415568499 "ShutdownFlags"=2147483687 "Userinit"=C:\Windows\system32\userinit.exe, "scremoveoption"=0 "DisableCad"=1 "AutoAdminLogon"=1 "DefaultDomainName"=PATRICK-PC "DefaultUserName"=Patrick "ShutdownWithoutLogon"=0 "EnableFirstLogonAnimation"=1 "AutoLogonSID"=S-1-5-21-893078023-2179327528-203563115-1000 "LastUsedUsername"=Patrick [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultDomainName"= "DefaultUserName"= "EnableSIHostIntegration"=1 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell"=explorer.exe "ShellCritical"=0 "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "Userinit"=C:\WINDOWS\system32\userinit.exe, "allocatecdroms"=0 ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\WOW6432Node\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [16/07/2016 12:43:06] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\Clients\StartMenuInternet\SafeZoneStable\Shell\open\Command] ""="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" [HKLM\Software\Clients\StartMenuInternet\SafeZoneStable\InstallInfo] "ReinstallCommand"="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" --makedefaultbrowser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [16/07/2016 12:43:06] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\SafeZoneStable\Shell\open\Command] ""="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\SafeZoneStable\InstallInfo] "ReinstallCommand"="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" --makedefaultbrowser ---------- | AppcompatFlags [HKU\S-1-5-21-893078023-2179327528-203563115-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "SIGN.MEDIA=3B31588 DVDSetup.exe"=1 "C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe"=33 "C:\Program Files (x86)\Realtek\NICDRV_8169\RTINSTALLER64.EXE"=1 "E:\a_photos applications\Adobe\lr\lr5\Lightroom_5_LS11_win_5_7.exe"=1 "SIGN.MEDIA=9DB85 SETUP.EXE"=1 "E:\a_photos applications\Adobe\Adobe CS6\Adobe Photoshop CS6 13.0 Extended-ALBAN212\Adobe CS6\Set-up.exe"=1 "E:\a_photos applications\autopano\Kolor AutoPano Giga v3.0 (64bit) Multilingual with Key [TorDigger]\AutopanoGiga_x64_350_2014-04-01.exe"=1 "E:\a_photos applications\DXO\DxO_OpticsPro10_Setup.exe"=1 "SIGN.MEDIA=27BC1F28 Installer\ColorMunki_Photo_Setup.exe"=1 "C:\Program Files (x86)\TomTom HOME 2\TomTomHOME.exe"=1 "SIGN.MEDIA=2AA25 CDBrowse.exe"=1 "SIGN.MEDIA=E9583BE Dell UltraSharp Calibration Solution Setup 1.5.3.exe"=1 "SIGN.MEDIA=121D7 CDBROWSE.EXE"=1 "SIGN.MEDIA=1E91EA Install.exe"=1 "SIGN.MEDIA=16D565A0 Installer\Setup.exe"=1 "E:\Mes documents\Pc Patrick\achat juin 2015\NETGEAR\wna3100m\Setup-V1.2.0.4.exe"=1 "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DECore\Setup.exe"=1 "C:\Program Files\photomoinscher 5.1\Mon Univers Photomoinscher 5.1\UNIVERS PHOTO CEWE Leclerc.exe"=512 "E:\a_photos applications\pte\PicturesToExe Deluxe 7.0.7\picturestoexe-setup.exe"=1 "SIGN.MEDIA=23050A InstallNavi.exe"=1 "E:\a_photos applications\Nik_software_collection_complete\nikcollection-full-1.2.11.exe"=1 "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\Adobe Application Manager (Updater).exe"=1 [HKU\S-1-5-21-893078023-2179327528-203563115-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe"=0x534143500100000000000000070000002800000000C46D000000000001000000000000000000000A6120000033504C2B57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000002B0B3506000000002500000025000000 "C:\Program Files\HP\HP Photosmart 6520 series\Bin\HP Photosmart 6520 series.exe"=0x534143500100000000000000070000002800000068B45200BEEF520001000000000000000000010673020000D5B3B31A57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000062289607000000003C0000003C000000 "E:\Mes documents\Maryse\spyder\SpiderSolitaire.exe"=0x534143500100000000000000070000002800000000340D0097D60D0001000000000000000000010673000000EDA4DCB1B3BAD001000000000000000005000000100000000000000000000000000002062000000002000000A00000000000020620000060000000000000000000000000000000003F0000000000000001000000010000000000000020000060000000000000000000000000000000001F000000000000000300000000000000000000000000004000000000000000000000000000000000200000000000000002000000000000000000000000000000000000000000000000000000000000002F000000000000000600000000000000 "E:\Mes documents\Maryse\spyder\Win7GamesForWin10-Setup.exe"=0x5341435001000000000000000700000028000000AE8EB40A0000000001000000000000000000000A002100006A920CE5B7BAD0010000000000000000020000002800000000000000000000400000000000000000000000000000000025AB0000000000000100000001000000 "C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe"=0x534143500100000000000000070000002800000050950B007D930C0001000000000000000000000A712200006A920CE5B7BAD0010000000000000000020000002800000000000000000000000000000000000000000000000000000060F79E00000000000B0000000B000000 "C:\Program Files\AVAST Software\Avast\avastui.exe"=0x534143500100000000000000070000002800000080EC7000C287710001000000000000000000000A002100006A920CE5B7BAD0010000000000000000020000002800000000000000000000400000000000000000000000000000000092046803000000000200000002000000 "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe"=0x534143500100000000000000070000002800000078CE19004EA81A0001000000000000000000000A712200006A920CE5B7BAD00100000000000000000200000028000000000000000000000000000000000000000000000000000000062E0000000000000200000002000000 "C:\Program Files (x86)\Google\Drive\googledrivesync.exe"=0x534143500100000000000000070000002800000088576601A8B96601010000000000000000000106710200006A920CE5B7BAD00100000000000000000200000028000000000000000000000000000000000000000000000000000000DFFC0000000000000100000001000000 "C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE"=0x534143500100000000000000070000002800000068FF2A00AF122B00010000000000000000000306002100006A920CE5B7BAD00100000000000000000200000028000000000000000000000000000000000000000000000000000000E9311800000000000100000001000000 "C:\Program Files (x86)\Evoluent\Evoluent Mouse Manager\EvoMouseExec.exe"=0x5341435001000000000000000700000028000000003C03000D200400010000000000000000000306710200006A920CE5B7BAD001000000000000000002000000280000000000000000000000000000000000000000000000000000006224AE00000000000100000001000000 "C:\MSI\Smart Utilities\SuperRAID.exe"=0x5341435001000000000000000700000028000000D0D91900C32C1A0001000000000000000000000AF122000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000029710000000000000700000007000000 "SIGN.MEDIA=2314D0 [www.Cpasbien.pe] Microsoft Office Professional Plus 2013 VL Edition x86 x64 FR\Office 2013 64 bit\setup.exe"=0x5341435001000000000000000700000028000000884603004F9D03000100000000000000000001060001000059193B14E312D101000000000000000002000000280000000000000000000040000200000000000000000000000000002F850300000000000400000004000000 "SIGN.MEDIA=481A113 [www.Cpasbien.pe] Microsoft Office Professional Plus 2013 VL Edition x86 x64 FR\MicrosoftToolkit.exe"=0x534143500100000000000000070000002800000000D44002000000000100000000000000000002068001000019B4C529E312D10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000181D0100000000000700000007000000 "C:\Program Files (x86)\TomTom HOME 2\TomTomHOME.exe"=0x5341435001000000000000000700000028000000609B01002D59020001000000000000000000000A712000006A920CE5B7BAD001000000000000000002000000280000000000000000000000000000000000000000000000000000004C070C01000000000200000002000000 "C:\Users\Patrick\Desktop\DiskInfoX64.exe"=0x53414350010000000000000007000000280000007868350012D6350001000000000000000000000A00210000D5B3B31A57DFD101000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000000CEB0000000000000300000003000000 "C:\Program Files\Windows Mail\wab.exe"=0x534143500100000000000000070000002800000000E60700736B080001000000010000000000000A73220000EDA4DCB1B3BAD0010000000000000000 "C:\Program Files (x86)\Dell\Dell UltraSharp Calibration Solution\Dell UltraSharp Calibration Solution.exe"=0x534143500100000000000000070000002800000000DCE3018A89E40101000000000000000000000A7122000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000032027701000000000B0000000B000000 "SIGN.MEDIA=72EA1 AUTORUN.EXE"=0x534143500100000000000000070000002800000000F20100000000000100000000000000000001054120000019B4C529E312D1010000000000000000020000002800000000000000800000000044000000000000000000000000000061020000000000000100000001000000 "E:\applic compressées\microsoft\office 2016\Office.2016.pro.plus.x64.VL.Fr.20.05.2016\setup.exe"=0x5341435001000000000000000700000028000000C000040022CD040001000000000000000000000A0021000059193B14E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000010BA0500000000000100000001000000 "E:\applic compressées\microsoft\office 2013\[www.Cpasbien.pe] Microsoft Office Professional Plus 2013 VL Edition x86 x64 FR\MicrosoftToolkit.exe"=0x534143500100000000000000070000002800000000D44002000000000100000000000000000002068001000019B4C529E312D10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000271B0700000000000400000004000000 "E:\Téléchargements\URBrowser.exe"=0x5341435001000000000000000700000028000000382D15008F2A160001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000FFD20000000000000100000001000000 "C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe"=0x5341435001000000000000000700000028000000C0EC06006DFE06000100000000000000000003060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000C0C92001000000000100000001000000 "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe"=0x5341435001000000000000000700000028000000C05224000F95240001000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000005D000000000000000300000003000000 "C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe"=0x5341435001000000000000000700000028000000B020A70063DBA70001000000000000000000000A7120000033504C2B57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000008998C500000000000400000004000000 "E:\a_photos applications\Nik_software_collection_complete\nikcollection-full-1.2.11.exe"=0x5341435001000000000000000700000028000000708DD31AA694D31A0100000000000000000001060001000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000067100400000000000100000001000000 "E:\applic compressées\microsoft\office 2013\[www.Cpasbien.pe] Microsoft Office Professional Plus 2013 VL Edition x86 x64 FR\Office 2013 64 bit\setup.exe"=0x5341435001000000000000000700000028000000884603004F9D03000100000000000000000001060001000059193B14E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000187B0400000000000200000002000000 "E:\applic compressées\microsoft\office 2016\KMSpico v10.0.102040 Beta-P2P\KMSpico_setup.exe"=0x5341435001000000000000000700000028000000D8042E00D09D2E000100000000000000000003060001000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000077710000000000000200000002000000 "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\DECore\Setup.exe"=0x5341435001000000000000000700000028000000B0EE0A006D9A0B0001000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000005B0C0500000000000100000001000000 "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe"=0x5341435001000000000000000700000028000000C01702001B81020001000000000000000000000A6122000033504C2B57DFD10100000000000000000200000028000000000000000000001000000000000000000000000000000000446E3600000000001200000012000000 "E:\Téléchargements\MediaCreationTool.exe"=0x5341435001000000000000000700000028000000687C1901F08C190101000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000000F413500000000000100000001000000 "E:\Téléchargements\InstallMyDriveConnect.exe"=0x534143500100000000000000070000002800000068FACE017376CF010100000000000000000001060001000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000024840000000000000100000001000000 "C:\Users\Patrick\AppData\Local\TomTom\HOME3\Updates\InstallMyDriveConnect_4_1_1_2797.exe"=0x534143500100000000000000070000002800000048353D02A51C3E020100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000D5BA0000000000000100000001000000 "C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe"=0x534143500100000000000000070000002800000020F31F00323B200001000000000000000000000A7122000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000001D8E402000000000800000008000000 "C:\Program Files\Windows Defender\MSASCui.exe"=0x534143500100000000000000070000002800000000541400449F140001000000010000000000000A0021000059193B14E312D1010000000000000000 "C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe"=0x5341435001000000000000000700000028000000C0320B0093360B0001000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000D0C5E102000000000400000004000000 "E:\Mes documents\Pc Patrick\w10\clé usb de sauvegarde\utilitaire de criptage sur clé usb\SanDiskSecureAccessV2_win.exe"=0x5341435001000000000000000700000028000000F89B7600985C77000100000000000000000003067120000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000001E220000000000000100000001000000 "E:\Téléchargements\cryptainer-le_11-7-0_fr_52476.exe"=0x53414350010000000000000007000000280000007013E3013BCDE3010100000000000000000003060001000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000896D0800000000000100000001000000 "E:\Téléchargements\encryptonclick_2-0-3-0_en_54520.exe"=0x534143500100000000000000070000002800000050E22300AE6C240001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000C2164601000000000100000001000000 "C:\Program Files (x86)\MSI\RAMDisk\MSI_RAMDisk.exe"=0x5341435001000000000000000700000028000000D05323000780230001000000000000000000000A8021000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000040A60400000000000300000003000000 "C:\Program Files (x86)\2BrightSparks\EncryptOnClick\EncryptOnClick.exe"=0x534143500100000000000000070000002800000038CA51003B4C520001000000000000000000000A7122000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000009772BA00000000000600000006000000 "C:\Program Files (x86)\MSI\Command Center\CC_LoadingPage.exe"=0x534143500100000000000000070000002800000060381400A184140001000000000000000000000AF122000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000000FFD0300000000000100000001000000 "C:\Program Files\WinRAR\Uninstall.exe"=0x5341435001000000000000000700000028000000909D03007089040001000000000000000000000A0021000059193B14E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000006E000000000000000100000001000000 "SIGN.MEDIA=2597E Start.exe"=0x534143500100000000000000070000002800000078300200B00303000100000000000000000001067122000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000080031600000000000100000001000000 "E:\Téléchargements\Windows10Upgrader.exe"=0x5341435001000000000000000700000028000000508D5700997F580001000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000074621E01000000000100000001000000 "C:\Program Files\WinRAR\WinRAR.exe"=0x534143500100000000000000070000002800000090AD17008E13180001000000000000000000000A00210000D5B3B31A57DFD10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000DC595D03000000000B0000000B000000 "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe"=0x5341435001000000000000000700000028000000E0759700E487970001000000000000000000000A7122000033504C2B57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000037377100000000000600000006000000 "C:\ProgramData\Malwarebytes\MBAMService\instlrupdate\MBARW_Setup.exe"=0x53414350010000000000000007000000280000004030420259B642020100000000000000000002060001000033504C2B57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000007D136302000000000100000001000000 "C:\Program Files (x86)\Route Generator\routegen.exe"=0x534143500100000000000000070000002800000000280500122C050001000000000000000000000A7122000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000FBD20B00000000000400000004000000 "E:\Téléchargements\TreeSizeFreeSetup(1).exe"=0x534143500100000000000000070000002800000000FD5A006C8A5B0001000000000000000000000A0021000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000080720000000000000100000001000000 "C:\Program Files (x86)\JAM Software\TreeSize Free\TreeSizeFree.exe"=0x5341435001000000000000000700000028000000087E3D0059313E0001000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000255A2100000000000300000003000000 "E:\Téléchargements\eCarteBleue_LBP.exe"=0x534143500100000000000000070000002800000040C422006F10230001000000000000000000000A0021000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000059470000000000000100000001000000 "C:\Program Files (x86)\e-Carte Bleue\La Banque Postale\eCarteBleue_LBP.exe"=0x5341435001000000000000000700000028000000F8420700CED8070001000000000000000000000AF5220000D5B3B31A57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000007B1BD302000000000C0000000C000000 "E:\Téléchargements\SyncBack_Setup.exe"=0x5341435001000000000000000700000028000000C015E1007D14E20001000000000000000000000A0021000033504C2B57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000008F390000000000000100000001000000 "C:\Program Files\photomoinscher 5.1\Mon Univers Photomoinscher 5.1\UNIVERS PHOTO CEWE Leclerc.exe"=0x534143500100000000000000070000002800000000F260008F54610001000000000000000000000A73220000D5B3B31A57DFD10100000000000000000200000028000000000000004000002000000000000000000000000000000000DABF5902000000001800000018000000 "C:\Program Files\photomoinscher 5.1\Mon Univers Photomoinscher 5.1\Galerie photo CEWE.exe"=0x534143500100000000000000070000002800000000BA0200D092030001000000000000000000000A73220000D5B3B31A57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000008D070100000000000100000001000000 "C:\Program Files\photomoinscher 5.1\Mon Univers Photomoinscher 5.1\IMPORTATEUR PHOTOS CEWE.exe"=0x534143500100000000000000070000002800000000BA02001A27030001000000000000000000000A73220000D5B3B31A57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000072140000000000000100000001000000 "C:\Program Files (x86)\WnSoft PicturesToExe\7.0\Main\PicturesToExe.exe"=0x5341435001000000000000000700000028000000A0EA1F00E93B20000100000000000000000001066120000033504C2B57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000002B62FC00000000000B0000000B000000 "C:\Program Files\Internet Explorer\iexplore.exe"=0x5341435001000000000000000700000028000000C0960C005DE50C0001000000010000000000000A00210000D5B3B31A57DFD1010000000000000000 "C:\Program Files (x86)\Windows Media Player\wmplayer.exe"=0x5341435001000000000000000700000028000000008C02001930030001000000010000000000000A7122000033504C2B57DFD1010000000000000000 "E:\Téléchargements\PMHOME_5300DL.exe"=0x5341435001000000000000000700000028000000C018FA008675FA0001000000000000000000000A7122000033504C2B57DFD1010000000000000000020000002800000000000000800100400000000000000000000000000000000047B43900000000000200000002000000 "C:\Users\Patrick\Videos\toscane.exe"=0x5341435001000000000000000700000028000000283D9B160000000001000000000000000000000A6120000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000068510E00000000001100000011000000 "E:\Téléchargements\PMCADownloader(1).msi"=0x534143500100000000000000070000002800000000E40000F2B301000100000000000000000001050010000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000F0070000000000000100000001000000 "E:\Téléchargements\PMCADownloader(2).msi"=0x534143500100000000000000070000002800000000E40000F2B301000100000000000000000001050010000033504C2B57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000005C220000000000000100000001000000 "E:\Téléchargements\PMCADownloader(4).msi"=0x534143500100000000000000070000002800000000E40000F2B301000100000000000000000001050010000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000792D0000000000000100000001000000 "E:\Téléchargements\PMCADownloader (2).msi"=0x534143500100000000000000070000002800000000FE00009EC4010001000000000000000000010500100000D5B3B31A57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000AD1F0000000000000100000001000000 "E:\Mes vidéos\japon\japon7.exe"=0x5341435001000000000000000700000028000000CAA5CE150000000001000000000000000000000A6120000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000036B00000000000000100000001000000 "SIGN.MEDIA=349B4F90 start.exe"=0x5341435001000000000000000700000028000000E0030100726D01000100000000000000000000067102000033504C2B57DFD1010000000000000000 "SIGN.MEDIA=349B4F90 setup.exe"=0x5341435001000000000000000700000028000000A8264D1A15474D1A0100000000000000000000067122000033504C2B57DFD10100000000000000000200000028000000000000000000001000000000000000000000000000000000475D4100000000000100000001000000 "SIGN.MEDIA=AA2EFA3B toscane2.exe"=0x534143500100000000000000070000002800000000B12B160000000001000000000000000000000A6120000033504C2B57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000003E700000000000000100000001000000 "C:\Program Files\Adobe\Adobe Lightroom\lightroom.exe"=0x534143500100000000000000070000002800000060041401C7B9140101000000000000000000000A00210000D5B3B31A57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000190F0403000000001B0000001B000000 "SIGN.MEDIA=4FA0C4 VGB100.exe"=0x534143500100000000000000070000002800000000F02700000000000100000000000000000000067102000033504C2B57DFD101000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000005C701400000000000600000006000000 "SIGN.MEDIA=2F945620 setup.exe"=0x534143500100000000000000070000002800000070AACA170A1BCB170100000000000000000000067122000033504C2B57DFD101000000000000000002000000280000000000000000000010000000000000000000000000000000008F110B00000000000100000001000000 "C:\Program Files (x86)\MAGIX\Video_deluxe_2008_PLUS\Videodeluxe.exe"=0x53414350010000000000000007000000280000000030D500000000000100000000000000000000067122000033504C2B57DFD1010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000000000000000000000000000000000031633100000000001000000010000000 "C:\Program Files (x86)\MAGIX\Photo_Manager_2007\FotoMaker.exe"=0x5341435001000000000000000700000028000000AC099800000000000100000000000000000000067122000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000EEFC0000000000000100000001000000 "C:\Program Files (x86)\ArcSoft\TotalMedia ShowBiz\TMShowBiz.exe"=0x534143500100000000000000070000002800000078B10300AF9B04000100000000000000000002067122000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000E1A4A000000000000600000006000000 "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe"=0x534143500100000000000000070000002800000000C22B000E522C0001000000000000000000000AF5220000D5B3B31A57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000001F570703000000002300000023000000 "E:\Téléchargements\376.33-quadro-grid-desktop-notebook-win10-64bit-international-whql.exe"=0x534143500100000000000000070000002800000000DB5D10B1EC5D100100000000000000000002060001000033504C2B57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000005BCA0200000000000100000001000000 "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"=0x5341435001000000000000000700000028000000D8B41100C199120001000000000000000000000A7122000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000049010000000000001500000015000000 "C:\Program Files\Adobe\Adobe Photoshop CC 2017\Photoshop.exe"=0x534143500100000000000000070000002800000068801E0A4E9A1E0A01000000000000000000000A00210000D5B3B31A57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000002F9E0C02000000001400000014000000 "E:\Téléchargements\SyncBack_Setup (1).exe"=0x5341435001000000000000000700000028000000782DE200D400E30001000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000AA370000000000000100000001000000 "C:\Program Files (x86)\MAGIX\Music_Manager_2007\MP3Maker.exe"=0x53414350010000000000000007000000280000002C0BB000000000000100000000000000000000067122000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000F8590000000000000100000001000000 "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"=0x534143500100000000000000070000002800000050602100420822000100000000000000000001060001000033504C2B57DFD10100000000000000000200000028000000000000000000001000000000000000000000000000000000D220D401000000002500000025000000 "E:\Téléchargements\MyPhoneExplorer_Setup_v1.8.8.exe"=0x5341435001000000000000000700000028000000B85C8100A05382000100000000000000000001060001000033504C2B57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000004BBC0000000000000100000001000000 "C:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe"=0x5341435001000000000000000700000028000000786B57003D7A570001000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000BD750000000000000100000001000000 "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"=0x5341435001000000000000000700000028000000C8E50700867C080001000000000000000000000A0021000033504C2B57DFD1010000000100000000 "E:\Téléchargements\GoogleEarthSetup.exe"=0x5341435001000000000000000700000028000000A04110008862100001000000000000000000000A0021000033504C2B57DFD1010000008000000000020000002800000000000000000000000000000000000000000000000000000021B60000000000000100000001000000 "C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe"=0x5341435001000000000000000700000028000000F84503000911040001000000000000000000000A7122000033504C2B57DFD10100000000000000000200000028000000000000000000001000000000000000000000000000000000A7F02800000000000100000001000000 "C:\Users\Patrick\AppData\Local\Temp\TeamViewer\TeamViewer.exe"=0x534143500100000000000000070000002800000098EC4402E69D450201000000000000000000000A0021000033504C2B57DFD1010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000015517500000000000100000001000000 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"=0x534143500100000000000000070000002800000058091100AB98110001000000000000000000000A00210000D5B3B31A57DFD1010000000100000000 "C:\Users\Patrick\AppData\Local\Microsoft\OneDrive\OneDrive.exe"=0x5341435001000000000000000700000028000000C0A809002F0F0A0001000000000000000000000A0021000033504C2B57DFD1010000000100000000 "C:\Users\Patrick\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"=0x5341435001000000000000000700000028000000D84A3801F9DF380101000000000000000000000A0021000033504C2B57DFD1010000000100000000 "C:\Users\Patrick\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000D87E030025C1030001000000000000000000000A0021000033504C2B57DFD1010000000100000000 "C:\Program Files (x86)\CDBurnerXP\cdbxpp.exe"=0x534143500100000000000000070000002800000070B41A0079001B0001000000000000000000000A8021000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000E1D43C00000000000200000002000000 "E:\Téléchargements\CrystalDiskInfo7_0_5\DiskInfo64.exe"=0x5341435001000000000000000700000028000000B08B3C00EE4C3D0001000000000000000000000A00210000D5B3B31A57DFD10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000B2751600000000000100000001000000 "E:\Mes documents\Pc Patrick\w10 bugs mise en veille et autre\FixWin10\FixWin 10.0.1.0\FixWin 10.exe"=0x5341435001000000000000000700000028000000005C04000000000001000000000000000000000AF5220000D5B3B31A57DFD10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000D35F4F00000000000100000001000000 "E:\Téléchargements\ZHPDiag3.exe"=0x534143500100000000000000070000002800000000962800B26729000100000000000000000003060001000033504C2B57DFD10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000F5783200000000000300000003000000 "C:\Program Files\Malwarebytes\Anti-Ransomware\mbarw.exe"=0x5341435001000000000000000700000028000000D0070B0086140B0001000000000000000000000A73220000D5B3B31A57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000EA000000000000000400000004000000 "C:\Windows10Upgrade\Windows10UpgraderApp.exe"=0x5341435001000000000000000700000028000000C8DA1200E86A130001000000000000000000000A7122000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000D05D0000000000000100000001000000 "C:\Program Files (x86)\old MAGIX\Mufin MusicFinder\Sonos.exe"=0x53414350010000000000000007000000280000001CFA9E00000000000100000000000000000000067122000033504C2B57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000001E220000000000000100000001000000 "E:\Téléchargements\Thunderbird Setup 45.7.0.exe"=0x5341435001000000000000000700000028000000A0E91902C5781A020100000000000000000001060001000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000596B4900000000000100000001000000 "E:\Téléchargements\ccsetup526(1).exe"=0x5341435001000000000000000700000028000000B07B8600BFAE86000100000000000000000001060001000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000016740A00000000000100000001000000 "C:\Program Files\Windows NT\Accessories\wordpad.exe"=0x534143500100000000000000070000002800000000AC44007880450001000000010000000000000A73220000D5B3B31A57DFD1010000000000000000 "C:\Users\Patrick\AppData\Roaming\ZHP\ZHPDiag3.exe"=0x534143500100000000000000070000002800000000962800B26729000100000000000000000003060001000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000C5E10000000000000100000001000000 "C:\Users\Patrick\ZHPDiag3.exe"=0x534143500100000000000000070000002800000000982800FE4829000100000000000000000003060001000033504C2B57DFD10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000FE200800000000000200000002000000 "C:\Program Files\CCleaner\CCleaner64.exe"=0x5341435001000000000000000700000028000000D8CA8D008BF18D0001000000000000000000000A00210000D5B3B31A57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000077010000000000000200000002000000 "C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe"=0x5341435001000000000000000700000028000000C87F07001120080001000000000000000000000A0021000033504C2B57DFD1010000000000000000 "E:\Téléchargements\QuickDiag.exe"=0x5341435001000000000000000700000028000000A8212500CE01260001000000000000000000000A0021000033504C2B57DFD1010000000000000000 [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe"=32 ---------- | IFEO ---------- | Mountpoints2 ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=131183215610646955 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe "DisableAntiSpyware"=1 "ProductType"=2 "ManagedDefenderProductType"=0 "ProductStatus"=0 "InstallTime"=0xDF7853B9BFAAD101 "DisableAntiVirus"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] ---------- | Winsock (Whitelist) ---------- | Hosts ---------- | Ping Envoi d'une requ?te 'ping' sur google.fr [66.102.1.94] avec 32 octets de donn?es?: R?ponse de 66.102.1.94?: octets=32 temps=18 ms TTL=46 R?ponse de 66.102.1.94?: octets=32 temps=18 ms TTL=46 R?ponse de 66.102.1.94?: octets=32 temps=18 ms TTL=46 R?ponse de 66.102.1.94?: octets=32 temps=18 ms TTL=46 Statistiques Ping pour 66.102.1.94: Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%), Dur?e approximative des boucles en millisecondes : Minimum = 18ms, Maximum = 18ms, Moyenne = 18ms ---------- | @ [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "Display Inline Images"=yes "Do404Search"=0x01000000 "Save_Session_History_On_Exit"=no "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "UseClearType"=no "XMLHTTP"=1 "Cache_Update_Frequency"=Once_Per_Session "Local Page"=C:\Windows\system32\blank.htm "NoUpdateCheck"=1 "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=https://fr.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset "OperationalData"=12 "ImageStoreRandomFolder"=fglg5f3 "CompatibilityFlags"=0 "FullScreen"=no "Window_Placement"=0x2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF460000004600000016080000AB040000 "IE10RunOnceLastShown"=1 "IE10RunOnceLastShown_TIMESTAMP"=0xEC79A1453D42D201 "IE10TourShown"=1 "IE10TourShownTime"=0x1AE5EF47690ED201 "DoNotTrack"=0 "IE10RunOncePerInstallCompleted"=1 "IE10RunOnceCompletionTime"=0xA7B8A1CED742D101 "DownloadWindowPlacement"=0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ApplicationTileImmersiveActivation"=0 "AssociationActivationMode"=2 "EdgeSwitchingOSBuildNumber"=10586.th2_release_sec.160422-1850 [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings] "DisableCachingOfSSLPages"=0 "IE5_UA_Backup_Flag"=5.0 "SecureProtocols"=2688 "CertificateRevocation"=1 "PrivacyAdvanced"=0 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "EmailName"=User@ "PrivDiscUiShown"=1 "EnableHttp1_1"=1 "WarnOnIntranet"=1 "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "AutoConfigProxy"=wininet.dll "UseSchannelDirectly"=0x01000000 "WarnOnPost"=0x01000000 "UrlEncoding"=0 "ZonesSecurityUpgrade"=0x1AE5EF47690ED201 "WarnonZoneCrossing"=0 "ProxyOverride"=*.local [HKLM\Software\Microsoft\Internet Explorer\Main] "Anchor_Visitation_Horizon"=0x01000000 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "DisableRandomFlighting"=0 "EnableLegacyEdgeSwitching"=1 [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "Anchor_Visitation_Horizon"=0x01000000 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\SysWOW64\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | Execution FileExts ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ GoogleDriveBlacklisted] - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} -- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [30/11/2016 16:59:34] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ GoogleDriveSynced] - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} -- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [30/11/2016 16:59:34] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ GoogleDriveSyncing] - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} -- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [30/11/2016 16:59:34] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco1] - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [25/10/2016 09:57:12] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco2] - {853B7E05-C47D-4985-909A-D0DC5C6D7303} -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [25/10/2016 09:57:12] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco3] - {42D38F2E-98E9-4382-B546-E24E4D6D04BB} -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [25/10/2016 09:57:12] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast] - {472083B0-C522-11CF-8763-00608CC02F24} -- C:\Program Files\AVAST Software\Avast\ashShA64.dll [09/09/2016 15:12:44] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- C:\Windows\System32\EhStorShell.dll [16/07/2016 12:42:17] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\HubicBackupRootOverlayHandler] - {2DF0C6DB-1E85-4894-9D4F-63CB0EAB17EA} -- mscoree.dll [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\HubicPublishedItemOverlayHandler] - {7C76B697-27DF-4CFF-9909-863905561298} -- mscoree.dll [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\HubicSyncItemOverlayHandler] - {9B497753-D273-4A80-9DE8-72248D7FA595} -- mscoree.dll [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\HubicUnsyncItemOverlayHandler] - {D5454A6E-0904-4BA3-9E4A-240A5080259D} -- mscoree.dll [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- ---------- | Toolbar [HKU\S-1-5-21-893078023-2179327528-203563115-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 [HKU\S-1-5-21-893078023-2179327528-203563115-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={6A1806CD-94D4-4689-BA73-E35EA1EA9990} "DefaultPackCorrection"=1 "DefaultPackNTCorrection"=1 "KnownProvidersUpgradeTime"=0xEE64E3E1BCAAD101 "Version"=5 "UpgradeTime"=0xEE64E3E1BCAAD101 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=0x00 [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={6A1806CD-94D4-4689-BA73-E35EA1EA9990} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar] "{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=0x00 [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={6A1806CD-94D4-4689-BA73-E35EA1EA9990} ---------- | Extensions ---------- | SearchScopes [HKU\S-1-5-21-893078023-2179327528-203563115-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 : [HKU\S-1-5-21-893078023-2179327528-203563115-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}] - (Google) - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 : [HKU\S-1-5-21-893078023-2179327528-203563115-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B63F347E-0062-4C59-B0B4-BC78EE0AF5F3}] - (Yahoo Search) - https://fr.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}] - (Google) - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}] - (Google) - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 : ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [05/02/2017 15:56:53] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] -> (Google Toolbar Helper) : C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [15/06/2015 15:07:50] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [05/02/2017 15:56:53] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [05/02/2017 15:56:53] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] -> (Google Toolbar Helper) : C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [15/06/2015 15:07:50] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [05/02/2017 15:56:53] ---------- | Chrome [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\daanglpcpkjjlkhcbladppjphglbigam] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\eedgghdcpmmmilkmfpnklknlenbiolec] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki] ---------- | Opera ---------- | Firefox [HKLM\Software\mozilla\Firefox\Extensions] "wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF "jid1-r1tDuNiNb4SEww@jetpack"=C:\Program Files\AVAST Software\Avast\pam\FF "sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF [HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions] "wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF "sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF "jid1-r1tDuNiNb4SEww@jetpack"=C:\Program Files\AVAST Software\Avast\pam\FF [HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 24.0.0.194 Plugin) : C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.121.2] - (Java™ Deployment Toolkit) : C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.121.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect] - () : C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [HKLM\Software\MozillaPlugins\wacom.com/WacomTabletPlugin] - () : C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 24.0.0.194 Plugin) : C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer] - (Adobe Shockwave Player) : C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68] - (Intel IPT WebApi plugin) : C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater] - (This plugin updates Intel WebAPI component) : C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.121.2] - (Java™ Deployment Toolkit) : C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.121.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVision] - (NVIDIA stereo images plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] - (NVIDIA 3D Vision Streaming plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.2] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.3] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\Adobe Reader] - (Handles PDFs in-place in Firefox) : C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [HKLM\Software\WOW6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect] - () : C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [HKLM\Software\WOW6432Node\MozillaPlugins\adobe.com/AdobeExManDetect] - () : C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [HKLM\Software\WOW6432Node\MozillaPlugins\Sony Corporation/PMCADownloader] - () : C:\ProgramData\Sony Corporation\PMCADownloader\1.2.0.13221\npPMCADownloader.dll [HKLM\Software\WOW6432Node\MozillaPlugins\Sony Corporation/PMCADownloaderHelper] - () : C:\ProgramData\Sony Corporation\PMCADownloader\1.2.0.13221\PMCADownloaderHelper.exe [HKLM\Software\WOW6432Node\MozillaPlugins\Sony Corporation/PMCADownloaderLib] - () : C:\ProgramData\Sony Corporation\PMCADownloader\1.2.0.13221\PMCADownloaderLib.dll [HKLM\Software\WOW6432Node\MozillaPlugins\wacom.com/WacomTabletPlugin] - () : C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{02b5c343-3f94-4c75-a7af-62fecdbbfacd}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{22df83af-fb04-4688-bf3e-4726cb0ccc07}] "DhcpNameServer"=192.168.42.129 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{3319b6aa-500a-4918-9a24-39f5d86375a7}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{02b5c343-3f94-4c75-a7af-62fecdbbfacd}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{22df83af-fb04-4688-bf3e-4726cb0ccc07}] "DhcpNameServer"=192.168.42.129 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{3319b6aa-500a-4918-9a24-39f5d86375a7}] "DhcpNameServer"=192.168.1.1 ---------- | Applications [HKLM\SOFTWARE\Classes\Applications\Galerie photo CEWE.exe] : "C:\Program Files\photomoinscher 5.1\Mon Univers Photomoinscher 5.1\Galerie photo CEWE.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\Classes\Applications\LaunchWinApp.exe] : "C:\Windows\system32\LaunchWinApp.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\MP3Maker.exe] : "C:\Program Files (x86)\MAGIX\Music_Manager_2007\MP3Maker.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\Photoshop.exe] : "C:\Program Files\Adobe\Adobe Photoshop CC 2017\Photoshop.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\SZBrowser.exe] : "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\UNIVERS PHOTO CEWE Leclerc.exe] : "C:\Program Files\photomoinscher 5.1\Mon Univers Photomoinscher 5.1\UNIVERS PHOTO CEWE Leclerc.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\Videodeluxe.exe] : "C:\Program Files (x86)\MAGIX\Video_deluxe_2008_PLUS\Videodeluxe.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\Classes\Applications\XPD.exe] : "C:\Program Files (x86)\MAGIX\Xtreme_Foto_Designer_6\XPD.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Galerie photo CEWE.exe] : "C:\Program Files\photomoinscher 5.1\Mon Univers Photomoinscher 5.1\Galerie photo CEWE.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\LaunchWinApp.exe] : "C:\Windows\system32\LaunchWinApp.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\MP3Maker.exe] : "C:\Program Files (x86)\MAGIX\Music_Manager_2007\MP3Maker.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Photoshop.exe] : "C:\Program Files\Adobe\Adobe Photoshop CC 2017\Photoshop.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\SZBrowser.exe] : "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\UNIVERS PHOTO CEWE Leclerc.exe] : "C:\Program Files\photomoinscher 5.1\Mon Univers Photomoinscher 5.1\UNIVERS PHOTO CEWE Leclerc.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Videodeluxe.exe] : "C:\Program Files (x86)\MAGIX\Video_deluxe_2008_PLUS\Videodeluxe.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\XPD.exe] : "C:\Program Files (x86)\MAGIX\Xtreme_Foto_Designer_6\XPD.exe" "%1" ---------- | SvcHost [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "bthaudiosvc"=BthHFSrv "DcomLaunch"=Power LSM BrokerInfrastructure PlugPlay DeviceInstall SystemEventsBroker DcomLaunch "defragsvc"=defragsvc "LocalServiceNetworkRestricted"=TimeBrokerSvc wscsvc LmHosts AppIDSvc homegroupprovider NgcCtnrSvc AJRouter icssvc wcmsvc eventlog AudioSrv RmSvc vmictimesync DHCP "RPCSS"=RpcEptMapper RpcSs "sdrsvc"=sdrsvc "utcsvc"=DiagTrack "WepHostSvcGroup"=WepHostSvc "LocalService"=nsi WdiServiceHost EventSystem RemoteRegistry SstpSvc netprofm lltdsvc fdphost bthserv PhoneSvc WebClient workfolderssvc w32time LicenseManager tzautoupdate FontCache CDPSvc WinHttpAutoProxySvc "LocalSystemNetworkRestricted"=HvHost WdiSystemHost ScDeviceEnum WiaRpc trkwks WUDFSvc hidserv dot3svc DsSvc WPDBusEnum fhsvc sysmain irmon EmbeddedMode DevQueryBroker svsvc Netman TabletInputService PcaSvc SmsRouter homegrouplistener vmicvss wlansvc NcbService UmRdpService AudioEndpointBuilder StorSvc DeviceAssociationService NgcSvc SensorService vmickvpexchange vmicshutdown vmicguestinterface vmicvmsession "netsvcs"=CertPropSvc SCPolicySvc lanmanserver gpsvc IKEEXT iphlpsvc seclogon AppInfo msiscsi EapHost schedule winmgmt browser SessionEnv wercplsupport shpamsvc Themes lfsvc DmEnrollmentSvc FastUserSwitchingCompatibility Ias Irmon Nla Ntmssvc NWCWorkstation Nwsapagent Rasauto Rasman Remoteaccess SENS Sharedaccess SRService Tapisrv Wmi WmdmPmSp wuauserv BITS ShellHWDetection LogonHours PCAudit helpsvc uploadmgr dmwappushservice WpnService XboxNetApiSvc DcpSvc RetailDemo BDESVC DsmSvc NcaSvc dosvc XblAuthManager UsoSvc ProfSvc UserManager XblGameSave wisvc wlidsvc NetSetupSvc "WerSvcGroup"=wersvc "WbioSvcGroup"=WbioSrvc "LocalServiceNoNetwork"=DPS PLA BFE NcdAutoSetup mpssvc WwanSvc CoreMessagingRegistrar "imgsvc"=StiSvc "termsvcs"=TermService "swprv"=swprv "smphost"=smphost "ICService"=vmicrdv vmicheartbeat "wsappx"=clipsvc AppXSvc "Camera"=FrameServer "LocalServicePeerNet"=PNRPSvc p2pimsvc p2psvc PnrpAutoReg "NetworkServiceAndNoImpersonation"=KtmRm "appmodel"=TileDataModelSvc WalletService StateRepository EntAppSvc "LocalServiceAndNoImpersonation"=SSDPSRV upnphost SCardSvr QWAVE fdrespub wcncsvc SensrSvc BthHFSrv "NetworkServiceNetworkRestricted"=PolicyAgent "AxInstSVGroup"=AxInstSV "AppReadiness"=AppReadiness "NetworkService"=CryptSvc WECSVC MapsBroker DHCP TermService Tapisrv lanmanworkstation WinRM DNSCache nlasvc "smbsvcs"=lanmanserver browser "UnistackSvcGroup"=UnistoreSvc UserDataSvc OneSyncSvc MessagingService WpnUserService PimIndexMaintenanceSvc CDPUserSvc "apphost"=apphostsvc w3logsvc "iissvcs"=w3svc was "print"=PrintNotify [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "netsvcs"=CertPropSvc SCPolicySvc lanmanserver gpsvc iphlpsvc msiscsi schedule winmgmt SessionEnv FastUserSwitchingCompatibility Ias Irmon Nla Ntmssvc NWCWorkstation Nwsapagent Rasauto Rasman Remoteaccess SENS Sharedaccess SRService Tapisrv Wmi WmdmPmSp wuauserv BITS ShellHWDetection LogonHours PCAudit helpsvc uploadmgr UserManager NetSetupSvc "LocalSystemNetworkRestricted"=ScDeviceEnum WiaRpc dot3svc Netman WPDBusEnum NcbService wlansvc AudioEndpointBuilder DeviceAssociationService "LocalService"=netprofm WebClient WinHttpAutoProxySvc "imgsvc"=StiSvc "LocalServiceNoNetwork"=PLA "smphost"=smphost "rpcss"=RpcSs "LocalServiceNetworkRestricted"=wscsvc LmHosts AudioSrv DHCP "appmodel"=StateRepository "LocalServiceAndNoImpersonation"=SSDPSRV upnphost SCardSvr QWAVE wcncsvc BthHFSrv "DcomLaunch"=PlugPlay DeviceInstall DcomLaunch "NetworkService"=CryptSvc WECSVC DHCP TermService Tapisrv WinRM DNSCache "smbsvcs"=lanmanserver "apphost"=apphostsvc w3logsvc "iissvcs"=w3svc was ---------- | SvcHost - Netsvcs (Whitelisted) ---------- | Software [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\2BrightSparks] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\7-Zip] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\abee] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Adobe] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Adobe Lightroom] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Apowersoft] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\AppDataLow] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Apple Computer, Inc.] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Apple Inc.] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\ArcSoft] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\AVAST Software] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Canneverbe Limited] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\CeWe Color] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Clients] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Clubic] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\CornerBowl] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Dell] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Disc Soft] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\DxO Labs] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\DxOLabs] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Embarcadero] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Emjysoft] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\EnTech] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\EPSON] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\EPSON Software Updater] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\g3n-h@ckm@n] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Glarysoft] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Google] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Hewlett-Packard] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\HP] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\IM Providers] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Imagenomic] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Intel] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\JAM Software] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\JavaSoft] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Kolor] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Licenses] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Ligos] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Logo] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Macromedia] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Magix] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\MAGIX AG] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\MatchWare] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Microsoft] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\MJProductions] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Mozilla] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\MozillaPlugins] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\MyPhoneExplorer] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\NETGEAR] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Netscape] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Nik_Soft] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\NVIDIA Corporation] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\ODBC] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\OVH] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Piriform] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Policies] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Portrait Displays] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\PTE] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\QtProject] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Realtek] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\RegisteredApplications] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Samsung] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\SEIKO EPSON CORPORATION] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Sony Corporation] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\SubSystems] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\SyncEngines] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Synology] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\sysinternals] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\TeamViewer] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\TomTom] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Trolltech] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\WinRAR] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\WinRAR SFX] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\WnSoft] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Wow6432Node] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\X-Rite] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\X-Rite Inc.] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\ZHP] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\{B2CB09FF-2453-4f85-9F40-21C05BE4CBA8}] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\SOFTWARE\AppDataLow\Software\Adobe] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\SOFTWARE\AppDataLow\Software\JavaSoft] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Microsoft\Windows\Roaming] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-893078023-2179327528-203563115-1000\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\Adobe] [HKLM\Software\Aladdin Knowledge Systems] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\ATI Technologies] [HKLM\Software\AVAST Software] [HKLM\Software\Clients] [HKLM\Software\Cnxt_Uiu_Parms] [HKLM\Software\CornerBowl] [HKLM\Software\Dell] [HKLM\Software\Disc Soft] [HKLM\Software\Dolby] [HKLM\Software\DTS] [HKLM\Software\DxOLabs] [HKLM\Software\DxOOpticsPro10] [HKLM\Software\EPSON] [HKLM\Software\Fortemedia] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\HP] [HKLM\Software\Imagenomic] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Khronos] [HKLM\Software\Knowles] [HKLM\Software\Kolor] [HKLM\Software\Macromedia] [HKLM\Software\MalwarebytesARW] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\MozillaPlugins] [HKLM\Software\Nahimic] [HKLM\Software\NETGEAR] [HKLM\Software\Nuance] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\OVH] [HKLM\Software\Partner] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\RTLSetup] [HKLM\Software\SAMSUNG] [HKLM\Software\Sonic] [HKLM\Software\SonicFocus] [HKLM\Software\SoundResearch] [HKLM\Software\SRS Labs] [HKLM\Software\sysinternals] [HKLM\Software\Wacom] [HKLM\Software\Waves Audio] [HKLM\Software\WinRAR] [HKLM\Software\WOW6432Node] [HKLM\Software\Yamaha APO] [HKLM\Software\Microsoft\Windows\ClickNote] [HKLM\Software\Microsoft\Windows\Configuration] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\DWM] [HKLM\Software\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\apphost] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\Camera] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\iissvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\Software\WOW6432Node\2BrightSparks] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\Aladdin Knowledge Systems] [HKLM\Software\WOW6432Node\AppDataLow] [HKLM\Software\WOW6432Node\Apple Inc.] [HKLM\Software\WOW6432Node\ArcSoft] [HKLM\Software\WOW6432Node\ASIO] [HKLM\Software\WOW6432Node\AVAST Software] [HKLM\Software\WOW6432Node\Canneverbe Limited] [HKLM\Software\WOW6432Node\Caphyon] [HKLM\Software\WOW6432Node\CodeGear] [HKLM\Software\WOW6432Node\Dell] [HKLM\Software\WOW6432Node\EnTech] [HKLM\Software\WOW6432Node\EPSON] [HKLM\Software\WOW6432Node\Evoluent] [HKLM\Software\WOW6432Node\FastStone Image Viewer] [HKLM\Software\WOW6432Node\GlarySoft] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\Hewlett-Packard] [HKLM\Software\WOW6432Node\HP] [HKLM\Software\WOW6432Node\HPS] [HKLM\Software\WOW6432Node\Imagenomic] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\Lola] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Magix] [HKLM\Software\WOW6432Node\Malwarebytes' Anti-Malware] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\MJProductions] [HKLM\Software\WOW6432Node\Mon Univers Photomoinscher 5.1] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\mozilla.org] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\MSI] [HKLM\Software\WOW6432Node\NETGEAR] [HKLM\Software\WOW6432Node\Nuance] [HKLM\Software\WOW6432Node\NVIDIA Corporation] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\Paragon Software] [HKLM\Software\WOW6432Node\Portrait Displays] [HKLM\Software\WOW6432Node\Portrait Displays, Inc.] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\RtWLan] [HKLM\Software\WOW6432Node\Samsung] [HKLM\Software\WOW6432Node\SERCOMM] [HKLM\Software\WOW6432Node\Sony Corporation] [HKLM\Software\WOW6432Node\SRS Labs] [HKLM\Software\WOW6432Node\Symantec] [HKLM\Software\WOW6432Node\TeamViewer] [HKLM\Software\WOW6432Node\TomTom] [HKLM\Software\WOW6432Node\UNIVERS PHOTO CEWE Leclerc] [HKLM\Software\WOW6432Node\VideoLAN] [HKLM\Software\WOW6432Node\Volatile] [HKLM\Software\WOW6432Node\Wacom] [HKLM\Software\WOW6432Node\Windows] [HKLM\Software\WOW6432Node\WnSoft] [HKLM\Software\WOW6432Node\WOW6432Node] [HKLM\Software\WOW6432Node\Wow6432Note] [HKLM\Software\WOW6432Node\WSWNA3100M] [HKLM\Software\WOW6432Node\X-Rite] [HKLM\Software\WOW6432Node\X-Rite Inc.] [HKLM\Software\WOW6432Node\Yahoo] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\WOW6432Node\Microsoft\Windows\Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\iissvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] ---------- | Drives D: [07/11/2007 07:44:20] - |A| - (.(C) Microsoft Corporation. - UI Wrapper Resource DLL.) - [75280] - (9.0.21022.8) - D:\install.res.1028.dll [07/11/2007 07:44:20] - |A| - (.© Microsoft Corporation. Alle Rechte vorbehalten. - Ressourcen-DLL für UI-Wrapper.) - [95248] - (9.0.21022.8) - D:\install.res.1031.dll [07/11/2007 07:44:20] - |A| - (.© Microsoft Corporation. - UI Wrapper Resource DLL.) - [90128] - (9.0.21022.8) - D:\install.res.1033.dll [07/11/2007 07:44:20] - |A| - (.© Microsoft Corporation. Tous droits réservés. - UI Wrapper Resource DLL.) - [96272] - (9.0.21022.8) - D:\install.res.1036.dll [07/11/2007 07:44:20] - |A| - (.© Microsoft Corporation. Tutti i diritti riservati. - DLL di risorse del wrapper dell'interfaccia utente.) - [94224] - (9.0.21022.8) - D:\install.res.1040.dll [07/11/2007 07:44:20] - |A| - (.(C) Copyright Microsoft Corporation. - UI Wrapper Resource DLL.) - [80400] - (9.0.21022.8) - D:\install.res.1041.dll [07/11/2007 07:44:20] - |A| - (.(C) Microsoft Corporation. - UI ?? ??? DLL.) - [78864] - (9.0.21022.8) - D:\install.res.1042.dll [07/11/2007 07:44:20] - |A| - (.(C) Microsoft Corporation???????? - ???????? DLL.) - [74768] - (9.0.21022.8) - D:\install.res.2052.dll [07/11/2007 07:44:20] - |A| - (.© Microsoft Corporation. Reservados todos los derechos. - Archivo DLL de recursos del contenedor de la interfaz de usuario.) - [95248] - (9.0.21022.8) - D:\install.res.3082.dll [01/12/2006 22:37:14] - |A| - (.© Microsoft Corporation. - Microsoft® Debug Information Accessor.) - [904704] - (8.0.50727.762) - D:\msdia80.dll [07/11/2007 07:44:20] - |A| - (.© Microsoft Corporation. - External Installer.) - [855040] - (9.0.21022.8) - D:\install.exe [07/11/2007 07:00:40] - |A| - (.-.) - [1110] - (0.0.0.0) - D:\globdata.ini [07/11/2007 07:00:40] - |A| - (.-.) - [843] - (0.0.0.0) - D:\install.ini E: [25/03/2015 10:44:39] - |A| - (.-.) - [1518] - (0.0.0.0) - E:\hubiC.lnk [14/07/2014 06:09:20] - |ASH| - (.-.) - [504] - (0.0.0.0) - E:\desktop.ini F: ---------- | C: [14/09/2016 05:41:43] - |HD| - [251127] - C:\$GetCurrent [14/07/2009 04:18:56] - |SHD| - [387] - C:\$Recycle.Bin [05/02/2017 16:14:35] - |D| - [5482690] - C:\AdwCleaner [MD5.93B885ADFE0DA089CDF634904FD59F71] - [30/07/2015 23:48:30] - |ASH| - (.-.) - [1] - (0.0.0.0) - C:\BOOTNXT [14/09/2015 14:29:13] - |SHD| - [13301] - C:\Config.Msi [23/09/2015 15:27:32] - |D| - [445548] - C:\Dell [30/07/2015 22:51:49] - |SHD| - [0] - C:\Documents and Settings [10/05/2016 13:45:01] - |D| - [3502103722] - C:\ESD [MD5.D41D8CD98F00B204E9800998ECF8427E] - [04/02/2017 07:48:40] - |ASH| - (.-.) - [12776599552] - (0.0.0.0) - C:\hiberfil.sys [14/09/2016 11:57:28] - |D| - [818424] - C:\inetpub [15/06/2015 15:16:02] - |D| - [805924] - C:\Intel [16/06/2015 08:03:20] - |D| - [60878] - C:\keepass copie du 16 06 [27/04/2016 06:50:24] - |D| - [16285696] - C:\Logs [15/06/2015 15:33:50] - |D| - [194301367] - C:\MSI [MD5.132AC716D1D927EEC8AFBCC5283ACBEA] - [15/06/2015 16:07:31] - |A| - (.-.) - [189] - (0.0.0.0) - C:\mylog.log [MD5.BDB904902500628C6C510CD723800558] - [15/06/2015 15:34:26] - |A| - (.-.) - [87] - (0.0.0.0) - C:\networkgenie.log [11/01/2017 11:19:32] - |D| - [377337739] - C:\NVIDIA [02/06/2016 14:55:58] - |HD| - [0] - C:\OneDriveTemp [MD5.D41D8CD98F00B204E9800998ECF8427E] - [06/06/2016 12:51:46] - |ASH| - (.-.) - [17179869184] - (0.0.0.0) - C:\pagefile.sys [MD5.4F891908457A13BAE517444FAF4B015C] - [14/07/2015 15:43:50] - |A| - (.-.) - [2853] - (0.0.0.0) - C:\pdiports64.inf [16/07/2016 12:47:47] - |D| - [0] - C:\PerfLogs [16/07/2016 07:04:24] - |RD| - [9897783045] - C:\Program Files [16/07/2016 07:04:24] - |RD| - [5439733830] - C:\Program Files (x86) [16/07/2016 12:47:48] - |HD| - [7881223284] - C:\ProgramData [05/02/2017 16:46:05] - |D| - [262051] - C:\QuickDiag [MD5.06B32DC1CCB5BED1CF0550E97EC1D50F] - [05/02/2017 16:48:12] - |A| - (.-.) - [192258] - (0.0.0.0) - C:\QuickDiag.txt [MD5.D41D8CD98F00B204E9800998ECF8427E] - [12/12/2016 10:56:27] - |A| - (.-.) - [0] - (0.0.0.0) - C:\RAMDiskImage.img [14/09/2016 11:12:48] - |SHD| - [0] - C:\Recovery [MD5.934798AE4FE1074D21029205AADBA77E] - [15/06/2015 16:08:28] - |A| - (.-.) - [3061] - (0.0.0.0) - C:\RHDSetup.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/05/2016 14:19:49] - |ASH| - (.-.) - [16777216] - (0.0.0.0) - C:\swapfile.sys [15/06/2015 20:52:53] - |SHD| - [0] - C:\System Volume Information [13/05/2016 05:47:42] - |D| - [222272729] - C:\temp [15/06/2015 15:41:36] - |D| - [933888] - C:\uninstall [16/07/2016 07:04:24] - |RD| - [71974757207] - C:\Users [16/07/2016 07:04:24] - |AD| - [23527255838] - C:\Windows [14/09/2016 05:41:24] - |D| - [16094430] - C:\Windows10Upgrade ---------- | C:\WINDOWS [MD5.D2A2D69173654899705C88EEE378A5B2] - [15/06/2015 15:31:11] - |A| - (.© Microsoft Corporation. - Resource only DLL containing MOF for ASL code.) - [11248] - (6.1.7600.16385) - C:\WINDOWS\acpimof.dll [16/07/2016 12:47:48] - |D| - [802] - C:\WINDOWS\addins [16/07/2016 12:47:48] - |D| - [22191628] - C:\WINDOWS\appcompat [16/07/2016 12:47:48] - |D| - [12471204] - C:\WINDOWS\AppPatch [16/07/2016 12:47:48] - |D| - [0] - C:\WINDOWS\AppReadiness [16/07/2016 12:47:47] - |RD| - [838450797] - C:\WINDOWS\assembly [MD5.12EBDA58437CD1EA7066FCB6455241D2] - [09/09/2016 15:12:43] - |A| - (.Copyright (c) 2014 AVAST Software - avast! Screen Saver stub.) - [53208] - (12.3.3154.0) - C:\WINDOWS\avastSS.scr [16/07/2016 12:47:48] - |D| - [281160] - C:\WINDOWS\bcastdvr [MD5.7B465E25ADF5D6DBCE9DCAE3C6545405] - [16/07/2016 12:42:16] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [61440] - (10.0.14393.0) - C:\WINDOWS\bfsvc.exe [16/07/2016 12:47:48] - |D| - [38116021] - C:\WINDOWS\Boot [MD5.0003BC57F3971C74F72D939CBAB57D72] - [14/09/2016 11:04:24] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat.dat [16/07/2016 12:47:48] - |D| - [3715608] - C:\WINDOWS\Branding [16/07/2016 12:36:22] - |D| - [0] - C:\WINDOWS\CbsTemp [MD5.D6CE3EEAB0B72F8014E62C728CEA5605] - [16/07/2016 23:46:34] - |A| - (.-.) - [33498] - (0.0.0.0) - C:\WINDOWS\Core.xml [16/07/2016 12:47:48] - |D| - [8970858] - C:\WINDOWS\Cursors [16/07/2016 12:47:48] - |D| - [12939684] - C:\WINDOWS\debug [MD5.A16E07E6536DF19AE4EA8BDAAEA2C356] - [14/09/2016 11:11:55] - |A| - (.-.) - [15243] - (0.0.0.0) - C:\WINDOWS\diagerr.xml [16/07/2016 12:47:48] - |D| - [4543876] - C:\WINDOWS\diagnostics [MD5.A16E07E6536DF19AE4EA8BDAAEA2C356] - [14/09/2016 11:11:55] - |A| - (.-.) - [15243] - (0.0.0.0) - C:\WINDOWS\diagwrn.xml [16/07/2016 23:40:08] - |D| - [0] - C:\WINDOWS\DigitalLocker [16/07/2016 12:47:48] - |SD| - [65] - C:\WINDOWS\Downloaded Program Files [14/07/2009 16:35:13] - |D| - [0] - C:\WINDOWS\ehome [16/07/2016 12:47:48] - |HD| - [44056] - C:\WINDOWS\ELAMBKUP [16/07/2016 23:40:08] - |D| - [0] - C:\WINDOWS\en-US [MD5.4E10FB1A015B49AC68F76C1A3F4D9C0F] - [10/12/2016 06:38:42] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4673304] - (10.0.14393.479) - C:\WINDOWS\explorer.exe [16/07/2016 12:47:48] - |RSD| - [631331958] - C:\WINDOWS\Fonts [16/07/2016 23:40:08] - |D| - [122368] - C:\WINDOWS\fr-FR [16/07/2016 12:47:48] - |D| - [0] - C:\WINDOWS\GameBarPresenceWriter [16/07/2016 12:47:48] - |D| - [33262810] - C:\WINDOWS\Globalization [16/07/2016 12:47:48] - |D| - [72699522] - C:\WINDOWS\Help [MD5.553DF2ABF34649763324BC5470D04317] - [16/07/2016 12:42:20] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [975360] - (10.0.14393.0) - C:\WINDOWS\HelpPane.exe [MD5.52AFE6DE5E463B7A08C184B1EB49DD6A] - [16/07/2016 12:42:21] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [18432] - (10.0.14393.0) - C:\WINDOWS\hh.exe [16/07/2016 12:47:48] - |D| - [173189928] - C:\WINDOWS\IME [16/07/2016 12:47:48] - |RD| - [6842480] - C:\WINDOWS\ImmersiveControlPanel [16/07/2016 12:45:54] - |D| - [193864676] - C:\WINDOWS\INF [16/07/2016 12:47:48] - |D| - [1094612998] - C:\WINDOWS\InfusedApps [16/07/2016 12:47:48] - |D| - [36285422] - C:\WINDOWS\InputMethod [16/07/2016 12:47:48] - |SHD| - [1853778839] - C:\WINDOWS\Installer [16/07/2016 12:47:48] - |D| - [89407] - C:\WINDOWS\L2Schemas [26/01/2017 17:48:40] - |D| - [295680] - C:\WINDOWS\LastGood.Tmp [16/07/2016 12:47:48] - |D| - [0] - C:\WINDOWS\LiveKernelReports [10/09/2016 17:37:19] - |D| - [473600] - C:\WINDOWS\Logo Design Studio Trial [16/07/2016 07:04:29] - |D| - [45380773] - C:\WINDOWS\Logs [16/07/2016 12:47:48] - |RSD| - [27807331] - C:\WINDOWS\Media [MD5.3088E5DF289E6B63710CE682A93194F5] - [02/01/2017 15:14:39] - |A| - (.-.) - [6651] - (0.0.0.0) - C:\WINDOWS\mgxoschk.ini [MD5.23AF90D2355D8C83AA4567EF1763B467] - [16/07/2016 12:42:12] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\WINDOWS\mib.bin [16/07/2016 12:47:47] - |RD| - [788140542] - C:\WINDOWS\Microsoft.NET [16/07/2016 12:47:48] - |D| - [2563] - C:\WINDOWS\Migration [23/09/2016 16:35:09] - |D| - [0] - C:\WINDOWS\Minidump [16/07/2016 12:47:48] - |RD| - [484593] - C:\WINDOWS\MiracastView [16/07/2016 12:47:48] - |D| - [0] - C:\WINDOWS\ModemLogs [MD5.B9FB94A8DA62711C6955825DEFB25C5A] - [14/07/2009 03:35:42] - |A| - (.-.) - [1405] - (0.0.0.0) - C:\WINDOWS\msdfmap.ini [19/10/2015 16:03:17] - |D| - [2004] - C:\WINDOWS\MSSecurityNi [19/10/2015 16:03:17] - |D| - [2004] - C:\WINDOWS\MSSecurityNS [MD5.D41D8CD98F00B204E9800998ECF8427E] - [26/05/2016 13:29:34] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\My Product Name [MD5.3B508CAE5DEBCBA928B5BC355517E2E6] - [16/07/2016 12:43:51] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [243200] - (10.0.14393.0) - C:\WINDOWS\notepad.exe [MD5.74F28574BB8F61FFC7DD419FE6B6E0D5] - [11/01/2017 11:21:18] - |A| - (.-.) - [1951] - (0.0.0.0) - C:\WINDOWS\NvContainerRecovery.bat [16/07/2016 23:41:15] - |D| - [419226] - C:\WINDOWS\OCR [16/07/2016 12:47:48] - |RD| - [65] - C:\WINDOWS\Offline Web Pages [14/09/2016 12:03:05] - |DC| - [261871886] - C:\WINDOWS\Panther [16/07/2016 12:47:48] - |D| - [30829915] - C:\WINDOWS\Performance [MD5.87085DEC1FF9CD31577F1B3D71CE9434] - [30/01/2017 15:09:23] - |A| - (.-.) - [3504] - (0.0.0.0) - C:\WINDOWS\PFRO.log [16/07/2016 12:47:48] - |D| - [1136442] - C:\WINDOWS\PLA [16/07/2016 12:47:48] - |D| - [2675544] - C:\WINDOWS\PolicyDefinitions [14/09/2016 11:03:41] - |D| - [6087709] - C:\WINDOWS\Prefetch [16/07/2016 12:47:48] - |RD| - [2036530] - C:\WINDOWS\PrintDialog [MD5.09394999ADB19901C665454EE964B13C] - [14/09/2016 06:21:25] - |A| - (.-.) - [36] - (0.0.0.0) - C:\WINDOWS\progress.ini [16/07/2016 12:47:48] - |D| - [1415119] - C:\WINDOWS\Provisioning [MD5.EFE3D78833FEDAF7F24C264BF9976301] - [16/07/2016 12:42:17] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [320512] - (10.0.14393.0) - C:\WINDOWS\regedit.exe [16/07/2016 12:47:48] - |D| - [1117876] - C:\WINDOWS\Registration [16/07/2016 12:47:48] - |D| - [8729838] - C:\WINDOWS\rescache [16/07/2016 12:47:48] - |D| - [4268026] - C:\WINDOWS\Resources [MD5.A095B3E67C8EB8F2137EAC63687F2F5B] - [15/06/2015 16:08:29] - |A| - (.Copyright (C) 2016 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [2839520] - (1.0.7.0) - C:\WINDOWS\RtlExUpd.dll [16/07/2016 12:47:48] - |D| - [0] - C:\WINDOWS\SchCache [16/07/2016 12:47:48] - |D| - [121229] - C:\WINDOWS\schemas [MD5.6D7FDBF9CEAC51A76750FD38CF801F30] - [03/07/2016 05:53:58] - |A| - (.-.) - [3584] - (0.0.0.0) - C:\WINDOWS\SECOH-QAD.dll [MD5.38DE5B216C33833AF710E88F7F64FC98] - [03/07/2016 05:53:58] - |A| - (.-.) - [4608] - (0.0.0.0) - C:\WINDOWS\SECOH-QAD.exe [16/07/2016 12:47:48] - |D| - [7792398] - C:\WINDOWS\security [14/09/2016 11:03:41] - |D| - [48633811] - C:\WINDOWS\ServiceProfiles [16/07/2016 07:04:24] - |D| - [174423916] - C:\WINDOWS\servicing [16/07/2016 12:49:46] - |D| - [349] - C:\WINDOWS\Setup [MD5.6EA6FA9E348156101084E708CB5D1C96] - [07/01/2017 19:28:58] - |A| - (.-.) - [3821] - (0.0.0.0) - C:\WINDOWS\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [07/01/2017 19:28:58] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\setuperr.log [16/07/2016 12:47:48] - |D| - [31190016] - C:\WINDOWS\ShellExperiences [27/04/2016 06:29:00] - |D| - [0] - C:\WINDOWS\ShellNew [16/07/2016 23:40:46] - |D| - [6828144] - C:\WINDOWS\SKB [15/06/2015 15:57:01] - |D| - [211538493] - C:\WINDOWS\SoftwareDistribution [16/07/2016 12:47:48] - |D| - [86037697] - C:\WINDOWS\Speech [16/07/2016 12:47:48] - |D| - [53541356] - C:\WINDOWS\Speech_OneCore [MD5.BCDB205132974EC3AB6F5C01DD93489B] - [30/10/2016 16:47:46] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [130560] - (10.0.14393.351) - C:\WINDOWS\splwow64.exe [MD5.2664EEEE55F34BC4FAAA8EE41393D2CD] - [30/07/2015 23:25:21] - |A| - (.-.) - [31856] - (0.0.0.0) - C:\WINDOWS\Starter.xml [16/07/2016 12:47:48] - |D| - [31039] - C:\WINDOWS\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [14/07/2009 03:34:57] - |A| - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\system.ini [16/07/2016 07:04:24] - |D| - [7515847528] - C:\WINDOWS\System32 [16/07/2016 12:47:48] - |D| - [144046344] - C:\WINDOWS\SystemApps [16/07/2016 12:47:48] - |D| - [17529069] - C:\WINDOWS\SystemResources [16/07/2016 07:04:27] - |D| - [1963760644] - C:\WINDOWS\SysWOW64 [16/07/2016 12:47:48] - |D| - [0] - C:\WINDOWS\TAPI [14/07/2009 04:20:14] - |D| - [2802] - C:\WINDOWS\Tasks [16/07/2016 12:47:48] - |D| - [157135043] - C:\WINDOWS\Temp [16/07/2016 12:47:48] - |D| - [0] - C:\WINDOWS\tracing [16/07/2016 12:47:48] - |D| - [4687180] - C:\WINDOWS\twain_32 [MD5.21F91141B4796108A50733B14850CDF2] - [16/07/2016 12:43:52] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [66560] - (1.7.1.3) - C:\WINDOWS\twain_32.dll [MD5.8CE5266F0BBB73C95886CB72B0063CB8] - [01/10/2015 15:17:17] - |A| - (.Copyright © MindVision Software 1995-2004 - Uninstall application file.) - [90112] - (3.6.1.0) - C:\WINDOWS\unvise32.exe [16/07/2016 12:47:48] - |D| - [12420] - C:\WINDOWS\Vss [16/07/2016 12:47:48] - |D| - [15991129] - C:\WINDOWS\Web [MD5.B31FFE3250040EE72E63CDA5A8A18EE6] - [14/07/2009 03:34:57] - |A| - (.-.) - [387] - (0.0.0.0) - C:\WINDOWS\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [16/07/2016 12:42:32] - |RAH| - (.-.) - [670] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest [MD5.038356387332650843BCB352BB89A101] - [07/01/2017 19:44:55] - |A| - (.-.) - [275] - (0.0.0.0) - C:\WINDOWS\WindowsUpdate.log [MD5.9328E170E5407D9DDE7EB1E208A2CBB4] - [16/07/2016 12:42:48] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [10240] - (10.0.14393.0) - C:\WINDOWS\winhlp32.exe [16/07/2016 07:04:24] - |D| - [6857066532] - C:\WINDOWS\WinSxS [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [16/07/2016 12:43:08] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx [MD5.E87C6A38E61A712C48025A6AD54C1113] - [16/07/2016 12:42:39] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.14393.0) - C:\WINDOWS\write.exe ---------- | C:\WINDOWS\System32\GroupPolicy ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [14/09/2015 14:13:37] - C:\WINDOWS\Installer\10754.msi : ( - Evoluent LLC) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/07/2015 06:45:24] - C:\WINDOWS\Installer\10ccf6.msi : (swMSM - Adobe Systems, Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2011 20:01:56] - C:\WINDOWS\Installer\14a807.msi : (XRD i1d3 - X-Rite) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/09/2015 06:31:23] - C:\WINDOWS\Installer\179ef0.msi : ( - Evoluent LLC) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/12/2016 15:59:59] - C:\WINDOWS\Installer\1acbdf.msi : (PlayMemories Camera Apps Downloader - Sony Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/03/2015 09:41:29] - C:\WINDOWS\Installer\1f1a19.msi : ( - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/04/2016 16:40:34] - C:\WINDOWS\Installer\20c65754.msi : ( - TomTom) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/04/2016 05:26:39] - C:\WINDOWS\Installer\22c7f2e.msi : (Java SE Runtime Environment 8 Update 91 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/05/2016 15:33:29] - C:\WINDOWS\Installer\231c8df.msi : (Apple Software Update Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/07/2015 12:51:48] - C:\WINDOWS\Installer\2817d65.msi : (Intel(R) Chipset Device Software - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/06/2015 15:07:40] - C:\WINDOWS\Installer\2974.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/01/2016 05:15:17] - C:\WINDOWS\Installer\298801b.msi : (X-Rite Device Services Manager - X-Rite) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/06/2015 15:03:24] - C:\WINDOWS\Installer\2a6ad6.msi : (HP Support Solutions Framework - Hewlett-Packard Company) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/04/2016 20:46:30] - C:\WINDOWS\Installer\2e451b5.msi : (Adobe AIR Installer - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/06/2014 20:31:00] - C:\WINDOWS\Installer\36ce8efc.msi : ( -) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/01/2017 18:09:57] - C:\WINDOWS\Installer\3a399a9e.msi : (Google Earth - Google) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/06/2015 14:55:37] - C:\WINDOWS\Installer\3bf8b.msi : (DxO OpticsPro 10 - DxO Labs) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/10/2014 11:24:46] - C:\WINDOWS\Installer\3bf8f.msi : (DxO OpticsPro 10 plug-in for Adobe Lightroom - DxO Labs) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/10/2015 08:53:04] - C:\WINDOWS\Installer\3e5166a.msi : (MSI(R) Intel(R) Extreme Tuning Utility - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/06/2015 13:39:05] - C:\WINDOWS\Installer\3ef1dc8.msi : ( - Oliver Carr) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/06/2015 13:38:47] - C:\WINDOWS\Installer\3ef1dcd.msi : (Blank Project Template - TomTom) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/09/2015 14:06:16] - C:\WINDOWS\Installer\3f17c.msi : (X-Rite Device Services Manager - X-Rite) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/01/2017 14:49:34] - C:\WINDOWS\Installer\43d67136.msi : (Apple Application Support Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/04/2012 05:03:00] - C:\WINDOWS\Installer\4903b0.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/04/2012 05:03:00] - C:\WINDOWS\Installer\4903b8.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/10/2016 21:24:56] - C:\WINDOWS\Installer\4a44741.msi : ([ProductName] Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/10/2016 21:22:12] - C:\WINDOWS\Installer\4a44749.msi : (Apple Mobile Device Support Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/09/2015 13:57:41] - C:\WINDOWS\Installer\4b62850.msi : ( - Evoluent LLC) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/06/2015 15:07:51] - C:\WINDOWS\Installer\4d9f3.msi : (Google Toolbar for Internet Explorer - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/06/2015 15:08:18] - C:\WINDOWS\Installer\4d9f8.msi : (USB 3.0 Host Controller Driver - Renesas Electronics Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/12/2016 07:34:31] - C:\WINDOWS\Installer\5b04b.msi : (Google Drive - Google, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/01/2011 14:26:04] - C:\WINDOWS\Installer\5e88f2.msi : ( - NVIDIA) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/01/2011 14:27:44] - C:\WINDOWS\Installer\5e88f6.msi : ( - NVIDIA Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/10/2012 18:46:06] - C:\WINDOWS\Installer\63237e.msi : (HP Photosmart 6520 series Basic Device Software - Hewlett-Packard Co.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/08/2014 12:18:38] - C:\WINDOWS\Installer\632384.msi : (HP Update - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/02/2017 15:56:13] - C:\WINDOWS\Installer\70fd2.msi : (Java SE Runtime Environment 8 Update 121 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/02/2017 15:56:32] - C:\WINDOWS\Installer\70fe1.msi : (Java Auto Updater - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/02/2017 15:56:43] - C:\WINDOWS\Installer\70fe8.msi : (Java SE Runtime Environment 8 Update 121 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/11/2016 09:42:13] - C:\WINDOWS\Installer\90d4b7d.msi : (La Banque Postale - e-Carte Bleue La Banque Postale) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/01/2013 12:35:34] - C:\WINDOWS\Installer\91cabee.msi : (HP FWUpdateEDO2 - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/07/2015 22:44:38] - C:\WINDOWS\Installer\97653.msi : (Intel(R) ME UninstallLegacy - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/07/2015 22:46:36] - C:\WINDOWS\Installer\9769d.msi : (Intel(R) Management Engine Components - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/07/2015 22:47:32] - C:\WINDOWS\Installer\976d5.msi : (Intel(R) Management Engine Components - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/05/2015 16:27:22] - C:\WINDOWS\Installer\976ed.msi : (Intel(R) Trusted Connect Service Client - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/05/2015 00:25:00] - C:\WINDOWS\Installer\9770b.msi : (Intel® Security Assist - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/05/2016 08:48:26] - C:\WINDOWS\Installer\a48c70b.msi : (Java SE Runtime Environment 8 Update 91 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/09/2015 17:11:50] - C:\WINDOWS\Installer\ae34c84.msi : (Blank Project Template - TomTom) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/12/2016 07:03:26] - C:\WINDOWS\Installer\c70a159.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/08/2016 05:25:45] - C:\WINDOWS\Installer\d7e1840.msi : (Java SE Runtime Environment 8 Update 101 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/08/2016 05:43:25] - C:\WINDOWS\Installer\d8e43a8.msi : (Java SE Runtime Environment 8 Update 101 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/01/2017 07:24:59] - C:\WINDOWS\Installer\e4531.msi : (Adobe ARM Installer - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/03/2015 17:25:48] - C:\WINDOWS\Installer\e7e6c7b.msi : (hubiC - x64 - OVH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] ---------- | %System%\*.in* [16/07/2016 12:43:08] - [3458] - C:\WINDOWS\System32\ieuinit.inf [14/09/2016 11:05:14] - [3687460] - C:\WINDOWS\System32\PerfStringBackup.INI [16/07/2016 12:42:39] - [60124] - C:\WINDOWS\System32\tcpmon.ini [16/07/2016 12:42:11] - [2307] - C:\WINDOWS\System32\WimBootCompress.ini [16/07/2016 12:43:59] - [3458] - C:\WINDOWS\Syswow64\ieuinit.inf [14/09/2015 13:59:37] - [2779] - C:\WINDOWS\Syswow64\InstallUtil.InstallLog [14/09/2016 11:05:11] - [1647228] - C:\WINDOWS\Syswow64\PerfStringBackup.INI [16/07/2016 12:42:43] - [2307] - C:\WINDOWS\Syswow64\WimBootCompress.ini ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.B7C476BBE4F001F4F33C04D9ABC33DC8] - |A| - [16/07/2016 12:42:17] - (.-.) - [14.52 Ko] - (0.0.0.0) - C:\WINDOWS\AppPatch\AppPatch64\pcamain.sdb [MD5.6457DB2C0EA3AEB8589D9AADE59698B5] - |A| - [15/12/2016 02:17:22] - (.-.) - [541.03 Ko] - (0.0.0.0) - C:\WINDOWS\AppPatch\AppPatch64\sysmain.sdb [MD5.2519F68F67471A3FFBD4A3DF291F4328] - |A| - [11/01/2017 07:24:58] - (.-.) - [2.5 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AdobeARM.log [MD5.F6BBEBE2E9CAC4A55403D1BDD69C6E93] - |A| - [21/01/2017 07:27:21] - (.-.) - [0.17 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\AdobeARM_NotLocked.log [MD5.11825C0A5FE9346C53BA69D68C104DFB] - |A| - [14/09/2016 11:09:24] - (.-.) - [3490.53 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc.log [MD5.2AD0E99A419579C10A058637DE272FF2] - |A| - [16/01/2017 15:15:42] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_a03024 [MD5.DB69F6E84D868B8CC298961C567640DC] - |A| - [01/02/2017 18:31:50] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_a03372 [MD5.2AD0E99A419579C10A058637DE272FF2] - |A| - [12/01/2017 15:46:42] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_a03452 [MD5.DB69F6E84D868B8CC298961C567640DC] - |A| - [04/02/2017 09:41:10] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_a03464 [MD5.2AD0E99A419579C10A058637DE272FF2] - |A| - [08/01/2017 17:55:24] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_a03720 [MD5.2AD0E99A419579C10A058637DE272FF2] - |A| - [10/01/2017 15:15:17] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_a03728 [MD5.2AD0E99A419579C10A058637DE272FF2] - |A| - [07/01/2017 11:44:01] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_a03768 [MD5.2AD0E99A419579C10A058637DE272FF2] - |A| - [11/01/2017 09:27:19] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_a04008 [MD5.2AD0E99A419579C10A058637DE272FF2] - |A| - [17/01/2017 13:43:34] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_a04240 [MD5.DB69F6E84D868B8CC298961C567640DC] - |A| - [27/01/2017 11:54:48] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_a08708 [MD5.DB69F6E84D868B8CC298961C567640DC] - |A| - [02/02/2017 06:48:53] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_b03372 [MD5.B38BF8296AAD1AD89C1E60CAF6B115CD] - |A| - [04/02/2017 11:11:29] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_b03464 [MD5.2AD0E99A419579C10A058637DE272FF2] - |A| - [10/01/2017 15:26:17] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_b03728 [MD5.2AD0E99A419579C10A058637DE272FF2] - |A| - [18/01/2017 08:51:46] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_b04240 [MD5.B38BF8296AAD1AD89C1E60CAF6B115CD] - |A| - [28/01/2017 09:57:54] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_b08708 [MD5.B38BF8296AAD1AD89C1E60CAF6B115CD] - |A| - [02/02/2017 07:04:23] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_c03372 [MD5.DB69F6E84D868B8CC298961C567640DC] - |A| - [05/02/2017 07:05:55] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_c03464 [MD5.2AD0E99A419579C10A058637DE272FF2] - |A| - [19/01/2017 15:06:49] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_c04240 [MD5.B38BF8296AAD1AD89C1E60CAF6B115CD] - |A| - [28/01/2017 11:59:06] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_c08708 [MD5.DB69F6E84D868B8CC298961C567640DC] - |A| - [02/02/2017 16:42:26] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_d03372 [MD5.B38BF8296AAD1AD89C1E60CAF6B115CD] - |A| - [05/02/2017 07:38:48] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_d03464 [MD5.2AD0E99A419579C10A058637DE272FF2] - |A| - [20/01/2017 17:33:03] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_d04240 [MD5.B38BF8296AAD1AD89C1E60CAF6B115CD] - |A| - [29/01/2017 11:17:12] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_d08708 [MD5.B38BF8296AAD1AD89C1E60CAF6B115CD] - |A| - [02/02/2017 16:46:39] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_e03372 [MD5.2AD0E99A419579C10A058637DE272FF2] - |A| - [22/01/2017 09:18:17] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_e04240 [MD5.DB69F6E84D868B8CC298961C567640DC] - |A| - [29/01/2017 15:32:01] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_e08708 [MD5.DB69F6E84D868B8CC298961C567640DC] - |A| - [03/02/2017 06:01:31] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_f03372 [MD5.2AD0E99A419579C10A058637DE272FF2] - |A| - [24/01/2017 06:45:44] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_f04240 [MD5.B38BF8296AAD1AD89C1E60CAF6B115CD] - |A| - [29/01/2017 15:34:37] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_f08708 [MD5.DB69F6E84D868B8CC298961C567640DC] - |A| - [03/02/2017 14:43:02] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_g03372 [MD5.2AD0E99A419579C10A058637DE272FF2] - |A| - [24/01/2017 15:24:20] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_g04240 [MD5.B38BF8296AAD1AD89C1E60CAF6B115CD] - |A| - [29/01/2017 15:38:24] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_g08708 [MD5.2AD0E99A419579C10A058637DE272FF2] - |A| - [24/01/2017 19:34:48] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_h04240 [MD5.B38BF8296AAD1AD89C1E60CAF6B115CD] - |A| - [29/01/2017 15:38:55] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_h08708 [MD5.2AD0E99A419579C10A058637DE272FF2] - |A| - [26/01/2017 06:56:10] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_i04240 [MD5.B38BF8296AAD1AD89C1E60CAF6B115CD] - |A| - [29/01/2017 15:41:05] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_i08708 [MD5.B38BF8296AAD1AD89C1E60CAF6B115CD] - |A| - [30/01/2017 09:44:51] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_j08708 [MD5.B38BF8296AAD1AD89C1E60CAF6B115CD] - |A| - [30/01/2017 12:54:41] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_k08708 [MD5.B38BF8296AAD1AD89C1E60CAF6B115CD] - |A| - [30/01/2017 12:55:04] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\adobegc_l08708 [MD5.877C3E51957EF4F666D1D0E48D3E5427] - |A| - [21/01/2017 07:27:15] - (.-.) - [251.38 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\ArmUI.ini [MD5.00000000000000000000000000000000] - |D| - [29/09/2016 09:13:40] - [137949.47 Ko] - C:\WINDOWS\Temp\avast_ash2 [MD5.68DD8DF57D7CB19C5399E23D7BCEC121] - |A| - [27/01/2017 07:43:53] - (.-.) - [18.35 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\chrome_installer.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [07/01/2017 19:39:24] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CProgram FilesAVAST SoftwareSZBrowser1.51.2220.62SZBrowser_autoupdate.download.lock [MD5.00000000000000000000000000000000] - |D| - [27/01/2017 07:43:09] - [0.04 Ko] - C:\WINDOWS\Temp\Crashpad [MD5.00000000000000000000000000000000] - |D| - [14/09/2016 11:09:24] - [1390.44 Ko] - C:\WINDOWS\Temp\CreativeCloud [MD5.00000000000000000000000000000000] - |D| - [02/02/2017 05:56:35] - [1683.99 Ko] - C:\WINDOWS\Temp\CR_7C8D6.tmp [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [26/01/2017 17:32:51] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DMIECCE.tmp [MD5.00000000000000000000000000000000] - |D| - [09/01/2017 18:17:32] - [21.81 Ko] - C:\WINDOWS\Temp\Evoluent [MD5.00000000000000000000000000000000] - |D| - [07/01/2017 19:34:25] - [5.56 Ko] - C:\WINDOWS\Temp\HP [MD5.00000000000000000000000000000000] - |D| - [07/01/2017 19:34:35] - [0 Ko] - C:\WINDOWS\Temp\hsperfdata_PATRICK-PC$ [MD5.CDBB3C32F8000001728ED691E551E359] - |A| - [08/01/2017 07:08:31] - (.-.) - [74.71 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpCmdRun.log [MD5.00000000000000000000000000000000] - |D| - [07/01/2017 19:27:08] - [40 Ko] - C:\WINDOWS\Temp\NVIDIA Corporation [MD5.00000000000000000000000000000000] - |D| - [11/01/2017 11:21:12] - [33.45 Ko] - C:\WINDOWS\Temp\NvidiaLogging [MD5.00000000000000000000000000000000] - |D| - [23/09/2016 15:14:28] - [5.58 Ko] - C:\WINDOWS\Temp\SafeZone Installer [MD5.C048EDA5E4B6989D458C4CE3BF6D5E5B] - |A| - [08/01/2017 07:35:43] - (.-.) - [8.29 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\ScheduledHeartbeat.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [14/09/2016 11:09:24] - (.-.) - [8208.02 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\TmpFile1 [MD5.8BC809E6E649907536F4CB8745EBCB33] - |A| - [22/01/2017 15:21:02] - (.-.) - [1.3 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\tpmCF61.tmp [MD5.00000000000000000000000000000000] - |D| - [04/02/2017 20:49:09] - [0 Ko] - C:\WINDOWS\Temp\tw5B94.tmp [MD5.00000000000000000000000000000000] - |D| - [22/01/2017 15:21:02] - [0 Ko] - C:\WINDOWS\Temp\twCF40.tmp [MD5.00000000000000000000000000000000] - |D| - [14/09/2016 11:09:24] - [8336.44 Ko] - C:\WINDOWS\Temp\_avast_ [MD5.D41D8CD98F00B204E9800998ECF8427E] - |AT| - [11/01/2017 07:25:59] - (.-.) - [112 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\~DFB8BDD6F2BC7FA9BB.TMP [MD5.00000000000000000000000000000000] - |D| - [15/06/2015 15:08:24] - [1 Ko] - C:\WINDOWS\System32\0401 [MD5.00000000000000000000000000000000] - |D| - [15/06/2015 15:08:24] - [1 Ko] - C:\WINDOWS\System32\0404 [MD5.00000000000000000000000000000000] - |D| - [15/06/2015 15:08:24] - [1.5 Ko] - C:\WINDOWS\System32\0405 [MD5.00000000000000000000000000000000] - |D| - [15/06/2015 15:08:24] - [1.5 Ko] - C:\WINDOWS\System32\0406 [MD5.00000000000000000000000000000000] - |D| - [15/06/2015 15:08:24] - [1.5 Ko] - C:\WINDOWS\System32\0407 [MD5.00000000000000000000000000000000] - |D| - [15/06/2015 15:08:24] - [1.5 Ko] - C:\WINDOWS\System32\0408 [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 23:40:09] - [1.5 Ko] - C:\WINDOWS\System32\0409 [MD5.00000000000000000000000000000000] - |D| - [15/06/2015 15:08:24] - [1.5 Ko] - C:\WINDOWS\System32\040A [MD5.00000000000000000000000000000000] - |D| - [15/06/2015 15:08:24] - [1.5 Ko] - C:\WINDOWS\System32\040B [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 16:24:06] - [1.5 Ko] - C:\WINDOWS\System32\040C [MD5.00000000000000000000000000000000] - |D| - [15/06/2015 15:08:24] - [1.5 Ko] - C:\WINDOWS\System32\040D [MD5.00000000000000000000000000000000] - |D| - [15/06/2015 15:08:24] - [1.5 Ko] - C:\WINDOWS\System32\040E [MD5.00000000000000000000000000000000] - |D| - [15/06/2015 15:08:24] - [1.5 Ko] - C:\WINDOWS\System32\0410 [MD5.00000000000000000000000000000000] - |D| - [15/06/2015 15:08:24] - [1 Ko] - C:\WINDOWS\System32\0411 [MD5.00000000000000000000000000000000] - |D| - [15/06/2015 15:08:24] - [1 Ko] - C:\WINDOWS\System32\0412 [MD5.00000000000000000000000000000000] - |D| - [15/06/2015 15:08:24] - [1.5 Ko] - C:\WINDOWS\System32\0413 [MD5.00000000000000000000000000000000] - |D| - [15/06/2015 15:08:24] - [1.5 Ko] - C:\WINDOWS\System32\0414 [MD5.00000000000000000000000000000000] - |D| - [15/06/2015 15:08:24] - [1.5 Ko] - C:\WINDOWS\System32\0415 [MD5.00000000000000000000000000000000] - |D| - [15/06/2015 15:08:24] - [1.5 Ko] - C:\WINDOWS\System32\0416 [MD5.00000000000000000000000000000000] - |D| - [15/06/2015 15:08:24] - [1.5 Ko] - C:\WINDOWS\System32\0419 [MD5.00000000000000000000000000000000] - |D| - [15/06/2015 15:08:24] - [1.5 Ko] - C:\WINDOWS\System32\041B [MD5.00000000000000000000000000000000] - |D| - [15/06/2015 15:08:24] - [1.5 Ko] - C:\WINDOWS\System32\041D [MD5.00000000000000000000000000000000] - |D| - [15/06/2015 15:08:24] - [1.5 Ko] - C:\WINDOWS\System32\041E [MD5.00000000000000000000000000000000] - |D| - [15/06/2015 15:08:24] - [1.5 Ko] - C:\WINDOWS\System32\041F [MD5.00000000000000000000000000000000] - |D| - [15/06/2015 15:08:24] - [1.5 Ko] - C:\WINDOWS\System32\0424 [MD5.00000000000000000000000000000000] - |D| - [15/06/2015 15:08:24] - [1 Ko] - C:\WINDOWS\System32\0804 [MD5.00000000000000000000000000000000] - |D| - [15/06/2015 15:08:24] - [1.5 Ko] - C:\WINDOWS\System32\0816 [MD5.00000000000000000000000000000000] - |D| - [15/06/2015 15:08:24] - [1 Ko] - C:\WINDOWS\System32\0C04 [MD5.00000000000000000000000000000000] - |D| - [15/06/2015 15:08:24] - [1.5 Ko] - C:\WINDOWS\System32\0C0A [MD5.00000000000000000000000000000000] - |D| - [15/06/2015 15:08:24] - [1.5 Ko] - C:\WINDOWS\System32\2C0A [MD5.E9B949FD8AE5D8EAB5D4ACB3FC60142A] - |AH| - [14/07/2009 05:45:49] - (.-.) - [14.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [MD5.E9B949FD8AE5D8EAB5D4ACB3FC60142A] - |AH| - [14/07/2009 05:45:49] - (.-.) - [14.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [16/07/2016 12:42:35] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AudioToastIcon.png [MD5.8E4B25CC8E98F63DBD54176DFAB539E0] - |A| - [16/07/2016 12:42:05] - (.-.) - [0.44 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@BackgroundAccessToastIcon.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [16/07/2016 12:42:38] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@EnrollmentToastIcon.png [MD5.373CF57FF3DAAEEB629F90CE7226B30D] - |A| - [16/07/2016 12:42:41] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@language_notification_icon.png [MD5.46DACDA5036EBECEDF08427407E3017C] - |A| - [16/07/2016 12:42:40] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@optionalfeatures.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [16/07/2016 12:42:38] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@VpnToastIcon.png [MD5.7AC3EA1A5175106ED6467FF0C5315541] - |A| - [16/07/2016 12:42:38] - (.-.) - [14.75 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WiFiNotificationIcon.png [MD5.58B6CB6A8528BA1B267CFAE325E6B834] - |A| - [16/07/2016 12:42:23] - (.-.) - [20.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsHelloFaceToastIcon.png [MD5.86A340FC08302C6F0EC4FFAB070D6447] - |A| - [15/11/2016 12:18:42] - (.-.) - [115.81 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AcpiServiceVnA64.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 07:04:29] - [3176.34 Ko] - C:\WINDOWS\System32\AdvancedInstallers [MD5.971819F3DD0996BCCB9E4330C52C4207] - |A| - [09/11/2016 17:05:19] - (.-.) - [436.42 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ApnDatabase.xml [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\System32\AppLocker [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [7762.11 Ko] - C:\WINDOWS\System32\appraiser [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [272 Ko] - C:\WINDOWS\System32\ar-SA [MD5.E43AEE6A66067C6535C1F994BCFB93A1] - |A| - [09/09/2016 15:12:45] - (.Copyright (c) 2014 AVAST Software - avast! start-up scanner.) - [382.32 Ko] - (12.3.3154.0) - C:\WINDOWS\System32\aswBoot.exe [MD5.ABEE2AA1A63617A27207F80648B25FCE] - |A| - [15/11/2016 12:18:42] - (.-.) - [102.84 Ko] - (0.0.0.0) - C:\WINDOWS\System32\audioLibVc.dll [MD5.00000000000000000000000000000000] - |D| - [14/09/2016 11:57:28] - [84.19 Ko] - C:\WINDOWS\System32\BestPractices [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [247.5 Ko] - C:\WINDOWS\System32\bg-BG [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [4474.56 Ko] - C:\WINDOWS\System32\Boot [MD5.31ABC8C02F1CCE0DA39550D763384184] - |A| - [16/07/2016 12:42:12] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [91.5 Ko] - (1.0.0.1) - C:\WINDOWS\System32\BthpanContextHandler.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0.93 Ko] - C:\WINDOWS\System32\Bthprops [MD5.B679F5A2A8800A93EE7B4C2D18FD98D7] - |A| - [15/11/2016 12:18:42] - (.(c) Conexant Systems, Inc. - CAFAPI.) - [109.86 Ko] - (1.0.0.4) - C:\WINDOWS\System32\Caf64api.dll [MD5.41E39DD4A50D27A6F4085624CDFF84F5] - |A| - [15/11/2016 12:18:42] - (.©Conexant Systems, Inc. - Conexant Audio Processing Objects, (x64).) - [428.41 Ko] - (2.34.0.0) - C:\WINDOWS\System32\CAF64APO2.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 07:04:24] - [79336.66 Ko] - C:\WINDOWS\System32\CatRoot [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [39600.7 Ko] - C:\WINDOWS\System32\catroot2 [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [2074.65 Ko] - C:\WINDOWS\System32\CodeIntegrity [MD5.1F8887963CD87ACEB6201A0BE172AFFD] - |A| - [22/09/2011 17:31:04] - (.-.) - [4.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ColorEfexPro4FC64.dll [MD5.64430E214B5B229D426D2D35538C402D] - |A| - [04/06/2016 18:42:43] - (.-.) - [366.38 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ColorImageEnhancement.wmv [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [360 Ko] - C:\WINDOWS\System32\Com [MD5.36F4B9BD9203BFCB7267DEDF28522A7E] - |A| - [15/11/2016 12:18:42] - (.2013 © Real Sound Lab SIA, iSoft Solutions - CONEQ™ Media Suite APO GUI Library.) - [119.45 Ko] - (1.0.0.4) - C:\WINDOWS\System32\CONEQMSAPOGUILibrary.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 07:04:24] - [401438.46 Ko] - C:\WINDOWS\System32\config [MD5.00000000000000000000000000000000] - |SD| - [16/07/2016 12:47:48] - [51.22 Ko] - C:\WINDOWS\System32\Configuration [MD5.62BBE3930B6526AE132BE0E0C491CC95] - |A| - [06/01/2017 09:06:03] - (.Copyright © Conexant Systems, Inc. 2009 - Copy Protection Notification DLL.) - [18.5 Ko] - (7.0.127.71) - C:\WINDOWS\System32\cpnotify.ax [MD5.82DF5576BDD96CE8DF5A06C0571EA463] - |A| - [04/06/2016 18:42:43] - (.-.) - [499.28 Ko] - (0.0.0.0) - C:\WINDOWS\System32\cp_resources.bin [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [292.5 Ko] - C:\WINDOWS\System32\cs-CZ [MD5.CB76541EFC77B14591412821DE1322BF] - |A| - [15/11/2016 12:18:42] - (.©Conexant Systems Inc. - Conexant APO.) - [1580.34 Ko] - (1.65.0.0) - C:\WINDOWS\System32\CX64APO.dll [MD5.A709C9A2E8631C3B0D8C51102B421ABB] - |A| - [15/11/2016 12:18:42] - (.©Conexant Systems Inc. - Conexant MFX APO Proxy.) - [1493.3 Ko] - (1.2.0.0) - C:\WINDOWS\System32\CX64Proxy.dll [MD5.2B4C3D9F114EE40FEAD6A86395F2FC89] - |A| - [27/08/2016 09:08:09] - (.-.) - [5.47 Ko] - (0.0.0.0) - C:\WINDOWS\System32\cxapo.lncs [MD5.2619F745E44D4DF9D271657F7EE99F1B] - |A| - [27/08/2016 09:08:09] - (.-.) - [0.72 Ko] - (0.0.0.0) - C:\WINDOWS\System32\cxapo.prop [MD5.F0C7ECD36DA603493D943DDE0CB219F3] - |A| - [06/01/2017 09:06:03] - (.Copyright © Conexant Systems, Inc. 2008 - Conexant Polaris Property Pages.) - [31.5 Ko] - (7.0.127.71) - C:\WINDOWS\System32\CxPolaris.ax [MD5.FC31DD71D8B5C91D125A6155247210F7] - |A| - [06/01/2017 09:06:03] - (.Copyright ?Conexant Systems, Inc. 2009 - TV Ratings Components.) - [54.5 Ko] - (7.0.127.71) - C:\WINDOWS\System32\cxtvrate.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [288.5 Ko] - C:\WINDOWS\System32\da-DK [MD5.00000000000000000000000000000000] - |D| - [14/09/2016 11:04:20] - [11412.68 Ko] - C:\WINDOWS\System32\DAX2 [MD5.5D5D2F0902EDD7D4BB233BF4DCCB9195] - |A| - [04/09/2015 14:06:14] - (.©2006-2011, Nicomsoft Ltd. - WINI2C-DDC Library.) - [142.5 Ko] - (3.8.2.0) - C:\WINDOWS\System32\DDCHelper.dll [MD5.6637629AC368304B152F21730E51651A] - |A| - [04/09/2015 14:06:14] - (.©2006-2011, Nicomsoft Ltd. - WinI2C-DDC ActiveX Component.) - [122.5 Ko] - (3.8.2.0) - C:\WINDOWS\System32\DDCHelperX.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [177.63 Ko] - C:\WINDOWS\System32\DDFs [MD5.164FCDC88FA1E967873B2D1735B4593F] - |A| - [15/11/2016 12:18:42] - (.©2014 Dolby Laboratories. - Dolby Digital Plus API x86.) - [266.33 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPA64.dll [MD5.0F49A883569B642BCB84F051DD250745] - |A| - [15/11/2016 12:18:42] - (.©2014 Dolby Laboratories. - Dolby Digital Plus API x86.) - [303.15 Ko] - (7.6.7.2) - C:\WINDOWS\System32\DDPA64F3.dll [MD5.6A3427FED24A270D9D1E007A2C1EDC81] - |A| - [15/11/2016 12:18:42] - (.©2014 Dolby Laboratories. - Dolby Digital Plus COM DLL x86.) - [1919.74 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPD64A.dll [MD5.4369F8CFA774036FF15AC0C554239DFC] - |A| - [15/11/2016 12:18:42] - (.©2014 Dolby Laboratories. - Dolby Digital Plus COM DLL x86.) - [1913.68 Ko] - (7.6.7.2) - C:\WINDOWS\System32\DDPD64AF3.dll [MD5.1E35289EC4B6B2381F3DF4E7CA64D01E] - |A| - [15/11/2016 12:18:43] - (.©2014 Dolby Laboratories. - Dolby Digital Plus APO x86.) - [319.78 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPO64A.dll [MD5.09D8F2A16EF023AABD663720335867E5] - |A| - [15/11/2016 12:18:43] - (.©2014 Dolby Laboratories. - Dolby Digital Plus APO x86.) - [353.57 Ko] - (7.6.7.2) - C:\WINDOWS\System32\DDPO64AF3.dll [MD5.FDF947A7304A2808775A6B0F5666E75A] - |A| - [15/11/2016 12:18:43] - (.©2014 Dolby Laboratories. - Dolby DS1PC Control Panel x86.) - [6929.88 Ko] - (7.6.5.1) - C:\WINDOWS\System32\DDPP64A.dll [MD5.24B4D959F961B5C7B6B045FABFD84BC3] - |A| - [15/11/2016 12:18:43] - (.©2014 Dolby Laboratories. - Dolby DS1PC Control Panel x86.) - [6117.81 Ko] - (7.6.7.2) - C:\WINDOWS\System32\DDPP64AF3.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [324.5 Ko] - C:\WINDOWS\System32\de-DE [MD5.306B90493D00011EB635E161C6C024B8] - |A| - [16/07/2016 12:42:22] - (.-.) - [4128.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultHrtfs.bin [MD5.664AA698FC0106A2B075A641E8DC6302] - |A| - [16/07/2016 12:47:52] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultQuestions.json [MD5.46BBA24DEED94A68F244D5DBA4161948] - |A| - [30/07/2015 22:55:12] - (.-.) - [15.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DESKTOP-VRKVT78_Administrator_HistoryPrediction.bin [MD5.00000000000000000000000000000000] - |SD| - [16/07/2016 12:47:48] - [642 Ko] - C:\WINDOWS\System32\DiagSvcs [MD5.8B5F7B8C2EFE38CA571FBE24658DF11F] - |A| - [16/07/2016 12:42:36] - (.-.) - [90.16 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DiskSnapshot.conf [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 07:04:27] - [7611.09 Ko] - C:\WINDOWS\System32\Dism [MD5.17FBCE91AEBA666E5BC2423C8EB34E8B] - |A| - [06/10/2016 19:41:20] - (.-.) - [812.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplayAudiox64.cab [MD5.783C4D7FA9BE10828C6F4A3794ED078B] - |A| - [15/11/2016 12:18:43] - (.© 2016 Dolby Laboratories, Inc. - Dolby DAX2 APO Property Page.) - [1089.01 Ko] - (0.7.2.31) - C:\WINDOWS\System32\DolbyDAX2APOProp.dll [MD5.949AF1A6B908F2B45C9A514EB13BBC5D] - |A| - [15/11/2016 12:18:43] - (.© 2016 Dolby Laboratories, Inc. - Dolby DAX2 APO.) - [2381.88 Ko] - (0.7.2.31) - C:\WINDOWS\System32\DolbyDAX2APOv201.dll [MD5.BBEB124347DD749A0E1931EE56B0DCC1] - |A| - [15/11/2016 12:18:43] - (.© 2016 Dolby Laboratories, Inc. - Dolby DAX2 APO.) - [5216.17 Ko] - (0.7.2.31) - C:\WINDOWS\System32\DolbyDAX2APOv211.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 07:04:27] - [1116.16 Ko] - C:\WINDOWS\System32\downlevel [MD5.60E6C68CB0B797EDD0386A68526935A4] - |A| - [04/06/2016 18:42:43] - (.-.) - [0.91 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DPTopologyApp.exe.config [MD5.899E708E589C09700BFF1C73CB7D7002] - |A| - [04/06/2016 18:42:43] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DPTopologyAppv2_0.exe.config [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:24] - [114905.66 Ko] - C:\WINDOWS\System32\drivers [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 07:04:24] - [3339646.71 Ko] - C:\WINDOWS\System32\DriverStore [MD5.00000000000000000000000000000000] - |DC| - [04/09/2015 14:00:56] - [65.73 Ko] - C:\WINDOWS\System32\DRVSTORE [MD5.00000000000000000000000000000000] - |SD| - [16/07/2016 12:47:48] - [158 Ko] - C:\WINDOWS\System32\dsc [MD5.A315FA24BDE0CF4B2FE7D7CF1A056EF6] - |A| - [15/11/2016 12:18:43] - (.(c) DTS. - DTS Bass Enhancement COM DLL.) - [726.53 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSBassEnhancementDLL64.dll [MD5.D2640ED8821D8431C7608385CB83BE57] - |A| - [15/11/2016 12:18:43] - (.(c) DTS. - DTS Boost COM DLL.) - [1473.57 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSBoostDLL64.dll [MD5.F4670442570F896B6C8BC5A4C0EABEFA] - |A| - [15/11/2016 12:18:43] - (.(c) DTS. - DTS Gain Compensator COM DLL.) - [430.93 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSGainCompensatorDLL64.dll [MD5.0E8B1D3C8CBAB8A5C30382FF6D332193] - |A| - [15/11/2016 12:18:43] - (.(c) DTS. - DTS GFX APO.) - [247.95 Ko] - (1.0.0.3) - C:\WINDOWS\System32\DTSGFXAPO64.dll [MD5.B5BDC4BAD71DDB1D8098FEE30F2BAF64] - |A| - [15/11/2016 12:18:43] - (.(c) DTS. - DTS GFX APO.) - [246.95 Ko] - (1.0.0.3) - C:\WINDOWS\System32\DTSGFXAPONS64.dll [MD5.7EFAAF2A2CA9FFB8852ADACE592D07D6] - |A| - [15/11/2016 12:18:43] - (.(c) DTS. - DTS LFX APO.) - [247.91 Ko] - (1.0.0.3) - C:\WINDOWS\System32\DTSLFXAPO64.dll [MD5.14F98A9DEA74E217422AA7FFC1BD5442] - |A| - [15/11/2016 12:18:43] - (.(c) DTS. - DTS Limiter COM DLL.) - [434.96 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSLimiterDLL64.dll [MD5.5FA78CBFBD14A793E436AACF6F2CD815] - |A| - [15/11/2016 12:18:43] - (.(c) DTS. - DTS NEO:PC COM DLL.) - [492.49 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSNeoPCDLL64.dll [MD5.E107A293698DCD9FD17EC9E1A527B83C] - |A| - [15/11/2016 12:18:43] - (.(c) DTS. - DTS Surround Sensation Headphone COM DLL.) - [1553.77 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSS2HeadphoneDLL64.dll [MD5.4FD73ADCD15FFA0AB612F40F05AE6543] - |A| - [15/11/2016 12:18:43] - (.(c) DTS. - DTS Surround Sensation Speaker COM DLL.) - [1738.89 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSS2SpeakerDLL64.dll [MD5.D36FDB1FBC37319BCB7A6B907801071F] - |A| - [15/11/2016 12:18:43] - (.(c) DTS. - DTS Symmetry COM DLL.) - [710.39 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSSymmetryDLL64.dll [MD5.C06E9807FF4581E2F6B2794888BF7ED8] - |A| - [15/11/2016 12:18:43] - (.(c) DTS. - DTS GFX APO.) - [488.83 Ko] - (2.1.1.0) - C:\WINDOWS\System32\DTSU2PGFX64.dll [MD5.13EA582D81561E265F627B5B9BAD08EC] - |A| - [15/11/2016 12:18:43] - (.(c) DTS. - DTS LFX APO.) - [502.47 Ko] - (2.1.1.0) - C:\WINDOWS\System32\DTSU2PLFX64.dll [MD5.3AC7ED28574654A64443616486160BCB] - |A| - [15/11/2016 12:18:43] - (.(c) DTS. - DTS LFX APO.) - [418.2 Ko] - (2.1.1.0) - C:\WINDOWS\System32\DTSU2PREC64.dll [MD5.B4E1F95ECE10F3B814762F2861F23561] - |A| - [15/11/2016 12:18:43] - (.(c) DTS. - DTS Voice Clarity COM DLL.) - [691.71 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DTSVoiceClarityDLL64.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [320.5 Ko] - C:\WINDOWS\System32\el-GR [MD5.BDBB448D738B13DEB19EC15E4797C350] - |A| - [20/08/2016 18:21:13] - (.Copyright (C) 2012 - Message definitions for event logging (no code).) - [8.79 Ko] - (1.0.0.225) - C:\WINDOWS\System32\elevtmsg.dll [MD5.24367256D615119263946097026E4834] - |A| - [10/05/2016 14:27:21] - (.-.) - [22.66 Ko] - (0.0.0.0) - C:\WINDOWS\System32\emptyregdb.dat [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 23:40:09] - [0 Ko] - C:\WINDOWS\System32\en [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [236 Ko] - C:\WINDOWS\System32\en-GB [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [2236.1 Ko] - C:\WINDOWS\System32\en-US [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [313.5 Ko] - C:\WINDOWS\System32\es-ES [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [257.5 Ko] - C:\WINDOWS\System32\es-MX [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [232 Ko] - C:\WINDOWS\System32\et-EE [MD5.00000000000000000000000000000000] - |D| - [16/06/2015 13:45:41] - [154.5 Ko] - C:\WINDOWS\System32\EventProviders [MD5.265316132D439727998DCFFF09BAFFE8] - |A| - [14/09/2015 14:29:16] - (.-.) - [60.68 Ko] - (0.0.0.0) - C:\WINDOWS\System32\EvoluentSetup.log [MD5.8159960E8BA20F1C4A4EBCF0DAEC60E5] - |A| - [20/03/2016 08:56:10] - (.Copyright (C) SEIKO EPSON CORPORATION 2005-2010. - ECBTEGB AMD64.) - [82 Ko] - (3.3.0.0) - C:\WINDOWS\System32\E_32BCB1GE.DLL [MD5.56BF5337352CF984CB367D053C7B28E3] - |A| - [20/03/2016 08:56:12] - (.Copyright (C) SEIKO EPSON CORPORATION 2005-2014. - EPSON Bi-directional Monitor AMD64.) - [175.5 Ko] - (4.5.0.0) - C:\WINDOWS\System32\E_32LM1GE.DLL [MD5.BAC5074667751F72A9CE48CDC31BAC48] - |A| - [20/03/2016 08:56:18] - (.Copyright (C) 2007 SEIKO EPSON CORP. - E_GCINST.) - [10.5 Ko] - (1.0.0.6) - C:\WINDOWS\System32\E_GCINST.DLL [MD5.00000000000000000000000000000000] - |SD| - [16/07/2016 12:47:48] - [25882.16 Ko] - C:\WINDOWS\System32\F12 [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [292.5 Ko] - C:\WINDOWS\System32\fi-FI [MD5.A08B87CC51FB774ED45FDF4284B1974F] - |A| - [04/06/2016 18:42:43] - (.-.) - [626.49 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FilmModeDetection.wmv [MD5.BD9E768E24BAB255B4591F39CB423E73] - |A| - [31/07/2015 08:57:08] - (.- Microsoft® Forms DLL.) - [1607.66 Ko] - (16.0.4266.1001) - C:\WINDOWS\System32\FM20.DLL [MD5.A9BB252693AE466724F3BAEB34C6907D] - |A| - [31/07/2015 09:01:26] - (.- Microsoft® Forms International DLL.) - [31.2 Ko] - (16.0.4266.1001) - C:\WINDOWS\System32\FM20ENU.DLL [MD5.F1134D43C7FC7DC07A646F37FDDA099E] - |A| - [31/07/2015 09:18:02] - (.- Microsoft® Forms International DLL.) - [35.7 Ko] - (16.0.4266.1001) - C:\WINDOWS\System32\FM20FRA.DLL [MD5.720C5851F2D1896EFF3E872CD3884EB4] - |A| - [14/09/2016 11:03:39] - (.-.) - [4880.73 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 23:40:09] - [3393.5 Ko] - C:\WINDOWS\System32\fr [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [264 Ko] - C:\WINDOWS\System32\fr-CA [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [44499.75 Ko] - C:\WINDOWS\System32\fr-FR [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\System32\FxsTmp [MD5.D07F2281427BD098356EE74B6CB26B86] - |A| - [16/07/2016 12:42:12] - (.-.) - [89 Ko] - (0.0.0.0) - C:\WINDOWS\System32\gatherNetworkInfo.vbs [MD5.899E708E589C09700BFF1C73CB7D7002] - |A| - [04/06/2016 18:42:43] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Gfxv2_0.exe.config [MD5.60E6C68CB0B797EDD0386A68526935A4] - |A| - [04/06/2016 18:42:43] - (.-.) - [0.91 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Gfxv4_0.exe.config [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [14/09/2016 11:04:14] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GfxValDisplayLog.bin [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [0 Ko] - C:\WINDOWS\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [0 Ko] - C:\WINDOWS\System32\GroupPolicyUsers [MD5.6A8398DFE106B4535F9193B47EA5D906] - |A| - [15/11/2016 12:18:43] - (.(c) 2016 Harman. - Harman APO Interface.) - [150.75 Ko] - (1.2.0.0) - C:\WINDOWS\System32\HarmanAudioInterface.dll [MD5.18D67C77703FE9BEFC0C275423AF676F] - |A| - [05/09/2015 15:44:44] - (.(c) 2014 SafeNet, Inc. - Sentinel LDK License Manager Service.) - [4500.31 Ko] - (17.0.1.48248) - C:\WINDOWS\System32\hasplms.exe [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [259.5 Ko] - C:\WINDOWS\System32\he-IL [MD5.1D5280A6F121E3594395566133911DF1] - |A| - [15/11/2016 12:18:44] - (.© 2016 Dolby Laboratories, Inc. - Dolby DAX2 HiFi API.) - [364.01 Ko] - (0.7.2.60) - C:\WINDOWS\System32\HiFiDAX2API.dll [MD5.03483B52BBD5AA8AFB15775348523D45] - |A| - [15/11/2016 12:18:44] - (.© Harman. - Audio by Harman APO.) - [351.91 Ko] - (1.4.0.0) - C:\WINDOWS\System32\HMClariFi.dll [MD5.31C8D8F86E7285C24D14F78B7C60A25C] - |A| - [15/11/2016 12:18:44] - (.© Harman. - Audio by Harman APO.) - [186.46 Ko] - (1.4.0.0) - C:\WINDOWS\System32\HMEQ.dll [MD5.2DBD821611B55AE31A969827D7CF1457] - |A| - [15/11/2016 12:18:44] - (.© Harman. - Audio by Harman APO.) - [186.47 Ko] - (1.4.0.0) - C:\WINDOWS\System32\HMEQ_Voice.dll [MD5.F886827B42378A1429C08AFAA6AA9C2C] - |A| - [15/11/2016 12:18:44] - (.© Harman. - Audio by Harman APO.) - [199.07 Ko] - (1.4.0.0) - C:\WINDOWS\System32\HMHVS.dll [MD5.A39C1FD36BF15D8DA85E385537ED5469] - |A| - [15/11/2016 12:18:44] - (.© Harman. - Audio by Harman APO.) - [175.4 Ko] - (1.4.0.0) - C:\WINDOWS\System32\HMLimiter.dll [MD5.B9D52500B3618FA4CB2D3EC539464078] - |A| - [15/11/2016 12:18:44] - (.?Harman. - Audio by Harman APO UI.) - [406.75 Ko] - (1.4.0.0) - C:\WINDOWS\System32\HMUI.dll [MD5.2A571B7728F23E83A800527879105180] - |A| - [16/07/2016 12:42:04] - (.-.) - [44.17 Ko] - (0.0.0.0) - C:\WINDOWS\System32\hypervisor.mof [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [5.36 Ko] - C:\WINDOWS\System32\ias [MD5.1506232565284307F847FC5A3C3D8696] - |A| - [15/11/2016 12:18:44] - (.Copyright (c) 2016, ICEpower a/s - ICEpower ICEsound audio effects.) - [461.24 Ko] - (1.0.0.20) - C:\WINDOWS\System32\ICEsoundAPO64.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [36.27 Ko] - C:\WINDOWS\System32\icsxml [MD5.AB2D50B6F3C665B55C8E5A049D59E7CC] - |A| - [04/06/2016 18:42:44] - (.-.) - [5663.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\igdclbif.bin [MD5.B3979AF17AA452FACE505C8D328E8BF6] - |A| - [01/11/2016 23:06:02] - (.Copyright (C) 2012-2015 - MDF(CM) Runtime DX11 Dynamic Link Library.) - [178.67 Ko] - (5.0.0.1148) - C:\WINDOWS\System32\igfx11cmrt64.dll [MD5.5E4291111D0E2F1289ADE923FDB4DA01] - |A| - [01/11/2016 23:05:26] - (.Copyright (C) 2010 - 2015 - MDF(CM) JIT Dynamic Link Library.) - [1553.51 Ko] - (5.0.0.1148) - C:\WINDOWS\System32\igfxcmjit64.dll [MD5.067259B4850748ACB595CE43471C7260] - |A| - [01/11/2016 23:06:02] - (.Copyright (C) 2010 - 2015 - MDF(CM) Runtime Dynamic Link Library.) - [179.67 Ko] - (5.0.0.1148) - C:\WINDOWS\System32\igfxcmrt64.dll [MD5.E925CB495C54CC0FD20F8F78A7FB0CD3] - |A| - [01/11/2016 23:05:26] - (.-.) - [267.01 Ko] - (0.0.0.0) - C:\WINDOWS\System32\igfxCPL.cpl [MD5.1386B6E8656E831D311864E83901020C] - |A| - [01/11/2016 23:05:26] - (.-.) - [101.01 Ko] - (0.0.0.0) - C:\WINDOWS\System32\igfxCUIServicePS.dll [MD5.82AEB1D5D5D77C9063434710D37C132C] - |A| - [01/11/2016 23:05:26] - (.-.) - [82.51 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxDHLib.dll [MD5.CA1629EB57254EE55B4AF513526CAB3A] - |A| - [01/11/2016 23:05:26] - (.-.) - [93.01 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxDHLibv2_0.dll [MD5.851B28BA5D521C5F24BDAEFBD40AFAFD] - |A| - [01/11/2016 23:05:26] - (.-.) - [28.51 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxDILib.dll [MD5.67B914A36AB9A8BE822F3C5203BD3085] - |A| - [01/11/2016 23:05:26] - (.-.) - [28.51 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxDILibv2_0.dll [MD5.417515E302A043FF2249BBE2C6E5DE7A] - |A| - [01/11/2016 23:05:26] - (.-.) - [27.01 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxEMLib.dll [MD5.9C77F50D1972DDB9056022D99DB62946] - |A| - [01/11/2016 23:05:26] - (.-.) - [27.01 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxEMLibv2_0.dll [MD5.3E406C3DC3DFB8E489489199342FEB88] - |A| - [01/11/2016 23:05:26] - (.-.) - [22.01 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxLHMLib.dll [MD5.1BA2F014C584936A3E3D72BA5EE65436] - |A| - [01/11/2016 23:05:26] - (.-.) - [22.01 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxLHMLibv2_0.dll [MD5.9CA15001F1E70BD41BB8259F1700E23A] - |A| - [01/11/2016 23:05:26] - (.-.) - [1002.98 Ko] - (0.0.0.0) - C:\WINDOWS\System32\igfxSDK.exe [MD5.B68BFB194AD81A98B74588A28BC71806] - |A| - [01/11/2016 23:05:26] - (.-.) - [98.51 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxSDKLib.dll [MD5.240CF5B8950715986A71F13B3C83CE80] - |A| - [01/11/2016 23:05:26] - (.-.) - [109.01 Ko] - (1.0.0.0) - C:\WINDOWS\System32\igfxSDKLibv2_0.dll [MD5.F3E1B4D249B9E2E820870A3C1ED82AC8] - |A| - [01/11/2016 23:05:26] - (.-.) - [392.48 Ko] - (0.0.0.0) - C:\WINDOWS\System32\igfxTray.exe [MD5.6C0F36ABFE80433B352FA7748ED887BF] - |A| - [04/06/2016 18:42:45] - (.-.) - [2748 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxa64.cpa [MD5.0D3AF85E1F169395885151038ADE9317] - |A| - [04/06/2016 18:42:45] - (.-.) - [1.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxa64.vp [MD5.A0D0A10C8DA1B00A2EE378357F72BA90] - |A| - [04/06/2016 18:42:45] - (.-.) - [39.37 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxc64.vp [MD5.7B929507BB2C2A3FBD2956EC3515364C] - |A| - [04/06/2016 18:42:45] - (.-.) - [40.33 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxc64_dev.vp [MD5.1A8302994182D4FC003A71DC6D23EE81] - |A| - [04/06/2016 18:42:45] - (.-.) - [38.73 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxg64.vp [MD5.38FA402460982FE9A071BEC11C58B0D3] - |A| - [04/06/2016 18:42:45] - (.-.) - [38.87 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxg64_dev.vp [MD5.26526A63D35D8E4E19C46F920AAF48F2] - |A| - [04/06/2016 18:42:45] - (.-.) - [39.4 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxo64.vp [MD5.9CD97189D5A5E409BBEC1B28A8AFD428] - |A| - [04/06/2016 18:42:45] - (.-.) - [39.97 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxo64_dev.vp [MD5.5685FB155F24B60E2D6D9031B459828E] - |A| - [06/10/2016 19:42:04] - (.-.) - [4.75 Ko] - (0.0.0.0) - C:\WINDOWS\System32\iglhxs64.vp [MD5.8898B09A8D08E138F238224648DF0739] - |A| - [16/07/2016 12:42:35] - (.-.) - [170.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\IHDS.dll [MD5.3ED204C864E5CC3C78D3DBB707D102D1] - |A| - [04/06/2016 18:42:45] - (.-.) - [394.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ImageStabilization.wmv [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [25926.67 Ko] - C:\WINDOWS\System32\IME [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [5364.92 Ko] - C:\WINDOWS\System32\inetsrv [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [4803 Ko] - C:\WINDOWS\System32\InputMethod [MD5.0FBCAA4ECCD17513E4D3BFF3C86DF62E] - |A| - [01/11/2016 23:05:26] - (.Copyright (C) 2015 - IntelCpHDCPSvc Executable.) - [437.98 Ko] - (1.0.0.1) - C:\WINDOWS\System32\IntelCpHDCPSvc.exe [MD5.70C5F319699E6AF1C71F93429AA97768] - |A| - [01/11/2016 23:05:26] - (.Copyright © The Khronos Group Inc 2014 - OpenCL Client DLL.) - [97.51 Ko] - (2.0.2.0) - C:\WINDOWS\System32\Intel_OpenCL_ICD64.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\System32\Ipmi [MD5.5EA855B4A875E08AD93FF901B5D9E275] - |A| - [16/07/2016 12:42:09] - (.-.) - [226 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ism32k.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [318.5 Ko] - C:\WINDOWS\System32\it-IT [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [231.5 Ko] - C:\WINDOWS\System32\ja-jp [MD5.08CAE552302E934D4D56648138CDAAB1] - |A| - [15/11/2016 12:18:44] - (.© Knowles Electronics. - Knowles HD Audio APO.) - [603.7 Ko] - (4.1105.6000.53) - C:\WINDOWS\System32\KAAPORT64.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [229 Ko] - C:\WINDOWS\System32\ko-KR [MD5.050BC9351A3386458B696F8BCA78B27B] - |A| - [16/07/2016 12:42:22] - (.-.) - [145.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LargeRoom.bin [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [73.41 Ko] - C:\WINDOWS\System32\Licenses [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [6950.4 Ko] - C:\WINDOWS\System32\LogFiles [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [237 Ko] - C:\WINDOWS\System32\lt-LT [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [238.5 Ko] - C:\WINDOWS\System32\lv-LV [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [57789.73 Ko] - C:\WINDOWS\System32\Macromed [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [32.68 Ko] - C:\WINDOWS\System32\MailContactsCalendarSync [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:11] - [0 Ko] - C:\WINDOWS\System32\manifeststore [MD5.41485DABEF7B541B31078A799F789BE5] - |A| - [15/11/2016 12:18:44] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [322.82 Ko] - (2.2.9.0) - C:\WINDOWS\System32\MaxxAudioAPO20.dll [MD5.5394D30548287B0DDDA973D3E2C67D89] - |A| - [15/11/2016 12:18:44] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [662.29 Ko] - (3.6.0.0) - C:\WINDOWS\System32\MaxxAudioAPO30.dll [MD5.716742539EAB70FEE03ADFDF0E1E195F] - |A| - [15/11/2016 12:18:44] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [1138.84 Ko] - (4.5.8.0) - C:\WINDOWS\System32\MaxxAudioAPO4064.dll [MD5.A1E8CEF6484CCFBB838DBADE2F91C502] - |A| - [15/11/2016 12:18:44] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [1185.22 Ko] - (5.6.5.0) - C:\WINDOWS\System32\MaxxAudioAPO5064.dll [MD5.2352127D9CDA8EA150CEF3BC579DB9AD] - |A| - [15/11/2016 12:18:44] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [1389.58 Ko] - (6.1.17.0) - C:\WINDOWS\System32\MaxxAudioAPO6064.dll [MD5.BECA294ECF74F8E3A01606341E7EC140] - |A| - [15/11/2016 12:18:44] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [2758.89 Ko] - (7.0.10.0) - C:\WINDOWS\System32\MaxxAudioAPO7064.dll [MD5.C717A036CEE4C4FBDB8A2A35613CFDA4] - |A| - [15/11/2016 12:18:44] - (.Copyright (C) 2010-2013 - MaxxAudio APO Shell.) - [909.79 Ko] - (4.10.8.0) - C:\WINDOWS\System32\MaxxAudioAPOShell64.dll [MD5.86AB6FDD62471003C069C3A01CDD6E8D] - |A| - [15/11/2016 12:18:44] - (.© Waves Audio Ltd. - MaxxVoice APO.) - [16990.84 Ko] - (4.1.29.0) - C:\WINDOWS\System32\MaxxAudioCapture64.dll [MD5.A1AA856D9BC5B0769B9DB42E2AF3D48E] - |A| - [15/11/2016 12:18:44] - (.Copyright © 1996-2014 -.) - [2002.13 Ko] - (4.1.1.0) - C:\WINDOWS\System32\MaxxAudioEQ64.dll [MD5.84F518AFACCC46B95B344B3C67B805A7] - |A| - [15/11/2016 12:18:44] - (.Copyright © 1996-2013 -.) - [13727.79 Ko] - (4.4.10.0) - C:\WINDOWS\System32\MaxxAudioRealtek64.dll [MD5.D2009A98213A1765D21B649289DDFDC5] - |A| - [15/11/2016 12:18:44] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [22897.81 Ko] - (7.1.60.0) - C:\WINDOWS\System32\MaxxAudioRender64.dll [MD5.273246F54B446866B771C96F9229D0A5] - |A| - [15/11/2016 12:18:45] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [22995.66 Ko] - (7.1.60.0) - C:\WINDOWS\System32\MaxxAudioRenderAVX64.dll [MD5.AC5B776CC718572A5838F338D9CEEE85] - |A| - [15/11/2016 12:18:45] - (.© Waves Audio Ltd. - MaxxSpeech APO.) - [1303.11 Ko] - (1.1.4.0) - C:\WINDOWS\System32\MaxxSpeechAPO64.dll [MD5.9BBE1EC6C149E855ED153E35991B6581] - |A| - [15/11/2016 12:18:45] - (.© Waves Audio Ltd. - MaxxVoice APO.) - [976.43 Ko] - (2.6.2.0) - C:\WINDOWS\System32\MaxxVoiceAPO2064.dll [MD5.43E02DF90202C6AEB72C8EEE3EA4C970] - |A| - [15/11/2016 12:18:45] - (.© Waves Audio Ltd. - MaxxVoice APO.) - [12815.02 Ko] - (3.1.14.0) - C:\WINDOWS\System32\MaxxVoiceAPO3064.dll [MD5.84B87E46763B2307813A8AC16F136D09] - |A| - [15/11/2016 12:18:45] - (.© Waves Audio Ltd. - MaxxVoice APO.) - [12683.94 Ko] - (4.0.19.0) - C:\WINDOWS\System32\MaxxVoiceAPO4064.dll [MD5.FED1D95F6BBEC1F1A144F9362D129367] - |A| - [15/11/2016 12:18:45] - (.© Waves Audio Ltd. - MaxxVolumeSD APO.) - [661.79 Ko] - (3.6.0.0) - C:\WINDOWS\System32\MaxxVolumeSDAPO.dll [MD5.BC74BDA8DC53F722C2CA686071600AE2] - |A| - [16/07/2016 12:42:22] - (.-.) - [107.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediumRoom.bin [MD5.18403DE4979A328F21279DECB2E4298F] - |A| - [16/07/2016 12:43:08] - (.-.) - [3.32 Ko] - (0.0.0.0) - C:\WINDOWS\System32\msmqpub.mof [MD5.E0640DE5407EEE4C6E16D839243B71F9] - |A| - [16/07/2016 12:43:08] - (.-.) - [8.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\msmqtrc.mof [MD5.3ED9AC3EE11EE2C16E2E41F0DC4BAD42] - |A| - [16/07/2016 12:43:08] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\WINDOWS\System32\msmqtrcRemove.mof [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [19.15 Ko] - C:\WINDOWS\System32\MUI [MD5.EF8BC7D40F5B39400C1CBA9DEA18C426] - |A| - [15/11/2016 12:18:45] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO lfx dll.) - [5462.52 Ko] - (6.3.9600.17246) - C:\WINDOWS\System32\NAHIMICAPOlfx.dll [MD5.3F246573C6E2BE26FD0E51471ED0C25B] - |A| - [15/11/2016 12:18:45] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO Settings Communication Dll.) - [980.34 Ko] - (1.0.0.14866) - C:\WINDOWS\System32\NahimicAPONSControl.dll [MD5.7E247C0C5002F14CF09E299D44BBBF9F] - |A| - [15/11/2016 12:18:45] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO lfx dll.) - [5657.74 Ko] - (6.3.9600.17246) - C:\WINDOWS\System32\NAHIMICV2apo.dll [MD5.5453FCCC2976DBBAC6C94B7280082E89] - |A| - [15/11/2016 12:18:45] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO lfx dll.) - [6052.88 Ko] - (6.3.9600.17246) - C:\WINDOWS\System32\NAHIMICV3apo.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [283.5 Ko] - C:\WINDOWS\System32\nb-NO [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [640 Ko] - C:\WINDOWS\System32\NDF [MD5.09F2E76FFEBB219D88ADBA0B3F3C6C86] - |A| - [14/09/2016 11:03:41] - (.-.) - [39.42 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetSetupMig.log [MD5.C146E873B22C3B300B21A859FE66C27A] - |A| - [16/07/2016 12:42:12] - (.-.) - [21.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetTrace.PLA.Diagnostics.xml [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [68 Ko] - C:\WINDOWS\System32\networklist [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [303.5 Ko] - C:\WINDOWS\System32\nl-NL [MD5.00000000000000000000000000000000] - |SD| - [16/07/2016 12:47:48] - [16570.66 Ko] - C:\WINDOWS\System32\Nui [MD5.B71AD74A91E472CC8B283B8A7D2C9677] - |A| - [11/01/2017 11:20:18] - (.-.) - [0.65 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nv-vk64.json [MD5.163AD3B429613B592AF14718C1F2B985] - |A| - [14/09/2016 11:04:36] - (.-.) - [7460.56 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvcoproc.bin [MD5.08D89993FF325DB23635C77B36493F7E] - |A| - [02/08/2016 22:49:32] - (.-.) - [41.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvinfo.pb [MD5.021E0079914A0738E2C37DA245E319EA] - |A| - [15/06/2015 17:22:20] - (.-.) - [9.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvPerfProvider.man [MD5.F54598052A618ADC0231853D870A22BE] - |A| - [16/07/2016 12:47:53] - (.-.) - [15.06 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OEMDefaultAssociations.xml [MD5.2901049544FDF863362FABA2363EB647] - |A| - [16/07/2016 12:42:11] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\onlinesetup.cmd [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [12668.62 Ko] - C:\WINDOWS\System32\oobe [MD5.42D2360079B1DF3230024AE920737367] - |A| - [16/07/2016 12:42:22] - (.-.) - [45.81 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OutdoorAudioEnvironment.bin [MD5.D38B63783E1D64D0F4DAB4D9F4360AF9] - |A| - [27/05/2016 21:45:52] - (.-.) - [15.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PATRICK-PC_Administrateur_HistoryPrediction.bin [MD5.6070848A4A867BA50568728EECD95922] - |A| - [16/07/2016 12:49:31] - (.-.) - [436.13 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc009.dat [MD5.51F30F6A188FEB65702B72B0136E8173] - |A| - [16/07/2016 23:40:24] - (.-.) - [423.17 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc00C.dat [MD5.32BC2E0CC95E2DCEE25B15BFB82D07B8] - |A| - [16/07/2016 12:49:35] - (.-.) - [32.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd009.dat [MD5.AA180E09E4990FF71FBEAC8C4455CF47] - |A| - [16/07/2016 23:40:24] - (.-.) - [39.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd00C.dat [MD5.33C16B7C28F561D036DCAFB8277C931B] - |A| - [16/07/2016 12:49:31] - (.-.) - [1091.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh009.dat [MD5.64FB9825DB47E96531297B08F30C5C4F] - |A| - [16/07/2016 23:40:24] - (.-.) - [1609.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh00C.dat [MD5.3DAB03F7F08DB63321B5C46CF663A699] - |A| - [14/09/2016 11:05:14] - (.-.) - [3601.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [301.5 Ko] - C:\WINDOWS\System32\pl-PL [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [560 Ko] - C:\WINDOWS\System32\PointOfService [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 23:40:10] - [420.42 Ko] - C:\WINDOWS\System32\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\System32\ProximityToast [MD5.007893E8374C766471239EB291BA8C17] - |A| - [16/07/2016 12:42:31] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\psmodulediscoveryprovider.mof [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [303.5 Ko] - C:\WINDOWS\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [299 Ko] - C:\WINDOWS\System32\pt-PT [MD5.3AE8B709AD112E3015AD5C97A152CA73] - |A| - [15/11/2016 12:18:46] - (.©2012 Dolby Laboratories. - Dolby PCEE4 ASL Analog x64.) - [131.05 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEA64A.dll [MD5.79C09C04795AF22ECC24E5E0489E4D1B] - |A| - [15/11/2016 12:18:46] - (.©2012 Dolby Laboratories. - Dolby PCEE4 COM DLL x64.) - [437.23 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EED64A.dll [MD5.04DCECADDF38504B6B843B0BF7662219] - |A| - [15/11/2016 12:18:46] - (.©2012 Dolby Laboratories. - Dolby PCEE4 GFX APO x64.) - [82.63 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEG64A.dll [MD5.A74E68E14B7FF28B22275BF3D9ABF432] - |A| - [15/11/2016 12:18:46] - (.©2012 Dolby Laboratories. - Dolby PCEE4 LFX APO x64.) - [148.23 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEL64A.dll [MD5.82F9335B2E9D9654AC65D03CCE2EC95B] - |A| - [15/11/2016 12:18:46] - (.©2012 Dolby Laboratories. - Dolby PCEE4 Control Panel x64.) - [7004.8 Ko] - (7.2.8000.17) - C:\WINDOWS\System32\R4EEP64A.dll [MD5.3C907D5DC3AAA611A5B6C3C779462033] - |A| - [14/08/2016 14:28:49] - (.Copyright (C) Qualitative Software [QSoft] - RAMDisk Installer / Propertypage (x64).) - [87.5 Ko] - (5.3.2.15) - C:\WINDOWS\System32\RAMDriv.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [23.75 Ko] - C:\WINDOWS\System32\ras [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\System32\RasToast [MD5.E713275BCE55BBE5B7E4B37D482C66F7] - |A| - [12/04/2016 06:20:52] - (.Copyright © 2014 Razer Inc. All rights reserved - RazerCoinstaller.) - [93.16 Ko] - (0.0.0.5) - C:\WINDOWS\System32\RazerCoinstaller.dll [MD5.692DC6EF573FFCDD9DFB55D1C783DB93] - |A| - [16/07/2016 12:42:04] - (.-.) - [0.16 Ko] - (0.0.0.0) - C:\WINDOWS\System32\removehypervisor.mof [MD5.D67CDB8D2584AAC165A77488C5A7A987] - |A| - [16/07/2016 12:42:37] - (.-.) - [8.92 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriHMImageList [MD5.4FE9CE56EFA89779D81B988698D2454C] - |A| - [16/07/2016 12:42:37] - (.-.) - [8.4 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriImageList [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0.07 Ko] - C:\WINDOWS\System32\restore [MD5.BDAA7990C1830F7DE47C4A788E43A9A0] - |A| - [05/09/2015 15:24:29] - (.-.) - [19.26 Ko] - (0.0.0.0) - C:\WINDOWS\System32\results.xml [MD5.23CA638CA304B2B2F738B0F1E5D65955] - |A| - [15/11/2016 12:18:46] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x64.) - [314.18 Ko] - (6.0.6001.18) - C:\WINDOWS\System32\RP3DAA64.dll [MD5.BB671941C11699C1D107ACC3417B9B93] - |A| - [15/11/2016 12:18:46] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x64.) - [314.18 Ko] - (6.0.6001.18) - C:\WINDOWS\System32\RP3DHT64.dll [MD5.358C6A17F3CB9A3774210BC5B6B28926] - |A| - [10/05/2016 14:33:01] - (.Copyright (C) 2014 - RtCRX.) - [89.72 Ko] - (1.11.9600.0) - C:\WINDOWS\System32\RtCRX64.dll [MD5.FC2BD71840AA991D61CF790EE4AA4FF6] - |A| - [15/11/2016 12:18:46] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x64.) - [209.8 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEED64A.dll [MD5.7E223849711574ACE29B134449A4CB59] - |A| - [15/11/2016 12:18:46] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x64.) - [86.28 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEG64A.dll [MD5.136CC9871F0DD12416EBF70AADCA7B2C] - |A| - [15/11/2016 12:18:46] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x64.) - [108.38 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEL64A.dll [MD5.AA035E0F13B38416897ED8953E1FA197] - |A| - [15/11/2016 12:18:46] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x64.) - [378.24 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEP64A.dll [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [16/07/2016 12:43:50] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScavengeSpace.xml [MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |A| - [16/07/2016 12:42:34] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\settings.dat [MD5.825FB83FA47B3539D0F5698EDC51A582] - |A| - [15/11/2016 12:18:47] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFAPO.DLL.) - [86.26 Ko] - (3.0.0.16) - C:\WINDOWS\System32\SFAPO64.dll [MD5.BA091C27F20491FDC018C3240AE66A36] - |A| - [15/11/2016 12:18:47] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFCOM.DLL.) - [88.79 Ko] - (3.0.0.16) - C:\WINDOWS\System32\SFCOM64.dll [MD5.64D12285E4D85A19AC20556B5A83A500] - |A| - [15/11/2016 12:18:47] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFNHK.DLL.) - [226.48 Ko] - (3.0.0.16) - C:\WINDOWS\System32\SFNHK64.dll [MD5.BA8FEB654C20714275F890730296DAA5] - |A| - [21/02/2011 22:17:34] - (.-.) - [4.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SilverEfexPro2FC64.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [245 Ko] - C:\WINDOWS\System32\sk-SK [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [240.5 Ko] - C:\WINDOWS\System32\sl-SI [MD5.A49E9AE8F95E937EDC6B8E12B7FF4833] - |A| - [15/11/2016 12:18:47] - (.Copyright (C) 2016 DTS, Inc. - DTS Universal APO DLL.) - [1017.33 Ko] - (3.5.12.0) - C:\WINDOWS\System32\sl3apo64.dll [MD5.3EAA39D3AAE36E71099B4F2F3158A22B] - |A| - [15/11/2016 12:18:47] - (.Copyright (C) 2016 DTS, Inc. - DTS APO Controller DLL.) - [2152.1 Ko] - (3.5.12.0) - C:\WINDOWS\System32\slcnt64.dll [MD5.00000000000000000000000000000000] - |D| - [14/09/2016 11:03:41] - [12119.65 Ko] - C:\WINDOWS\System32\SleepStudy [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 23:40:10] - [52.14 Ko] - C:\WINDOWS\System32\slmgr [MD5.D23EFC819BD8218A8170B5B793F82595] - |A| - [15/11/2016 12:18:47] - (.TODO: (c) . - TODO: .) - [252.8 Ko] - (1.0.0.1) - C:\WINDOWS\System32\slprp64.dll [MD5.C4ACB6B865E753A88BF75B1FBD0F7F5F] - |A| - [15/11/2016 12:18:47] - (.Copyright (C) 2016 DTS, Inc. - DTS APO Technology DLL.) - [2643.42 Ko] - (3.5.12.0) - C:\WINDOWS\System32\sltech64.dll [MD5.1C6F12AA3D178A0A953E8005B3CD4CDE] - |A| - [16/07/2016 12:42:22] - (.-.) - [68.14 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SmallRoom.bin [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 07:04:24] - [13393.02 Ko] - C:\WINDOWS\System32\SMI [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [7600.34 Ko] - C:\WINDOWS\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [7957.64 Ko] - C:\WINDOWS\System32\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [149300.41 Ko] - C:\WINDOWS\System32\spool [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [7759.3 Ko] - C:\WINDOWS\System32\spp [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [31.88 Ko] - C:\WINDOWS\System32\sppui [MD5.00000000000000000000000000000000] - |D| - [16/06/2015 15:46:52] - [1775.5 Ko] - C:\WINDOWS\System32\SPReview [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [243.5 Ko] - C:\WINDOWS\System32\sr-Latn-CS [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [244 Ko] - C:\WINDOWS\System32\sr-Latn-RS [MD5.761C085F3C34438974D67EC415F2CFB6] - |A| - [15/11/2016 12:18:47] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRAPO.DLL.) - [456.22 Ko] - (4.0.0.59) - C:\WINDOWS\System32\SRAPO64.dll [MD5.C214C625A2758CC727A056D6D6664454] - |A| - [15/11/2016 12:18:47] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [333.16 Ko] - (4.0.0.59) - C:\WINDOWS\System32\SRCOM.dll [MD5.4A22B991251D8F21A082201EEC183215] - |A| - [15/11/2016 12:18:47] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [372.48 Ko] - (4.0.0.59) - C:\WINDOWS\System32\SRCOM64.dll [MD5.C1AA14DBA23EB5AE5044727DF182FE5C] - |A| - [16/07/2016 12:42:16] - (.-.) - [54.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms.dat [MD5.FE03D706EC1F5BA536E9F78AEEBC6D19] - |A| - [15/11/2016 12:18:47] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRRPTR.DLL.) - [1401.51 Ko] - (4.0.0.59) - C:\WINDOWS\System32\SRRPTR64.dll [MD5.C7E873DC6DCABFBD2E52906167130789] - |A| - [15/11/2016 12:18:47] - (.(c) 2007 SRS Labs, Inc. - COM object implementing SRS Headphone 360.) - [204.63 Ko] - (1.1.0.0) - C:\WINDOWS\System32\SRSHP64.dll [MD5.AE8898C856BBBB52223998386D96109D] - |A| - [15/11/2016 12:18:47] - (.Copyright (c) 2006 SRS Labs, Inc.. - TruSurround HD and HD4 COM object for Windows.) - [216.77 Ko] - (1.1.4.0) - C:\WINDOWS\System32\SRSTSH64.dll [MD5.E673B6582B7133B788712A65C1FE8919] - |A| - [15/11/2016 12:18:47] - (.Copyright 2002 SRS Labs, Inc. - TruSurroundXT Module.) - [519.91 Ko] - (3.2.0.0) - C:\WINDOWS\System32\SRSTSX64.dll [MD5.21F2E9F93D7F88983C16D7B7A60B554E] - |A| - [15/11/2016 12:18:47] - (.(c) 2006 SRS Labs, Inc. - WOW HD COM object for Windows.) - [162.31 Ko] - (1.1.3.0) - C:\WINDOWS\System32\SRSWOW64.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [18264 Ko] - C:\WINDOWS\System32\sru [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [289 Ko] - C:\WINDOWS\System32\sv-SE [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 07:04:27] - [1624.9 Ko] - C:\WINDOWS\System32\Sysprep [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [913.28 Ko] - C:\WINDOWS\System32\SystemResetPlatform [MD5.D602CA245CC6774A0981B607F0675609] - |A| - [16/07/2016 12:42:39] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\tcpmon.ini [MD5.D79CFFB18F28D4586E09EF7BAC10CD17] - |A| - [15/11/2016 12:18:47] - (.Copyright © 2016 Toshiba Client Solutions Co., Ltd. - TOSHIBA Audio Source Filtering APO.) - [939.58 Ko] - (2.1.0.0) - C:\WINDOWS\System32\tosasfapo64.dll [MD5.C1593C87B64F7F863DB2A8174A7A5D24] - |A| - [15/11/2016 12:18:47] - (.Copyright © 2016 Toshiba Client Solutions Co., Ltd. - TOSHIBA Earphone Audio Enhancement APO.) - [436.7 Ko] - (2.1.0.0) - C:\WINDOWS\System32\toseaeapo64.dll [MD5.AF242BE236E8529FEE4E372BD9C7D271] - |A| - [15/11/2016 12:18:47] - (.Copyright © 2016 Toshiba Client Solutions Co., Ltd. - TOSHIBA Speaker Audio Enhancement APO.) - [1306.3 Ko] - (2.1.1.0) - C:\WINDOWS\System32\tossaeapo64.dll [MD5.1DE21071793B3F7F5DB4B409B9F278C6] - |A| - [15/11/2016 12:18:47] - (.Copyright © 2016 Toshiba Client Solutions Co., Ltd. - TOSHIBA Speaker Audio Enhancement Maximizer.) - [587.06 Ko] - (1.1.1.1) - C:\WINDOWS\System32\tossaemaxapo64.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [285 Ko] - C:\WINDOWS\System32\tr-TR [MD5.C8F2952DAE3971614DBD0C509F35BE93] - |A| - [16/07/2016 12:42:38] - (.-.) - [10.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlan.xslt [MD5.2F05390B798363D51EBE65D6320CD45E] - |A| - [16/07/2016 12:42:38] - (.-.) - [1.65 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlanCredentials.xslt [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [240 Ko] - C:\WINDOWS\System32\uk-UA [MD5.00000000000000000000000000000000] - |D| - [10/05/2016 17:26:51] - [15846.69 Ko] - C:\WINDOWS\System32\vbox [MD5.E7482D1D449217C8641762F5C38E157C] - |A| - [16/07/2016 12:42:12] - (.-.) - [9.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\VpnSohDesktop.dll [MD5.8140DA331F52518CC5FF25E69093BC5C] - |A| - [09/09/2016 19:25:10] - (.Copyright (C) 2015-2016 - Vulkan Loader.) - [255.78 Ko] - (1.0.26.0) - C:\WINDOWS\System32\vulkan-1-1-0-26-0.dll [MD5.8140DA331F52518CC5FF25E69093BC5C] - |A| - [11/01/2017 11:21:34] - (.Copyright (C) 2015-2016 - Vulkan Loader.) - [255.78 Ko] - (1.0.26.0) - C:\WINDOWS\System32\vulkan-1.dll [MD5.61DA784EB8C8E133EB3BB4AFBDD66758] - |A| - [09/09/2016 19:24:38] - (.-.) - [122.28 Ko] - (0.0.0.0) - C:\WINDOWS\System32\vulkaninfo-1-1-0-26-0.exe [MD5.61DA784EB8C8E133EB3BB4AFBDD66758] - |A| - [11/01/2017 11:21:34] - (.-.) - [122.28 Ko] - (0.0.0.0) - C:\WINDOWS\System32\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [17/06/2015 13:54:41] - [0 Ko] - C:\WINDOWS\System32\Wat [MD5.65DDED3CFAE96EEAC389DB80F36F783A] - |A| - [15/11/2016 12:18:47] - (.Copyright © 1996-2012 - General Library for Plug-Ins.) - [2061.13 Ko] - (4.4.5.0) - C:\WINDOWS\System32\WavesGUILib64.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [88727.54 Ko] - C:\WINDOWS\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 23:40:10] - [0 Ko] - C:\WINDOWS\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [128520.44 Ko] - C:\WINDOWS\System32\WDI [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [16/07/2016 12:42:11] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WdsUnattendTemplate.xml [MD5.00000000000000000000000000000000] - |D| - [30/07/2015 23:42:06] - [0 Ko] - C:\WINDOWS\System32\wfp [MD5.39B36FC36B577FDD2CDCDDD1C6D1D422] - |A| - [10/09/2015 06:57:04] - (.-.) - [15.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WIN-TVAQ5U78ATO_Administrator_HistoryPrediction.bin [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [1.1 Ko] - C:\WINDOWS\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [42585.77 Ko] - C:\WINDOWS\System32\WinBioPlugIns [MD5.3C9508C3B515FDB5762DF5862C864301] - |A| - [23/02/2016 06:31:56] - (.Copyright © 2016 - Java(TM) Platform SE binary.) - [107.56 Ko] - (8.0.1210.13) - C:\WINDOWS\System32\WindowsAccessBridge-64.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [8726.76 Ko] - C:\WINDOWS\System32\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [157840 Ko] - C:\WINDOWS\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [4228.5 Ko] - C:\WINDOWS\System32\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 23:40:11] - [107.53 Ko] - C:\WINDOWS\System32\winrm [MD5.C30C621748C66CE751B19B2788559A3E] - |A| - [16/07/2016 12:42:35] - (.-.) - [4.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpcmon.png [MD5.B6B479B04C64AF5EF36C24EBDF278302] - |A| - [16/07/2016 12:42:27] - (.-.) - [0.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpr.config.xml [MD5.A8FF606EF35BEEE0481C575600531CC6] - |A| - [06/01/2017 09:06:03] - (.Copyright ?Conexant Systems, Inc. 2009 - Conexant Y8 Color Converter.) - [40.5 Ko] - (7.0.127.71) - C:\WINDOWS\System32\y8cnvt.ax [MD5.5C5A797761421CF9B72087F3BC8A5259] - |A| - [14/09/2016 11:04:14] - (.-.) - [0.18 Ko] - (0.0.0.0) - C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat [MD5.1373F6562D5E4C715D5D3583E350093E] - |A| - [14/09/2016 11:04:14] - (.-.) - [0.2 Ko] - (0.0.0.0) - C:\WINDOWS\System32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 23:40:11] - [0 Ko] - C:\WINDOWS\SysWOW64\0409 [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 16:24:07] - [0 Ko] - C:\WINDOWS\SysWOW64\040C [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [16/07/2016 12:43:00] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@AudioToastIcon.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [16/07/2016 12:43:02] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@EnrollmentToastIcon.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [16/07/2016 12:43:02] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@VpnToastIcon.png [MD5.00000000000000000000000000000000] - |AD| - [06/09/2015 14:42:10] - [37829.25 Ko] - C:\WINDOWS\SysWOW64\Adobe [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 07:04:30] - [2141.84 Ko] - C:\WINDOWS\SysWOW64\AdvancedInstallers [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\AppLocker [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [250 Ko] - C:\WINDOWS\SysWOW64\ar-SA [MD5.00000000000000000000000000000000] - |D| - [14/09/2016 11:57:28] - [12.62 Ko] - C:\WINDOWS\SysWOW64\BestPractices [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [222 Ko] - C:\WINDOWS\SysWOW64\bg-BG [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0.93 Ko] - C:\WINDOWS\SysWOW64\Bthprops [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\catroot [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [0 Ko] - C:\WINDOWS\SysWOW64\catroot2 [MD5.2B06FD3665AADB226C28B7F7AA5A3234] - |A| - [22/09/2011 17:31:04] - (.-.) - [318.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ColorEfexPro4FC32.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [318 Ko] - C:\WINDOWS\SysWOW64\Com [MD5.3EA892217B9790A53FF5390FAB9D7243] - |A| - [04/09/2015 14:06:12] - (.©2006-2011, Nicomsoft Ltd. - WINI2C-DDC Library.) - [128.5 Ko] - (3.8.2.0) - C:\WINDOWS\SysWOW64\DDCHelper.dll [MD5.F12FE8652F832319F8B28AC55A931BD1] - |A| - [04/09/2015 14:06:12] - (.©2006-2011, Nicomsoft Ltd. - WinI2C-DDC ActiveX Component.) - [105.5 Ko] - (3.8.2.0) - C:\WINDOWS\SysWOW64\DDCHelperX.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [298.5 Ko] - C:\WINDOWS\SysWOW64\de-DE [MD5.6BC61A0BB8AEA30DBD624759B259BB03] - |A| - [21/12/2015 21:06:44] - (.-.) - [0.42 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\debug.log [MD5.BDB9F0DF247BE0CCDB533BF8927EACCC] - |A| - [14/07/2015 15:44:49] - (.Copyright © 2004 - Java(TM) Platform SE binary.) - [401.73 Ko] - (6.0.160.1) - C:\WINDOWS\SysWOW64\deploytk.dll [MD5.00000000000000000000000000000000] - |SD| - [16/07/2016 12:47:48] - [19 Ko] - C:\WINDOWS\SysWOW64\DiagSvcs [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 07:04:27] - [6040.05 Ko] - C:\WINDOWS\SysWOW64\Dism [MD5.180EDFE630904668A866A7A8D7518AB6] - |A| - [02/01/2017 15:17:41] - (.© PoINT Software & Systems GmbH 1994-2007 - API of PoINT CD/DVD Audio/Video SDK.) - [629.28 Ko] - (6.2.0.160) - C:\WINDOWS\SysWOW64\DLLAV32.dll [MD5.B542E1BBB193304986A2782E96919D3C] - |A| - [02/01/2017 15:17:41] - (.-.) - [13.85 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\DLLAV32.lib [MD5.3CF5D6F462D385BF3A26BA60A0459F67] - |A| - [02/01/2017 15:17:41] - (.© PoINT Software & Systems GmbH 1994-2002 - API of PoINT CDarchive.) - [112 Ko] - (3.3.0.70) - C:\WINDOWS\SysWOW64\DLLCDA32.dll [MD5.435EBFA51632D4ACC7368F751597A86C] - |A| - [02/01/2017 15:17:41] - (.Copyright © PoINT Software & Systems GmbH 1994-2002 - PoINT Shared DLL.) - [60 Ko] - (3.0.0.24) - C:\WINDOWS\SysWOW64\DLLCDF32.dll [MD5.BE6B52608DA58CAE398B1CBF7D2380E4] - |A| - [02/01/2017 15:17:41] - (.© PoINT Software & Systems GmbH 1994-2007 - PoINT Shared DLL.) - [109.28 Ko] - (3.9.0.146) - C:\WINDOWS\SysWOW64\DLLCPY32.dll [MD5.C8EE8C3455817D2CC88F33FAF588D382] - |A| - [02/01/2017 15:17:41] - (.© PoINT Software & Systems GmbH 1994-2007 - PoINT Shared DLL.) - [169.28 Ko] - (3.8.0.278) - C:\WINDOWS\SysWOW64\DLLDEV32.dll [MD5.17E3BC36DC616FB18366004AA75FBB84] - |A| - [02/01/2017 15:15:01] - (.-.) - [117.38 Ko] - (3.7.0.12) - C:\WINDOWS\SysWOW64\DLLDEV32i.dll [MD5.9B108B6A630027763CD9EB28AB06992B] - |A| - [02/01/2017 15:17:41] - (.© PoINT Software & Systems GmbH 1994-2001 - PoINT Shared DLL.) - [32 Ko] - (3.0.0.10) - C:\WINDOWS\SysWOW64\DLLDIR32.dll [MD5.59594E0F16F45828E9DD97B2664087F2] - |A| - [02/01/2017 15:17:41] - (.© PoINT Software & Systems GmbH 1994-2007 - PoINT Shared DLL.) - [157.28 Ko] - (3.8.0.348) - C:\WINDOWS\SysWOW64\DLLDRV32.dll [MD5.1903B46D93ED6E1ED5A41954FA21870F] - |A| - [02/01/2017 15:17:41] - (.Copyright © PoINT Software & Systems GmbH 1994-2001 - PoINT Shared DLL.) - [44 Ko] - (3.0.0.10) - C:\WINDOWS\SysWOW64\DLLIMG32.dll [MD5.A8BF76E829A919AC4006098E9A43BAC3] - |A| - [02/01/2017 15:17:41] - (.© PoINT Software & Systems GmbH 1994-2007 - PoINT Shared DLL.) - [57.28 Ko] - (3.1.0.93) - C:\WINDOWS\SysWOW64\DLLIO32.dll [MD5.D41CD97D3A7B3DAF632C9335710162A0] - |A| - [02/01/2017 15:17:41] - (.Copyright © PoINT Software & Systems GmbH 1994-2002 - PoINT Shared DLL.) - [32 Ko] - (3.0.0.11) - C:\WINDOWS\SysWOW64\DLLISO32.dll [MD5.82D1CAC671A80EB542B4428F072D7548] - |A| - [02/01/2017 15:17:41] - (.© PoINT Software & Systems GmbH 1995-2000 - PoINT Shared DLL.) - [24 Ko] - (3.0.0.7) - C:\WINDOWS\SysWOW64\DLLIX.dll [MD5.69C3A42D62622DC14200D2F0531B7171] - |A| - [02/01/2017 15:17:41] - (.© PoINT Software & Systems GmbH 1995-2000 - PoINT Shared DLL.) - [32 Ko] - (3.0.0.11) - C:\WINDOWS\SysWOW64\DLLMSC32.dll [MD5.FC726371307828FFA96E97F613BEA391] - |A| - [02/01/2017 15:17:41] - (.Copyright © PoINT Software & Systems GmbH 1994-2007 - PoINT Shared DLL.) - [41.28 Ko] - (3.1.0.49) - C:\WINDOWS\SysWOW64\DLLPNT32.dll [MD5.F43884C4558E91F68C72CE404AD43D18] - |A| - [02/01/2017 15:17:41] - (.© PoINT Software & Systems GmbH 1994-2005 - PoINT Shared DLL.) - [53.28 Ko] - (3.1.0.38) - C:\WINDOWS\SysWOW64\DLLPRF32.dll [MD5.B4455EF6F773C790ECBAAD93F719C1FE] - |A| - [02/01/2017 15:17:41] - (.Copyright © PoINT Software & Systems GmbH 1994-2001 - PoINT Shared DLL.) - [52 Ko] - (3.0.0.17) - C:\WINDOWS\SysWOW64\DLLPRJ32.dll [MD5.BE5E9E3646D1EC21B9CD75895FE90B36] - |A| - [02/01/2017 15:17:41] - (.Copyright © PoINT Software & Systems GmbH 1994-2002 - PoINT Shared DLL.) - [64 Ko] - (3.0.0.23) - C:\WINDOWS\SysWOW64\DLLPTL32.dll [MD5.8EF0C1253D47A158D3023F1292A5E293] - |A| - [02/01/2017 15:17:41] - (.© PoINT Software & Systems GmbH 1994-2003 - PoINT CDread API.) - [40 Ko] - (2.1.0.104) - C:\WINDOWS\SysWOW64\DLLRD32.dll [MD5.BBACF0E0B1896ACE72AD125D67B2FB96] - |A| - [02/01/2017 15:17:41] - (.PoINT Software & Systems GmbH 1994-2007 - PoINT Shared DLL.) - [197.28 Ko] - (3.1.0.157) - C:\WINDOWS\SysWOW64\DLLRES32.dll [MD5.B2BCA1AAACFD7C7656F58ECF5C6569AC] - |A| - [02/01/2017 15:17:41] - (.Copyright © PoINT Software & Systems GmbH 1994-2002 - PoINT Shared DLL.) - [56 Ko] - (3.1.0.31) - C:\WINDOWS\SysWOW64\DLLTPO32.dll [MD5.42CB7D7E0BAB9F9BDD41A907D3FD4198] - |A| - [27/08/2015 14:49:00] - (.-.) - [27.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\dokan.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 07:04:27] - [1068.16 Ko] - C:\WINDOWS\SysWOW64\downlevel [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [3426.43 Ko] - C:\WINDOWS\SysWOW64\drivers [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\DriverStore [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [293 Ko] - C:\WINDOWS\SysWOW64\el-GR [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 23:40:11] - [0 Ko] - C:\WINDOWS\SysWOW64\en [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [213 Ko] - C:\WINDOWS\SysWOW64\en-GB [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [1585.1 Ko] - C:\WINDOWS\SysWOW64\en-US [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [287.5 Ko] - C:\WINDOWS\SysWOW64\es-ES [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [231.5 Ko] - C:\WINDOWS\SysWOW64\es-MX [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [209 Ko] - C:\WINDOWS\SysWOW64\et-EE [MD5.00000000000000000000000000000000] - |SD| - [16/07/2016 12:47:48] - [21671.66 Ko] - C:\WINDOWS\SysWOW64\F12 [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [267.5 Ko] - C:\WINDOWS\SysWOW64\fi-FI [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 23:40:11] - [3140 Ko] - C:\WINDOWS\SysWOW64\fr [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [237 Ko] - C:\WINDOWS\SysWOW64\fr-CA [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [36981.23 Ko] - C:\WINDOWS\SysWOW64\fr-FR [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\FxsTmp [MD5.C425A29BA3D244DECBC3EBEC13E4A738] - |A| - [25/01/2016 19:23:36] - (.-.) - [133.57 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\generic_uninstaller.log [MD5.D7251273FEE018809783507220141A30] - |A| - [15/06/2015 15:12:52] - (.-.) - [80.77 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gms.log [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [238.5 Ko] - C:\WINDOWS\SysWOW64\he-IL [MD5.82C0B766817676C6EC2B4A4AFBD48EDC] - |A| - [05/09/2015 15:44:38] - (.Copyright (c) 1985-2005 Aladdin Knowledge Systems Ltd. - Aladdin Hardlock Win32 DLL.) - [193.45 Ko] - (2.21.1.1) - C:\WINDOWS\SysWOW64\hlvdd.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [217 Ko] - C:\WINDOWS\SysWOW64\hr-HR [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [270.5 Ko] - C:\WINDOWS\SysWOW64\hu-HU [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [36.27 Ko] - C:\WINDOWS\SysWOW64\icsxml [MD5.54C507A129B315CA9F9FF459D8343A38] - |A| - [14/09/2015 13:59:37] - (.-.) - [2.71 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\InstallUtil.InstallLog [MD5.17751FA352996D900314F6F7B79E27F7] - |A| - [01/11/2016 23:05:26] - (.Copyright © The Khronos Group Inc 2014 - OpenCL Client DLL.) - [101.52 Ko] - (2.0.2.0) - C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\Ipmi [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [293 Ko] - C:\WINDOWS\SysWOW64\it-IT [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [20/08/2016 05:42:43] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\last.dump [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [73.41 Ko] - C:\WINDOWS\SysWOW64\Licenses [MD5.00000000000000000000000000000000] - |D| - [21/10/2015 06:09:13] - [7969.51 Ko] - C:\WINDOWS\SysWOW64\LiveUpdate [MD5.C2E6BEF133BD21A90757F9E9CF7F811F] - |A| - [15/11/2016 12:13:44] - (.-.) - [13.26 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\LiveUpdate 6.1 ReleaseNote.txt [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\LogFiles [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [213.5 Ko] - C:\WINDOWS\SysWOW64\lt-LT [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [214.5 Ko] - C:\WINDOWS\SysWOW64\lv-LV [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [49240.12 Ko] - C:\WINDOWS\SysWOW64\Macromed [MD5.00000000000000000000000000000000] - |D| - [02/01/2017 15:14:39] - [2449.44 Ko] - C:\WINDOWS\SysWOW64\MAGIX [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [32.68 Ko] - C:\WINDOWS\SysWOW64\MailContactsCalendarSync [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 04:20:14] - [0 Ko] - C:\WINDOWS\SysWOW64\manifeststore [MD5.1F552EC27C24A82850A568107E376E7A] - |A| - [02/01/2017 15:17:41] - (.-.) - [27.16 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\mgxcdr.txt [MD5.9FA3230484846732BAC07495F819EE74] - |A| - [06/01/2017 17:51:31] - (.Copyright © 2003-2006 MAGIX AG - mgxoschk.) - [681.21 Ko] - (1.36.0.220) - C:\WINDOWS\SysWOW64\mgxoschk.dll [MD5.00000000000000000000000000000000] - |SD| - [31/10/2016 05:57:12] - [0 Ko] - C:\WINDOWS\SysWOW64\Microsoft [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [3774.89 Ko] - C:\WINDOWS\SysWOW64\migration [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [821.34 Ko] - C:\WINDOWS\SysWOW64\migwiz [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [45.5 Ko] - C:\WINDOWS\SysWOW64\MSDRM [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [52.28 Ko] - C:\WINDOWS\SysWOW64\MsDtc [MD5.18403DE4979A328F21279DECB2E4298F] - |A| - [16/07/2016 12:44:01] - (.-.) - [3.32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\msmqpub.mof [MD5.E0640DE5407EEE4C6E16D839243B71F9] - |A| - [16/07/2016 12:44:01] - (.-.) - [8.88 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\msmqtrc.mof [MD5.3ED9AC3EE11EE2C16E2E41F0DC4BAD42] - |A| - [16/07/2016 12:44:01] - (.-.) - [0.87 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\msmqtrcRemove.mof [MD5.B9966F800D2A3A1522B1825077785C40] - |A| - [10/05/2016 14:37:07] - (.Copyright (c) 2015 Micro-Star INT'L CO.,LTD. - Windows Host Process.) - [1653.16 Ko] - (1.0.0.1) - C:\WINDOWS\SysWOW64\muachost.exe [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [19.15 Ko] - C:\WINDOWS\SysWOW64\MUI [MD5.A9A368F6C0E443012C7D423B683C508B] - |A| - [02/01/2017 15:17:41] - (.Copyright (C) 2006 - MAGIX Restore.) - [420 Ko] - (2.0.5.9) - C:\WINDOWS\SysWOW64\MXRestore.exe [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [260.5 Ko] - C:\WINDOWS\SysWOW64\nb-NO [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\NDF [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [51 Ko] - C:\WINDOWS\SysWOW64\networklist [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [278 Ko] - C:\WINDOWS\SysWOW64\nl-NL [MD5.B1EF4686961986DFFB7FE8F18E6FCB5B] - |A| - [22/09/2011 17:30:58] - (.Copyright © Nalpeiron 2004 - 2010 - This service enables products that use the Nalpeiron Licensing System.) - [65 Ko] - (6.3.8.0) - C:\WINDOWS\SysWOW64\nlssrv32.exe [MD5.00000000000000000000000000000000] - |SD| - [16/07/2016 12:47:48] - [3781.5 Ko] - C:\WINDOWS\SysWOW64\Nui [MD5.9EA3CD2CB18622637DD032743D7750C9] - |A| - [11/01/2017 11:20:18] - (.-.) - [0.65 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\nv-vk32.json [MD5.B30EB1F499E3D3B5C97ED44979467C84] - |A| - [14/09/2016 11:05:11] - (.-.) - [1608.62 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [275.5 Ko] - C:\WINDOWS\SysWOW64\pl-PL [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 23:40:11] - [420.42 Ko] - C:\WINDOWS\SysWOW64\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [278.5 Ko] - C:\WINDOWS\SysWOW64\pt-BR [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [273.5 Ko] - C:\WINDOWS\SysWOW64\pt-PT [MD5.902718AD34291C15EA949901600BDBE0] - |A| - [23/02/2016 10:56:06] - (.-.) - [24.16 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\PteVideo.dll [MD5.0F8EF8AC886649A71FAB269FAF8FA3C2] - |A| - [23/08/2016 06:34:08] - (.-.) - [32769 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\RAMDiskImage.data [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [23.75 Ko] - C:\WINDOWS\SysWOW64\ras [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\RasToast [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0.76 Ko] - C:\WINDOWS\SysWOW64\Recovery [MD5.DB9B18E2F3CD037E8E66DDE0DF32D64A] - |A| - [01/06/2016 04:50:53] - (.-.) - [12.37 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ReleaseNote.txt [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\restore [MD5.1987E86DCBEF29B9ABFF648303BDAF16] - |A| - [14/03/2016 06:36:22] - (.Copyright © 2016 Razer Inc. All rights reserved - Razer RzDeviceDLL Manager.) - [95.46 Ko] - (1.0.45.6) - C:\WINDOWS\SysWOW64\rzdevinfo.dll [MD5.00000000000000000000000000000000] - |D| - [14/09/2016 11:04:41] - [138.22 Ko] - C:\WINDOWS\SysWOW64\sda [MD5.4F5B1EA36E9693D33DF436F342711673] - |A| - [21/02/2011 22:17:34] - (.-.) - [309.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\SilverEfexPro2FC32.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [219 Ko] - C:\WINDOWS\SysWOW64\sk-SK [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [215.5 Ko] - C:\WINDOWS\SysWOW64\sl-SI [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 23:40:11] - [52.14 Ko] - C:\WINDOWS\SysWOW64\slmgr [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\SMI [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [4202.34 Ko] - C:\WINDOWS\SysWOW64\Speech [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [6318.84 Ko] - C:\WINDOWS\SysWOW64\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [1274.06 Ko] - C:\WINDOWS\SysWOW64\spp [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [31.88 Ko] - C:\WINDOWS\SysWOW64\sppui [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [223 Ko] - C:\WINDOWS\SysWOW64\sr-Latn-CS [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [219.5 Ko] - C:\WINDOWS\SysWOW64\sr-Latn-RS [MD5.C214C625A2758CC727A056D6D6664454] - |A| - [15/11/2016 12:18:47] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [333.16 Ko] - (4.0.0.59) - C:\WINDOWS\SysWOW64\SRCOM.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\sru [MD5.5D7D97DF6AA504CC3C7DD92021B58D33] - |A| - [02/01/2017 15:17:41] - (.© PoINT Software & Systems GmbH 1994-2007 - PoINT Shared DLL.) - [37.28 Ko] - (3.0.0.22) - C:\WINDOWS\SysWOW64\STRING32.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [265.5 Ko] - C:\WINDOWS\SysWOW64\sv-SE [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 23:40:11] - [0 Ko] - C:\WINDOWS\SysWOW64\sysprep [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\Tasks [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [205 Ko] - C:\WINDOWS\SysWOW64\th-TH [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [261.5 Ko] - C:\WINDOWS\SysWOW64\tr-TR [MD5.1DA32728F808D41F380193B6B21B14C2] - |A| - [02/01/2017 15:17:41] - (.Copyright © PoINT Software & Systems GmbH 1994-2000 - PoINT Shared DLL.) - [24 Ko] - (3.0.0.2) - C:\WINDOWS\SysWOW64\TTI32.dll [MD5.AB024EFED92D5A91DDCC9577FD5A3A9C] - |A| - [02/01/2017 15:17:41] - (.Copyright © PoINT Software & Systems GmbH 1994-2000 - PoINT Shared DLL.) - [24 Ko] - (3.0.0.2) - C:\WINDOWS\SysWOW64\TTIC32.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [215.5 Ko] - C:\WINDOWS\SysWOW64\uk-UA [MD5.5F6422A0A38A7BBE7657DF37BAD071C2] - |A| - [15/06/2015 15:46:06] - (.-.) - [13.49 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Utility.xml [MD5.00000000000000000000000000000000] - |D| - [10/05/2016 17:26:51] - [8760.37 Ko] - C:\WINDOWS\SysWOW64\vbox [MD5.2F28B023406F83D17ACE4294E2510F44] - |A| - [09/09/2016 19:25:58] - (.Copyright (C) 2015-2016 - Vulkan Loader.) - [263.28 Ko] - (1.0.26.0) - C:\WINDOWS\SysWOW64\vulkan-1-1-0-26-0.dll [MD5.2F28B023406F83D17ACE4294E2510F44] - |A| - [11/01/2017 11:21:34] - (.Copyright (C) 2015-2016 - Vulkan Loader.) - [263.28 Ko] - (1.0.26.0) - C:\WINDOWS\SysWOW64\vulkan-1.dll [MD5.6448CF3F64B96B8C72A9D5905F7C07B0] - |A| - [09/09/2016 19:25:28] - (.-.) - [108.28 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-26-0.exe [MD5.6448CF3F64B96B8C72A9D5905F7C07B0] - |A| - [11/01/2017 11:21:34] - (.-.) - [108.28 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [17/06/2015 13:54:41] - [0 Ko] - C:\WINDOWS\SysWOW64\Wat [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [15540.58 Ko] - C:\WINDOWS\SysWOW64\wbem [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 23:40:11] - [0 Ko] - C:\WINDOWS\SysWOW64\WCN [MD5.3C9508C3B515FDB5762DF5862C864301] - |A| - [05/02/2017 15:56:56] - (.Copyright © 2016 - Java(TM) Platform SE binary.) - [107.56 Ko] - (8.0.1210.13) - C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [7806.63 Ko] - C:\WINDOWS\SysWOW64\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [4228.5 Ko] - C:\WINDOWS\SysWOW64\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 23:40:11] - [107.53 Ko] - C:\WINDOWS\SysWOW64\winrm [MD5.00000000000000000000000000000000] - |D| - [14/09/2016 11:57:28] - [10.16 Ko] - C:\WINDOWS\SysWOW64\XPSViewer [MD5.A9A79AE00A702144274EEF7E59724315] - |A| - [18/09/2015 15:49:24] - (.Copyright (C) 2011 - XRiteDevice Service Library.) - [375.36 Ko] - (1127.0.0.214) - C:\WINDOWS\SysWOW64\XRiteDevice.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [190.5 Ko] - C:\WINDOWS\SysWOW64\zh-CN [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [185 Ko] - C:\WINDOWS\SysWOW64\zh-HK [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [185 Ko] - C:\WINDOWS\SysWOW64\zh-TW ---------- | [Administrateur] [27/04/2016 06:43:26] - |D| - [128614504] - C:\Users\Administrateur\AppData\Local [27/04/2016 06:43:26] - |D| - [0] - C:\Users\Administrateur\AppData\LocalLow [27/04/2016 06:43:26] - |D| - [135931] - C:\Users\Administrateur\AppData\Roaming [27/04/2016 06:45:51] - |D| - [0] - C:\Users\Administrateur\AppData\Local\ActiveSync [27/04/2016 06:43:26] - |SHD| - [1320610460] - C:\Users\Administrateur\AppData\Local\Application Data [27/04/2016 06:43:26] - |SHD| - [130] - C:\Users\Administrateur\AppData\Local\Historique [27/04/2016 06:53:08] - |AH| - [3368] - C:\Users\Administrateur\AppData\Local\IconCache.db [27/04/2016 06:43:26] - |D| - [114026756] - C:\Users\Administrateur\AppData\Local\Microsoft [27/04/2016 06:43:33] - |D| - [3500604] - C:\Users\Administrateur\AppData\Local\Packages [27/04/2016 06:43:26] - |D| - [0] - C:\Users\Administrateur\AppData\Local\Temp [27/04/2016 06:43:26] - |SHD| - [0] - C:\Users\Administrateur\AppData\Local\Temporary Internet Files [27/04/2016 06:43:32] - |D| - [11083776] - C:\Users\Administrateur\AppData\Local\TileDataLayer [27/04/2016 06:50:34] - |D| - [0] - C:\Users\Administrateur\AppData\Roaming\Adobe [27/04/2016 06:43:26] - |SD| - [135931] - C:\Users\Administrateur\AppData\Roaming\Microsoft [27/04/2016 06:50:35] - |ASH| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [27/04/2016 06:43:26] - |SHD| - [22466] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [27/04/2016 06:43:26] - |RD| - [22466] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [27/04/2016 06:43:26] - |RD| - [3888] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [27/04/2016 06:43:26] - |RD| - [2925] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [27/04/2016 06:50:36] - |RD| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [27/04/2016 06:50:35] - |ASH| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [27/04/2016 06:43:26] - |D| - [170] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [27/04/2016 06:51:46] - |A| - [2405] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [27/04/2016 06:50:36] - |RD| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [27/04/2016 06:43:26] - |RD| - [5318] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [27/04/2016 06:43:26] - |RSD| - [7238] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [27/04/2016 06:50:36] - |ASH| - [174] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [Administrateur.000] [14/09/2016 11:05:32] - |D| - [148739599] - C:\Users\Administrateur.000\AppData\Local [27/05/2016 16:44:34] - |D| - [56401] - C:\Users\Administrateur.000\AppData\LocalLow [14/09/2016 11:05:32] - |D| - [381073] - C:\Users\Administrateur.000\AppData\Roaming [27/05/2016 16:45:08] - |D| - [4368] - C:\Users\Administrateur.000\AppData\Local\Adobe [14/09/2016 11:05:32] - |SHD| - [1511484464] - C:\Users\Administrateur.000\AppData\Local\Application Data [27/05/2016 16:44:34] - |D| - [32587] - C:\Users\Administrateur.000\AppData\Local\Google [14/09/2016 11:05:32] - |SHD| - [290] - C:\Users\Administrateur.000\AppData\Local\Historique [14/09/2016 11:05:32] - |D| - [124813755] - C:\Users\Administrateur.000\AppData\Local\Microsoft [27/05/2016 16:44:34] - |D| - [0] - C:\Users\Administrateur.000\AppData\Local\Microsoft Help [27/05/2016 16:44:36] - |D| - [12215289] - C:\Users\Administrateur.000\AppData\Local\Packages [27/05/2016 16:44:40] - |D| - [0] - C:\Users\Administrateur.000\AppData\Local\Publishers [14/09/2016 11:05:32] - |D| - [0] - C:\Users\Administrateur.000\AppData\Local\Temp [14/09/2016 11:05:32] - |SHD| - [0] - C:\Users\Administrateur.000\AppData\Local\Temporary Internet Files [27/05/2016 16:44:35] - |D| - [11673600] - C:\Users\Administrateur.000\AppData\Local\TileDataLayer [27/05/2016 16:44:46] - |SD| - [56401] - C:\Users\Administrateur.000\AppData\LocalLow\Microsoft [27/05/2016 16:44:36] - |D| - [9715] - C:\Users\Administrateur.000\AppData\Roaming\Adobe [27/05/2016 16:45:11] - |D| - [7951] - C:\Users\Administrateur.000\AppData\Roaming\AVAST Software [27/05/2016 16:44:34] - |D| - [313840] - C:\Users\Administrateur.000\AppData\Roaming\Macromedia [27/05/2016 16:44:34] - |D| - [0] - C:\Users\Administrateur.000\AppData\Roaming\Media Center Programs [14/09/2016 11:05:32] - |SD| - [49567] - C:\Users\Administrateur.000\AppData\Roaming\Microsoft [27/05/2016 16:44:36] - |ASH| - [174] - C:\Users\Administrateur.000\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [14/09/2016 11:05:32] - |SHD| - [21075] - C:\Users\Administrateur.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [14/09/2016 11:05:32] - |D| - [21075] - C:\Users\Administrateur.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [14/09/2016 11:05:32] - |RD| - [3888] - C:\Users\Administrateur.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [14/09/2016 11:05:32] - |RD| - [1486] - C:\Users\Administrateur.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [27/05/2016 16:44:36] - |RD| - [174] - C:\Users\Administrateur.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [14/09/2016 11:05:32] - |D| - [170] - C:\Users\Administrateur.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [27/05/2016 16:45:21] - |A| - [2627] - C:\Users\Administrateur.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [27/05/2016 16:44:36] - |RD| - [174] - C:\Users\Administrateur.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [14/09/2016 11:05:32] - |RD| - [5318] - C:\Users\Administrateur.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [14/09/2016 11:05:32] - |RD| - [7238] - C:\Users\Administrateur.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [27/05/2016 16:44:36] - |ASH| - [174] - C:\Users\Administrateur.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [Patrick] [14/09/2016 11:05:32] - |D| - [17612328990] - C:\Users\Patrick\AppData\Local [15/06/2015 15:57:04] - |D| - [2035395421] - C:\Users\Patrick\AppData\LocalLow [14/09/2016 11:05:32] - |D| - [3056151218] - C:\Users\Patrick\AppData\Roaming [16/06/2015 17:39:29] - |D| - [1241889] - C:\Users\Patrick\AppData\Local\2BrightSparks [06/06/2016 13:01:48] - |D| - [0] - C:\Users\Patrick\AppData\Local\ActiveSync [15/06/2015 18:54:47] - |D| - [2343399337] - C:\Users\Patrick\AppData\Local\Adobe [20/01/2016 07:53:26] - |D| - [0] - C:\Users\Patrick\AppData\Local\Apowersoft [28/06/2015 10:46:52] - |D| - [0] - C:\Users\Patrick\AppData\Local\Apple [30/09/2015 05:29:42] - |D| - [4555097] - C:\Users\Patrick\AppData\Local\Apple Computer [14/09/2016 11:05:32] - |SHD| - [190965118938] - C:\Users\Patrick\AppData\Local\Application Data [06/09/2015 06:03:55] - |D| - [2966139] - C:\Users\Patrick\AppData\Local\Apps [06/01/2017 09:04:43] - |D| - [0] - C:\Users\Patrick\AppData\Local\ArcSoft [14/04/2016 05:17:28] - |D| - [30720] - C:\Users\Patrick\AppData\Local\AVAST Software [01/11/2015 10:20:23] - |D| - [0] - C:\Users\Patrick\AppData\Local\CEF [10/05/2016 15:43:18] - |D| - [63133130] - C:\Users\Patrick\AppData\Local\Comms [14/09/2016 11:12:59] - |D| - [2024905] - C:\Users\Patrick\AppData\Local\ConnectedDevicesPlatform [17/01/2017 06:03:48] - |D| - [416120] - C:\Users\Patrick\AppData\Local\CrashDumps [15/06/2015 16:03:46] - |D| - [0] - C:\Users\Patrick\AppData\Local\Diagnostics [15/06/2015 21:50:26] - |D| - [4096] - C:\Users\Patrick\AppData\Local\Disc_Soft_Ltd [18/06/2015 13:38:47] - |D| - [56645120] - C:\Users\Patrick\AppData\Local\Downloaded Installations [27/06/2015 14:37:57] - |D| - [224082520] - C:\Users\Patrick\AppData\Local\DxO_Labs [16/06/2015 08:09:54] - |D| - [0] - C:\Users\Patrick\AppData\Local\EIZO [15/06/2015 15:45:51] - |D| - [0] - C:\Users\Patrick\AppData\Local\ElevatedDiagnostics [15/06/2015 15:13:03] - |A| - [70448] - C:\Users\Patrick\AppData\Local\GDIPFONTCACHEV1.DAT [15/06/2015 15:07:40] - |D| - [1009601392] - C:\Users\Patrick\AppData\Local\Google [22/06/2015 05:02:51] - |D| - [392] - C:\Users\Patrick\AppData\Local\GWX [14/09/2016 11:05:32] - |SHD| - [290] - C:\Users\Patrick\AppData\Local\Historique [15/06/2015 19:08:41] - |D| - [80617] - C:\Users\Patrick\AppData\Local\HP [14/09/2016 15:29:16] - |AH| - [92872] - C:\Users\Patrick\AppData\Local\IconCache.db [16/06/2015 05:55:23] - |D| - [1887] - C:\Users\Patrick\AppData\Local\Intel_Corporation [27/06/2015 14:37:57] - |D| - [579] - C:\Users\Patrick\AppData\Local\IsolatedStorage [16/06/2015 07:58:41] - |D| - [6391880] - C:\Users\Patrick\AppData\Local\Kolor [16/06/2015 13:40:36] - |D| - [0] - C:\Users\Patrick\AppData\Local\Macromedia [06/01/2017 09:30:55] - |D| - [133] - C:\Users\Patrick\AppData\Local\MAGIX [14/09/2016 11:05:32] - |D| - [6133101110] - C:\Users\Patrick\AppData\Local\Microsoft [16/06/2015 11:58:34] - |D| - [393526] - C:\Users\Patrick\AppData\Local\Microsoft Games [15/06/2015 21:53:55] - |D| - [652564] - C:\Users\Patrick\AppData\Local\Microsoft Help [10/05/2016 14:45:52] - |D| - [83114] - C:\Users\Patrick\AppData\Local\MicrosoftEdge [24/04/2016 10:03:22] - |D| - [0] - C:\Users\Patrick\AppData\Local\MJProductions [15/06/2015 17:56:28] - |D| - [373280557] - C:\Users\Patrick\AppData\Local\Mozilla [10/05/2016 14:32:38] - |D| - [0] - C:\Users\Patrick\AppData\Local\NetworkTiles [10/05/2016 14:29:52] - |D| - [355117896] - C:\Users\Patrick\AppData\Local\Packages [14/09/2016 11:13:07] - |D| - [0] - C:\Users\Patrick\AppData\Local\PackageStaging [23/02/2016 10:56:12] - |D| - [75636] - C:\Users\Patrick\AppData\Local\PicturesToExe [15/06/2015 18:46:12] - |D| - [0] - C:\Users\Patrick\AppData\Local\Programs [10/05/2016 14:29:57] - |D| - [109972] - C:\Users\Patrick\AppData\Local\Publishers [10/07/2016 12:10:42] - |D| - [1728] - C:\Users\Patrick\AppData\Local\Razer_Inc [12/07/2015 05:54:15] - |A| - [7618] - C:\Users\Patrick\AppData\Local\resmon.resmoncfg [14/09/2016 11:05:32] - |D| - [932747625] - C:\Users\Patrick\AppData\Local\Temp [14/09/2016 11:05:32] - |SHD| - [273058250] - C:\Users\Patrick\AppData\Local\Temporary Internet Files [25/01/2017 16:10:28] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign00a5d1c619a5bf4a [09/12/2016 10:50:04] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign00feada6da4f7974 [23/07/2016 14:44:59] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign011f933a7f84c61e [21/11/2016 07:38:53] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign029b65c51e581fb5 [23/11/2016 19:36:25] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign039905fa9110fa14 [29/01/2017 15:41:10] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign047f4050320fe51c [15/09/2016 17:51:33] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign04a417c582a56303 [22/11/2016 15:06:23] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign055b0ed5db8aa2ca [29/01/2017 15:39:37] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign06710d94e3671f9c [14/12/2016 09:36:14] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign0a3ed40574317780 [12/11/2016 17:14:22] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign0d7333b9cd3b1ab9 [26/08/2016 16:51:58] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign0e002199d0edd4e6 [15/09/2016 12:09:12] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign0e4881d3a9520d7d [15/08/2016 15:15:54] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign0ecace827293de3a [28/07/2016 06:22:04] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign0f12fe49d73349bb [20/12/2016 11:53:24] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign0f2feb4f6111b7d0 [02/02/2017 07:04:32] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign0f6b2f45e56d9279 [08/12/2016 11:42:00] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign0f9cdc1596d7a48f [23/07/2016 13:18:21] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign1016e574798d9c51 [15/09/2016 11:03:45] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign10cac5069d9abdcd [14/11/2016 14:48:57] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign110bca9756165260 [29/01/2017 15:39:02] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign119b1bf407d14e8c [13/12/2016 11:54:01] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign1477b2f9df644700 [21/11/2016 07:38:32] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign148d3159bc256796 [30/01/2017 12:54:46] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign14db9d124f21b5c5 [21/11/2016 07:33:43] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign15bb0eb24300b83e [08/12/2016 08:49:54] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign178d9f3d8bcc69f0 [12/12/2016 11:46:36] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign17b556aefdd01a29 [23/11/2016 18:02:38] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign18357e308c140cbd [11/11/2016 17:24:11] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign183b8d76ee735565 [10/01/2017 15:29:50] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign19cea1772529577d [17/12/2016 11:33:29] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign1a4e6173cd23a203 [08/12/2016 08:33:19] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign1a672d8a125d5d30 [14/08/2016 15:11:50] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign1abbfb71d5c5b690 [07/12/2016 12:36:53] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign1cb6bc93a3a1c8f6 [04/02/2017 11:11:36] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign1d4067a2141408b7 [20/12/2016 10:45:22] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign1ed053b946c85a15 [21/11/2016 08:32:47] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign20d4afcf2f48d32a [23/11/2016 19:36:25] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign210987d42f722d18 [21/11/2016 07:13:46] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign230105d8b863aa32 [13/11/2016 16:59:15] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign2539f4d3a91cf199 [22/11/2016 06:44:10] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign2638efb4da0be10a [02/02/2017 16:46:44] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign26fdd4583bcdbbc9 [15/12/2016 10:59:19] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign2939e2795c2e5f02 [21/11/2016 08:32:46] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign2966bde7a55d1e64 [24/01/2017 17:23:27] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign2a1cc149fe033e35 [04/11/2016 14:48:37] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign2d6d705a99254952 [30/01/2017 09:45:36] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign2d7a52041ac9516e [30/01/2017 12:55:19] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign2da76c89c1061002 [30/01/2017 12:55:08] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign2dc233ebf494feb9 [30/01/2017 12:55:08] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign2e76b9eaffbe3ecc [30/01/2017 09:44:58] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign2edfd45806bc550f [20/11/2016 12:49:09] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign3154b305155adfcd [26/06/2016 05:24:24] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign3195b0ae34d9e3c6 [30/01/2017 12:55:01] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign31ce30855d4dfe96 [12/01/2017 17:45:29] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign32f8f09e8cdb3b51 [07/12/2016 12:36:53] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign335462ea5307b9a4 [25/01/2017 16:10:29] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign33b42fad5a7b5530 [28/01/2017 09:57:59] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign346f30adc7badb5c [28/12/2016 14:53:52] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign35d54bc1c7f3b5da [15/11/2016 15:33:22] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign3735fa55bb2318aa [29/01/2017 15:35:19] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign37aef47c163f6cfe [21/11/2016 07:33:45] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign3abea104b24b9ab8 [08/12/2016 08:33:18] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign3e67a4abe395b1b3 [05/02/2017 07:39:04] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign3f7087e6525fa689 [28/12/2016 14:48:38] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign3fb5fd59a5a081e0 [10/01/2017 15:34:58] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign4064fff45b7c9095 [05/07/2016 14:58:33] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign40d56f0c485c0475 [01/01/2017 08:31:22] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign438aa0ec415510da [04/11/2016 16:40:43] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign44941939caecf0a7 [24/06/2016 16:30:24] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign4587aa59b9be2e9f [21/11/2016 07:14:37] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign4632fcde979f9c2b [05/01/2017 15:40:33] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign47725fb3ca6a68d1 [19/01/2017 18:06:13] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign484058faa56ec210 [28/01/2017 11:59:11] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign4caae4083d9b3dd3 [08/09/2016 15:41:16] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign4ccf88aee52594b8 [12/12/2016 11:31:44] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign4df30662de0ea5b2 [07/11/2016 06:20:56] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign4eb9503e369a270b [17/11/2016 18:36:14] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign4ebc5babe1b38c7a [02/02/2017 07:09:48] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign511dca62f98368cd [05/10/2016 14:08:32] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign52efaddeb1c99647 [29/01/2017 15:39:02] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign5376d3858e5e7ebb [20/12/2016 10:45:22] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign538408eaff6abbb8 [09/12/2016 10:45:38] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign54113e97f54391a8 [28/01/2017 09:58:00] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign567261f5665fef36 [29/01/2017 15:34:45] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign5679a6b428160e30 [29/09/2016 06:15:30] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign571a9bdec20a00a7 [21/12/2016 07:59:49] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign5741a3415912b0ef [19/12/2016 12:42:51] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign5850d95700ebadfe [04/10/2016 16:46:54] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign59d5477a9504fe61 [29/01/2017 15:38:44] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign5a3edee0c7623ba0 [28/01/2017 19:00:01] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign5a564a7bcf26f75b [27/11/2016 15:19:10] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign5c3da24d591698a9 [29/01/2017 15:38:29] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign5f614233b07f9acd [23/11/2016 17:51:47] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign6073faeb2bdad726 [28/01/2017 11:59:11] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign6295e5586270fbce [10/01/2017 15:29:50] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign62c93b683eca50fa [29/01/2017 15:34:45] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign63c20f1398d3b079 [19/12/2016 12:48:07] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign64356b7769e5716f [08/12/2016 11:41:59] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign65ad8e2b42d8a448 [31/12/2016 09:34:07] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign68362d3e3153d4f7 [21/11/2016 08:30:27] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign68844be18fe7272b [27/01/2017 10:24:17] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign68d396ae1b802c35 [14/12/2016 09:36:14] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign6989264a20cbd544 [18/01/2017 11:40:41] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign69a3d91570a0c517 [23/11/2016 17:51:47] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign6a1b9771062572d1 [13/11/2016 08:04:05] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign6a3673a8a9e3c265 [31/10/2016 13:20:25] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign6ad9b6b43b1e8bda [31/10/2016 07:27:53] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign6b5f9fac2e951641 [17/12/2016 10:50:30] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign6eb80bd5306c5ba1 [04/02/2017 11:11:38] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign6f5a19dce6df5c74 [20/01/2017 18:37:53] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign6f7480bb3eb8f67d [04/10/2016 12:36:06] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign6fc855562d996c5a [05/01/2017 15:55:54] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign726d291380254ac8 [23/07/2016 13:18:42] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign727de26920d56031 [29/01/2017 15:38:29] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign728f6838945a99c4 [08/12/2016 11:44:43] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign7346644c14f20098 [31/12/2016 09:34:07] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign78403a41360c92e1 [09/12/2016 10:45:38] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign7955a011de2042cb [05/08/2016 10:11:38] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign7cba7ab5b2e7a7d3 [31/10/2016 13:20:25] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign7d9c4990295d7967 [23/06/2016 16:22:22] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign7dc35b97a4a76531 [02/02/2017 07:04:29] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign7dcda0a1d302f9e7 [28/07/2016 06:58:36] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign7dfe646e370afe88 [22/01/2017 17:00:36] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign7e61785191ced844 [01/10/2016 22:18:21] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign7f27775b361105fe [28/12/2016 14:48:38] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign80d5ad8258ea2e35 [21/11/2016 07:07:31] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign816bd3a17349b2c3 [19/01/2017 18:03:55] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign843b4559732fc9de [06/12/2016 09:40:59] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign861c85743e9f0f85 [15/12/2016 10:59:19] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign86774d7fc0c26605 [01/01/2017 08:31:56] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign86fc5c440d632bd9 [12/12/2016 15:03:24] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign89f814578ed9d9b8 [27/01/2017 10:18:22] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign8cb7e35722342554 [09/11/2016 14:13:34] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign8daaf3b0ad6fca07 [01/01/2017 08:31:22] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign8e6232216fc6e5b9 [30/09/2016 15:32:01] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign8ea8f9d2c17ca7d2 [21/11/2016 08:32:33] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign8eee26551a999a59 [29/01/2017 13:31:10] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign901bf74c8341d862 [19/12/2016 12:47:49] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign905f87cfe5b30f31 [18/01/2017 09:16:39] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign910827ae6ea2f083 [07/11/2016 06:20:56] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign918be7a0aef288ee [06/12/2016 10:47:44] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign9299b785d9573d4f [19/12/2016 12:42:51] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign92a0c7a707f27d36 [30/01/2017 12:54:46] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign9958365e9756e8a4 [27/08/2016 12:52:12] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign9973b5cd4fb8bfc9 [04/02/2017 11:11:36] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign9bcd4da19d6fe37c [21/11/2016 07:04:40] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign9c7224837e7ce1cf [07/12/2016 14:42:25] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign9d6d4f22a5ff6e37 [24/01/2017 17:23:27] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign9d750cc2528811a6 [13/11/2016 08:04:05] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign9e791fa14703f3da [12/12/2016 11:50:36] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign9ec93cb069e20d7e [06/12/2016 09:40:59] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign9eec795c8c8bfe47 [18/01/2017 09:16:38] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsign9fad7445c327656b [24/01/2017 17:40:14] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsigna11edfb1dc60c177 [05/10/2016 14:09:26] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsigna19ae9a9d3e15e91 [28/07/2016 06:58:09] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsigna40dabb5b6f64f94 [29/01/2017 17:12:12] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsigna47df5e0107e63ab [05/01/2017 15:40:33] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsigna609eaf6f75be9b1 [29/01/2017 15:35:04] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsigna6939bc71eca4e76 [23/11/2016 19:36:39] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsigna7ae9edae6d38724 [20/01/2017 18:37:53] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignac602464ea430f58 [02/02/2017 16:46:44] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignae20a70117e45b43 [05/02/2017 07:38:54] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignae6138e8a945076c [27/01/2017 10:18:22] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignae799fea551999b5 [25/09/2016 09:40:39] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignaf6d53d992cfd353 [04/11/2016 16:40:43] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignaf81f4693c770b59 [31/10/2016 07:27:53] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignafd8b7a83e49d047 [04/11/2016 14:48:37] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignb039db68bd5250d9 [25/01/2017 16:12:04] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignb03bae7d398d7c6e [07/12/2016 12:44:21] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignb0953a2d153d84ae [01/10/2016 14:04:07] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignb143a88618894db2 [03/11/2016 18:28:48] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignb2c3ec92a1726f44 [02/02/2017 17:07:41] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignb38515511944791b [22/01/2017 11:47:11] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignb772bbd8c483b093 [20/12/2016 11:56:51] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignb7bf3308fae9e18d [28/07/2016 06:35:57] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignb7f563ea32ea26c1 [17/12/2016 10:50:30] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignb979c4bb8a66b494 [12/11/2016 17:14:22] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignbb6768968f658593 [29/01/2017 11:17:17] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignbc57842b91875041 [30/01/2017 09:45:08] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignbd1b8af6e511fc36 [16/12/2016 12:36:40] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignbe3d635286dacb94 [29/01/2017 15:41:10] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignbfa3013160521218 [30/01/2017 09:44:58] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignc0102fa0069f7609 [24/06/2016 16:39:15] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignc020692d04a8c6d8 [28/12/2016 15:07:04] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignc33977a0b0c40826 [12/12/2016 14:46:34] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignc344046a9d24c26a [07/12/2016 14:42:25] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignc58d5acfc538b304 [13/11/2016 16:59:15] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignc624c165443e860c [04/07/2016 19:34:49] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignc671501676d9b172 [12/12/2016 11:46:37] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignc7968d6a095817ef [20/01/2017 18:38:24] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignc86eeb57152e93dd [29/01/2017 14:51:39] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignca67448bf4a80882 [06/12/2016 10:54:04] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignca6ba086e7e5e0e7 [17/12/2016 11:08:03] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsigncac98403b20d015b [12/12/2016 11:31:45] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsigncb117675edf37a71 [13/12/2016 10:18:10] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsigncb4320c72d743847 [12/01/2017 17:30:02] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsigncb8483fcf55c9ad1 [13/12/2016 10:18:10] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsigncedc717d5d44596a [27/11/2016 15:19:10] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignd05680a00756f5e8 [29/01/2017 11:18:56] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignd1ed58c7b8345b4c [15/11/2016 09:19:41] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignd2fed84ed5dc5042 [11/09/2016 17:04:32] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignd4e23fb14f8a7355 [16/12/2016 12:54:08] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignd544cb2cdd6ca658 [16/12/2016 12:36:40] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignd5aee32dac726b5a [29/01/2017 15:38:50] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignd5c8fd9d6bea031f [27/01/2017 10:41:14] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignd6ae6966bd378682 [05/11/2016 09:01:48] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignd770877d4dc92080 [19/01/2017 18:18:50] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignd81177ba47b85b35 [14/12/2016 09:36:34] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignd830402ac6e79ee1 [03/11/2016 18:28:48] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignd8b77c493e3e8d20 [19/01/2017 18:03:55] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignd8e36f631fabda1b [07/12/2016 14:42:48] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignd9a60aed913b763a [24/01/2017 17:40:09] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignd9d289555fe5664a [29/01/2017 11:17:17] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsigndad0ef92ff895820 [18/11/2016 09:53:45] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsigndcb43e49c0e3125e [28/07/2016 06:22:58] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsigndcd2e15d4188234f [05/07/2016 06:11:29] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsigndcd65cab6b038bc7 [31/12/2016 09:36:57] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsigndd74043445e3d3bb [09/11/2016 14:13:34] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsigndda63084c91e6c32 [21/12/2016 07:58:31] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignddab73f901a01efb [22/11/2016 06:44:10] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignddd6ea5cabe1b65a [25/01/2017 16:12:01] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsigndf141e686a62e12b [13/09/2016 15:47:36] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsigndf88ee44ba8098da [27/11/2016 15:48:49] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsigne000e469fcb98616 [17/12/2016 11:11:38] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsigne062f11e415612a9 [21/12/2016 07:58:31] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsigne106ed9e12d4a014 [21/11/2016 08:33:32] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsigne15b53558b25bd92 [05/11/2016 09:01:48] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsigne245e07796d7840a [12/01/2017 17:29:18] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsigne2620f02a1060b9a [05/07/2016 18:30:09] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsigne2f7affd201ee131 [17/12/2016 10:56:15] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsigne5ea0e74fe94a160 [30/10/2016 20:27:09] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsigne638563d7425bd4b [10/09/2016 16:28:10] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignebf9b5e2373c07c3 [20/12/2016 11:53:08] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignec1969d033d7ea80 [17/12/2016 11:08:03] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignee6aa370d149d148 [11/11/2016 17:24:11] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignefa20865765fc17e [05/02/2017 07:38:54] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignefeb367f176eb10f [02/10/2016 12:37:33] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignf3434b58998273a6 [10/09/2016 15:45:38] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignf48ef42d95e5766a [15/12/2016 17:49:09] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignf71cffc880ad9e3e [29/01/2017 15:41:31] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignf774314f70890077 [12/12/2016 14:46:34] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignfb5ec9481497bcec [12/01/2017 17:29:18] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignfc05f99d681d6f5c [23/11/2016 18:28:56] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignfc1a1691394414a5 [22/01/2017 11:47:11] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignfe5db4089c938494 [27/08/2016 12:49:20] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignfea6b567ae5c3274 [30/10/2016 20:27:09] - |D| - [0] - C:\Users\Patrick\AppData\Local\Tempzxpsignfffb53c8e8936c93 [05/02/2017 14:05:43] - |D| - [15324694] - C:\Users\Patrick\AppData\Local\Thunderbird [10/05/2016 14:29:51] - |D| - [14770176] - C:\Users\Patrick\AppData\Local\TileDataLayer [18/06/2015 13:39:38] - |D| - [5808559139] - C:\Users\Patrick\AppData\Local\TomTom [16/06/2016 06:07:57] - |D| - [262666024] - C:\Users\Patrick\AppData\Local\URBrowser [15/06/2015 15:57:06] - |D| - [7372] - C:\Users\Patrick\AppData\Local\VirtualStore [16/06/2015 09:51:16] - |D| - [40960] - C:\Users\Patrick\AppData\Local\Windows Live [16/06/2015 09:56:52] - |D| - [650003] - C:\Users\Patrick\AppData\Local\Windows Live Writer [23/02/2016 13:00:25] - |D| - [3] - C:\Users\Patrick\AppData\Local\WnSoft-WaveCache [16/06/2015 15:16:12] - |D| - [2345476] - C:\Users\Patrick\AppData\LocalLow\Adobe [28/06/2015 10:46:30] - |D| - [8921] - C:\Users\Patrick\AppData\LocalLow\Apple Computer [28/01/2017 18:10:15] - |D| - [1460803927] - C:\Users\Patrick\AppData\LocalLow\Google [17/06/2015 15:50:11] - |D| - [0] - C:\Users\Patrick\AppData\LocalLow\Intel [15/06/2015 15:07:57] - |SD| - [144885888] - C:\Users\Patrick\AppData\LocalLow\Microsoft [18/11/2016 11:39:44] - |D| - [0] - C:\Users\Patrick\AppData\LocalLow\Mozilla [05/09/2015 19:30:43] - |D| - [427044136] - C:\Users\Patrick\AppData\LocalLow\Oracle [14/07/2015 15:44:13] - |D| - [307073] - C:\Users\Patrick\AppData\LocalLow\Sun [20/07/2015 14:54:38] - |D| - [0] - C:\Users\Patrick\AppData\LocalLow\Temp [16/06/2015 17:39:39] - |D| - [0] - C:\Users\Patrick\AppData\Roaming\2BrightSparks [15/06/2015 21:20:20] - |D| - [340688205] - C:\Users\Patrick\AppData\Roaming\Adobe [20/01/2016 07:53:14] - |D| - [6242970] - C:\Users\Patrick\AppData\Roaming\Apowersoft [28/06/2015 14:19:47] - |D| - [2668698] - C:\Users\Patrick\AppData\Roaming\Apple Computer [06/01/2017 09:04:07] - |D| - [597752] - C:\Users\Patrick\AppData\Roaming\ArcSoft [15/06/2015 17:10:14] - |D| - [29594938] - C:\Users\Patrick\AppData\Roaming\AVAST Software [19/07/2015 15:51:26] - |D| - [2162688] - C:\Users\Patrick\AppData\Roaming\BlueLabsSoftware [12/08/2015 17:52:38] - |D| - [1747] - C:\Users\Patrick\AppData\Roaming\Canneverbe Limited [16/06/2015 09:56:35] - |D| - [0] - C:\Users\Patrick\AppData\Roaming\com.eizo.EasyPIX [16/06/2015 16:38:20] - |D| - [3036] - C:\Users\Patrick\AppData\Roaming\CornerBowl [15/06/2015 21:48:04] - |D| - [0] - C:\Users\Patrick\AppData\Roaming\DAEMON Tools Lite [06/10/2015 09:40:32] - |D| - [11254] - C:\Users\Patrick\AppData\Roaming\Dell [02/11/2015 06:38:45] - |D| - [0] - C:\Users\Patrick\AppData\Roaming\DiskDefrag [22/12/2016 10:18:55] - |D| - [203] - C:\Users\Patrick\AppData\Roaming\dvdcss [27/06/2015 14:37:57] - |D| - [57976832] - C:\Users\Patrick\AppData\Roaming\DxO Labs [18/08/2016 08:04:06] - |D| - [0] - C:\Users\Patrick\AppData\Roaming\EncryptStick [15/06/2015 21:00:48] - |D| - [163038762] - C:\Users\Patrick\AppData\Roaming\FastStone [02/11/2015 06:38:45] - |D| - [711046] - C:\Users\Patrick\AppData\Roaming\GlarySoft [08/12/2016 17:02:03] - |D| - [0] - C:\Users\Patrick\AppData\Roaming\hps-install [15/06/2015 19:15:06] - |D| - [2565] - C:\Users\Patrick\AppData\Roaming\HpUpdate [15/06/2015 15:57:08] - |D| - [0] - C:\Users\Patrick\AppData\Roaming\Identities [27/04/2016 07:19:35] - |D| - [2999] - C:\Users\Patrick\AppData\Roaming\Imagenomic [18/06/2015 16:52:43] - |D| - [0] - C:\Users\Patrick\AppData\Roaming\InstallShield [05/11/2016 17:36:33] - |D| - [76390] - C:\Users\Patrick\AppData\Roaming\JAM Software [15/06/2015 19:47:55] - |D| - [5250] - C:\Users\Patrick\AppData\Roaming\KeePass [16/06/2015 07:45:22] - |D| - [316953] - C:\Users\Patrick\AppData\Roaming\Macromedia [06/08/2015 16:20:05] - |D| - [18464711] - C:\Users\Patrick\AppData\Roaming\MAGIX [15/06/2015 15:57:04] - |D| - [0] - C:\Users\Patrick\AppData\Roaming\Media Center Programs [14/09/2016 11:05:32] - |SD| - [98315833] - C:\Users\Patrick\AppData\Roaming\Microsoft [15/06/2015 17:56:28] - |D| - [307001425] - C:\Users\Patrick\AppData\Roaming\Mozilla [13/02/2016 07:33:01] - |D| - [15922238] - C:\Users\Patrick\AppData\Roaming\MyPhoneExplorer [16/06/2015 07:53:18] - |D| - [24698744] - C:\Users\Patrick\AppData\Roaming\NVIDIA [15/01/2016 06:32:18] - |D| - [0] - C:\Users\Patrick\AppData\Roaming\PDAppFlex [22/08/2015 17:22:30] - |A| - [132] - C:\Users\Patrick\AppData\Roaming\Préfs Format PNG Adobe CS6 [24/04/2016 09:27:26] - |D| - [290] - C:\Users\Patrick\AppData\Roaming\Road Trip Effect Pro prefs [03/11/2015 12:31:19] - |D| - [251834151] - C:\Users\Patrick\AppData\Roaming\Samsung [14/09/2016 11:15:03] - |D| - [77] - C:\Users\Patrick\AppData\Roaming\Skype [22/12/2016 07:36:09] - |D| - [10508885] - C:\Users\Patrick\AppData\Roaming\Sony Corporation [21/06/2015 16:14:31] - |D| - [0] - C:\Users\Patrick\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [10/09/2016 17:39:11] - |D| - [98095] - C:\Users\Patrick\AppData\Roaming\Summitsoft [05/09/2015 19:35:48] - |D| - [0] - C:\Users\Patrick\AppData\Roaming\Sun [02/02/2017 09:56:52] - |D| - [130946] - C:\Users\Patrick\AppData\Roaming\TeamViewer [05/02/2017 14:05:43] - |D| - [1718564756] - C:\Users\Patrick\AppData\Roaming\Thunderbird [18/06/2015 13:39:38] - |D| - [3296987] - C:\Users\Patrick\AppData\Roaming\TomTom [23/06/2015 06:51:18] - |D| - [88607] - C:\Users\Patrick\AppData\Roaming\vlc [06/09/2015 16:52:02] - |D| - [0] - C:\Users\Patrick\AppData\Roaming\Wacom [06/09/2015 16:52:05] - |D| - [0] - C:\Users\Patrick\AppData\Roaming\wacomid-desktop-launcher [16/06/2015 09:56:52] - |D| - [295] - C:\Users\Patrick\AppData\Roaming\Windows Live Writer [23/06/2015 09:00:40] - |D| - [12] - C:\Users\Patrick\AppData\Roaming\WinRAR [12/08/2015 15:22:12] - |D| - [12098] - C:\Users\Patrick\AppData\Roaming\X-Rite [05/02/2017 07:30:35] - |D| - [3110648] - C:\Users\Patrick\AppData\Roaming\ZHP [15/06/2015 15:57:13] - |ASH| - [174] - C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [14/09/2016 11:05:32] - |SHD| - [34147] - C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [14/09/2016 11:05:32] - |RD| - [34147] - C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [14/09/2016 11:05:32] - |RD| - [3888] - C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [14/09/2016 11:05:32] - |RD| - [4231] - C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [15/06/2015 15:57:13] - |RD| - [174] - C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [23/09/2015 15:02:11] - |D| - [372] - C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell [14/09/2016 11:13:02] - |ASH| - [174] - C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [10/05/2016 14:31:55] - |A| - [1047] - C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fonctionnalités optionnelles.lnk [05/12/2015 21:41:05] - |D| - [192] - C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [12/12/2015 11:16:09] - |D| - [2209] - C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kolor Autopano Giga 3.5 [14/09/2016 11:05:32] - |D| - [170] - C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [10/05/2016 14:31:44] - |A| - [2413] - C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [24/04/2016 10:03:05] - |D| - [2234] - C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Route Generator [15/06/2015 15:57:13] - |RD| - [174] - C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [14/09/2016 11:05:32] - |RD| - [5318] - C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [14/09/2016 11:05:32] - |RD| - [7238] - C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [23/06/2015 08:55:08] - |D| - [4313] - C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [15/06/2015 15:57:13] - |ASH| - [174] - C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [Public] ---------- | C:\ProgramData [21/08/2016 16:16:10] - |D| - [0] - C:\ProgramData\2BrightSparks [15/06/2015 18:55:51] - |D| - [853240373] - C:\ProgramData\Adobe [13/01/2016 16:24:57] - |D| - [648796] - C:\ProgramData\albumphoto [15/06/2015 19:14:53] - |A| - [57] - C:\ProgramData\Ament.ini [20/01/2016 07:53:26] - |D| - [0] - C:\ProgramData\Apowersoft [28/06/2015 10:46:50] - |D| - [263656819] - C:\ProgramData\Apple [08/11/2016 11:20:47] - |D| - [542] - C:\ProgramData\Apple Computer [14/09/2016 11:12:48] - |SHD| - [85746203524] - C:\ProgramData\Application Data [06/01/2017 09:02:27] - |D| - [10891] - C:\ProgramData\ArcSoft [15/06/2015 16:36:35] - |D| - [1002805683] - C:\ProgramData\AVAST Software [30/05/2016 16:03:09] - |D| - [4194316] - C:\ProgramData\boost_interprocess [15/06/2015 15:57:02] - |SHD| - [5512785] - C:\ProgramData\Bureau [12/08/2015 17:52:44] - |D| - [0] - C:\ProgramData\Canneverbe Limited [16/07/2016 12:47:48] - |D| - [0] - C:\ProgramData\Comms [06/01/2017 08:59:33] - |D| - [74873] - C:\ProgramData\Conexant [16/06/2015 16:38:20] - |D| - [5085091] - C:\ProgramData\CornerBowl [20/08/2016 18:21:12] - |D| - [668160] - C:\ProgramData\cypherix [15/06/2015 21:47:32] - |D| - [3136] - C:\ProgramData\DAEMON Tools Lite [06/10/2015 09:32:20] - |D| - [273730705] - C:\ProgramData\Dell [14/09/2016 11:12:48] - |SHD| - [278] - C:\ProgramData\Documents [15/06/2015 15:08:18] - |D| - [3225478] - C:\ProgramData\Downloaded Installations [14/09/2016 11:04:23] - |AH| - [0] - C:\ProgramData\DP45977C.lfl [27/06/2015 14:34:57] - |D| - [24276642] - C:\ProgramData\DxO Labs [20/03/2016 08:30:18] - |D| - [1917] - C:\ProgramData\Epson [15/06/2015 15:57:02] - |SHD| - [0] - C:\ProgramData\Favoris [02/11/2015 06:49:40] - |D| - [11059079] - C:\ProgramData\GlarySoft [15/06/2015 15:07:50] - |D| - [520048918] - C:\ProgramData\Google [15/06/2015 19:14:57] - |AD| - [1406832] - C:\ProgramData\HP [23/08/2015 08:34:39] - |D| - [8080024] - C:\ProgramData\hps [15/06/2015 15:12:47] - |D| - [61515010] - C:\ProgramData\Intel [15/06/2015 15:41:35] - |D| - [20975] - C:\ProgramData\Intel Application Pairing [06/01/2017 17:40:21] - |D| - [2560059780] - C:\ProgramData\MAGIX [14/07/2015 16:23:01] - |D| - [200956868] - C:\ProgramData\Malwarebytes [28/09/2016 08:52:56] - |D| - [82931370] - C:\ProgramData\MalwarebytesARW [15/06/2015 15:57:02] - |SHD| - [359692] - C:\ProgramData\Menu Démarrer [16/07/2016 12:47:48] - |SD| - [1743348901] - C:\ProgramData\Microsoft [15/06/2015 21:53:54] - |D| - [65250] - C:\ProgramData\Microsoft Help [14/09/2016 11:14:33] - |D| - [0] - C:\ProgramData\Microsoft OneDrive [30/05/2016 05:07:18] - |D| - [1905] - C:\ProgramData\Microsoft Toolkit [20/08/2016 18:21:16] - |A| - [16] - C:\ProgramData\mntemp [15/06/2015 15:57:02] - |SHD| - [0] - C:\ProgramData\Modèles [15/06/2015 17:56:19] - |D| - [31188] - C:\ProgramData\Mozilla [19/10/2015 16:53:29] - |D| - [32] - C:\ProgramData\Nik Software [14/09/2016 11:04:36] - |D| - [2450319] - C:\ProgramData\NVIDIA [14/09/2016 11:04:30] - |D| - [2965416] - C:\ProgramData\NVIDIA Corporation [06/08/2015 16:15:18] - |D| - [1913831] - C:\ProgramData\old MAGIXxxx [17/07/2015 18:03:36] - |D| - [155014399] - C:\ProgramData\Oracle [15/06/2015 16:07:13] - |D| - [91296722] - C:\ProgramData\Package Cache [10/07/2016 12:10:00] - |D| - [12798] - C:\ProgramData\Razer [16/06/2015 07:47:47] - |D| - [6821] - C:\ProgramData\regid.1986-12.com.adobe [16/07/2016 12:47:48] - |AD| - [1003] - C:\ProgramData\regid.1991-06.com.microsoft [03/11/2015 12:30:44] - |D| - [511573] - C:\ProgramData\Samsung [16/07/2016 12:47:48] - |D| - [0] - C:\ProgramData\SoftwareDistribution [26/11/2016 09:49:40] - |D| - [3409131] - C:\ProgramData\Sony Corporation [17/07/2015 18:03:58] - |D| - [224] - C:\ProgramData\Sun [16/06/2015 15:22:19] - |D| - [0] - C:\ProgramData\Synology [23/08/2015 08:34:39] - |D| - [521010] - C:\ProgramData\tmp [18/06/2015 13:40:40] - |D| - [35864] - C:\ProgramData\TomTom [16/07/2016 12:47:48] - |D| - [4151] - C:\ProgramData\USOPrivate [14/09/2016 11:19:58] - |D| - [2473984] - C:\ProgramData\USOShared [14/07/2015 15:42:11] - |D| - [0] - C:\ProgramData\X-Rite ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [16/07/2016 12:47:50] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [15/06/2015 15:57:02] - |SHD| - [359518] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [16/07/2016 12:47:48] - |RD| - [359518] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [16/06/2015 17:57:13] - |D| - [7557] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2BrightSparks [16/07/2016 12:47:48] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [16/07/2016 12:47:48] - |RD| - [18359] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [01/11/2015 10:19:05] - |A| - [2457] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk [16/07/2016 12:47:48] - |RD| - [20488] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [17/11/2016 07:19:54] - |A| - [1226] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk [15/10/2015 05:05:39] - |A| - [984] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom 6.lnk [21/10/2015 06:54:22] - |A| - [984] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk [05/01/2017 12:30:44] - |A| - [1085] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2017.lnk [28/06/2015 10:46:51] - |A| - [2519] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [07/01/2017 19:33:29] - |D| - [2510] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Connect [07/01/2017 19:31:03] - |D| - [2111] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft ShowBiz [14/09/2016 05:41:24] - |A| - [731] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assistant Mise à niveau de Windows 10.lnk [12/08/2016 17:02:35] - |A| - [1979] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Pro Antivirus.lnk [18/12/2015 06:15:51] - |A| - [1088] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk [15/06/2015 16:46:21] - |D| - [1940] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software [21/08/2016 16:07:29] - |D| - [963] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [12/08/2015 17:52:38] - |A| - [1174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk [06/10/2015 09:32:40] - |D| - [1681] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell [01/11/2015 14:42:44] - |D| - [3948] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Display Manager [16/07/2016 12:47:50] - |ASH| - [796] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [27/06/2015 14:56:04] - |D| - [3850] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO OpticsPro 10 [19/11/2016 09:42:27] - |D| - [4143] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e-Carte Bleue La Banque Postale [20/03/2016 08:56:38] - |D| - [1136] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software [24/09/2015 06:36:48] - |D| - [5382] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evoluent Mouse Manager [15/06/2015 21:00:30] - |D| - [4538] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer [14/07/2009 06:32:38] - |RD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [15/06/2015 15:07:45] - |A| - [2270] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [15/06/2015 15:15:40] - |D| - [7538] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive [28/01/2017 18:10:13] - |D| - [8954] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [15/06/2015 19:15:01] - |D| - [15442] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP [21/09/2015 09:57:57] - |A| - [953] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hubiC.lnk [27/04/2016 06:34:50] - |D| - [6103] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Imagenomic [16/07/2016 12:43:50] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [13/08/2015 09:31:17] - |D| - [6421] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [15/06/2015 18:46:36] - |A| - [1186] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk [02/01/2017 15:15:57] - |D| - [106415] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX [16/07/2016 12:47:48] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [04/06/2016 07:16:08] - |D| - [3947] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes [25/09/2016 06:02:14] - |D| - [5271] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware [17/06/2015 13:02:01] - |D| - [2338] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [16/07/2016 12:42:22] - |RAS| - [2219] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk [23/08/2015 08:34:37] - |D| - [2559] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mon Univers Photomoinscher 5.1 [15/06/2015 17:56:19] - |A| - [1159] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [05/02/2017 14:05:40] - |A| - [1278] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk [15/06/2015 15:20:27] - |D| - [22877] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI [20/06/2016 05:42:42] - |D| - [2703] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI(R) Intel(R) Extreme Tuning Utility [26/01/2017 18:40:55] - |D| - [3970] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer [08/10/2015 16:21:20] - |D| - [3457] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA3100M Genie [11/01/2017 11:22:12] - |D| - [5138] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [23/02/2016 10:56:06] - |D| - [5462] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PicturesToExe 7.0 [16/07/2016 12:43:50] - |RAS| - [2199] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk [03/11/2015 12:31:13] - |D| - [2353] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung [16/07/2016 12:47:48] - |RD| - [5341] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [02/11/2015 06:41:19] - |HD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup-Disabled [16/06/2015 15:22:18] - |D| - [3967] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synology [16/07/2016 12:47:48] - |RD| - [2670] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [27/04/2016 06:29:00] - |RHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC [18/06/2015 13:39:23] - |D| - [6963] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom [08/12/2016 17:07:29] - |D| - [5310] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UNIVERS PHOTO CEWE Leclerc [30/12/2015 08:57:02] - |D| - [2345] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verbatim [23/06/2015 06:51:06] - |D| - [7188] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [14/09/2016 11:08:28] - |A| - [1519] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [23/06/2015 08:55:08] - |D| - [4241] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [01/11/2015 14:42:44] - |A| - [1250] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell Display Manager.lnk [16/07/2016 12:47:50] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [02/11/2015 06:41:19] - |A| - [1236] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Evoluent Mouse Manager.lnk [08/10/2015 16:21:20] - |A| - [1147] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100M Genie.lnk [06/10/2015 09:32:40] - |A| - [1534] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\XRGamma.lnk ---------- | C:\Program Files (x86) [16/06/2015 17:39:28] - |D| - [51026027] - C:\Program Files (x86)\2BrightSparks [15/06/2015 18:56:02] - |AD| - [481985570] - C:\Program Files (x86)\Adobe [01/05/2016 15:33:36] - |AD| - [2743854] - C:\Program Files (x86)\Apple Software Update [07/01/2017 19:30:40] - |AD| - [322919837] - C:\Program Files (x86)\ArcSoft [08/11/2016 11:20:02] - |AD| - [631713] - C:\Program Files (x86)\Bonjour [12/08/2015 17:52:38] - |AD| - [14006709] - C:\Program Files (x86)\CDBurnerXP [16/07/2016 07:04:24] - |D| - [956090779] - C:\Program Files (x86)\Common Files [01/10/2015 15:16:48] - |D| - [0] - C:\Program Files (x86)\Datacolor [04/09/2015 09:25:20] - |D| - [289834358] - C:\Program Files (x86)\Dell [16/07/2016 12:47:50] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [19/11/2016 09:42:27] - |D| - [475896] - C:\Program Files (x86)\e-Carte Bleue [20/03/2016 08:58:56] - |D| - [0] - C:\Program Files (x86)\EPSON [20/03/2016 08:56:38] - |D| - [9839422] - C:\Program Files (x86)\EPSON Software [24/09/2015 06:36:48] - |D| - [11023552] - C:\Program Files (x86)\Evoluent [15/06/2015 21:00:30] - |D| - [15572135] - C:\Program Files (x86)\FastStone Image Viewer [15/06/2015 15:07:40] - |D| - [609938917] - C:\Program Files (x86)\Google [24/06/2016 16:33:30] - |D| - [0] - C:\Program Files (x86)\GUM1CC6.tmp [27/04/2016 06:39:16] - |D| - [0] - C:\Program Files (x86)\GUM6B31.tmp [28/06/2015 15:05:17] - |D| - [1999465] - C:\Program Files (x86)\Hewlett-Packard [15/06/2015 19:14:57] - |AD| - [22619326] - C:\Program Files (x86)\HP [26/04/2016 21:33:58] - |D| - [6992470] - C:\Program Files (x86)\Imagenomic [15/06/2015 16:07:33] - |HD| - [53139369] - C:\Program Files (x86)\InstallShield Installation Information [15/06/2015 15:12:47] - |AD| - [87473674] - C:\Program Files (x86)\Intel [16/07/2016 12:47:48] - |D| - [2229699] - C:\Program Files (x86)\Internet Explorer [05/11/2016 17:33:58] - |D| - [5908553] - C:\Program Files (x86)\JAM Software [30/07/2015 18:12:54] - |D| - [507132561] - C:\Program Files (x86)\Java [15/06/2015 18:46:36] - |AD| - [6665866] - C:\Program Files (x86)\KeePass Password Safe 2 [06/01/2017 17:40:15] - |D| - [732056979] - C:\Program Files (x86)\MAGIX [25/09/2016 06:02:12] - |AD| - [59499474] - C:\Program Files (x86)\Malwarebytes Anti-Malware [17/06/2015 13:01:23] - |D| - [42890830] - C:\Program Files (x86)\Microsoft Silverlight [15/06/2015 15:41:33] - |AD| - [3242367] - C:\Program Files (x86)\Microsoft SQL Server Compact Edition [15/06/2015 15:41:33] - |D| - [343335] - C:\Program Files (x86)\Microsoft Synchronization Services [16/07/2016 12:47:48] - |AD| - [23935] - C:\Program Files (x86)\Microsoft.NET [18/11/2016 09:30:21] - |AD| - [97492930] - C:\Program Files (x86)\Mozilla Firefox [15/06/2015 17:56:18] - |D| - [304866] - C:\Program Files (x86)\Mozilla Maintenance Service [05/02/2017 14:05:34] - |AD| - [88787181] - C:\Program Files (x86)\Mozilla Thunderbird [14/09/2016 11:57:28] - |D| - [25757] - C:\Program Files (x86)\MSBuild [16/01/2016 16:34:47] - |D| - [6405679] - C:\Program Files (x86)\MSECache [15/06/2015 15:20:26] - |D| - [151551241] - C:\Program Files (x86)\MSI [14/07/2015 15:44:12] - |AD| - [683545] - C:\Program Files (x86)\My Program [21/07/2016 19:19:32] - |AD| - [84943115] - C:\Program Files (x86)\MyDrive Connect [13/02/2016 07:32:47] - |D| - [25105882] - C:\Program Files (x86)\MyPhoneExplorer [08/10/2015 16:21:20] - |D| - [22784574] - C:\Program Files (x86)\NETGEAR [14/09/2016 11:04:28] - |D| - [84135928] - C:\Program Files (x86)\NVIDIA Corporation [06/08/2015 16:15:12] - |D| - [92345499] - C:\Program Files (x86)\old MAGIX [16/06/2015 17:01:44] - |D| - [9662793] - C:\Program Files (x86)\Paragon Software [10/07/2016 12:09:57] - |D| - [0] - C:\Program Files (x86)\Razer [15/06/2015 16:07:35] - |D| - [21713077] - C:\Program Files (x86)\Realtek [14/09/2016 11:57:28] - |D| - [38450433] - C:\Program Files (x86)\Reference Assemblies [15/06/2015 15:08:24] - |D| - [860259] - C:\Program Files (x86)\Renesas Electronics [24/04/2016 09:56:14] - |D| - [66451503] - C:\Program Files (x86)\Route Generator [03/11/2015 12:29:32] - |D| - [62532790] - C:\Program Files (x86)\Samsung [16/06/2015 15:22:18] - |D| - [22659329] - C:\Program Files (x86)\Synology [15/06/2015 16:08:30] - |HD| - [0] - C:\Program Files (x86)\Temp [18/06/2015 13:39:22] - |AD| - [51513696] - C:\Program Files (x86)\TomTom HOME 2 [18/06/2015 13:39:05] - |D| - [44972] - C:\Program Files (x86)\TomTom International B.V [14/09/2016 11:04:35] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information [30/12/2015 08:57:02] - |D| - [2396006] - C:\Program Files (x86)\Verbatim [23/06/2015 06:51:02] - |D| - [131239225] - C:\Program Files (x86)\VideoLAN [11/01/2017 11:21:33] - |D| - [846194] - C:\Program Files (x86)\VulkanRT [16/07/2016 12:47:48] - |D| - [1941504] - C:\Program Files (x86)\Windows Defender [16/07/2016 12:47:48] - |D| - [5958656] - C:\Program Files (x86)\Windows Mail [16/07/2016 12:47:48] - |D| - [3275928] - C:\Program Files (x86)\Windows Media Player [16/07/2016 12:47:48] - |D| - [34128] - C:\Program Files (x86)\Windows Multimedia Platform [16/07/2016 12:47:48] - |D| - [7584962] - C:\Program Files (x86)\Windows NT [16/07/2016 12:47:48] - |D| - [5424832] - C:\Program Files (x86)\Windows Photo Viewer [16/07/2016 12:47:48] - |D| - [34128] - C:\Program Files (x86)\Windows Portable Devices [16/07/2016 12:47:48] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar [16/07/2016 12:47:48] - |D| - [4147133] - C:\Program Files (x86)\WindowsPowerShell [23/02/2016 10:56:04] - |D| - [33029772] - C:\Program Files (x86)\WnSoft PicturesToExe [14/07/2015 15:41:47] - |D| - [17059467] - C:\Program Files (x86)\X-Rite ---------- | C:\Program Files [15/06/2015 21:20:51] - |AD| - [3925673338] - C:\Program Files\Adobe [15/06/2015 16:40:04] - |D| - [1393048059] - C:\Program Files\AVAST Software [08/11/2016 11:20:02] - |AD| - [615066] - C:\Program Files\Bonjour [15/06/2015 17:35:52] - |AD| - [20008904] - C:\Program Files\CCleaner [16/07/2016 07:04:24] - |D| - [187066165] - C:\Program Files\Common Files [06/01/2017 09:06:14] - |D| - [8381440] - C:\Program Files\Conexant [10/05/2016 12:18:44] - |D| - [36327879] - C:\Program Files\DAEMON Tools Lite [16/07/2016 12:47:50] - |ASH| - [174] - C:\Program Files\desktop.ini [16/06/2015 08:09:25] - |D| - [1050104] - C:\Program Files\DIFX [14/07/2009 06:32:38] - |D| - [0] - C:\Program Files\DVD Maker [27/06/2015 14:56:00] - |D| - [297541320] - C:\Program Files\DxO Labs [15/06/2015 15:57:02] - |SHD| - [187066165] - C:\Program Files\Fichiers communs [15/06/2015 15:08:08] - |D| - [489994280] - C:\Program Files\Google [15/06/2015 19:14:57] - |D| - [108988555] - C:\Program Files\HP [14/09/2016 11:04:13] - |D| - [70202048] - C:\Program Files\Intel [16/07/2016 12:47:47] - |D| - [2582366] - C:\Program Files\Internet Explorer [23/02/2016 06:31:41] - |D| - [552377641] - C:\Program Files\Java [03/07/2016 05:53:55] - |AD| - [7956882] - C:\Program Files\KMSpico [16/06/2015 07:57:34] - |D| - [145713840] - C:\Program Files\Kolor [04/06/2016 07:16:05] - |D| - [80937192] - C:\Program Files\Malwarebytes [14/07/2009 06:32:38] - |D| - [3149092] - C:\Program Files\Microsoft Games [30/05/2016 05:04:37] - |AD| - [213568] - C:\Program Files\Microsoft Office [17/06/2015 13:01:23] - |AD| - [55721038] - C:\Program Files\Microsoft Silverlight [15/06/2015 15:41:34] - |AD| - [4421503] - C:\Program Files\Microsoft SQL Server Compact Edition [15/06/2015 15:41:34] - |D| - [343335] - C:\Program Files\Microsoft Synchronization Services [14/09/2016 11:57:28] - |D| - [25757] - C:\Program Files\MSBuild [14/09/2016 11:04:27] - |D| - [555446055] - C:\Program Files\NVIDIA Corporation [21/09/2015 09:57:57] - |D| - [7290752] - C:\Program Files\OVH [23/08/2015 08:32:07] - |D| - [353316172] - C:\Program Files\photomoinscher 5.1 [14/09/2016 11:04:16] - |D| - [48471664] - C:\Program Files\Realtek [14/09/2016 11:57:28] - |D| - [36850857] - C:\Program Files\Reference Assemblies [03/11/2015 12:30:56] - |D| - [25805299] - C:\Program Files\Samsung [27/04/2016 06:43:31] - |HD| - [0] - C:\Program Files\Uninstall Information [16/07/2016 12:47:47] - |RD| - [14913860] - C:\Program Files\Windows Defender [16/07/2016 12:47:47] - |D| - [6181888] - C:\Program Files\Windows Mail [16/07/2016 12:47:47] - |D| - [4989628] - C:\Program Files\Windows Media Player [16/07/2016 12:47:47] - |D| - [37784] - C:\Program Files\Windows Multimedia Platform [16/07/2016 12:47:47] - |D| - [7849154] - C:\Program Files\Windows NT [16/07/2016 12:47:47] - |D| - [6223552] - C:\Program Files\Windows Photo Viewer [16/07/2016 12:47:47] - |D| - [37784] - C:\Program Files\Windows Portable Devices [16/07/2016 12:47:47] - |SHD| - [0] - C:\Program Files\Windows Sidebar [16/07/2016 12:47:47] - |HD| - [1427446332] - C:\Program Files\WindowsApps [16/07/2016 12:47:47] - |D| - [4569400] - C:\Program Files\WindowsPowerShell [23/06/2015 08:54:50] - |AD| - [6013706] - C:\Program Files\WinRAR ---------- | C:\Program Files (x86)\Common Files [15/06/2015 18:56:02] - |AD| - [605111103] - C:\Program Files (x86)\Common Files\Adobe [16/06/2015 08:09:23] - |AD| - [51067974] - C:\Program Files (x86)\Common Files\Adobe AIR [05/09/2015 15:44:45] - |D| - [981] - C:\Program Files (x86)\Common Files\Aladdin Shared [28/06/2015 10:46:54] - |D| - [137769661] - C:\Program Files (x86)\Common Files\Apple [06/01/2017 09:02:28] - |D| - [8654244] - C:\Program Files (x86)\Common Files\ArcSoft [03/12/2015 18:14:00] - |D| - [1664423] - C:\Program Files (x86)\Common Files\AV [26/01/2017 18:40:55] - |D| - [86016] - C:\Program Files (x86)\Common Files\DESIGNER [15/06/2015 16:08:26] - |D| - [3234874] - C:\Program Files (x86)\Common Files\InstallShield [14/09/2016 11:04:11] - |D| - [68080827] - C:\Program Files (x86)\Common Files\Intel [05/02/2017 15:56:32] - |D| - [1942088] - C:\Program Files (x86)\Common Files\Java [06/08/2015 16:17:32] - |D| - [600069] - C:\Program Files (x86)\Common Files\MAGIX Shared [16/07/2016 12:47:48] - |AD| - [19527332] - C:\Program Files (x86)\Common Files\Microsoft Shared [14/07/2015 15:43:50] - |D| - [1078271] - C:\Program Files (x86)\Common Files\Portrait Displays [10/05/2016 14:36:10] - |D| - [204796] - C:\Program Files (x86)\Common Files\PostureAgent [05/09/2015 15:44:46] - |D| - [0] - C:\Program Files (x86)\Common Files\SafeNet Sentinel [16/07/2016 12:47:48] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [14/09/2016 11:06:35] - |D| - [41095079] - C:\Program Files (x86)\Common Files\SpeechEngines [16/07/2016 12:47:48] - |D| - [15970339] - C:\Program Files (x86)\Common Files\System [16/06/2015 09:49:58] - |D| - [0] - C:\Program Files (x86)\Common Files\Windows Live ---------- | C:\Program Files\Common files [15/06/2015 21:21:07] - |D| - [110172770] - C:\Program Files\Common files\Adobe [08/11/2016 11:19:57] - |D| - [15772036] - C:\Program Files\Common files\Apple [03/12/2015 18:14:00] - |D| - [1664423] - C:\Program Files\Common files\AV [20/03/2016 08:56:27] - |D| - [0] - C:\Program Files\Common files\EPSON [16/07/2016 12:47:47] - |AD| - [48609167] - C:\Program Files\Common files\microsoft shared [16/07/2016 12:47:47] - |D| - [2702] - C:\Program Files\Common files\Services [14/09/2016 11:06:34] - |D| - [599040] - C:\Program Files\Common files\SpeechEngines [16/07/2016 12:47:47] - |D| - [10246027] - C:\Program Files\Common files\System ---------- | Tasks [MD5.43FD847A3DE7CB55A05CE00D8F3FB621] - [23/02/2016 06:24:41] - |A| - [1002] - C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [14/09/2016 11:11:01] - |AH| - [6] - C:\WINDOWS\Tasks\SA.DAT [MD5.9E844C9CAF5B8826D79BCF21A83452F6] - [06/09/2015 07:04:07] - |A| - [390] - C:\WINDOWS\Tasks\X-Rite Device Services Software Updater.job [MD5.5093F6A4C927B6FA0FD71FEADD4C91F4] - [05/09/2015 15:44:33] - |AH| - [1404] - C:\WINDOWS\Tasks\{1AF468C2-19D6-44EE-88F4-724F8619FFB4}.job [MD5.00000000000000000000000000000000] - [14/09/2016 11:11:01] - |D| - [29864] - C:\WINDOWS\System32\Tasks\2BrightSparks [MD5.FCAC5C7565C3D51099D6E1EC7E77A058] - [14/09/2016 11:11:01] - |A| - [4562] - C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task : C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [MD5.3359A32545E0D6F46B8C32900D74E07E] - [14/09/2016 11:11:01] - |A| - [3976] - C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater : C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [MD5.D957B34FD1FB776EC5A19CE1F8AE03ED] - [14/09/2016 11:11:01] - |A| - [2808] - C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-patrick.prou@outlook.fr : C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [MD5.00000000000000000000000000000000] - [14/09/2016 11:11:01] - |D| - [2624] - C:\WINDOWS\System32\Tasks\Apple [MD5.00000000000000000000000000000000] - [14/09/2016 11:11:01] - |D| - [3968] - C:\WINDOWS\System32\Tasks\AVAST Software [MD5.A0CEE7E8BF26E34618C9CF3B95D2E470] - [14/09/2016 11:11:01] - |A| - [2952] - C:\WINDOWS\System32\Tasks\avast! Emergency Update : C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [MD5.12A876CDB34087C0B1FCE7560096DA73] - [14/09/2016 11:11:01] - |A| - [2232] - C:\WINDOWS\System32\Tasks\CCleanerSkipUAC : "C:\Program Files\CCleaner\CCleaner.exe" [MD5.19402C5EE0AADE3B5940E0E3980A4923] - [14/09/2016 11:11:01] - |A| - [2554] - C:\WINDOWS\System32\Tasks\GlaryInitialize 5 : C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [MD5.FC2DBA3562434AFBB29643C596BE3339] - [14/09/2016 11:11:01] - |A| - [3462] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.83179557F09F4E544A6D8B13DB49F6B2] - [14/09/2016 11:11:01] - |A| - [3586] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.BA06038BAFAD99F3DB7FA76931F95706] - [14/09/2016 11:11:01] - |A| - [2276] - C:\WINDOWS\System32\Tasks\GU5SkipUAC : C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [MD5.00000000000000000000000000000000] - [14/09/2016 11:11:01] - |D| - [3314] - C:\WINDOWS\System32\Tasks\Intel [MD5.00000000000000000000000000000000] - [16/07/2016 12:47:48] - |D| - [583908] - C:\WINDOWS\System32\Tasks\Microsoft [MD5.E1C45A543574E3E36BA740302261F525] - [11/01/2017 11:21:34] - |A| - [3668] - C:\WINDOWS\System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [MD5.9F1620619DE66B102032CF68FE48C139] - [13/01/2017 06:08:46] - |A| - [3284] - C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.B74F71300ECFB7C2E4D1F5FFDEAFC3DB] - [14/09/2016 11:11:01] - |A| - [2876] - C:\WINDOWS\System32\Tasks\Paragon Updater : C:\Program Files (x86)\Paragon Software\Updater\Updater.exe [MD5.B6CBA4EA0F49660C2EA29EFEBF53D950] - [14/09/2016 11:11:01] - |A| - [4036] - C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1450415751 : C:\Program Files\AVAST Software\SZBrowser\launcher.exe [MD5.2EE7BF1DDEA5D1983BF9AA9BD09D7959] - [14/09/2016 11:11:01] - |A| - [2246] - C:\WINDOWS\System32\Tasks\urbrowser : C:\Users\Patrick\AppData\Local\URBrowser\Application\urbrowser.exe [MD5.33477B42DCA714BD6E3A755CFC91487E] - [14/09/2016 11:11:01] - |A| - [3310] - C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{060AABDE-05B8-40B8-BAA7-53FBF851B334} : C:\WINDOWS\system32\msfeedssync.exe [MD5.00000000000000000000000000000000] - [14/09/2016 11:11:01] - |D| - [3844] - C:\WINDOWS\System32\Tasks\WPD [MD5.94E664F7381AAB046F786370C0EDC042] - [14/09/2016 11:11:01] - |A| - [2714] - C:\WINDOWS\System32\Tasks\X-Rite Device Services Software Updater : C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe [MD5.ABC811870B077EFBAAD5691189BEF557] - [14/09/2016 11:11:01] - |A| - [3434] - C:\WINDOWS\System32\Tasks\{1AF468C2-19D6-44EE-88F4-724F8619FFB4} : C:\Users\Patrick\AppData\Local\Temp\is-9QAI2.tmp\XRD Manager.exe [MD5.7C6227B0EDF9160D8547A189CD5835B6] - [14/09/2016 11:11:01] - |A| - [2182] - C:\WINDOWS\System32\Tasks\{C92A2F1E-84A8-4083-9B68-5530F39B682B} : C:\Windows\system32\pcalua.exe [MD5.00000000000000000000000000000000] - [16/07/2016 12:47:48] - |D| - [0] - C:\WINDOWS\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "Wininit-Shutdown-In-Rule-TCP-RPC"=v2.26|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%systemroot%\system32\wininit.exe|Name=@firewallapi.dll,-36753|Desc=@firewallapi.dll,-36754|EmbedCtxt=@firewallapi.dll,-36751| "Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper"=v2.26|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC-EPMap|App=%systemroot%\system32\wininit.exe|Name=@firewallapi.dll,-36755|Desc=@firewallapi.dll,-36756|EmbedCtxt=@firewallapi.dll,-36751| "Netlogon-NamedPipe-In"=v2.26|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "Netlogon-TCP-RPC-In"=v2.26|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010| "WirelessDisplay-In-TCP"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-UDP"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Infra-In-TCP"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=7250|App=%systemroot%\system32\CastSrv.exe|Name=@wifidisplay.dll,-10206|Desc=@wifidisplay.dll,-10207|EmbedCtxt=@wifidisplay.dll,-100| "MDNS-In-UDP"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort2_24=mDNS|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@%SystemRoot%\system32\firewallapi.dll,-37303|Desc=@%SystemRoot%\system32\firewallapi.dll,-37304|EmbedCtxt=@%SystemRoot%\system32\firewallapi.dll,-37302| "MDNS-Out-UDP"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|LPort=5353|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@%SystemRoot%\system32\firewallapi.dll,-37305|Desc=@%SystemRoot%\system32\firewallapi.dll,-37306|EmbedCtxt=@%SystemRoot%\system32\firewallapi.dll,-37302| "IIS-WebServerRole-HTTP-In-TCP"=v2.26|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|Profile=Public|LPort=80|App=System|Name=@%windir%\system32\inetsrv\iisres.dll,-30500|Desc=@%windir%\system32\inetsrv\iisres.dll,-30510|EmbedCtxt=@%windir%\system32\inetsrv\iisres.dll,-30501| "IIS-WebServerRole-HTTPS-In-TCP"=v2.26|Action=Allow|Active=FALSE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|Profile=Public|LPort=443|App=System|Name=@%windir%\system32\inetsrv\iisres.dll,-30502|Desc=@%windir%\system32\inetsrv\iisres.dll,-30512|EmbedCtxt=@%windir%\system32\inetsrv\iisres.dll,-30503| "WCF-NetTcpActivator-In-TCP-64bit"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=808|Svc=NetTcpActivator|Name=@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll,-2000|Desc=@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll,-2001|EmbedCtxt=@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll,-2002| "DeliveryOptimization-TCP-In"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "DeliveryOptimization-UDP-In"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "{3F2A8257-4699-4233-B4AD-8A893C197605}"=v2.24|Action=Allow|Active=TRUE|Dir=Out|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-893078023-2179327528-203563115-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{6AA9C618-31FB-4209-A17A-3B8755CB0EA4}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe|Name=Samsung SideSync| "{6F864BF3-04D4-4C1B-A561-23854F73B3A5}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe|Name=Samsung SideSync| "UDP Query User{0B431212-CA91-4959-AC57-BE2377AC11A6}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe|Name=MyPhoneExplorer|Desc=MyPhoneExplorer|Defer=User| "TCP Query User{0516C33F-D617-45BC-A891-8A0EA912AAE7}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe|Name=MyPhoneExplorer|Desc=MyPhoneExplorer|Defer=User| "{4CC26897-DC4C-4A6A-AF70-F20B47E11EA0}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|LPort=5454|Name=X-Rite Device Services| "{84DC295A-18B0-4433-A8A8-DDBD8730A8B7}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name='Firefox' (C:\Program Files (x86)\Mozilla Firefox)| "{2BE9EDD0-05E8-4FE4-803E-7C2CB32DA0DC}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name='Firefox' (C:\Program Files (x86)\Mozilla Firefox)| "{FBBA97ED-8504-4A81-86A1-911FCA07C29A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Windows\system32\hasplms.exe|Name=Sentinel License Manager|Desc=Sentinel License Manager| "{B2A47E77-269F-46C9-97BC-D601B4C4F049}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Windows\system32\hasplms.exe|Name=Sentinel License Manager|Desc=Sentinel License Manager| "UDP Query User{FD468C36-B85F-4035-9BC7-B15D9ECC2C62}C:\program files (x86)\synology\assistant\dsassistant.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\synology\assistant\dsassistant.exe|Name=DSAssistant|Desc=DSAssistant|Defer=User| "TCP Query User{8DA00BB4-77FF-4462-B1F3-CF41123286ED}C:\program files (x86)\synology\assistant\dsassistant.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\synology\assistant\dsassistant.exe|Name=DSAssistant|Desc=DSAssistant|Defer=User| "UDP Query User{0B0C722C-D8E3-4916-B659-C0AA88FBF367}C:\program files (x86)\synology\assistant\dsassistant.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\synology\assistant\dsassistant.exe|Name=DSAssistant|Desc=DSAssistant|Defer=User| "TCP Query User{E19531C4-3455-4C86-B7BD-FE415630C88B}C:\program files (x86)\synology\assistant\dsassistant.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\synology\assistant\dsassistant.exe|Name=DSAssistant|Desc=DSAssistant|Defer=User| "{52FE9891-3F0D-4C6F-A854-92975CC63F18}"=v2.10|Action=Allow|Active=TRUE|Dir=In|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPNetworkCommunicatorCom.exe|Name=Communicateur réseau COM HP (HP Photosmart 6520 series)|Edge=TRUE| "{19CC18CF-0145-4255-96D7-7E77A44DF264}"=v2.10|Action=Allow|Active=TRUE|Dir=In|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPNetworkCommunicator.exe|Name=Communicateur réseau HP (HP Photosmart 6520 series)|Edge=TRUE| "{2333C2DF-4B55-4EFC-B9A5-8A810463BC97}"=v2.10|Action=Allow|Active=TRUE|Dir=In|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\HP\HP Photosmart 6520 series\Bin\DeviceSetup.exe|Name=Configuration du périphérique HP (HP Photosmart 6520 series)|Edge=TRUE| "{FA70DA9F-3C23-4F33-AAB7-9C67806634E1}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files (x86)\Mozilla Firefox)| "{EF787EDF-1ABB-47A7-964C-C75F54CA0664}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files (x86)\Mozilla Firefox)| "{33EF2471-89B9-4C66-82FE-8D49A73F6EA7}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=808|App=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe|Svc=NetTcpActivator|Name=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2000|Desc=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2001|EmbedCtxt=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2002| "{EB6A59FD-C0D7-4B4C-B972-BEE77C0EB772}"=v2.24|Action=Allow|Active=TRUE|Dir=Out|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-893078023-2179327528-203563115-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{DA2D3A2F-D86B-40CA-87AC-0B9CDDB717E1}"=v2.24|Action=Allow|Active=TRUE|Dir=Out|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-893078023-2179327528-203563115-500|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ| "{97166E08-F432-4927-BE36-98DADCD4A806}"=v2.24|Action=Allow|Active=TRUE|Dir=In|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-893078023-2179327528-203563115-500|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{604FE87D-0382-4672-9E88-EF1B4A28AA24}"=v2.24|Action=Allow|Active=TRUE|Dir=Out|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-893078023-2179327528-203563115-500|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{F009F0D7-FE9C-4F06-AE01-E3896C040948}"=v2.24|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-893078023-2179327528-203563115-500|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{96C4252E-6AF2-45EA-A184-54E0F971A3B7}"=v2.24|Action=Allow|Active=TRUE|Dir=Out|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-893078023-2179327528-203563115-500|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{664F48C2-128F-4E13-96F5-6B5BB7167E42}"=v2.24|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-893078023-2179327528-203563115-500|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{F42055E5-7E6D-410B-A453-D861026C6F38}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe|Name=Visual Basic Command Line Compiler|Desc=Visual Basic Command Line Compiler| "UDP Query User{BC2F5E1C-E3E0-4F63-8246-74C5B47BD6DB}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe|Name=Visual Basic Command Line Compiler|Desc=Visual Basic Command Line Compiler| "{D8BE1351-722D-446D-B30B-18041C5855BA}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-893078023-2179327528-203563115-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{06F71408-306F-4060-A615-E7470EE7EC1F}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-18|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{AAE036DC-96A5-48B9-B2EE-687F166363CD}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{2026415C-728C-4DCF-94F9-B61012B353A7}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{9A48EC21-B30C-46B3-8145-B1C46B0409F2}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{3862AA53-CC8D-4093-931D-D83197233C21}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{B29A59ED-E276-4BA9-A988-5B0D5C51980E}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=HP All-in-One Printer Remote|Desc=HP All-in-One Printer Remote|LUOwn=S-1-5-21-893078023-2179327528-203563115-1000|AppPkgId=S-1-15-2-744533573-2444454674-265863901-3215465728-4115286053-1341080355-789689510|EmbedCtxt=HP All-in-One Printer Remote|Platform=2:6:2|Platform2=GTEQ| "{4681A59C-86B6-441F-AE44-C8C762E47B9E}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=HP All-in-One Printer Remote|Desc=HP All-in-One Printer Remote|LUOwn=S-1-5-21-893078023-2179327528-203563115-1000|AppPkgId=S-1-15-2-744533573-2444454674-265863901-3215465728-4115286053-1341080355-789689510|EmbedCtxt=HP All-in-One Printer Remote|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{16B6ABA7-157B-44F6-8CCF-BA2F84EDAC79}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Twitter|Desc=Twitter|LUOwn=S-1-5-21-893078023-2179327528-203563115-1000|AppPkgId=S-1-15-2-1063257880-1914585122-1954150059-946145533-116938067-416079064-1690466945|EmbedCtxt=Twitter|Platform=2:6:2|Platform2=GTEQ| "{14B8BBA3-8232-41E9-982B-CFBC2B0C4563}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-893078023-2179327528-203563115-1000|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{021502DD-7C65-44E0-A922-E36116CBE09B}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-893078023-2179327528-203563115-1000|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{35D177E4-7BC7-4896-B09F-2FA312C0900A}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-893078023-2179327528-203563115-1000|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{A06950B4-A0E9-431B-AEC0-BF21D7936BB1}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-893078023-2179327528-203563115-1000|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{60E76C0F-FCE3-4D96-B7D7-62796ABFEBAD}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=0|RA4=LocalSubnet|RA6=LocalSubnet|Name=Magix UPnP Media Server| "{CF3048F1-E477-46C3-AEE3-031BEA9CB99C}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|Name=Microsoft UPnP-Port (TCP)| "{BEB5F90D-57B0-4567-8A06-A53009C65536}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|Name=Microsoft UPnP-Port (UDP)| "{954F9B24-F207-43CA-A583-D1FFFBDE0133}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe|Name=Magix UPnP Service| "{B418EDEC-6678-49A3-B70F-A67964A6D9C5}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe|Name=Magix UPnP Service| "TCP Query User{EB25894C-073C-40D8-9512-9FD47FCD42D7}C:\program files (x86)\samsung\sidesync4\sidesync.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\samsung\sidesync4\sidesync.exe|Name=SideSync 4.0|Desc=SideSync 4.0|Defer=User| "UDP Query User{AF6FF95A-090F-4502-8F9E-1A2DC0090034}C:\program files (x86)\samsung\sidesync4\sidesync.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\samsung\sidesync4\sidesync.exe|Name=SideSync 4.0|Desc=SideSync 4.0|Defer=User| "TCP Query User{13EFC95B-E2D5-43F2-BF7F-3BB2C89C8253}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe|Name=MyPhoneExplorer|Desc=MyPhoneExplorer|Defer=User| "UDP Query User{BC10D729-479D-444D-AC0A-AABFFE6F847F}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe|Name=MyPhoneExplorer|Desc=MyPhoneExplorer|Defer=User| "{228984C3-8C73-4CDE-8925-22808B179110}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome| "{6239428A-7CDA-47F4-BE0F-518488E2EFFE}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-893078023-2179327528-203563115-1000|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{5F91310A-F06E-435E-9A81-7A2025700331}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-893078023-2179327528-203563115-1000|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{03F52937-1FD6-44FB-82C6-FE988F1B1D61}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{24A0C840-2C3D-4410-8236-8B40816C7B90}] : (aswVmm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (Security Accelerator) [] -> @c_sslaccel.inf,%ClassName%;Security accelerators [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2db15374-706e-4131-a0c7-d7c78eb0289a}] : (SystemRecovery) [] -> @c_fssystemrecovery.inf,%ClassDesc%;FS System recovery filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3e3f0674-c83c-4558-bb26-9820e1eba5c5}] : (ContentScreener) [] -> @c_fscontentscreener.inf,%ClassDesc%;FS Content screener filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3f966bd9-fa04-4ec5-991c-d326973b5128}] : (AndroidUsbDeviceClass) [] -> @oem59.inf,%ClassName%;SAMSUNG Android Phone [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @c_mcx.inf,%ClassDesc%;Media Center Extenders [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48d3ebc4-4cf8-48ff-b869-9c68ad42eb9f}] : (Replication) [] -> @c_fsreplication.inf,%ClassDesc%;FS Replication filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @c_diskdrive.inf,%ClassDesc%;Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @%SystemRoot%\System32\DispCI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (FDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (HDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @%SystemRoot%\System32\mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{522119B9-1B9A-498A-AC52-148B533EFD50}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53966cb1-4d46-4166-bf23-c522403cd495}] : (ScmDisk) [] -> @c_scmdisk.inf,%ClassDesc%;Persistent memory disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53ccb149-e543-4c84-b6e0-bce4f6b7e806}] : (ScmVolume) [] -> @c_scmvolume.inf,%ClassDesc%;Storage Class Memory volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5989fce8-9cd0-467d-8a6a-5419e31529d4}] : (AudioProcessingObject) [] -> @c_apo.inf,%ClassDesc%;Audio Processing Objects (APOs) [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5c4c3332-344d-483c-8739-259e934c9cc8}] : (SoftwareComponent) [] -> @c_swcomponent.inf,%ClassDesc%;Software components [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5d1b9aaa-01e2-46af-849f-272b3f324c46}] : (FSFilterSystem) [] -> @c_fssystem.inf,%ClassDesc%;FS System filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6880337A-1EB4-4EF2-9659-0FD2EC60CB1B}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6a0a8e78-bba6-4fc4-a709-1e33cd09d67e}] : (PhysicalQuotaManagement) [] -> @c_fsphysicalquotamgmt.inf,%ClassDesc%;FS Physical quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @c_volume.inf,%ClassDesc%;Storage volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71aa14f8-6fad-4622-ad77-92bb9d7e6947}] : (ContinuousBackup) [] -> @c_fscontinuousbackup.inf,%ClassDesc%;FS Continuous backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{81C87465-DE07-4EFC-9D93-61E891D52FD2}] : (RdpVideoMiniport) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8496e87e-c0a1-4102-9d8d-bd9a9b8b07a9}] : (WDC_SAM) [] -> @oem5.inf,%WDC_SAM_ClassName%;WD Drive Management devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8503c911-a6c7-4919-8f79-5028f5866b0c}] : (QuotaManagement) [] -> @c_fsquotamgmt.inf,%ClassDesc%;FS Quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87C077B2-3D3B-4156-938A-EA51B451D6C6}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{89786ff1-9c12-402f-9c9e-17753c7f4375}] : (CopyProtection) [] -> @c_fscopyprotection.inf,%ClassDesc%;FS Copy protection filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8AE85550-832C-4A9B-81BB-2A49DBEE72B4}] : (aswRvrt) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9d6d66a6-0b0c-4563-9077-a0e9a7955ae4}] : (Ramdisk) [] -> @ramdisk.inf,%ClassName%;RAM Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a701c0-a511-42ff-aa6c-06dc0395576f}] : (Encryption) [] -> @c_fsencryption.inf,%ClassDesc%;FS Encryption filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A73C93F1-9727-4D1D-ACE1-0E333BA4E7DB}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b1d1a169-c54f-4379-81db-bee7d88d7454}] : (AntiVirus) [] -> @c_fsantivirus.inf,%ClassDesc%;FS Anti-virus filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b86dff51-a31e-4bac-b3cf-e8cfe75c9fc2}] : (ActivityMonitor) [] -> @c_fsactivitymonitor.inf,%ClassDesc%;FS Activity monitor filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C4A06E97-ED42-47B9-83E1-F12299B286A5}] : (aswRdr) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{cdcf0939-b75b-4630-bf76-80f7ba655884}] : (CFSMetadataServer) [] -> @c_fscfsmetadataserver.inf,%ClassDesc%;FS CFS metadata server filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d0142122-f525-4e76-86b3-e8afd91364f2}] : (XRiteDevices) [] -> @oem23.inf,%S_DeviceClassDisplayName%;X-Rite Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d02bc3da-0c8e-4945-9bd5-f1883c226c8c}] : (SecurityEnhancer) [] -> @c_fssecurityenhancer.inf,%ClassDesc%;FS Security enhancer filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d546500a-2aeb-45f6-9482-f4b1799c3177}] : (HSM) [] -> @c_fshsm.inf,%ClassDesc%;FS HSM filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e55fa6f9-128c-4d04-abab-630c74b1453a}] : (Infrastructure) [] -> @c_fsinfrastructure.inf,%ClassDesc%;FS Infrastructure filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f3586baf-b5aa-49b5-8d6c-0569284c639f}] : (Compression) [] -> @c_fscompression.inf,%ClassDesc%;FS Compression filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f72fe0d4-cbcb-407d-8814-9ed673d0dd6b}] : (USB) [] -> @oem78.inf,%ClassName%;ADB Interface [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f75a86c0-10d8-4c3a-b233-ed60e4cdfaac}] : (Virtualization) [] -> @c_fsvirtualization.inf,%ClassDesc%;FS Virtualization filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f8ecafa6-66d1-41a5-899b-66585d7216b7}] : (OpenFileBackup) [] -> @c_fsopenfilebackup.inf,%ClassDesc%;FS Open file backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{FB58BE68-EA9E-4803-847F-2CE814E7B159}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{fe8f1572-c67a-48c0-bbac-0b5c6d66cafb}] : (Undelete) [] -> @c_fsundelete.inf,%ClassDesc%;FS Undelete filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ff646f80-8def-11d2-9449-00105a075f6b}] : (PdiPorts) [] -> @oem49.inf,%DeviceClassName%;Class for PdiPorts devices [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [02/11/2015 06:38:47] - (1.1.0.263) - (Glarysoft Ltd - The driver for the Startup Manager tool) - C:\Windows\System32\drivers\GUBootStartup.sys [14/07/2015 15:43:50] - (1.0.0.0) - (Portrait Displays, Inc. - PdiPorts Device Driver) - C:\WINDOWS\System32\drivers\PdiPorts.sys [11/01/2017 11:20:18] - (21.21.13.7633) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 376.33) - C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispwi.inf_amd64_47a89e157843d28c\nvlddmkm.sys [03/08/2012 10:36:52] - (6.1.7600.16385) - (Windows (R) Win 7 DDK provider - Synology Virtual USB Hub) - C:\WINDOWS\System32\drivers\busenum.sys [10/05/2016 12:19:35] - (3.4.0.0) - (Disc Soft Ltd - DAEMON Tools Lite Virtual USB Bus Driver) - C:\WINDOWS\System32\drivers\dtliteusbbus.sys [10/05/2016 12:18:46] - (5.28.0.0) - (Disc Soft Ltd - DAEMON Tools Lite Virtual SCSI Bus Driver) - C:\WINDOWS\System32\drivers\dtlitescsibus.sys [12/09/2016 20:10:10] - (1.3.34.17) - (NVIDIA Corporation - NVIDIA HDMI Audio Driver) - C:\WINDOWS\system32\drivers\nvhda64v.sys [10/05/2016 14:33:01] - (10.0.10125.31214) - (Realsil Semiconductor Corporation - RTS USB READER Driver) - C:\WINDOWS\system32\Drivers\RtsUer.sys [09/11/2016 17:04:30] - (5.1.2.250) - (Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver) - C:\WINDOWS\System32\ATMFD.DLL [04/09/2015 14:00:56] - (6.1.7600.16385) - (Windows (R) Win 7 DDK provider - Dokan Filesystem Driver) - C:\WINDOWS\system32\DRIVERS\dokan.sys [05/09/2015 15:44:48] - (1.51.38371.1) - (SafeNet Inc. - Safenet Inc. Sentinel Data Filter Driver) - C:\Windows\system32\drivers\aksdf.sys [05/09/2015 15:44:43] - (1.71.44116.0) - (SafeNet Inc. - Ancillary Function Driver) - C:\Windows\system32\drivers\aksfridge.sys [04/09/2015 14:06:14] - (2.3.2.0) - (Nicomsoft Ltd. - WINI2C-DDC Kernel Mode Driver) - C:\Windows\system32\drivers\DDCDrv.sys [11/04/2014 12:20:00] - (0.0.0.0) - ( -) - C:\Windows\system32\drivers\biont_bs.sys [05/09/2015 15:44:40] - (3.85.43087.1) - (SafeNet Inc. - Sentinel Hardlock Device Driver for Windows x64) - C:\Windows\system32\drivers\hardlock.sys [12/12/2016 10:56:26] - (1.0.0.0) - (MSI - NTIOLib for MSIDDR_CC) - C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [23/09/2016 16:29:06] - (1.0.0.0) - (MSI - NTIOLib) - C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [15/06/2015 15:33:50] - (1.0.0.0) - (MSI - NTIOLib) - C:\MSI\Smart Utilities\NTIOLib_X64.sys ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service S0 - [Kernel Driver] - 3ware () -> System32\drivers\3ware.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ADP80XX () -> System32\drivers\ADP80XX.SYS - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsata () -> System32\drivers\amdsata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsbs () -> System32\drivers\amdsbs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdxata () -> System32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - aswRvrt (avast! Revert) -> (?) - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - aswVmm (avast! VM Monitor) -> (?) - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;QLogic Network Adapter VBD) -> System32\drivers\bxvbda.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - disk (@disk.inf,%disk_ServiceDesc%;Disk Driver) -> System32\drivers\disk.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ebdrv (@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD) -> System32\drivers\evbda.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - EhStorTcgDrv (@EhStorTcgDrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys - AcceptPause: False - AcceptStop: False R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - HpSAMD () -> System32\drivers\HpSAMD.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iaStorAV (@iastorav.inf,%iaStorAV.DeviceDesc%;Intel(R) SATA RAID Controller Windows) -> System32\drivers\iaStorAV.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - intelide () -> System32\drivers\intelide.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - iorate (@%SystemRoot%\system32\drivers\iorate.sys,-100) -> system32\drivers\iorate.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - isapnp () -> System32\drivers\isapnp.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - LSI_SAS () -> System32\drivers\lsi_sas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS2i () -> System32\drivers\lsi_sas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS3i () -> System32\drivers\lsi_sas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SSS () -> System32\drivers\lsi_sss.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas () -> System32\drivers\megasas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas2i () -> System32\drivers\MegaSas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasr () -> System32\drivers\megasr.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msisadrv () -> System32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - mvumis () -> System32\drivers\mvumis.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - nvraid () -> System32\drivers\nvraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - nvstor () -> System32\drivers\nvstor.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pci (@pci.inf,%pci_svcdesc%;Pilote de bus PCI) -> System32\drivers\pci.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - pciide () -> System32\drivers\pciide.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - pcmcia () -> System32\drivers\pcmcia.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - percsas2i () -> System32\drivers\percsas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - percsas3i () -> System32\drivers\percsas3i.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - scmbus (@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver) -> System32\drivers\scmbus.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SiSRaid2 () -> System32\drivers\SiSRaid2.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SiSRaid4 () -> System32\drivers\sisraid4.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - stexstor () -> System32\drivers\stexstor.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - storflt (@wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator) -> System32\drivers\vmstorfl.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storufs (@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver) -> System32\drivers\storufs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storvsc () -> System32\drivers\storvsc.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vmbus (@wvmbus.inf,%vmbus.SVCDESC%;Virtual Machine Bus) -> System32\drivers\vmbus.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volsnap (@%SystemRoot%\system32\drivers\volsnap.sys,-100) -> System32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volume (@volume.inf,%VolumeServiceDesc%;Volume driver) -> System32\drivers\volume.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vsmraid () -> System32\drivers\vsmraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> System32\drivers\wfplwfs.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> system32\drivers\WindowsTrustedRT.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRTProxy (@WindowsTrustedRTProxy.inf,%WindowsTrustedRTProxy.SVCDESC%;Microsoft Windows Trusted Runtime Secure Service) -> System32\drivers\WindowsTrustedRTProxy.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Wof (Windows Overlay File System Filter Driver) -> (?) - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - MB3SwissArmy (MB3SwissArmy) -> system32\drivers\MB3SwissArmy.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswKbd (aswKbd) -> \SystemRoot\system32\drivers\aswKbd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswRdr (aswRdr) -> \SystemRoot\system32\drivers\aswRdr2.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - aswSnx (aswSnx) -> \SystemRoot\system32\drivers\aswSnx.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - aswSP (aswSP) -> \SystemRoot\system32\drivers\aswSP.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicDisplay () -> \SystemRoot\System32\drivers\BasicDisplay.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicRender () -> \SystemRoot\System32\drivers\BasicRender.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True S1 - [Kernel Driver] - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys - AcceptPause: False - AcceptStop: False S1 - [Kernel Driver] - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys - AcceptPause: False - AcceptStop: False R1 - [File System Driver] - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - FileCrypt (@%systemroot%\system32\drivers\filecrypt.sys,-100) -> system32\drivers\filecrypt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - GpuEnergyDrv (@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100) -> System32\drivers\gpuenergydrv.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - GUBootStartup (GUBootStartup) -> \??\C:\Windows\System32\drivers\GUBootStartup.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - NetBIOS (@%windir%\system32\drivers\netbios.sys,-503) -> system32\drivers\netbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Psched (@%windir%\System32\drivers\pacer.sys,-101) -> System32\drivers\pacer.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> System32\drivers\vwififlt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - aksdf (aksdf) -> \??\C:\Windows\system32\drivers\aksdf.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - aksfridge (aksfridge) -> \??\C:\Windows\system32\drivers\aksfridge.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - aswMonFlt (aswMonFlt) -> \SystemRoot\system32\drivers\aswMonFlt.sys - AcceptPause: False - AcceptStop: True S2 - [Kernel Driver] - aswStm (aswStm) -> \SystemRoot\system32\drivers\aswStm.sys - AcceptPause: False - AcceptStop: False R2 - [Kernel Driver] - clreg (@%SystemRoot%\system32\drivers\registry.sys,-100) -> \SystemRoot\System32\drivers\registry.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - Dokan (Dokan File System Driver) -> system32\DRIVERS\dokan.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - hardlock (hardlock) -> \??\C:\Windows\system32\drivers\hardlock.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - iocbios2 (iocbios2) -> \??\C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - mrxsmb10 (@%systemroot%\system32\wkssvc.dll,-1004) -> system32\DRIVERS\mrxsmb10.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - ParagonLDM (ParagonLDM) -> \??\C:\Windows\system32\drivers\biont_bs.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - srv (@%systemroot%\system32\srvsvc.dll,-102) -> System32\DRIVERS\srv.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - wanarp (@%systemroot%\system32\mprmsg.dll,-32011) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - wcifs (@%systemroot%\system32\drivers\wcifs.sys,-100) -> \SystemRoot\system32\drivers\wcifs.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - wcnfs (@%systemroot%\system32\drivers\wcnfs.sys,-100) -> \SystemRoot\system32\drivers\wcnfs.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - WinI2C-DDC (WinI2C-DDC Kernel Mode Driver) -> \??\C:\Windows\system32\drivers\DDCDrv.sys - AcceptPause: False - AcceptStop: True ---------- | System files (Microsoft Files whitelisted) [MD5.EE1CCC54F75C24727A218F98FC5349DA] - [16/07/2016 12:41:53] - (.Copyright (c) 2011 LSI - LSI 3ware SCSI Storport Driver.) - [104.84 Ko] - (5.1.0.51) - C:\WINDOWS\System32\Drivers\3ware.sys [MD5.2EA3EB3E69B6480AB112E876F3096312] - [17/07/2012 09:07:22] - (.Copyright(C) 2012 Intel Corporation. - Intel(R) Acpi Control Driver.) - [25.27 Ko] - (3.0.25.1) - C:\WINDOWS\System32\Drivers\AcpiCtlDrv.sys [MD5.49B9DB97AFC85DCCBDACDAB2E90085B7] - [16/07/2016 12:41:53] - (.Copyright (C) PMC-Sierra 2001-2014 - PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller.) - [1108.84 Ko] - (1.3.0.10769) - C:\WINDOWS\System32\Drivers\adp80xx.sys [MD5.3190C577746303CA4C65114441192FE2] - [05/09/2015 15:44:48] - (.© 2013 SafeNet, Inc. - Safenet Inc. Sentinel Data Filter Driver.) - [89.63 Ko] - (1.51.38371.1) - C:\WINDOWS\System32\Drivers\aksdf.sys [MD5.2845A05E5AF65B5C7A143D637F08496D] - [05/09/2015 15:44:43] - (.© 2013 SafeNet, Inc. - Ancillary Function Driver.) - [158.34 Ko] - (1.71.44116.0) - C:\WINDOWS\System32\Drivers\aksfridge.sys [MD5.74FFBC43B4B899C9A8CA06A892F2CE73] - [16/07/2016 12:41:53] - (.Copyright © 2008-2015 AMD, Inc. - AHCI 1.3 Device Driver.) - [81.34 Ko] - (1.1.3.277) - C:\WINDOWS\System32\Drivers\amdsata.sys [MD5.AAB0F1D8D7E54761ABAB13AF161F1680] - [16/07/2016 12:41:53] - (.2012 Advanced Micro Devices, Inc. - AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform.) - [253.34 Ko] - (3.7.1540.43) - C:\WINDOWS\System32\Drivers\amdsbs.sys [MD5.F91BAAC4237C40352A807000F3B716F9] - [16/07/2016 12:41:53] - (.Copyright © 2008-2015 AMD, Inc. - Storage Filter Driver.) - [26.34 Ko] - (1.1.3.277) - C:\WINDOWS\System32\Drivers\amdxata.sys [MD5.E6AB1F0B4C3D4E0D2A88332D76FECD03] - [16/07/2016 12:41:53] - (.Copyright 2014 PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) - [128.84 Ko] - (7.5.0.32048) - C:\WINDOWS\System32\Drivers\arcsas.sys [MD5.9B480B472D6826E7257C90E2D0EE2954] - [15/06/2015 16:45:28] - (.Copyright (c) 2014 AVAST Software - avast! HWID.) - [36.77 Ko] - (12.3.3154.0) - C:\WINDOWS\System32\Drivers\aswHwid.sys [MD5.06362BBA1347CBA0996F4B39BB1D8353] - [15/06/2015 16:45:28] - (.Copyright (c) 2014 AVAST Software - avast! Keyboard Filter Driver.) - [36.27 Ko] - (12.3.3154.0) - C:\WINDOWS\System32\Drivers\aswKbd.sys [MD5.1BB00571CC2C78463ABD7E9C32970758] - [15/06/2015 16:45:28] - (.Copyright (c) 2014 AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) - [106.27 Ko] - (12.3.3154.0) - C:\WINDOWS\System32\Drivers\aswMonFlt.sys [MD5.7010B57D708DA5C9686A5923EE621776] - [15/06/2015 16:45:28] - (.Copyright (c) 2014 AVAST Software - avast! WFP Redirect Driver.) - [100.65 Ko] - (12.3.3154.0) - C:\WINDOWS\System32\Drivers\aswRdr2.sys [MD5.937885085BFE5BD08EC1BC0245DD203B] - [15/06/2015 16:45:28] - (.Copyright (c) 2014 AVAST Software - avast! Revert.) - [72.8 Ko] - (12.3.3154.0) - C:\WINDOWS\System32\Drivers\aswRvrt.sys [MD5.0B6352251C5D84130DF4252D33D266C2] - [15/06/2015 16:45:28] - (.Copyright (c) 2014 AVAST Software - avast! Virtualization Driver.) - [946.47 Ko] - (12.3.3154.8) - C:\WINDOWS\System32\Drivers\aswsnx.sys [MD5.28213B34725B18387CC1B8C3D73858A1] - [15/06/2015 16:45:28] - (.Copyright (c) 2014 AVAST Software - avast! self protection module.) - [501.59 Ko] - (12.3.3154.8) - C:\WINDOWS\System32\Drivers\aswsp.sys [MD5.9C58B6E9663D0A76D00D83E43C765BDF] - [15/06/2015 16:45:28] - (.Copyright (c) 2014 AVAST Software - Stream Filter.) - [159.59 Ko] - (12.3.3154.0) - C:\WINDOWS\System32\Drivers\aswStm.sys [MD5.D60D9201739400F0FBDB9E36A3212D91] - [15/06/2015 16:45:28] - (.Copyright (c) 2014 AVAST Software - avast! VM Monitor.) - [286.48 Ko] - (12.3.3154.16) - C:\WINDOWS\System32\Drivers\aswvmm.sys [MD5.3F5523DCEFE42B385659C5CB46A6B810] - [16/07/2016 12:41:53] - (.© Broadcom Corporation. - BCM Function 2 Device Driver.) - [9.5 Ko] - (6.3.9477.0) - C:\WINDOWS\System32\Drivers\bcmfn.sys [MD5.0B750A6A6D847E73CA48ADD7A0F5A393] - [16/07/2016 12:41:53] - (.© Broadcom Corporation. - BCM Function 2 Device Driver.) - [9.5 Ko] - (6.3.9391.6) - C:\WINDOWS\System32\Drivers\bcmfn2.sys [MD5.F587A28403F48D73AD4A85241095E668] - [11/04/2014 12:20:00] - (.-.) - [18.76 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Drivers\biont_bs.sys [MD5.61BAC67048CA5C1D08C48FCC8012B613] - [16/07/2016 12:41:52] - (.(c) COPYRIGHT 2014-2016 QLogic Corporation - QLogic Gigabit Ethernet VBD.) - [521.34 Ko] - (7.12.31.105) - C:\WINDOWS\System32\Drivers\bxvbda.sys [MD5.48BC8B59BF348BD8C8702B93171008F2] - [16/07/2016 12:41:53] - (.Copyright © 2016 Chelsio Communications. - Chelsio iSCSI Crash Dump Driver.) - [100.34 Ko] - (6.1.14.200) - C:\WINDOWS\System32\Drivers\cht4dx64.sys [MD5.0AED948DA8D5F08B3D6F12E4E2089736] - [16/07/2016 12:41:53] - (.Copyright © 2016 Chelsio Communications. - Chelsio iSCSI VMiniport Driver.) - [338.84 Ko] - (6.1.14.200) - C:\WINDOWS\System32\Drivers\cht4sx64.sys [MD5.0002A0FDE087C1657AB31CE73077539C] - [16/07/2016 12:41:53] - (.Copyright © 2010 Chelsio Communications. - Virtual Bus Driver for Chelsio ® T4 Chipset.) - [2054.84 Ko] - (6.1.14.200) - C:\WINDOWS\System32\Drivers\cht4vx64.sys [MD5.3B82DB61C213AEF0C8ED928B2F90CC6F] - [06/01/2017 09:06:03] - (.Copyright ?Conexant Systems, Inc. 2009 - Conexant Polaris Driver.) - [246.63 Ko] - (7.0.127.7) - C:\WINDOWS\System32\Drivers\cxCVBS.sys [MD5.66C365B542195C1F6E2FF4A7D8F3827C] - [04/09/2015 14:06:14] - (.©2006-2007, Nicomsoft Ltd. - WINI2C-DDC Kernel Mode Driver.) - [20.34 Ko] - (2.3.2.0) - C:\WINDOWS\System32\Drivers\DDCDrv.sys [MD5.679FF716052109392D870F6A6C4A3535] - [10/05/2016 12:18:46] - (.Copyright (C) 2000-2015 - DAEMON Tools Lite Virtual SCSI Bus Driver.) - [29.55 Ko] - (5.28.0.0) - C:\WINDOWS\System32\Drivers\dtlitescsibus.sys [MD5.E23FDD696839A4790682CA66C48D3F2F] - [10/05/2016 12:19:35] - (.Copyright (C) 2000-2015 - DAEMON Tools Lite Virtual USB Bus Driver.) - [46.55 Ko] - (3.4.0.0) - C:\WINDOWS\System32\Drivers\dtliteusbbus.sys [MD5.7EC6FC0266D74BD47ABB130A328B70EC] - [16/07/2016 12:41:52] - (.(c) COPYRIGHT 2014-2016 QLogic Corporation - QLogic 10 GigE VBD.) - [3338.84 Ko] - (7.13.65.105) - C:\WINDOWS\System32\Drivers\evbda.sys [MD5.F9DEBE3F07BE68533BF0295E3D2BA68A] - [21/10/2014 18:38:22] - (.-.) - [18 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Drivers\EvoMouseDriverFilterHidUsb.sys [MD5.EC0FE22EB2F3B32E046E01496B88D523] - [23/06/2010 18:17:36] - (.-.) - [22.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Drivers\EvoMouseDriverMini.sys [MD5.7F90FA76F2FAFD66063D524A25DD1A58] - [06/05/2016 05:30:26] - (.(C) Malwarebytes. - Malwarebytes Anti-Ransomware Protection.) - [99.78 Ko] - (3.0.0.264) - C:\WINDOWS\System32\Drivers\farflt.sys [MD5.C06C3D6C5A0805B314E3E940632C97CB] - [02/11/2015 06:38:47] - (.Copyright (c) 2003-2015 Glarysoft Ltd - The driver for the Startup Manager tool.) - [19.69 Ko] - (1.1.0.263) - C:\WINDOWS\System32\Drivers\GUBootStartup.sys [MD5.3921C845A24C62CA1F44EEF4826263E9] - [05/09/2015 15:44:40] - (.\u00A9 2014 SafeNet, Inc. - Sentinel Hardlock Device Driver for Windows x64.) - [323.84 Ko] - (3.85.43087.1) - C:\WINDOWS\System32\Drivers\hardlock.sys [MD5.F5CA18197B4646E04DB9EB2D6642CC4D] - [16/07/2016 12:41:53] - (.Copyright (c) 2004-2011 Hewlett-Packard Development Company, L.P. - Smart Array SAS/SATA Controller Media Driver.) - [62.84 Ko] - (8.0.4.0) - C:\WINDOWS\System32\Drivers\HpSAMD.sys [MD5.C6B8743B213F06AA60943D8366FE968F] - [16/07/2016 12:41:54] - (.Copyright (C) 2013. - Intel(R) Serial IO GPIO Controller Driver.) - [32.5 Ko] - (604.10146.3023.12819) - C:\WINDOWS\System32\Drivers\iagpio.sys [MD5.9A2A2F3C69B9A30B6E78536F6D258BAD] - [16/07/2016 12:41:54] - (.Copyright (C) 2013. - Intel(R) Serial IO I2C Driver.) - [79.5 Ko] - (604.10146.2643.2818) - C:\WINDOWS\System32\Drivers\iai2c.sys [MD5.5A0E850F8CD17791A3E6A3CF81D0CA28] - [16/07/2016 12:41:54] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO GPIO Driver v2.) - [63 Ko] - (30.63.1610.8) - C:\WINDOWS\System32\Drivers\iaLPSS2i_GPIO2.sys [MD5.7508F1096803385D6376BFD0BD473AC4] - [16/07/2016 12:41:54] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO I2C Driver v2.) - [172.25 Ko] - (30.63.1610.8) - C:\WINDOWS\System32\Drivers\iaLPSS2i_I2C.sys [MD5.16A10CCEDCF5AC4CAAE43DC9FC40392F] - [16/07/2016 12:41:52] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO GPIO Controller Driver.) - [37.23 Ko] - (1.1.250.0) - C:\WINDOWS\System32\Drivers\iaLPSSi_GPIO.sys [MD5.EB82A11613326691508D9ED9A4FE29E7] - [16/07/2016 12:41:50] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO I2C Controller Driver.) - [110.5 Ko] - (1.1.253.0) - C:\WINDOWS\System32\Drivers\iaLPSSi_I2C.sys [MD5.97E553D03219D3D51705C7235D9EAEBD] - [16/07/2016 12:41:53] - (.Copyright (C), Intel Corporation. - Intel(R) Rapid Storage Technology driver (inbox) - x64.) - [657.34 Ko] - (13.2.0.1022) - C:\WINDOWS\System32\Drivers\iaStorAV.sys [MD5.8350FE3BCDE3428BC040877BB7E9EAEB] - [16/07/2016 12:41:53] - (.Copyright(C) Intel Corporation 1994-2008 - Intel Matrix Storage Manager driver - x64.) - [402.34 Ko] - (8.6.2.1019) - C:\WINDOWS\System32\Drivers\iaStorV.sys [MD5.3BA03F7C7700DDF4C383DDE9252F5817] - [16/07/2016 12:41:53] - (.Copyright© 2009 Mellanox Technologies Ltd - InfiniBand Fabric Bus Driver.) - [513.84 Ko] - (5.1.11548.0) - C:\WINDOWS\System32\Drivers\ibbus.sys [MD5.231ADCE77616144B8E3D29707B282C82] - [23/09/2015 23:51:50] - (.Copyright 2009-2015 (c) Intel Corporation. - Intel(R) Watchdog Timer Driver (Intel(R) WDT).) - [37.77 Ko] - (11.0.0.1007) - C:\WINDOWS\System32\Drivers\ICCWDT.sys [MD5.658287D76E8D77C08AE98989F99B8948] - [04/06/2016 18:42:44] - (.Copyright (c) 1998-2014 Intel Corporation. - Intel Graphics Kernel Mode Driver.) - [7779.48 Ko] - (20.19.15.4531) - C:\WINDOWS\System32\Drivers\igdkmd64.sys [MD5.FF604BCE2537A4734DA0CE19AD9B7B7A] - [27/05/2014 10:21:04] - (.-.) - [21.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Drivers\ikbevent.sys [MD5.298E67827BE3C4403C32EAB66987A334] - [27/05/2014 10:21:08] - (.-.) - [22.2 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Drivers\imsevent.sys [MD5.E300D1E37B737ED14F7A08CD5604E5D9] - [12/05/2016 05:32:26] - (.Intel(R) Corporation. - Intel(R) Display Audio Driver.) - [470.48 Ko] - (6.16.0.3197) - C:\WINDOWS\System32\Drivers\IntcDAud.sys [MD5.5FD1AD322C594FFE45D5BC47D27C52A7] - [15/06/2015 16:02:16] - (.Copyright (C) 2011 - Intel(R) Rapid Start Technology Driver.) - [19.72 Ko] - (3.0.0.1051) - C:\WINDOWS\System32\Drivers\irstrtdv.sys [MD5.35C0995BCDB0E45D1EEBE4FB582D1563] - [27/05/2014 10:21:08] - (.Copyright (C) 2011-2012 - Intel(R) Smart Connect Technology Device Driver.) - [43.7 Ko] - (1.1.0.0) - C:\WINDOWS\System32\Drivers\ISCTD.sys [MD5.8CAF9BE17438F875A82FCE36DE4DC634] - [17/06/2015 10:38:15] - (.(C) 2010-2015 Intel Corporation - Intel(R) USB 3.0 Host Controller Switch Driver.) - [22.27 Ko] - (3.0.5.69) - C:\WINDOWS\System32\Drivers\iusb3hcs.sys [MD5.242C9879365A45E4E0C5E2E13E43E938] - [17/06/2015 10:38:15] - (.(C) 2010-2015 Intel Corporation - Intel(R) USB 3.0 eXtensible Host Controller Driver.) - [781.27 Ko] - (3.0.5.69) - C:\WINDOWS\System32\Drivers\iusb3xhc.sys [MD5.8E1B0946948CCC0BC1FA3CB70374A795] - [16/07/2016 12:41:53] - (.Copyright © LSI Corporation 2010 - LSI Fusion-MPT SAS Driver (StorPort).) - [106.34 Ko] - (1.34.3.83) - C:\WINDOWS\System32\Drivers\lsi_sas.sys [MD5.4F68163FC04C973500DC4DA0946917B0] - [16/07/2016 12:41:53] - (.Copyright © LSI Corporation 2012 - LSI SAS Gen2 Driver (StorPort).) - [103.34 Ko] - (2.0.79.80) - C:\WINDOWS\System32\Drivers\lsi_sas2i.sys [MD5.E5AC5F2815938651CDCC27F425474673] - [16/07/2016 12:41:53] - (.Copyright © Avago Technologies 2015 - Avago SAS Gen3 Driver (StorPort).) - [98.84 Ko] - (2.51.12.80) - C:\WINDOWS\System32\Drivers\lsi_sas3i.sys [MD5.CCF6EC9FB9B8F18E05B4253E81013E48] - [16/07/2016 12:41:53] - (.Copyright © LSI Corporation 2012 - LSI SSS PCIe/Flash Driver (StorPort).) - [80.84 Ko] - (2.10.61.81) - C:\WINDOWS\System32\Drivers\lsi_sss.sys [MD5.63A21EA86645B123AA785B67B42DF14A] - [28/09/2016 08:53:00] - (.(C) Malwarebytes. - Swissarmy SDK.) - [223.44 Ko] - (4.1.0.100) - C:\WINDOWS\System32\Drivers\MB3SwissArmy.sys [MD5.78BFF5425E044086E74E78650A359FBB] - [25/09/2016 06:02:12] - (.© Malwarebytes. - Malwarebytes Anti-Malware.) - [26.38 Ko] - (0.1.16.0) - C:\WINDOWS\System32\Drivers\mbam.sys [MD5.1239597BAB7EED2BB16D035AF87E65D9] - [25/09/2016 06:02:12] - (.© Malwarebytes. - Malwarebytes Chameleon Protection Driver.) - [137.38 Ko] - (1.1.22.0) - C:\WINDOWS\System32\Drivers\mbamchameleon.sys [MD5.78488AF2AB2111D67B3C4044707A519B] - [06/05/2016 05:30:26] - (.© Malwarebytes. - Malwarebytes Anti-Malware.) - [187.71 Ko] - (0.3.0.4) - C:\WINDOWS\System32\Drivers\MBAMSwissArmy.sys [MD5.C3CDCCF07486BD2616A7B82946E07AC0] - [16/07/2016 12:41:53] - (.Copyright © Avago Technologies2013 - MEGASAS RAID Controller Driver for Windows.) - [58.34 Ko] - (6.706.6.0) - C:\WINDOWS\System32\Drivers\megasas.sys [MD5.2CF0CB2A0ED68C5455371E84C16F9627] - [30/10/2016 16:47:03] - (.Copyright © Avago Technologies2013 - MEGASAS RAID Controller Driver for Windows.) - [62.84 Ko] - (6.711.10.11) - C:\WINDOWS\System32\Drivers\MegaSas2i.sys [MD5.FADB2FE017E69EECE0E1BA78661C2E8C] - [16/07/2016 12:41:53] - (.Copyright (C) 2007 LSI Corporation. - LSI MegaRAID Software RAID Driver.) - [562.34 Ko] - (15.2.2013.129) - C:\WINDOWS\System32\Drivers\megasr.sys [MD5.FD60818B66B2E8A5415EA840E99A9D8F] - [16/07/2016 12:41:53] - (.Copyright© 2009 Mellanox Technologies Ltd - MLX4 Bus Driver.) - [822.84 Ko] - (5.1.11548.0) - C:\WINDOWS\System32\Drivers\mlx4_bus.sys [MD5.3D2C5B4995CA0751D32DEA0DE9FDFE44] - [16/07/2016 12:41:53] - (.Copyright (c) Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) - [62.34 Ko] - (1.0.5.1016) - C:\WINDOWS\System32\Drivers\mvumis.sys [MD5.898415AC0B5F1D2A9A48ABCB68A6DC4B] - [25/09/2016 06:02:12] - (.© Malwarebytes Corporation. - Malwarebytes Web Access Control.) - [63.88 Ko] - (1.0.6.0) - C:\WINDOWS\System32\Drivers\mwac.sys [MD5.629CB21AC49C8867E0F29DF1C16DB7B4] - [16/07/2016 12:41:53] - (.Copyright© 2009 Mellanox Technologies Ltd - NetworkDirect Support Filter Driver.) - [106.34 Ko] - (5.1.11548.0) - C:\WINDOWS\System32\Drivers\ndfltr.sys [MD5.8DC4CF52E4BA1C85EDEF32A8F9444EDA] - [15/06/2015 15:34:34] - (.Copyright NT Kernel Resources© 2000-2010 - NDISRD helper driver.) - [31.6 Ko] - (3.0.8.1) - C:\WINDOWS\System32\Drivers\ndisrd.sys [MD5.6C76780A01FC2B885BD6E957B5C36B02] - [16/07/2016 12:42:03] - (.-.) - [88.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Drivers\NetAdapterCx.sys [MD5.64DA1993B1973F049C1347DA1B05185E] - [12/09/2016 20:10:10] - (.(C) NVIDIA Corporation. - NVIDIA HDMI Audio Driver.) - [207.95 Ko] - (1.3.34.17) - C:\WINDOWS\System32\Drivers\nvhda64v.sys [MD5.D261DF41F0840F734856A2B4F5E072C7] - [16/07/2016 12:41:53] - (.Copyright(C) 2001-2011 NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - [146.84 Ko] - (10.6.0.23) - C:\WINDOWS\System32\Drivers\nvraid.sys [MD5.23B702B555EB0436B9DAA0BC63DA65CE] - [16/07/2016 12:41:53] - (.Copyright(C) 2001-2011 NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - [162.34 Ko] - (10.6.0.23) - C:\WINDOWS\System32\Drivers\nvstor.sys [MD5.117EB9A45636991A3D88EABC12111F3F] - [14/07/2015 15:43:50] - (.Copyright (c) Portrait Displays, Inc.. - PdiPorts Device Driver.) - [18.8 Ko] - (1.0.0.0) - C:\WINDOWS\System32\Drivers\pdiports.sys [MD5.540116170E2135FCD5DDE77702166B67] - [16/07/2016 12:41:53] - (.Copyright © Avago Technologies2013 - MEGASAS RAID Controller Driver for Windows.) - [57.34 Ko] - (6.805.3.0) - C:\WINDOWS\System32\Drivers\percsas2i.sys [MD5.8356F87553BF49C703CF382033815898] - [16/07/2016 12:41:53] - (.Copyright © Avago Technologies2013 - MEGASAS RAID Controller Driver for Windows.) - [60.34 Ko] - (6.603.6.0) - C:\WINDOWS\System32\Drivers\percsas3i.sys [MD5.303DD964E6F49E661F7A4AF839B0ED29] - [14/08/2016 14:28:49] - (.Copyright (C) Qualitative Software [QSoft] - RAMDisk Driver (x64).) - [84.9 Ko] - (5.3.2.15) - C:\WINDOWS\System32\Drivers\RAMDriv.sys [MD5.D23AF14A8C26855B3D6CB5F8E32B08F3] - [14/08/2016 14:27:56] - (.Copyright (C) 2016 Realtek Semiconductor Corporation. All Right Reserved. - Realtek 8101E/8168/8169 NDIS 6.40 64-bit Driver .) - [915.75 Ko] - (10.9.422.2016) - C:\WINDOWS\System32\Drivers\rt640x64.sys [MD5.DCF7221D6588EDA8CD77CB27AE9B1844] - [17/06/2015 16:04:27] - (.Copyright (C) 2015 Realtek Semiconductor Corporation. All Right Reserved. - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver .) - [954.71 Ko] - (7.92.115.2015) - C:\WINDOWS\System32\Drivers\Rt64win7.sys [MD5.86236BC32512027B32A3E124C7306A7D] - [27/08/2016 09:08:13] - (.Copyright (c) Realtek Semiconductor Corp.1998-2013 - Realtek(r) High Definition Audio Function Driver.) - [5246.01 Ko] - (6.0.1.7960) - C:\WINDOWS\System32\Drivers\RTKVHD64.sys [MD5.03E76CF0657BCABA2D7F7EE4384E6562] - [10/05/2016 14:33:01] - (.Copyright © Realtek Semiconductor Corporation 2013 - RTS USB READER Driver.) - [401.22 Ko] - (10.0.10125.31214) - C:\WINDOWS\System32\Drivers\RtsUer.sys [MD5.BCC2DF3F465FFA72C9E91EC69713B4F1] - [08/10/2015 16:21:21] - (.Copyright (C) 2014 Realtek Semiconductor Corporation - Realtek WLAN USB NDIS Driver 30014.) - [3329.2 Ko] - (1026.13.625.2014) - C:\WINDOWS\System32\Drivers\rtwlanu.sys [MD5.A34CE1830E45DA98932295FDE4B7908A] - [16/07/2016 12:41:53] - (.Copyright (c) SiS Corp. 2000-2010 - SiS RAID Stor Miniport Driver.) - [43.84 Ko] - (5.1.1039.2600) - C:\WINDOWS\System32\Drivers\sisraid2.sys [MD5.A7B5C670770E908DA5FEF5BF1136E933] - [16/07/2016 12:41:53] - (.Copyright (c) SiS Corp. 2007-2013 - SiS AHCI Stor-Miniport Driver.) - [79.84 Ko] - (5.1.1039.3600) - C:\WINDOWS\System32\Drivers\sisraid4.sys [MD5.9593475FBC857A05D93BFF4FA7323C2B] - [22/07/2016 04:51:36] - (.Copyright ? SAMSUNG - SAMSUNG USB Composite Device Driver.) - [128.63 Ko] - (2.12.4.0) - C:\WINDOWS\System32\Drivers\ssudbus.sys [MD5.592FF34A2FD6C6351B8A3AA76B2C0A9E] - [22/07/2016 04:51:40] - (.Copyright ? SAMSUNG - SAMSUNG Android Modem Device Driver.) - [161.63 Ko] - (2.12.4.0) - C:\WINDOWS\System32\Drivers\ssudmdm.sys [MD5.15752AD842D35AB4BDC7AE4A89C41E0D] - [06/04/2016 05:06:03] - (.Copyright ? SAMSUNG - MSS CS Connectivity USB driver.) - [42.63 Ko] - (2.12.4.0) - C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [MD5.1D8F61346A123CC5CDE7E2AABB7DFEE0] - [30/08/2016 17:02:32] - (.-.) - [43.9 Ko] - (8.0.4624.2183) - C:\WINDOWS\System32\Drivers\staport.sys [MD5.29D26E1347AE1BBD4201014E19880B2C] - [16/07/2016 12:41:53] - (.© Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) - [30.34 Ko] - (5.1.0.10) - C:\WINDOWS\System32\Drivers\stexstor.sys [MD5.48F64A35BA9F2E4AC0587DDA555FF951] - [07/07/2015 19:45:12] - (.Copyright © 2006-2015, Intel Corporation. - Intel(R) Management Engine Interface.) - [180.28 Ko] - (11.0.0.1157) - C:\WINDOWS\System32\Drivers\TeeDriverW8x64.sys [MD5.9955F303C20C4F58DB6645C6248DE1C8] - [16/08/2016 03:18:34] - (.Copyright (C) - USB Modem/Serial Device Driver.) - [156.19 Ko] - (3.0.1504.0) - C:\WINDOWS\System32\Drivers\usb2ser.sys [MD5.FD9BCB8920973CEAD4D49DC7A6D8A618] - [16/07/2016 12:41:53] - (.Copyright (C) VIA Technologies 1992-2007 - VIA RAID DRIVER FOR AMD-X86-64.) - [162.84 Ko] - (7.0.9600.6352) - C:\WINDOWS\System32\Drivers\vsmraid.sys [MD5.0C111F220798CCE80484026E06822379] - [16/07/2016 12:41:53] - (.Copyright (C) 2008 VIA Corporation - VIA StorX RAID Controller Driver.) - [298.34 Ko] - (8.0.9200.8110) - C:\WINDOWS\System32\Drivers\VSTXRAID.SYS [MD5.F95DE20312ACCA7761446DE152BD1F7C] - [16/07/2016 12:41:53] - (.Copyright© 2009 Mellanox Technologies Ltd - Kernel WinMad.) - [31.34 Ko] - (5.1.11548.0) - C:\WINDOWS\System32\Drivers\winmad.sys [MD5.8B9AFF5F08E66A6F1F1063DEC9457FB6] - [16/07/2016 12:41:53] - (.Copyright© 2009 Mellanox Technologies Ltd - Kernel WinVerbs.) - [63.34 Ko] - (5.1.11548.0) - C:\WINDOWS\System32\Drivers\winverbs.sys [MD5.2EB1146A77A0EF0FBC23C3F0102B7938] - [18/06/2015 16:52:50] - (.Copyright (C) 2011 NETGEAR Corporation - NETGEAR WNA3100M USB NDIS Driver.) - [1069.1 Ko] - (1015.4.1230.2011) - C:\WINDOWS\System32\Drivers\wna3100m.sys [MD5.127702D90B07657E8421817D2D50A097] - [10/07/2015 14:48:50] - (.Copyright(C) 2012 Intel Corporation. - Intel(R) Acpi Control Driver.) - [62.34 Ko] - (4.0.0.1) - C:\WINDOWS\System32\Drivers\XtuAcpiDriver.sys [MD5.E7C91764AB61E1FA4B9925FC311E4C19] - [04/09/2015 14:06:12] - (.©2006-2011, Nicomsoft Ltd. - WINI2C-DDC Kernel Mode Driver.) - [10 Ko] - (3.8.2.0) - C:\WINDOWS\Syswow64\Drivers\DDCDrv.sys ---------- | Uninstall [HKU\S-1-5-21-893078023-2179327528-203563115-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\73f463568823ebbe] : (Dell System Detect.-.Dell) -> "C:\Users\Patrick\AppData\Local\Apps\2.0\JERWEWWG.KEA\TBM8ALQV.E2X\dell..tion_e30b47f5d4a30e9e_0006.0007_41e3327cf7e7f221\Uninstaller.exe" uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\2F24D930929D08C29A697E2C2E0574EC1CCCAE1D] : (Package de pilotes Windows - Datacolor (Spyder3) USB (09/10/2007 1.0.0.3).-.Datacolor) -> C:\PROGRA~1\DIFX\4A7292~1\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\spyder3.inf_amd64_neutral_e09963cff3ce31cd\spyder3.inf [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AutopanoGiga3.5] : (Kolor Autopano Giga 3.5.-.Kolor) -> C:\Program Files\Kolor\Autopano Giga 3.5\Uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CCleaner] : (CCleaner.-.Piriform) -> "C:\Program Files\CCleaner\uninst.exe" ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DAEMON Tools Lite] : (DAEMON Tools Lite.-.Disc Soft Ltd) -> C:\Program Files\DAEMON Tools Lite\uninst.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\ImagenomicPortraiturePlugin] : (Imagenomic Portraiture 2.3 Plug-in (build 2308).-.) -> C:\Program Files (x86)\Imagenomic\Portraiture 2 Plug-in\uninst.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VID_1F4D&PID_0102&MI_00] : (USB2.0 Audio Capture.-.Conexant Systems) -> C:\Program Files\Conexant\VID_1F4D&PID_0102&MI_00\Setup64.exe -U -1 -IVID_1F4D&PID_0102&MI_00 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VID_1F4D&PID_0102&MI_01] : (USB2.0 Video Capture.-.Conexant Systems) -> C:\Program Files\Conexant\VID_1F4D&PID_0102&MI_01\Setup64.exe -U -1 -IVID_1F4D&PID_0102&MI_01 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VulkanRT1.0.26.0] : (Vulkan Run Time Libraries 1.0.26.0.-.LunarG, Inc.) -> C:\Program Files (x86)\VulkanRT\1.0.26.0\UninstallVulkanRT.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WinRAR archiver] : (WinRAR 5.40 (64-bit).-.win.rar GmbH) -> C:\Program Files\WinRAR\uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1CEAC85D-2590-4760-800F-8DE5E91F3700}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> "C:\ProgramData\Intel\Package Cache\{1CEAC85D-2590-4760-800F-8DE5E91F3700}\Setup.exe" -uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F64180101F0}] : (Java 8 Update 101 (64-bit).-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F64180101F0} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F64180121F0}] : (Java 8 Update 121 (64-bit).-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F64180121F0} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F86418091F0}] : (Java 8 Update 91 (64-bit).-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86418091F0} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{33013669-7557-430E-9153-3C025284E623}] : (.-.) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{55398EAC-F58E-4F19-B553-BDF8B9EFD839}] : (Intel(R) Chipset Device Software.-.Intel Corporation) -> MsiExec.exe /I{55398EAC-F58E-4F19-B553-BDF8B9EFD839} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}] : (Apple Mobile Device Support.-.Apple Inc.) -> MsiExec.exe /I{55BB2110-FB43-49B3-93F4-945A0CFB0A6C} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}] : (Bonjour.-.Apple Inc.) -> MsiExec.exe /X{56DDDFB8-7F79-4480-89D5-25E1F52AB28F} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6CA75021-FBB0-41A5-B95C-FC1C9E0421F0}_is1] : (Malwarebytes Anti-Ransomware version 0.9.17.661.-.Malwarebytes) -> "C:\Program Files\Malwarebytes\Anti-Ransomware\unins000.exe" ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7D84E343-A23D-451C-B123-0195B2D903A6}] : (Intel® Trusted Connect Service Client.-.Intel Corporation) -> MsiExec.exe /I{7D84E343-A23D-451C-B123-0195B2D903A6} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7F0AEF3E-C945-4B81-BE91-4214C29F164C}] : (DxO OpticsPro 10.-.DxO Labs) -> MsiExec.exe /X{7F0AEF3E-C945-4B81-BE91-4214C29F164C} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{90120000-002A-0000-1000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{90120000-002A-040C-1000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{90160000-0011-0000-1000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{90160000-0015-040C-1000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{90160000-0016-040C-1000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{90160000-0018-040C-1000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{90160000-0019-040C-1000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{90160000-001A-040C-1000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{90160000-001B-040C-1000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{90160000-001F-0401-1000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{90160000-001F-0407-1000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{90160000-001F-0409-1000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{90160000-001F-040C-1000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{90160000-001F-0413-1000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{90160000-001F-0C0A-1000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{90160000-002C-040C-1000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{90160000-0044-040C-1000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{90160000-006E-040C-1000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{90160000-0090-040C-1000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{90160000-00A1-040C-1000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{90160000-00BA-040C-1000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{90160000-00C1-0000-1000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{90160000-00C1-040C-1000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{90160000-00E1-040C-1000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{90160000-00E2-040C-1000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{90160000-012B-040C-1000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B04E95AD-CBEB-443A-989F-9E9F9170907F}] : (Logiciel de base du périphérique HP Photosmart 6520 series.-.Hewlett-Packard Co.) -> MsiExec.exe /I{B04E95AD-CBEB-443A-989F-9E9F9170907F} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision] : (NVIDIA Pilote 3D Vision 376.33.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.3DVision ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel] : (Panneau de configuration NVIDIA 376.33.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver] : (NVIDIA Pilote graphique 376.33.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView] : (NVIDIA nView 148.03.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.NView [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB] : (NVIDIA Pilote du contrôleur 3D Vision 369.04.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.NVIRUSB [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI] : (NVIDIA WMI 2.29.0.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.NVWMI [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver] : (NVIDIA Pilote audio HD : 1.3.34.17.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage HDAudio.Driver ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] : (NVIDIA Install Application.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer] : (NVIDIA Display Container.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS] : (NVIDIA Display Container LS.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{BFACB3F5-7091-429E-A6A9-59C0696B710E}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> MsiExec.exe /I{BFACB3F5-7091-429E-A6A9-59C0696B710E} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{CCCB484E-79D5-4398-9377-CA6EEB6B53AE}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> MsiExec.exe /I{CCCB484E-79D5-4398-9377-CA6EEB6B53AE} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{CE2A3177-F286-4F6A-9694-DE8EED87D583}] : (hubiC - x64.-.OVH) -> MsiExec.exe /I{CE2A3177-F286-4F6A-9694-DE8EED87D583} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}] : (Samsung USB Driver for Mobile Phones.-.Samsung Electronics Co., Ltd.) -> C:\Program Files\Samsung\USB Drivers\Uninstall.exe ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{DF17C0DB-76D8-4A45-B26E-674F8455B803}] : (Intel(R) ME UninstallLegacy.-.Intel Corporation) -> MsiExec.exe /I{DF17C0DB-76D8-4A45-B26E-674F8455B803} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\ACR_9_8_32] : (.-.Adobe Systems Incorporated) -> "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HDCore\Uninstaller.exe" --uninstall=1 --sapCode=ACR --productVersion=9.8 --productPlatform=win32 --productAdobeCode={ACR-9.8-32-ADBEADBEADBEADBEADBEADBEA} --productName="Camera Raw CC" --mode=2 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe AIR] : (Adobe AIR.-.Adobe Systems Incorporated) -> c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Creative Cloud] : (Adobe Creative Cloud.-.Adobe Systems Incorporated) -> "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI] : (Adobe Flash Player 24 NPAPI.-.Adobe Systems Incorporated) -> C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_194_Plugin.exe -maintain plugin [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Shockwave Player] : (Adobe Shockwave Player 12.2.-.Adobe Systems, Inc.) -> "C:\WINDOWS\SysWOW64\Adobe\Shockwave 12\uninstaller.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Avast] : (Avast Pro Antivirus.-.AVAST Software) -> C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\COCM_1_0_32] : (.-.Adobe Systems Incorporated) -> "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HDCore\Uninstaller.exe" --uninstall=1 --sapCode=COCM --productVersion=1.0 --productPlatform=win32 --productAdobeCode={COCM-1.0.4-ADBEADBEADBEADBEADBEADBEA} --productName="STI_Color_CommonSetCMYK_HD" --mode=2 ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\COPS_1_0_32] : (.-.Adobe Systems Incorporated) -> "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HDCore\Uninstaller.exe" --uninstall=1 --sapCode=COPS --productVersion=1.0 --productPlatform=win32 --productAdobeCode={COPS-1.0.5-ADBEADBEADBEADBEADBEADBEA} --productName="STI_Color_Photoshop_HD" --mode=2 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\CORE_1_0_32] : (.-.Adobe Systems Incorporated) -> "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HDCore\Uninstaller.exe" --uninstall=1 --sapCode=CORE --productVersion=1.0 --productPlatform=win32 --productAdobeCode={CORE-1.0-32-ADBEADBEADBEADBEADBEADBE} --productName="STI_Color_HD" --mode=2 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\CORG_1_0_32] : (.-.Adobe Systems Incorporated) -> "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HDCore\Uninstaller.exe" --uninstall=1 --sapCode=CORG --productVersion=1.0 --productPlatform=win32 --productAdobeCode={CORG-1.0.4-ADBEADBEADBEADBEADBEADBEA} --productName="STI_Color_CommonSetRGB_HD" --mode=2 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DDC Driver_is1] : (DDC Driver 1.5.-.) -> "C:\Program Files (x86)\My Program\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Dell UltraSharp Calibration Solution_is1] : (Dell UltraSharp Calibration Solution.-.Dell) -> "C:\Program Files (x86)\Dell\Dell UltraSharp Calibration Solution\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EncryptOnClick_is1] : (EncryptOnClick.-.2BrightSparks) -> "C:\Program Files (x86)\2BrightSparks\EncryptOnClick\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\FastStone Image Viewer] : (FastStone Image Viewer 5.5.-.FastStone Soft) -> C:\Program Files (x86)\FastStone Image Viewer\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Firebird SQL Server F] : (Firebird SQL Server - MAGIX Edition.-.MAGIX AG) -> C:\Program Files (x86)\MAGIX\Common\Database\instslct.exe /p [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Google Chrome] : (Google Chrome.-.Google Inc.) -> "C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\Installer\setup.exe" --uninstall --system-level --verbose-logging [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}] : (Renesas Electronics USB 3.0 Host Controller Driver.-.Renesas Electronics Corporation) -> "C:\Program Files (x86)\InstallShield Installation Information\{17528CE4-C333-48FB-A9E4-D841E795CDCE}\setup.exe" -runfromtemp -l0x040c -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\KeePassPasswordSafe2_is1] : (KeePass Password Safe 2.35.-.Dominik Reichl) -> "C:\Program Files (x86)\KeePass Password Safe 2\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MAGIX Films sur DVD 7 F] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MAGIX Goya burnR F] : (.-.MAGIX AG) -> C:\Program Files (x86)\MAGIX\Goya_burnR_mxcdr\instslct.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MAGIX Music Manager 2007 F] : (MAGIX Music Manager 2007 8.1.1.102 (F).-.MAGIX AG) -> C:\Program Files (x86)\MAGIX\Music_Manager_2007\instslct.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MAGIX Photo Manager 2007 F] : (MAGIX Photo Manager 2007 4.2.0.85 (F).-.MAGIX AG) -> C:\Program Files (x86)\MAGIX\Photo_Manager_2007\instslct.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MAGIX Photo Manager 2008 F] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MAGIX Screenshare F] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MAGIX Video deluxe 2008 PLUS F] : (MAGIX Video deluxe 2008 PLUS 7.0.2.3 (F).-.MAGIX AG) -> C:\Program Files (x86)\MAGIX\Video_deluxe_2008_PLUS\instslct.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MAGIX Xtreme Photo Designer 6 F] : (MAGIX Xtreme Photo Designer 6 6.0.20.0 (F).-.MAGIX AG) -> C:\Program Files (x86)\MAGIX\Xtreme_Foto_Designer_6\instslct.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1] : (Malwarebytes Anti-Malware version 2.2.1.1043.-.Malwarebytes) -> "C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MicrosoftGamesForWin8] : (Windows 7 Games for Windows 8 and 10.-.) -> "C:\Program Files\Microsoft Games\uninst-win7games.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Mon Univers Photomoinscher 5.1] : (Mon Univers Photomoinscher 5.1.-.CEWE Stiftung u Co. KGaA) -> "C:\Program Files\photomoinscher 5.1\Mon Univers Photomoinscher 5.1\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Mozilla Firefox 51.0.1 (x86 fr)] : (Mozilla Firefox 51.0.1 (x86 fr).-.Mozilla) -> "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Mozilla Thunderbird 45.7.0 (x86 fr)] : (Mozilla Thunderbird 45.7.0 (x86 fr).-.Mozilla) -> C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MozillaMaintenanceService] : (Mozilla Maintenance Service.-.Mozilla) -> "C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPE] : (MyPhoneExplorer.-.F.J. Wechselberger) -> C:\Program Files (x86)\MyPhoneExplorer\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MyDriveConnect] : (TomTom MyDrive Connect 4.1.1.2797.-.TomTom) -> C:\Program Files (x86)\MyDrive Connect\Uninstall TomTom MyDrive Connect.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Nik Collection] : (Nik Collection.-.Google) -> C:\Program Files\Google\Nik Collection\Uninstall Nik Collection.exe ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\NVIDIAStereo] : (NVIDIA Stereoscopic 3D Driver.-.NVIDIA Corporation) -> "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\ParagonExtFS] : (Paragon ExtFS for Windows.-.) -> "C:\Program Files (x86)\Paragon Software\Paragon ExtFS for Windows\ParagonExtFsUninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\PHSP_18_0_1] : (Adobe Photoshop CC 2017.-.Adobe Systems Incorporated) -> "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HDCore\Uninstaller.exe" --uninstall=1 --sapCode=PHSP --productVersion=18.0.1 --productPlatform=win64 --productAdobeCode={PHSP-18.0.1-64-ADBEADBEADBEADBEADBEA} --productName="Photoshop CC (2017)" --mode=2 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\PSTI_1_3_1] : (.-.Adobe Systems Incorporated) -> "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HDCore\Uninstaller.exe" --uninstall=1 --sapCode=PSTI --productVersion=1.3.1 --productPlatform=win64 --productAdobeCode={PSTI-1.3.1-64-ADBEADBEADBEADBEADBEAD} --productName="Adobe Preview CC" --mode=2 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Route Generator] : (Route Generator.-.) -> "C:\Program Files (x86)\Route Generator\uninstall.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SafeZone 1.51.2220.62] : (SafeZone Stable 1.51.2220.62.-.Avast Software) -> "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Samsung SideSync] : (Samsung SideSync.-.Samsung Electronics Co., Ltd.) -> C:\Program Files (x86)\Samsung\SideSync4\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SyncBackFree_is1] : (SyncBackFree.-.2BrightSparks) -> "C:\Program Files (x86)\2BrightSparks\SyncBackFree\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Synology Assistant] : (Synology Assistant (remove only).-.) -> C:\Program Files (x86)\Synology\Assistant\Uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\TreeSize Free_is1] : (TreeSize Free V3.4.5.-.JAM Software) -> "C:\Program Files (x86)\JAM Software\TreeSize Free\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\UninstallDeviceDll_is1] : (UninstallDeviceDll 1.1.-.X-Rite) -> "C:\Program Files (x86)\X-Rite\UninstallDeviceDll\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\UNIVERS PHOTO CEWE Leclerc] : (UNIVERS PHOTO CEWE Leclerc.-.CEWE Stiftung u Co. KGaA) -> "C:\Program Files\photomoinscher 5.1\Mon Univers Photomoinscher 5.1\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Verbatim Hard Drive Formatter_is1] : (Verbatim Hard Drive Formatter.-.Verbatim) -> "C:\Program Files (x86)\Verbatim\Hard Drive Formatter\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\VLC media player] : (VLC media player.-.VideoLAN) -> C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WinLiveSuite] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1] : (MSI Smart Utilities.-.MSI) -> "C:\MSI\Smart Utilities\unins001.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{07A12123-B717-496B-B471-48AF6407B433}] : (Google Drive.-.Google, Inc.) -> MsiExec.exe /X{07A12123-B717-496B-B471-48AF6407B433} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{08D2E121-7F6A-43EB-97FD-629B44903403}] : (Microsoft_VC90_CRT_x86.-.Adobe) -> MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}] : (SDK.-.Portrait Displays, Inc.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}\setup.exe" -l0x9 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0E09BE17-EDEA-42CA-8974-42A587F51510}] : (TomTom HOME.-.Nom de votre société) -> MsiExec.exe /I{0E09BE17-EDEA-42CA-8974-42A587F51510} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1] : (MSI Fast Boot.-.MSI) -> "C:\Program Files (x86)\MSI\Fast Boot\unins000.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{17528CE4-C333-48FB-A9E4-D841E795CDCE}] : (Renesas Electronics USB 3.0 Host Controller Driver.-.Renesas Electronics Corporation) -> MsiExec.exe /X{17528CE4-C333-48FB-A9E4-D841E795CDCE} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}] : (Google Toolbar for Internet Explorer.-.Google Inc.) -> MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{19687AD5-7E54-4C5E-A796-125C95079C1D}] : (Adobe AIR.-.Adobe Systems Incorporated) -> MsiExec.exe /I{19687AD5-7E54-4C5E-A796-125C95079C1D} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1CEAC85D-2590-4760-800F-8DE5E91F3700}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1E18A923-CDF1-4D1C-93B2-AD4CC5BD33EA}] : (X-Rite Device Services Manager.-.X-Rite) -> MsiExec.exe /I{1E18A923-CDF1-4D1C-93B2-AD4CC5BD33EA} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] : (Google Toolbar for Internet Explorer.-.Google Inc.) -> "C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_8B0481A9A34D47CD.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}] : (Intel(R) USB 3.0 eXtensible Host Controller Driver.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Uninstall\setup.exe -uninstall_arp [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F32180101F0}] : (Java 8 Update 101.-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F32180101F0} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F32180121F0}] : (Java 8 Update 121.-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F32180121F0} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218091F0}] : (Java 8 Update 91.-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83218091F0} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}] : (HP FWUpdateEDO2.-.Hewlett-Packard) -> MsiExec.exe /I{415FA9AD-DA10-4ABE-97B6-5051D4795C90} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4412F224-3849-4461-A3E9-DEEF8D252790}] : (Visual Studio C++ 10.0 Runtime.-.TomTom International B.V.) -> MsiExec.exe /I{4412F224-3849-4461-A3E9-DEEF8D252790} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{44A1B115-437B-40F2-91E0-13AD2B9DE545}] : (.-.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4B230374-6475-4A73-BA6E-41015E9C5013}] : (Intel® Security Assist.-.Intel Corporation) -> MsiExec.exe /I{4B230374-6475-4A73-BA6E-41015E9C5013} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1] : (MSI Live Update 6.-.MSI) -> "C:\Program Files (x86)\MSI\Live Update\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{51fea8cc-5bb6-4312-86f5-1802a10e030d}] : (hubiC.-.OVH) -> "C:\ProgramData\Package Cache\{51fea8cc-5bb6-4312-86f5-1802a10e030d}\hubiC-installer.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{56EC47AA-5813-4FF6-8E75-544026FBEA83}] : (Apple Software Update.-.Apple Inc.) -> MsiExec.exe /I{56EC47AA-5813-4FF6-8E75-544026FBEA83} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}] : (Realtek Card Reader.-.Realtek Semiconductor Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}\setup.exe" -runfromtemp -removeonly ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5D85C662-99AB-4B25-A6F0-ABB9D702F552}] : (MSI(R) Intel(R) Extreme Tuning Utility.-.Intel Corporation) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}] : (TomTom HOME.-.Nom de votre société) -> MsiExec.exe /I{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{612C34C7-5E90-47D8-9B5C-0F717DD82726}] : (swMSM.-.Adobe Systems, Inc) -> MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{709316AD-161C-4D5C-9AE7-0B3A822DA271}] : (.-.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{715DD253-A4B2-4912-894D-E445507428DC}] : (XRD i1d3.-.X-Rite) -> MsiExec.exe /I{715DD253-A4B2-4912-894D-E445507428DC} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{73734A45-6D87-4624-9EE9-8CC9291FFC12}] : (e-Carte Bleue La Banque Postale.-.e-Carte Bleue La Banque Postale) -> MsiExec.exe /I{73734A45-6D87-4624-9EE9-8CC9291FFC12} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{79C97462-1598-48CD-B597-8B3C3C5A20B8}] : (Module externe DxO OpticsPro 10 pour Adobe Lightroom.-.DxO Labs) -> MsiExec.exe /X{79C97462-1598-48CD-B597-8B3C3C5A20B8} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1] : (MSI Super Charger.-.MSI) -> "C:\Program Files (x86)\MSI\Super Charger\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1] : (CDBurnerXP.-.CDBurnerXP) -> "C:\Program Files (x86)\CDBurnerXP\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}] : (Adobe Lightroom.-.Adobe Systems Incorporated) -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{80B995A4-3A86-4690-98A6-563F1A788835}_is1] : (MSIRegister.-.MSI) -> "C:\MSI\MSIRegister\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1] : (MSI Command Center.-.MSI) -> "C:\Program Files (x86)\MSI\Command Center\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}] : (Realtek Ethernet Controller Driver.-.Realtek) -> C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}] : (TomTom HOME Visual Studio Merge Modules.-.TomTom International B.V.) -> MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{90120000-0015-040C-0000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{90120000-0016-040C-0000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{90120000-0018-040C-0000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{90120000-0019-040C-0000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{90120000-001A-040C-0000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{90120000-001B-040C-0000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{90120000-001F-0401-0000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{90120000-001F-0407-0000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{90120000-001F-0409-0000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{90120000-001F-040C-0000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{90120000-001F-0413-0000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{90120000-001F-0C0A-0000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{90120000-002C-040C-0000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{90120000-0044-040C-0000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{90120000-006E-040C-0000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}] : (HP Update.-.Hewlett-Packard) -> MsiExec.exe /X{912D30CF-F39E-4B31-AD9A-123C6B794EE2} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}] : (Microsoft_VC80_CRT_x86.-.Adobe) -> MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{933B0FA1-2ECF-4B3F-8153-BEBD8750FF72}] : (Evoluent Mouse Manager.-.Evoluent) -> MsiExec.exe /I{933B0FA1-2ECF-4B3F-8153-BEBD8750FF72} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{95140000-0081-040C-0000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9BA1A894-B42F-4805-BC8C-349C905A3930}] : (Apple Application Support (32 bits).-.Apple Inc.) -> MsiExec.exe /I{9BA1A894-B42F-4805-BC8C-349C905A3930} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9D41D2EF-2D33-4CFD-8A3E-C7E6FCC3303B}] : (ArcSoft ShowBiz.-.ArcSoft) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9D41D2EF-2D33-4CFD-8A3E-C7E6FCC3303B}\Setup.exe" -l0x40c [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A254D625} PicturesToExe 7.0_is1] : (PicturesToExe 7.0.-.WnSoft) -> "C:\Program Files (x86)\WnSoft PicturesToExe\7.0\unins000.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1] : (Dell Display Manager.-.EnTech Taiwan) -> "C:\Program Files (x86)\Dell\Dell Display Manager\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824184103}] : (.-.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824211354}] : (Adobe Refresh Manager.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-0804-1033-1959-001824211354} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}] : (Adobe Acrobat Reader DC - Français.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-AC0F074E4100} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ADF5B74A-8F1B-4EAE-A081-E6098F369A98}] : (NVIDIA Quadro SDI Video SDK for OpenGL.-.NVIDIA Corporation) -> MsiExec.exe /I{ADF5B74A-8F1B-4EAE-A081-E6098F369A98} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B307472F-7BD9-4040-9255-CE6D6A1196A3}] : (Software Updater.-.SEIKO EPSON CORPORATION) -> MsiExec.exe /X{B307472F-7BD9-4040-9255-CE6D6A1196A3} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{bcbf202c-9746-4173-a49b-649bfd0adca6}] : (MSI(R) Intel(R) Extreme Tuning Utility.-.Intel Corporation) -> "C:\ProgramData\Package Cache\{bcbf202c-9746-4173-a49b-649bfd0adca6}\xtu-setup-exe.exe" /modify [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C5342C32-A1CB-44EB-AEED-D31B7E20BD8B}] : (PlayMemories Camera Apps Downloader.-.Sony Corporation) -> MsiExec.exe /X{C5342C32-A1CB-44EB-AEED-D31B7E20BD8B} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{c7f54569-0018-439c-809a-48046a4d4ebc}] : (Logiciel pour périphérique à chipset Intel®.-.Intel(R) Corporation) -> "C:\ProgramData\Package Cache\{c7f54569-0018-439c-809a-48046a4d4ebc}\SetupChipset.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CABB7C60-349E-4D3E-855E-DF474D381FB2}] : (NVIDIA Quadro SDI Video SDK for DirectX.-.NVIDIA Corporation) -> MsiExec.exe /I{CABB7C60-349E-4D3E-855E-DF474D381FB2} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D3580358-0F78-402A-BE53-2E9D06383E04}] : (NETGEAR WNA3100M N300 Wireless USB Adapter.-.NETGEAR) -> C:\Program Files (x86)\InstallShield Installation Information\{D3580358-0F78-402A-BE53-2E9D06383E04}\setup.exe -runfromtemp -l0x040c -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D5068583-D569-468B-9755-5FBF5848F46F}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D7269C20-B3CE-4CD0-8E88-3D307D3BD41A}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E03CD71A-F595-49DF-9ADC-0CFC93B1B211}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F0A53396-EB98-4660-AFEE-46133D2666FE}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}] : (Intel(R) Processor Graphics.-.Intel Corporation) -> "C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe" -uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] : (Realtek High Definition Audio Driver.-.Realtek Semiconductor Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -runfromtemp -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F29CF050-7278-4CDB-9EF8-2DC6DAA87453}}_is1] : (MSI RAMDisk.-.MSI) -> "C:\Program Files (x86)\MSI\RAMDisk\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F6430171-B86B-4639-839E-374913E7911D}] : (Google Earth.-.Google) -> MsiExec.exe /I{F6430171-B86B-4639-839E-374913E7911D} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FC3C2B77-6800-48C6-A15D-9D1031130C16}] : (HP Support Solutions Framework.-.Hewlett-Packard Company) -> MsiExec.exe /I{FC3C2B77-6800-48C6-A15D-9D1031130C16} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}] : (.-.) -> ---------- | Installer [HKCR\Installer\Products\0112BB5534BF3B94394F49A5C0BFA0C6] : Apple Mobile Device Support -> C:\WINDOWS\Installer\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}\Installer.ico [HKCR\Installer\Products\06C7BBACE943E3D458E5FD74D483F12B] : NVIDIA Quadro SDI Video SDK for DirectX [HKCR\Installer\Products\1710346FB68B936438E97394317E19D1] : Google Earth -> C:\WINDOWS\Installer\{F6430171-B86B-4639-839E-374913E7911D}\MainIcon.ico [HKCR\Installer\Products\18555481990E8AB4CBB63FB4F26006C0] : Google Toolbar for Internet Explorer [HKCR\Installer\Products\1AF0B339FCE2F3B41835EBDB7805FF27] : Evoluent Mouse Manager -> C:\Windows\Installer\{933B0FA1-2ECF-4B3F-8153-BEBD8750FF72}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\23C2435CBC1ABE44EADE3DB1E702DBB8] : PlayMemories Camera Apps Downloader -> C:\WINDOWS\Installer\{C5342C32-A1CB-44EB-AEED-D31B7E20BD8B}\appicon.ico [HKCR\Installer\Products\266C58D5BA9952B46A0FBA9B7D205F25] : MSI(R) Intel(R) Extreme Tuning Utility -> C:\WINDOWS\Installer\{5D85C662-99AB-4B25-A6F0-ABB9D702F552}\arp_icon.ico [HKCR\Installer\Products\32121A70717BB6944B1784FA46704B33] : Google Drive -> C:\WINDOWS\Installer\{07A12123-B717-496B-B471-48AF6407B433}\DriveIcon [HKCR\Installer\Products\329A81E11FDCC1D4392BDAC45CDB33AE] : X-Rite Device Services Manager [HKCR\Installer\Products\343E48D7D32AC1541B3210592B9D306A] : Intel® Trusted Connect Service Client [HKCR\Installer\Products\352DD5172B4A219498D44E54054782CD] : XRD i1d3 [HKCR\Installer\Products\3BE2BCD5DA78E624D847B8299C7D134C] : TomTom HOME -> C:\Windows\Installer\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}\ARPPRODUCTICON.exe [HKCR\Installer\Products\422F2144948316443A9EEDFED8527209] : Visual Studio C++ 10.0 Runtime [HKCR\Installer\Products\473032B4574637A4ABE61410E5C90531] : Intel® Security Assist -> C:\WINDOWS\Installer\{4B230374-6475-4A73-BA6E-41015E9C5013}\isa.ico [HKCR\Installer\Products\498A1AB9F24B5084CBC843C909A59303] : Apple Application Support (32 bits) -> C:\WINDOWS\Installer\{9BA1A894-B42F-4805-BC8C-349C905A3930}\WinInstall.ico [HKCR\Installer\Products\4EA42A62D9304AC4784BF2238110100F] : Java 8 Update 101 -> C:\Program Files (x86)\Java\jre1.8.0_101\\bin\javaws.exe [HKCR\Installer\Products\4EA42A62D9304AC4784BF2238110120F] : Java 8 Update 121 -> C:\Program Files (x86)\Java\jre1.8.0_121\\bin\javaws.exe [HKCR\Installer\Products\4EA42A62D9304AC4784BF2381208190F] : Java 8 Update 91 -> C:\Program Files (x86)\Java\jre1.8.0_91\\bin\javaws.exe [HKCR\Installer\Products\4EA42A62D9304AC4784BF2468110100F] : Java 8 Update 101 (64-bit) -> C:\Program Files\Java\jre1.8.0_101\\bin\javaws.exe [HKCR\Installer\Products\4EA42A62D9304AC4784BF2468110120F] : Java 8 Update 121 (64-bit) -> C:\Program Files\Java\jre1.8.0_121\\bin\javaws.exe [HKCR\Installer\Products\4EA42A62D9304AC4784BF2681408190F] : Java 8 Update 91 (64-bit) -> C:\Program Files\Java\jre1.8.0_91\\bin\javaws.exe [HKCR\Installer\Products\4EC82571333CBF849A4E8D147E59DCEC] : Renesas Electronics USB 3.0 Host Controller Driver -> C:\Windows\Installer\{17528CE4-C333-48FB-A9E4-D841E795CDCE}\ARPPRODUCTICON.exe [HKCR\Installer\Products\54A4373778D64264E99EC89C92F1CF21] : e-Carte Bleue La Banque Postale -> C:\WINDOWS\Installer\{73734A45-6D87-4624-9EE9-8CC9291FFC12}\ARPPRODUCTICON.exe [HKCR\Installer\Products\5C13C3F8A3C98AA4E8AF1792A0A75D33] : TomTom HOME Visual Studio Merge Modules [HKCR\Installer\Products\5DA7869145E7E5C47A6921C55970C9D1] : Adobe AIR [HKCR\Installer\Products\5F3BCAFB1907E9246A9A950C96B617E0] : Intel(R) Management Engine Components [HKCR\Installer\Products\68AB67CA408033019195008142123145] : Adobe Refresh Manager -> C:\WINDOWS\Installer\{AC76BA86-0804-1033-1959-001824211354}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68AB67CA7DA76301B744CAF070E41400] : Adobe Acrobat Reader DC - Français -> C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}\SC_Reader.ico [HKCR\Installer\Products\71EB90E0AEDEAC249847245A785F5101] : TomTom HOME -> C:\Windows\Installer\{0E09BE17-EDEA-42CA-8974-42A587F51510}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7713A2EC682FA6F46949EDE8DE785D38] : hubiC - x64 [HKCR\Installer\Products\77B2C3CF00866C841AD5D9011331C061] : HP Support Solutions Framework -> C:\Windows\Installer\{FC3C2B77-6800-48C6-A15D-9D1031130C16}\icon.ico [HKCR\Installer\Products\7C43C21609E58D74B9C5F017D78D7262] : swMSM -> C:\Windows\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8BFDDD6597F70844985D521E5FA22BF8] : Bonjour -> C:\WINDOWS\Installer\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}\Bonjour.ico [HKCR\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E] : Google Update Helper [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\A47B5FDAB1F8EAE40A186E90F863A989] : NVIDIA Quadro SDI Video SDK for OpenGL [HKCR\Installer\Products\AA74CE6531856FF4E857450462BFAE38] : Apple Software Update -> C:\Windows\Installer\{56EC47AA-5813-4FF6-8E75-544026FBEA83}\Installer.ico [HKCR\Installer\Products\BD0C71FD8D6754A42BE676F448558B30] : Intel(R) ME UninstallLegacy [HKCR\Installer\Products\CAE89355E85F91F45B35DB8F9BFE8D93] : Intel(R) Chipset Device Software [HKCR\Installer\Products\DA59E40BBEBCA34489F9E9F9190709F7] : Logiciel de base du périphérique HP Photosmart 6520 series -> C:\Windows\Installer\{B04E95AD-CBEB-443A-989F-9E9F9170907F}\ARP_Icon [HKCR\Installer\Products\E3FEA0F7549C18B4EB1924412CF961C4] : DxO OpticsPro 10 -> C:\Windows\Installer\{7F0AEF3E-C945-4B81-BE91-4214C29F164C}\DxOApp.ico [HKCR\Installer\Products\E484BCCC5D9789343977ACE6BEB635EA] : Intel(R) Management Engine Components [HKCR\Installer\Products\F274703B9DB704042955ECD6A611693A] : Software Updater -> C:\Windows\Installer\{B307472F-7BD9-4040-9255-CE6D6A1196A3}\icon.ico [HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater [HKCR\Installer\Products\FC03D219E93F13B4DAA921C3B697E42E] : HP Update -> C:\Windows\Installer\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}\ARPPRODUCTICON.exe ---------- | ADS @C:\WINDOWS:nlsPreferences ---------- | Drives Disk: 0 Size=764G Pos MBRndx Type/Name Size Active Hide Start Sector Sectors --- ------ ---------- ---- ------ ---- ------------ ------------ 0 0 EE-UNKNWN 21.0T No No 1 294,967,295 ---------- | MBR Windows Version: Windows Information: (build 9200), 64-bit Base Board Manufacturer: MSI BIOS Manufacturer: American Megatrends Inc. System Manufacturer: MSI System Product Name: MS-7846 Logical Drives Mask: 0x0080043c Analysis of file "C:\QuickDiag\MBR.bin": Unknown MBR code 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Nom de l’application défaillante MSI_LiveUpdate_Service.exe, version : 1.0.0.37, horodatage : 0x582449b8 Nom du module défaillant : NDA.dll_unloaded, version : 1.0.0.15, horodatage : 0x581aa4cc Code d’exception : 0xc0000005 Décalage d’erreur : 0x000f650e ID du processus défaillant : 0xd28 Heure de début de l’application défaillante : 0x01d27fc8c13bdb4e Chemin d’accès de l’application défaillante : C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe Chemin d’accès du module défaillant: NDA.dll ID de rapport : f39c9e11-970a-4ccd-9e8b-e02625ef9dcd Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Impossible de redémarrer l’application ou le service « Apple Mobile Device Service ». ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest. Composant 2 : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest. ------------ Nom de l’application défaillante MSI_LiveUpdate_Service.exe, version : 1.0.0.37, horodatage : 0x582449b8 Nom du module défaillant : NDA.dll_unloaded, version : 1.0.0.15, horodatage : 0x581aa4cc Code d’exception : 0xc0000005 Décalage d’erreur : 0x000f650e ID du processus défaillant : 0xdbc Heure de début de l’application défaillante : 0x01d27fc32ede25d4 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe Chemin d’accès du module défaillant: NDA.dll ID de rapport : 79a6ef87-0c47-42eb-a78f-2be9d4a1c84c Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante MSI_LiveUpdate_Service.exe, version : 1.0.0.37, horodatage : 0x582449b8 Nom du module défaillant : NDA.dll_unloaded, version : 1.0.0.15, horodatage : 0x581aa4cc Code d’exception : 0xc0000005 Décalage d’erreur : 0x000f650e ID du processus défaillant : 0xc54 Heure de début de l’application défaillante : 0x01d27fbef13c1ca6 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe Chemin d’accès du module défaillant: NDA.dll ID de rapport : caea9e4d-3c73-4a2f-a195-c32fd40d0bfa Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest. Composant 2 : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest. ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest. Composant 2 : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest. ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest. Composant 2 : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest. ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest. Composant 2 : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest. ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest. Composant 2 : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest. ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest. Composant 2 : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest. ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest. Composant 2 : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest. ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest. Composant 2 : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest. ------------ Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft. System Error: Accès refusé. . ------------ Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft. System Error: Accès refusé. . ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Quadro SDI Video SDK for OpenGL\win\examples\bin\x64\debug\sdidesktop.exe ». Assembly dépendant Microsoft.VC90.DebugCRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Quadro SDI Video SDK for OpenGL\win\examples\bin\x86\debug\sdidesktop.exe ». Assembly dépendant Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Quadro SDI Video SDK for OpenGL\win\examples\bin\x64\debug\audioEmbed.exe ». Assembly dépendant Microsoft.VC90.DebugCRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Quadro SDI Video SDK for OpenGL\win\examples\bin\x86\debug\imageblit.exe ». Assembly dépendant Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. ------------ ----------( EOF)---------- - 5278 | 17:17:14