--------------- QuickDiag | g3n-h@ckm@n | V3_03.05.17.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 12/05/2017 22:27:27 Updated 03/05/2017 | 20.20 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [Xavier (Administrator)] - [XAVIER-PC] (S-1-5-21-46996423-4189726589-3081248854-1001) System: Microsoft Windows 7 Édition Familiale Premium - Service Pack 1 - (6.1.7601) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 7 Édition Familiale Premium |C:\Windows|\Device\Harddisk0\Partition1 Boot : Normal boot PC: P67A-UD4-B3 - Gigabyte Technology Co., Ltd. - IdNumber: - UUID: 00000000-0000-0000-0000-1C6F65C6E09D Processor : X64 - 3392 Mhz - Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz Award Modular BIOS v6.00PG - n|US|iso8859-1 - Award Software International, Inc. - S/N: - F2 - GBT - 42302e31 CoreTemp : ? Celsius ----------| Quick ---------- | SoundDevice NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: ROOT\UNNAMED_DEVICE\0000 Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0889&SUBSYS_1458A022&REV_1000\4&2F158155&0&0201 Sound Blaster X-Fi Xtreme Audio - Status: OK - Manufacturer: Creative Technology Ltd. - PNPDeviceID: HDAUDIO\FUNC_01&VEN_1102&DEV_000A&SUBSYS_11021007&REV_1000\6&2AA6AE5B&0&0101 NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0012&SUBSYS_10DE0101&REV_1001\5&170C6BB1&0&0001 NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0012&SUBSYS_10DE0101&REV_1001\5&170C6BB1&0&0101 NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0012&SUBSYS_10DE0101&REV_1001\5&170C6BB1&0&0201 NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0012&SUBSYS_10DE0101&REV_1001\5&170C6BB1&0&0301 ---------- | Video NVIDIA GeForce GTX 460 - Resolution: 1280x1024 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: nvd3dumx.dll,nvwgf2umx.dll,nvwgf2umx.dll,nvd3dum,nvwgf2um,nvwgf2um - PNPDeviceID: PCI\VEN_10DE&DEV_0E22&SUBSYS_23811462&REV_A1\4&2D68EC9A&0&0008 - AdapterCompatibility: NVIDIA - RAM: 1073741824 Inegrated Video Chipset DeviceName: NVIDIA GeForce GTX 460 - DriverVersion: 21.21.13.7633 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16384 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 22016 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 29184 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 24064 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25600 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 81408 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK ---------- | CPU CPU #1 value:6 % CPU #2 value:74 % CPU #3 value:0 % CPU #4 value:74 % CPU #5 value:0 % CPU #6 value:31 % CPU #7 value:0 % CPU #8 value:49 % Total Overall CPU Usage value:29 % ---------- | Network Realtek PCIe GBE Family Controller : SENT:0 bytes/sec / RECVD:0 bytes/sec isatap.home : SENT:0 bytes/sec / RECVD:0 bytes/sec Connexion au réseau local* 11 : SENT:0 bytes/sec / RECVD:0 bytes/sec 6TO4 Adapter : SENT:0 bytes/sec / RECVD:0 bytes/sec Overall -> SEND Maxium:29 bytes/sec, / RECEIVE Maximum:0 bytes/sec WAN Miniport (SSTP) - - Microsoft - Status: - PnPID : ROOT\MS_SSTPMINIPORT\0000 WAN Miniport (IKEv2) - - Microsoft - Status: - PnPID : ROOT\MS_AGILEVPNMINIPORT\0000 WAN Miniport (L2TP) - - Microsoft - Status: - PnPID : ROOT\MS_L2TPMINIPORT\0000 WAN Miniport (PPTP) - - Microsoft - Status: - PnPID : ROOT\MS_PPTPMINIPORT\0000 WAN Miniport (PPPOE) - - Microsoft - Status: - PnPID : ROOT\MS_PPPOEMINIPORT\0000 WAN Miniport (IPv6) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANIPV6\0000 WAN Miniport (Network Monitor) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANBH\0000 Realtek PCIe GBE Family Controller - Ethernet 802.3 - Realtek - Status: - PnPID : PCI\VEN_10EC&DEV_8168&SUBSYS_E0001458&REV_06\4&B75C242&0&00E6 WAN Miniport (IP) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANIP\0000 Carte Microsoft ISATAP - Tunnel - Microsoft - Status: - PnPID : ROOT\*ISATAP\0000 RAS Async Adapter - Réseau étendu (WAN) - Microsoft - Status: - PnPID : SW\{EEAB7790-C514-11D1-B42B-00805FC1270E}\ASYNCMAC Microsoft Teredo Tunneling Adapter - Tunnel - Microsoft - Status: - PnPID : ROOT\*TEREDO\0000 Carte Microsoft 6to4 - Tunnel - Microsoft - Status: - PnPID : ROOT\*6TO4MP\0000 Carte Microsoft ISATAP - Tunnel - Microsoft - Status: - PnPID : ROOT\*ISATAP\0001 ---------- | Memory RAM = Total (MB) : 4177 | Free (MB) : 1949 Pagefile = Total (MB) : 8353 | Free (MB) : 5593 Virtual = Total (MB) : 4194 | Free (MB) : 4002 Physical Memory 1 : Capacity: 2147483648 - A1 - Posit.: 0 - Manufacturer: - PartNumber: - S/N: Physical Memory 3 : Capacity: 2147483648 - A3 - Posit.: 0 - Manufacturer: - PartNumber: - S/N: ---------- | SID Users Administrateur : [S-1-5-21-46996423-4189726589-3081248854-500] HomeGroupUser$ : [S-1-5-21-46996423-4189726589-3081248854-1002] Invité : [S-1-5-21-46996423-4189726589-3081248854-501] Xavier : [S-1-5-21-46996423-4189726589-3081248854-1001] Administrateurs : [S-1-5-32-544] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] Utilisateurs : [S-1-5-32-545] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] HomeUsers : [S-1-5-21-46996423-4189726589-3081248854-1000] ---------- | SystemAccounts Name: Tout le monde - SID: S-1-1-0 - SIDType: 5 - Status: OK Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK Name: CREATEUR PROPRIETAIRE - SID: S-1-3-0 - SIDType: 5 - Status: OK Name: GROUPE CREATEUR - SID: S-1-3-1 - SIDType: 5 - Status: OK Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK Name: DROITS DU PROPRIÉTAIRE - SID: S-1-3-4 - SIDType: 5 - Status: OK Name: LIGNE - SID: S-1-5-1 - SIDType: 5 - Status: OK Name: RESEAU - SID: S-1-5-2 - SIDType: 5 - Status: OK Name: TACHE - SID: S-1-5-3 - SIDType: 5 - Status: OK Name: INTERACTIF - SID: S-1-5-4 - SIDType: 5 - Status: OK Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK Name: Proxy - SID: S-1-5-8 - SIDType: 5 - Status: OK Name: Système - SID: S-1-5-18 - SIDType: 5 - Status: OK Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK Name: Utilisateurs authentifiés - SID: S-1-5-11 - SIDType: 5 - Status: OK Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK Name: UTILISATEUR TERMINAL SERVER - SID: S-1-5-13 - SIDType: 5 - Status: OK Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK Name: SERVICE LOCAL - SID: S-1-5-19 - SIDType: 5 - Status: OK Name: SERVICE RÉSEAU - SID: S-1-5-20 - SIDType: 5 - Status: OK Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK ---------- | Drives C:\ -> [Fixed] | [Windows] | Total : 698.63 Go | Free : 247.27 Go -> NTFS [SATA] Disk Usage Information [1 total Physical Disks] Physical Drive #0 [C:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:0 bytes/sec, Write Maximum:0 bytes/sec DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 1 Part. - PnPID : IDE\DISKWDC_WD7502AAEX-00Y9A0___________________05.01D05\5&3937B695&0&0.0.0 ---------- | Windows updates Last detection : 2011-04-22 18:09:18 Downloaded last ones : 2011-04-21 18:48:16 Installed last ones : 2011-04-21 20:22:21 Test 1 : Windows Is Activated ---------- | Browsers IE : 9.0.8112.16457 (© Microsoft Corporation. Tous droits réservés.) Default : "C:\Program Files\Opera\launcher.exe" -noautoupdate -- "" ---------- | FlashPlayer FlashPlayer ActiveX : 21.0.0.213 FlashPlayer Plugin : 21.0.0.213 ---------- | Security AV : Malwarebytes Enabled AS : Windows Defender Enabled FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Auto(2)] = Running AS: Windows Defender [Auto(2)] = Running WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 364 | [Owner : Système | Parent : 4(System) | 1.14 Mo] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (6.1.7600.16385) = C:\Windows\System32\smss.exe [14/07/2009 01:19:50] CPU Usage:0 % 540 | [Owner : Système | Parent : 444() | 4.3 Mo] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe [14/07/2009 01:19:49] CPU Usage:0 % 600 | [Owner : Système | Parent : 444() | 4.53 Mo] - (.Microsoft Corporation - Application de démarrage de Windows.) - (6.1.7600.16385) = C:\Windows\System32\wininit.exe [14/07/2009 01:52:37] CPU Usage:0 % 612 | [Owner : Système | Parent : 592(svchost.exe) | 8.99 Mo] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe [14/07/2009 01:19:49] CPU Usage:0 % 656 | [Owner : Système | Parent : 600(wininit.exe) | 9.35 Mo] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (6.1.7600.16385) = C:\Windows\System32\services.exe [14/07/2009 01:19:46] CPU Usage:0 % 688 | [Owner : Système | Parent : 592(svchost.exe) | 7.14 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (6.1.7601.17514) = C:\Windows\System32\winlogon.exe [21/11/2010 05:24:29] CPU Usage:0 % 700 | [Owner : Système | Parent : 600(wininit.exe) | 12.61 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7600.16385) = C:\Windows\System32\lsass.exe [14/07/2009 01:20:54] CPU Usage:0 % 708 | [Owner : Système | Parent : 600(wininit.exe) | 4.95 Mo] - (.Microsoft Corporation - Service du gestionnaire de session locale.) - (6.1.7601.17514) = C:\Windows\System32\lsm.exe [21/11/2010 05:23:53] CPU Usage:0 % 832 | [Owner : Système | Parent : 656(services.exe) | 9.34 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 908 | [Owner : Système | Parent : 656(services.exe) | 9.14 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.0.0.0) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [08/01/2017 00:15:14] CPU Usage:0 % 956 | [Owner : SERVICE RÉSEAU | Parent : 656(services.exe) | 8.34 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 156 | [Owner : SERVICE LOCAL | Parent : 656(services.exe) | 21.64 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 544 | [Owner : Système | Parent : 908(NVDisplay.Container.exe) | 20.22 Mo] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.7633) = C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe [07/01/2011 21:49:52] CPU Usage:0 % 592 | [Owner : Système | Parent : 656(services.exe) | 122.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 768 | [Owner : Système | Parent : 656(services.exe) | 38.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1116 | [Owner : Système | Parent : 656(services.exe) | 3.96 Mo] - (.Creative Technology Ltd - Creative Audio Service.) - (3.11.0.0) = C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [24/03/2011 10:14:56] CPU Usage:0 % 1192 | [Owner : SERVICE LOCAL | Parent : 656(services.exe) | 13.37 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1300 | [Owner : SERVICE RÉSEAU | Parent : 656(services.exe) | 17.35 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1584 | [Owner : Xavier | Parent : 592(svchost.exe) | 25.85 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (6.1.7600.16385) = C:\Windows\System32\dwm.exe [14/07/2009 01:37:38] CPU Usage:0 % 1608 | [Owner : Xavier | Parent : 1576() | 59.48 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.17514) = C:\Windows\explorer.exe [21/11/2010 05:24:11] CPU Usage:0 % 1700 | [Owner : Xavier | Parent : 1608(explorer.exe) | 10.9 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.617) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [24/03/2011 10:08:20] CPU Usage:0 % 1724 | [Owner : Xavier | Parent : 1608(explorer.exe) | 7.09 Mo] - (.Logitech Inc. - Logitech WingMan Event Monitor.) - (5.7.105.0) = C:\Program Files\Logitech\Gaming Software\LWEMon.exe [23/06/2009 02:53:04] CPU Usage:0 % 1936 | [Owner : Xavier | Parent : 1608(explorer.exe) | 12.43 Mo] - (.Malwarebytes - Malwarebytes Tray Application.) - (3.0.0.1068) = C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe [11/05/2017 18:19:27] CPU Usage:0 % 1944 | [Owner : Xavier | Parent : 1608(explorer.exe) | 285.62 Mo] - (.Google Inc. - Google Chrome.) - (58.0.3029.96) = C:\Users\Xavier\AppData\Local\Google\Chrome\Application\chrome.exe [06/08/2011 22:18:24] CPU Usage:0 % 2016 | [Owner : Xavier | Parent : 1944(chrome.exe) | 7.3 Mo] - (.Google Inc. - Google Chrome.) - (58.0.3029.96) = C:\Users\Xavier\AppData\Local\Google\Chrome\Application\chrome.exe [06/08/2011 22:18:24] CPU Usage:0 % 1180 | [Owner : Xavier | Parent : 656(services.exe) | 8.64 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.17514) = C:\Windows\System32\taskhost.exe [21/11/2010 05:24:08] CPU Usage:0 % 1248 | [Owner : Xavier | Parent : 1996() | 5.02 Mo] - (.Renesas Electronics Corporation - USB 3.0 Monitor.) - (2.0.28.0) = C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [17/11/2010 10:53:16] CPU Usage:0 % 1472 | [Owner : Xavier | Parent : 1944(chrome.exe) | 8.38 Mo] - (.Google Inc. - Google Chrome.) - (58.0.3029.96) = C:\Users\Xavier\AppData\Local\Google\Chrome\Application\chrome.exe [06/08/2011 22:18:24] CPU Usage:0 % 1392 | [Owner : Système | Parent : 656(services.exe) | 13.18 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.17514) = C:\Windows\System32\spoolsv.exe [21/11/2010 05:24:27] CPU Usage:0 % 1808 | [Owner : SERVICE LOCAL | Parent : 656(services.exe) | 14.33 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1152 | [Owner : Système | Parent : 656(services.exe) | 8.76 Mo] - (.Apple Inc. - MobileDeviceService.) - (17.364.0.22) = C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [02/09/2015 17:10:18] CPU Usage:0 % 2024 | [Owner : Xavier | Parent : 544(NvXDSync.exe) | 12.5 Mo] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.7633) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [07/01/2011 21:50:06] CPU Usage:0 % 1528 | [Owner : Système | Parent : 656(services.exe) | 5.28 Mo] - (.Apple Inc. - Bonjour Service.) - (3.1.0.1) = C:\Program Files\Bonjour\mDNSResponder.exe [12/08/2015 16:03:42] CPU Usage:0 % 1160 | [Owner : SERVICE LOCAL | Parent : 656(services.exe) | 59.2 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 2076 | [Owner : Système | Parent : 656(services.exe) | 9.31 Mo] - (.Windows User - GameGolfWatchService.) - (1.0.0.0) = C:\Program Files (x86)\GAMEGOLF\WindowsService\GameGolfWatchService.exe [14/04/2014 19:22:22] CPU Usage:0 % 2240 | [Owner : Système | Parent : 656(services.exe) | 5.99 Mo] - (.iRacing.com Motorsport Simulations, LLC Bedford, MA 01730 - iRacing.com Helper Service.) - (2.22.5.18) = C:\Program Files (x86)\iRacing\iRacingService.exe [01/05/2011 15:14:39] CPU Usage:0 % 2276 | [Owner : Système | Parent : 656(services.exe) | 16.55 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.1.2136.1721) = C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [08/01/2017 00:16:23] CPU Usage:0 % 2324 | [Owner : Système | Parent : 656(services.exe) | 5.74 Mo] - (.NVIDIA Corporation - NVIDIA Wireless Controller Service.) - (3.1.2.31) = C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [08/01/2017 00:16:51] CPU Usage:0 % 2572 | [Owner : Xavier | Parent : 2276(nvcontainer.exe) | 20.54 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.1.2136.1721) = C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [08/01/2017 00:16:23] CPU Usage:0 % 2844 | [Owner : SERVICE LOCAL | Parent : 656(services.exe) | 5.07 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 2884 | [Owner : Système | Parent : 656(services.exe) | 13.74 Mo] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - (7.250.4225.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [21/09/2010 15:49:00] CPU Usage:0 % 3032 | [Owner : Système | Parent : 2884(WLIDSVC.EXE) | 3.33 Mo] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) - (7.250.4225.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE [21/09/2010 15:49:00] CPU Usage:0 % 3060 | [Owner : Système | Parent : 656(services.exe) | 279.06 Mo] - (.Malwarebytes - Malwarebytes Service.) - (3.1.0.479) = C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [11/05/2017 18:19:29] CPU Usage:0 % 3208 | [Owner : Système | Parent : 656(services.exe) | 12.18 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7600.16385) = C:\Windows\System32\SearchIndexer.exe [14/07/2009 02:32:27] CPU Usage:0 % 3544 | [Owner : SERVICE RÉSEAU | Parent : 656(services.exe) | 5.16 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 3952 | [Owner : SERVICE LOCAL | Parent : 656(services.exe) | 15.88 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 1492 | [Owner : Xavier | Parent : 1944(chrome.exe) | 48.03 Mo] - (.Google Inc. - Google Chrome.) - (58.0.3029.96) = C:\Users\Xavier\AppData\Local\Google\Chrome\Application\chrome.exe [06/08/2011 22:18:24] CPU Usage:0 % 3704 | [Owner : Xavier | Parent : 1944(chrome.exe) | 333.65 Mo] - (.Google Inc. - Google Chrome.) - (58.0.3029.96) = C:\Users\Xavier\AppData\Local\Google\Chrome\Application\chrome.exe [06/08/2011 22:18:24] CPU Usage:0 % 3708 | [Owner : Xavier | Parent : 1944(chrome.exe) | 41.41 Mo] - (.Google Inc. - Google Chrome.) - (58.0.3029.96) = C:\Users\Xavier\AppData\Local\Google\Chrome\Application\chrome.exe [06/08/2011 22:18:24] CPU Usage:0 % 1708 | [Owner : Xavier | Parent : 1944(chrome.exe) | 42.08 Mo] - (.Google Inc. - Google Chrome.) - (58.0.3029.96) = C:\Users\Xavier\AppData\Local\Google\Chrome\Application\chrome.exe [06/08/2011 22:18:24] CPU Usage:0 % 3908 | [Owner : Xavier | Parent : 1944(chrome.exe) | 51.59 Mo] - (.Google Inc. - Google Chrome.) - (58.0.3029.96) = C:\Users\Xavier\AppData\Local\Google\Chrome\Application\chrome.exe [06/08/2011 22:18:24] CPU Usage:0 % 4828 | [Owner : SERVICE RÉSEAU | Parent : 656(services.exe) | 13.9 Mo] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe [21/11/2010 05:25:05] CPU Usage:0 % 5740 | [Owner : Système | Parent : 832(svchost.exe) | 6.4 Mo] - (.Microsoft Corporation - COM Surrogate.) - (6.1.7600.16385) = C:\Windows\System32\dllhost.exe [14/07/2009 01:59:17] CPU Usage:0 % 5392 | [Owner : Système | Parent : 5604() | 0.53 Mo] - (.Google Inc. - Programme d'installation de Google.) - (1.3.28.13) = C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28/03/2011 21:06:54] CPU Usage:0 % 4712 | [Owner : Système | Parent : 5392(GoogleUpdate.exe) | 0.53 Mo] - (.Google Inc. - Google Crash Handler.) - (1.3.33.5) = C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe [27/04/2017 20:15:30] CPU Usage:0 % 4720 | [Owner : Système | Parent : 656(services.exe) | 33.48 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe [14/07/2009 01:31:13] CPU Usage:0 % 4692 | [Owner : Système | Parent : 5392(GoogleUpdate.exe) | 0.53 Mo] - (.Google Inc. - Google Crash Handler.) - (1.3.33.5) = C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe [27/04/2017 20:15:31] CPU Usage:0 % 5504 | [Owner : Xavier | Parent : 1944(chrome.exe) | 74.81 Mo] - (.Google Inc. - Google Chrome.) - (58.0.3029.96) = C:\Users\Xavier\AppData\Local\Google\Chrome\Application\chrome.exe [06/08/2011 22:18:24] CPU Usage:0 % 3892 | [Owner : SERVICE LOCAL | Parent : 156(svchost.exe) | ?????] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (6.1.7601.17514) = C:\Windows\System32\audiodg.exe [21/11/2010 05:24:32] CPU Usage:0 % 4124 | [Owner : Xavier | Parent : 1608(explorer.exe) | 31.46 Mo] - (.SosVirus - QuickDiag.) - (3.5.17.1) = C:\Users\Xavier\Desktop\QuickDiag.exe [05/05/2017 17:42:17] CPU Usage:0 % 5728 | [Owner : SERVICE RÉSEAU | Parent : 832(svchost.exe) | 12.5 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\System32\wbem\WmiPrvSE.exe [21/11/2010 05:24:15] CPU Usage:0 % 3052 | [Owner : Système | Parent : 832(svchost.exe) | 15.74 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\System32\wbem\WmiPrvSE.exe [21/11/2010 05:24:15] CPU Usage:0 % 984 | [Owner : SERVICE RÉSEAU | Parent : 832(svchost.exe) | 7.78 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [21/11/2010 05:24:27] CPU Usage:0 % 4892 | [Owner : SERVICE RÉSEAU | Parent : 656(services.exe) | 14.23 Mo] - (.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) - (6.1.7601.17514) = C:\Windows\System32\sppsvc.exe [21/11/2010 05:23:56] CPU Usage:0 % ---------- | MD5 [MD5.AC4C51EB24AA95B77F705AB159189E24] - [21/11/2010 05:24:11] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [2805 Ko] - (6.1.7601.17514) : C:\Windows\Explorer.exe [MD5.5746BD7E255DD6A8AFA06F7C42C1BA41] - [21/11/2010 05:23:55] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [337 Ko] - (6.1.7601.17514) : C:\Windows\System32\cmd.exe [MD5.60C2862B4BF0FD9F582EF344C2B1EC72] - [14/07/2009 01:19:49] - (.© Microsoft Corporation. Tous droits réservés. - Processus d’exécution client-serveur.) - [7.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\csrss.exe [MD5.A8EDB86FC2A4D6D1285E4C70384AC35A] - [14/07/2009 01:59:17] - (.© Microsoft Corporation. - COM Surrogate.) - [9.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\dllhost.exe [MD5.7A6326D96D53048FDEC542DF23D875A0] - [21/11/2010 05:24:07] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [1134 Ko] - (6.1.7601.17514) : C:\Windows\System32\Kernel32.dll [MD5.0793F40B9B8A1BDD266296409DBD91EA] - [14/07/2009 01:20:54] - (.© Microsoft Corporation. - Local Security Authority Process.) - [30.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\lsass.exe [MD5.5C627D1B1138676C0A7AB2C2C190D123] - [21/11/2010 05:24:01] - (.© Microsoft Corporation. - Distributed COM Services.) - [500 Ko] - (6.1.7601.17514) : C:\Windows\System32\rpcss.dll [MD5.DD81D91FF3B0763C392422865C9AC12E] - [14/07/2009 01:57:20] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [44.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\rundll32.exe [MD5.24ACB7E5BE595468E3B9AA488B9B4FCB] - [14/07/2009 01:19:46] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [321 Ko] - (6.1.7600.16385) : C:\Windows\System32\services.exe [MD5.C78655BC80301D76ED4FEF1C1EA40A7D] - [14/07/2009 01:31:13] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [26.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\svchost.exe [MD5.FE70103391A64039A921DBFFF9C7AB1B] - [21/11/2010 05:24:09] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l’API uilisateur de Windows multi-utilisateurs.) - [984.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\user32.dll [MD5.BAFE84E637BF7388C96EF48D4D3FDD53] - [21/11/2010 05:24:28] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Userinit.) - [30 Ko] - (6.1.7601.17514) : C:\Windows\System32\userinit.exe [MD5.94355C28C1970635A31B3FE52EB7CEBA] - [14/07/2009 01:52:37] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [126 Ko] - (6.1.7600.16385) : C:\Windows\System32\Wininit.exe [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - [21/11/2010 05:24:29] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Windows.) - [381.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Winlogon.exe [MD5.D31DC7A16DEA4A9BAF179F3D6FBDB38C] - [21/11/2010 05:24:08] - (.© Microsoft Corporation. Tous droits réservés. - Ancillary Function Driver for WinSock.) - [488 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\afd.sys [MD5.02062C0B390B7729EDC9E69C680A6F3C] - [14/07/2009 01:19:47] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [23.56 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\atapi.sys [MD5.A34FE1E025E88798E746F484956C0720] - [21/11/2010 05:23:47] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [151.88 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\ataport.sys [MD5.B8BD2BB284668C84865658C77574381A] - [14/07/2009 01:19:47] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [90 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\cdfs.sys [MD5.F036CE71586E93D94DAB220D7BDF4416] - [21/11/2010 05:23:47] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [144 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\cdrom.sys [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - [21/11/2010 05:24:32] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [100 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\dfsc.sys [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - [21/11/2010 05:23:47] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [119.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\hdaudbus.sys [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - [14/07/2009 01:19:58] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [103 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\i8042prt.sys [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - [14/07/2009 02:10:03] - (.© Microsoft Corporation. - IP Network Address Translator.) - [113.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\ipnat.sys [MD5.C2B4651001A867FF3F8865863B592991] - [19/04/2011 20:26:49] - (.© Microsoft Corporation. - Windows NT SMB Minirdr.) - [154.5 Ko] - (6.1.7601.17565) : C:\Windows\System32\Drivers\mrxsmb.sys [MD5.79B47FD40D9A817E932F9D26FAC0A81C] - [21/11/2010 05:23:55] - (.© Microsoft Corporation. Tous droits réservés. - Pilote NDIS 6.20.) - [929.38 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\ndis.sys [MD5.09594D1089C523423B32A4229263F068] - [21/11/2010 05:23:51] - (.© Microsoft Corporation. - MBT Transport driver.) - [255.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\netbt.sys [MD5.05D78AA5CB5F3F5C31160BDB955D0B7C] - [21/11/2010 05:23:55] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [1620.88 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\ntfs.sys [MD5.0086431C29C35BE1DBC43F52CC273887] - [14/07/2009 02:00:41] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [95 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\parport.sys [MD5.471815800AE33E6F1C32FB1B97C490CA] - [21/11/2010 05:24:33] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [126.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\rasl2tp.sys [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - [14/07/2009 02:09:09] - (.© Microsoft Corporation. - SMB Transport driver.) - [91 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\smb.sys [MD5.509383E505C973ED7534A06B3D19688D] - [21/11/2010 05:24:08] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [1879.38 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\tcpip.sys [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - [21/11/2010 05:24:32] - (.© Microsoft Corporation. - TDI Translation Driver.) - [116.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\tdx.sys [MD5.0D08D2F3B3FF84E433346669B5E0F639] - [21/11/2010 05:23:47] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de cliché instantané du volume.) - [288.88 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\volsnap.sys ---------- | Locked Applications ---------- | Explorer.exe component call (Microsoft Files Whitelisted) (.AVAST Software.-.avast! snxhk.) - (6.0.1367.0) -- C:\Program Files\AVAST Software\Avast\snxhk64.dll (.Dropbox, Inc..-.Dropbox Shell Extension.) - (1.0.0.14) -- C:\Users\Xavier\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (.Malwarebytes.-.Malwarebytes.) - (3.0.0.26) -- C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll (.NVIDIA Corporation.-.NVIDIA Shell Extensions.) - (8.17.13.7633) -- C:\Windows\system32\nv3dappshext.dll (.NVIDIA Corporation.-.NVIDIA NVAPI Library, Version 376.33.) - (21.21.13.7633) -- C:\Windows\system32\nvapi64.dll ---------- | Svchost.exe component call (Microsoft Files Whitelisted) (.AVAST Software.-.avast! snxhk.) - (6.0.1367.0) -- C:\Program Files\AVAST Software\Avast\snxhk64.dll (.Apple Inc..-.Bonjour Namespace Provider.) - (3.1.0.1) -- C:\Program Files\Bonjour\mdnsNSP.dll (.Creative Technology Ltd..-.Creative Audio Processing Object Module.) - (1.0.4.0) -- C:\Windows\system32\T3APO64.dll (.Realtek Semiconductor Corp..-.Realtek(r) LFX/GFX DSP component.) - (11.0.6000.184) -- C:\Windows\system32\RtkAPO64.dll ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up GarminExpressTrayApp - ("C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKU\S-1-5-18\SOFTWARE\...\Run]) - User: AUTORITE NT\Système Sidebar - (%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL Sidebar - (%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU GoogleChromeAutoLaunch_259CD2A20984767A546B211D3EE3BB67 - ("C:\Users\Xavier\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\...\Run]) - User: Xavier-PC\Xavier GarminExpressTrayApp - ("C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKU\.DEFAULT\SOFTWARE\...\Run]) - User: .DEFAULT RtHDVCpl - (C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [HKLM\SOFTWARE\...\Run]) - User: Public Start WingMan Profiler - (C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui [HKLM\SOFTWARE\...\Run]) - User: Public ShadowPlay - ("C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [HKLM\SOFTWARE\...\Run]) - User: Public Malwarebytes TrayApp - (C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [HKLM\SOFTWARE\...\Run]) - User: Public [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_259CD2A20984767A546B211D3EE3BB67"="C:\Users\Xavier\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "UserSelectedDefault"=1 "Device"=Canon MG3500 series Printer,winspool,Ne04: [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s "Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui "ShadowPlay"="C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart "Malwarebytes TrayApp"=C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [11/05/2017 18:19:27] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "IconServiceLib"=IconCodecService.dll "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "GDIProcessHandleQuota"=10000 "ShutdownWarningDialogTimeout"=4294967295 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 ""=mnmsrvc "DeviceNotSelectedTimeout"=15 "Spooler"=yes "TransmissionRetryTimeout"=90 "AppInit_DLLs"= "LoadAppInit_DLLs"=0 [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] "IconServiceLib"=IconCodecService.dll "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "GDIProcessHandleQuota"=10000 "ShutdownWarningDialogTimeout"=4294967295 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 ""=mnmsrvc "DeviceNotSelectedTimeout"=15 "Spooler"=yes "TransmissionRetryTimeout"=90 "AppInit_DLLs"= "LoadAppInit_DLLs"=0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Win.ini : ---------- | System.ini : ---------- | Tasks List CCleanerSkipUAC D3DGearRawFrameCaptureTask GoogleUpdateTaskMachineCore GoogleUpdateTaskMachineUA GoogleUpdateTaskUserS-1-5-21-46996423-4189726589-3081248854-1001Core GoogleUpdateTaskUserS-1-5-21-46996423-4189726589-3081248854-1001UA NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} Opera scheduled Autoupdate 1490181808 {12DA2D3F-3E7F-401B-84C1-54D969D5CF52} ---------- | Startings up registry ¦ Folder [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] : "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0] : "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS5.5ServiceManager] : "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] : "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EADM] : "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GarminExpressTrayApp] : "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update] : C:\Users\Xavier\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [29/04/2017 18:00:11] [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoogleChromeAutoLaunch_259CD2A20984767A546B211D3EE3BB67] : "C:\Users\Xavier\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\gStart] : C:\Program Files (x86)\Garmin\Training Center\gStart.exe [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] : "C:\Program Files\iTunes\iTunesHelper.exe" [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Samsung PanelMgr] : C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] : "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam] : "C:\Program Files (x86)\Steam\steam.exe" -silent [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] : "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg] : "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SwitchBoard] : C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19/02/2010 13:37:14] ---------- | Other keys [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Terminal Server] "RCDependentServices"=CertPropSvc SessionEnv "NotificationTimeOut"=0 "SnapshotMonitors"=1 "ProductVersion"=5.1 "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "fDenyTSConnections"=1 "StartRCM"=0 "TSAdvertise"=0 "DeleteTempDirsOnExit"=1 "fSingleSessionPerUser"=1 "PerSessionTempDir"=0 "TSUserEnabled"=0 "InstanceID"=344242f6-8493-40ee-bdb4-f5745e9 [HKLM\System\CurrentControlSet\Control\Session Manager] "CriticalSectionTimeout"=2592000 "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "ProcessorControl"=2 "ResourceTimeoutCount"=648000 "BootExecute"=autocheck autochk * "ExcludeFromKnownDlls"= "ObjectDirectories"=\Windows \RPC Control "ProtectionMode"=1 "NumberOfInitialSessions"=2 "SetupExecute"= [HKLM\System\CurrentControlSet\Control] "PreshutdownOrder"=wuauserv gpsvc trustedinstaller "WaitToKillServiceTimeout"=200 "CurrentUser"=USERNAME "BootDriverFlags"=0 "ServiceControlManagerExtension"=%systemroot%\system32\scext.dll "SystemStartOptions"= NOEXECUTE=OPTIN "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(1) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1) [HKLM\System\CurrentControlSet\Control\lsa] "auditbaseobjects"=0 "auditbasedirectories"=0 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "Bounds"=0x0030000000200000 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Notification Packages"=scecli "Security Packages"=kerberos msv1_0 schannel wdigest tspkg pku2u livessp "Authentication Packages"=msv1_0 "LsaPid"=700 "SecureBoot"=1 "ProductType"=3 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "restrictanonymous"=0 "restrictanonymoussam"=1 ---------- | .LNK with Arguments c:\users\xavier\desktop\adsfix_donate.lnk - Encrypted: False - Target: C:\Program Files (x86)\Internet Explorer\iexplore.exe - Args: (hxxps://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3AQ8V3XRWWYN) - Hidden: False - Status: OK ---------- | AppCertDlls ---------- | Dnsapi.dll C:\Windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Control Panel\Desktop] "ScreenSaveActive"=1 "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=1400 "FontSmoothingOrientation"=0 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=0 "LeftOverlapChars"=3 "MenuShowDelay"=400 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=0 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "UserPreferencesMask"=0x9E3E078012000000 "Wallpaper"=C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg [27/03/2011 14:53:35] "LogPixels"=96 "WaitToKillAppTimeout"=200 [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Microsoft\Windows\CurrentVersion\Explorer] "ExplorerStartupTraceRecorded"=1 "ShellState"=0x240000003028000000000000000000000000000001000000120000000000000022000000 "CleanShutdown"=0 "Browse For Folder Width"=347 "Browse For Folder Height"=328 "link"=0x1E000000 [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=2 "ShowCompColor"=1 "HideFileExt"=0 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "SuperHidden"=0 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StartMenuInit"=4 "ShowSuperHidden"=0 "NavPaneShowAllFolders"=1 "TaskbarSizeMove"=0 "DisablePreviewDesktop"=0 "TaskbarSmallIcons"=0 "TaskbarGlomLevel"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 "EnableSecureUIAPath"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=22 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 "EnableSecureUIAPath"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "CheckedValue"=1 "ValueName"=Hidden "DefaultValue"=2 "HKeyRoot"=2147483649 "HelpID"=shell.hlp#51105 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd} "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "GlobalAssocChangedCounter"=167 "MaxCachedTiles1"=SHPTHEAOFXIQ40626 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin "BuildNumber"=7601 "FirstLogon"=0 "ParseAutoexec"=1 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Userinit"=C:\Windows\system32\userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "ShutdownWithoutLogon"=0 "WinStationsDisabled"=0 "DisableCAD"=1 "scremoveoption"=0 "ShutdownFlags"=43 [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "ReportBootOk"=1 "Shell"=explorer.exe "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "DefaultDomainName"= "DefaultUserName"= "Userinit"=userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "DefaultSID"=S-1-5-21-46996423-4189726589-3081248854-500 "AutoLogonCount"=5 "AutoAdminLogon"=1 ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] "PerceivedType"=text ""=htafile "Content Type"=application/hta [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" %* [HKLM\Software\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] "PerceivedType"=text ""=htafile "Content Type"=application/hta [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=65536 "BrowserFlags"=4096 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] "NeverShowExt"= ""=Application Reference "IsShortcut"= "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 [HKLM\Software\WOW6432Node\Classes\Folder] "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForSearch"=alpha "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay ""=Folder "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.ItemTypeText [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Users\Xavier\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\Google Chrome.IXM5JJCC7TMEW4O5HCPKE54QYI\Shell\open\Command] ""="C:\Users\Xavier\AppData\Local\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome.IXM5JJCC7TMEW4O5HCPKE54QYI\InstallInfo] "ReinstallCommand"="C:\Users\Xavier\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Internet Explorer\iexplore.exe" [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\Clients\StartMenuInternet\OperaStable\Shell\open\Command] ""="C:\Program Files\Opera\Launcher.exe" [HKLM\Software\Clients\StartMenuInternet\OperaStable\InstallInfo] "ReinstallCommand"="C:\Program Files\Opera\Launcher.exe" --makedefaultbrowser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Users\Xavier\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome.IXM5JJCC7TMEW4O5HCPKE54QYI\Shell\open\Command] ""="C:\Users\Xavier\AppData\Local\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome.IXM5JJCC7TMEW4O5HCPKE54QYI\InstallInfo] "ReinstallCommand"="C:\Users\Xavier\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Internet Explorer\iexplore.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\OperaStable\Shell\open\Command] ""="C:\Program Files\Opera\Launcher.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\OperaStable\InstallInfo] "ReinstallCommand"="C:\Program Files\Opera\Launcher.exe" --makedefaultbrowser ---------- | AppcompatFlags [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "SIGN.MEDIA=14F7A8 demo32.exe"=1 "SIGN.MEDIA=730C44D install.exe"=1 "C:\Users\Xavier\Desktop\FSX\SCENERY\AIRPORTS\UltimateAirportEnvironmentX.exe"=1 "C:\Users\Xavier\Desktop\FSX\OTHERS\AIR HAULER\AirHauler.exe"=1 "C:\Users\Xavier\Desktop\FSX\OTHERS\FSUIPC4\Install FSUIPC4.exe"=1 "SIGN.MEDIA=F64749A7 GEXNASetup.exe"=1 "C:\Users\Xavier\Desktop\FSX\AVIONS\737\Boeing 737-800W EAV 2010 FSX.exe"=1 "C:\Users\Xavier\Desktop\FSX\AVIONS\EMBRAER\Embraer ERJ-145XR EAV 2010 FSX\Embraer ERJ-145XR EAV 2010 FSX.exe"=1 "SIGN.MEDIA=D4CB4A82 autorun.exe"=1 "C:\Users\Xavier\Desktop\FSX\AVIONS\GRAND CARAVAN\C208BGC\C208BGC.exe"=1 "C:\Users\Xavier\Desktop\FSX\AVIONS\GRAND CARAVAN CARGO\C208BSCFSX\C208BSCEPX.exe"=1 "C:\Users\Xavier\Desktop\FSX\SCENERY\CHICAGO\AS_USCITIESX-CHICAGO_FSX_V100.exe"=1 "C:\Users\Xavier\Desktop\FSX\SCENERY\MegaScenerySocalX\setup.exe"=1 "SIGN.MEDIA=CFB6 Setup.exe"=1 "C:\Program Files (x86)\Samsung\Samsung ML-1865W Series\Setup\setup.exe"=1 "C:\Users\Xavier\Desktop\FSX\AVIONS\BE600X\BE600X\BE600X.exe"=1 "C:\Users\Xavier\Desktop\FSX\SCENERY\OrbxFTXNAKORS100\OrbxFTXNAKORS100.exe"=1 "C:\Users\Xavier\Desktop\FSX\FTX\FTXORBXLIBS_111014\FTXORBXLIBS_111014.exe"=1 "C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\ORBX\Scripts\FTXCentral\FTXCentral.exe"=512 "C:\Users\Xavier\Desktop\FSX\SCENERY\OrbxFTXNABlue\OrbxFTXNABlue.exe"=1 "C:\Users\Xavier\Desktop\FSX\SCENERY\Orbx_BOB_V1.1\Orbx_BOB_V1.1.exe"=1 "C:\Users\Xavier\Desktop\FSX\OTHERS\FsPassengersX_setup.exe"=1 "C:\Program Files\AVAST Software\Avast\aswRunDll.exe"=32 "C:\Program Files (x86)\VAFS5\uninstall.exe"=1 "C:\Users\Xavier\Desktop\FSX\OTHERS\VAFS5Setup.exe"=1 "C:\Users\Xavier\Desktop\FSX\AVIONS\PMDG 737\PMDG 737 8900 NGX.exe"=1 "SIGN.MEDIA=8B3E9EAB isPAInstalled.exe"=1 "C:\Users\Xavier\Desktop\FSX\AVIONS\PHENOM 100 OFFICIAL\phenom100-fsx-sp1.exe"=1 "C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\feelThere\Phenom\PhenomSetup.exe"=1 "C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\uninstall_UT2_Demo.exe"=1 "C:\Program Files (x86)\Origin\EAProxyInstaller.exe"=1 "C:\Users\Xavier\Downloads\Frostwire_5.6.6.exe"=1 "C:\Users\Xavier\Downloads\VAFS5Setup.exe"=1 "C:\Users\Xavier\Downloads\mbam-setup-1.75.0.1300.exe"=1 "C:\Users\Xavier\Desktop\FSX\SCENERY\HAWAI\MegaSceneryEarthInstallManager.exe"=1 "C:\Users\Xavier\Desktop\FSX\SCENERY\FLORIDA\MegaSceneryEarthInstallManager.exe"=1 "C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe"=512 "C:\Users\Xavier\Desktop\FSX\OTHERS\Flying School\FSFlyingSchool_Pro_2014_Setup.exe"=1 "C:\Users\Xavier\Downloads\ToowapConnect.exe"=1 "C:\Users\Xavier\Downloads\Silverlight_x64.exe"=1 "C:\PROGRA~2\COMMON~1\ADOBEA~1\Versions\1.0\ADOBEA~1.EXE"=1 "C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\gu.exe"=1 "SIGN.MEDIA=2D7F9D58 SETUP.EXE"=1 "C:\Users\Xavier\Desktop\FSX\AVIONS\EM100X\EM100X.exe"=1 "C:\Program Files (x86)\FSFlyingSchool\Uninstal.exe"=1 "C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Ultimate Airport Environment X\Uninstall.exe"=1 "C:\Users\Xavier\Desktop\FSX\OTHERS\HDAirportGraphics.exe"=1 "C:\Users\Xavier\Downloads\PMDG737-800 American Airlines.EXE"=1 "SIGN.MEDIA=4F5F30 Setup.exe"=1 "SIGN.MEDIA=8B3E9EAB PokerAcademy2-setup.exe"=1 "C:\Program Files (x86)\ZHPFix\ZHPhep.exe"=1 "C:\Program Files (x86)\iRacing\msvc\vc_redist.x64.exe"=1 "C:\Program Files (x86)\iRacing\msvc\vc_redist.x86.exe"=1 "C:\Users\Xavier\Desktop\FSX\OTHERS\AIR HAULER 2\Install_AH2_Upgrade_123.exe"=1 "C:\Users\Xavier\Downloads\376.33-desktop-win8-win7-64bit-international-whql.exe"=1 "C:\Users\Xavier\Downloads\OperaSetup.exe"=1 "C:\Users\Xavier\Downloads\mb3-setup-consumer-3.1.2.1733.exe"=1 [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\Program Files\Opera\Launcher.exe"=32 ---------- | IFEO ---------- | Mountpoints2 [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{d8087b7a-5874-11e0-8a0c-1c6f65c6e09d}] : "E:\WD SmartWare.exe" autoplay=true (AutoRun) ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "DoubleClickSpeed"=#USR:Control Panel\Mouse "CoolSwitch"=USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=128920218544262440 "AntiVirusOverride"=0 "AntiSpywareOverride"=0 "FirewallOverride"=0 [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=0 "DisableRoutinelyTakingAction"=0 "ProductStatus"=0 "InstallTime"=0x3903D46A37ADD101 [HKLM\Software\WOW6432Node\Microsoft\Windows Defender] "DisableAntiSpyware"=0 "DisableRoutinelyTakingAction"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MsMpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ntrexeservice] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] ---------- | Winsock (Whitelist) ---------- | Hosts 127.0.0.1 localhost 127.0.0.1 activate.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate-sjc0.adobe.com [62] More lines ---------- | Ping Envoi d'une requ?te 'ping' sur google.com [216.58.205.174] avec 32 octets de donn?es?: R?ponse de 216.58.205.174?: octets=32 temps=118 ms TTL=54 R?ponse de 216.58.205.174?: octets=32 temps=109 ms TTL=54 R?ponse de 216.58.205.174?: octets=32 temps=141 ms TTL=54 R?ponse de 216.58.205.174?: octets=32 temps=191 ms TTL=54 Statistiques Ping pour 216.58.205.174: Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%), Dur?e approximative des boucles en millisecondes : Minimum = 109ms, Maximum = 191ms, Moyenne = 139ms ---------- | @ [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Microsoft\Internet Explorer\Main] "Disable Script Debugger"=yes "Anchor Underline"=yes "Cache_Update_Frequency"=Once_Per_Session "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=C:\Windows\System32\blank.htm "Save_Session_History_On_Exit"=no "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch "XMLHTTP"=1 "NoUpdateCheck"=1 "UseClearType"=no "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=http://www.google.com/ "CompatibilityFlags"=0 "FullScreen"=no "Window_Placement"=0x2C0000000200000003000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000A000000200300002D020000 "Start Page Redirect Cache"=http://fr.msn.com/?ocid=iehp "Start Page Redirect Cache_TIMESTAMP"=0xCE1D5BBDC3D7CE01 "Start Page Redirect Cache AcceptLangs"=fr-FR "IE8RunOnceLastShown"=1 "IE8RunOnceLastShown_TIMESTAMP"=0x509C6D7E8A4CCD01 "IE8TourShown"=1 "IE8TourShownTime"=0x6D92FF7E7EECCB01 "NotifyDownloadComplete"=yes "Use FormSuggest"=no "Check_Associations"=no "DisableScriptDebuggerIE"=yes "IE9RunOncePerInstallCompleted"=1 "IE9RunOnceCompletionTime"=0xDD90107E0AF7CD01 "IE9TourShown"=1 "IE9TourShownTime"=0xDD90107E0AF7CD01 "IconCache"=x1v9cl8 "DownloadWindowPlacement"=0x2C00000000000000000000000083FFFF0083FFFFFFFFFFFFFFFFFFFF280100005A000000820400005B030000 "Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157 "Search Bar"=http://www.google.com/ "Use Search Asst"=yes "Isolation"=PMIL "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "AutoHide"=yes "FormSuggest PW Ask"=no "FormSuggest Passwords"=no [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"=http://www.google.com "SearchAssistant"=http://www.google.com [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Microsoft\Internet Explorer\SearchURL] "Default"=http://www.google.com [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "IE5_UA_Backup_Flag"=5.0 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "EmailName"=User@ "PrivDiscUiShown"=1 "EnableHttp1_1"=1 "WarnOnIntranet"=1 "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "AutoConfigProxy"=wininet.dll "UseSchannelDirectly"=0x01000000 "WarnOnPost"=0x01000000 "UrlEncoding"=0 "SecureProtocols"=160 "PrivacyAdvanced"=0 "ZonesSecurityUpgrade"=0x54EAF3430AF7CD01 "DisableCachingOfSSLPages"=0 "WarnonZoneCrossing"=0 "CertificateRevocation"=1 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "EnableAutodial"=0 "NoNetAutodial"=0 "GlobalUserOffline"=0 "ProxyOverride"=*.local "ProxyHttp1.1"=1 [HKLM\Software\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157 "Local Page"=C:\Windows\System32\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Check_Associations"=yes [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "OfflineInformation"=res://ieframe.dll/offcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157 "Local Page"=C:\Windows\System32\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\SearchURL] "Default"=http://www.google.com [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "OfflineInformation"=res://ieframe.dll/offcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "EnablePunycode"=1 "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files ---------- | Proxy ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | Execution FileExts ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast] - {472083B0-C522-11CF-8763-00608CC02F24} -- C:\Program Files\AVAST Software\Avast\ashShA64.dll [04/06/2012 21:36:21] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1] - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2] - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3] - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4] - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- %SystemRoot%\system32\EhStorShell.dll [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235} -- %SystemRoot%\system32\ntshrui.dll [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1] - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2] - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3] - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- %SystemRoot%\system32\EhStorShell.dll [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235} -- %SystemRoot%\system32\ntshrui.dll ---------- | Toolbar [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=0 "ShowDiscussionButton"=Yes [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=0xB1C218236549D4119B18009027A5CD4F "ITBar7Layout"=0x13000000000000000000000020000000100004001E00000001000000000700005E010000080000000101000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000086989D756F0C9844BAB64A5F47C6C72F000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ITBar7Height"=0 "ITBar7Layout64"=0x13000000000000000000000020000000100003003B00000001000000000700005E0100000600000001010000000000000700000001010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007B228A319F5EBD4589997F8F10CA4CF5B1C218236549D4119B18009027A5CD4F00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ITBar7Height64"=59 "{759D9886-0C6F-4498-BAB6-4A5F47C6C72F}"=0x86989D756F0C9844BAB64A5F47C6C72F [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={6A1806CD-94D4-4689-BA73-E35EA1EA9990} "DownloadRetries"=0 "Version"=3 "UpgradeTime"=0xF4B50E810AF7CD01 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}"= [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={6A1806CD-94D4-4689-BA73-E35EA1EA9990} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar] "{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}"= [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={6A1806CD-94D4-4689-BA73-E35EA1EA9990} ---------- | Extensions [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{0000036B-C524-4050-81A0-243669A86B9F}] : () - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}] : (@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{92780B25-18CC-41C8-B9BE-3C9C571A8263}] : () - [] ---------- | SearchScopes [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}] -> () : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] -> (Programme d'aide de l'Assistant de connexion Windows Live ID) : C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [21/09/2010 15:08:38] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] -> (avast! WebRep) : C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [04/06/2012 21:36:20] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] -> (Programme d'aide de l'Assistant de connexion Windows Live ID) : C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [21/09/2010 15:08:38] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] -> (Windows Live Messenger Companion Helper) : C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [10/11/2010 02:07:26] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [02/03/2011 12:49:49] ---------- | Chrome C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\extensions\coobgpohoikkiipiblmjeljniedjpjpf = : Google & co - http://www.google.com/webhp?source=search_app - Google & co - [*://www.google.com/search*://www.google.com/webhp*://www.google.com/imgres] - http://clients2.google.com/service/update2/crx C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\extensions\gighmmpiobklfepjocnamgkkbiglidom = : __MSG_description__ - short_name: __MSG_name__ - https://clients2.google.com/service/update2/crx C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic = : __MSG_extDescription__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\extensions\nlipoenfbbikpbjkfpfillcgkoblgpmj = : __MSG_extDesc__ - __MSG_extName__ - permissions:[tabs\u003Call_urls>https://accounts.google.com/o/oauth2/tokenwebRequestwebRequestBlockingidlestoragewebNavigationunlimitedStoragedesktopCapturetabCapturecookies] - 934696770472-c4k28j2t25p9fpntqsiblj12v8k8cob3.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\extensions\noaijdpnepcgjemiklgfkcfbkokogabh = : __MSG_extDescription__ - short_name: ImTranslator - matches:[\u003Call_urls>] - http://clients2.google.com/service/update2/crx C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\extensions\onhiacboedfinnofagfgoaanfedhmfab = : Google & co - short_name: Reverso Context - permissions:[webRequestwebRequestBlocking\u003Call_urls>webNavigationcontextMenusbackgroundstoragenotificationsalarmstabscookies] - https://clients2.google.com/service/update2/crx C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx C:\Users\Xavier\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = : Provider for discovery and services for mirroring of Chrome Media Router - Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda] ---------- | Opera ---------- | Firefox [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Users\Xavier\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Users\Xavier\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0] - (Unity Player 4.2.0f4) : C:\Users\Xavier\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\MozillaPlugins\electronicarts.com/GameFacePlugin] - () : C:\Users\Xavier\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin] - () : C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 21.0.0.213 Plugin) : C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE] - () : disabled [HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 21.0.0.213 Plugin) : C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@Apple.com/iTunes,version=] - (Module iTunes Detector) : [HKLM\Software\WOW6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0] - () : C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@canon.com/EPPEX] - () : [HKLM\Software\WOW6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin] - (Google Earth in your browser) : C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/JavaPlugin] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/GENUINE] - () : disabled [HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVision] - (NVIDIA stereo images plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] - (NVIDIA 3D Vision Streaming plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin] - (This plugin detects and launches Pando Media Booster) : C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{151FB026-F2A6-460A-B23D-7E1CAE8FB545}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{C02751A2-05EA-4D96-96E8-7BFCB6DEFDBE}] "NameServer"=80.10.246.136 81.253.149.6 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{151FB026-F2A6-460A-B23D-7E1CAE8FB545}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{C02751A2-05EA-4D96-96E8-7BFCB6DEFDBE}] "NameServer"=80.10.246.136 81.253.149.6 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{151FB026-F2A6-460A-B23D-7E1CAE8FB545}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{C02751A2-05EA-4D96-96E8-7BFCB6DEFDBE}] "NameServer"=80.10.246.136 81.253.149.6 ---------- | Applications [HKLM\SOFTWARE\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\Classes\Applications\iTunes.exe] : "C:\Program Files\iTunes\iTunes.exe" /open "%L" [HKLM\SOFTWARE\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\ois.exe] : C:\PROGRA~2\MIF5BA~1\Office12\OIS.EXE /shellOpen "%1" [HKLM\SOFTWARE\Classes\Applications\opera.exe] : "C:\Program Files\Opera\Launcher.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\Photoshop.exe] : "C:\Program Files\Adobe\Adobe Photoshop CS5.1 (64 Bit)\Photoshop.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iTunes.exe] : "C:\Program Files\iTunes\iTunes.exe" /open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ois.exe] : C:\PROGRA~2\MIF5BA~1\Office12\OIS.EXE /shellOpen "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\opera.exe] : "C:\Program Files\Opera\Launcher.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Photoshop.exe] : "C:\Program Files\Adobe\Adobe Photoshop CS5.1 (64 Bit)\Photoshop.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | SvcHost (Whitelist) [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "regsvc"=RemoteRegistry "DcomLaunch"=Power PlugPlay DcomLaunch "secsvcs"=WinDefend "bthsvcs"=bthserv [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=Power PlugPlay DcomLaunch ---------- | SvcHost - Netsvcs (Whitelist) Term - : ---------- | Software [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Active Mind Technology] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Adobe] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Amazon] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\AppDataLow] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Apple Computer, Inc.] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Apple Inc.] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Audacity] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\AVAST Software] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Bugsplat] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\CamStudioOpenSource for Nick] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Canon] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Clients] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\D3DGear] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Dashlane_profiles] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Dropbox] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\eBook Pro] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\ej-technologies] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Electronic Arts] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Emjysoft] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Epic Games] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\FLEXlm License Manager] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Flight1 E-Commerce] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\g3n-h@ckm@n] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Garmin] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\GML Golf] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Google] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\IM Providers] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\INCAInternet] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\iRacing] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\JavaSoft] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\kde.org] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Local AppWizard-Generated Applications] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Logitech] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Macromedia] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Macrovision] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Magnet] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Malwarebytes] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Malwarebytes' Anti-Malware] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\MGS] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Microsoft] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Mojang] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\MozillaPlugins] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Mumble] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Netscape] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\NVIDIA Corporation] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\ODBC] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Opera Software] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Pando Networks] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Piriform] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\PMDG] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Policies] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\ProtectedStorage] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\QtProject] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Realtek] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Samsung] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\SecuROM] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Skype] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\skypeapp-0f3bc013b76e] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Software] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\SSPrint] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\sysinternals] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\TechSmith] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Teorex] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Trolltech] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Ubisoft] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Unity] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Valve] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\VB and VBA Program Settings] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Ventrilo] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Winamp] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\WinRAR] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\WinRAR SFX] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\WinZip Computing] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Wow6432Node] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Youdagames] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\ZebHelpProcess Helper] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\AppDataLow\Software\Unity] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Microsoft\Windows\ShellNoRoam] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\7-Zip] [HKLM\Software\Adobe] [HKLM\Software\AdsFix] [HKLM\Software\AGEIA Technologies] [HKLM\Software\AMD] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\ASUS] [HKLM\Software\ATI Technologies] [HKLM\Software\Canon] [HKLM\Software\CBSTEST] [HKLM\Software\Clients] [HKLM\Software\Creative Tech] [HKLM\Software\Dolby] [HKLM\Software\DTS] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\GEAR Software] [HKLM\Software\Google] [HKLM\Software\IM Providers] [HKLM\Software\Intel] [HKLM\Software\Khronos] [HKLM\Software\Logitech] [HKLM\Software\Macromedia] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\MozillaPlugins] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\Opera Software] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\RTLSetup] [HKLM\Software\Samsung] [HKLM\Software\Sonic] [HKLM\Software\SonicFocus] [HKLM\Software\SRS Labs] [HKLM\Software\SSPrint] [HKLM\Software\sysinternals] [HKLM\Software\Waves Audio] [HKLM\Software\Wow6432Node] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AxInstSVGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\aerosoft] [HKLM\Software\WOW6432Node\Aerosoft Australia] [HKLM\Software\WOW6432Node\AGEIA Technologies] [HKLM\Software\WOW6432Node\Apple Inc.] [HKLM\Software\WOW6432Node\Canon] [HKLM\Software\WOW6432Node\Caphyon] [HKLM\Software\WOW6432Node\Creative Labs] [HKLM\Software\WOW6432Node\Creative Tech] [HKLM\Software\WOW6432Node\D3DGear] [HKLM\Software\WOW6432Node\EasyAntiCheat] [HKLM\Software\WOW6432Node\Electronic Arts] [HKLM\Software\WOW6432Node\Flight One Software] [HKLM\Software\WOW6432Node\Florenc] [HKLM\Software\WOW6432Node\FSFDT] [HKLM\Software\WOW6432Node\Garmin] [HKLM\Software\WOW6432Node\GIGABYTE] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\IM Providers] [HKLM\Software\WOW6432Node\InstallShield] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\iRacing.com Motorsport Simulations] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\Just Flight] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\LibreOffice] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Macrovision] [HKLM\Software\WOW6432Node\Malwarebytes' Anti-Malware] [HKLM\Software\WOW6432Node\Malwarebytes' Anti-Malware (Trial)] [HKLM\Software\WOW6432Node\Mastertronic] [HKLM\Software\WOW6432Node\Maxis] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Mojang] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\Mumble] [HKLM\Software\WOW6432Node\NVIDIA Corporation] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\OnNet] [HKLM\Software\WOW6432Node\OpenAL] [HKLM\Software\WOW6432Node\Origin] [HKLM\Software\WOW6432Node\Origin Games] [HKLM\Software\WOW6432Node\Pando Networks] [HKLM\Software\WOW6432Node\PMDG Simulations, LLC.] [HKLM\Software\WOW6432Node\PokerAcademy2] [HKLM\Software\WOW6432Node\Real Environment Simulations, Inc.] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\Samsung] [HKLM\Software\WOW6432Node\Skype] [HKLM\Software\WOW6432Node\SPanel] [HKLM\Software\WOW6432Node\sports interactive ltd] [HKLM\Software\WOW6432Node\SSPrint] [HKLM\Software\WOW6432Node\TechSmith] [HKLM\Software\WOW6432Node\The FlightSim Store] [HKLM\Software\WOW6432Node\THQ] [HKLM\Software\WOW6432Node\Ubisoft] [HKLM\Software\WOW6432Node\Valve] [HKLM\Software\WOW6432Node\Volatile] [HKLM\Software\WOW6432Node\WinRAR] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] ---------- | Drives ---------- | C: [06/05/2017 12:22:57] - |SHD| - [129] - C:\$RECYCLE.BIN [06/05/2017 08:47:08] - |D| - [136994411] - C:\AdsFix [MD5.EE61C097A54012764644D41ECEBEE99D] - [06/05/2017 08:49:04] - |A| - (.-.) - [12043] - (0.0.0.0) - C:\AdsFix_06_05_2017_12_20_45.txt [MD5.1C8AEAE7453B29D57294AEA708DC3A94] - [14/06/2015 22:02:11] - |A| - (.-.) - [23170] - (0.0.0.0) - C:\AH_Data.kml [02/03/2011 12:35:54] - |SHD| - [14603060] - C:\Boot [MD5.259525CFB422E6AC8E87BC9777B1DF73] - [02/03/2011 12:35:54] - |RASH| - (.-.) - [383786] - (0.0.0.0) - C:\bootmgr [MD5.7AAB206AEDD25D57C9EBF64A7E055675] - [02/03/2011 12:35:54] - |RASH| - (.-.) - [8192] - (0.0.0.0) - C:\BOOTSECT.BAK [MD5.EE33B93278CC004CF9090C1B6E970335] - [09/02/2014 15:19:01] - |A| - (.-.) - [1138] - (0.0.0.0) - C:\DelFix.txt [14/07/2009 07:08:56] - |SHD| - [0] - C:\Documents and Settings [MD5.D41D8CD98F00B204E9800998ECF8427E] - [28/01/2014 22:48:33] - |A| - (.-.) - [0] - (0.0.0.0) - C:\extensions.sqlite [19/06/2015 19:05:20] - |D| - [5516537] - C:\EZdok Software [22/09/2012 21:41:14] - |D| - [1979061127] - C:\Flight One Software [31/03/2011 20:35:50] - |D| - [2765663358] - C:\GEXn-Backup [MD5.D41D8CD98F00B204E9800998ECF8427E] - [06/05/2017 12:20:45] - |ASH| - (.-.) - [3208187904] - (0.0.0.0) - C:\hiberfil.sys [24/03/2011 10:06:02] - |D| - [504560] - C:\Intel [21/01/2014 20:51:20] - |D| - [71511247626] - C:\MegaSceneryEarth [29/03/2011 21:59:41] - |D| - [18143813783] - C:\megaSceneryX [02/05/2013 21:53:49] - |D| - [0] - C:\Microgaming [02/11/2014 16:00:16] - |RHD| - [529670008] - C:\MSOCache [MD5.D41D8CD98F00B204E9800998ECF8427E] - [24/03/2011 09:54:31] - |ASH| - (.-.) - [4277583872] - (0.0.0.0) - C:\pagefile.sys [27/03/2011 15:14:27] - |D| - [777668946] - C:\Papyrus [14/07/2009 05:20:08] - |D| - [0] - C:\PerfLogs [14/07/2009 05:20:08] - |RD| - [4038876335] - C:\Program Files [14/07/2009 05:20:08] - |RD| - [91806276638] - C:\Program Files (x86) [14/07/2009 05:20:08] - |HD| - [70053875896] - C:\ProgramData [05/05/2017 17:43:13] - |D| - [693699] - C:\QuickDiag [MD5.18224C9850ABAB2DCCA44DCBD35AFA64] - [12/05/2017 22:27:27] - |A| - (.-.) - [127311] - (0.0.0.0) - C:\QuickDiag.txt [MD5.8A7AC91A3D7B57F1E503D93E32268082] - [05/05/2017 18:03:44] - |RA| - (.-.) - [364769] - (0.0.0.0) - C:\QuickDiag_05_05_2017_18_03_44.txt [27/03/2011 14:53:20] - |SHD| - [174130820] - C:\Recovery [24/03/2011 09:54:31] - |SHD| - [0] - C:\System Volume Information [14/07/2009 05:20:08] - |RD| - [435768972156] - C:\Users [14/07/2009 05:20:08] - |D| - [18810394582] - C:\Windows ---------- | C:\Windows [14/07/2009 07:32:38] - |D| - [802] - C:\Windows\addins [MD5.C048724563615DDE0471383910A6959E] - [14/07/2011 17:39:31] - |A| - (.-.) - [5430] - (0.0.0.0) - C:\Windows\AnyWeb Print.ico [14/07/2009 05:20:08] - |D| - [7917725] - C:\Windows\AppCompat [14/07/2009 05:20:08] - |D| - [10972416] - C:\Windows\AppPatch [14/07/2009 05:20:08] - |RSD| - [1483656097] - C:\Windows\assembly [MD5.D41D8CD98F00B204E9800998ECF8427E] - [02/03/2011 12:38:04] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\ativpsrm.bin [MD5.695B9ED5CC7F9CBEE89074C81C119FC4] - [22/01/2012 14:38:45] - |A| - (.Copyright (c) 2010 AVAST Software - avast! Screen Saver stub.) - [41184] - (6.0.1367.0) - C:\Windows\avastSS.scr [MD5.317CD1CE327B6520BF4EE007BCD39E61] - [21/11/2010 05:24:22] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [71168] - (6.1.7601.17514) - C:\Windows\bfsvc.exe [14/07/2009 05:20:09] - |D| - [29001630] - C:\Windows\Boot [MD5.B38484B65C75B5B4D766E3D30A5E0193] - [14/07/2009 07:38:36] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\Windows\bootstat.dat [14/07/2009 05:20:09] - |D| - [3233280] - C:\Windows\Branding [MD5.D04A79C62D6C797AC7A06C232EB41AF8] - [14/01/2009 03:47:24] - |A| - (.-.) - [818] - (0.0.0.0) - C:\Windows\Cfg01APR.ini [MD5.6070C0F063099CCED1EDC43055BC8E75] - [14/01/2009 03:47:24] - |A| - (.-.) - [453] - (0.0.0.0) - C:\Windows\Cfg01DI.ini [MD5.50D4E445EE74C3E7056F1F0848416FD4] - [14/01/2009 03:47:24] - |A| - (.-.) - [725] - (0.0.0.0) - C:\Windows\Cfg01DO.ini [MD5.66FC2D123BE607DD854E3FD78434E36F] - [14/01/2009 03:47:24] - |A| - (.-.) - [725] - (0.0.0.0) - C:\Windows\Cfg01Hp.ini [MD5.6070C0F063099CCED1EDC43055BC8E75] - [14/01/2009 03:47:24] - |A| - (.-.) - [453] - (0.0.0.0) - C:\Windows\Cfg01LI.ini [MD5.6070C0F063099CCED1EDC43055BC8E75] - [14/01/2009 03:47:24] - |A| - (.-.) - [453] - (0.0.0.0) - C:\Windows\Cfg01Mic.ini [MD5.322A3ED7711C7BC0E15255FD1B2745A4] - [14/01/2009 03:47:24] - |A| - (.-.) - [1000] - (0.0.0.0) - C:\Windows\Cfg01Sp.ini [MD5.6070C0F063099CCED1EDC43055BC8E75] - [14/01/2009 03:47:24] - |A| - (.-.) - [453] - (0.0.0.0) - C:\Windows\Cfg02DI.ini [MD5.E346225C93595C51605DF660544C7F86] - [14/01/2009 03:47:24] - |A| - (.-.) - [725] - (0.0.0.0) - C:\Windows\Cfg02DO.ini [MD5.6070C0F063099CCED1EDC43055BC8E75] - [14/01/2009 03:47:24] - |A| - (.-.) - [453] - (0.0.0.0) - C:\Windows\Cfg02FMi.ini [MD5.66FC2D123BE607DD854E3FD78434E36F] - [14/01/2009 03:47:24] - |A| - (.-.) - [725] - (0.0.0.0) - C:\Windows\Cfg02Hp.ini [MD5.6070C0F063099CCED1EDC43055BC8E75] - [14/01/2009 03:47:24] - |A| - (.-.) - [453] - (0.0.0.0) - C:\Windows\Cfg02RLI.ini [MD5.6070C0F063099CCED1EDC43055BC8E75] - [14/01/2009 03:47:24] - |A| - (.-.) - [453] - (0.0.0.0) - C:\Windows\Cfg02RMi.ini [MD5.9AB921CED499C9C65A763F420E29E920] - [14/01/2009 03:47:24] - |A| - (.-.) - [1091] - (0.0.0.0) - C:\Windows\Cfg02Sp.ini [MD5.6070C0F063099CCED1EDC43055BC8E75] - [14/01/2009 03:47:24] - |A| - (.-.) - [453] - (0.0.0.0) - C:\Windows\Cfg03DI.ini [MD5.E346225C93595C51605DF660544C7F86] - [14/01/2009 03:47:24] - |A| - (.-.) - [725] - (0.0.0.0) - C:\Windows\Cfg03DO.ini [MD5.6070C0F063099CCED1EDC43055BC8E75] - [14/01/2009 03:47:24] - |A| - (.-.) - [453] - (0.0.0.0) - C:\Windows\Cfg03FMi.ini [MD5.66FC2D123BE607DD854E3FD78434E36F] - [14/01/2009 03:47:24] - |A| - (.-.) - [725] - (0.0.0.0) - C:\Windows\Cfg03Hp.ini [MD5.6070C0F063099CCED1EDC43055BC8E75] - [14/01/2009 03:47:24] - |A| - (.-.) - [453] - (0.0.0.0) - C:\Windows\Cfg03RLI.ini [MD5.6070C0F063099CCED1EDC43055BC8E75] - [14/01/2009 03:47:24] - |A| - (.-.) - [453] - (0.0.0.0) - C:\Windows\Cfg03RMi.ini [MD5.9AB921CED499C9C65A763F420E29E920] - [14/01/2009 03:47:24] - |A| - (.-.) - [1091] - (0.0.0.0) - C:\Windows\Cfg03Sp.ini [MD5.6070C0F063099CCED1EDC43055BC8E75] - [14/01/2009 03:47:24] - |A| - (.-.) - [453] - (0.0.0.0) - C:\Windows\Cfg04DI.ini [MD5.F8054C51D83F8E5749EC6FD0DDEF016E] - [14/01/2009 03:47:24] - |A| - (.-.) - [932] - (0.0.0.0) - C:\Windows\Cfg04DO.ini [MD5.6070C0F063099CCED1EDC43055BC8E75] - [14/01/2009 03:47:24] - |A| - (.-.) - [453] - (0.0.0.0) - C:\Windows\Cfg04FMi.ini [MD5.06CC8C5E36E41708D53F3034E950FE6B] - [14/01/2009 03:47:24] - |A| - (.-.) - [930] - (0.0.0.0) - C:\Windows\Cfg04Hp.ini [MD5.6070C0F063099CCED1EDC43055BC8E75] - [14/01/2009 03:47:24] - |A| - (.-.) - [453] - (0.0.0.0) - C:\Windows\Cfg04RLI.ini [MD5.6070C0F063099CCED1EDC43055BC8E75] - [14/01/2009 03:47:24] - |A| - (.-.) - [453] - (0.0.0.0) - C:\Windows\Cfg04RMi.ini [MD5.BAEC62675778429F42BBF5FE5C4CE13B] - [14/01/2009 03:47:24] - |A| - (.-.) - [1434] - (0.0.0.0) - C:\Windows\Cfg04Sp.ini [MD5.6070C0F063099CCED1EDC43055BC8E75] - [14/01/2009 03:47:24] - |A| - (.-.) - [453] - (0.0.0.0) - C:\Windows\Cfg05DI.ini [MD5.F8054C51D83F8E5749EC6FD0DDEF016E] - [14/01/2009 03:47:24] - |A| - (.-.) - [932] - (0.0.0.0) - C:\Windows\Cfg05DO.ini [MD5.6070C0F063099CCED1EDC43055BC8E75] - [14/01/2009 03:47:24] - |A| - (.-.) - [453] - (0.0.0.0) - C:\Windows\Cfg05FMi.ini [MD5.06CC8C5E36E41708D53F3034E950FE6B] - [14/01/2009 03:47:24] - |A| - (.-.) - [930] - (0.0.0.0) - C:\Windows\Cfg05Hp.ini [MD5.6070C0F063099CCED1EDC43055BC8E75] - [14/01/2009 03:47:24] - |A| - (.-.) - [453] - (0.0.0.0) - C:\Windows\Cfg05RLI.ini [MD5.6070C0F063099CCED1EDC43055BC8E75] - [14/01/2009 03:47:24] - |A| - (.-.) - [453] - (0.0.0.0) - C:\Windows\Cfg05RMi.ini [MD5.BAEC62675778429F42BBF5FE5C4CE13B] - [14/01/2009 03:47:24] - |A| - (.-.) - [1434] - (0.0.0.0) - C:\Windows\Cfg05Sp.ini [MD5.6070C0F063099CCED1EDC43055BC8E75] - [14/01/2009 03:47:24] - |A| - (.-.) - [453] - (0.0.0.0) - C:\Windows\CfgHPDI.ini [MD5.F8054C51D83F8E5749EC6FD0DDEF016E] - [14/01/2009 03:47:24] - |A| - (.-.) - [932] - (0.0.0.0) - C:\Windows\CfgHPDO.ini [MD5.6070C0F063099CCED1EDC43055BC8E75] - [14/01/2009 03:47:24] - |A| - (.-.) - [453] - (0.0.0.0) - C:\Windows\CfgHPFMi.ini [MD5.A7FB73CC9328B8FB6D11BD395C550F9E] - [14/01/2009 03:47:24] - |A| - (.-.) - [932] - (0.0.0.0) - C:\Windows\CfgHPHp.ini [MD5.6070C0F063099CCED1EDC43055BC8E75] - [14/01/2009 03:47:24] - |A| - (.-.) - [453] - (0.0.0.0) - C:\Windows\CfgHPRLI.ini [MD5.6070C0F063099CCED1EDC43055BC8E75] - [14/01/2009 03:47:24] - |A| - (.-.) - [453] - (0.0.0.0) - C:\Windows\CfgHPRMi.ini [MD5.2A34EF93C004C38A6E571F2E2A74500B] - [14/01/2009 03:47:24] - |A| - (.-.) - [1436] - (0.0.0.0) - C:\Windows\CfgHPSp.ini [MD5.EECF196A84CDD74C3B72D95944810221] - [27/03/2011 16:26:26] - |ASH| - (.-.) - [61] - (0.0.0.0) - C:\Windows\cnerolf.bin [MD5.CE7EA4FD479F7E540EDB01931ED77193] - [24/03/2011 10:14:34] - |RAH| - (.-.) - [159] - (0.0.0.0) - C:\Windows\ctfile.rfc [14/07/2009 05:20:09] - |D| - [2113488] - C:\Windows\Cursors [14/07/2009 06:45:54] - |D| - [284563] - C:\Windows\debug [14/07/2009 07:32:38] - |D| - [3044378] - C:\Windows\diagnostics [14/07/2009 07:37:46] - |D| - [0] - C:\Windows\DigitalLocker [14/07/2009 07:32:38] - |D| - [65] - C:\Windows\Downloaded Program Files [MD5.F6CAE25A0B2F38F536A9339A878E2ED1] - [14/07/2011 17:39:31] - |A| - (.-.) - [11502] - (0.0.0.0) - C:\Windows\Dr. Printer Icon.ico [21/11/2010 08:29:32] - |D| - [118084081] - C:\Windows\ehome [14/07/2009 07:37:46] - |D| - [0] - C:\Windows\en-US [MD5.E185BDA84E5F03F4E1D8DCA30E209277] - [02/03/2011 12:48:45] - |A| - (.-.) - [1912] - (0.0.0.0) - C:\Windows\epplauncher.mif [09/02/2014 15:19:06] - |D| - [86760408] - C:\Windows\ERUNT [MD5.AC4C51EB24AA95B77F705AB159189E24] - [21/11/2010 05:24:11] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [2872320] - (6.1.7601.17514) - C:\Windows\explorer.exe [MD5.C9549290A645312781941A701EB40D18] - [22/09/2012 21:41:14] - |A| - (.-.) - [2048] - (0.0.0.0) - C:\Windows\f1utii.lic [27/07/2016 22:16:55] - |D| - [1718488] - C:\Windows\Flight1 Citation Mustang [14/07/2009 05:20:09] - |RSD| - [668751331] - C:\Windows\Fonts [02/03/2011 12:47:53] - |D| - [107376] - C:\Windows\fr [21/11/2010 08:19:00] - |D| - [142336] - C:\Windows\fr-FR [MD5.92BB2E9AA28542C685C59EFCBAC2490B] - [14/07/2009 01:22:13] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de chiffrement de lecteur BitLocker.) - [15360] - (6.1.7600.16385) - C:\Windows\fveupdate.exe [14/07/2009 05:20:09] - |D| - [17807100] - C:\Windows\Globalization [MD5.46E77AB5E91094D6C1EE518CA4626972] - [27/08/2009 09:04:14] - |RA| - (.Copyright (C) 2007 - GSetup MFC Application.) - [207400] - (1.0.0.1) - C:\Windows\GSetup.exe [MD5.BF826C174E027AF6BBA1CFFF09A45F96] - [24/03/2011 10:01:54] - |A| - (.-.) - [10] - (0.0.0.0) - C:\Windows\GSetup.ini [14/07/2009 05:20:09] - |D| - [111041168] - C:\Windows\Help [MD5.CD47548A52B02D254BF6D7F7A5F2BFD3] - [14/07/2009 02:29:53] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [733696] - (6.1.7600.16385) - C:\Windows\HelpPane.exe [MD5.3D0B9EA79BF1F828324447D84AA9DCE2] - [14/07/2009 02:29:03] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [16896] - (6.1.7600.16385) - C:\Windows\hh.exe [MD5.1AEB4967A760D6EC21A3270F1B004AC1] - [21/11/2010 08:30:23] - |A| - (.-.) - [48265] - (0.0.0.0) - C:\Windows\HomePremium.xml [14/07/2009 05:20:09] - |D| - [143547244] - C:\Windows\IME [14/07/2009 05:20:10] - |D| - [131395456] - C:\Windows\inf [02/03/2011 12:46:56] - |SHD| - [1024254089] - C:\Windows\Installer [14/07/2009 05:20:10] - |D| - [48371] - C:\Windows\L2Schemas [14/07/2009 05:20:10] - |D| - [0] - C:\Windows\LiveKernelReports [14/07/2009 05:20:10] - |D| - [11731938] - C:\Windows\Logs [14/07/2009 05:20:10] - |RSD| - [13327133] - C:\Windows\Media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [14/07/2009 02:10:29] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\Windows\mib.bin [14/07/2009 05:20:10] - |D| - [1235134072] - C:\Windows\Microsoft.NET [27/01/2017 14:17:36] - |D| - [1223] - C:\Windows\Migration [07/06/2011 12:45:46] - |D| - [0] - C:\Windows\Minidump [14/07/2009 05:20:10] - |D| - [0] - C:\Windows\ModemLogs [MD5.B9FB94A8DA62711C6955825DEFB25C5A] - [14/07/2009 04:35:42] - |A| - (.-.) - [1405] - (0.0.0.0) - C:\Windows\msdfmap.ini [23/08/2012 12:36:37] - |HD| - [0] - C:\Windows\msdownld.tmp [MD5.F2C7BB8ACC97F92E987A2D4087D021B1] - [14/07/2009 01:56:36] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [193536] - (6.1.7600.16385) - C:\Windows\notepad.exe [MD5.74F28574BB8F61FFC7DD419FE6B6E0D5] - [08/01/2017 00:15:14] - |A| - (.-.) - [1951] - (0.0.0.0) - C:\Windows\NvContainerRecovery.bat [02/03/2011 12:44:51] - |D| - [46960] - C:\Windows\oem [14/07/2009 07:32:38] - |D| - [65] - C:\Windows\Offline Web Pages [02/03/2011 12:36:06] - |D| - [637839] - C:\Windows\Panther [02/03/2011 12:47:30] - |D| - [0] - C:\Windows\PCHEALTH [14/07/2009 07:32:38] - |D| - [62212483] - C:\Windows\Performance [MD5.566D20CCF4D413DFA9CADD0177682B53] - [05/05/2017 21:47:54] - |A| - (.-.) - [7896] - (0.0.0.0) - C:\Windows\PFRO.log [14/07/2009 05:20:10] - |D| - [1132015] - C:\Windows\PLA [14/07/2009 05:20:10] - |D| - [2692357] - C:\Windows\PolicyDefinitions [22/05/2016 19:00:49] - |D| - [44375591] - C:\Windows\Prefetch [02/12/2011 22:30:36] - |D| - [3358] - C:\Windows\pss [MD5.2E2C937846A0B8789E5E91739284D17A] - [14/07/2009 01:27:10] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [427008] - (6.1.7600.16385) - C:\Windows\regedit.exe [14/07/2009 05:20:10] - |D| - [9375040] - C:\Windows\rescache [14/07/2009 05:20:10] - |D| - [1674534] - C:\Windows\Resources [MD5.4D7C0EB7E11BE19FA6DDF5606C86D778] - [24/03/2011 10:08:16] - |A| - (.Copyright (C) 2010 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [1251944] - (1.0.2.5) - C:\Windows\RtlExUpd.dll [11/11/2011 19:41:05] - |D| - [1073574] - C:\Windows\Samsung [MD5.40441A48946E8175734507049E4856C7] - [13/03/2009 10:25:56] - |A| - (.-.) - [1910] - (0.0.0.0) - C:\Windows\SB0710.reg [MD5.658E0EE43DB0C0F443638A30D70A2931] - [13/03/2009 10:25:56] - |A| - (.-.) - [1702] - (0.0.0.0) - C:\Windows\SB0820.reg [MD5.778567998B32E4FAFBC8D8DD28B2B747] - [13/03/2009 10:25:56] - |A| - (.-.) - [992] - (0.0.0.0) - C:\Windows\SB1040.reg [MD5.D3D17152A74D41AD2F5838FC0E0667A8] - [13/03/2009 10:25:56] - |A| - (.-.) - [1396] - (0.0.0.0) - C:\Windows\SB1042.reg [MD5.B3A95A9E7D389E9EB3BD8FFC0B36A6B9] - [14/01/2009 03:47:24] - |A| - (.-.) - [992] - (0.0.0.0) - C:\Windows\SB1049.reg [14/07/2009 05:20:10] - |D| - [0] - C:\Windows\SchCache [14/07/2009 05:20:10] - |D| - [55533] - C:\Windows\schemas [14/07/2009 05:20:10] - |D| - [6053888] - C:\Windows\security [14/07/2009 06:45:47] - |D| - [200383503] - C:\Windows\ServiceProfiles [14/07/2009 05:20:10] - |D| - [23452745] - C:\Windows\servicing [14/07/2009 06:45:50] - |D| - [42] - C:\Windows\Setup [MD5.E3921C13EC18424508685B644CC392B4] - [05/05/2017 21:48:26] - |A| - (.-.) - [2912] - (0.0.0.0) - C:\Windows\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [05/05/2017 21:48:26] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\setuperr.log [21/11/2010 08:29:32] - |D| - [133237] - C:\Windows\ShellNew [MD5.D424AF0E5C185DEF26C62414B0E2AF24] - [27/03/2011 15:13:40] - |A| - (.-.) - [19] - (0.0.0.0) - C:\Windows\Sierra.ini [MD5.6E32354BEFF6EB30D620012098B50FD9] - [14/07/2011 17:39:31] - |A| - (.-.) - [133757] - (0.0.0.0) - C:\Windows\SmartCMS2.ico [24/03/2011 09:59:44] - |D| - [1135525164] - C:\Windows\SoftwareDistribution [14/07/2009 05:20:10] - |D| - [70579144] - C:\Windows\Speech [MD5.D01628AF9F7FB3F415B357D446FBE6D9] - [21/11/2010 05:24:16] - |A| - (.© Microsoft Corporation. - Print driver host for 32bit applications.) - [67072] - (6.1.7601.17514) - C:\Windows\splwow64.exe [MD5.BC06700E10DBEA6D0A4DCD1370110F43] - [14/07/2011 17:40:59] - |A| - (.Copyright ¨Ï 2004. - Non-Device INF Installer.) - [492848] - (1.2.1.1) - C:\Windows\ssndii.exe [MD5.9060C3C745E7B2D8E1A81DD061021546] - [14/07/2009 07:28:38] - |A| - (.-.) - [48201] - (0.0.0.0) - C:\Windows\Starter.xml [14/07/2009 05:20:10] - |D| - [0] - C:\Windows\system [MD5.286A9EDB379DC3423A528B0864A0F111] - [14/07/2009 04:34:57] - |A| - (.-.) - [219] - (0.0.0.0) - C:\Windows\system.ini [14/07/2009 05:20:10] - |D| - [4230480789] - C:\Windows\System32 [14/07/2009 05:20:14] - |D| - [1453571291] - C:\Windows\SysWOW64 [MD5.E74C71644F6CDE7C849EE0685A3ED8D7] - [14/04/2009 08:34:30] - |A| - (.Copyright (C) 2006 - Command Router Restore Utility.) - [8704] - (2.0.5.0) - C:\Windows\t3RDefE.exe [14/07/2009 05:20:14] - |D| - [15] - C:\Windows\TAPI [14/07/2009 05:20:14] - |D| - [32488] - C:\Windows\Tasks [14/07/2009 05:20:14] - |D| - [526922] - C:\Windows\Temp [14/07/2009 05:20:14] - |D| - [0] - C:\Windows\tracing [MD5.0BEA3F79A36B1F67B2CE0F595524C77C] - [10/06/2009 23:41:17] - |A| - (.- Twain Source Manager (Image Acquisition Interface).) - [94784] - (1.7.0.0) - C:\Windows\twain.dll [14/07/2009 07:32:38] - |D| - [6144] - C:\Windows\twain_32 [MD5.163A95975E1D8819E653AA3E961371CA] - [21/11/2010 05:25:10] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [51200] - (1.7.1.3) - C:\Windows\twain_32.dll [MD5.F36A271706EDD23C94956AFB56981184] - [14/07/2009 00:47:26] - |A| - (.- Twain_32.dll Client's 16-Bit Thunking Server.) - [49680] - (1.7.0.0) - C:\Windows\twunk_16.exe [MD5.0BD6E68F3EA0DD62CD86283D86895381] - [14/07/2009 02:14:40] - |A| - (.- Twain.dll Client's 32-Bit Thunking Server.) - [31232] - (1.7.1.0) - C:\Windows\twunk_32.exe [14/07/2009 05:20:14] - |D| - [12420] - C:\Windows\Vss [14/07/2009 05:20:14] - |D| - [40681427] - C:\Windows\Web [MD5.2C795DF6123095E6A171104C0CE293F2] - [14/07/2009 04:34:57] - |A| - (.-.) - [521] - (0.0.0.0) - C:\Windows\win.ini [MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - [14/07/2009 06:54:24] - |RAH| - (.-.) - [749] - (0.0.0.0) - C:\Windows\WindowsShell.Manifest [MD5.FA2A9A854355ADFC12E54E6832BF0FF4] - [12/10/2014 13:12:37] - |A| - (.-.) - [2002545] - (0.0.0.0) - C:\Windows\WindowsUpdate.log [MD5.1D420D66250BCAAAED05724FB34008CF] - [14/07/2009 02:12:29] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [9728] - (6.1.7600.16385) - C:\Windows\winhlp32.exe [14/07/2009 05:20:14] - |D| - [6411919084] - C:\Windows\winsxs [MD5.74908820C298AD4768EFA5E27AC4FC20] - [10/11/2010 02:28:46] - |A| - (.© 2010 Microsoft Corporation. Tous droits réservés. - Écran de veille photos Windows Live.) - [301936] - (15.4.3508.1109) - C:\Windows\WLXPGSS.SCR [MD5.DC17DD0189B0C36D863B4DD0A036C10F] - [10/06/2009 22:52:44] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\Windows\WMSysPr9.prx [MD5.F8ED3B4B209E2CB49028E36CF06CA851] - [14/07/2009 01:56:28] - |A| - (.© Microsoft Corporation. - Windows Write.) - [10240] - (6.1.7600.16385) - C:\Windows\write.exe [MD5.01A4FEEB9CB3E8C739CE62EB050D363D] - [28/03/2011 21:30:34] - |A| - (.-.) - [262] - (0.0.0.0) - C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini ---------- | C:\Windows\System32\GroupPolicy ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [27/04/2017 20:15:27] - C:\Windows\Installer\1017ca.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/11/2014 00:33:09] - C:\Windows\Installer\14d54e0.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/05/2017 21:03:45] - C:\Windows\Installer\17ad069.msi : (Skype - Skype Technologies S.A.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [02/12/2010 09:47:22] - C:\Windows\Installer\2a1815.msi : (Real Environment Xtreme 2.0 - Real Environment Simulations, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 21:30:21] - C:\Windows\Installer\306e40.msi : (Client for Windows x64 based platforms - Flagship Industries, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/03/2017 20:10:36] - C:\Windows\Installer\3ae1bc.msi : (Minecraft - Mojang) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/10/2015 14:28:28] - C:\Windows\Installer\3dc276.msi : (Adobe AIR Installer - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/08/2016 21:49:29] - C:\Windows\Installer\3f98c.msi : (Google Earth Plug-in - Google) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 23:18:11] - C:\Windows\Installer\5744174.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 23:18:10] - C:\Windows\Installer\574417a.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 23:18:10] - C:\Windows\Installer\5744180.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 23:18:11] - C:\Windows\Installer\5744186.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 23:18:12] - C:\Windows\Installer\574418c.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 23:18:11] - C:\Windows\Installer\5744192.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 23:18:12] - C:\Windows\Installer\5744198.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 23:18:11] - C:\Windows\Installer\574419e.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/04/2012 18:21:51] - C:\Windows\Installer\57441aa.msi : (Adobe Help - Adobe Systems Incorporated.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 23:18:10] - C:\Windows\Installer\57441b0.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 23:18:10] - C:\Windows\Installer\57441b6.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 23:18:10] - C:\Windows\Installer\57441bc.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 23:18:11] - C:\Windows\Installer\57441c2.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 23:18:11] - C:\Windows\Installer\57441c8.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 23:18:12] - C:\Windows\Installer\57441ce.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 23:18:12] - C:\Windows\Installer\57441d4.msi : (Blank Project Template - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/03/2011 23:18:05] - C:\Windows\Installer\57441da.msi : (PDF Settings CS5 - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/03/2011 10:07:17] - C:\Windows\Installer\5e6f8.msi : (USB 3.0 Host Controller Driver - Renesas Electronics Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [02/03/2011 12:49:46] - C:\Windows\Installer\6e7ac.msi : (Java(TM) SE Runtime Environment 6.0 - Oracle) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [02/03/2011 12:49:53] - C:\Windows\Installer\6e7b2.msi : (Additional Font and Media Support - The J2SE Runtime Environment with European languages. This requires [Core]MB on your hard drive.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/02/2011 20:44:40] - C:\Windows\Installer\6e7c3.msi : (LibreOffice 3.3 - LibreOffice) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/02/2011 12:18:11] - C:\Windows\Installer\6e7c7.msi : (7-Zip (x64 edition) Package - Igor Pavlov) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/06/2009 03:08:02] - C:\Windows\Installer\9f0a8.msi : (Logitech Gaming Software 5.07 - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/04/2010 14:50:00] - C:\Windows\Installer\9f0ac.msi : (WinZip Compression Utility - Copyright (c) 1991-2010 WinZip International LLC - All Rights Reserved) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/09/2015 19:21:06] - C:\Windows\Installer\ad4c6.msi : (Apple Application Support Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/09/2015 19:22:12] - C:\Windows\Installer\ad66c.msi : (Apple Application Support Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/09/2015 19:22:16] - C:\Windows\Installer\ad6a0.msi : (Apple Software Update Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/09/2015 19:22:37] - C:\Windows\Installer\ad70c.msi : (Apple Mobile Device Support Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/09/2015 19:22:41] - C:\Windows\Installer\ad86e.msi : ([ProductName] Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/09/2015 19:24:40] - C:\Windows\Installer\ae5f9.msi : (iTunes Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/04/2015 22:34:46] - C:\Windows\Installer\c9d12a.msi : (GAME GOLF Client - Active Mind Technology) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] ---------- | %System%\*.in* [14/07/2009 06:57:09] - [73] - C:\Windows\System32\desktop.ini [20/01/2013 14:29:21] - [72822] - C:\Windows\System32\ieuinit.inf [14/07/2009 07:13:15] - [1674772] - C:\Windows\System32\PerfStringBackup.INI [15/07/2009 09:22:48] - [32914] - C:\Windows\System32\t3.ini [10/06/2009 23:01:25] - [60124] - C:\Windows\System32\tcpmon.ini [20/01/2013 14:29:23] - [72822] - C:\Windows\Syswow64\ieuinit.inf [14/07/2009 06:55:01] - [535] - C:\Windows\Syswow64\mapisvc.inf [02/03/2011 12:48:37] - [1638148] - C:\Windows\Syswow64\PerfStringBackup.INI ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:08] - [0 Ko] - C:\Windows\AppPatch\Custom\Custom64 [MD5.039ED7BC30ED2F669C6B6D5B819E6E10] - |A| - [21/11/2010 05:23:48] - (.-.) - [121.76 Ko] - (0.0.0.0) - C:\Windows\AppPatch\AppPatch64\sysmain.sdb [MD5.4C4C0F8FC79B58BB215BBB3B39CCA093] - |A| - [12/05/2011 12:58:49] - (.-.) - [0.99 Ko] - (0.0.0.0) - C:\Windows\PSS\Dropbox.lnk.Startup [MD5.0F3D5D1B1C955659DBE6867F94668835] - |A| - [18/05/2016 21:51:25] - (.-.) - [1.16 Ko] - (0.0.0.0) - C:\Windows\PSS\iRacingSetupSyncLauncher.lnk.CommonStartup [MD5.6288513F92FEBDC7A6EFF1991DCE9418] - |A| - [23/10/2015 19:23:05] - (.-.) - [1.13 Ko] - (0.0.0.0) - C:\Windows\PSS\Snagit 12.lnk.CommonStartup [MD5.CB8262F48E99AC3A62C109AFE4D54C12] - |A| - [11/05/2017 20:13:20] - (.-.) - [2.57 Ko] - (0.0.0.0) - C:\Windows\Temp\MpCmdRun.log [MD5.59071590099D21DD439896592338BF95] - |AT| - [11/05/2017 13:07:26] - (.-.) - [512 Ko] - (0.0.0.0) - C:\Windows\Temp\TMP15D79BE5BC79E642 [MD5.00000000000000000000000000000000] - |D| - [06/05/2017 12:22:48] - [0 Ko] - C:\Windows\Temp\_avast_ [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 08:18:58] - [0 Ko] - C:\Windows\System32\040C [MD5.A0E0D782947E29BDFA378AAC5B92D4C8] - |AH| - [14/07/2009 06:45:49] - (.-.) - [28.27 Ko] - (0.0.0.0) - C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [MD5.A0E0D782947E29BDFA378AAC5B92D4C8] - |AH| - [14/07/2009 06:45:49] - (.-.) - [28.27 Ko] - (0.0.0.0) - C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [4986 Ko] - C:\Windows\System32\AdvancedInstallers [MD5.DF5C888C442D0A802C928063BA611843] - |A| - [13/07/2009 23:59:39] - (.Copyright (c) 2007 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [49.5 Ko] - (7.14.10.18) - C:\Windows\System32\amdpcom64.dll [MD5.7C35C85DE2CE3C74BB432301C53D7A87] - |A| - [24/03/2011 10:14:34] - (.-.) - [186.5 Ko] - (1.0.240.0) - C:\Windows\System32\APOMgr64.DLL [MD5.95EF7247C50C7241FDAE39A9B3AFF4AE] - |A| - [24/03/2011 10:09:35] - (.-.) - [30.54 Ko] - (0.0.0.0) - C:\Windows\System32\AppleChargerSrv.exe [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [201.5 Ko] - C:\Windows\System32\ar-SA [MD5.E127AFF263BF62E6F3975EE35D3A5385] - |A| - [22/01/2012 14:39:21] - (.Copyright (c) 2011 AVAST Software - avast! start-up scanner.) - [250.94 Ko] - (6.0.1367.0) - C:\Windows\System32\aswBoot.exe [MD5.5A65FCFB13E2C171C3DC785DD64AF68D] - |A| - [13/07/2009 23:59:38] - (.Copyright (C) 1998-2002 ATI Technologies Inc. - atidxx64.dll.) - [3042 Ko] - (8.15.10.163) - C:\Windows\System32\atidxx64.dll [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [02/03/2011 12:38:04] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\System32\atiicdxx.dat [MD5.D86F262F1213B75A0419689AC0DBDED4] - |A| - [10/06/2009 22:36:37] - (.Copyright (C) 1998-2002 ATI Technologies Inc. - atiumdag.dll.) - [5364 Ko] - (8.14.10.630) - C:\Windows\System32\atiumd64.dll [MD5.30C48D91F43042680399DEB7DF2DAD09] - |A| - [13/07/2009 23:59:39] - (.-.) - [67.49 Ko] - (0.0.0.0) - C:\Windows\System32\atiumd6a.cap [MD5.9DE4A6E0DECA2D44052FCFAA7FC0F2CF] - |A| - [13/07/2009 23:59:38] - (.Copyright (C) 1998-2005 ATI Technologies Inc. - Radeon Video Acceleration Universal Driver.) - [4651.5 Ko] - (7.14.10.208) - C:\Windows\System32\atiumd6a.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [173 Ko] - C:\Windows\System32\bg-BG [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [2409 Ko] - C:\Windows\System32\Boot [MD5.F02F93D5AEC524052E4A37C1BB7CCF31] - |A| - [14/07/2009 03:20:24] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother Multi Function CoInstaller.) - [19 Ko] - (1.0.0.20) - C:\Windows\System32\brcoinst.dll [MD5.7D00FF6A4315FDF4ACAFBB4EF157EA9F] - |A| - [14/07/2009 02:07:04] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [91.5 Ko] - (1.0.0.1) - C:\Windows\System32\BthpanContextHandler.dll [MD5.6794D9D442E31DC5E95BDF65F37E4386] - |A| - [14/07/2009 01:56:54] - (.Copyright (C) 2006 - CardGames Resources.) - [6068.5 Ko] - (1.0.0.1) - C:\Windows\System32\CardGames.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [29552.81 Ko] - C:\Windows\System32\catroot [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [27456.42 Ko] - C:\Windows\System32\catroot2 [MD5.86F38BB08DB7722D38F98EDED13EE292] - |A| - [24/03/2011 10:14:34] - (.-.) - [87 Ko] - (1.0.60.0) - C:\Windows\System32\CmdRtr64.DLL [MD5.EAD9B9B98682111CC54B4A2979440E6C] - |A| - [27/01/2017 14:04:34] - (.-.) - [86.5 Ko] - (0.0.0.0) - C:\Windows\System32\CNC176ED.TBL [MD5.CDD96DAFF3898F454DD1902C46EC4768] - |A| - [27/01/2017 14:04:34] - (.Copyright CANON INC. 2013 All Rights Reserved - WIA Scanner Driver 64-bit Edition.) - [276 Ko] - (20.2.0.1) - C:\Windows\System32\CNC_BVC.dll [MD5.9F70BFE44CB247B53AECEDCEC3CF5F61] - |A| - [27/01/2017 14:04:34] - (.Copyright CANON INC. 2013 All Rights Reserved - WIA Scanner Driver Image Enhancement dll 64-bit Edition.) - [104 Ko] - (20.2.0.1) - C:\Windows\System32\CNC_BVI.dll [MD5.230210CF03C1E63A0104BCA91B93604A] - |A| - [27/01/2017 14:04:34] - (.Copyright CANON INC. 2013 All Rights Reserved - LLD.) - [358.5 Ko] - (1.0.0.0) - C:\Windows\System32\CNC_BVL.dll [MD5.493574E218AA18161D14EECFD572A0E8] - |A| - [27/01/2017 14:04:34] - (.Copyright CANON INC. 2007-2008 All Rights Reserved - Canon Device Dependent Informations for Scanner Library.) - [17.5 Ko] - (1.4.1.1) - C:\Windows\System32\CNHMCA6.dll [MD5.12CB1C602CC94E771E9B4F41F07D1E23] - |A| - [27/01/2017 14:12:30] - (.Copyright CANON INC. 2000-2012 All Rights Reserved - IJ Language Monitor.) - [382 Ko] - (0.3.0.1) - C:\Windows\System32\CNMLMBU.DLL [MD5.12CB1C602CC94E771E9B4F41F07D1E23] - |A| - [27/01/2017 14:09:38] - (.Copyright CANON INC. 2000-2012 All Rights Reserved - IJ Language Monitor.) - [382 Ko] - (0.3.0.1) - C:\Windows\System32\CNMLMBV.DLL [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [4849.89 Ko] - C:\Windows\System32\CodeIntegrity [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [357 Ko] - C:\Windows\System32\com [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [267249.42 Ko] - C:\Windows\System32\config [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [219.5 Ko] - C:\Windows\System32\cs-CZ [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [216.5 Ko] - C:\Windows\System32\da-DK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [240.5 Ko] - C:\Windows\System32\de-DE [MD5.079B8AEB4A55BF8493BD1EC70285D920] - |ASH| - [14/07/2009 06:57:09] - (.-.) - [0.07 Ko] - (0.0.0.0) - C:\Windows\System32\desktop.ini [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [4440 Ko] - C:\Windows\System32\Dism [MD5.233D05685A1A5EE64740BC1D1954B639] - |A| - [24/03/2011 10:08:18] - (.(c) DTS. - DTS Bass Enhancement COM DLL.) - [493.1 Ko] - (1.0.0.1) - C:\Windows\System32\DTSBassEnhancementDLL64.dll [MD5.89CD971EE746FF6F7CFF604C3041F908] - |A| - [24/03/2011 10:08:18] - (.(c) DTS. - DTS Boost COM DLL.) - [1085.6 Ko] - (1.0.0.1) - C:\Windows\System32\DTSBoostDLL64.dll [MD5.B3EDD9D5BF4BBC00624BE35F97BA5040] - |A| - [24/03/2011 10:08:18] - (.(c) DTS. - DTS Gain Compensator COM DLL.) - [260.6 Ko] - (1.0.0.1) - C:\Windows\System32\DTSGainCompensatorDLL64.dll [MD5.26AAF479A3BEB5E1D6B08737721DA196] - |A| - [24/03/2011 10:08:18] - (.(c) DTS. - DTS GFX APO.) - [122.6 Ko] - (1.0.0.3) - C:\Windows\System32\DTSGFXAPO64.dll [MD5.CBEB2ECA6C1B7F417E68AF64E5EE88C3] - |A| - [24/03/2011 10:08:18] - (.(c) DTS. - DTS GFX APO.) - [122.1 Ko] - (1.0.0.3) - C:\Windows\System32\DTSGFXAPONS64.dll [MD5.0B86453AB18DE4F68AD935BBF6D6B458] - |A| - [24/03/2011 10:08:18] - (.(c) DTS. - DTS LFX APO.) - [123.1 Ko] - (1.0.0.3) - C:\Windows\System32\DTSLFXAPO64.dll [MD5.7530477B9FD156D0B790F931989A36D8] - |A| - [24/03/2011 10:08:18] - (.(c) DTS. - DTS Limiter COM DLL.) - [263.6 Ko] - (1.0.0.1) - C:\Windows\System32\DTSLimiterDLL64.dll [MD5.C5B068E8BCF8CF93C8A7DF924BF8AF57] - |A| - [24/03/2011 10:08:18] - (.(c) DTS. - DTS NEO:PC COM DLL.) - [309.6 Ko] - (1.0.0.1) - C:\Windows\System32\DTSNeoPCDLL64.dll [MD5.0F9A1F4E2712DFCDDF66841EAE89237F] - |A| - [24/03/2011 10:08:18] - (.(c) DTS. - DTS Surround Sensation Headphone COM DLL.) - [1152.1 Ko] - (1.0.0.1) - C:\Windows\System32\DTSS2HeadphoneDLL64.dll [MD5.2677A67A3C2470323B554E57A3A9EF3E] - |A| - [24/03/2011 10:08:18] - (.(c) DTS. - DTS Surround Sensation Speaker COM DLL.) - [1296.1 Ko] - (1.0.0.1) - C:\Windows\System32\DTSS2SpeakerDLL64.dll [MD5.D7D26C673BD7FC53885498897E8A2687] - |A| - [24/03/2011 10:08:18] - (.(c) DTS. - DTS Symmetry COM DLL.) - [479.6 Ko] - (1.0.0.1) - C:\Windows\System32\DTSSymmetryDLL64.dll [MD5.FEF51A5FC23F1282D9D478BC9BF00D0D] - |A| - [24/03/2011 10:08:18] - (.(c) DTS. - DTS Voice Clarity COM DLL.) - [464.6 Ko] - (1.0.0.1) - C:\Windows\System32\DTSVoiceClarityDLL64.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [240.5 Ko] - C:\Windows\System32\el-GR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [2080.43 Ko] - C:\Windows\System32\en-US [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [230.5 Ko] - C:\Windows\System32\es-ES [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [160.5 Ko] - C:\Windows\System32\et-EE [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [218 Ko] - C:\Windows\System32\fi-FI [MD5.8D45E0A825E0B59C50C0FC4E8C1432BB] - |A| - [14/07/2009 06:45:34] - (.-.) - [4955.32 Ko] - (0.0.0.0) - C:\Windows\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 08:18:58] - [1840 Ko] - C:\Windows\System32\fr [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [40485.02 Ko] - C:\Windows\System32\fr-FR [MD5.DD60226D8B1A3B35A09E3A8C9E5C40EA] - |A| - [14/04/2014 19:22:22] - (.Copyright © 2006-2013 FTDI Ltd. - FTDI USB Serial Converter Property Page Provider.) - [107.35 Ko] - (1.2.0.1) - C:\Windows\System32\ftbusui.dll [MD5.84A0DD31EDA61CF8B03F0909F1064C49] - |A| - [14/04/2014 19:22:22] - (.Copyright © 2004-2013 FTDI Ltd. - FTDI VCP CoInstaller.) - [64.35 Ko] - (2.1.3.1) - C:\Windows\System32\ftcserco.dll [MD5.6A1E17FE76A97559E0B9468AFF6925D2] - |A| - [14/04/2014 19:22:22] - (.Copyright © 2001-2013 FTDI Ltd. - FTD2XX Dynamic Link Library.) - [251.35 Ko] - (3.2.7.0) - C:\Windows\System32\ftd2xx.dll [MD5.0B17B700B17DDC80F539267D989542B5] - |A| - [14/04/2014 19:22:22] - (.Copyright © 2001-2013 FTDI Ltd. - FTDI Multi-Lingual Property Page Text Library.) - [210.35 Ko] - (1.5.2.1) - C:\Windows\System32\FTLang.dll [MD5.BB420F33F2AF1E3CD0A64FC3CAB080B4] - |A| - [14/04/2014 19:22:22] - (.Copyright (c) 2000-2013 FTDI Ltd. - FTDI Virtual COM Port Property Page Provider.) - [54.85 Ko] - (2.8.30.1) - C:\Windows\System32\ftserui2.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\System32\FxsTmp [MD5.2AE808CB0D9A667B0CF41EA74B3B9BAC] - |A| - [10/06/2009 22:36:24] - (.-.) - [39.6 Ko] - (0.0.0.0) - C:\Windows\System32\gatherNetworkInfo.vbs [MD5.5C7B8533FEC9E65368D14965EC4C9D8A] - |A| - [04/01/2012 21:52:13] - (.Copyright © 2000-2012 GEAR Software Inc. - GEARAspi.) - [122.92 Ko] - (2.1.3.1) - C:\Windows\System32\GEARAspi64.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0 Ko] - C:\Windows\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0 Ko] - C:\Windows\System32\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [191.5 Ko] - C:\Windows\System32\he-IL [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [168 Ko] - C:\Windows\System32\hr-HR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [221 Ko] - C:\Windows\System32\hu-HU [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [5.36 Ko] - C:\Windows\System32\ias [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [36.27 Ko] - C:\Windows\System32\icsxml [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [36874.94 Ko] - C:\Windows\System32\IME [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0 Ko] - C:\Windows\System32\inetsrv [MD5.AAA0C03BF54FC8A4E895B576861A9848] - |A| - [21/11/2010 05:07:41] - (.-.) - [29.12 Ko] - (0.0.0.0) - C:\Windows\System32\InstallPackage_ETW.Log [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [235 Ko] - C:\Windows\System32\it-IT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [163 Ko] - C:\Windows\System32\ja-JP [MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - |A| - [14/07/2009 04:35:50] - (.-.) - [11687.04 Ko] - (0.0.0.0) - C:\Windows\System32\korwbrkr.lex [MD5.E89C001FB4D9E08CC7072CE774CDB999] - |A| - [21/11/2010 04:52:07] - (.-.) - [0.01 Ko] - (0.0.0.0) - C:\Windows\System32\LocalGroupAdminAdd.log [MD5.563C3703A9B57CC9B370A76D6173D09C] - |A| - [21/11/2010 04:52:08] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\System32\Local_LLU.log [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [4054.41 Ko] - C:\Windows\System32\LogFiles [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [165 Ko] - C:\Windows\System32\lt-LT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [166 Ko] - C:\Windows\System32\lv-LV [MD5.00000000000000000000000000000000] - |D| - [24/02/2013 11:45:39] - [87390.31 Ko] - C:\Windows\System32\Macromed [MD5.7A495CA1402C2F9F5D035092AD808669] - |A| - [13/07/2009 22:17:48] - (.-.) - [0.85 Ko] - (0.0.0.0) - C:\Windows\System32\manage-bde.wsf [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [1981.88 Ko] - C:\Windows\System32\manifeststore [MD5.75616F8DB5C092A8A50AFEC273859DD7] - |A| - [24/03/2011 10:08:19] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [311.34 Ko] - (2.2.9.0) - C:\Windows\System32\MaxxAudioAPO20.dll [MD5.03E0955A7D8E5E74E7F6986A56A66196] - |A| - [24/03/2011 10:08:19] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [333.34 Ko] - (3.2.1.1) - C:\Windows\System32\MaxxAudioAPO30.dll [MD5.87B5AB256A5A068EDDA0F4B4FAC728CC] - |A| - [24/03/2011 10:08:19] - (.Copyright © 1996-2007 -.) - [2145.77 Ko] - (5.9.7.0) - C:\Windows\System32\MaxxAudioEQ.dll [MD5.31D5FF41223946C92479AE2685F57222] - |A| - [24/03/2011 10:08:19] - (.Copyright © 1996-2008 -.) - [1825.14 Ko] - (1.2.0.0) - C:\Windows\System32\MaxxAudioRealtek.dll [MD5.CF171618F3999FEB4F95C77A8C376C92] - |A| - [24/03/2011 10:08:19] - (.© Waves Audio Ltd. - MaxxVolumeSD APO.) - [326.84 Ko] - (3.1.0.0) - C:\Windows\System32\MaxxVolumeSDAPO.dll [MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 06:45:42] - [38.03 Ko] - C:\Windows\System32\Microsoft [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [3508.43 Ko] - C:\Windows\System32\migration [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [37792.2 Ko] - C:\Windows\System32\migwiz [MD5.39E801545FFF6230C80140E0F8A06629] - |A| - [14/07/2009 06:57:09] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\Windows\System32\migwiz.lnk [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [4148.28 Ko] - C:\Windows\System32\Msdtc [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [23.66 Ko] - C:\Windows\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [212 Ko] - C:\Windows\System32\nb-NO [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [640 Ko] - C:\Windows\System32\NDF [MD5.CD48AD912839B9FB6CCA5D4AA9B37500] - |A| - [14/07/2009 00:01:19] - (.-.) - [21.3 Ko] - (0.0.0.0) - C:\Windows\System32\NetTrace.PLA.Diagnostics.xml [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [102 Ko] - C:\Windows\System32\NetworkList [MD5.8E24A7BCAEF2045DA1FF29217622843E] - |A| - [21/11/2010 04:52:07] - (.-.) - [0.04 Ko] - (0.0.0.0) - C:\Windows\System32\Network_LLU.log [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [229 Ko] - C:\Windows\System32\nl-NL [MD5.1C96B3DA6ABE5E18B63C64DF75884F6A] - |A| - [14/07/2009 04:35:51] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\Windows\System32\noise.kor [MD5.B71AD74A91E472CC8B283B8A7D2C9677] - |A| - [08/01/2017 00:13:39] - (.-.) - [0.65 Ko] - (0.0.0.0) - C:\Windows\System32\nv-vk64.json [MD5.163AD3B429613B592AF14718C1F2B985] - |A| - [08/01/2017 00:15:23] - (.-.) - [7460.56 Ko] - (0.0.0.0) - C:\Windows\System32\nvcoproc.bin [MD5.F514C56E60B97D50FA06FF1BD1C302D9] - |A| - [24/03/2011 10:10:17] - (.-.) - [40.37 Ko] - (0.0.0.0) - C:\Windows\System32\nvinfo.pb [MD5.AF1D54575F63B5DFFA058A53ABB1EED8] - |A| - [08/01/2017 00:17:10] - (.-.) - [117.44 Ko] - (0.0.0.0) - C:\Windows\System32\NvRtmpStreamer64.dll [MD5.2901049544FDF863362FABA2363EB647] - |A| - [13/07/2009 22:24:21] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\Windows\System32\onlinesetup.cmd [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [13281.7 Ko] - C:\Windows\System32\oobe [MD5.2AD7B4F3C8D2BB686D231EDFF404B7A4] - |A| - [24/03/2011 10:15:20] - (.Copyright (C) 2000-2006 - Standard OpenAL(TM) Implementation.) - [120.02 Ko] - (6.14.357.24) - C:\Windows\System32\OpenAL32.dll [MD5.D3B9A3738BD5DDEDA252D1466F1B3B72] - |A| - [14/07/2009 04:36:59] - (.-.) - [119.92 Ko] - (0.0.0.0) - C:\Windows\System32\perfc009.dat [MD5.489FFB40AB5FB06B378A5BDB88DA6AB8] - |A| - [21/11/2010 08:19:09] - (.-.) - [146.75 Ko] - (0.0.0.0) - C:\Windows\System32\perfc00C.dat [MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |A| - [10/06/2009 22:33:35] - (.-.) - [113.56 Ko] - (0.0.0.0) - C:\Windows\System32\PerfCenterCpl.ico [MD5.7AAA3E23CE4C7845B112F7A79B110E60] - |A| - [14/07/2009 04:36:59] - (.-.) - [30.81 Ko] - (0.0.0.0) - C:\Windows\System32\perfd009.dat [MD5.07BA000B2E67565BDF112C35171865A5] - |A| - [21/11/2010 08:19:09] - (.-.) - [37.27 Ko] - (0.0.0.0) - C:\Windows\System32\perfd00C.dat [MD5.944BED6150707074CA40F7514B97335E] - |A| - [14/07/2009 04:36:59] - (.-.) - [640.65 Ko] - (0.0.0.0) - C:\Windows\System32\perfh009.dat [MD5.F5D3632BF2BA162FA3EF1161F9F1A628] - |A| - [21/11/2010 08:19:09] - (.-.) - [722.57 Ko] - (0.0.0.0) - C:\Windows\System32\perfh00C.dat [MD5.05C8C5C34706F7BE5598F2512D1B7AD4] - |A| - [14/07/2009 07:13:15] - (.-.) - [1635.52 Ko] - (0.0.0.0) - C:\Windows\System32\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [224 Ko] - C:\Windows\System32\pl-PL [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 08:18:58] - [420.42 Ko] - C:\Windows\System32\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [222.5 Ko] - C:\Windows\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [224 Ko] - C:\Windows\System32\pt-PT [MD5.2470E161960269242004B4EF0DE233FC] - |A| - [24/03/2011 10:08:19] - (.©2010 Dolby Laboratories. - Not for Release - Dolby PCEE4 ASL Analog x64.) - [106.34 Ko] - (7.1.7000.5) - C:\Windows\System32\R4EEA64A.dll [MD5.A4B8BE2D4FFFE61B9F7754304CAAEF47] - |A| - [24/03/2011 10:08:19] - (.©2010 Dolby Laboratories. - Not for Release - Dolby PCEE4 COM DLL x64.) - [411.84 Ko] - (7.1.7000.5) - C:\Windows\System32\R4EED64A.dll [MD5.8EE6FCC7388551EC192AC2650DB54687] - |A| - [24/03/2011 10:08:19] - (.©2010 Dolby Laboratories. - Not for Release - Dolby PCEE4 GFX APO x64.) - [72.84 Ko] - (7.1.7000.5) - C:\Windows\System32\R4EEG64A.dll [MD5.A9DB085E405AC6B2DAF0F73E3FC1A21D] - |A| - [24/03/2011 10:08:19] - (.©2010 Dolby Laboratories. - Not for Release - Dolby PCEE4 LFX APO x64.) - [124.84 Ko] - (7.1.7000.5) - C:\Windows\System32\R4EEL64A.dll [MD5.8C8048972ED763F59763F2244FEC7B58] - |A| - [24/03/2011 10:08:19] - (.©2010 Dolby Laboratories. - Not for Release - Dolby PCEE4 Control Panel x64.) - [1678.34 Ko] - (7.1.7000.5) - C:\Windows\System32\R4EEP64A.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [23.75 Ko] - C:\Windows\System32\ras [MD5.E9D4A333DF15D06C68AC4BFB9B6581CB] - |A| - [24/03/2011 10:08:20] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x64.) - [302.84 Ko] - (6.0.6001.18) - C:\Windows\System32\RP3DAA64.dll [MD5.B6FE01558CC03F3866C9AD0ED19261D8] - |A| - [24/03/2011 10:08:20] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x64.) - [302.84 Ko] - (6.0.6001.18) - C:\Windows\System32\RP3DHT64.dll [MD5.A6286A6C7A1BBFCBA17AA54384A21D1C] - |A| - [24/03/2011 10:08:20] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x64.) - [199.34 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEED64A.dll [MD5.6F4CD493196100EEF349D7132CECAFD9] - |A| - [24/03/2011 10:08:20] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x64.) - [76.84 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEG64A.dll [MD5.ECAEC5FBBBEF8612AF0A866AFA5F7EF2] - |A| - [24/03/2011 10:08:20] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x64.) - [98.84 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEL64A.dll [MD5.D0D0D82B7366E691275E433CD34F89B2] - |A| - [24/03/2011 10:08:20] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x64.) - [366.34 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEP64A.dll [MD5.6C56E04B0A8122FADF77E5A1EC094F80] - |A| - [24/03/2011 10:03:56] - (.- About Page.) - [72.6 Ko] - (1.2.0.3) - C:\Windows\System32\RtNicProp64.dll [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [21/11/2010 05:24:25] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\Windows\System32\ScavengeSpace.xml [MD5.6A7C6EBD22B1D46BCCAF94156CF5C3BF] - |N| - [24/03/2011 10:15:19] - (.Copyright © 2009 Creative - OpenAL Host Implementation.) - [1865.5 Ko] - (2.2.20.3025) - C:\Windows\System32\Sens_oal.dll [MD5.C74D61FCA22F36791105D7878AF73572] - |A| - [10/06/2009 23:08:17] - (.-.) - [8.09 Ko] - (0.0.0.0) - C:\Windows\System32\spcinstrumentation.man [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [17378 Ko] - C:\Windows\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [113913.71 Ko] - C:\Windows\System32\spool [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [1956.87 Ko] - C:\Windows\System32\spp [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [30.19 Ko] - C:\Windows\System32\sppui [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [170 Ko] - C:\Windows\System32\sr-Latn-CS [MD5.A88BE9A6C4E646A2B2A1BD3A7F4B58E7] - |A| - [24/03/2011 10:08:21] - (.(c) 2007 SRS Labs, Inc. - COM object implementing SRS Headphone 360.) - [194.23 Ko] - (1.1.0.0) - C:\Windows\System32\SRSHP64.dll [MD5.A028717B791416182959B325D5B40679] - |A| - [24/03/2011 10:08:21] - (.Copyright (c) 2006 SRS Labs, Inc.. - TruSurround HD and HD4 COM object for Windows.) - [206.23 Ko] - (1.1.4.0) - C:\Windows\System32\SRSTSH64.dll [MD5.018D3D2478754AA411DE6DA6DE5F8F21] - |A| - [24/03/2011 10:08:21] - (.Copyright 2002 SRS Labs, Inc. - TruSurroundXT Module.) - [506.73 Ko] - (3.2.0.0) - C:\Windows\System32\SRSTSX64.dll [MD5.2FCADCC14F8E540F6ADE4BF92BD8AEDD] - |A| - [24/03/2011 10:08:21] - (.(c) 2006 SRS Labs, Inc. - WOW HD COM object for Windows.) - [152.23 Ko] - (1.1.3.0) - C:\Windows\System32\SRSWOW64.dll [MD5.11946FC82DEB8509F81856F1E1A16FD3] - |A| - [14/07/2011 17:40:43] - (.Copyright Samsung Electronics 2001 - Device Monitor.) - [72.5 Ko] - (1.5.6.0) - C:\Windows\System32\ssdevm64.dll [MD5.FC21BF5A1667FC745FE53D05DA4CB8A2] - |A| - [14/07/2011 17:40:01] - (.Copyright (C) 2004 Co., Ltd. - SSCoInst.) - [87.5 Ko] - (1.0.0.4) - C:\Windows\System32\ssp8mci.dll [MD5.0BF28DEE7BFB7F2D787756A2009AD5F8] - |A| - [17/06/2011 07:49:50] - (.- Language Monitor for Status Monitor.) - [33.5 Ko] - (1.4.7.0) - C:\Windows\System32\ssp8ml6.dll [MD5.629014D6FDDD926574B3DD89FC42EC3B] - |A| - [14/07/2011 17:40:15] - (.-.) - [0.35 Ko] - (0.0.0.0) - C:\Windows\System32\ssp8ml6.smt [MD5.E60CE99951E9CC18143651755E7025D2] - |A| - [14/07/2011 17:40:43] - (.Copyright Samsung Electronics 2001 - USB Device.) - [46 Ko] - (0.6.0.0) - C:\Windows\System32\ssusbp64.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [216.5 Ko] - C:\Windows\System32\sv-SE [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [339.62 Ko] - C:\Windows\System32\sysprep [MD5.5EC92F0EAE3CA59F647C3CA5AA7CB053] - |A| - [21/11/2010 05:24:36] - (.-.) - [339.75 Ko] - (0.0.0.0) - C:\Windows\System32\systemsf.ebd [MD5.D2DB2E35DF6E05DBCEEDAA9EEB45FFBE] - |A| - [15/07/2009 09:22:48] - (.-.) - [32.14 Ko] - (0.0.0.0) - C:\Windows\System32\t3.ini [MD5.F75A1234E259B6A534985FFC60DFC42B] - |A| - [12/02/2009 11:18:14] - (.Copyright (c) 2006-2009 Creative Technology Ltd. - Creative Audio Processing Object Module.) - [557 Ko] - (1.0.4.0) - C:\Windows\System32\T3APO64.dll [MD5.6018E223C08E88D9D4A326B71B761216] - |A| - [21/05/2009 10:38:56] - (.Copyright (C) 2002-2005 - CtDvInst.) - [218.5 Ko] - (0.5.9.57) - C:\Windows\System32\T3DvInst.dll [MD5.EF6FFFFF082648C6A339ADEB9D9D61D4] - |A| - [12/02/2009 11:18:36] - (.Copyright (c) 2006-2009 Creative Technology Ltd. - Creative Property Page Loader Module.) - [56.5 Ko] - (1.0.4.0) - C:\Windows\System32\t3ppld64.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [315.34 Ko] - C:\Windows\System32\Tasks [MD5.47F22CAD4A16BB40153555D631546B94] - |A| - [10/06/2009 23:01:25] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\Windows\System32\tcpmon.ini [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [157 Ko] - C:\Windows\System32\th-TH [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [212.5 Ko] - C:\Windows\System32\tr-TR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [166.5 Ko] - C:\Windows\System32\uk-UA [MD5.05F9840831C29F5BE93AD8BE810D5614] - |A| - [14/07/2009 06:45:37] - (.-.) - [18 Ko] - (0.0.0.0) - C:\Windows\System32\umstartup.etl [MD5.F736AA948D0C3CBCE212B7B2CB0EF115] - |A| - [14/07/2009 06:45:37] - (.-.) - [45 Ko] - (0.0.0.0) - C:\Windows\System32\umstartup000.etl [MD5.8140DA331F52518CC5FF25E69093BC5C] - |A| - [09/09/2016 20:25:10] - (.Copyright (C) 2015-2016 - Vulkan Loader.) - [255.78 Ko] - (1.0.26.0) - C:\Windows\System32\vulkan-1-1-0-26-0.dll [MD5.8140DA331F52518CC5FF25E69093BC5C] - |A| - [08/01/2017 00:15:38] - (.Copyright (C) 2015-2016 - Vulkan Loader.) - [255.78 Ko] - (1.0.26.0) - C:\Windows\System32\vulkan-1.dll [MD5.61DA784EB8C8E133EB3BB4AFBDD66758] - |A| - [09/09/2016 20:24:38] - (.-.) - [122.28 Ko] - (0.0.0.0) - C:\Windows\System32\vulkaninfo-1-1-0-26-0.exe [MD5.61DA784EB8C8E133EB3BB4AFBDD66758] - |A| - [08/01/2017 00:15:38] - (.-.) - [122.28 Ko] - (0.0.0.0) - C:\Windows\System32\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [02/03/2011 13:52:15] - [1754.83 Ko] - C:\Windows\System32\Wat [MD5.C26176E4EC3EE9162E2A1610FE212A1B] - |A| - [24/03/2011 10:08:21] - (.Copyright © 1996-2007 - General Library for Plug-Ins.) - [2518.14 Ko] - (1.2.0.0) - C:\Windows\System32\WavesGUILib.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [49947.4 Ko] - C:\Windows\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 08:18:58] - [47.61 Ko] - C:\Windows\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [57303.79 Ko] - C:\Windows\System32\wdi [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [13/07/2009 23:54:15] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\Windows\System32\WdsUnattendTemplate.xml [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [16 Ko] - C:\Windows\System32\wfp [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [73.5 Ko] - C:\Windows\System32\WinBioPlugIns [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [9124.89 Ko] - C:\Windows\System32\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [109712 Ko] - C:\Windows\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 08:18:59] - [106.26 Ko] - C:\Windows\System32\winrm [MD5.5DE0EBF186B6BAA495D82EA6E5B440C5] - |A| - [18/06/2009 02:06:38] - (.© 1999-2009 Logitech. - Logitech Force Feedback Driver.) - [321.01 Ko] - (5.7.102.0) - C:\Windows\System32\WmJoyFrc.dll [MD5.549347BCD4AACD63243D78E8F869DBB1] - |A| - [24/03/2011 10:15:20] - (.Copyright © 2008 - OpenAL32.) - [455.52 Ko] - (2.2.0.5) - C:\Windows\System32\wrap_oal.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [141.5 Ko] - C:\Windows\System32\zh-CN [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [63 Ko] - C:\Windows\System32\zh-HK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [141.5 Ko] - C:\Windows\System32\zh-TW [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 08:18:59] - [0 Ko] - C:\Windows\SysWOW64\040C [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [2258.5 Ko] - C:\Windows\SysWOW64\AdvancedInstallers [MD5.3C809EFE1AA6C9355FA3D2CEA29821C0] - |A| - [13/07/2009 23:59:39] - (.Copyright (c) 2007 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [49.5 Ko] - (7.14.10.18) - C:\Windows\SysWOW64\amdpcom32.dll [MD5.EEB2CEF869A786AE94BF85340BA3168C] - |A| - [24/03/2011 10:14:34] - (.-.) - [145 Ko] - (1.0.240.0) - C:\Windows\SysWOW64\APOMngr.DLL [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [201.5 Ko] - C:\Windows\SysWOW64\ar-SA [MD5.3E6CCAFAD21D55A4DD6435448A24A9FC] - |A| - [22/01/2012 14:38:45] - (.Copyright (c) 2011 AVAST Software - avast! start-up scanner.) - [195.13 Ko] - (6.0.1367.0) - C:\Windows\SysWOW64\aswBoot.exe [MD5.A4950D76F3C8C765F7D31E0FF6946C54] - |A| - [13/07/2009 23:59:38] - (.Copyright (C) 1998-2002 ATI Technologies Inc. - atidxx32.dll.) - [2287.5 Ko] - (8.15.10.163) - C:\Windows\SysWOW64\atidxx32.dll [MD5.26A9FC0A341229B8D3E883B4F4908B91] - |A| - [13/07/2009 23:59:37] - (.Copyright (C) 1998-2002 ATI Technologies Inc. - atiumdag.dll.) - [3936.5 Ko] - (8.14.10.630) - C:\Windows\SysWOW64\atiumdag.dll [MD5.30C48D91F43042680399DEB7DF2DAD09] - |A| - [13/07/2009 23:59:39] - (.-.) - [67.49 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\atiumdva.cap [MD5.99EA8876679C8BCA016835C97BE2BBF0] - |A| - [13/07/2009 23:59:37] - (.Copyright (C) 1998-2005 ATI Technologies Inc. - Radeon Video Acceleration Universal Driver.) - [4660.5 Ko] - (7.14.10.208) - C:\Windows\SysWOW64\atiumdva.dll [MD5.66DA00F60B7D8A9B2490024B79F33077] - |A| - [24/03/2011 10:15:23] - (.-.) - [6.9 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\audiopid.vxd [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [173 Ko] - C:\Windows\SysWOW64\bg-BG [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\catroot [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\catroot2 [MD5.45F681A6DE7CCD2E2CC3BAE71FC1CB51] - |A| - [24/03/2011 10:14:34] - (.-.) - [72 Ko] - (1.0.60.0) - C:\Windows\SysWOW64\CmdRtr.DLL [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [302.5 Ko] - C:\Windows\SysWOW64\com [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [4235.15 Ko] - C:\Windows\SysWOW64\config [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [22/01/2012 14:39:21] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\config.nt [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [219.5 Ko] - C:\Windows\SysWOW64\cs-CZ [MD5.D47F94D719E80663EDBF933F1CCEAF2A] - |A| - [24/03/2011 10:06:12] - (.Copyright 2008 - CSVer.) - [52 Ko] - (9.2.0.1025) - C:\Windows\SysWOW64\CSVer.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [216.5 Ko] - C:\Windows\SysWOW64\da-DK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [240.5 Ko] - C:\Windows\SysWOW64\de-DE [MD5.F87BA06FE22C81CDE563761DDFBAB267] - |A| - [02/03/2011 12:49:51] - (.Copyright © 2011 - Java(TM) Platform SE binary.) - [461.73 Ko] - (6.0.240.7) - C:\Windows\SysWOW64\deployJava1.dll [MD5.00000000000000000000000000000000] - |D| - [23/08/2012 12:36:17] - [0 Ko] - C:\Windows\SysWOW64\directx [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [3407 Ko] - C:\Windows\SysWOW64\Dism [MD5.F8D80BEFFC863175085059505CD6890F] - |A| - [10/05/2016 20:22:31] - (.Copyright © EasyAntiCheat Ltd 2015 - EasyAntiCheat Service.) - [232.79 Ko] - (4.0.0.0) - C:\Windows\SysWOW64\EasyAntiCheat.exe [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [240.5 Ko] - C:\Windows\SysWOW64\el-GR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [2080.43 Ko] - C:\Windows\SysWOW64\en-US [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [230.5 Ko] - C:\Windows\SysWOW64\es-ES [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [160.5 Ko] - C:\Windows\SysWOW64\et-EE [MD5.C27FFBC5107852D6D026C6EB1ADAC3E3] - |A| - [13/10/2006 05:48:54] - (.- FSCopilot SimConnect Alpha.) - [320 Ko] - (0.2006.1012.1) - C:\Windows\SysWOW64\ezcaconnect.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [218 Ko] - C:\Windows\SysWOW64\fi-FI [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 08:18:59] - [1680 Ko] - C:\Windows\SysWOW64\fr [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [36836.84 Ko] - C:\Windows\SysWOW64\fr-FR [MD5.C42D0F96CE90FB6D3B96DE21886E778E] - |A| - [14/04/2014 19:22:22] - (.Copyright © 2001-2013 FTDI Ltd. - FTD2XX Dynamic Link Library.) - [214.35 Ko] - (3.2.7.0) - C:\Windows\SysWOW64\ftd2xx.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\SysWOW64\FxsTmp [MD5.C1463FF9E0455EBDB443C5C1F2FA0E6B] - |A| - [19/11/2011 21:32:42] - (.Copyright ? 2000-2007 INCA Internet - nProtect Game Monitor Rev 1646.) - [3938.47 Ko] - (2010.9.27.1) - C:\Windows\SysWOW64\GameMon.des [MD5.498BD12B38B549887D9E856EB734354E] - |A| - [04/01/2012 21:52:13] - (.Copyright © 2000-2012 GEAR Software Inc. - GEARAspi.) - [104.42 Ko] - (2.1.3.1) - C:\Windows\SysWOW64\GEARAspi.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [191.5 Ko] - C:\Windows\SysWOW64\he-IL [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [168 Ko] - C:\Windows\SysWOW64\hr-HR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [221 Ko] - C:\Windows\SysWOW64\hu-HU [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [36.27 Ko] - C:\Windows\SysWOW64\icsxml [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [34095.44 Ko] - C:\Windows\SysWOW64\IME [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\inetsrv [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [1160 Ko] - C:\Windows\SysWOW64\InstallShield [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [235 Ko] - C:\Windows\SysWOW64\it-IT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [163 Ko] - C:\Windows\SysWOW64\ja-JP [MD5.68288DA42BC798992A42CD59061B199D] - |A| - [02/03/2011 12:49:51] - (.Copyright © 2011 - Java(TM) Platform SE binary.) - [141.78 Ko] - (6.0.240.7) - C:\Windows\SysWOW64\java.exe [MD5.5BF8BA1B854D7DFCE1F47E58852B3D8F] - |A| - [02/03/2011 12:49:51] - (.Copyright © 2011 - Java(TM) Platform SE binary.) - [141.78 Ko] - (6.0.240.7) - C:\Windows\SysWOW64\javaw.exe [MD5.58DC5CBDC930AF070B177843810F2C85] - |A| - [02/03/2011 12:49:51] - (.Copyright © 2011 - Java(TM) Web Start Launcher.) - [153.78 Ko] - (6.0.240.7) - C:\Windows\SysWOW64\javaws.exe [MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - |A| - [14/07/2009 04:35:50] - (.-.) - [11687.04 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\korwbrkr.lex [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\SysWOW64\LogFiles [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [165 Ko] - C:\Windows\SysWOW64\lt-LT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [166 Ko] - C:\Windows\SysWOW64\lv-LV [MD5.00000000000000000000000000000000] - |D| - [28/03/2011 21:07:04] - [64884.31 Ko] - C:\Windows\SysWOW64\Macromed [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [1968.26 Ko] - C:\Windows\SysWOW64\manifeststore [MD5.98071B6EE16AA76DABFF377A5DC69C86] - |A| - [14/07/2009 06:55:01] - (.-.) - [0.52 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\mapisvc.inf [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [3208.93 Ko] - C:\Windows\SysWOW64\migration [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [32695.71 Ko] - C:\Windows\SysWOW64\migwiz [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [52.28 Ko] - C:\Windows\SysWOW64\Msdtc [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [23.66 Ko] - C:\Windows\SysWOW64\MUI [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [212 Ko] - C:\Windows\SysWOW64\nb-NO [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\NDF [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [51 Ko] - C:\Windows\SysWOW64\NetworkList [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [229 Ko] - C:\Windows\SysWOW64\nl-NL [MD5.1C96B3DA6ABE5E18B63C64DF75884F6A] - |A| - [14/07/2009 04:35:50] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\noise.kor [MD5.FB820C142B89F3037B8BEE0968B0276B] - |A| - [19/11/2011 21:32:35] - (.-.) - [5.05 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\nppt9x.vxd [MD5.9131FE60ADFAB595C8DA53AD6A06AA31] - |A| - [19/11/2011 21:32:35] - (.Copyright ? 2000-2005 INCA Internet - nProtect NPSC Kernel Mode Driver for NT.) - [4.57 Ko] - (2005.1.5.1) - C:\Windows\SysWOW64\npptNT2.sys [MD5.BF8BDBF4C17D426FED2068475CF99F40] - |A| - [10/02/2012 14:01:39] - (.-.) - [1.74 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ntrexe.log [MD5.9EA3CD2CB18622637DD032743D7750C9] - |A| - [08/01/2017 00:13:39] - (.-.) - [0.65 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\nv-vk32.json [MD5.D70A47788EE933D21C295F66EF2A9FC5] - |A| - [26/08/2009 06:29:28] - (.-.) - [146.5 Ko] - (1.0.40.0) - C:\Windows\SysWOW64\OemSpiE.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [2566.05 Ko] - C:\Windows\SysWOW64\oobe [MD5.235355A8DD26903E75D5E812ECF50E53] - |A| - [24/03/2011 10:15:20] - (.Copyright (C) 2000-2006 - Standard OpenAL(TM) Implementation.) - [106.52 Ko] - (6.14.357.24) - C:\Windows\SysWOW64\OpenAL32.dll [MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |A| - [10/06/2009 23:17:19] - (.-.) - [113.56 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PerfCenterCpl.ico [MD5.481981694097B7CAE9128A68CEF51F12] - |A| - [02/03/2011 12:48:37] - (.-.) - [1599.75 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PerfStringBackup.INI [MD5.7EF7E1C4572B3C0C7AFBB22F83153E86] - |A| - [19/01/2010 18:57:00] - (.-.) - [332 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\phys.ca [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [224 Ko] - C:\Windows\SysWOW64\pl-PL [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 08:18:59] - [420.42 Ko] - C:\Windows\SysWOW64\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [222.5 Ko] - C:\Windows\SysWOW64\pt-BR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [224 Ko] - C:\Windows\SysWOW64\pt-PT [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [23.75 Ko] - C:\Windows\SysWOW64\ras [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0.64 Ko] - C:\Windows\SysWOW64\Recovery [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\SysWOW64\restore [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [169 Ko] - C:\Windows\SysWOW64\ro-RO [MD5.00000000000000000000000000000000] - |D| - [24/03/2011 10:08:34] - [1371.8 Ko] - C:\Windows\SysWOW64\RTCOM [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [219 Ko] - C:\Windows\SysWOW64\ru-RU [MD5.7375771D3805A275B5B29BDEE49B349A] - |A| - [24/03/2011 10:15:19] - (.Copyright © 2009 Creative - OpenAL Host Implementation.) - [2806.47 Ko] - (2.2.20.3025) - C:\Windows\SysWOW64\Sens_oal.dll [MD5.29E5C41566FA014B79E8A3E15D0B9908] - |A| - [05/03/2009 06:55:42] - (.Copyright (C) 2006 - SPIRun Endpoints Dynamic Link Library.) - [18 Ko] - (1.0.3.2) - C:\Windows\SysWOW64\SpiRunE.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [1142.37 Ko] - C:\Windows\SysWOW64\spp [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [30.19 Ko] - C:\Windows\SysWOW64\sppui [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [170 Ko] - C:\Windows\SysWOW64\sr-Latn-CS [MD5.16EEB9588BCCAE365BB492D8A79D23E1] - |A| - [14/07/2011 17:40:43] - (.Copyright Samsung Electronics 2001 - Device Monitor.) - [80 Ko] - (1.5.6.0) - C:\Windows\SysWOW64\ssdevm.dll [MD5.D7F4BAF51DBEE3DC9EAF51BEE5B8F94B] - |A| - [14/07/2011 17:40:43] - (.Copyright Samsung Electronics 2001 - USB Device.) - [48 Ko] - (0.6.0.0) - C:\Windows\SysWOW64\ssusbpn.dll [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [216.5 Ko] - C:\Windows\SysWOW64\sv-SE [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 08:18:59] - [0 Ko] - C:\Windows\SysWOW64\sysprep [MD5.687910FE40B3BB1C07A74F21D23557AD] - |A| - [26/03/2009 09:10:04] - (.Copyright (c), Creative Technology Ltd - Self installation.) - [586.14 Ko] - (2.47.0.0) - C:\Windows\SysWOW64\t3aim64.exe [MD5.EF645B71E16537226CA4680B80924E9D] - |A| - [12/02/2009 11:17:00] - (.Copyright (c) 2006-2009 Creative Technology Ltd. - Creative Audio Processing Object Module.) - [487 Ko] - (1.0.4.0) - C:\Windows\SysWOW64\T3APO32.dll [MD5.BD9C625F7C4C3EE0D900BB0CA93CBB45] - |A| - [27/08/2009 10:18:38] - (.Copyright (c) 2009, Creative Technology Ltd - Self installation.) - [29608.02 Ko] - (1.0.23.5) - C:\Windows\SysWOW64\t3apstp.exe [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\Tasks [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [157 Ko] - C:\Windows\SysWOW64\th-TH [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [212.5 Ko] - C:\Windows\SysWOW64\tr-TR [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [166.5 Ko] - C:\Windows\SysWOW64\uk-UA [MD5.CC7C694B2BD1510C5AAE7374A5B52B92] - |A| - [03/02/1999 08:45:42] - (.-.) - [26.46 Ko] - (2.0.0.5215) - C:\Windows\SysWOW64\VBAFR32.OLB [MD5.15BD0F8D507546F512EE5D73C3721FA8] - |A| - [14/07/2009 04:35:41] - (.Copyright © 2000 - vfpodbc.) - [20.05 Ko] - (1.0.2.0) - C:\Windows\SysWOW64\vfpodbc.dll [MD5.4B0C0A8C960AF22761FB6A25D8A50DF2] - |A| - [18/09/2011 16:30:21] - (.Copyright © 2000-3 ON2 Technologies - VP6 VIDEO FOR WINDOWS CODEC.) - [437.26 Ko] - (6.0.6.4) - C:\Windows\SysWOW64\vp6vfw.dll [MD5.2F28B023406F83D17ACE4294E2510F44] - |A| - [09/09/2016 20:25:58] - (.Copyright (C) 2015-2016 - Vulkan Loader.) - [263.28 Ko] - (1.0.26.0) - C:\Windows\SysWOW64\vulkan-1-1-0-26-0.dll [MD5.2F28B023406F83D17ACE4294E2510F44] - |A| - [08/01/2017 00:15:38] - (.Copyright (C) 2015-2016 - Vulkan Loader.) - [263.28 Ko] - (1.0.26.0) - C:\Windows\SysWOW64\vulkan-1.dll [MD5.6448CF3F64B96B8C72A9D5905F7C07B0] - |A| - [09/09/2016 20:25:28] - (.-.) - [108.28 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\vulkaninfo-1-1-0-26-0.exe [MD5.6448CF3F64B96B8C72A9D5905F7C07B0] - |A| - [08/01/2017 00:15:38] - (.-.) - [108.28 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [02/03/2011 13:52:15] - [237.33 Ko] - C:\Windows\SysWOW64\Wat [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [8908.32 Ko] - C:\Windows\SysWOW64\wbem [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 08:18:59] - [47.61 Ko] - C:\Windows\SysWOW64\WCN [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [96.48 Ko] - C:\Windows\SysWOW64\wdi [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [9079.89 Ko] - C:\Windows\SysWOW64\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 08:19:00] - [106.26 Ko] - C:\Windows\SysWOW64\winrm [MD5.220D077DA1417E8963FBF56BEA3227FC] - |A| - [18/06/2009 02:06:28] - (.© 1999-2009 Logitech. - Logitech Force Feedback Driver.) - [249.51 Ko] - (5.7.102.0) - C:\Windows\SysWOW64\WmJoyF32.dll [MD5.D494267BC169604FAC5E3679B9A97FED] - |A| - [24/03/2011 10:15:20] - (.Copyright © 2008 - OpenAL32.) - [434.52 Ko] - (2.2.0.5) - C:\Windows\SysWOW64\wrap_oal.dll [MD5.00000000000000000000000000000000] - |D| - [21/11/2010 08:18:59] - [9.34 Ko] - C:\Windows\SysWOW64\XPSViewer [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [141.5 Ko] - C:\Windows\SysWOW64\zh-CN [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [63 Ko] - C:\Windows\SysWOW64\zh-HK [MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [141.5 Ko] - C:\Windows\SysWOW64\zh-TW ---------- | Shell Folders [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "!Do not use this registry key"=Use the SHGetFolderPath or SHGetKnownFolderPath function instead "AppData"=C:\Users\Xavier\AppData\Roaming [27/03/2011 14:53:30] "Local AppData"=C:\Users\Xavier\AppData\Local [27/03/2011 14:53:30] "My Video"=C:\Users\Xavier\Videos [27/03/2011 14:53:30] "{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}"=C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Libraries [27/03/2011 14:53:45] "My Pictures"=C:\Users\Xavier\Pictures [27/03/2011 14:53:30] "Desktop"=C:\Users\Xavier\Desktop [27/03/2011 14:53:30] "History"=C:\Users\Xavier\AppData\Local\Microsoft\Windows\History [27/03/2011 14:53:30] "NetHood"=C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Network Shortcuts [27/03/2011 14:53:30] "{56784854-C6CB-462B-8169-88E350ACB882}"=C:\Users\Xavier\Contacts [27/03/2011 14:53:36] "Cookies"=C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Cookies [27/03/2011 14:53:30] "Favorites"=C:\Users\Xavier\Favorites [27/03/2011 14:53:30] "SendTo"=C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\SendTo [27/03/2011 14:53:30] "Start Menu"=C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Start Menu [27/03/2011 14:53:30] "My Music"=C:\Users\Xavier\Music [27/03/2011 14:53:30] "Programs"=C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [27/03/2011 14:53:30] "Recent"=C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Recent [27/03/2011 14:53:30] "CD Burning"=C:\Users\Xavier\AppData\Local\Microsoft\Windows\Burn\Burn [27/03/2011 14:53:49] "PrintHood"=C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Printer Shortcuts [27/03/2011 14:53:30] "{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}"=C:\Users\Xavier\Searches [27/03/2011 14:53:45] "{374DE290-123F-4565-9164-39C4925E467B}"=C:\Users\Xavier\Downloads [27/03/2011 14:53:30] "{A520A1A4-1780-4FF6-BD18-167343C5AF16}"=C:\Users\Xavier\AppData\LocalLow [27/03/2011 14:53:30] "Startup"=C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [27/03/2011 14:53:45] "Administrative Tools"=C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [27/03/2011 14:53:45] "Personal"=C:\Users\Xavier\Documents [27/03/2011 14:53:30] "{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}"=C:\Users\Xavier\Links [27/03/2011 14:53:30] "Cache"=C:\Users\Xavier\AppData\Local\Microsoft\Windows\Temporary Internet Files [27/03/2011 14:53:30] "Templates"=C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Templates [27/03/2011 14:53:30] "{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}"=C:\Users\Xavier\Saved Games [27/03/2011 14:53:30] "Fonts"=C:\Windows\Fonts [14/07/2009 05:20:09] [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "AppData"=%USERPROFILE%\AppData\Roaming "Cache"=%USERPROFILE%\AppData\Local\Microsoft\Windows\Temporary Internet Files "Cookies"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Cookies "Desktop"=%USERPROFILE%\Desktop "Favorites"=%USERPROFILE%\Favorites "History"=%USERPROFILE%\AppData\Local\Microsoft\Windows\History "Local AppData"=%USERPROFILE%\AppData\Local "My Music"=%USERPROFILE%\Music "My Pictures"=%USERPROFILE%\Pictures "My Video"=%USERPROFILE%\Videos "NetHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Network Shortcuts "Personal"=%USERPROFILE%\Documents "Programs"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs "Recent"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Recent "SendTo"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\SendTo "Startup"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup "Start Menu"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu "Templates"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Templates "{374DE290-123F-4565-9164-39C4925E467B}"=%USERPROFILE%\Downloads "PrintHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Printer Shortcuts [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Desktop"=C:\Users\Public\Desktop [14/07/2009 05:20:08] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [14/07/2009 05:20:08] "CommonVideo"=C:\Users\Public\Videos [14/07/2009 05:20:08] "CommonPictures"=C:\Users\Public\Pictures [14/07/2009 05:20:08] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 05:20:08] "CommonMusic"=C:\Users\Public\Music [14/07/2009 05:20:08] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [14/07/2009 07:32:38] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [14/07/2009 05:20:08] "Common Documents"=C:\Users\Public\Documents [14/07/2009 05:20:08] "OEM Links"=C:\ProgramData\OEM Links "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [14/07/2009 05:20:08] "Common AppData"=C:\ProgramData [14/07/2009 05:20:08] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "CommonPictures"=%PUBLIC%\Pictures "CommonMusic"=%PUBLIC%\Music "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common AppData"=%ProgramData% "Common Templates"=%ProgramData%\Microsoft\Windows\Templates [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Desktop"=C:\Users\Public\Desktop [14/07/2009 05:20:08] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [14/07/2009 05:20:08] "CommonVideo"=C:\Users\Public\Videos [14/07/2009 05:20:08] "CommonPictures"=C:\Users\Public\Pictures [14/07/2009 05:20:08] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 05:20:08] "CommonMusic"=C:\Users\Public\Music [14/07/2009 05:20:08] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [14/07/2009 07:32:38] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [14/07/2009 05:20:08] "Common Documents"=C:\Users\Public\Documents [14/07/2009 05:20:08] "OEM Links"=C:\ProgramData\OEM Links "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [14/07/2009 05:20:08] "Common AppData"=C:\ProgramData [14/07/2009 05:20:08] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "CommonPictures"=%PUBLIC%\Pictures "CommonMusic"=%PUBLIC%\Music "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common AppData"=%ProgramData% "Common Templates"=%ProgramData%\Microsoft\Windows\Templates ---------- | [Public] ---------- | [Xavier] [27/03/2011 14:53:30] - |D| - [40343993138] - C:\Users\Xavier\AppData\Local [27/03/2011 14:53:30] - |D| - [67288258] - C:\Users\Xavier\AppData\LocalLow [27/03/2011 14:53:30] - |D| - [13419971941] - C:\Users\Xavier\AppData\Roaming [27/03/2011 16:38:19] - |D| - [16857391] - C:\Users\Xavier\AppData\Local\Adobe [12/11/2014 21:27:48] - |D| - [169235] - C:\Users\Xavier\AppData\Local\Amazon [04/01/2012 21:51:27] - |D| - [0] - C:\Users\Xavier\AppData\Local\Apple [04/01/2012 21:52:27] - |D| - [20807822] - C:\Users\Xavier\AppData\Local\Apple Computer [27/03/2011 14:53:30] - |SHD| - [36744885612] - C:\Users\Xavier\AppData\Local\Application Data [19/06/2015 21:50:56] - |D| - [4392771] - C:\Users\Xavier\AppData\Local\Apps [23/10/2015 19:23:17] - |D| - [1718474] - C:\Users\Xavier\AppData\Local\assembly [24/11/2013 19:28:39] - |D| - [0] - C:\Users\Xavier\AppData\Local\cache [28/07/2015 16:24:05] - |D| - [5984542] - C:\Users\Xavier\AppData\Local\CEF [25/01/2015 23:59:41] - |D| - [2368] - C:\Users\Xavier\AppData\Local\CoherentLabs [25/04/2016 20:41:31] - |D| - [0] - C:\Users\Xavier\AppData\Local\CrashDumps [19/06/2015 21:50:55] - |D| - [0] - C:\Users\Xavier\AppData\Local\Deployment [15/04/2014 21:04:42] - |D| - [0] - C:\Users\Xavier\AppData\Local\Diagnostics [05/05/2012 13:21:55] - |D| - [0] - C:\Users\Xavier\AppData\Local\ElevatedDiagnostics [19/12/2016 00:11:36] - |D| - [508] - C:\Users\Xavier\AppData\Local\Frontier Developments [10/09/2012 18:49:02] - |D| - [2617770] - C:\Users\Xavier\AppData\Local\Garmin [05/05/2015 22:26:16] - |D| - [4121] - C:\Users\Xavier\AppData\Local\Garmin_Ltd._or_its_subsid [27/03/2011 14:53:50] - |A| - [138496] - C:\Users\Xavier\AppData\Local\GDIPFONTCACHEV1.DAT [15/08/2012 18:27:08] - |D| - [36447232] - C:\Users\Xavier\AppData\Local\GMap.NET [28/03/2011 21:06:53] - |D| - [1418062293] - C:\Users\Xavier\AppData\Local\Google [27/03/2011 14:53:30] - |SHD| - [737860] - C:\Users\Xavier\AppData\Local\Historique [17/06/2012 15:23:10] - |AH| - [14032554] - C:\Users\Xavier\AppData\Local\IconCache.db [13/11/2014 00:09:23] - |D| - [2408] - C:\Users\Xavier\AppData\Local\IEPS [13/03/2017 22:01:44] - |AH| - [4096] - C:\Users\Xavier\AppData\Local\keyfile3.drm [27/03/2011 15:32:20] - |D| - [44721] - C:\Users\Xavier\AppData\Local\Logitech [28/03/2011 20:49:18] - |D| - [1043] - C:\Users\Xavier\AppData\Local\MDR_Designs_LLC [27/03/2011 14:53:30] - |D| - [972298484] - C:\Users\Xavier\AppData\Local\Microsoft [27/03/2011 16:16:35] - |D| - [4524] - C:\Users\Xavier\AppData\Local\Microsoft Game Studios [02/11/2014 16:01:57] - |D| - [0] - C:\Users\Xavier\AppData\Local\Microsoft Help [18/05/2016 21:55:00] - |D| - [4172966] - C:\Users\Xavier\AppData\Local\NickThissen [18/05/2016 21:55:00] - |D| - [39568] - C:\Users\Xavier\AppData\Local\Nick_Thissen [08/01/2017 00:17:51] - |D| - [67503074] - C:\Users\Xavier\AppData\Local\NVIDIA [08/01/2017 00:17:48] - |D| - [13418136] - C:\Users\Xavier\AppData\Local\NVIDIA Corporation [22/03/2017 13:23:35] - |D| - [77376491] - C:\Users\Xavier\AppData\Local\Opera Software [07/02/2013 22:25:42] - |D| - [109662313] - C:\Users\Xavier\AppData\Local\Origin [18/01/2016 13:43:28] - |D| - [0] - C:\Users\Xavier\AppData\Local\Packages [19/11/2011 14:15:28] - |D| - [170124] - C:\Users\Xavier\AppData\Local\PMB Files [01/01/2012 18:50:02] - |D| - [380851] - C:\Users\Xavier\AppData\Local\PokerStars.FR [22/02/2016 13:58:16] - |D| - [382] - C:\Users\Xavier\AppData\Local\Profit_Sports_Betting [15/04/2013 21:46:28] - |D| - [0] - C:\Users\Xavier\AppData\Local\Programs [01/01/2017 23:29:40] - |D| - [2444] - C:\Users\Xavier\AppData\Local\Prominence [31/03/2011 21:13:13] - |D| - [9083] - C:\Users\Xavier\AppData\Local\Real_Environment_Simulati [25/08/2013 15:12:24] - |D| - [42961971] - C:\Users\Xavier\AppData\Local\Sports Interactive [26/05/2015 17:43:34] - |D| - [736441917] - C:\Users\Xavier\AppData\Local\Steam [23/10/2015 19:23:15] - |D| - [205] - C:\Users\Xavier\AppData\Local\TechSmith [27/03/2011 14:53:30] - |D| - [190419] - C:\Users\Xavier\AppData\Local\Temp [27/03/2011 14:53:30] - |SHD| - [43373139] - C:\Users\Xavier\AppData\Local\Temporary Internet Files [22/07/2013 21:39:37] - |D| - [0] - C:\Users\Xavier\AppData\Local\Unity [01/01/2017 23:29:40] - |D| - [27] - C:\Users\Xavier\AppData\Local\UnrealEngine [17/07/2016 23:43:19] - |D| - [574] - C:\Users\Xavier\AppData\Local\V1_Software [14/08/2012 23:39:40] - |D| - [3964] - C:\Users\Xavier\AppData\Local\VAFinancials [27/03/2011 14:53:35] - |D| - [8106945] - C:\Users\Xavier\AppData\Local\VirtualStore [02/05/2011 12:22:48] - |D| - [77824] - C:\Users\Xavier\AppData\Local\Windows Live [08/04/2015 21:38:21] - |D| - [648363] - C:\Users\Xavier\AppData\Local\Windows Live Writer [10/05/2011 20:27:51] - |D| - [238033] - C:\Users\Xavier\AppData\Local\WinZip [27/03/2011 16:38:19] - |D| - [140062] - C:\Users\Xavier\AppData\LocalLow\Adobe [11/09/2014 18:06:46] - |D| - [55420645] - C:\Users\Xavier\AppData\LocalLow\Google [27/03/2011 14:53:41] - |SD| - [660367] - C:\Users\Xavier\AppData\LocalLow\Microsoft [10/02/2012 14:01:07] - |D| - [2624292] - C:\Users\Xavier\AppData\LocalLow\ntr [27/03/2011 15:25:19] - |D| - [7671828] - C:\Users\Xavier\AppData\LocalLow\Sun [29/02/2012 22:19:16] - |D| - [10722] - C:\Users\Xavier\AppData\LocalLow\Temp [22/07/2013 21:39:36] - |D| - [0] - C:\Users\Xavier\AppData\LocalLow\Unity [03/01/2017 22:14:39] - |D| - [760342] - C:\Users\Xavier\AppData\LocalLow\Youdagames [10/03/2017 20:12:25] - |D| - [203139761] - C:\Users\Xavier\AppData\Roaming\.minecraft [03/01/2017 22:14:49] - |D| - [0] - C:\Users\Xavier\AppData\Roaming\.mono [27/03/2011 16:38:19] - |D| - [33739930] - C:\Users\Xavier\AppData\Roaming\Adobe [16/01/2015 23:10:54] - |D| - [54] - C:\Users\Xavier\AppData\Roaming\Adobe Mini Bridge CS5.1 [25/10/2012 22:21:49] - |A| - [132] - C:\Users\Xavier\AppData\Roaming\Adobe PNG Format CS5 Prefs [03/07/2012 21:17:28] - |A| - [132] - C:\Users\Xavier\AppData\Roaming\Adobe Targa Format CS5 Prefs [04/01/2012 21:52:27] - |D| - [10072923521] - C:\Users\Xavier\AppData\Roaming\Apple Computer [23/11/2011 22:38:00] - |D| - [1671] - C:\Users\Xavier\AppData\Roaming\Audacity [15/04/2013 21:49:35] - |A| - [96] - C:\Users\Xavier\AppData\Roaming\Camdata.ini [15/04/2013 21:49:35] - |A| - [408] - C:\Users\Xavier\AppData\Roaming\CamLayout.ini [15/04/2013 21:49:01] - |A| - [4509] - C:\Users\Xavier\AppData\Roaming\CamStudio.cfg [27/01/2017 19:12:20] - |D| - [51653] - C:\Users\Xavier\AppData\Roaming\Canon [03/04/2015 22:51:40] - |D| - [34668] - C:\Users\Xavier\AppData\Roaming\com.activemindtechnology.gamegolf [04/10/2015 14:31:31] - |D| - [1331927] - C:\Users\Xavier\AppData\Roaming\com.winamax.chat [12/05/2011 12:58:27] - |D| - [28088830] - C:\Users\Xavier\AppData\Roaming\Dropbox [29/05/2014 15:09:52] - |D| - [0] - C:\Users\Xavier\AppData\Roaming\eBookPro6 [28/09/2014 09:56:24] - |D| - [34876240] - C:\Users\Xavier\AppData\Roaming\Electronic Arts [04/01/2017 22:13:43] - |D| - [513009] - C:\Users\Xavier\AppData\Roaming\Emjysoft [19/06/2015 19:06:02] - |D| - [2772887] - C:\Users\Xavier\AppData\Roaming\EZCA [07/10/2015 22:16:21] - |D| - [2297] - C:\Users\Xavier\AppData\Roaming\FastStone [22/09/2012 21:48:31] - |D| - [2476043950] - C:\Users\Xavier\AppData\Roaming\Flight One Software [19/12/2016 00:11:36] - |D| - [0] - C:\Users\Xavier\AppData\Roaming\Frontier Developments [10/09/2012 18:48:43] - |D| - [411074] - C:\Users\Xavier\AppData\Roaming\Garmin [28/03/2011 21:09:17] - |D| - [0] - C:\Users\Xavier\AppData\Roaming\Google [27/03/2011 14:53:38] - |D| - [0] - C:\Users\Xavier\AppData\Roaming\Identities [12/11/2014 23:57:13] - |D| - [163501] - C:\Users\Xavier\AppData\Roaming\IEPS [04/04/2011 20:52:36] - |D| - [2243352] - C:\Users\Xavier\AppData\Roaming\LibreOffice [28/03/2011 21:07:19] - |D| - [317597] - C:\Users\Xavier\AppData\Roaming\Macromedia [04/02/2014 22:46:00] - |D| - [0] - C:\Users\Xavier\AppData\Roaming\Malwarebytes [27/03/2011 14:53:30] - |D| - [0] - C:\Users\Xavier\AppData\Roaming\Media Center Programs [27/03/2011 14:53:30] - |SD| - [4845869] - C:\Users\Xavier\AppData\Roaming\Microsoft [18/07/2011 16:54:57] - |D| - [244140] - C:\Users\Xavier\AppData\Roaming\Mumble [09/01/2017 23:02:15] - |D| - [130271] - C:\Users\Xavier\AppData\Roaming\NVIDIA [22/03/2017 13:23:35] - |D| - [29838606] - C:\Users\Xavier\AppData\Roaming\Opera Software [07/02/2013 22:25:43] - |D| - [6339850] - C:\Users\Xavier\AppData\Roaming\Origin [09/09/2012 18:44:30] - |D| - [3853842] - C:\Users\Xavier\AppData\Roaming\PokerAcademy2 [17/02/2013 22:20:10] - |RHD| - [10583] - C:\Users\Xavier\AppData\Roaming\SecuROM [01/02/2016 13:38:50] - |D| - [51639516] - C:\Users\Xavier\AppData\Roaming\Skype [25/08/2013 15:12:24] - |D| - [29658897] - C:\Users\Xavier\AppData\Roaming\Sports Interactive [16/01/2015 23:10:54] - |D| - [0] - C:\Users\Xavier\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [23/02/2013 14:48:14] - |D| - [3848] - C:\Users\Xavier\AppData\Roaming\TradingPaints Downloader [29/01/2015 19:49:23] - |D| - [24152762] - C:\Users\Xavier\AppData\Roaming\Ubisoft [28/03/2011 21:30:50] - |D| - [4677] - C:\Users\Xavier\AppData\Roaming\Ventrilo [24/12/2014 18:05:02] - |D| - [0] - C:\Users\Xavier\AppData\Roaming\wam [15/12/2014 20:34:32] - |D| - [48654140] - C:\Users\Xavier\AppData\Roaming\wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1 [08/04/2015 21:38:21] - |D| - [0] - C:\Users\Xavier\AppData\Roaming\Windows Live Writer [17/05/2011 20:19:53] - |D| - [12] - C:\Users\Xavier\AppData\Roaming\WinRAR [11/05/2016 12:27:18] - |D| - [363933729] - C:\Users\Xavier\AppData\Roaming\ZHP [27/03/2011 14:53:45] - |ASH| - [174] - C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [27/03/2011 14:53:30] - |SHD| - [61160] - C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [27/03/2011 14:53:30] - |RD| - [61160] - C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [27/03/2011 14:53:30] - |RD| - [13152] - C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [27/03/2011 14:53:45] - |RD| - [174] - C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [31/03/2011 20:50:00] - |D| - [1924] - C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Boeing 737-800W EAV 2010 for FSX [27/03/2011 14:53:45] - |ASH| - [476] - C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [12/05/2011 12:58:43] - |D| - [2090] - C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox [31/03/2011 20:50:43] - |D| - [1938] - C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Embraer ERJ-145XR EAV 2010 FSX [13/09/2012 22:48:19] - |D| - [14252] - C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FeelThere [27/07/2016 22:21:21] - |D| - [8311] - C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flight One Software [27/03/2011 15:25:00] - |D| - [230] - C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [06/08/2011 22:18:25] - |A| - [2400] - C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [27/03/2011 14:53:30] - |RD| - [580] - C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [24/11/2011 22:49:29] - |D| - [8233] - C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Orbx [27/03/2011 14:53:45] - |RD| - [174] - C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [26/05/2015 18:31:04] - |D| - [666] - C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam [20/01/2014 21:31:46] - |D| - [1940] - C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VAFS5 [28/03/2011 21:30:36] - |D| - [956] - C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ventrilo [19/06/2015 21:51:30] - |D| - [467] - C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\vroute [17/05/2011 20:19:53] - |D| - [3197] - C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [27/03/2011 14:53:45] - |ASH| - [174] - C:\Users\Xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\ProgramData [03/01/2017 22:14:49] - |D| - [0] - C:\ProgramData\.mono [16/12/2012 18:45:37] - |D| - [6072] - C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 [27/03/2011 16:37:22] - |D| - [1137077979] - C:\ProgramData\Adobe [04/01/2012 21:50:55] - |D| - [168101323] - C:\ProgramData\Apple [04/01/2012 21:51:50] - |D| - [76357371] - C:\ProgramData\Apple Computer [14/07/2009 07:08:56] - |SHD| - [64551528753] - C:\ProgramData\Application Data [22/01/2012 14:38:39] - |D| - [1538423] - C:\ProgramData\AVAST Software [27/03/2011 14:53:19] - |SHD| - [11256] - C:\ProgramData\Bureau [27/01/2017 14:09:54] - |HD| - [29459427] - C:\ProgramData\CanonBJ [27/01/2017 14:02:19] - |HD| - [83] - C:\ProgramData\CanonIJETV [27/01/2017 19:13:04] - |HD| - [2172] - C:\ProgramData\CanonIJQuickMenu [27/01/2017 14:23:43] - |D| - [86797] - C:\ProgramData\CanonIJWSpt [18/08/2016 22:30:38] - |HD| - [0] - C:\ProgramData\Common Files [24/03/2011 10:14:37] - |D| - [0] - C:\ProgramData\Creative [14/07/2009 07:08:56] - |SHD| - [11256] - C:\ProgramData\Desktop [14/07/2009 07:08:56] - |SHD| - [102683521] - C:\ProgramData\Documents [24/03/2011 10:07:18] - |D| - [3141990] - C:\ProgramData\Downloaded Installations [18/09/2011 16:35:39] - |D| - [0] - C:\ProgramData\EA Core [30/11/2011 21:48:40] - |D| - [66] - C:\ProgramData\EA Logs [07/02/2013 22:24:08] - |D| - [2153] - C:\ProgramData\Electronic Arts [27/03/2011 14:53:19] - |SHD| - [0] - C:\ProgramData\Favoris [14/07/2009 07:08:56] - |SHD| - [0] - C:\ProgramData\Favorites [23/08/2012 12:39:04] - |D| - [33106] - C:\ProgramData\FLEXnet [25/11/2013 20:36:25] - |D| - [0] - C:\ProgramData\Garmin [28/03/2011 21:06:46] - |D| - [526512] - C:\ProgramData\Google [04/02/2014 22:45:48] - |D| - [118441718] - C:\ProgramData\Malwarebytes [27/03/2011 14:53:19] - |SHD| - [658730] - C:\ProgramData\Menu Démarrer [02/05/2013 21:53:49] - |D| - [1084241827] - C:\ProgramData\MGS [14/07/2009 05:20:08] - |SD| - [1259328494] - C:\ProgramData\Microsoft [02/11/2014 16:01:55] - |D| - [65254] - C:\ProgramData\Microsoft Help [18/05/2016 21:55:31] - |A| - [109] - C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc [27/03/2011 14:53:19] - |SHD| - [31386] - C:\ProgramData\Modèles [24/03/2011 10:11:10] - |D| - [2850051] - C:\ProgramData\NVIDIA [24/03/2011 10:10:30] - |D| - [404075202] - C:\ProgramData\NVIDIA Corporation [07/02/2013 22:24:08] - |D| - [335247718] - C:\ProgramData\Origin [05/05/2015 22:19:04] - |D| - [47288865] - C:\ProgramData\Package Cache [19/11/2011 14:15:28] - |D| - [435] - C:\ProgramData\PMB Files [02/01/2017 23:40:44] - |D| - [0] - C:\ProgramData\PokerAcademy2 [01/04/2012 18:26:18] - |D| - [1713] - C:\ProgramData\regid.1986-12.com.adobe [05/10/2015 12:38:08] - |D| - [720818601] - C:\ProgramData\Rosetta Stone [01/05/2014 20:16:37] - |D| - [0] - C:\ProgramData\Samsung [01/02/2016 13:38:42] - |D| - [87265280] - C:\ProgramData\Skype [29/01/2015 19:48:40] - |D| - [1073] - C:\ProgramData\Solidshield [14/07/2009 07:08:56] - |SHD| - [658730] - C:\ProgramData\Start Menu [02/03/2011 12:49:53] - |D| - [119] - C:\ProgramData\Sun [23/10/2015 19:22:43] - |D| - [18] - C:\ProgramData\TechSmith [14/07/2009 07:08:56] - |SHD| - [31386] - C:\ProgramData\Templates [27/03/2011 15:42:58] - |D| - [28] - C:\ProgramData\WinZip [04/01/2012 21:51:50] - |D| - [3672] - C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [14/07/2009 07:01:14] - |A| - [1282] - C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk [14/07/2009 06:49:40] - |ASH| - [442] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [27/03/2011 14:53:19] - |SHD| - [327870] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [14/07/2009 05:20:08] - |RD| - [327870] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs [14/07/2009 06:49:40] - |A| - [1266] - C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [02/03/2011 12:51:52] - |D| - [1653] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [14/07/2009 05:20:08] - |RD| - [43590] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [14/07/2009 07:32:38] - |RD| - [18363] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [01/04/2012 18:24:21] - |A| - [1192] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.1.lnk [01/04/2012 18:23:59] - |A| - [1285] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.5.lnk [01/04/2012 18:22:25] - |A| - [1558] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk [01/04/2012 18:22:33] - |A| - [1386] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.5.lnk [01/04/2012 18:21:57] - |A| - [1004] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk [01/04/2012 18:26:06] - |A| - [1100] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.1 (64 Bit).lnk [01/04/2011 22:05:02] - |D| - [4407] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aerosoft [04/01/2012 21:51:26] - |A| - [2519] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [15/08/2011 14:06:54] - |D| - [929] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [23/11/2011 22:33:49] - |D| - [2001] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDex [24/03/2011 10:15:06] - |D| - [4352] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative [14/07/2009 06:54:23] - |ASH| - [1748] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [21/08/2012 21:34:25] - |D| - [2839] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drzewiecki Design [19/06/2015 19:06:06] - |D| - [4026] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZCA [31/03/2011 20:31:00] - |D| - [8231] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flight One Software [29/06/2015 21:11:59] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSInstantApproachPRO2015 [03/04/2015 22:51:28] - |D| - [3396] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAME GOLF [14/07/2009 07:32:38] - |RD| - [7682] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [29/01/2016 14:08:39] - |D| - [1700] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inpaint [01/05/2011 15:14:38] - |D| - [2128] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iRacing [18/05/2016 21:51:25] - |D| - [1182] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iRacing Setup Sync [24/09/2015 19:28:27] - |D| - [3933] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [28/03/2011 12:40:56] - |D| - [2824] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Just Flight [02/03/2011 12:51:18] - |SD| - [7534] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 3.3 [27/03/2011 15:30:50] - |D| - [2663] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech [14/07/2009 05:20:08] - |RD| - [4370] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [11/05/2017 18:19:32] - |D| - [3808] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes [21/01/2014 20:51:29] - |D| - [44551] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaSceneryEarth [29/03/2011 22:01:44] - |D| - [3710] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaSceneryX [02/11/2014 16:05:01] - |D| - [32320] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [18/09/2014 20:38:08] - |D| - [2236] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [10/03/2017 20:11:25] - |D| - [986] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft [18/07/2011 16:54:33] - |D| - [7172] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble [08/01/2017 00:16:22] - |D| - [11171] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [22/03/2017 13:23:28] - |A| - [1100] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [07/02/2013 22:24:08] - |D| - [3091] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin [29/01/2016 13:56:32] - |D| - [1823] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScissors [23/08/2012 12:33:42] - |D| - [23294] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMDG Simulations [02/01/2017 23:40:22] - |D| - [5905] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Poker Academy 2 [31/03/2011 21:09:40] - |D| - [5316] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Environment Xtreme 2.0 [24/03/2011 10:07:29] - |D| - [2584] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics [14/07/2011 17:40:59] - |D| - [10198] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers [19/11/2011 21:28:09] - |D| - [4143] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShotOnline [06/03/2013 22:53:24] - |D| - [7014] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™ [01/05/2017 21:04:32] - |D| - [2144] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [14/07/2009 05:20:08] - |RD| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [13/11/2016 20:01:05] - |D| - [1046] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [21/11/2010 08:29:25] - |RHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC [02/03/2011 12:47:33] - |RD| - [7364] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live [17/05/2011 20:19:53] - |D| - [3143] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [27/03/2011 15:43:13] - |D| - [3982] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [14/07/2009 06:54:23] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [13/08/2011 17:28:38] - |D| - [410031389] - C:\Program Files (x86)\Adobe [19/06/2015 06:08:02] - |D| - [0] - C:\Program Files (x86)\Aircraft [28/03/2011 12:40:56] - |D| - [8790117] - C:\Program Files (x86)\AirHauler [24/09/2015 19:25:39] - |D| - [2476622] - C:\Program Files (x86)\Apple Software Update [23/11/2011 22:37:51] - |D| - [42465342] - C:\Program Files (x86)\Audacity 1.3 Beta (Unicode) [24/09/2015 19:26:15] - |D| - [631643] - C:\Program Files (x86)\Bonjour [27/01/2017 14:01:01] - |D| - [0] - C:\Program Files (x86)\Canon [23/11/2011 22:32:49] - |D| - [570989] - C:\Program Files (x86)\CDex [09/05/2014 19:02:45] - |D| - [0] - C:\Program Files (x86)\Citrix [14/07/2009 05:20:08] - |D| - [1045576865] - C:\Program Files (x86)\Common Files [24/03/2011 10:14:54] - |D| - [18289522] - C:\Program Files (x86)\Creative [24/03/2011 10:15:06] - |HD| - [4448539] - C:\Program Files (x86)\Creative Installation Information [18/01/2016 13:43:28] - |D| - [0] - C:\Program Files (x86)\Dashlane [14/07/2009 06:54:24] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [19/06/2015 19:06:01] - |D| - [15152523] - C:\Program Files (x86)\EZCA [03/08/2014 19:57:38] - |D| - [213314] - C:\Program Files (x86)\FSFlyingSchool [29/06/2015 21:11:56] - |D| - [75211] - C:\Program Files (x86)\FSInstantApproachPRO2015 [03/04/2015 22:51:27] - |D| - [51809664] - C:\Program Files (x86)\GAMEGOLF [10/09/2012 18:47:06] - |D| - [89296] - C:\Program Files (x86)\Garmin [24/03/2011 10:09:35] - |D| - [81656] - C:\Program Files (x86)\GIGABYTE [28/03/2011 21:06:46] - |D| - [97774249] - C:\Program Files (x86)\Google [31/03/2011 20:27:18] - |D| - [3276866135] - C:\Program Files (x86)\Ground Environment X North America [14/08/2012 23:38:31] - |HD| - [1541157] - C:\Program Files (x86)\InstallJammer Registry [24/03/2011 10:03:52] - |HD| - [320130253] - C:\Program Files (x86)\InstallShield Installation Information [24/03/2011 10:06:12] - |D| - [96760] - C:\Program Files (x86)\Intel [14/07/2009 05:20:08] - |D| - [5172744] - C:\Program Files (x86)\Internet Explorer [01/05/2011 15:14:38] - |D| - [8828644712] - C:\Program Files (x86)\iRacing [18/05/2016 21:51:25] - |D| - [20459542] - C:\Program Files (x86)\iRacing Setup Sync [24/09/2015 19:27:44] - |D| - [189227] - C:\Program Files (x86)\iTunes [02/03/2011 12:49:49] - |D| - [90595882] - C:\Program Files (x86)\Java [17/07/2016 23:26:30] - |D| - [669826276] - C:\Program Files (x86)\Just Flight [02/03/2011 12:51:06] - |D| - [451004513] - C:\Program Files (x86)\LibreOffice 3 [27/03/2011 15:56:06] - |D| - [39357060472] - C:\Program Files (x86)\Microsoft Games [02/11/2014 16:01:56] - |D| - [552230396] - C:\Program Files (x86)\Microsoft Office [18/09/2014 20:38:04] - |D| - [42864998] - C:\Program Files (x86)\Microsoft Silverlight [02/03/2011 12:47:45] - |D| - [1829877] - C:\Program Files (x86)\Microsoft SQL Server Compact Edition [02/11/2014 16:04:08] - |D| - [14904] - C:\Program Files (x86)\Microsoft Visual Studio [02/11/2014 16:02:14] - |D| - [1387249] - C:\Program Files (x86)\Microsoft Visual Studio 8 [02/11/2014 16:04:28] - |D| - [3178824] - C:\Program Files (x86)\Microsoft Works [18/09/2011 16:30:20] - |D| - [979309] - C:\Program Files (x86)\Microsoft WSE [02/03/2011 12:52:30] - |D| - [8175999] - C:\Program Files (x86)\Microsoft.NET [10/03/2017 20:11:25] - |D| - [301939442] - C:\Program Files (x86)\Minecraft [14/07/2009 07:32:38] - |D| - [26521] - C:\Program Files (x86)\MSBuild [17/07/2016 23:26:42] - |D| - [27711513] - C:\Program Files (x86)\MSECache [27/03/2011 16:09:11] - |D| - [0] - C:\Program Files (x86)\MSXML 4.0 [18/07/2011 16:54:31] - |D| - [37736965] - C:\Program Files (x86)\Mumble [24/03/2011 10:10:56] - |D| - [396564648] - C:\Program Files (x86)\NVIDIA Corporation [07/02/2013 22:24:07] - |D| - [392188617] - C:\Program Files (x86)\Origin [18/09/2011 10:17:50] - |D| - [3369629987] - C:\Program Files (x86)\Origin Games [19/11/2011 14:15:14] - |D| - [7477054] - C:\Program Files (x86)\Pando Networks [02/01/2017 23:39:59] - |D| - [96548331] - C:\Program Files (x86)\PokerAcademy2 [01/01/2012 18:49:46] - |D| - [196] - C:\Program Files (x86)\PokerStars.FR [31/03/2011 21:09:40] - |D| - [7319087417] - C:\Program Files (x86)\Real Environment Xtreme 2.0 [24/03/2011 10:03:53] - |D| - [5813726] - C:\Program Files (x86)\Realtek [14/07/2009 07:32:38] - |D| - [39159041] - C:\Program Files (x86)\Reference Assemblies [24/03/2011 10:07:28] - |D| - [1032067] - C:\Program Files (x86)\Renesas Electronics [11/11/2011 19:40:04] - |D| - [86637756] - C:\Program Files (x86)\Samsung [11/11/2011 19:41:15] - |D| - [10498608] - C:\Program Files (x86)\SamsungPrinterLiveUpdate [01/05/2017 21:04:31] - |RD| - [87838429] - C:\Program Files (x86)\Skype [13/11/2016 20:01:05] - |D| - [18390472224] - C:\Program Files (x86)\Steam [17/08/2012 21:36:19] - |D| - [0] - C:\Program Files (x86)\TeamViewer [24/03/2011 10:08:17] - |HD| - [0] - C:\Program Files (x86)\Temp [29/01/2015 19:31:52] - |D| - [5619267468] - C:\Program Files (x86)\Ubisoft [14/07/2009 06:57:06] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information [31/03/2011 20:27:17] - |A| - [640392] - C:\Program Files (x86)\UninstallNA.exe [20/08/2012 21:56:48] - |D| - [32967446] - C:\Program Files (x86)\VAFS5 [08/01/2017 00:15:38] - |D| - [846194] - C:\Program Files (x86)\VulkanRT [14/07/2009 07:32:38] - |D| - [524800] - C:\Program Files (x86)\Windows Defender [02/03/2011 12:47:32] - |D| - [184973895] - C:\Program Files (x86)\Windows Live [14/07/2009 05:20:08] - |D| - [6181376] - C:\Program Files (x86)\Windows Mail [14/07/2009 07:32:38] - |D| - [5024017] - C:\Program Files (x86)\Windows Media Player [14/07/2009 05:20:08] - |D| - [12197556] - C:\Program Files (x86)\Windows NT [14/07/2009 07:32:38] - |D| - [4417800] - C:\Program Files (x86)\Windows Photo Viewer [14/07/2009 07:32:38] - |D| - [189952] - C:\Program Files (x86)\Windows Portable Devices [14/07/2009 07:32:38] - |D| - [5994626] - C:\Program Files (x86)\Windows Sidebar [17/05/2011 20:19:48] - |D| - [4055847] - C:\Program Files (x86)\WinRAR [27/03/2011 15:42:56] - |D| - [20673124] - C:\Program Files (x86)\WinZip [13/05/2016 18:40:12] - |D| - [7233259] - C:\Program Files (x86)\ZHPFix ---------- | C:\Program Files [02/03/2011 12:51:52] - |D| - [4588532] - C:\Program Files\7-Zip [01/04/2012 18:24:47] - |D| - [453312854] - C:\Program Files\Adobe [22/01/2012 14:38:39] - |D| - [161824665] - C:\Program Files\AVAST Software [24/09/2015 19:26:15] - |D| - [615046] - C:\Program Files\Bonjour [15/08/2011 14:06:53] - |D| - [13595040] - C:\Program Files\CCleaner [14/07/2009 05:20:08] - |D| - [415743290] - C:\Program Files\Common Files [24/03/2011 10:14:57] - |D| - [4590244] - C:\Program Files\Creative [14/07/2009 06:54:24] - |ASH| - [174] - C:\Program Files\desktop.ini [10/09/2012 18:47:07] - |D| - [2034024] - C:\Program Files\DIFX [14/07/2009 07:32:38] - |D| - [90256916] - C:\Program Files\DVD Maker [27/03/2011 14:53:20] - |SHD| - [415743290] - C:\Program Files\Fichiers communs [24/03/2011 10:09:35] - |D| - [81656] - C:\Program Files\GIGABYTE [28/03/2011 21:06:52] - |D| - [0] - C:\Program Files\Google [29/01/2016 14:08:39] - |D| - [15202864] - C:\Program Files\Inpaint [14/07/2009 05:20:08] - |D| - [6221808] - C:\Program Files\Internet Explorer [24/09/2015 19:27:44] - |D| - [3922459] - C:\Program Files\iPod [24/09/2015 19:27:44] - |D| - [192860143] - C:\Program Files\iTunes [27/03/2011 15:30:30] - |D| - [10986074] - C:\Program Files\Logitech [11/05/2017 18:19:27] - |D| - [137437664] - C:\Program Files\Malwarebytes [14/07/2009 07:32:38] - |D| - [712585304] - C:\Program Files\Microsoft Games [02/11/2014 16:02:18] - |D| - [594270] - C:\Program Files\Microsoft Office [18/09/2014 20:38:04] - |D| - [55692134] - C:\Program Files\Microsoft Silverlight [14/07/2009 07:32:38] - |D| - [25757] - C:\Program Files\MSBuild [24/03/2011 10:10:09] - |D| - [1029013618] - C:\Program Files\NVIDIA Corporation [22/03/2017 13:22:35] - |D| - [172861891] - C:\Program Files\Opera [29/01/2016 13:56:31] - |D| - [16026311] - C:\Program Files\PhotoScissors [24/03/2011 10:08:34] - |D| - [18185136] - C:\Program Files\Realtek [14/07/2009 07:32:38] - |D| - [36813993] - C:\Program Files\Reference Assemblies [14/07/2009 07:09:26] - |HD| - [0] - C:\Program Files\Uninstall Information [28/03/2011 21:30:36] - |D| - [6873940] - C:\Program Files\Ventrilo [14/07/2009 07:32:38] - |D| - [4039680] - C:\Program Files\Windows Defender [21/11/2010 08:29:46] - |D| - [9224824] - C:\Program Files\Windows Journal [02/03/2011 12:47:29] - |D| - [7987385] - C:\Program Files\Windows Live [14/07/2009 05:20:08] - |D| - [6667776] - C:\Program Files\Windows Mail [14/07/2009 07:32:38] - |D| - [7687085] - C:\Program Files\Windows Media Player [14/07/2009 05:20:08] - |D| - [12627636] - C:\Program Files\Windows NT [14/07/2009 07:32:38] - |D| - [5516056] - C:\Program Files\Windows Photo Viewer [14/07/2009 07:32:38] - |D| - [244736] - C:\Program Files\Windows Portable Devices [14/07/2009 07:32:38] - |D| - [7192060] - C:\Program Files\Windows Sidebar ---------- | C:\Program Files (x86)\Common Files [13/08/2011 17:28:38] - |D| - [290288789] - C:\Program Files (x86)\Common Files\Adobe [01/04/2012 18:21:54] - |D| - [50373581] - C:\Program Files (x86)\Common Files\Adobe AIR [04/01/2012 21:50:55] - |D| - [129470218] - C:\Program Files (x86)\Common Files\Apple [24/03/2011 10:15:07] - |D| - [3634909] - C:\Program Files (x86)\Common Files\Creative [24/03/2011 10:15:01] - |D| - [79360] - C:\Program Files (x86)\Common Files\Creative Labs Shared [02/11/2014 16:04:08] - |D| - [92976] - C:\Program Files (x86)\Common Files\DESIGNER [16/02/2013 18:40:12] - |HD| - [1288397] - C:\Program Files (x86)\Common Files\EAInstaller [24/03/2011 10:08:15] - |D| - [10691071] - C:\Program Files (x86)\Common Files\InstallShield [02/03/2011 12:49:53] - |D| - [1247175] - C:\Program Files (x86)\Common Files\Java [23/08/2012 12:35:27] - |D| - [1045152] - C:\Program Files (x86)\Common Files\Macrovision Shared [27/03/2011 16:09:10] - |D| - [45580] - C:\Program Files (x86)\Common Files\Microsoft Games [14/07/2009 05:20:08] - |D| - [234984652] - C:\Program Files (x86)\Common Files\microsoft shared [14/07/2009 05:20:08] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [01/05/2017 21:04:31] - |D| - [2574296] - C:\Program Files (x86)\Common Files\Skype [14/07/2009 05:20:08] - |D| - [41103783] - C:\Program Files (x86)\Common Files\SpeechEngines [25/08/2013 13:26:34] - |D| - [3726912] - C:\Program Files (x86)\Common Files\Steam [14/07/2009 05:20:08] - |D| - [44110730] - C:\Program Files (x86)\Common Files\System [02/03/2011 12:46:54] - |D| - [226745670] - C:\Program Files (x86)\Common Files\Windows Live [28/03/2011 21:30:21] - |D| - [4070912] - C:\Program Files (x86)\Common Files\Wise Installation Wizard ---------- | C:\Program Files\Common files [01/04/2012 18:24:25] - |D| - [170414656] - C:\Program Files\Common files\Adobe [04/01/2012 21:51:14] - |D| - [164090562] - C:\Program Files\Common files\Apple [19/11/2011 21:32:21] - |D| - [0] - C:\Program Files\Common files\INCA Shared [27/03/2011 15:30:46] - |D| - [1444337] - C:\Program Files\Common files\Logitech [14/07/2009 05:20:08] - |D| - [66987974] - C:\Program Files\Common files\Microsoft Shared [14/07/2009 05:20:08] - |D| - [2702] - C:\Program Files\Common files\Services [14/07/2009 05:20:08] - |D| - [608768] - C:\Program Files\Common files\SpeechEngines [14/07/2009 05:20:08] - |D| - [12194291] - C:\Program Files\Common files\System ---------- | Tasks [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [14/07/2009 07:08:49] - |AH| - [6] - C:\Windows\Tasks\SA.DAT [MD5.7E7D840987095D5D78C0957D1A968116] - [14/07/2009 07:08:49] - |A| - [32482] - C:\Windows\Tasks\SCHEDLGU.TXT [MD5.00000000000000000000000000000000] - [24/09/2015 19:25:41] - |D| - [3382] - C:\Windows\System32\Tasks\Apple [MD5.62D99F90ACA51BC4ECC7A33C72A3F8BA] - [09/02/2014 15:22:58] - |A| - [2776] - C:\Windows\System32\Tasks\CCleanerSkipUAC : "C:\Program Files\CCleaner\CCleaner.exe" [MD5.511B3B434A74E67A3737F214B385876A] - [01/02/2017 23:45:50] - |A| - [3062] - C:\Windows\System32\Tasks\D3DGearRawFrameCaptureTask : C:\PROGRA~2\iRacing\D3DGear.exe [MD5.C99296AC0D812A05824840C56D8FB2E1] - [28/03/2011 21:06:56] - |A| - [3374] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.C70FFC0B637303D17A1D4B69FC3347A9] - [28/03/2011 21:06:57] - |A| - [3502] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.AFC8A9FD8C9415482789A0F7FEB8B747] - [06/08/2011 22:17:40] - |A| - [3406] - C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-46996423-4189726589-3081248854-1001Core : C:\Users\Xavier\AppData\Local\Google\Update\GoogleUpdate.exe [MD5.C04420302B4196978251BD0DE3943901] - [06/08/2011 22:17:40] - |A| - [3678] - C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-46996423-4189726589-3081248854-1001UA : C:\Users\Xavier\AppData\Local\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] - [14/07/2009 05:20:13] - |D| - [265794] - C:\Windows\System32\Tasks\Microsoft [MD5.694F80C2ED8C97711CDB104B10961B4A] - [08/01/2017 00:17:08] - |A| - [3788] - C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [MD5.E4893736697B71660EBBBF48476EF6A7] - [08/01/2017 00:16:31] - |A| - [3838] - C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [MD5.85C9B5E21ECC57DA7A824559C55EFB3D] - [08/01/2017 00:16:31] - |A| - [3540] - C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [MD5.8A9A67C318AA98DFC6333ACD3DE673CB] - [08/01/2017 00:16:32] - |A| - [3776] - C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [MD5.B9FF4530337FC494D0E2E1913EB8BE72] - [08/01/2017 00:16:34] - |A| - [3600] - C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [MD5.2F5FED1225014FDBD464FD396FC42773] - [08/01/2017 00:16:33] - |A| - [3838] - C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} : C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [MD5.3021D51F54E82D738666125EFCAAB7C2] - [22/03/2017 13:23:28] - |A| - [3856] - C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1490181808 : C:\Program Files\Opera\launcher.exe [MD5.00000000000000000000000000000000] - [14/07/2009 07:09:57] - |D| - [4478] - C:\Windows\System32\Tasks\WPD [MD5.AEEA51F3759822981A099AF016CB57FA] - [28/03/2011 20:52:20] - |A| - [3218] - C:\Windows\System32\Tasks\{12DA2D3F-3E7F-401B-84C1-54D969D5CF52} : C:\Windows\system32\pcalua.exe [MD5.00000000000000000000000000000000] - [14/07/2009 05:20:14] - |D| - [0] - C:\Windows\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "Netlogon-NamedPipe-In"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "{724598BD-7210-4602-8BBF-8B04D45CC85C}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe|Name=Windows Live Communications Platform|Edge=TRUE| "{A5912A6E-8C6A-4E03-BEDB-2CD40CF8AF95}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=2869|RA4=LocalSubnet|RA6=LocalSubnet|Name=Windows Live Communications Platform (UPnP)| "{5FCF40DD-78F9-4959-8563-BF45AE5710EE}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|Name=Windows Live Communications Platform (SSDP)| "{99FD5ED4-5684-4970-B6A5-7605B3894A77}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe|Name=Windows Live Messenger|Edge=TRUE| "{68972D8C-16B1-4213-BB23-8BA5C5FAF9F4}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Windows Live\Mesh\MOE.exe|Name=Windows Live Mesh|Edge=TRUE| "{0E34C024-F213-429F-A723-159FD3AFCE93}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Ventrilo\Ventrilo.exe|Name=Ventrilo.exe| "{DEFE754A-8596-4B63-B009-3561ACDF412B}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Ventrilo\Ventrilo.exe|Name=Ventrilo.exe| "{AB56F2A2-30C0-479F-846E-10901E3B2C98}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\Xavier\AppData\Roaming\Dropbox\bin\Dropbox.exe|Name=Dropbox| "{4E1C2EBB-5D1A-4A9B-B973-ADAC30E4A872}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\Xavier\AppData\Roaming\Dropbox\bin\Dropbox.exe|Name=Dropbox| "TCP Query User{9B856389-E03E-4668-B9B9-BE6E5407A9C6}C:\users\xavier\appdata\roaming\dropbox\bin\dropbox.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\xavier\appdata\roaming\dropbox\bin\dropbox.exe|Name=dropbox.exe|Desc=dropbox.exe| "UDP Query User{19F5FF5C-91DA-40EB-9425-8B9DFAF322A8}C:\users\xavier\appdata\roaming\dropbox\bin\dropbox.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\xavier\appdata\roaming\dropbox\bin\dropbox.exe|Name=dropbox.exe|Desc=dropbox.exe| "{FC70D29A-47F9-4C59-9E46-94B78009CAD7}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|App=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe|Name=Pando Media Booster| "{AF3469F2-CAB2-499D-98F6-737A08517C6C}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|App=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe|Name=Pando Media Booster| "{4C075A1E-97F5-4F5E-BBCF-0944E380E42F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe|Name=Pando Media Booster| "{E129BAA8-9E7B-4297-B319-EA9731C220B1}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe|Name=Pando Media Booster| "{257E36FE-E420-41AC-80DF-FE001612470E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe|Name=Pando Media Booster|Edge=TRUE| "TCP Query User{7680548B-4222-4603-8A2A-6E859FF621CD}C:\program files (x86)\microsoft games\microsoft flight simulator x\flight one software\ultimate traffic 2\ut2services.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\microsoft games\microsoft flight simulator x\flight one software\ultimate traffic 2\ut2services.exe|Name=UT2Runtime|Desc=UT2Runtime|Defer=User| "UDP Query User{14765D97-4A30-4FCB-9253-273BB1BED35F}C:\program files (x86)\microsoft games\microsoft flight simulator x\flight one software\ultimate traffic 2\ut2services.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\microsoft games\microsoft flight simulator x\flight one software\ultimate traffic 2\ut2services.exe|Name=UT2Runtime|Desc=UT2Runtime|Defer=User| "{65819CDC-6213-4B1D-B786-C073FB160F6A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\Anno4.exe|Name=ANNO 1404 - Gold Edition (Classic)| "{EC79B52A-75EF-44E5-B9A6-72FB16A785F2}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\Anno4.exe|Name=ANNO 1404 - Gold Edition (Classic)| "{6E0D205A-348A-4AAA-A931-86D92C5A1665}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\Addon.exe|Name=ANNO 1404 - Gold Edition (Addon)| "{D26F1586-BCC0-4B10-8F19-A0D91E195067}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\Addon.exe|Name=ANNO 1404 - Gold Edition (Addon)| "{F0CF7B4C-487A-4D1B-9E50-C773A8AB5903}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\tools\Anno4Web.exe|Name=ANNO 1404 Web| "{6CC54453-04D4-432E-B31C-26EC86BFE240}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\tools\Anno4Web.exe|Name=ANNO 1404 Web| "{58F5717C-A7B8-4CB6-AC77-B78C897C0F68}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\tools\AddonWeb.exe|Name=ANNO 1404 - Venise Web| "{0CCB27DB-2487-4086-A98F-F8B0850F8CE6}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\tools\AddonWeb.exe|Name=ANNO 1404 - Venise Web| "{3D8EA18F-E410-494E-87A2-A00DA0BEC831}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\tools\Benchmark.exe|Name=ANNO 1404 - Gold Edition Setup Benchmark| "{0DDED8A9-46CA-4B9D-AD4F-358A938E589B}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Gold Edition\tools\Benchmark.exe|Name=ANNO 1404 - Gold Edition Setup Benchmark| "{DB53CF91-4D9B-4099-BD06-9CDE27E98863}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=808|App=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe|Svc=NetTcpActivator|Name=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2000|Desc=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2001|EmbedCtxt=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2002| "{F9EDBAC2-CD87-47D1-BCFA-5DA3E1AEE094}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{304329F1-8BA5-462B-BE61-F3543C4BB87F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{B89D865F-7F65-4EF1-998D-9BDBD8EE3DBF}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{D60A6261-82FE-45C9-B570-B665E2E33925}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{93FC48C2-EF29-4F33-ABE4-3384750189A0}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Skype\Phone\Skype.exe|Name=Skype| "TCP Query User{DFCA1106-5869-4B0B-B596-B0F972F4AB8A}C:\users\xavier\appdata\local\google\chrome\application\chrome.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\xavier\appdata\local\google\chrome\application\chrome.exe|Name=chrome.exe|Desc=chrome.exe|Defer=User| "UDP Query User{C649433D-8670-41A9-8EF3-1A6B2A4B4164}C:\users\xavier\appdata\local\google\chrome\application\chrome.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\xavier\appdata\local\google\chrome\application\chrome.exe|Name=chrome.exe|Desc=chrome.exe|Defer=User| "{0E3281DD-DA29-4256-B120-2275981FC905}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=47984|LPort=47989|LPort=48010|App=C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe|Name=SHIELD Streaming NSS TCP Exception|Desc=TCP exceptions for SHIELD Streaming NSS (HTTP)| "{03988773-E4AE-4B3F-B4CE-46396F6E84A5}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe|Name=SHIELD Streaming SSAS UDP Exception|Desc=UDP exceptions for SHIELD Streaming SSAS (mDNS)| "{D9403723-EF89-462B-A583-F72A47AD3629}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=47998|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe|Name=SHIELD Streaming SSAU UDP Exception|Desc=UDP exceptions for SHIELD Streaming SSAU (NWT)| "{5CEC5860-37C2-4859-9BA3-67FB63C23FA4}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=35043|LPort=47995|LPort=48010|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe|Name=SHIELD Streaming NvStreamer TCP Exception|Desc=TCP exceptions for SHIELD Streaming NvStreamer (RTSP/RI)| "{5D28331A-FE2B-4109-B447-04D7C19C10B9}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=47995|LPort=47998|LPort=47999|LPort=48000|LPort=48010|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe|Name=SHIELD Streaming NvStreamer UDP Exception|Desc=UDP exceptions for SHIELD Streaming NvStreamer (RTSP/RI/A/V)| "TCP Query User{3C196807-A867-46A6-AB96-CBC2F377130B}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "UDP Query User{FAEB6558-860E-46CF-A278-C964432E3B8E}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "{1F69010C-A7D5-4C2C-8574-B8AA4A4AA215}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files\Opera\44.0.2510.857\opera.exe|Name=Opera Internet Browser (mDNS-In)|Desc=Inbound rule to allow mDNS traffic.|EmbedCtxt=Opera Internet Browser| "TCP Query User{D996B618-D742-4954-955D-C331966120F3}C:\users\xavier\appdata\local\google\chrome\application\chrome.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\xavier\appdata\local\google\chrome\application\chrome.exe|Name=chrome.exe|Desc=chrome.exe| "UDP Query User{3533D0CE-25FA-423B-9BFC-FC2EDC5A2248}C:\users\xavier\appdata\local\google\chrome\application\chrome.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\xavier\appdata\local\google\chrome\application\chrome.exe|Name=chrome.exe|Desc=chrome.exe| "{5537A9C1-E283-4932-9532-A23375BE6308}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe|Name=SimCity™| "{91FA8F7D-68EE-4209-A369-FEB99AFABDB1}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe|Name=SimCity™| [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\standardprofile\authorizedapplications\list] "C:\Users\Xavier\Desktop\AdsFix.exe"=C:\Users\Xavier\Desktop\AdsFix.exe:*:Enabled:AdsFix [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\domainprofile\authorizedapplications\list] "C:\Users\Xavier\Desktop\AdsFix.exe"=C:\Users\Xavier\Desktop\AdsFix.exe:*:Enabled:AdsFix ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{03F52937-1FD6-44FB-82C6-FE988F1B1D61}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{0475BB51-5A02-4EE0-B36C-29040FAD2650}] : (atikmdag) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25DBCE51-6C8F-4A72-8A6D-B54C2B4FC835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4116F60B-25B3-4662-B732-99A6111EDC0B}] : (IPMIDRV) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675D81-502A-4A82-9F84-B75F418C5DEA}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658EE7E-F050-11D1-B6BD-00C04FA372A7}] : (PnpPrinters) [] -> @%systemroot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721B56-6795-11D2-B1A8-0080C72E74A2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49CE6AC8-6F86-11D2-B1E5-0080C72E74A2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E966-E325-11CE-BFC1-08002BE10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}] : (Display) [] -> @DispCI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}] : (MEDIA) [] -> @mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}] : (Monitor) [] -> @Montr_CI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E970-E325-11CE-BFC1-08002BE10318}] : (MTD) [] -> @SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E971-E325-11CE-BFC1-08002BE10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}] : (Net) [] -> @NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E973-E325-11CE-BFC1-08002BE10318}] : (NetClient) [] -> @NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E974-E325-11CE-BFC1-08002BE10318}] : (NetService) [] -> @NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E975-E325-11CE-BFC1-08002BE10318}] : (NetTrans) [] -> @NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E977-E325-11CE-BFC1-08002BE10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E978-E325-11CE-BFC1-08002BE10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E979-E325-11CE-BFC1-08002BE10318}] : (Printer) [] -> @%systemroot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97E-E325-11CE-BFC1-08002BE10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127DC3-0F36-415E-A6CC-4CB3BE910B65}] : (Processor) [] -> @%SystemRoot%\system32\procinst.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906CB8-BA12-11D1-BF5D-0000F805F530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944A-F6B9-4057-A056-8C550228544C}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] : (SmartCardReader) [] -> @StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175D334-C371-4806-B3BA-71FD53C9258D}] : (Sensor) [] -> @%systemroot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{522119B9-1B9A-498A-AC52-148B533EFD50}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53D29EF7-377C-4D14-864B-EB3A85769359}] : (BiometricDevice) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{59F44B03-CCD2-460B-ACD8-53CBF375D174}] : (GEARAspiWDM) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC5-810F-11D0-BEC7-08002BE2092F}] : (Infrared) [] -> @NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC6-810F-11D0-BEC7-08002BE2092F}] : (Image) [] -> @%systemroot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6D807884-7D21-11CF-801C-08002BE10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (atikmdag) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631E54-78A4-11D0-BCF7-00AA00B7B32A}] : (Battery) [] -> @%SystemRoot%\system32\batt.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : (HIDClass) [] -> @hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7EBEFBC0-3200-11D2-B4C2-00A0C9697D07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87C077B2-3D3B-4156-938A-EA51B451D6C6}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ECC055D-047F-11D1-A537-0000F8753ED1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990A2BD7-E738-46C7-B26F-1CF8FB9F1391}] : (SmartCard) [] -> @sccls.dll,-300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{997B5D8D-C442-4F2E-BAF3-9C8E671E9E21}] : (SideShow) [] -> @%systemroot%\system32\AuxiliaryDisplayClassInstaller.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A73C93F1-9727-4D1D-ACE1-0E333BA4E7DB}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{AB4964A5-4361-4899-BA0A-180305F2BF92}] : (aswTdi) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{BC103702-DD72-406F-9B28-95C868337B59}] : (Transfer Cable) [] -> @%SystemRoot%\System32\migwiz\migres.dll,-20 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C06FF265-AE09-48F0-812C-16753D7CBA83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C4A06E97-ED42-47B9-83E1-F12299B286A5}] : (aswRdr) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{CE5939AE-EBDE-11D0-B181-0000F8753EC4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D61CA365-5AF4-4486-998B-9DB4734C6CA3}] : (XnaComposite) [] -> @%SystemRoot%\system32\XInput9_1_0.dll,-1000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{DB4F6DDD-9C0E-45E4-9597-78DBBAD0F412}] : (SmartCardFilter) [] -> @sccls.dll,-301 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E0CBF06C-CD8B-4647-BB8A-263B43F0F974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEC5AD98-8080-425F-922A-DABF3DE3F69A}] : (WPD) [] -> @wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{FB58BE68-EA9E-4803-847F-2CE814E7B159}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [24/03/2011 10:26:04] - (1.0.0.1051) - (Marvell Semiconductor Inc. - Marvell 91xx Confige Device Driver) - C:\Windows\system32\DRIVERS\mv91cons.sys [11/05/2017 18:19:31] - (0.0.0.0) - ( -) - C:\Windows\system32\drivers\mbae64.sys [24/03/2011 10:09:35] - (0.0.0.0) - ( -) - C:\Windows\system32\DRIVERS\AppleCharger.sys [08/01/2017 00:13:42] - (21.21.13.7633) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 376.33) - C:\Windows\system32\DRIVERS\nvlddmkm.sys [10/12/2010 14:50:36] - (2.0.32.0) - (Renesas Electronics Corporation - USB 3.0 Host Controller Driver) - C:\Windows\system32\DRIVERS\nusb3xhc.sys [16/12/2012 18:45:57] - (2.2.3.0) - (GEAR Software Inc. - CD DVD Filter) - C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [08/01/2017 00:13:44] - (3.40.1.0) - (NVIDIA Corporation - NVIDIA Virtual Audio Driver) - C:\Windows\system32\drivers\nvvad64v.sys [10/12/2010 14:50:36] - (2.0.32.0) - (Renesas Electronics Corporation - USB 3.0 Hub Driver) - C:\Windows\system32\DRIVERS\nusb3hub.sys [08/01/2017 00:13:42] - (1.3.34.17) - (NVIDIA Corporation - NVIDIA HDMI Audio Driver) - C:\Windows\system32\drivers\nvhda64v.sys [06/05/2009 03:34:52] - (6.10.0.209) - (Creative Technology Ltd. - Creative High Definition Audio Driver) - C:\Windows\system32\drivers\t3.sys [19/04/2011 20:27:13] - (5.1.2.234) - (Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver) - C:\Windows\System32\ATMFD.DLL [14/07/2009 04:36:07] - (4.3.86.0) - (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. - Macrovision SECURITY Driver) - C:\Windows\System32\Drivers\secdrv.SYS [14/07/2011 17:39:11] - (1.0.0.0) - (Samsung Electronics - Port Contention Driver) - C:\Windows\system32\Drivers\SSPORT.sys ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service R0 - [Kernel Driver] - ACPI (Pilote ACPI Microsoft) -> system32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - amdxata () -> system32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - atapi (Canal IDE) -> system32\drivers\atapi.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\clfs.sys,-100) -> System32\CLFS.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Disk (Pilote de disque) -> system32\drivers\disk.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> system32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msahci () -> system32\drivers\msahci.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msisadrv () -> system32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - mv91cons (Marvell 91xx Config Device Driver) -> system32\DRIVERS\mv91cons.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pci (Pilote de bus PCI) -> system32\drivers\pci.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - spldr (Security Processor Loader Driver) -> (?) - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vdrvroot (Pilote d’énumérateur de lecteur virtuel Microsoft) -> system32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgr (Pilote du Gestionnaire de volume) -> system32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volsnap (Volumes de stockage) -> system32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Wdf01000 (Kernel Mode Driver Frameworks service) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AppleCharger (AppleCharger) -> system32\DRIVERS\AppleCharger.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswRdr (aswRdr) -> (?) - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - aswSnx (aswSnx) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswSP (aswSP) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswTdi (avast! Network Shield Support) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - blbdrive () -> system32\DRIVERS\blbdrive.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cdrom (Pilote de CD-ROM) -> system32\DRIVERS\cdrom.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - DfsC (@%systemroot%\system32\drivers\dfsc.sys,-101) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - discache (@%systemroot%\system32\drivers\discache.sys,-102) -> System32\drivers\discache.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ESProtectionDriver (Malwarebytes Anti-Exploit) -> \??\C:\Windows\system32\drivers\mbae64.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - MpFilter (Microsoft Malware Protection Driver) -> system32\DRIVERS\MpFilter.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - mssmbios (Pilote BIOS de gestion de systèmes Microsoft) -> system32\DRIVERS\mssmbios.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - NetBIOS (NetBIOS Interface) -> system32\DRIVERS\netbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Psched (@%SystemRoot%\System32\drivers\pacer.sys,-101) -> system32\DRIVERS\pacer.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - RDPCDD (@%systemroot%\system32\DRIVERS\RDPCDD.sys,-100) -> System32\DRIVERS\RDPCDD.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - RDPENCDD (@%systemroot%\system32\drivers\RDPENCDD.sys,-101) -> system32\drivers\rdpencdd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - RDPREFMP (@%systemroot%\system32\drivers\RdpRefMp.sys,-101) -> system32\drivers\rdprefmp.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Serial (Pilote de port série) -> system32\DRIVERS\serial.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - TermDD (Pilote de périphérique terminal) -> system32\DRIVERS\termdd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - VgaSave () -> \SystemRoot\System32\drivers\vga.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Wanarpv6 (@%systemroot%\system32\rascfg.dll,-32012) -> system32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - WfpLwf (WFP Lightweight Filter) -> system32\DRIVERS\wfplwf.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - aswFsBlk (aswFsBlk) -> (?) - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - aswMonFlt (aswMonFlt) -> \??\C:\Windows\system32\drivers\aswMonFlt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - lltdio (Link-Layer Topology Discovery Mapper I/O Driver) -> system32\DRIVERS\lltdio.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - MBAMChameleon (MBAMChameleon) -> \SystemRoot\system32\drivers\MBAMChameleon.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rspndr (Link-Layer Topology Discovery Responder) -> system32\DRIVERS\rspndr.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - secdrv (Security Driver) -> (?) - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - SSPORT (SSPORT) -> \??\C:\Windows\system32\Drivers\SSPORT.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True ---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted) [MD5.B09A71E8E1E127455F3A2FE83D38851F] - [27/03/2011 15:16:08] - (.-.) - [1.81 Ko] - (0.0.0.0) - C:\Windows\Syswow64\Drivers\papyjoy.sys ---------- | Uninstall [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\ATR 72 Series for FSX] : (ATR 72 Series for FSX.-.) -> C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Vcolatr72x_uninstal.exe [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\BOB Version 1.1] : (BOB Version 1.1.-.) -> C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Uninstall_Bob [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Boeing 737-800W EAV 2010 for FSX] : (Boeing 737-800W EAV 2010 for FSX.-.) -> C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\SimObjects\Airplanes\Boeing 737-800W EAV 2010 FSX\Uninstal.exe [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Dropbox] : (Dropbox.-.Dropbox, Inc.) -> "C:\Users\Xavier\AppData\Roaming\Dropbox\bin\Uninstall.exe" [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\EA SPORTS Game Face Browser Plugin] : (EA SPORTS Game Face Browser Plugin 1.8.0.0.-.Electronic Arts) -> C:\Users\Xavier\AppData\Roaming\Electronic Arts\Game Face\uninstall.exe [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\ea913c639d7ea423] : (vroute.info.-.vroute) -> rundll32.exe dfshim.dll,ShArpMaintain vroute.info.application, Culture=en, PublicKeyToken=6e4582eba90fbbe6, processorArchitecture=x86 [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\EMBRAER 190-195 REGIONAL JETS X] : (EMBRAER 190-195 REGIONAL JETS X.-.) -> C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Vcolemb190x_uninstal.exe [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Embraer ERJ-145XR EAV 2010 FSX] : (Embraer ERJ-145XR EAV 2010 FSX.-.) -> C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\SimObjects\Airplanes\Embraer ERJ-145XR EAV 2010 FSX\Uninstal.exe [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Epic Victory Build 1.0] : (Epic Victory Build 1.0.-.) -> C:\Users\Xavier\Desktop\EPIC\Epic_Victory_Uninstal.exe [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\FeelThere Phenom 100 LE SP1] : (FeelThere Phenom 100 LE SP1.-.) -> C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Uninstal-ftph100x.exe [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Google Chrome] : (Google Chrome.-.Google Inc.) -> "C:\Users\Xavier\AppData\Local\Google\Chrome\Application\58.0.3029.96\Installer\setup.exe" --uninstall --verbose-logging [HKU\S-1-5-21-46996423-4189726589-3081248854-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\UnityWebPlayer] : (Unity Web Player.-.Unity Technologies ApS) -> C:\Users\Xavier\AppData\Local\Unity\WebPlayer\Uninstall.exe /CurrentUser [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\B70EE4609E28DD33B5E744358133498D3D9737B4] : (Windows Driver Package - Active Mind Technology, Inc. CDM Driver Package - VCP Driver (07/12/2013 2.08.30).-.Active Mind Technology, Inc.) -> C:\PROGRA~1\DIFX\E68C45B250901231\dpinstamd64.exe /u C:\Windows\System32\DriverStore\FileRepository\ftdiport.inf_amd64_neutral_eaf1657550ad5ba6\ftdiport.inf [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CCleaner] : (CCleaner.-.Piriform) -> "C:\Program Files\CCleaner\uninst.exe" ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\E91002B840385A60FA24C1EC4DA6C2135D349B06] : (Windows Driver Package - Active Mind Technology, Inc. CDM Driver Package - Bus/D2XX Driver (07/12/2013 2.08.30).-.Active Mind Technology, Inc.) -> C:\PROGRA~1\DIFX\E68C45B250901231\dpinstamd64.exe /u C:\Windows\System32\DriverStore\FileRepository\ftdibus.inf_amd64_neutral_d74380078e6a0e5a\ftdibus.inf [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 295270] : (Football Manager 2015.-.Sports Interactive) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/295270 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 447020] : (Farming Simulator 17.-.Giants Software) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/447020 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 493340] : (Planet Coaster.-.Frontier Developments) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/493340 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VulkanRT1.0.26.0] : (Vulkan Run Time Libraries 1.0.26.0.-.LunarG, Inc.) -> C:\Program Files (x86)\VulkanRT\1.0.26.0\UninstallVulkanRT.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1E9FC118-651D-4934-97BE-E53CAE5C7D45}] : (Microsoft_VC80_MFCLOC_x86_x64.-.Adobe) -> MsiExec.exe /I{1E9FC118-651D-4934-97BE-E53CAE5C7D45} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{23170F69-40C1-2702-0920-000001000000}] : (7-Zip 9.20 (x64 edition).-.Igor Pavlov) -> MsiExec.exe /I{23170F69-40C1-2702-0920-000001000000} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1] : (Inpaint 6.2.-.Teorex) -> "C:\Program Files\Inpaint\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1] : (Malwarebytes version 3.1.2.1733.-.Malwarebytes) -> "C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe" ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}] : (Microsoft_VC80_CRT_x86_x64.-.Adobe) -> MsiExec.exe /I{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}] : (Bonjour.-.Apple Inc.) -> MsiExec.exe /X{56DDDFB8-7F79-4480-89D5-25E1F52AB28F} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{664FCCAE-8187-4EC5-B191-758C040C999C}_is1] : (PhotoScissors 2.1.-.teorex) -> "C:\Program Files\PhotoScissors\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{81EA6727-EDE1-4C97-B689-56DA6C8BC34F}] : (Logitech Gaming Software 5.07.-.Logitech) -> MsiExec.exe /X{81EA6727-EDE1-4C97-B689-56DA6C8BC34F} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8557397C-A42D-486F-97B3-A2CBC2372593}] : (Microsoft_VC90_ATL_x86_x64.-.Adobe) -> MsiExec.exe /I{8557397C-A42D-486F-97B3-A2CBC2372593} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{88509E20-3936-4D88-A1C0-B274C7BB5151}] : (iTunes.-.Apple Inc.) -> MsiExec.exe /I{88509E20-3936-4D88-A1C0-B274C7BB5151} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{90BF0360-A1DB-4599-A643-95AB90A52C1E}] : (Microsoft_VC90_MFCLOC_x86_x64.-.Adobe) -> MsiExec.exe /I{90BF0360-A1DB-4599-A643-95AB90A52C1E} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{925D058B-564A-443A-B4B2-7E90C6432E55}] : (Microsoft_VC80_ATL_x86_x64.-.Adobe) -> MsiExec.exe /I{925D058B-564A-443A-B4B2-7E90C6432E55} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}] : (Microsoft_VC90_CRT_x86_x64.-.Adobe) -> MsiExec.exe /I{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}] : (Microsoft_VC90_MFC_x86_x64.-.Adobe) -> MsiExec.exe /I{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel] : (Ansel.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision] : (NVIDIA Pilote 3D Vision 376.33.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.3DVision ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel] : (Panneau de configuration NVIDIA 376.33.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver] : (NVIDIA Pilote graphique 376.33.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience] : (NVIDIA GeForce Experience 3.1.2.31.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB] : (NVIDIA Pilote du contrôleur 3D Vision 369.04.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.NVIRUSB [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX] : (NVIDIA Logiciel système PhysX 9.16.0318.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] : (Mises à jour NVIDIA 2.13.0.21.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv] : (SHIELD Streaming.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService] : (NVIDIA Wireless Controller Service.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver] : (NVIDIA Pilote audio HD : 1.3.34.17.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage HDAudio.Driver ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] : (NVIDIA Install Application.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend] : (NVIDIA Backend.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer] : (NVIDIA Container.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem] : (NVIDIA LocalSystem Container.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus] : (NVIDIA Message Bus for NvContainer.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService] : (NVIDIA NetworkService Container.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User] : (NVIDIA User Container.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.UserElevated] : (NVIDIA Elevated User Container.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer] : (NVIDIA Display Container.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS] : (NVIDIA Display Container LS.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs] : (NvNodejs.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog] : (NVIDIA Watchdog Plugin for NvContainer.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry] : (NvTelemetry.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC] : (Nvidia Share.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay] : (NVIDIA ShadowPlay 2.13.0.21.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController] : (SHIELD Wireless Controller Driver.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core] : (NVIDIA Update Core.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver] : (NVIDIA Virtual Audio 3.40.1.-.NVIDIA Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}] : (Microsoft_VC80_MFC_x86_x64.-.Adobe) -> MsiExec.exe /I{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C9C0FE2C-602E-49D7-8C42-5B9E8FF04798}] : (Apple Application Support (64 bits).-.Apple Inc.) -> MsiExec.exe /I{C9C0FE2C-602E-49D7-8C42-5B9E8FF04798} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}] : (Ventrilo Client for Windows x64.-.Flagship Industries, Inc.) -> MsiExec.exe /X{EEB3F6BB-318D-4CE5-989F-8191FCBFB578} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}] : (Apple Mobile Device Support.-.Apple Inc.) -> MsiExec.exe /I{FD244E19-6EFE-4A2D-948A-0D45D4C168BE} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\309E6243-31FB-434E-9FF5-9AFEB1542DAD] : (VAFS5.-.VAFINANCIALS) -> C:\Program Files (x86)\VAFS5\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe AIR] : (Adobe AIR.-.Adobe Systems Incorporated) -> c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX] : (Adobe Flash Player 21 ActiveX.-.Adobe Systems Incorporated) -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_ActiveX.exe -maintain activex [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI] : (Adobe Flash Player 21 NPAPI.-.Adobe Systems Incorporated) -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_Plugin.exe -maintain plugin [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Flash Player PPAPI] : (Adobe Flash Player 25 PPAPI.-.Adobe Systems Incorporated) -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_148_pepper.exe -maintain pepperplugin [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Audacity 1.3 Beta (Unicode)_is1] : (Audacity 1.3.13 (Unicode).-.Audacity Team) -> "C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AudELSvc] : (.-.Creative Technology Limited) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 /remove [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AudioCS] : (Panneau de configuration audio Creative.-.Creative Technology Limited) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x40c /remove [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\CADI] : (.-.Creative Technology Limited) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c /remove [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\CANONIJPLM100] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Carenado Baron 58 FSX] : (Carenado Baron 58 FSX.-.Carenado) -> C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Carenado C208B Grand Caravan] : (Carenado C208B Grand Caravan.-.Carenado) -> C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Carenado C208B Super Cargomaster] : (Carenado C208B Super Cargomaster.-.Carenado) -> C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1] : (Adobe Community Help.-.Adobe Systems Incorporated.) -> msiexec /qb /x {3521BDBD-D453-5D9F-AA55-44B75D214629} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Creative Software AutoUpdate] : (Creative Software AutoUpdate.-.Creative Technology Limited) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x40c /remove [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Creative Sound Blaster Properties x64 Edition] : (Creative Sound Blaster Properties x64 Edition.-.Creative Technology Limited) -> "C:\Program Files (x86)\Creative Installation Information\SBCONTROL64\Setup.exe" /remove /l0x040c [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EMB500 Phenom 100 FSX/P3D] : (EMB500 Phenom 100 FSX/P3D.-.Carenado) -> C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\Uninstall_EM100X.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EZdok Camera for Microsoft Flight Simulator X] : (EZdok Camera for Microsoft Flight Simulator X.-.) -> C:\Program Files (x86)\EZCA\UnEZCA.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\f1mustang_FSX] : (Flight1 Citation Mustang.-.Flight One Software) -> "C:\Windows\Flight1 Citation Mustang\uninstall.exe" "/U:C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\f1mustang_FSX.xml" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\F1UT2] : (Ultimate Traffic.-.Flight One Software) -> "C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\\uninstall_UT2.exe" "/U:C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\F1_UT2.xml" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Ground Environment X North America] : (Ground Environment X North America.-.) -> C:\Program Files (x86)\UninstallNA.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Host OpenAL] : (Host OpenAL.-.Creative Technology Limited) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x40c /remove [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}] : (Renesas Electronics USB 3.0 Host Controller Driver.-.Renesas Electronics Corporation) -> "C:\Program Files (x86)\InstallShield Installation Information\{5442DAB8-7177-49E1-8B22-09A049EA5996}\setup.exe" -runfromtemp -l0x040c -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Florida 001 2.0] : (MegaSceneryEarth Florida 001 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Florida\..\_Uninstall\Uninstall_Florida_001.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Florida 002 2.0] : (MegaSceneryEarth Florida 002 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Florida\..\_Uninstall\Uninstall_Florida_002.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Florida 003 2.0] : (MegaSceneryEarth Florida 003 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Florida\..\_Uninstall\Uninstall_Florida_003.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Florida 004 2.0] : (MegaSceneryEarth Florida 004 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Florida\..\_Uninstall\Uninstall_Florida_004.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Florida 005 2.0] : (MegaSceneryEarth Florida 005 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Florida\..\_Uninstall\Uninstall_Florida_005.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Florida 006 2.0] : (MegaSceneryEarth Florida 006 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Florida\..\_Uninstall\Uninstall_Florida_006.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Florida 007 2.0] : (MegaSceneryEarth Florida 007 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Florida\..\_Uninstall\Uninstall_Florida_007.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Florida 008 2.0] : (MegaSceneryEarth Florida 008 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Florida\..\_Uninstall\Uninstall_Florida_008.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Florida 009 2.0] : (MegaSceneryEarth Florida 009 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Florida\..\_Uninstall\Uninstall_Florida_009.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Florida 010 2.0] : (MegaSceneryEarth Florida 010 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Florida\..\_Uninstall\Uninstall_Florida_010.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Florida 011 2.0] : (MegaSceneryEarth Florida 011 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Florida\..\_Uninstall\Uninstall_Florida_011.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Florida 012 2.0] : (MegaSceneryEarth Florida 012 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Florida\..\_Uninstall\Uninstall_Florida_012.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Florida 013 2.0] : (MegaSceneryEarth Florida 013 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Florida\..\_Uninstall\Uninstall_Florida_013.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Florida 014 2.0] : (MegaSceneryEarth Florida 014 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Florida\..\_Uninstall\Uninstall_Florida_014.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Florida 015 2.0] : (MegaSceneryEarth Florida 015 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Florida\..\_Uninstall\Uninstall_Florida_015.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Florida 016 2.0] : (MegaSceneryEarth Florida 016 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Florida\..\_Uninstall\Uninstall_Florida_016.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Florida 017 2.0] : (MegaSceneryEarth Florida 017 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Florida\..\_Uninstall\Uninstall_Florida_017.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Florida 018 2.0] : (MegaSceneryEarth Florida 018 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Florida\..\_Uninstall\Uninstall_Florida_018.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Florida 019 2.0] : (MegaSceneryEarth Florida 019 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Florida\..\_Uninstall\Uninstall_Florida_019.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Florida 020 2.0] : (MegaSceneryEarth Florida 020 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Florida\..\_Uninstall\Uninstall_Florida_020.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Florida 021 2.0] : (MegaSceneryEarth Florida 021 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Florida\..\_Uninstall\Uninstall_Florida_021.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Florida 022 2.0] : (MegaSceneryEarth Florida 022 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Florida\..\_Uninstall\Uninstall_Florida_022.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Florida 023 2.0] : (MegaSceneryEarth Florida 023 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Florida\..\_Uninstall\Uninstall_Florida_023.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Florida 024 2.0] : (MegaSceneryEarth Florida 024 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Florida\..\_Uninstall\Uninstall_Florida_024.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Florida 025 2.0] : (MegaSceneryEarth Florida 025 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Florida\..\_Uninstall\Uninstall_Florida_025.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Florida Charts 2.0] : (MegaSceneryEarth Florida Charts 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Charts\Florida\..\_Uninstall\Uninstall_Florida_Charts.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Iowa 001 2.0] : (MegaSceneryEarth Iowa 001 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Iowa\..\_Uninstall\Uninstall_Iowa_001.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Iowa 002 2.0] : (MegaSceneryEarth Iowa 002 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Iowa\..\_Uninstall\Uninstall_Iowa_002.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Iowa 003 2.0] : (MegaSceneryEarth Iowa 003 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Iowa\..\_Uninstall\Uninstall_Iowa_003.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Iowa 004 2.0] : (MegaSceneryEarth Iowa 004 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Iowa\..\_Uninstall\Uninstall_Iowa_004.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Iowa 005 2.0] : (MegaSceneryEarth Iowa 005 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Iowa\..\_Uninstall\Uninstall_Iowa_005.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Iowa 006 2.0] : (MegaSceneryEarth Iowa 006 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Iowa\..\_Uninstall\Uninstall_Iowa_006.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Iowa 007 2.0] : (MegaSceneryEarth Iowa 007 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Iowa\..\_Uninstall\Uninstall_Iowa_007.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Iowa 008 2.0] : (MegaSceneryEarth Iowa 008 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Iowa\..\_Uninstall\Uninstall_Iowa_008.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Iowa 009 2.0] : (MegaSceneryEarth Iowa 009 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Iowa\..\_Uninstall\Uninstall_Iowa_009.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Iowa 010 2.0] : (MegaSceneryEarth Iowa 010 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Iowa\..\_Uninstall\Uninstall_Iowa_010.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Iowa 011 2.0] : (MegaSceneryEarth Iowa 011 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Iowa\..\_Uninstall\Uninstall_Iowa_011.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Iowa 012 2.0] : (MegaSceneryEarth Iowa 012 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Iowa\..\_Uninstall\Uninstall_Iowa_012.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Iowa 013 2.0] : (MegaSceneryEarth Iowa 013 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Iowa\..\_Uninstall\Uninstall_Iowa_013.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Iowa 014 2.0] : (MegaSceneryEarth Iowa 014 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Iowa\..\_Uninstall\Uninstall_Iowa_014.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Iowa 015 2.0] : (MegaSceneryEarth Iowa 015 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Iowa\..\_Uninstall\Uninstall_Iowa_015.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Iowa 016 2.0] : (MegaSceneryEarth Iowa 016 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Iowa\..\_Uninstall\Uninstall_Iowa_016.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Iowa 017 2.0] : (MegaSceneryEarth Iowa 017 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Iowa\..\_Uninstall\Uninstall_Iowa_017.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Iowa 018 2.0] : (MegaSceneryEarth Iowa 018 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Iowa\..\_Uninstall\Uninstall_Iowa_018.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Iowa Charts 2.0] : (MegaSceneryEarth Iowa Charts 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Charts\Iowa\..\_Uninstall\Uninstall_Iowa_Charts.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Nebraska 001 2.0] : (MegaSceneryEarth Nebraska 001 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Nebraska\..\_Uninstall\Uninstall_Nebraska_001.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Nebraska 002 2.0] : (MegaSceneryEarth Nebraska 002 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Nebraska\..\_Uninstall\Uninstall_Nebraska_002.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Nebraska 003 2.0] : (MegaSceneryEarth Nebraska 003 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Nebraska\..\_Uninstall\Uninstall_Nebraska_003.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Nebraska 004 2.0] : (MegaSceneryEarth Nebraska 004 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Nebraska\..\_Uninstall\Uninstall_Nebraska_004.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Nebraska 005 2.0] : (MegaSceneryEarth Nebraska 005 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Nebraska\..\_Uninstall\Uninstall_Nebraska_005.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Nebraska 006 2.0] : (MegaSceneryEarth Nebraska 006 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Nebraska\..\_Uninstall\Uninstall_Nebraska_006.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Nebraska 007 2.0] : (MegaSceneryEarth Nebraska 007 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Nebraska\..\_Uninstall\Uninstall_Nebraska_007.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Nebraska 008 2.0] : (MegaSceneryEarth Nebraska 008 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Nebraska\..\_Uninstall\Uninstall_Nebraska_008.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Nebraska 009 2.0] : (MegaSceneryEarth Nebraska 009 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Nebraska\..\_Uninstall\Uninstall_Nebraska_009.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Nebraska 010 2.0] : (MegaSceneryEarth Nebraska 010 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Nebraska\..\_Uninstall\Uninstall_Nebraska_010.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Nebraska 011 2.0] : (MegaSceneryEarth Nebraska 011 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Nebraska\..\_Uninstall\Uninstall_Nebraska_011.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Nebraska 012 2.0] : (MegaSceneryEarth Nebraska 012 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Nebraska\..\_Uninstall\Uninstall_Nebraska_012.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Nebraska 013 2.0] : (MegaSceneryEarth Nebraska 013 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Nebraska\..\_Uninstall\Uninstall_Nebraska_013.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Nebraska 014 2.0] : (MegaSceneryEarth Nebraska 014 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Nebraska\..\_Uninstall\Uninstall_Nebraska_014.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Nebraska 015 2.0] : (MegaSceneryEarth Nebraska 015 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Nebraska\..\_Uninstall\Uninstall_Nebraska_015.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Nebraska 016 2.0] : (MegaSceneryEarth Nebraska 016 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Nebraska\..\_Uninstall\Uninstall_Nebraska_016.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Nebraska 017 2.0] : (MegaSceneryEarth Nebraska 017 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Nebraska\..\_Uninstall\Uninstall_Nebraska_017.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Nebraska 018 2.0] : (MegaSceneryEarth Nebraska 018 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Nebraska\..\_Uninstall\Uninstall_Nebraska_018.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Nebraska 019 2.0] : (MegaSceneryEarth Nebraska 019 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Nebraska\..\_Uninstall\Uninstall_Nebraska_019.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Nebraska 020 2.0] : (MegaSceneryEarth Nebraska 020 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Nebraska\..\_Uninstall\Uninstall_Nebraska_020.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryEarth Nebraska Charts 2.0] : (MegaSceneryEarth Nebraska Charts 2.0.-.MegaSceneryEarth) -> C:\MegaSceneryEarth\Charts\Nebraska\..\_Uninstall\Uninstall_Nebraska_Charts.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryX Las Vegas_is1] : (MegaSceneryX Las Vegas.-.PC Aviator Inc.) -> "C:\megaSceneryX\LasVegas\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MegaSceneryX_is1] : (Southern California.-.PC Aviator Inc.) -> "C:\megaSceneryX\Socal\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Mumble] : (Mumble and Murmur.-.Mumble) -> C:\Program Files (x86)\Mumble\Uninstall.exe ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\NVIDIAStereo] : (NVIDIA Stereoscopic 3D Driver.-.NVIDIA Corporation) -> "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Opera 44.0.2510.857] : (Opera Stable 44.0.2510.857.-.Opera Software) -> "C:\Program Files\Opera\Launcher.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Origin] : (Origin.-.Electronic Arts, Inc.) -> C:\Program Files (x86)\Origin\OriginUninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\PokerAcademy2] : (Poker Academy 2.-.) -> "C:\Program Files (x86)\PokerAcademy2\désinstaller.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\RTMshadow_{3A1EE107-F79B-49FA-83CF-94169E63F25A}] : (Flight Simulator X.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Samsung ML-1865W Series] : (Samsung ML-1865W Series.-.Samsung Electronics Co., Ltd.) -> "C:\Program Files (x86)\Samsung\Samsung ML-1865W Series\Setup\Setup.exe" /R [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SP1shadow_{3A1EE107-F79B-49FA-83CF-94169E63F25A}] : (Service Pack 1 de Flight Simulator X.-.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SP1_9527A496-5DF9-412A-ADC7-168BA5379CA6] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam] : (Steam.-.Valve Corporation) -> C:\Program Files (x86)\Steam\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WinRAR archiver] : (WinRAR 4.00 (32 bits).-.win.rar GmbH) -> C:\Program Files (x86)\WinRAR\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WWA Category 1 Checkride] : (WWA Category 1 Checkride.-.) -> C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\WWACat1Mission2Uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WWA CRJ700 FSX] : (WWA CRJ700 FSX.-.) -> C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\WWACRJ700Uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\ZHPFix_is1] : (ZHPFix 2015.-.Nicolas Coolman) -> "C:\Program Files (x86)\ZHPFix\unins000.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0274D240-4D1D-4FDA-9A36-09F0BECD288F}] : (Adobe AIR.-.Adobe Systems Incorporated) -> MsiExec.exe /I{0274D240-4D1D-4FDA-9A36-09F0BECD288F} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}] : (Microsoft_VC90_ATL_x86.-.Adobe) -> MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{08D2E121-7F6A-43EB-97FD-629B44903403}] : (Microsoft_VC90_CRT_x86.-.Adobe) -> MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1579E963-0C00-4C3E-B813-692629CA4409}] : (GAME GOLF Transfer.-.Active Mind Technology) -> MsiExec.exe /X{1579E963-0C00-4C3E-B813-692629CA4409} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{17E96A7F-AFE3-4171-87B1-583E376319E8}] : (.-.Creative Technology Limited) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x40c [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1A97CF67-FEBB-436E-BD64-431FFEF72EB8}] : (LibreOffice 3.3.-.LibreOffice) -> MsiExec.exe /I{1A97CF67-FEBB-436E-BD64-431FFEF72EB8} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}] : (Minecraft.-.Mojang) -> MsiExec.exe /X{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{20708FD5-E94D-4097-A21E-E28564CDBC06}] : (PMDG 737 8900 NGX.-.PMDG Simulations, LLC.) -> "C:\Program Files (x86)\InstallShield Installation Information\{20708FD5-E94D-4097-A21E-E28564CDBC06}\setup.exe" -runfromtemp -l0x0409 -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216024FF}] : (Java(TM) 6 Update 24.-.Oracle) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216024FF} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3521BDBD-D453-5D9F-AA55-44B75D214629}] : (Adobe Community Help.-.Adobe Systems Incorporated.) -> MsiExec.exe /I{3521BDBD-D453-5D9F-AA55-44B75D214629} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3540ADD5-822B-47FB-B1C2-CD7B2C8E9FEC}] : (Apple Application Support (32 bits).-.Apple Inc.) -> MsiExec.exe /I{3540ADD5-822B-47FB-B1C2-CD7B2C8E9FEC} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}] : (Skype™ 7.33.-.Skype Technologies S.A.) -> MsiExec.exe /X{3B7E914A-93D5-4A29-92BB-AF8C3F66C431} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}] : (ANNO 1404 - Gold Edition.-.Ubisoft) -> "C:\Program Files (x86)\InstallShield Installation Information\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}\setup.exe" -runfromtemp -l0x040c -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3DECD372-76A1-4483-BF10-B547790A3261}] : (ON_OFF Charge B11.0110.1.-.GIGABYTE) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{3DECD372-76A1-4483-BF10-B547790A3261}\setup.exe" -l0x9 -removeonly ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Sun Microsystems, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5442DAB8-7177-49E1-8B22-09A049EA5996}] : (Renesas Electronics USB 3.0 Host Controller Driver.-.Renesas Electronics Corporation) -> MsiExec.exe /X{5442DAB8-7177-49E1-8B22-09A049EA5996} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{57BB4801-61C8-4E74-9672-2160728A461E}] : (Google Earth Plug-in.-.Google) -> MsiExec.exe /I{57BB4801-61C8-4E74-9672-2160728A461E} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}] : (Microsoft_VC90_MFC_x86.-.Adobe) -> MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{700932B3-A964-4878-82A2-96054622A1F7}] : (.-.Creative Technology Limited) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x40c [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}] : (Realtek Ethernet Controller Driver.-.Realtek) -> C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.Exe -runfromtemp -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{88B1984E-36F0-47B8-B8DC-728966807A9C}] : (.-.Creative Technology Limited) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x40c [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9158FF30-78D7-40EF-B83E-451AC5334640}] : (Adobe Photoshop CS5.1.-.Adobe Systems Incorporated) -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{9158FF30-78D7-40EF-B83E-451AC5334640}" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}] : (Microsoft_VC80_CRT_x86.-.Adobe) -> MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{980A182F-E0A2-4A40-94C1-AE0C1235902E}] : (Pando Media Booster.-.Pando Networks Inc.) -> C:\Program Files (x86)\Pando Networks\Media Booster\uninst.exe ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}] : (PDF Settings CS5.-.Adobe Systems Incorporated) -> MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A9FF3B7B-F4BC-4F74-AF6B-BC4925682D3D}] : (aerosoft's - USCitiesX - Chicago.-.aerosoft) -> "C:\Program Files (x86)\InstallShield Installation Information\{A9FF3B7B-F4BC-4F74-AF6B-BC4925682D3D}\setup.exe" -runfromtemp -l0x0409 -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AA9F7D49-5B32-4635-887A-EC0D526D877C}] : (Real Environment Xtreme 2.0.-.Real Environment Simulations, Inc.) -> MsiExec.exe /I{AA9F7D49-5B32-4635-887A-EC0D526D877C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AAEF329E-F353-46C9-933D-24A571986093}] : (.-.Creative Technology Limited) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x40c ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B6D38690-755E-4F40-A35A-23F8BC2B86AC}] : (Microsoft_VC90_MFCLOC_x86.-.Adobe) -> MsiExec.exe /I{B6D38690-755E-4F40-A35A-23F8BC2B86AC} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C9A090AA-AA71-46EE-901E-22A63652BD91}_is1] : (iRacing Setup Sync version 3.0.-.Nick Thissen) -> "C:\Program Files (x86)\iRacing Setup Sync\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CBBB3C80-76F5-42B5-92A6-C4BF84796DCB}] : (iRacing.com Race Simulation.-.iRacing.com Motorsport Simulations) -> C:\Program Files (x86)\InstallShield Installation Information\{CBBB3C80-76F5-42B5-92A6-C4BF84796DCB}\setup.exe -runfromtemp -l0x0009 -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}] : (.-.Creative Technology Limited) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}] : (WinZip 14.5.-.WinZip Computing, S.L.) -> MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D1A19B02-817E-4296-A45B-07853FD74D57}] : (Microsoft_VC80_MFC_x86.-.Adobe) -> MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}] : (Microsoft_VC80_MFCLOC_x86.-.Adobe) -> MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] : (Realtek High Definition Audio Driver.-.Realtek Semiconductor Corp.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F60FBDCF-DEA7-406E-B68D-E8F5464CCD77}] : (AirHauler 2.-.Just Flight) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F60FBDCF-DEA7-406E-B68D-E8F5464CCD77}\Setup.exe" -l0x40c [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}] : (SimCity™.-.Electronic Arts) -> "C:\Program Files (x86)\Common Files\EAInstaller\SimCity\Cleanup.exe" uninstall_game -autologging [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}] : (Apple Software Update.-.Apple Inc.) -> MsiExec.exe /I{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF} ---------- | Ports ---------- | Installer [HKCR\Installer\Products\02E90588639388D41A0C2B477CBB1515] : iTunes -> C:\Windows\Installer\{88509E20-3936-4D88-A1C0-B274C7BB5151}\Installer.ico [HKCR\Installer\Products\042D4720D1D4ADF4A963900FEBDC82F8] : Adobe AIR [HKCR\Installer\Products\1084BB758C1647E46927120627A864E1] : Google Earth Plug-in -> C:\Windows\Installer\{57BB4801-61C8-4E74-9672-2160728A461E}\MainIcon.ico [HKCR\Installer\Products\166F59DC4C5A5F446AAACEDD192C04DB] : WinZip 14.5 [HKCR\Installer\Products\1C4235E6CF4867F4A9A36CE5708FE06E] : Complément Messenger -> C:\Windows\Installer\{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}\CompanionIcon [HKCR\Installer\Products\1F7F1DFF9CA14CB49A8060686D53BAFA] : Apple Software Update -> C:\Windows\Installer\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}\Installer.ico [HKCR\Installer\Products\369E975100C0E3C48B31966292AC4490] : GAME GOLF Transfer [HKCR\Installer\Products\3ACB61C11CBE6F946832F8FB9BCC8C27] : Minecraft -> C:\Windows\Installer\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}\minecraft.ico [HKCR\Installer\Products\4EA42A62D9304AC4784BF238120642FF] : Java(TM) 6 Update 24 [HKCR\Installer\Products\52744B0D6663D294EB6F85A741DBB99D] : MSVCRT_amd64 [HKCR\Installer\Products\5DDA0453B228BF741B2CDCB7C2E8F9CE] : Apple Application Support (32 bits) -> C:\Windows\Installer\{3540ADD5-822B-47FB-B1C2-CD7B2C8E9FEC}\WinInstall.ico [HKCR\Installer\Products\6030E61781384634B8F8C04C9E73B6CA] : Analyseur et SDK MSXML 4.0 SP2 [HKCR\Installer\Products\6116D6C8427B0184F8D20D746E7B6DE8] : Mesh Runtime [HKCR\Installer\Products\7276AE181EDE79C46B9865ADC6B83CF4] : Logitech Gaming Software 5.07 -> C:\Windows\Installer\{81EA6727-EDE1-4C97-B689-56DA6C8BC34F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\76FC79A1BBEFE634DB4634F1EF7FE28B] : LibreOffice 3.3 -> C:\Windows\Installer\{1A97CF67-FEBB-436E-BD64-431FFEF72EB8}\soffice.ico [HKCR\Installer\Products\7BD4C90EC03660F46A13E87A329932FA] : D3DX10 [HKCR\Installer\Products\7E0BA6F1DDC839B4A832AAE92BEFCF4E] : Junk Mail filter update [HKCR\Installer\Products\8BAD244577171E94B822900A94AE9569] : Renesas Electronics USB 3.0 Host Controller Driver -> C:\Windows\Installer\{5442DAB8-7177-49E1-8B22-09A049EA5996}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8BFDDD6597F70844985D521E5FA22BF8] : Bonjour -> C:\Windows\Installer\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}\Bonjour.ico [HKCR\Installer\Products\91E442DFEFE6D2A449A8D0544D1C86EB] : Apple Mobile Device Support -> C:\Windows\Installer\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}\Installer.ico [HKCR\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E] : Google Update Helper [HKCR\Installer\Products\94D7F9AA23B5536488A7CED025D678C7] : Real Environment Xtreme 2.0 [HKCR\Installer\Products\96F071321C0420729002000010000000] : 7-Zip 9.20 (x64 edition) [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\A419E7B35D3992A429BBFAC8F3664C13] : Skype™ 7.33 -> C:\Windows\Installer\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}\SkypeIcon.exe [HKCR\Installer\Products\A6C64DD86500CEF47BA082BB611A1FF1] : MSVCRT [HKCR\Installer\Products\A79EF87A8C0CEC94980DDE5D421A3729] : PDF Settings CS5 [HKCR\Installer\Products\C2EF0C9CE2067D94C824B5E9F80F7489] : Apple Application Support (64 bits) -> C:\Windows\Installer\{C9C0FE2C-602E-49D7-8C42-5B9E8FF04798}\WinInstall.ico [HKCR\Installer\Products\D139E7FE48CDB174D86B8A3385904547] : [HKCR\Installer\Products\DBDB1253354DF9D5AA55447BD5126492] : Adobe Community Help [HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater ---------- | ADS ---------- | Drives Disk: 0 Size=715G Pos MBRndx Type/Name Size Active Hide Start Sector Sectors --- ------ ---------- ---- ------ ---- ------------ ------------ 0 0 07-NTFS 715G Yes No 2,048 465,143,296 ---------- | MBR Windows Version: Windows 7 Home Premium Edition Windows Information: Service Pack 1 (build 7601), 64-bit Base Board Manufacturer: Gigabyte Technology Co., Ltd. BIOS Manufacturer: Award Software International, Inc. System Manufacturer: Gigabyte Technology Co., Ltd. System Product Name: P67A-UD4-B3 Logical Drives Mask: 0x0000000c Analysis of file "C:\QuickDiag\MBR.bin": Windows 7 MBR code detected 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Un problème a empêché l’envoi des données du Programme d’amélioration des services à Microsoft (erreur 80004005). ------------ Un problème a empêché l’envoi des données du Programme d’amélioration des services à Microsoft (erreur 80004005). ------------ Un problème a empêché l’envoi des données du Programme d’amélioration des services à Microsoft (erreur 80004005). ------------ Échec de l’extraction de la liste racine tierce depuis le fichier CAB de mise à jour automatique à : avec l’erreur : Un certificat requis n’est pas dans sa période de validité selon la vérification par rapport à l’horloge système en cours ou le tampon daté dans le fichier signé. . ------------ Un problème a empêché l’envoi des données du Programme d’amélioration des services à Microsoft (erreur 80004005). ------------ Un problème a empêché l’envoi des données du Programme d’amélioration des services à Microsoft (erreur 80004005). ------------ Un problème a empêché l’envoi des données du Programme d’amélioration des services à Microsoft (erreur 80004005). ------------ Un problème a empêché l’envoi des données du Programme d’amélioration des services à Microsoft (erreur 80004005). ------------ Un problème a empêché l’envoi des données du Programme d’amélioration des services à Microsoft (erreur 80004005). ------------ Un problème a empêché l’envoi des données du Programme d’amélioration des services à Microsoft (erreur 80004005). ------------ Impossible d’initialiser l’index. Détails : Le catalogue d’index des contenus est endommagé. (HRESULT : 0xc0041801) (0xc0041801) ------------ Impossible d’initialiser l’application. Contexte : Application Windows Détails : Le catalogue d’index des contenus est endommagé. (HRESULT : 0xc0041801) (0xc0041801) ------------ Impossible d’initialiser l’objet rassembleur. Contexte : Application Windows, Catalogue SystemIndex Détails : Le catalogue d’index des contenus est endommagé. (HRESULT : 0xc0041801) (0xc0041801) ------------ Impossible d’initialiser le plug-in dans . Contexte : Application Windows, Catalogue SystemIndex Détails : Élément introuvable. (HRESULT : 0x80070490) (0x80070490) ------------ Impossible d’initialiser le plug-in dans . Contexte : Application Windows, Catalogue SystemIndex Détails : Le catalogue d’index des contenus est endommagé. (HRESULT : 0xc0041801) (0xc0041801) ------------ Le service Windows Search ne peut pas charger les informations de la banque de propriétés. Contexte : Application Windows, Catalogue SystemIndex Détails : La base de données d’index des contenus est endommagée. (HRESULT : 0xc0041800) (0xc0041800) ------------ Le service de recherche Windows a été arrêté à cause d’un problème avec l’indexeur : The catalog is corrupt. Détails : Le catalogue d’index des contenus est endommagé. (HRESULT : 0xc0041801) (0xc0041801) ------------ Le service de recherche a détecté des fichiers de données endommagés dans l’index {id=4700}. Le service tentera de corriger automatiquement ce problème en recréant l’index. Détails : Le catalogue d’index des contenus est endommagé. (HRESULT : 0xc0041801) (0xc0041801) ------------ ------------ ----------( EOF)---------- - 3808 | 22:46:33