--------------- QuickDiag | g3n-h@ckm@n | V3_01.06.17.1 ---------------

----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 22/06/2017 09:34:02

Updated 01/06/2017 | 06.50 (GMT) by g3n-h@ckm@n
Contact : http://www.sosvirus.net/

Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris
[JHAD (Administrator)] - [JHAD-PC] (S-1-5-21-2265211203-1710933605-3900688500-1000)

System: Microsoft Windows 7 Professionnel - Service Pack 1 - (6.1.7601) -  BuildType: Multiprocessor Free - OSLanguage: 1036 (040c)
System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True
Boot : Microsoft Windows 7 Professionnel |C:\Windows|\Device\Harddisk1\Partition1
Boot : Normal boot
PC: All Series - ASUS - IdNumber: System Serial Number - UUID: 7AC6ECE0-D7DA-11DD-91E5-10C37B6E8189
Processor : X64 - 3997 Mhz - Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
BIOS Date: 06/20/14 14:45:03 Ver: 12.04 - fr|FR|iso8859-1 - American Megatrends Inc. - S/N: System Serial Number - 1204 - ALASKA - 1072009
CoreTemp : 29.8 Celsius

----------| Quick


---------- | SoundDevice

Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0892&SUBSYS_1043860B&REV_1003\4&165326BB&0&0001
NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0042&SUBSYS_10DE1106&REV_1001\5&271819EB&0&0001

---------- | Video

NVIDIA Quadro K420 - Resolution: 1920x1080 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: nvd3dumx.dll,nvwgf2umx.dll,nvwgf2umx.dll,nvd3dum,nvwgf2um,nvwgf2um - PNPDeviceID: PCI\VEN_10DE&DEV_0FF3&SUBSYS_110610DE&REV_A1\4&8F1C284&0&0009 - AdapterCompatibility: NVIDIA - RAM: 1073741824
ASUS Mirror Driver - Resolution: x - Colors: - RefreshRate: -  Bits Per Pixel - DeviceID: VideoController2 - Drivers: - PNPDeviceID: ROOT\DISPLAY\0000 - AdapterCompatibility: ASUSTeK Computer Inc. - RAM: 
Inegrated Video Chipset DeviceName: NVIDIA Quadro K420 - DriverVersion: 10.18.13.6213 - SpecificationVersion: 1025

---------- | Codecs

c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 22016 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 29184 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 24064 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25600 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 81408 -  Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK
c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16384 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 -  Manufacturer: Microsoft Corporation - Status: OK

---------- | CPU

CPU #1 value:0 %
CPU #2 value:0 %
CPU #3 value:0 %
CPU #4 value:24 %
CPU #5 value:0 %
CPU #6 value:12 %
CPU #7 value:100 %
CPU #8 value:81 %
Total Overall CPU Usage value:27 %

---------- | Network

Intel[R] Ethernet Connection [2] I218-V : SENT:0 bytes/sec / RECVD:0 bytes/sec
D-Link DWA-131 Wireless N Nano USB Adapter[rev.B] : SENT:0 bytes/sec / RECVD:0 bytes/sec
Microsoft Virtual WiFi Miniport Adapter : SENT:0 bytes/sec / RECVD:0 bytes/sec
isatap.{3B00134C-DF4F-4A10-8F0D-E2A21C51AA85} : SENT:0 bytes/sec / RECVD:0 bytes/sec
Teredo Tunneling Pseudo-Interface : SENT:0 bytes/sec / RECVD:0 bytes/sec

Overall -> SEND Maxium:27 bytes/sec,  /  RECEIVE Maximum:0 bytes/sec

WAN Miniport (SSTP) - - Microsoft - Status: - PnPID : ROOT\MS_SSTPMINIPORT\0000
WAN Miniport (IKEv2) - - Microsoft - Status: - PnPID : ROOT\MS_AGILEVPNMINIPORT\0000
WAN Miniport (L2TP) - - Microsoft - Status: - PnPID : ROOT\MS_L2TPMINIPORT\0000
WAN Miniport (PPTP) - - Microsoft - Status: - PnPID : ROOT\MS_PPTPMINIPORT\0000
WAN Miniport (PPPOE) - - Microsoft - Status: - PnPID : ROOT\MS_PPPOEMINIPORT\0000
WAN Miniport (IPv6) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANIPV6\0000
WAN Miniport (Network Monitor) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANBH\0000
Intel(R) Ethernet Connection (2) I218-V - Ethernet 802.3 - Intel - Status: - PnPID : PCI\VEN_8086&DEV_15A1&SUBSYS_85C41043&REV_00\3&11583659&0&C8
WAN Miniport (IP) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANIP\0000
Carte Microsoft ISATAP - Tunnel - Microsoft - Status: - PnPID : ROOT\*ISATAP\0000
RAS Async Adapter - Réseau étendu (WAN) - Microsoft - Status: - PnPID : SW\{EEAB7790-C514-11D1-B42B-00805FC1270E}\ASYNCMAC
D-Link DWA-131 Wireless N Nano USB Adapter(rev.B) - Ethernet 802.3 - D-Link Corporation - Status: - PnPID : USB\VID_2001&PID_330D\00E04C000001
Microsoft Virtual WiFi Miniport Adapter - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\6&18688455&0&01
Carte Microsoft 6to4 - Tunnel - Microsoft - Status: - PnPID : ROOT\*6TO4MP\0000
Teredo Tunneling Pseudo-Interface - Tunnel - Microsoft - Status: - PnPID : ROOT\*TEREDO\0000
Remote NDIS based Internet Sharing Device - - - Status: - PnPID : 

---------- | Memory

RAM = Total (MB) : 16719 | Free (MB) : 13089
Pagefile = Total (MB) : 33436 | Free (MB) : 29545
Virtual = Total (MB) : 4194 | Free (MB) : 4011

Physical Memory 0 : Capacity: 8589934592 - DIMM_A1 - Posit.: - Manufacturer: 1315 - PartNumber: BLS8G3D1609DS1S00. - S/N: A10E12CB
Physical Memory 2 : Capacity: 8589934592 - DIMM_B1 - Posit.: - Manufacturer: 1315 - PartNumber: BLS8G3D1609DS1S00. - S/N: AD028614

---------- | SID Users

Administrateur : [S-1-5-21-2265211203-1710933605-3900688500-500]
Invité : [S-1-5-21-2265211203-1710933605-3900688500-501]
JHAD : [S-1-5-21-2265211203-1710933605-3900688500-1000]
Administrateurs : [S-1-5-32-544]
Duplicateurs : [S-1-5-32-552]
IIS_IUSRS : [S-1-5-32-568]
Invités : [S-1-5-32-546]
Lecteurs des journaux d’événements : [S-1-5-32-573]
Opérateurs de chiffrement : [S-1-5-32-569]
Opérateurs de configuration réseau : [S-1-5-32-556]
Opérateurs de sauvegarde : [S-1-5-32-551]
Utilisateurs : [S-1-5-32-545]
Utilisateurs avec pouvoir : [S-1-5-32-547]
Utilisateurs de l’Analyseur de performances : [S-1-5-32-558]
Utilisateurs du Bureau à distance : [S-1-5-32-555]
Utilisateurs du journal de performances : [S-1-5-32-559]
Utilisateurs du modèle COM distribué : [S-1-5-32-562]

---------- | SystemAccounts

Name: Tout le monde - SID: S-1-1-0 - SIDType: 5 - Status: OK
Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK
Name: CREATEUR PROPRIETAIRE - SID: S-1-3-0 - SIDType: 5 - Status: OK
Name: GROUPE CREATEUR - SID: S-1-3-1 - SIDType: 5 - Status: OK
Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK
Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK
Name: DROITS DU PROPRIÉTAIRE - SID: S-1-3-4 - SIDType: 5 - Status: OK
Name: LIGNE - SID: S-1-5-1 - SIDType: 5 - Status: OK
Name: RESEAU - SID: S-1-5-2 - SIDType: 5 - Status: OK
Name: TACHE - SID: S-1-5-3 - SIDType: 5 - Status: OK
Name: INTERACTIF - SID: S-1-5-4 - SIDType: 5 - Status: OK
Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK
Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK
Name: Proxy - SID: S-1-5-8 - SIDType: 5 - Status: OK
Name: Système - SID: S-1-5-18 - SIDType: 5 - Status: OK
Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK
Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK
Name: Utilisateurs authentifiés - SID: S-1-5-11 - SIDType: 5 - Status: OK
Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK
Name: UTILISATEUR TERMINAL SERVER - SID: S-1-5-13 - SIDType: 5 - Status: OK
Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK
Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK
Name: SERVICE LOCAL - SID: S-1-5-19 - SIDType: 5 - Status: OK
Name: SERVICE RÉSEAU - SID: S-1-5-20 - SIDType: 5 - Status: OK
Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK

---------- | Drives

B:\ -> [Fixed] | [Disque local] | Total : 119.14 Go | Free : 72.1 Go -> NTFS (SSD) [SATA]
C:\ -> [Fixed] | [] | Total : 119.24 Go | Free : 17.13 Go -> NTFS (SSD) [SATA]

Disk Usage Information [2 total Physical Disks]

Physical Drive #0 [B:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec 
Physical Drive #1 [C:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec 

Overall - Read Maximum:0 bytes/sec, Write Maximum:0 bytes/sec

DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 2 Part. - PnPID : SCSI\DISK&VEN_SAMSUNG&PROD_SSD_840_PRO_SERI\4&268C595A&0&000000
DeviceID: \\.\PHYSICALDRIVE1 - Status: OK - IDE - Fixed hard disk media - 1 Part. - PnPID : SCSI\DISK&VEN_SAMSUNG&PROD_SSD_840_PRO_SERI\4&268C595A&0&010000

---------- | Windows updates

Last detection : 2016-12-13 09:46:02
Downloaded last ones : 2017-05-14 13:14:59
Installed last ones : 2017-05-14 13:38:19
Next search : 2017-06-22 07:17:11

Test 1 : Windows Is Activated

---------- | Browsers

IE : 11.0.9600.18523     (© Microsoft Corporation. Tous droits réservés.)
FF : 54.0.0.6368     (©Firefox and Mozilla Developers; available under the MPL 2 license.)

Default : "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url ""

---------- | FlashPlayer

FlashPlayer Plugin : 26.0.0.131

---------- | Security

FW : WINDOWS Firewall
WMI : OK
WU: Windows Update Service [Auto(2)] = Running
AS: Windows Defender [Manual(3)] = stopped
WMI: Windows Management Instrumentation [Auto(2)] = Running



---------- | Running processes

396 | [Owner : Système | Parent : 4(System) | 1.47 Mo] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (6.1.7601.23569) = C:\Windows\System32\smss.exe     [13/11/2016 20:25:17]    CPU Usage:0 %
584 | [Owner : Système | Parent : 496() | 5.7 Mo] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe     [14/07/2009 01:19:49]    CPU Usage:0 %
688 | [Owner : Système | Parent : 496() | 5.16 Mo] - (.Microsoft Corporation - Application de démarrage de Windows.) - (6.1.7600.16385) = C:\Windows\System32\wininit.exe     [14/07/2009 01:52:37]    CPU Usage:0 %
712 | [Owner : Système | Parent : 696() | 16.65 Mo] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe     [14/07/2009 01:19:49]    CPU Usage:0 %
752 | [Owner : Système | Parent : 688(wininit.exe) | 10.09 Mo] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (6.1.7601.18829) = C:\Windows\System32\services.exe     [20/05/2015 15:34:54]    CPU Usage:0 %
780 | [Owner : Système | Parent : 688(wininit.exe) | 13.32 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7601.23571) = C:\Windows\System32\lsass.exe     [13/11/2016 20:25:17]    CPU Usage:0 %
796 | [Owner : Système | Parent : 688(wininit.exe) | 4.99 Mo] - (.Microsoft Corporation - Service du gestionnaire de session locale.) - (6.1.7601.17514) = C:\Windows\System32\lsm.exe     [21/11/2010 05:23:53]    CPU Usage:0 %
804 | [Owner : Système | Parent : 696() | 9.11 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (6.1.7601.18540) = C:\Windows\System32\winlogon.exe     [10/11/2014 21:46:09]    CPU Usage:0 %
916 | [Owner : Système | Parent : 752(services.exe) | 11.84 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
1000 | [Owner : Système | Parent : 752(services.exe) | 8.81 Mo] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 362.13.) - (8.17.13.6213) = C:\Windows\System32\nvvsvc.exe     [25/07/2015 14:53:54]    CPU Usage:0 %
192 | [Owner : Système | Parent : 752(services.exe) | 5.75 Mo] - (.-.) - (2.25.0.0) = C:\Windows\System32\nvwmi64.exe     [25/07/2015 14:54:20]    CPU Usage:0 %
176 | [Owner : Système | Parent : 752(services.exe) | 6.18 Mo] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - (7.17.13.6213) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe     [07/12/2016 19:12:50]    CPU Usage:0 %
592 | [Owner : SERVICE RÉSEAU | Parent : 752(services.exe) | 10.43 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
700 | [Owner : Système | Parent : 752(services.exe) | 5.24 Mo] - (.AMD - AMD External Events Service Module.) - (6.14.11.1137) = C:\Windows\System32\atiesrxx.exe     [19/12/2012 21:56:00]    CPU Usage:0 %
1040 | [Owner : SERVICE LOCAL | Parent : 752(services.exe) | 21.64 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
1084 | [Owner : Système | Parent : 752(services.exe) | 23.34 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
1132 | [Owner : SERVICE LOCAL | Parent : 752(services.exe) | 16.32 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
1164 | [Owner : Système | Parent : 752(services.exe) | 213.18 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:13 %
1400 | [Owner : Système | Parent : 700(atiesrxx.exe) | 7.84 Mo] - (.AMD - AMD External Events Client Module.) - (6.14.11.1137) = C:\Windows\System32\atieclxx.exe     [19/12/2012 21:56:46]    CPU Usage:0 %
1412 | [Owner : SERVICE RÉSEAU | Parent : 752(services.exe) | 18.84 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
1500 | [Owner : Système | Parent : 1000(nvvsvc.exe) | 24.28 Mo] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.6213) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe     [25/07/2015 14:53:54]    CPU Usage:0 %
1512 | [Owner : Système | Parent : 1000(nvvsvc.exe) | 14.91 Mo] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 362.13.) - (8.17.13.6213) = C:\Windows\System32\nvvsvc.exe     [25/07/2015 14:53:54]    CPU Usage:0 %
1524 | [Owner : Système | Parent : 192(nvwmi64.exe) | 13.34 Mo] - (.-.) - (2.25.0.0) = C:\Windows\System32\nvwmi64.exe     [25/07/2015 14:54:20]    CPU Usage:0 %
1660 | [Owner : Système | Parent : 752(services.exe) | 173.62 Mo] - (.AVAST Software - Avast Service.) - (17.4.3482.0) = C:\Program Files\AVAST Software\Avast\AvastSvc.exe     [11/05/2017 13:56:38]    CPU Usage:0 %
1932 | [Owner : Système | Parent : 752(services.exe) | 19.13 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.17514) = C:\Windows\System32\spoolsv.exe     [21/11/2010 05:24:27]    CPU Usage:0 %
1984 | [Owner : SERVICE LOCAL | Parent : 752(services.exe) | 17.98 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
1360 | [Owner : Système | Parent : 752(services.exe) | 4.26 Mo] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.22.5037) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe     [25/04/2017 09:12:12]    CPU Usage:0 %
1832 | [Owner : Système | Parent : 752(services.exe) | 11.74 Mo] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe     [09/11/2014 19:43:23]    CPU Usage:0 %
1996 | [Owner : Système | Parent : 752(services.exe) | 8.48 Mo] - (.ASUSTeK Computer Inc. -.) - (0.1.0.19) = C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe     [28/01/2014 05:16:08]    CPU Usage:0 %
2064 | [Owner : Système | Parent : 752(services.exe) | 4.3 Mo] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe     [09/11/2014 19:54:48]    CPU Usage:0 %
2088 | [Owner : Système | Parent : 752(services.exe) | 7.83 Mo] - (.ASUSTeK Computer Inc. - ASUS Motherboard Fan Control Service.) - (1.0.1.4) = C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.01\AsusFanControlService.exe     [09/11/2014 19:54:38]    CPU Usage:0 %
2120 | [Owner : Système | Parent : 752(services.exe) | 7.13 Mo] - (.Apple Inc. - Bonjour Service.) - (3.0.0.10) = C:\Program Files\Bonjour\mDNSResponder.exe     [30/08/2011 23:05:32]    CPU Usage:0 %
2144 | [Owner : Système | Parent : 752(services.exe) | 10.51 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
2184 | [Owner : Système | Parent : 752(services.exe) | 6.68 Mo] - (.DTS, Inc - DTS Audio Service.) - (2.1.1.0) = C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe     [17/01/2015 12:03:47]    CPU Usage:0 %
2232 | [Owner : Système | Parent : 752(services.exe) | 13.11 Mo] - (.Hewlett-Packard Company -.) - (1.0.0.7399) = C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe     [17/10/2011 15:51:54]    CPU Usage:0 %
2304 | [Owner : Système | Parent : 752(services.exe) | 7.29 Mo] - (.HP - HP LaserJet Service.) - (9.33.905.0) = C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe     [04/12/2012 10:52:22]    CPU Usage:0 %
2344 | [Owner : Système | Parent : 752(services.exe) | 7.04 Mo] - (.Intel Corporation - Intel® PROSet Monitoring Service.) - (19.1.43.0) = C:\Windows\System32\IPROSetMonitor.exe     [11/03/2014 17:31:58]    CPU Usage:0 %
2468 | [Owner : SERVICE LOCAL | Parent : 752(services.exe) | 6.35 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
2508 | [Owner : Système | Parent : 752(services.exe) | 5.17 Mo] - (.Clarus, Inc. - SZDrvSvc.) - (1.0.172.0) = C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe     [07/12/2015 15:55:45]    CPU Usage:0 %
2588 | [Owner : Système | Parent : 752(services.exe) | 8.12 Mo] - (.- WlanSvc Application.) - (1.0.0.4) = C:\Program Files (x86)\D-Link\DWA-131\WlanWpsSvc.exe     [10/11/2014 21:16:49]    CPU Usage:0 %
2812 | [Owner : Système | Parent : 752(services.exe) | 62.67 Mo] - (.-.) - (1.0.2.9) = C:\Program Files (x86)\Würth Bemessung\Würth Update\WuerthUpdateService.exe     [17/01/2017 16:35:55]    CPU Usage:0 %
3044 | [Owner : Système | Parent : 752(services.exe) | 42.08 Mo] - (.Malwarebytes - Malwarebytes Service.) - (3.1.0.479) = C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe     [20/05/2017 18:42:22]    CPU Usage:0 %
3880 | [Owner : SERVICE LOCAL | Parent : 1084(svchost.exe) | 5.47 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (6.2.9200.16384) = C:\Windows\System32\WUDFHost.exe     [09/11/2014 19:43:20]    CPU Usage:0 %
4060 | [Owner : SERVICE RÉSEAU | Parent : 916(svchost.exe) | 22.28 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\System32\wbem\WmiPrvSE.exe     [21/11/2010 05:24:15]    CPU Usage:0 %
4216 | [Owner : JHAD | Parent : 752(services.exe) | 13.19 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe     [10/11/2014 21:45:31]    CPU Usage:0 %
4264 | [Owner : JHAD | Parent : 1164(svchost.exe) | 7.52 Mo] - (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe     [21/11/2010 05:24:27]    CPU Usage:0 %
4392 | [Owner : JHAD | Parent : 1084(svchost.exe) | 7.3 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (6.1.7600.16385) = C:\Windows\System32\dwm.exe     [14/07/2009 01:37:38]    CPU Usage:0 %
4452 | [Owner : JHAD | Parent : 4264(taskeng.exe) | 16.74 Mo] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe     [17/01/2015 12:19:04]    CPU Usage:0 %
4472 | [Owner : JHAD | Parent : 4264(taskeng.exe) | 11.42 Mo] - (.ASUSTeK Computer Inc. - ASUS WiFi GO! Server.) - (1.0.0.1) = C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe     [17/01/2015 12:19:34]    CPU Usage:0 %
4500 | [Owner : JHAD | Parent : 4264(taskeng.exe) | 13.02 Mo] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe     [17/01/2015 12:19:21]    CPU Usage:0 %
4516 | [Owner : JHAD | Parent : 4264(taskeng.exe) | 16.76 Mo] - (.ASUSTeK Computer Inc. -.) - (1.0.0.0) = C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe     [17/01/2015 12:18:40]    CPU Usage:0 %
4580 | [Owner : JHAD | Parent : 4364() | 81.52 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.17514) = C:\Windows\explorer.exe     [21/11/2010 05:24:11]    CPU Usage:0 %
4832 | [Owner : JHAD | Parent : 4580(explorer.exe) | 12 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.370) = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe     [17/01/2015 12:03:51]    CPU Usage:0 %
4844 | [Owner : JHAD | Parent : 4580(explorer.exe) | 12.62 Mo] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.192) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe     [17/01/2015 12:03:50]    CPU Usage:0 %
4996 | [Owner : JHAD | Parent : 4580(explorer.exe) | 18.7 Mo] - (.Malwarebytes - Malwarebytes Tray Application.) - (3.0.0.1068) = C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe     [20/05/2017 18:42:21]    CPU Usage:0 %
5116 | [Owner : JHAD | Parent : 4972() | 27.92 Mo] - (.AVAST Software - Avast Antivirus.) - (17.4.3482.0) = C:\Program Files\AVAST Software\Avast\AvastUI.exe     [11/05/2017 13:56:40]    CPU Usage:0 %
3748 | [Owner : JHAD | Parent : 4580(explorer.exe) | 13.94 Mo] - (.Microsoft Corporation - Pense-bête.) - (6.1.7600.16385) = C:\Windows\System32\StikyNot.exe     [14/07/2009 01:57:57]    CPU Usage:0 %
4744 | [Owner : JHAD | Parent : 4528() | 6.17 Mo] - (.Intel Corporation - iusb3mon.) - (3.0.0.16) = C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe     [10/11/2014 00:12:57]    CPU Usage:0 %
4380 | [Owner : JHAD | Parent : 4580(explorer.exe) | 74.62 Mo] - (.Dassault Systèmes SolidWorks Corp. - SldWorks_fs.) - (23.5.0.81) = C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldworks_fs.exe     [11/11/2015 20:03:52]    CPU Usage:0 %
1672 | [Owner : JHAD | Parent : 4528() | 6.16 Mo] - (.NEC Electronics Corporation - USB 3.0 Monitor.) - (1.0.18.0) = C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe     [20/11/2009 20:17:54]    CPU Usage:0 %
4176 | [Owner : JHAD | Parent : 4580(explorer.exe) | 6.64 Mo] - (.Clarus, Inc. - ABRTMon.) - (1.0.172.0) = C:\Program Files (x86)\Clarus\Samsung Drive Manager\ABRTMon.exe     [07/12/2015 15:55:45]    CPU Usage:0 %
4120 | [Owner : JHAD | Parent : 4528() | 8.57 Mo] - (.Hewlett-Packard Company - HPStatusAlerts.) - (70.40.169.0) = C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe     [18/04/2013 06:57:32]    CPU Usage:0 %
1236 | [Owner : JHAD | Parent : 4528() | 4.42 Mo] - (.Hewlett-Packard - hpwuSchd Application.) - (80.1.1.0) = C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe     [30/05/2013 14:50:10]    CPU Usage:0 %
1092 | [Owner : JHAD | Parent : 4528() | 62.34 Mo] - (.Clarus, Inc. - Samsung Drive Manager.) - (1.0.172.0) = C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe     [07/12/2015 15:55:45]    CPU Usage:0 %
4788 | [Owner : JHAD | Parent : 4580(explorer.exe) | 76.29 Mo] - (.Dassault Systèmes SolidWorks Corp. - SldWorks_fs.) - (24.5.0.58) = C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS (2)\sldworks_fs.exe     [13/10/2016 13:55:38]    CPU Usage:0 %
2732 | [Owner : JHAD | Parent : 4528() | 6.1 Mo] - (.Oracle Corporation - Java Update Scheduler.) - (2.8.131.11) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe     [15/03/2017 02:43:06]    CPU Usage:0 %
4140 | [Owner : JHAD | Parent : 4580(explorer.exe) | 78.91 Mo] - (.Dassault Systèmes SolidWorks Corp. - SldWorks_fs.) - (25.1.0.49) = C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS (3)\sldworks_fs.exe     [23/11/2016 20:58:54]    CPU Usage:0 %
1288 | [Owner : JHAD | Parent : 4580(explorer.exe) | 15.57 Mo] - (.D-Link Corp. - D-Link WLAN Application.) - (5.14.132.0) = C:\Program Files (x86)\D-Link\DWA-131\wirelesscm.exe     [10/11/2014 21:16:49]    CPU Usage:0 %
5308 | [Owner : JHAD | Parent : 4480() | 8.44 Mo] - (.ASUSTeK Computer Inc. - USB 3.0 Boost Service.) - (1.0.1.3) = C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe     [17/01/2015 12:19:53]    CPU Usage:0 %
5492 | [Owner : JHAD | Parent : 4376() | 16.72 Mo] - (.Piriform Ltd - CCleaner.) - (5.1.0.5075) = C:\Program Files\CCleaner\CCleaner64.exe     [12/12/2014 19:21:24]    CPU Usage:0 %
5540 | [Owner : JHAD | Parent : 4472(PushNotifyServer.exe) | 13.15 Mo] - (.-.) - (1.0.0.4) = C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe     [17/01/2015 12:19:33]    CPU Usage:0 %
5580 | [Owner : JHAD | Parent : 4472(PushNotifyServer.exe) | 16.68 Mo] - (.- PushNotify_PCCtrl.) - (1.0.0.0) = C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe     [17/01/2015 12:19:34]    CPU Usage:0 %
5888 | [Owner : Système | Parent : 752(services.exe) | 5.76 Mo] - (.Intel Corporation - Intel(R) Integrated Clock Controller Service - Intel(R) ICCS.) - (1.0.0.1) = C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe     [09/11/2014 19:54:23]    CPU Usage:0 %
5728 | [Owner : JHAD | Parent : 4516(AISuite3.exe) | 14.52 Mo] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\ASUS\AI Suite III\AsusMiniBar.exe     [17/01/2015 12:18:41]    CPU Usage:0 %
5352 | [Owner : JHAD | Parent : 4264(taskeng.exe) | 16.82 Mo] - (.Samsung Electronics Co. Ltd. - Samsung Magician.) - (5.1.0.1120) = C:\Program Files (x86)\Samsung Magician\SamsungMagician.exe     [08/06/2017 09:24:48]    CPU Usage:0 %
6052 | [Owner : SERVICE RÉSEAU | Parent : 916(svchost.exe) | 18.78 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe     [21/11/2010 05:24:27]    CPU Usage:0 %
6064 | [Owner : Système | Parent : 752(services.exe) | 67.35 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7600.16385) = C:\Windows\System32\SearchIndexer.exe     [14/07/2009 02:32:27]    CPU Usage:0 %
5360 | [Owner : Système | Parent : 6064(SearchIndexer.exe) | 18.56 Mo] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.7600.16385) = C:\Windows\System32\SearchProtocolHost.exe     [14/07/2009 02:30:48]    CPU Usage:0 %
4188 | [Owner : JHAD | Parent : 4580(explorer.exe) | 435.88 Mo] - (.Mozilla Corporation - Firefox.) - (54.0.0.6368) = C:\Program Files (x86)\Mozilla Firefox\firefox.exe     [18/11/2016 11:18:44]    CPU Usage:0 %
5384 | [Owner : JHAD | Parent : 4188(firefox.exe) | 89.6 Mo] - (.Mozilla Corporation - Firefox.) - (54.0.0.6368) = C:\Program Files (x86)\Mozilla Firefox\firefox.exe     [18/11/2016 11:18:44]    CPU Usage:0 %
3340 | [Owner : JHAD | Parent : 4188(firefox.exe) | 186.3 Mo] - (.Mozilla Corporation - Firefox.) - (54.0.0.6368) = C:\Program Files (x86)\Mozilla Firefox\firefox.exe     [18/11/2016 11:18:44]    CPU Usage:0 %
6848 | [Owner : JHAD | Parent : 4708() | 30.86 Mo] - (.Intel Corporation - IAStorIcon.) - (13.0.3.1001) = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe     [11/04/2014 10:31:06]    CPU Usage:0 %
6944 | [Owner : SERVICE LOCAL | Parent : 752(services.exe) | 6.49 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
6412 | [Owner : Système | Parent : 752(services.exe) | 47.5 Mo] - (.Intel Corporation - IAStorDataSvc.) - (13.0.3.1001) = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe     [11/04/2014 10:31:04]    CPU Usage:0 %
4388 | [Owner : Système | Parent : 752(services.exe) | 5.26 Mo] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (10.0.0.1180) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe     [20/03/2014 12:43:02]    CPU Usage:0 %
6620 | [Owner : Système | Parent : 752(services.exe) | 11 Mo] - (.Intel Corporation - Intel(R) Local Management Service.) - (10.0.0.1180) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe     [20/03/2014 12:43:04]    CPU Usage:0 %
6572 | [Owner : Système | Parent : 752(services.exe) | 5.74 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
1328 | [Owner : SERVICE LOCAL | Parent : 1040(svchost.exe) | ?????] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (6.1.7601.23471) = C:\Windows\System32\audiodg.exe     [12/10/2016 20:05:55]    CPU Usage:0 %
3272 | [Owner : JHAD | Parent : 4580(explorer.exe) | 32.55 Mo] - (.SosVirus - QuickDiag.) - (1.6.17.1) = C:\Users\JHAD\Desktop\QuickDiag(1).exe     [22/06/2017 09:33:23]    CPU Usage:0 %
3572 | [Owner : Système | Parent : 916(svchost.exe) | 7.3 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\System32\wbem\WmiPrvSE.exe     [21/11/2010 05:24:15]    CPU Usage:0 %
2860 | [Owner : SERVICE RÉSEAU | Parent : 752(services.exe) | 13.27 Mo] - (.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) - (6.1.7601.17514) = C:\Windows\System32\sppsvc.exe     [21/11/2010 05:23:56]    CPU Usage:0 %

---------- | MD5

[MD5.AC4C51EB24AA95B77F705AB159189E24] - [21/11/2010 05:24:11] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [2805 Ko] - (6.1.7601.17514) : C:\Windows\Explorer.exe
[MD5.5746BD7E255DD6A8AFA06F7C42C1BA41] - [21/11/2010 05:23:55] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [337 Ko] - (6.1.7601.17514) : C:\Windows\System32\cmd.exe
[MD5.60C2862B4BF0FD9F582EF344C2B1EC72] - [14/07/2009 01:19:49] - (.© Microsoft Corporation. Tous droits réservés. - Processus d’exécution client-serveur.) - [7.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\csrss.exe
[MD5.A8EDB86FC2A4D6D1285E4C70384AC35A] - [14/07/2009 01:59:17] - (.© Microsoft Corporation. - COM Surrogate.) - [9.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\dllhost.exe
[MD5.BBCAD604A848F959CCF81ECBDC8BB8C4] - [13/11/2016 20:25:17] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [1136 Ko] - (6.1.7601.23569) : C:\Windows\System32\Kernel32.dll
[MD5.92DAF7D21711117B007608CB50FBD2E2] - [13/11/2016 20:25:17] - (.© Microsoft Corporation. - Local Security Authority Process.) - [30 Ko] - (6.1.7601.23571) : C:\Windows\System32\lsass.exe
[MD5.5C627D1B1138676C0A7AB2C2C190D123] - [21/11/2010 05:24:01] - (.© Microsoft Corporation. - Distributed COM Services.) - [500 Ko] - (6.1.7601.17514) : C:\Windows\System32\rpcss.dll
[MD5.DD81D91FF3B0763C392422865C9AC12E] - [14/07/2009 01:57:20] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [44.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\rundll32.exe
[MD5.71C85477DF9347FE8E7BC55768473FCA] - [20/05/2015 15:34:54] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [321 Ko] - (6.1.7601.18829) : C:\Windows\System32\services.exe
[MD5.C78655BC80301D76ED4FEF1C1EA40A7D] - [14/07/2009 01:31:13] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [26.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\svchost.exe
[MD5.8F4B991E7837E8E0F90C856659456652] - [14/09/2016 22:35:26] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l’API uilisateur de Windows multi-utilisateurs.) - [985.5 Ko] - (6.1.7601.23528) : C:\Windows\System32\user32.dll
[MD5.BAFE84E637BF7388C96EF48D4D3FDD53] - [21/11/2010 05:24:28] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Userinit.) - [30 Ko] - (6.1.7601.17514) : C:\Windows\System32\userinit.exe
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - [14/07/2009 01:52:37] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [126 Ko] - (6.1.7600.16385) : C:\Windows\System32\Wininit.exe
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - [10/11/2014 21:46:09] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Windows.) - [444.5 Ko] - (6.1.7601.18540) : C:\Windows\System32\Winlogon.exe
[MD5.9A4A1EEE802BF2F878EE8EAB407B21B7] - [11/11/2015 11:14:15] - (.© Microsoft Corporation. Tous droits réservés. - Ancillary Function Driver for WinSock.) - [486 Ko] - (6.1.7601.19031) : C:\Windows\System32\Drivers\afd.sys
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - [14/07/2009 01:19:47] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [23.56 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\atapi.sys
[MD5.A34FE1E025E88798E746F484956C0720] - [21/11/2010 05:23:47] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [151.88 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\ataport.sys
[MD5.B8BD2BB284668C84865658C77574381A] - [14/07/2009 01:19:47] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [90 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\cdfs.sys
[MD5.F036CE71586E93D94DAB220D7BDF4416] - [21/11/2010 05:23:47] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [144 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\cdrom.sys
[MD5.9B38580063D281A99E68EF5813022A5F] - [12/10/2016 20:05:55] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [104 Ko] - (6.1.7601.23542) : C:\Windows\System32\Drivers\dfsc.sys
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - [21/11/2010 05:23:47] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [119.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\hdaudbus.sys
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - [14/07/2009 01:19:58] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [103 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\i8042prt.sys
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - [14/07/2009 02:10:03] - (.© Microsoft Corporation. - IP Network Address Translator.) - [113.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\ipnat.sys
[MD5.25F918BB5D57C99FFEB0255143D0DF9A] - [13/11/2016 20:25:17] - (.© Microsoft Corporation. - Windows NT SMB Minirdr.) - [156 Ko] - (6.1.7601.23571) : C:\Windows\System32\Drivers\mrxsmb.sys
[MD5.F7309F42555F8AAB7144A51A1F2585B0] - [11/11/2015 11:14:14] - (.© Microsoft Corporation. Tous droits réservés. - Pilote NDIS 6.20.) - [928.44 Ko] - (6.1.7601.19030) : C:\Windows\System32\Drivers\ndis.sys
[MD5.E47D571FEC2C76E867935109AB2A770C] - [15/06/2016 17:21:22] - (.© Microsoft Corporation. - MBT Transport driver.) - [256 Ko] - (6.1.7601.23451) : C:\Windows\System32\Drivers\netbt.sys
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - [10/11/2014 21:46:16] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [1617.85 Ko] - (6.1.7601.18127) : C:\Windows\System32\Drivers\ntfs.sys
[MD5.0086431C29C35BE1DBC43F52CC273887] - [14/07/2009 02:00:41] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [95 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\parport.sys
[MD5.471815800AE33E6F1C32FB1B97C490CA] - [21/11/2010 05:24:33] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [126.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\rasl2tp.sys
[MD5.1B6163C503398B23FF8B939C67747683] - [21/11/2010 05:25:07] - (.© Microsoft Corporation. - Microsoft RDP Device redirector.) - [162 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\rdpdr.sys
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - [14/07/2009 02:09:09] - (.© Microsoft Corporation. - SMB Transport driver.) - [91 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\smb.sys
[MD5.04ADD18EE5CC9FBEDAEC1DD1CD0CB45E] - [10/11/2014 21:45:52] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [1858.94 Ko] - (6.1.7601.18438) : C:\Windows\System32\Drivers\tcpip.sys
[MD5.AA77EB517D2F07A947294F260E3ACA83] - [11/11/2015 11:14:15] - (.© Microsoft Corporation. - TDI Translation Driver.) - [115.5 Ko] - (6.1.7601.19031) : C:\Windows\System32\Drivers\tdx.sys
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - [21/11/2010 05:23:47] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de cliché instantané du volume.) - [288.88 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\volsnap.sys

---------- | Locked Applications


---------- | Explorer.exe component call (Microsoft Files Whitelisted)

(.AVAST Software s.r.o..-.Hook Library.) - (17.4.3.1767) -- C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll
(.AVAST Software.-.Avast Shell Extension.) - (17.4.3482.0) -- C:\Program Files\AVAST Software\Avast\ashShA64.dll
(.NVIDIA Corporation.-.NVIDIA NVAPI Library, Version 362.13.) - (10.18.13.6213) -- C:\Windows\system32\nvapi64.dll
(.NVIDIA Corporation.-.NVIDIA Display Shell Extension.) - (1.2.0.1) -- C:\Windows\system32\nvshext.dll
(..-..) - (6.14.10.14700) -- C:\Program Files\NVIDIA Corporation\nview\nvshell.dll
(.Malwarebytes.-.Malwarebytes.) - (3.0.0.26) -- C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll
(.Igor Pavlov.-.7-Zip Shell Extension.) - (16.4.0.0) -- C:\Program Files\7-Zip\7-zip.dll
(.NVIDIA Corporation.-.NVIDIA Shell Extensions.) - (8.17.13.6213) -- C:\Windows\system32\nv3dappshext.dll

---------- | Svchost.exe component call (Microsoft Files Whitelisted)

(.Apple Inc..-.Bonjour Namespace Provider.) - (3.0.0.10) -- C:\Program Files\Bonjour\mdnsNSP.dll
(.AVAST Software s.r.o..-.Hook Library.) - (17.4.3.1767) -- C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll

---------- | ZeroAccess Check

[HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll
[HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll
[HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll

---------- | Startings up

Sidebar - (%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL
Sidebar - (%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU
CCleaner Monitoring - ("C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\SOFTWARE\...\Run]) - User: JHAD-PC\JHAD
Google Update - (C:\Users\JHAD\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\SOFTWARE\...\Run]) - User: JHAD-PC\JHAD
RESTART_STICKY_NOTES - (C:\Windows\System32\StikyNot.exe [HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\SOFTWARE\...\Run]) - User: JHAD-PC\JHAD
Lancement rapide de SOLIDWORKS 2015 - (C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe  [Common Startup]) - User: Public
Samsung Drive Manager Real-Time - (C:\PROGRA~2\Clarus\SAMSUN~1\ABRTMon.exe  [Common Startup]) - User: Public
SOLIDWORKS 2016 Démarrage rapide - (C:\Windows\Installer\{768F3B65-1695-47B7-9002-B11400CB111D}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe  [Common Startup]) - User: Public
SOLIDWORKS 2017 Démarrage rapide - (C:\Windows\Installer\{BB965FD0-077F-4CA4-BFD1-39FFEFF15770}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe  [Common Startup]) - User: Public
Téléchargement en arrière-plan de SOLIDWORKS - (C:\PROGRA~2\COMMON~1\GESTIO~1\BACKGR~1\SLDBGD~1.EXE /launch_from 0 [Common Startup]) - User: Public
Wireless Connection Manager - (C:\PROGRA~2\D-Link\DWA-131\WIRELE~1.EXE  [Common Startup]) - User: Public
IAStorIcon - ("C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 [HKLM\SOFTWARE\...\Run]) - User: Public
RTHDVCPL - ("C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s [HKLM\SOFTWARE\...\Run]) - User: Public
RtHDVBg_DTS - ("C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /DTSU2P [HKLM\SOFTWARE\...\Run]) - User: Public
nwiz - ("C:\Program Files\NVIDIA Corporation\nview\nwiz.exe" /installquiet [HKLM\SOFTWARE\...\Run]) - User: Public
AvastUI.exe - ("C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui [HKLM\SOFTWARE\...\Run]) - User: Public
Malwarebytes TrayApp - (C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [HKLM\SOFTWARE\...\Run]) - User: Public

[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Microsoft\Command Processor]
"CompletionChar"=9   
"DefaultColor"=0   
"EnableExtensions"=1   
"PathCompletionChar"=9   

[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR   
"Google Update"=C:\Users\JHAD\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe   [30/04/2017 15:38:10]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe   [14/07/2009 01:57:57]

[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"UserSelectedDefault"=1   
"Device"=PDFCreator,winspool,Ne01:   

[HKLM\Software\Microsoft\Command Processor]
"CompletionChar"=64   
"DefaultColor"=0   
"EnableExtensions"=1   
"PathCompletionChar"=64   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60   
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s   
"RtHDVBg_DTS"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /DTSU2P   
"nwiz"="C:\Program Files\NVIDIA Corporation\nview\nwiz.exe" /installquiet   
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui   
"Malwarebytes TrayApp"=C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe   [20/05/2017 18:42:21]

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"IconServiceLib"=IconCodecService.dll   
"DdeSendTimeout"=0   
"DesktopHeapLogging"=1   
"GDIProcessHandleQuota"=10000   
"ShutdownWarningDialogTimeout"=4294967295   
"USERNestedWindowLimit"=50   
"USERPostMessageLimit"=10000   
"USERProcessHandleQuota"=10000   
""=mnmsrvc   
"DeviceNotSelectedTimeout"=15   
"Spooler"=yes   
"TransmissionRetryTimeout"=90   
"AppInit_DLLs"=   
"LoadAppInit_DLLs"=0   

[HKLM\Software\WOW6432Node\Microsoft\Command Processor]
"CompletionChar"=64   
"DefaultColor"=0   
"EnableExtensions"=1   
"PathCompletionChar"=64   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"   
"NUSB3MON"="C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"   
"StatusAlerts"="C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on   
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe   [30/05/2013 14:50:10]
""=   
"Clarus Drive Manager"=C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe -Hide   
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows]
"IconServiceLib"=IconCodecService.dll   
"DdeSendTimeout"=0   
"DesktopHeapLogging"=1   
"GDIProcessHandleQuota"=10000   
"ShutdownWarningDialogTimeout"=4294967295   
"USERNestedWindowLimit"=50   
"USERPostMessageLimit"=10000   
"USERProcessHandleQuota"=10000   
""=mnmsrvc   
"DeviceNotSelectedTimeout"=15   
"Spooler"=yes   
"TransmissionRetryTimeout"=90   
"AppInit_DLLs"=   
"LoadAppInit_DLLs"=0   

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED}   


---------- | Win.ini : 



---------- | System.ini : 



---------- | Tasks List

Adobe Acrobat Update Task
Adobe Flash Player Updater
Avast Emergency Update
CCleanerSkipUAC
G2MUpdateTask-S-1-5-21-2265211203-1710933605-3900688500-1000
GoogleUpdateTaskUserS-1-5-21-2265211203-1710933605-3900688500-1000Core
GoogleUpdateTaskUserS-1-5-21-2265211203-1710933605-3900688500-1000UA
IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
SafeZone scheduled Autoupdate 1458052557
SamsungMagician

---------- | Startings up registry ¦ Folder


---------- | Other keys


[HKLM\System\CurrentControlSet\Control\SecurityProviders]
"SecurityProviders"=credssp.dll   

[HKLM\System\CurrentControlSet\Control\Terminal Server]
"RCDependentServices"=CertPropSvc
SessionEnv   
"NotificationTimeOut"=0   
"SnapshotMonitors"=1   
"ProductVersion"=5.1   
"AllowRemoteRPC"=0   
"DelayConMgrTimeout"=0   
"fDenyTSConnections"=1   
"StartRCM"=0   
"TSAdvertise"=0   
"DeleteTempDirsOnExit"=1   
"fSingleSessionPerUser"=1   
"PerSessionTempDir"=0   
"TSUserEnabled"=0   
"InstanceID"=410b0bcf-8eac-4d52-a22a-38d3d54   
"fCredentialLessLogonSupported"=1   
"fCredentialLessLogonSupportedTSS"=1   
"fCredentialLessLogonSupportedKMRDP"=1   

[HKLM\System\CurrentControlSet\Control\Session Manager]
"CriticalSectionTimeout"=2592000   
"GlobalFlag"=0   
"HeapDeCommitFreeBlockThreshold"=0   
"HeapDeCommitTotalFreeThreshold"=0   
"HeapSegmentCommit"=0   
"HeapSegmentReserve"=0   
"ProcessorControl"=2   
"ResourceTimeoutCount"=648000   
"BootExecute"=autocheck autochk *   
"ExcludeFromKnownDlls"=   
"ObjectDirectories"=\Windows
\RPC Control   
"ProtectionMode"=1   
"NumberOfInitialSessions"=2   
"SetupExecute"=   

[HKLM\System\CurrentControlSet\Control]
"PreshutdownOrder"=wuauserv
gpsvc
trustedinstaller   
"WaitToKillServiceTimeout"=200   
"CurrentUser"=USERNAME   
"BootDriverFlags"=0   
"ServiceControlManagerExtension"=%systemroot%\system32\scext.dll   
"SystemStartOptions"= NOEXECUTE=OPTIN   
"SystemBootDevice"=multi(0)disk(0)rdisk(1)partition(1)   
"FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1)   

[HKLM\System\CurrentControlSet\Control\lsa]
"auditbaseobjects"=0   
"auditbasedirectories"=0   
"crashonauditfail"=0   
"fullprivilegeauditing"=0x00   
"Bounds"=0x0030000000200000   
"LimitBlankPasswordUse"=1   
"NoLmHash"=1   
"Notification Packages"=scecli   
"Security Packages"=kerberos
msv1_0
schannel
wdigest
tspkg
pku2u   
"Authentication Packages"=msv1_0   
"LsaPid"=780   
"SecureBoot"=1   
"ProductType"=6   
"disabledomaincreds"=0   
"everyoneincludesanonymous"=0   
"forceguest"=0   
"restrictanonymous"=0   
"restrictanonymoussam"=1   


---------- | .LNK with Arguments


---------- | AppCertDlls


---------- | Dnsapi.dll

C:\Windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts
C:\Windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts

---------- | Policies | Registry

[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Control Panel\Desktop]
"ScreenSaveActive"=1   
"ActiveWndTrackTimeout"=0   
"BlockSendInputResets"=0   
"CaretWidth"=1   
"ClickLockTime"=1200   
"CoolSwitchColumns"=7   
"CoolSwitchRows"=3   
"CursorBlinkRate"=530   
"DockMoving"=1   
"DragFromMaximize"=1   
"DragFullWindows"=1   
"DragHeight"=4   
"DragWidth"=4   
"FocusBorderHeight"=1   
"FocusBorderWidth"=1   
"FontSmoothing"=2   
"FontSmoothingGamma"=0   
"FontSmoothingOrientation"=1   
"FontSmoothingType"=2   
"ForegroundFlashCount"=7   
"ForegroundLockTimeout"=200000   
"LeftOverlapChars"=3   
"MenuShowDelay"=400   
"PaintDesktopVersion"=0   
"Pattern"=0   
"RightOverlapChars"=3   
"SnapSizing"=1   
"TileWallpaper"=0   
"WallpaperOriginX"=0   
"WallpaperOriginY"=0   
"WallpaperStyle"=0   
"WheelScrollChars"=3   
"WheelScrollLines"=3   
"WindowArrangementActive"=1   
"UserPreferencesMask"=0x9E3E078012000000   
"Wallpaper"=C:\Users\JHAD\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg   [09/11/2014 19:07:15]
"LogPixels"=120   
"WaitToKillAppTimeout"=200   

[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=0   

[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Microsoft\Windows\CurrentVersion\Explorer]
"ExplorerStartupTraceRecorded"=1   
"ShellState"=0x240000003028000000000000000000000000000001000000120000000000000022000000   
"CleanShutdown"=0   
"link"=0x1E000000   
"Browse For Folder Width"=518   
"Browse For Folder Height"=740   

[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Start_SearchFiles"=2   
"ServerAdminUI"=0   
"Hidden"=2   
"ShowCompColor"=1   
"HideFileExt"=1   
"DontPrettyPath"=0   
"ShowInfoTip"=1   
"HideIcons"=0   
"MapNetDrvBtn"=0   
"WebView"=1   
"Filter"=0   
"SuperHidden"=0   
"SeparateProcess"=0   
"AutoCheckSelect"=0   
"IconsOnly"=0   
"ShowTypeOverlay"=1   
"ListviewAlphaSelect"=1   
"ListviewShadow"=1   
"TaskbarAnimations"=1   
"StartMenuInit"=4   
"Start_ShowMyGames"=1   
"TaskbarSizeMove"=1   
"ShellViewReentered"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5   
"ConsentPromptBehaviorUser"=3   
"EnableInstallerDetection"=1   
"EnableLUA"=1   
"EnableSecureUIAPaths"=1   
"EnableUIADesktopToggle"=0   
"EnableVirtualization"=1   
"PromptOnSecureDesktop"=0   
"ValidateAdminCodeSignatures"=0   
"dontdisplaylastusername"=0   
"legalnoticecaption"=   
"legalnoticetext"=   
"scforceoption"=0   
"shutdownwithoutlogon"=1   
"undockwithoutlogon"=1   
"FilterAdministratorToken"=0   
"SoftwareSASGeneration"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoActiveDesktop"=1   
"NoActiveDesktopChanges"=1   
"ForceActiveDesktopOn"=0   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop]
"NoAddingComponents"=1   
"NoComponents"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
"{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1   
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1   
"{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1   
"{871C5380-42A0-1069-A2EA-08002B30309D}"=1   
"{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1   
"{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1   
"{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1   
"{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu]
"{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced   
"Text"=@shell32.dll,-30500   
"Type"=radio   
"CheckedValue"=1   
"ValueName"=Hidden   
"DefaultValue"=2   
"HKeyRoot"=2147483649   
"HelpID"=shell.hlp#51105   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer]
"ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed}   
"BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd}   
"GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}   
"LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff}   
"FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7}   
"IconUnderline"=2   
"GlobalAssocChangedCounter"=23   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"TaskbarSizeMove"=0   

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations]
"Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5   
"ConsentPromptBehaviorUser"=3   
"EnableInstallerDetection"=1   
"EnableLUA"=1   
"EnableSecureUIAPaths"=1   
"EnableUIADesktopToggle"=0   
"EnableVirtualization"=1   
"PromptOnSecureDesktop"=0   
"ValidateAdminCodeSignatures"=0   
"dontdisplaylastusername"=0   
"legalnoticecaption"=   
"legalnoticetext"=   
"scforceoption"=0   
"shutdownwithoutlogon"=1   
"undockwithoutlogon"=1   
"FilterAdministratorToken"=0   
"SoftwareSASGeneration"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoActiveDesktop"=1   
"NoActiveDesktopChanges"=1   
"ForceActiveDesktopOn"=0   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop]
"NoAddingComponents"=1   
"NoComponents"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
"{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1   
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1   
"{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1   
"{871C5380-42A0-1069-A2EA-08002B30309D}"=1   
"{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1   
"{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1   
"{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1   
"{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu]
"{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced   
"Text"=@shell32.dll,-30500   
"Type"=radio   
"CheckedValue"=1   
"ValueName"=Hidden   
"DefaultValue"=2   
"HKeyRoot"=2147483649   
"HelpID"=shell.hlp#51105   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer]
"ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed}   
"BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd}   
"GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}   
"LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff}   
"FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7}   
"IconUnderline"=2   
"GlobalAssocChangedCounter"=211   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"TaskbarSizeMove"=0   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations]
"Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s   


---------- | Winlogon 

[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin   
"BuildNumber"=7601   
"FirstLogon"=0   
"ParseAutoexec"=1   

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"ReportBootOk"=1   
"Shell"=explorer.exe   
"PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16}   
"Userinit"=C:\Windows\system32\userinit.exe,   
"VMApplet"=SystemPropertiesPerformance.exe /pagefile   
"AutoRestartShell"=1   
"Background"=0 0 0   
"CachedLogonsCount"=10   
"DebugServerCommand"=no   
"ForceUnlockLogon"=0   
"LegalNoticeCaption"=   
"LegalNoticeText"=   
"PasswordExpiryWarning"=5   
"PowerdownAfterShutdown"=0   
"ShutdownWithoutLogon"=0   
"WinStationsDisabled"=0   
"DisableCAD"=1   
"scremoveoption"=0   
"ShutdownFlags"=43   
"AutoAdminLogon"=0   
"DefaultUserName"=JHAD   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon]
"ReportBootOk"=1   
"Shell"=explorer.exe   
"PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16}   
"DefaultDomainName"=   
"DefaultUserName"=   
"Userinit"=userinit.exe,   
"VMApplet"=SystemPropertiesPerformance.exe /pagefile   


---------- | Associations

[HKLM\Software\Classes\.exe]
""=exefile   
"Content Type"=application/x-msdownload   

[HKLM\Software\Classes\exefile\Shell\Open\Command]
""="%1" %*   
"IsolatedCommand"="%1" %*   

[HKLM\Software\Classes\.com]
""=comfile   

[HKLM\Software\Classes\comfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.reg]
""=regfile   

[HKLM\Software\Classes\regfile\Shell\Open\Command]
""=regedit.exe "%1"   

[HKLM\Software\Classes\.scr]
""=scrfile   

[HKLM\Software\Classes\scrfile\Shell\Open\Command]
""="%1" /S   

[HKLM\Software\Classes\.bat]
""=batfile   

[HKLM\Software\Classes\batfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.cmd]
""=cmdfile   

[HKLM\Software\Classes\cmdfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.pif]
""=piffile   

[HKLM\Software\Classes\piffile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.inf]
""=inffile   

[HKLM\Software\Classes\inffile\Shell\Open\Command]
""=%SystemRoot%\system32\NOTEPAD.EXE %1   

[HKLM\Software\Classes\.url]
""=InternetShortcut   

[HKLM\Software\Classes\.lnk]
""=lnkfile   

[HKLM\Software\Classes\.hta]
"PerceivedType"=text   
""=htafile   
"Content Type"=application/hta   

[HKLM\Software\Classes\htafile\Shell\Open\Command]
""=C:\Windows\SysWOW64\mshta.exe "%1" %*   

[HKLM\Software\Classes\InternetShortcut]
"NeverShowExt"=   
"InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"EditFlags"=2   
"FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"IsShortcut"=   
"FriendlyTypeName"=@C:\Windows\system32\ieframe.dll,-10046   
"PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment   
""=Raccourci Internet   

[HKLM\Software\Classes\Application.Manifest]
""=Application Manifest   
"EditFlags"=65536   
"BrowserFlags"=4096   
"FriendlyTypeName"=@dfshim.dll,-200   

[HKLM\Software\Classes\Application.Reference]
"NeverShowExt"=   
""=Application Reference   
"IsShortcut"=   
"EditFlags"=131072   
"FriendlyTypeName"=@dfshim.dll,-201   

[HKLM\Software\Classes\Folder]
"ContentViewModeLayoutPatternForBrowse"=delta   
"ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified   
"ContentViewModeLayoutPatternForSearch"=alpha   
"ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay   
""=Folder   
"EditFlags"=0xD2030000   
"FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size   
"NoRecentDocs"=   
"ThumbnailCutoff"=0   
"TileInfo"=prop:System.Title;System.ItemTypeText   

[HKLM\Software\WOW6432Node\Classes\.exe]
""=exefile   
"Content Type"=application/x-msdownload   

[HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command]
""="%1" %*   
"IsolatedCommand"="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.com]
""=comfile   

[HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.reg]
""=regfile   

[HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command]
""=regedit.exe "%1"   

[HKLM\Software\WOW6432Node\Classes\.scr]
""=scrfile   

[HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command]
""="%1" /S   

[HKLM\Software\WOW6432Node\Classes\.bat]
""=batfile   

[HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.cmd]
""=cmdfile   

[HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.pif]
""=piffile   

[HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.inf]
""=inffile   

[HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command]
""=%SystemRoot%\system32\NOTEPAD.EXE %1   

[HKLM\Software\WOW6432Node\Classes\.url]
""=InternetShortcut   

[HKLM\Software\WOW6432Node\Classes\.lnk]
""=lnkfile   

[HKLM\Software\WOW6432Node\Classes\.hta]
"PerceivedType"=text   
""=htafile   
"Content Type"=application/hta   

[HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command]
""=C:\Windows\SysWOW64\mshta.exe "%1" %*   

[HKLM\Software\WOW6432Node\Classes\InternetShortcut]
"NeverShowExt"=   
"InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"EditFlags"=2   
"FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"IsShortcut"=   
"FriendlyTypeName"=@C:\Windows\system32\ieframe.dll,-10046   
"PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment   
""=Raccourci Internet   

[HKLM\Software\WOW6432Node\Classes\Application.Manifest]
""=Application Manifest   
"EditFlags"=65536   
"BrowserFlags"=4096   
"FriendlyTypeName"=@dfshim.dll,-200   

[HKLM\Software\WOW6432Node\Classes\Application.Reference]
"NeverShowExt"=   
""=Application Reference   
"IsShortcut"=   
"EditFlags"=131072   
"FriendlyTypeName"=@dfshim.dll,-201   

[HKLM\Software\WOW6432Node\Classes\Folder]
"ContentViewModeLayoutPatternForBrowse"=delta   
"ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified   
"ContentViewModeLayoutPatternForSearch"=alpha   
"ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay   
""=Folder   
"EditFlags"=0xD2030000   
"FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size   
"NoRecentDocs"=   
"ThumbnailCutoff"=0   
"TileInfo"=prop:System.Title;System.ItemTypeText   

[HKLM\Software\Clients\StartMenuInternet\Chromium.T7HC2FVN6F2WX32P4SWZ2PTLUQ\Shell\open\Command]
""="C:\Users\JHAD\AppData\Local\Chromium\Application\chrome.exe"   
[HKLM\Software\Clients\StartMenuInternet\Chromium.T7HC2FVN6F2WX32P4SWZ2PTLUQ\InstallInfo]
"ReinstallCommand"="C:\Users\JHAD\AppData\Local\Chromium\Application\chrome.exe" --make-default-browser

[HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command]
""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe"   
[HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo]
"ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal

[HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command]
""=C:\Program Files (x86)\Internet Explorer\iexplore.exe   [13/11/2016 20:25:18]
[HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo]
"ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall

[HKLM\Software\Clients\StartMenuInternet\SafeZoneStable\Shell\open\Command]
""="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe"   
[HKLM\Software\Clients\StartMenuInternet\SafeZoneStable\InstallInfo]
"ReinstallCommand"="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" --makedefaultbrowser

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Chromium.T7HC2FVN6F2WX32P4SWZ2PTLUQ\Shell\open\Command]
""="C:\Users\JHAD\AppData\Local\Chromium\Application\chrome.exe"   
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Chromium.T7HC2FVN6F2WX32P4SWZ2PTLUQ\InstallInfo]
"ReinstallCommand"="C:\Users\JHAD\AppData\Local\Chromium\Application\chrome.exe" --make-default-browser

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command]
""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe"   
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo]
"ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command]
""=C:\Program Files (x86)\Internet Explorer\iexplore.exe   [13/11/2016 20:25:18]
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo]
"ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\SafeZoneStable\Shell\open\Command]
""="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe"   
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\SafeZoneStable\InstallInfo]
"ReinstallCommand"="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" --makedefaultbrowser


---------- | AppcompatFlags

[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]
"SIGN.MEDIA=3CC51D0 .\Bin\ASSETUP.exe"=1
"SIGN.MEDIA=7CD6F4 Magician Software\Samsung_Magician_Setup_v4.0.exe"=1
"SIGN.MEDIA=66D4ED6 Setup.exe"=1
"SIGN.MEDIA=5A99D6 DVDSetup.exe"=1
"SIGN.MEDIA=1FA3ED setup.exe"=1
"SIGN.MEDIA=1259A514 Drivers\MEI\Install\SetupME.exe"=1
"SIGN.MEDIA=125A3DC8 Drivers\RAID\IRST\Install\Driver\SetupRST.exe"=1
"SIGN.MEDIA=646F4 driversQUADRO\Vista_64\setup.exe"=1
"C:\Program Files (x86)\rdm6\install.exe"=1
"SIGN.MEDIA=22C52419 Autorun.exe"=1
"C:\Program Files (x86)\GanttProject-2.7\ganttproject.exe"=1
"SIGN.IE=017F1868 SolidWorksSetup.exe"=1
"C:\Program Files (x86)\Clarus\Samsung Drive Manager\XUpdate.exe"=1
"B:\Telechargement\antimalwaresetup.exe"=1
"B:\Telechargement\mb3-setup-consumer-3.1.2.1733-1.0.122-1.0.1976.exe"=1
"C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe"=2
"c:\program files\solidworks corp\solidworks (2)\photoview\photoview360.exe"=512

[HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]
"C:\Program Files\AVAST Software\SZBrowser\Launcher.exe"=32


---------- | IFEO


---------- | Mountpoints2

[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{c34709f3-8fa4-11e6-adee-10c37b6e8189}] : E:\iStudio.exe     (AutoRun)
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{e1150cc8-686b-11e4-a7d0-806e6f6e6963}] : D:\.\Bin\ASSETUP.exe     (AutoRun)

---------- | Windows

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows]
"MouseSpeed"=#USR:Control Panel\Mouse   
"MouseThreshold1"=#USR:Control Panel\Mouse   
"MouseThreshold2"=#USR:Control Panel\Mouse   
"SwapMouseButtons"=#USR:Control Panel\Mouse   
"Beep"=#USR:Control Panel\Sound   
"DoubleClickSpeed"=#USR:Control Panel\Mouse   
"CoolSwitch"=USR:Control Panel\Desktop   
"DoubleClickHeight"=#USR:Control Panel\Mouse   
"DoubleClickWidth"=#USR:Control Panel\Mouse   
"DragFullWindows"=USR:Control Panel\Desktop   
"InitialKeyboardIndicators"=USR:Control Panel\Keyboard   
"LowPowerActive"=#USR:Control Panel\Desktop   
"LowPowerTimeOut"=#USR:Control Panel\Desktop   
"PowerOffActive"=#USR:Control Panel\Desktop   
"PowerOffTimeOut"=#USR:Control Panel\Desktop   
"ScreenSaveActive"=#USR:Control Panel\Desktop   
"ScreenSaveTimeOut"=#USR:Control Panel\Desktop   
"SnapToDefaultButton"=#USR:Control Panel\Mouse   
""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows   
"Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows   
"TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW   
"APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]
""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot   
"ScreenSaverActive"=USR:Control Panel\Desktop   
"ScreenSaverIsSecure"=USR:Control Panel\Desktop   
"SCRNSAVE.EXE"=USR:Control Panel\Desktop   
"Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows]
"MouseSpeed"=#USR:Control Panel\Mouse   
"MouseThreshold1"=#USR:Control Panel\Mouse   
"MouseThreshold2"=#USR:Control Panel\Mouse   
"SwapMouseButtons"=#USR:Control Panel\Mouse   
"Beep"=#USR:Control Panel\Sound   
"DoubleClickSpeed"=#USR:Control Panel\Mouse   
"CoolSwitch"=USR:Control Panel\Desktop   
"DoubleClickHeight"=#USR:Control Panel\Mouse   
"DoubleClickWidth"=#USR:Control Panel\Mouse   
"DragFullWindows"=USR:Control Panel\Desktop   
"InitialKeyboardIndicators"=USR:Control Panel\Keyboard   
"LowPowerActive"=#USR:Control Panel\Desktop   
"LowPowerTimeOut"=#USR:Control Panel\Desktop   
"PowerOffActive"=#USR:Control Panel\Desktop   
"PowerOffTimeOut"=#USR:Control Panel\Desktop   
"ScreenSaveActive"=#USR:Control Panel\Desktop   
"ScreenSaveTimeOut"=#USR:Control Panel\Desktop   
"SnapToDefaultButton"=#USR:Control Panel\Mouse   
"TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW   
"APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]
""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot   
"ScreenSaverActive"=USR:Control Panel\Desktop   
"ScreenSaverIsSecure"=USR:Control Panel\Desktop   
"SCRNSAVE.EXE"=USR:Control Panel\Desktop   
"Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon   

[HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems]
"windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

---------- | Security center

[HKLM\SOFTWARE\Microsoft\Security Center]
"cval"=1

[HKLM\SOFTWARE\Microsoft\Security Center\svc]
"VistaSp1"=128920218544262440
"AntiVirusOverride"=0
"AntiSpywareOverride"=0
"FirewallOverride"=0

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=0
"DisableRoutinelyTakingAction"=1
"ProductStatus"=0
"InstallTime"=0xD2182A7879FCCF01

[HKLM\Software\WOW6432Node\Microsoft\Windows Defender]
"DisableAntiSpyware"=0
"DisableRoutinelyTakingAction"=1

[HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=1

[HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=1

[HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=1


---------- | Safeboot

[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

---------- | Winsock (Whitelist)


---------- | Hosts


---------- | Ping

Envoi d'une requ?te 'ping' sur google.com [172.217.22.142] avec 32 octets de donn?es?:
R?ponse de 172.217.22.142?: octets=32 temps=26 ms TTL=53
R?ponse de 172.217.22.142?: octets=32 temps=26 ms TTL=53
R?ponse de 172.217.22.142?: octets=32 temps=27 ms TTL=53
R?ponse de 172.217.22.142?: octets=32 temps=26 ms TTL=53

Statistiques Ping pour 172.217.22.142:
    Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%),
Dur?e approximative des boucles en millisecondes :
    Minimum = 26ms, Maximum = 27ms, Moyenne = 26ms

---------- | @

[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Microsoft\Internet Explorer\Main]
"Disable Script Debugger"=yes
"Anchor Underline"=yes
"Cache_Update_Frequency"=Once_Per_Session
"Display Inline Images"=yes
"Do404Search"=0x01000000
"Local Page"=C:\Windows\system32\blank.htm
"Save_Session_History_On_Exit"=no
"Show_FullURL"=no
"Show_StatusBar"=yes
"Show_ToolBar"=yes
"Show_URLinStatusBar"=yes
"Show_URLToolBar"=yes
"Use_DlgBox_Colors"=yes
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"XMLHTTP"=1
"NoUpdateCheck"=1
"UseClearType"=no
"Enable Browser Extensions"=yes
"Play_Background_Sounds"=yes
"Play_Animations"=yes
"Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP
"CompatibilityFlags"=0
"FullScreen"=no
"Window_Placement"=0x2C0000000200000003000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF0000000000000000200300002C020000
"IE8RunOnceLastShown"=1
"IE8RunOnceLastShown_TIMESTAMP"=0x21508D341CFDCF01
"IE8TourShown"=1
"IE8TourShownTime"=0x2894762A44FCCF01
"Check_Associations"=no
"Start Page Redirect Cache_TIMESTAMP"=0x42D2D9C613ADD101
"Start Page Redirect Cache AcceptLangs"=fr-FR
"DisableScriptDebuggerIE"=yes
"OperationalData"=517
"ImageStoreRandomFolder"=hfnac1h
"IE10RunOnceLastShown"=1
"IE10RunOnceLastShown_TIMESTAMP"=0xA6911C2624FDCF01
"IE10TourShown"=1
"IE10TourShownTime"=0x4EF31C2624FDCF01
"DoNotTrack"=1
"IE10RunOncePerInstallCompleted"=1
"IE10RunOnceCompletionTime"=0x083A6906B9FECF01
"DefSpellLang"=fr-FR
"Use FormSuggest"=no
"DownloadWindowPlacement"=0x2C0000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000000000002003000058020000
"Default_Page_URL"=about:blank
"Secondary Start Pages"=about:blank
"Start Page_TIMESTAMP"=0xCD1A48161126D201
"SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"=

[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings]
"IE5_UA_Backup_Flag"=5.0
"User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32)
"EmailName"=User@
"PrivDiscUiShown"=1
"EnableHttp1_1"=1
"WarnOnIntranet"=1
"MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges 
"AutoConfigProxy"=wininet.dll
"UseSchannelDirectly"=0x01000000
"WarnOnPost"=0x01000000
"UrlEncoding"=0
"SecureProtocols"=2688
"PrivacyAdvanced"=0
"ZonesSecurityUpgrade"=0xD95F0B5623FDCF01
"DisableCachingOfSSLPages"=0
"WarnonZoneCrossing"=0
"CertificateRevocation"=1
"EnableNegotiate"=1
"MigrateProxy"=1
"ProxyEnable"=0
"GlobalUserOffline"=0
"ProxyOverride"=*.local

[HKLM\Software\Microsoft\Internet Explorer\Main]
"AutoHide"=yes
"Security Risk Page"=about:SecurityRisk
"Extensions Off Page"=about:NoAdd-ons
"Default_Search_URL"=http://www.google.com
"Default_Page_URL"=http://www.google.com
"Anchor_Visitation_Horizon"=0x01000000
"Cache_Percent_of_Disk"=0x0A000000
"Placeholder_Width"=0x1A000000
"Placeholder_Height"=0x1A000000
"Default_Secondary_Page_URL"=
"Use_Async_DNS"=yes
"Start Page"=
"Local Page"=C:\Windows\System32\blank.htm
"Search Page"=http://www.google.com
"Delete_Temp_Files_On_Exit"=yes
"Enable_Disk_Cache"=yes
"ApplicationTileImmersiveActivation"=1
"AssociationActivationMode"=0
"x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

[HKLM\Software\Microsoft\Internet Explorer\AboutURLs]
"blank"=res://mshtml.dll/blank.htm
"NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm
"InPrivate"=res://ieframe.dll/inprivate_win7.htm
"NavigationFailure"=res://ieframe.dll/navcancl.htm
"NoAdd-ons"=res://ieframe.dll/noaddon.htm
"Home"=270
"PostNotCached"=res://ieframe.dll/repost.htm
"DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm
"NavigationCanceled"=res://ieframe.dll/navcancl.htm
"SecurityRisk"=res://ieframe.dll/securityatrisk.htm
"Compat"=res://mshtml.dll/compat.htm

[HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

[HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes]
"mosaic"=http://
"www"=http://
"home"=http://
"ftp"=ftp://

[HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings]
"EnablePunycode"=1
"CodeBaseSearchPath"=CODEBASE
"WarnOnIntranet"=1
"MinorVersion"=0
"ActiveXCache"=C:\Windows\Downloaded Program Files

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main]
"AutoHide"=yes
"Security Risk Page"=about:SecurityRisk
"Extensions Off Page"=about:NoAdd-ons
"Default_Search_URL"=http://www.google.com
"Default_Page_URL"=http://www.google.com
"Anchor_Visitation_Horizon"=0x01000000
"Cache_Percent_of_Disk"=0x0A000000
"Placeholder_Width"=0x1A000000
"Placeholder_Height"=0x1A000000
"Default_Secondary_Page_URL"=
"Use_Async_DNS"=yes
"Start Page"=
"Local Page"=C:\Windows\SysWOW64\blank.htm
"Search Page"=http://www.google.com
"Delete_Temp_Files_On_Exit"=yes
"Enable_Disk_Cache"=yes
"Check_Associations"=yes
"ApplicationTileImmersiveActivation"=1
"AssociationActivationMode"=0
"x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs]
"blank"=res://mshtml.dll/blank.htm
"NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm
"InPrivate"=res://ieframe.dll/inprivate_win7.htm
"NavigationFailure"=res://ieframe.dll/navcancl.htm
"NoAdd-ons"=res://ieframe.dll/noaddon.htm
"Home"=270
"PostNotCached"=res://ieframe.dll/repost.htm
"DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm
"NavigationCanceled"=res://ieframe.dll/navcancl.htm
"SecurityRisk"=res://ieframe.dll/securityatrisk.htm
"Compat"=res://mshtml.dll/compat.htm

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes]
"mosaic"=http://
"www"=http://
"home"=http://
"ftp"=ftp://

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings]
"EnablePunycode"=1
"CodeBaseSearchPath"=CODEBASE
"WarnOnIntranet"=1
"MinorVersion"=0
"ActiveXCache"=C:\Windows\Downloaded Program Files


---------- | Proxy


[HKLM\System\CurrentControlSet\Services\NLASVC\Parameters\Internet\Manualproxies]

---------- | reparsepoint


---------- | Detection of offsets


---------- | Notify 


---------- | Execution FileExts







---------- | SIOI | SEH | URLSH

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw] - {472083B0-C522-11CF-8763-00608CC02F24} --  C:\Program Files\AVAST Software\Avast\ashShA64.dll   [11/05/2017 13:56:41]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast] - {472083B0-C522-11CF-8763-00608CC02F24} --  C:\Program Files\AVAST Software\Avast\ashShA64.dll   [11/05/2017 13:56:41]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} --  %SystemRoot%\system32\EhStorShell.dll   
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81} --  %SystemRoot%\System32\cscui.dll   
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235} --  %SystemRoot%\system32\ntshrui.dll   
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} --  %SystemRoot%\system32\EhStorShell.dll   
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235} --  %SystemRoot%\system32\ntshrui.dll   

[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"=   


---------- | Toolbar

[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"Locked"=1   

[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}   
"DownloadRetries"=0   
"KnownProvidersUpgradeTime"=0x0E9E5D2624FDCF01   
"Version"=4   
"UpgradeTime"=0xD38E552724FDCF01   
"DefaultPackCorrection"=1   
"DefaultPackNTCorrection"=1   
"ShowSearchSuggestionsInAddressGlobal"=1   

[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}   

[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}   


---------- | Extensions


---------- | SearchScopes

[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE11 : 
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}] - (Bing) - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE10 : 
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FF5ED44E-ED20-470A-A4C5-BC448A28C785}] - (Google) - https://www.google.com/search?q={searchTerms} : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : 

---------- | Browser Helper Objects

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] -> (avast! Online Security) : C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll  [04/04/2017 17:49:40]
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll  [19/05/2017 18:28:33]
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] -> (avast! Online Security) : C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll  [04/04/2017 17:49:40]
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll  [19/05/2017 18:28:33]

---------- | Chrome

C:\Users\JHAD\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\JHAD\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\JHAD\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf =  : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx
C:\Users\JHAD\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo =  : Google & co - http://www.youtube.com - http://www.youtube.com/?feature=ytca - Google & co - http://clients2.google.com/service/update2/crx
C:\Users\JHAD\AppData\Local\Google\Chrome\User Data\Default\extensions\coobgpohoikkiipiblmjeljniedjpjpf =  : Google & co - http://www.google.com/webhp?source=search_app - Google & co - [*://www.google.com/search*://www.google.com/webhp*://www.google.com/imgres] - http://clients2.google.com/service/update2/crx
C:\Users\JHAD\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\JHAD\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi =  :     __MSG_extDesc__ -     __MSG_extName__ - https://clients2.google.com/service/update2/crx
C:\Users\JHAD\AppData\Local\Google\Chrome\User Data\Default\extensions\gomekmidlodglbbmalcneegieacbdmki =  :     Avast Browser Security and Web Reputation Plugin. -     Avast Online Security - https://clients2.google.com/service/update2/crx
C:\Users\JHAD\AppData\Local\Google\Chrome\User Data\Default\extensions\lccekmodgklaepjeofjdjpbminllajkg =  :     Support files for Chrome Hotwording. -     Chrome Hotword Shared Module - https://clients2.google.com/service/update2/crx
C:\Users\JHAD\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda =  : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx
C:\Users\JHAD\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia =  : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx

[HKLM\Software\WOW6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]

---------- | Opera


---------- | Firefox


[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin] - () : C:\Users\JHAD\AppData\Local\Citrix\Plugins\104\npappdetector.dll
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin] - (Google Talk Plugin) : C:\Users\JHAD\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\MozillaPlugins\@talk.google.com/O1DPlugin] - (Google Talk Plugin Video Renderer) : C:\Users\JHAD\AppData\Roaming\Mozilla\plugins\npo1d.dll
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Users\JHAD\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Users\JHAD\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKLM\Software\MozillaPlugins\3ds.com/ComposerPlayerWebPlugin_x86_64] - () : C:\PROGRA~1\SOLIDW~1\SOA189~1\Bin\NPCOMP~1.DLL
[HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 26.0.0.131 Plugin) : C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll
[HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE] - () : disabled
[HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\3ds.com/ComposerPlayerWebPlugin] - () : C:\PROGRA~1\SOLIDW~1\SOA189~1\Bin\x86\NPCOMP~1.DLL
[HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 26.0.0.131 Plugin) : C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5] - (Intel IPT WebApi plugin) : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater] - (This plugin updates Intel WebAPI component) : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.131.2] - (Java™ Deployment Toolkit) : C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.131.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/GENUINE] - () : disabled
[HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVision] - (NVIDIA stereo images plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] - (NVIDIA 3D Vision Streaming plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\Adobe Reader] - (Handles PDFs in-place in Firefox) : C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


C:\Users\JHAD\AppData\Roaming\Mozilla\Firefox\Profiles\q933dps3.default\Prefs.js

user_pref("browser.newtab.url", "about:newtab");
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.startup.homepage_override.buildID", "20170608105825");
user_pref("browser.startup.homepage_override.mstone", "54.0");
user_pref("extensions..install-event-fired", true);
user_pref("extensions.adblockplus.currentVersion", "2.9.1");
user_pref("extensions.adblockplus.enabled", false);
user_pref("extensions.adblockplus.hideContributeButton", true);
user_pref("extensions.adblockplus.notificationdata", "{\"shown\":[\"antiadblock\"],\"lastCheck\":1498115810844,\"softExpiration\":1498150501725,\"hardExpiration\":1498230165207,\"data\":{\"notifications\":[],\"version\":\"201706211502-2/0\"},\"lastError\":0,\"downloadStatus\":\"synchronize_ok\",\"downloadCount\":540}");
user_pref("extensions.avastwrc.settings", "{\"current\":{\"callerId\":2020,\"userId\":\"215556954ff7476297a21111937eda33\",\"lastApplicationEventSent\":1489263364521,\"edition\":0},\"features\":{\"phishing\":true,\"dnt\":true,\"dntSocial\":false,\"dntAdTracking\":false,\"dntWebAnalytics\":false,\"dntOthers\":false,\"siteCorrect\":true,\"siteCorrectAuto\":false,\"safeZone\":false,\"communityIQ\":true,\"serp\":true,\"serpPopup\":true,\"safeShop\":true},\"siteCorrect\":{\"declined\":{}},\"safeZone\":{\"declined\":{}},\"phishing\":{\"trusted\":{}},\"safeShop\":{\"noCouponDomains\":{},\"hideDomains\":{},\"hideAll\":0}}");
user_pref("extensions.avastwrc.whiteList", "{\"trk\":{\"apps.facebook.com\":{\"703\":false},\"avast.com\":{\"779\":false}}}");
user_pref("extensions.blocklist.pingCountTotal", 593);
user_pref("extensions.blocklist.pingCountVersion", 2);
user_pref("extensions.bootstrappedAddons", "{\"firebug@software.joehewitt.com\":{\"version\":\"2.0.19\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\JHAD\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\q933dps3.default\\\\extensions\\\\firebug@software.joehewitt.com.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":false,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"wrc@avast.com\":{\"version\":\"12.0.222\",\"type\":\"webextension\",\"descriptor\":\"C:\\\\Users\\\\JHAD\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\q933dps3.default\\\\extensions\\\\wrc@avast.com.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":false,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"version\":\"2.9.1\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\JHAD\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\q933dps3.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":false,\"dependencies\":[],\"hasEmbeddedWebExtension\":true},\"e10srollout@mozilla.org\":{\"version\":\"1.50\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"firefox@getpocket.com\":{\"version\":\"1.0.5\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"webcompat@mozilla.org\":{\"version\":\"1.1\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\webcompat@mozilla.org.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"aushelper@mozilla.org\":{\"version\":\"2.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\aushelper@mozilla.org.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"screenshots@mozilla.org\":{\"version\":\"6.6.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\screenshots@mozilla.org.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"followonsearch@mozilla.com\":{\"version\":\"0.8.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\JHAD\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\q933dps3.default\\\\features\\\\{bbf23966-4c1a-4909-8bb2-2e699808c4e3}\\\\followonsearch@mozilla.com.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true,\"dependencies\":[],\"hasEmbeddedWebExtension\":false}}");
user_pref("extensions.databaseSchema", 19);
user_pref("extensions.e10s.rollout.blocklist", "");
user_pref("extensions.e10s.rollout.hasAddon", true);
user_pref("extensions.e10s.rollout.policy", "50allmpc");
user_pref("extensions.e10sBlockedByAddons", false);
user_pref("extensions.e10sMultiBlockedByAddons", true);
user_pref("extensions.enabledAddons", "%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:54.0");
user_pref("extensions.firebug.DBG_BREAKNOTIFICATION", false);
user_pref("extensions.firebug.DBG_BREAKONERROR", false);
user_pref("extensions.firebug.DBG_BREAKONNEXT", false);
user_pref("extensions.firebug.DBG_BREAKPOINTMODULE", false);
user_pref("extensions.firebug.DBG_BREAKPOINTPANEL", false);
user_pref("extensions.firebug.DBG_BREAKPOINTS", false);
user_pref("extensions.firebug.DBG_BREAKPOINTSTORE", false);
user_pref("extensions.firebug.DBG_BREAKPOINTTOOL", false);
user_pref("extensions.firebug.DBG_DEBUGGER", false);
user_pref("extensions.firebug.DBG_DEBUGGERCLIENT", false);
user_pref("extensions.firebug.DBG_DEBUGGERHALTER", false);
user_pref("extensions.firebug.DBG_DEBUGGER_COMMANDS", false);
user_pref("extensions.firebug.DBG_DOMBASETREE", false);
user_pref("extensions.firebug.DBG_DOMPANEL", false);
user_pref("extensions.firebug.DBG_FUNCTIONMONITOR", false);
user_pref("extensions.firebug.DBG_HTMLMODULE", false);
user_pref("extensions.firebug.DBG_NETCACHEREADER", false);
user_pref("extensions.firebug.DBG_PANELSELECTOR", false);
user_pref("extensions.firebug.DBG_QUICKINFOBOX", false);
user_pref("extensions.firebug.DBG_RETURNVALUEMODIFIER", false);
user_pref("extensions.firebug.DBG_SCOPECLIENT", false);
user_pref("extensions.firebug.DBG_SCRIPTPANEL", false);
user_pref("extensions.firebug.DBG_SCRIPTPANELLINEUPDATER", false);
user_pref("extensions.firebug.DBG_SCRIPTPANELWARNING", false);
user_pref("extensions.firebug.DBG_SOURCEEDITOR", false);
user_pref("extensions.firebug.DBG_SOURCEFILE", false);
user_pref("extensions.firebug.DBG_SOURCETOOL", false);
user_pref("extensions.firebug.DBG_SPY", false);
user_pref("extensions.firebug.DBG_STATUSPATH", false);
user_pref("extensions.firebug.DBG_TABCLIENT", false);
user_pref("extensions.firebug.DBG_TABCONTEXT", false);
user_pref("extensions.firebug.DBG_TABLEREP", false);
user_pref("extensions.firebug.DBG_TOGGLESIDEPANELS", false);
user_pref("extensions.firebug.DBG_WATCHPROVIDER", false);
user_pref("extensions.firebug.activateFirebugTheme", false);
user_pref("extensions.firebug.currentVersion", "2.0.19");
user_pref("extensions.firebug.noMultiprocessMessage", true);
user_pref("extensions.firebug.onlyShowAppliedStyles", true);
user_pref("extensions.firebug.previousPlacement", 3);
user_pref("extensions.firebug.showErrorCount", false);
user_pref("extensions.firebug.showUserAgentCSS", true);
user_pref("extensions.firebug.toolbarCustomizationDone2", true);
user_pref("extensions.followonsearch.cohortSample", "0.364536");
user_pref("extensions.getAddons.cache.lastUpdate", 1498057814);
user_pref("extensions.getAddons.databaseSchema", 5);
user_pref("extensions.hotfix.lastVersion", "20170302.01");
user_pref("extensions.lastAppVersion", "54.0");
user_pref("extensions.lastPlatformVersion", "54.0");
user_pref("extensions.pendingOperations", false);
user_pref("extensions.pocket.settings.test.panelSignUp", "v1");
user_pref("extensions.pocket.settings.test.panelTab", "control");
user_pref("extensions.shield-recipe-client.api_url", "https://normandy.cdn.mozilla.net/api/v1");
user_pref("extensions.shield-recipe-client.dev_mode", false);
user_pref("extensions.shield-recipe-client.enabled", true);
user_pref("extensions.shield-recipe-client.logging.level", 50);
user_pref("extensions.shield-recipe-client.startup_delay_seconds", 300);
user_pref("extensions.shield-recipe-client.user_id", "d1e77428-acfe-4a50-987d-18bdc827f156");
user_pref("extensions.shownSelectionUI", true);
user_pref("extensions.systemAddonSet", "{\"schema\":1,\"directory\":\"{bbf23966-4c1a-4909-8bb2-2e699808c4e3}\",\"addons\":{\"followonsearch@mozilla.com\":{\"version\":\"0.8.0\"}}}");
user_pref("extensions.ui.dictionary.hidden", true);
user_pref("extensions.ui.experiment.hidden", true);
user_pref("extensions.ui.lastCategory", "addons://list/extension");
user_pref("extensions.ui.locale.hidden", true);
user_pref("extensions.webextensions.uuids", "{\"wrc@avast.com\":\"4292cd13-603d-47a0-93ee-494caa43b7f9\",\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":\"8b70bd64-ea33-4f9a-ab9c-266e7baa02ec\"}");
user_pref("extensions.wrc@avast.com.install-event-fired", true);
user_pref("extensions.xpiState", "{\"app-profile\":{\"firebug@software.joehewitt.com\":{\"d\":\"C:\\\\Users\\\\JHAD\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\q933dps3.default\\\\extensions\\\\firebug@software.joehewitt.com.xpi\",\"e\":true,\"v\":\"2.0.19\",\"st\":1488370642224},\"sp@avast.com\":{\"d\":\"C:\\\\Users\\\\JHAD\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\q933dps3.default\\\\extensions\\\\sp@avast.com.xpi\",\"e\":false,\"v\":\"12.0.222\",\"st\":1496246050186},\"wrc@avast.com\":{\"d\":\"C:\\\\Users\\\\JHAD\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\q933dps3.default\\\\extensions\\\\wrc@avast.com.xpi\",\"e\":true,\"v\":\"12.0.222\",\"st\":1496246050595},\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"d\":\"C:\\\\Users\\\\JHAD\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\q933dps3.default\\\\extensions\\\\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi\",\"e\":true,\"v\":\"2.9.1\",\"st\":1496864164067}},\"app-system-defaults\":{\"aushelper@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\aushelper@mozilla.org.xpi\",\"e\":true,\"v\":\"2.0\",\"st\":1498033074328},\"e10srollout@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"e\":true,\"v\":\"1.50\",\"st\":1498033074328},\"firefox@getpocket.com\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"e\":true,\"v\":\"1.0.5\",\"st\":1498033074312},\"screenshots@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\screenshots@mozilla.org.xpi\",\"e\":true,\"v\":\"6.6.0\",\"st\":1498033074343},\"webcompat@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\webcompat@mozilla.org.xpi\",\"e\":true,\"v\":\"1.1\",\"st\":1498033074312}},\"app-global\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi\",\"e\":true,\"v\":\"54.0\",\"st\":1498033074328}},\"app-system-addons\":{\"followonsearch@mozilla.com\":{\"d\":\"C:\\\\Users\\\\JHAD\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\q933dps3.default\\\\features\\\\{bbf23966-4c1a-4909-8bb2-2e699808c4e3}\\\\followonsearch@mozilla.com.xpi\",\"e\":true,\"v\":\"0.8.0\",\"st\":1498057816041}}}");
user_pref("extensions.{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.install-event-fired", true);


[Profile0] - Name=default -> Profiles/q933dps3.default

---------- | DNS

[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters]
"DhcpNameServer"=212.27.40.241 212.27.40.240
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{3B00134C-DF4F-4A10-8F0D-E2A21C51AA85}]
"DhcpNameServer"=212.27.40.241 212.27.40.240
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{7F03B3B8-C3E5-4C53-AA7E-A2932535BAAB}]
"DhcpNameServer"=212.27.40.241 212.27.40.240
[HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{3B00134C-DF4F-4A10-8F0D-E2A21C51AA85}]
"DhcpNameServer"=212.27.40.241 212.27.40.240
[HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{7F03B3B8-C3E5-4C53-AA7E-A2932535BAAB}]
"DhcpNameServer"=212.27.40.241 212.27.40.240
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{3B00134C-DF4F-4A10-8F0D-E2A21C51AA85}]
"DhcpNameServer"=212.27.40.241 212.27.40.240
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{7F03B3B8-C3E5-4C53-AA7E-A2932535BAAB}]
"DhcpNameServer"=212.27.40.241 212.27.40.240

---------- | Applications

[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\SOFTWARE\Classes\Applications\PhotoFiltre7.exe] : "C:\Program Files (x86)\PhotoFiltre 7\PhotoFiltre7.exe" "%1"
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\SOFTWARE\Classes\Applications\soffice.bin] : "C:\Program Files (x86)\LibreOffice 5\program\soffice.bin" %1
[HKLM\SOFTWARE\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1
[HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1
[HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1
[HKLM\SOFTWARE\Classes\Applications\SZBrowser.exe] : "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\VSLauncher.exe] : "C:\Program Files (x86)\Common Files\Microsoft Shared\MSEnv\VSLauncher.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\vsta.exe] : "C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\vsta.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L"
[HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\SZBrowser.exe] : "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\VSLauncher.exe] : "C:\Program Files (x86)\Common Files\Microsoft Shared\MSEnv\VSLauncher.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vsta.exe] : "C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\vsta.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1"

---------- | SvcHost (Whitelist)

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost]
"regsvc"=RemoteRegistry
"DcomLaunch"=Power
PlugPlay
DcomLaunch
"secsvcs"=WinDefend
"bthsvcs"=bthserv
"PeerDist"=PeerDistSvc

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost]
"DcomLaunch"=Power
PlugPlay
DcomLaunch


---------- | SvcHost - Netsvcs (Whitelist)

Term -  : 

---------- | Software

[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\7-Zip]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Addictive Software]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Adobe]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\AMD]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\AppDataLow]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\ASUS]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\AsusHomeAdmin]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\ATI]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\AVAST Software]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\BitTorrent]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Blender Foundation]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Chromium]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Citrix]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Clarus]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Clients]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\D-Link]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Dassault Systemes]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\eDrawings]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Encom Software]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Fotosizer]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\g3n-h@ckm@n]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\GaBi]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Google]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Hewlett-Packard]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\HP]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Intel]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\JavaSoft]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Kernel for Outlook PST Repair VIEWER12p]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\KIM]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Local AppWizard-Generated Applications]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\luxrender.net]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Lynkoa]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Macromedia]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Malwarebytes]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Mappy]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\MediaChance]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Microsoft]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Mooii]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Mozilla]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\MozillaPlugins]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\NEC Electronics]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Netscape]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Niku]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\NVIDIA Corporation]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\paint.net]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\PDF Architect 4]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\pdfforge]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\PhotoFiltre 7]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Piriform]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Policies]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\QtProject]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Realtek]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\RICOH]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Scilab]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\SolidWorks]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\srac]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\sysinternals]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\The Document Foundation]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Trolltech]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\VB and VBA Program Settings]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\VCG]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\WinHTTrack Website Copier]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Wow6432Node]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Würth]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Würth Bemessung]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\XHEO INC]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\ZHP]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\ZWSOFT]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\{B2CB09FF-2453-4f85-9F40-21C05BE4CBA8}]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\SOFTWARE\AppDataLow\Software\JavaSoft]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\SOFTWARE\AppDataLow\Software\Microsoft]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Microsoft\Windows\CurrentVersion]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Microsoft\Windows\DWM]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Microsoft\Windows\ScriptedDiagnosticsProvider]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Microsoft\Windows\Shell]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Microsoft\Windows\TabletPC]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Microsoft\Windows\Windows Error Reporting]
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\Software\Microsoft\Windows NT\CurrentVersion]
[HKLM\Software\7-Zip]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\AMD]
[HKLM\Software\Apple Inc.]
[HKLM\Software\ATI Technologies]
[HKLM\Software\CBSTEST]
[HKLM\Software\Clients]
[HKLM\Software\CPUID]
[HKLM\Software\Dassault Systemes]
[HKLM\Software\Dolby]
[HKLM\Software\DTS]
[HKLM\Software\eDrawings]
[HKLM\Software\FLEXlm License Manager]
[HKLM\Software\g3n-h@ckm@n]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Knowles]
[HKLM\Software\Licenses]
[HKLM\Software\Macromedia]
[HKLM\Software\Macrovision]
[HKLM\Software\MCCI]
[HKLM\Software\Microsoft]
[HKLM\Software\Mozilla]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Nahimic]
[HKLM\Software\Nuance]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\PassMark]
[HKLM\Software\PDF Architect 4]
[HKLM\Software\pdfforge]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SolidWorks]
[HKLM\Software\SolidWorks Corporation]
[HKLM\Software\Sonic]
[HKLM\Software\SonicFocus]
[HKLM\Software\Srac]
[HKLM\Software\SRS Labs]
[HKLM\Software\sysinternals]
[HKLM\Software\Waves Audio]
[HKLM\Software\Wow6432Node]
[HKLM\Software\Yamaha APO]
[HKLM\Software\Microsoft\Windows\CurrentVersion]
[HKLM\Software\Microsoft\Windows\HTML Help]
[HKLM\Software\Microsoft\Windows\ITStorage]
[HKLM\Software\Microsoft\Windows\ScheduledDiagnostics]
[HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider]
[HKLM\Software\Microsoft\Windows\Tablet PC]
[HKLM\Software\Microsoft\Windows\TabletPC]
[HKLM\Software\Microsoft\Windows\Windows Error Reporting]
[HKLM\Software\Microsoft\Windows\Windows Search]
[HKLM\Software\Microsoft\Windows NT\CurrentVersion]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AxInstSVGroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport]
[HKLM\Software\WOW6432Node\Adobe]
[HKLM\Software\WOW6432Node\AdwCleaner]
[HKLM\Software\WOW6432Node\AMD]
[HKLM\Software\WOW6432Node\Apple Inc.]
[HKLM\Software\WOW6432Node\ASUS]
[HKLM\Software\WOW6432Node\ATI Technologies]
[HKLM\Software\WOW6432Node\AVAST Software]
[HKLM\Software\WOW6432Node\Clarus, Inc.]
[HKLM\Software\WOW6432Node\D-Link]
[HKLM\Software\WOW6432Node\Dassault Systemes]
[HKLM\Software\WOW6432Node\EasternGraphics]
[HKLM\Software\WOW6432Node\FLEXlm License Manager]
[HKLM\Software\WOW6432Node\Fotosizer]
[HKLM\Software\WOW6432Node\GanttProject]
[HKLM\Software\WOW6432Node\Google]
[HKLM\Software\WOW6432Node\Hewlett-Packard]
[HKLM\Software\WOW6432Node\Intel]
[HKLM\Software\WOW6432Node\JavaSoft]
[HKLM\Software\WOW6432Node\JreMetrics]
[HKLM\Software\WOW6432Node\Khronos]
[HKLM\Software\WOW6432Node\LibreOffice]
[HKLM\Software\WOW6432Node\Macromedia]
[HKLM\Software\WOW6432Node\Macrovision]
[HKLM\Software\WOW6432Node\Malwarebytes Anti-Rootkit]
[HKLM\Software\WOW6432Node\Microsoft]
[HKLM\Software\WOW6432Node\MimarSinan]
[HKLM\Software\WOW6432Node\Mooii]
[HKLM\Software\WOW6432Node\Mozilla]
[HKLM\Software\WOW6432Node\mozilla.org]
[HKLM\Software\WOW6432Node\MozillaPlugins]
[HKLM\Software\WOW6432Node\Nuance]
[HKLM\Software\WOW6432Node\NVIDIA Corporation]
[HKLM\Software\WOW6432Node\ODBC]
[HKLM\Software\WOW6432Node\Persits Software]
[HKLM\Software\WOW6432Node\Realtek]
[HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\WOW6432Node\RtWLan]
[HKLM\Software\WOW6432Node\S&P SCS]
[HKLM\Software\WOW6432Node\Samsung Magician]
[HKLM\Software\WOW6432Node\SolidWorks]
[HKLM\Software\WOW6432Node\The Document Foundation]
[HKLM\Software\WOW6432Node\Volatile]
[HKLM\Software\WOW6432Node\WinHTTrack Website Copier]
[HKLM\Software\WOW6432Node\Würth Bemessung]
[HKLM\Software\WOW6432Node\XMind Ltd]
[HKLM\Software\WOW6432Node\Clients]
[HKLM\Software\WOW6432Node\Policies]
[HKLM\Software\WOW6432Node\RegisteredApplications]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Help]
[HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help]
[HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage]
[HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc]

---------- | Drives


B:


---------- | C:

[26/03/2017 01:00:40] - |HD| - [32768] - C:\$AV_ASW
[14/07/2009 05:18:56] - |SHD| - [2778697] - C:\$Recycle.Bin
[31/05/2015 18:32:33] - |D| - [8294516] - C:\AdwCleaner
[MD5.FD84F6DAB055449E5BDF44C7D091CD92] - [10/11/2014 00:21:12] - |A| - (.-.) - [206] - (0.0.0.0) - C:\audio.log
[15/05/2017 14:44:07] - |D| - [34903079] - C:\dfe450f87c9cf401763ced34854c707f
[14/07/2009 07:08:56] - |SHD| - [0] - C:\Documents and Settings
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/11/2014 01:55:29] - |ASH| - (.-.) - [12839989248] - (0.0.0.0) - C:\hiberfil.sys
[09/11/2014 19:44:15] - |D| - [100861] - C:\Intel
[05/12/2016 16:31:14] - |D| - [9949] - C:\Mes Sites Web
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/11/2014 01:55:29] - |ASH| - (.-.) - [17119989760] - (0.0.0.0) - C:\pagefile.sys
[14/07/2009 05:20:08] - |D| - [0] - C:\PerfLogs
[14/07/2009 05:20:08] - |RD| - [26149405548] - C:\Program Files
[14/07/2009 05:20:08] - |RD| - [5570117948] - C:\Program Files (x86)
[14/07/2009 05:20:08] - |HD| - [2271832814] - C:\ProgramData
[22/06/2017 09:33:33] - |D| - [262057] - C:\QuickDiag
[MD5.3470B2D4E796DD92E0919E37680CA717] - [22/06/2017 09:34:02] - |A| - (.-.) - [134565] - (0.0.0.0) - C:\QuickDiag.txt
[09/11/2014 19:07:11] - |SHD| - [174131890] - C:\Recovery
[25/07/2015 19:40:45] - |D| - [402034812] - C:\SOLIDWORKS Data
[25/07/2015 20:47:42] - |D| - [419180726] - C:\SOLIDWORKS Data (2)
[21/12/2015 19:33:45] - |D| - [384580937] - C:\SOLIDWORKS Data (3)
[19/04/2016 15:33:08] - |D| - [2095] - C:\SOLIDWORKS Data (4)
[07/12/2016 11:54:05] - |D| - [385711308] - C:\SOLIDWORKS Data (5)
[05/09/2015 11:18:15] - |D| - [1016783163] - C:\SolidWorks Data 2012
[10/11/2014 01:52:01] - |SHD| - [0] - C:\System Volume Information
[10/11/2014 00:24:28] - |D| - [2845448] - C:\Temp
[14/07/2009 05:20:08] - |RD| - [9175836387] - C:\Users
[14/07/2009 05:20:08] - |D| - [38988305738] - C:\Windows

---------- | C:\Windows

[MD5.82ABB018E03D2D64FE72101B1B936ACF] - [11/09/2016 16:19:39] - |A| - (.-.) - [155] - (0.0.0.0) - C:\Windows\$PREFFILE
[14/07/2009 07:32:38] - |D| - [802] - C:\Windows\addins
[14/07/2009 05:20:08] - |D| - [95200] - C:\Windows\AppCompat
[14/07/2009 05:20:08] - |D| - [10977854] - C:\Windows\AppPatch
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/11/2014 00:16:16] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\Ascd_err.ini
[MD5.4CB9F142F39E2741951FB60B23AADA9B] - [10/11/2014 00:16:16] - |A| - (.-.) - [68350] - (0.0.0.0) - C:\Windows\Ascd_log.ini
[MD5.98DDE46074F40BB10F94FADC7C705D13] - [09/11/2014 19:38:32] - |A| - (.-.) - [49592] - (0.0.0.0) - C:\Windows\Ascd_tmp.ini
[09/11/2014 19:39:47] - |D| - [45207] - C:\Windows\AsDmiHtm
[14/07/2009 05:20:08] - |RSD| - [1789645411] - C:\Windows\assembly
[MD5.9FCFE78AFBA95C1F3AD8E3F99C5C4636] - [09/11/2014 19:53:27] - |A| - (.Copyright (C) 2009 - AsTaskSchedule.) - [16896] - (0.1.0.4) - C:\Windows\AsTaskSched.dll
[10/11/2014 00:22:07] - |D| - [13126028] - C:\Windows\AsusInstAll
[MD5.A0E304A88264204CF1D88D971920BAFA] - [10/11/2014 00:55:11] - |A| - (.-.) - [42719] - (0.0.0.0) - C:\Windows\atiogl.xml
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/11/2014 00:56:40] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\ativpsrm.bin
[MD5.12EBDA58437CD1EA7066FCB6455241D2] - [26/09/2016 13:49:14] - |A| - (.Copyright (c) 2014 AVAST Software - avast! Screen Saver stub.) - [53208] - (12.3.3154.0) - C:\Windows\avastSS.scr
[MD5.317CD1CE327B6520BF4EE007BCD39E61] - [21/11/2010 05:24:22] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [71168] - (6.1.7601.17514) - C:\Windows\bfsvc.exe
[14/07/2009 05:20:09] - |D| - [29088878] - C:\Windows\Boot
[MD5.40253AA00CAE357607F9A68ABF9551F8] - [14/07/2009 07:38:36] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\Windows\bootstat.dat
[14/07/2009 05:20:09] - |D| - [3233280] - C:\Windows\Branding
[12/04/2011 11:28:19] - |D| - [0] - C:\Windows\CSC
[14/07/2009 05:20:09] - |D| - [2113488] - C:\Windows\Cursors
[14/07/2009 06:45:54] - |D| - [9287] - C:\Windows\debug
[14/07/2009 07:32:38] - |D| - [3044378] - C:\Windows\diagnostics
[14/07/2009 07:37:46] - |D| - [0] - C:\Windows\DigitalLocker
[MD5.2FF64ECBF3EDD24EFD08BB76EFD27975] - [04/10/2016 15:49:17] - |A| - (.-.) - [58111] - (0.0.0.0) - C:\Windows\DirectX.log
[04/09/2016 14:55:56] - |D| - [22664192] - C:\Windows\Downloaded Installations
[14/07/2009 07:32:38] - |D| - [726625] - C:\Windows\Downloaded Program Files
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [22/11/2015 17:52:09] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\eDrawingOfficeAutomator.INI
[12/04/2011 11:28:20] - |D| - [118084593] - C:\Windows\ehome
[14/07/2009 07:37:46] - |D| - [0] - C:\Windows\en-US
[MD5.AC4C51EB24AA95B77F705AB159189E24] - [21/11/2010 05:24:11] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [2872320] - (6.1.7601.17514) - C:\Windows\explorer.exe
[14/07/2009 05:20:09] - |RSD| - [406772121] - C:\Windows\Fonts
[12/04/2011 11:16:36] - |D| - [142336] - C:\Windows\fr-FR
[MD5.92BB2E9AA28542C685C59EFCBAC2490B] - [14/07/2009 01:22:13] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de chiffrement de lecteur BitLocker.) - [15360] - (6.1.7600.16385) - C:\Windows\fveupdate.exe
[14/07/2009 05:20:09] - |D| - [21741460] - C:\Windows\Globalization
[14/07/2009 05:20:09] - |D| - [112177590] - C:\Windows\Help
[MD5.CD47548A52B02D254BF6D7F7A5F2BFD3] - [14/07/2009 02:29:53] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [733696] - (6.1.7600.16385) - C:\Windows\HelpPane.exe
[19/08/2015 17:25:23] - |D| - [2478080] - C:\Windows\Hewlett-Packard
[MD5.3D0B9EA79BF1F828324447D84AA9DCE2] - [14/07/2009 02:29:03] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [16896] - (6.1.7600.16385) - C:\Windows\hh.exe
[14/07/2009 05:20:09] - |D| - [143547244] - C:\Windows\IME
[14/07/2009 05:20:10] - |D| - [138848573] - C:\Windows\inf
[17/01/2015 12:09:31] - |D| - [86456384] - C:\Windows\Install
[09/11/2014 19:45:22] - |SHD| - [8214538473] - C:\Windows\Installer
[14/07/2009 05:20:10] - |D| - [48371] - C:\Windows\L2Schemas
[MD5.718FECF22BF4BD4FC05B79AA4BEC75D0] - [09/11/2014 19:38:40] - |A| - (.-.) - [1769] - (0.0.0.0) - C:\Windows\Language_trs.ini
[14/07/2009 05:20:10] - |D| - [3317249] - C:\Windows\LiveKernelReports
[14/07/2009 05:20:10] - |D| - [105174369] - C:\Windows\Logs
[14/07/2009 05:20:10] - |RSD| - [13327133] - C:\Windows\Media
[10/11/2014 00:39:23] - |D| - [86199983] - C:\Windows\MEI
[MD5.23AF90D2355D8C83AA4567EF1763B467] - [14/07/2009 02:10:29] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\Windows\mib.bin
[14/07/2009 05:20:10] - |D| - [1022827789] - C:\Windows\Microsoft.NET
[10/11/2014 00:26:27] - |D| - [2563] - C:\Windows\Migration
[06/09/2015 12:27:27] - |D| - [0] - C:\Windows\Minidump
[14/07/2009 05:20:10] - |D| - [0] - C:\Windows\ModemLogs
[MD5.B9FB94A8DA62711C6955825DEFB25C5A] - [14/07/2009 04:35:42] - |A| - (.-.) - [1405] - (0.0.0.0) - C:\Windows\msdfmap.ini
[13/11/2014 17:15:31] - |HD| - [0] - C:\Windows\msdownld.tmp
[MD5.B32189BDFF6E577A92BAA61AD49264E6] - [12/08/2015 14:32:55] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [193536] - (6.1.7601.18917) - C:\Windows\notepad.exe
[MD5.27C66DD87088D24340650E0E11A2E663] - [08/06/2017 14:36:32] - |A| - (.-.) - [1891022] - (0.0.0.0) - C:\Windows\ntbtlog.txt
[14/07/2009 07:32:38] - |D| - [65] - C:\Windows\Offline Web Pages
[10/11/2014 01:50:28] - |D| - [783931] - C:\Windows\Panther
[10/11/2014 21:16:49] - |D| - [2865195] - C:\Windows\pcidevice
[MD5.F55019ED97E87865C52CB715A20D4C00] - [04/12/2016 12:19:18] - |A| - (.-.) - [15964] - (0.0.0.0) - C:\Windows\pCon.planner.STD.64.install.log
[14/07/2009 07:32:38] - |D| - [63374583] - C:\Windows\Performance
[MD5.0D176ACD53194818EE4D3FAA23E7B5FA] - [20/11/2014 14:02:38] - |A| - (.-.) - [5158608] - (0.0.0.0) - C:\Windows\PE_File.dll
[MD5.A50595FF51076E7E08E0226358AD4C73] - [09/11/2014 23:10:15] - |A| - (.-.) - [5093072] - (0.0.0.0) - C:\Windows\PE_Rom.dll
[MD5.A92013EEBD3F50ADB1BD12C11B9ADF58] - [21/10/2016 21:02:36] - |A| - (.-.) - [18700] - (0.0.0.0) - C:\Windows\PFRO.log
[14/07/2009 05:20:10] - |D| - [1132015] - C:\Windows\PLA
[14/07/2009 05:20:10] - |D| - [5799879] - C:\Windows\PolicyDefinitions
[10/11/2014 01:55:34] - |D| - [36592099] - C:\Windows\Prefetch
[MD5.FFB8B91BD19E5BC10A3344AAF34880F3] - [12/04/2011 11:29:04] - |A| - (.-.) - [53551] - (0.0.0.0) - C:\Windows\Professional.xml
[MD5.2E2C937846A0B8789E5E91739284D17A] - [14/07/2009 01:27:10] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [427008] - (6.1.7600.16385) - C:\Windows\regedit.exe
[14/07/2009 05:20:10] - |D| - [22588] - C:\Windows\registration
[14/07/2009 05:20:10] - |D| - [4982361] - C:\Windows\rescache
[14/07/2009 05:20:10] - |D| - [1674534] - C:\Windows\Resources
[MD5.A8F0B315F67842060906A301108CDAB0] - [09/11/2014 19:47:59] - |R| - (.Copyright (C) 2014 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [2080472] - (1.0.5.4) - C:\Windows\RtlExUpd.dll
[MD5.DAB2580170BA6F01494B051BEDBC6933] - [10/11/2014 00:16:17] - |A| - (.-.) - [1309] - (0.0.0.0) - C:\Windows\scd.ini
[14/07/2009 05:20:10] - |D| - [0] - C:\Windows\SchCache
[14/07/2009 05:20:10] - |D| - [55533] - C:\Windows\schemas
[14/07/2009 05:20:10] - |D| - [5282874] - C:\Windows\security
[14/07/2009 06:45:47] - |D| - [154637540] - C:\Windows\ServiceProfiles
[14/07/2009 05:20:10] - |D| - [123308488] - C:\Windows\servicing
[14/07/2009 06:45:50] - |D| - [42] - C:\Windows\Setup
[MD5.5365986BD88284801B2E9099A1436574] - [12/08/2015 17:00:55] - |N| - (.Copyright (C) 1987-1999 Microsoft Corporation - Visual Basic 6.0 Setup Toolkit.) - [249856] - (6.0.0.8450) - C:\Windows\Setup1.exe
[MD5.430E041795FDBF72C72BE5B1B6F5C9ED] - [01/10/2016 09:38:09] - |A| - (.-.) - [46235] - (0.0.0.0) - C:\Windows\setupact.log
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [01/10/2016 09:38:09] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\setuperr.log
[12/04/2011 11:28:20] - |D| - [4544] - C:\Windows\ShellNew
[10/11/2014 02:02:25] - |D| - [1485261012] - C:\Windows\SoftwareDistribution
[25/07/2015 20:39:50] - |D| - [300751373] - C:\Windows\SolidWorks
[14/07/2009 05:20:10] - |D| - [70579144] - C:\Windows\Speech
[MD5.D01628AF9F7FB3F415B357D446FBE6D9] - [21/11/2010 05:24:16] - |A| - (.© Microsoft Corporation. - Print driver host for 32bit applications.) - [67072] - (6.1.7601.17514) - C:\Windows\splwow64.exe
[MD5.D422839C99927DB561F5C019643EACEC] - [12/08/2015 17:00:54] - |A| - (.Copyright © 1987-1998 Microsoft Corp. - Visual Basic Setup Toolkit Uninstaller.) - [73216] - (6.0.84.50) - C:\Windows\ST6UNST.EXE
[MD5.9060C3C745E7B2D8E1A81DD061021546] - [14/07/2009 07:28:38] - |A| - (.-.) - [48201] - (0.0.0.0) - C:\Windows\Starter.xml
[14/07/2009 05:20:10] - |D| - [0] - C:\Windows\system
[MD5.286A9EDB379DC3423A528B0864A0F111] - [14/07/2009 04:34:57] - |A| - (.-.) - [219] - (0.0.0.0) - C:\Windows\system.ini
[14/07/2009 05:20:10] - |D| - [5880450732] - C:\Windows\System32
[14/07/2009 05:20:14] - |D| - [1515157561] - C:\Windows\SysWOW64
[14/07/2009 05:20:14] - |D| - [15] - C:\Windows\TAPI
[14/07/2009 05:20:14] - |D| - [65540] - C:\Windows\Tasks
[14/07/2009 05:20:14] - |D| - [425794] - C:\Windows\Temp
[14/07/2009 05:20:14] - |D| - [0] - C:\Windows\tracing
[MD5.0BEA3F79A36B1F67B2CE0F595524C77C] - [10/06/2009 23:41:17] - |A| - (.- Twain Source Manager (Image Acquisition Interface).) - [94784] - (1.7.0.0) - C:\Windows\twain.dll
[14/07/2009 07:32:38] - |D| - [4950688] - C:\Windows\twain_32
[MD5.163A95975E1D8819E653AA3E961371CA] - [21/11/2010 05:25:10] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [51200] - (1.7.1.3) - C:\Windows\twain_32.dll
[MD5.F36A271706EDD23C94956AFB56981184] - [14/07/2009 00:47:26] - |A| - (.- Twain_32.dll Client's 16-Bit Thunking Server.) - [49680] - (1.7.0.0) - C:\Windows\twunk_16.exe
[MD5.0BD6E68F3EA0DD62CD86283D86895381] - [14/07/2009 02:14:40] - |A| - (.- Twain.dll Client's 32-Bit Thunking Server.) - [31232] - (1.7.1.0) - C:\Windows\twunk_32.exe
[14/07/2009 05:20:14] - |D| - [12420] - C:\Windows\Vss
[14/07/2009 05:20:14] - |D| - [40681427] - C:\Windows\Web
[MD5.162904DAA5412143F5403233E77F787E] - [14/07/2009 04:34:57] - |A| - (.-.) - [403] - (0.0.0.0) - C:\Windows\win.ini
[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - [14/07/2009 06:54:24] - |RAH| - (.-.) - [749] - (0.0.0.0) - C:\Windows\WindowsShell.Manifest
[MD5.03C4E9482060D22808D3A0E92411DE36] - [30/09/2016 09:33:20] - |A| - (.-.) - [1194441] - (0.0.0.0) - C:\Windows\WindowsUpdate.log
[MD5.1D420D66250BCAAAED05724FB34008CF] - [14/07/2009 02:12:29] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [9728] - (6.1.7600.16385) - C:\Windows\winhlp32.exe
[14/07/2009 05:20:14] - |D| - [16917709322] - C:\Windows\winsxs
[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - [10/06/2009 22:52:44] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\Windows\WMSysPr9.prx
[MD5.F8ED3B4B209E2CB49028E36CF06CA851] - [14/07/2009 01:56:28] - |A| - (.© Microsoft Corporation. - Windows Write.) - [10240] - (6.1.7600.16385) - C:\Windows\write.exe

---------- | C:\Windows\System32\GroupPolicy


---------- | Systemroot\System


---------- | Systemroot\Installer (Microsoft Files Whitelisted)

[17/03/2015 10:41:29] - C:\Windows\Installer\1176c2.msi : ( - Adobe Systems Incorporated)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[24/01/2015 23:08:16] - C:\Windows\Installer\14ef81.msi : (Citrix Online Launcher 1.0.0.252 - Citrix Online, LLC)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/11/2013 17:29:33] - C:\Windows\Installer\1ba6f0.msi : (Dassault Systemes VC9 Prerequisites (9.1.2) - Dassault Systemes)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/11/2013 17:29:33] - C:\Windows\Installer\1ba701.msi : (Dassault Systemes VC10 Prerequisites (10.1.1) - Dassault Systemes)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[15/03/2015 15:51:31] - C:\Windows\Installer\21a077.msi : (USB 3.0 Host Controller Driver - NEC Electronics Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[15/03/2016 16:38:49] - C:\Windows\Installer\24cb7.msi : (Java SE Runtime Environment 8 Update 74 - Oracle Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[11/11/2015 16:20:04] - C:\Windows\Installer\281d3b.msi : (eDrawings 2014 - Dassault Systèmes SolidWorks Corp)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[11/11/2015 16:39:34] - C:\Windows\Installer\281d4d.msi : (PhotoView 360 Network Render Client - SOLIDWORKS Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[19/06/2015 11:47:04] - C:\Windows\Installer\2f7c39.msi : (SOLIDWORKS 2015 - Dassault Systemes SolidWorks Corp)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[19/06/2015 12:42:48] - C:\Windows\Installer\2f7ce2.msi : (Package d'installation des langues pour SOLIDWORKS - Dassault Systemes SolidWorks Corp)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[12/03/2014 07:22:32] - C:\Windows\Installer\31ac3.msi : (Intel(R) Network Connections - Intel)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[03/05/2013 18:56:24] - C:\Windows\Installer\3239a1.msi : (HP Unified IO - HP)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[03/05/2013 18:56:14] - C:\Windows\Installer\3239a7.msi : (HP Unified IO - HP)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[08/10/2016 14:47:30] - C:\Windows\Installer\394f8a.msi : (Blender - Blender Foundation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[13/10/2016 12:40:26] - C:\Windows\Installer\3af103.msi : ( - Dassault Systèmes SolidWorks Corp)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[13/10/2016 15:41:12] - C:\Windows\Installer\3af36d.msi : (The Instinctive Digital Mockup - Dassault Systemes - 175 Wyman Street, Waltham, MA 02451, USA)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[24/12/2016 15:27:21] - C:\Windows\Installer\3e7a2.msi : (7-Zip (x64 edition) Package - Igor Pavlov)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[24/12/2016 15:28:09] - C:\Windows\Installer\3e7a8.msi : (Java SE Runtime Environment 8 Update 111 - Oracle Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[24/11/2016 08:43:30] - C:\Windows\Installer\43ca5e.msi : ( -)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[24/11/2016 11:53:50] - C:\Windows\Installer\43ca67.msi : (Package d'installation des langues pour SOLIDWORKS - Dassault Systemes SolidWorks Corp)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[24/11/2016 09:39:00] - C:\Windows\Installer\43ca6e.msi : (PhotoView 360 Network Render Client - SOLIDWORKS Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[24/11/2016 10:48:06] - C:\Windows\Installer\43ca76.msi : (SOLIDWORKS Simulation Worker Agent - Dassault Systemes SolidWorks Corp)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/10/2011 23:59:02] - C:\Windows\Installer\4996ab.msi : (
      - 
     )          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[08/11/2012 18:01:44] - C:\Windows\Installer\4996b1.msi : (
      - 
     )          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[10/05/2013 06:15:12] - C:\Windows\Installer\4996bd.msi : (HP LaserJet Pro MFP M127-M128 Fax - Hewlett-Packard Co.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[10/08/2012 18:48:04] - C:\Windows\Installer\4996c3.msi : (hppM125LaserJetService - Hewlett-Packard)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[04/12/2012 18:54:06] - C:\Windows\Installer\4996c9.msi : (
      - 
     )          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[31/05/2013 17:33:40] - C:\Windows\Installer\4996cf.msi : (HP LJ M127128 Scan HP Scan - Hewlett-Packard Co.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[05/02/2013 08:43:50] - C:\Windows\Installer\4996d6.msi : (hpStatusAlertsM127-M128 - Hewlett-Packard)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[18/04/2013 14:58:38] - C:\Windows\Installer\4996dc.msi : (hpStatusAlerts - Hewlett Packard)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[10/05/2013 06:15:10] - C:\Windows\Installer\4996e2.msi : (HP LaserJet Pro MFP M127-M128 Fax Driver - Hewlett-Packard Co.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[20/06/2013 08:00:34] - C:\Windows\Installer\4996e8.msi : (HPDXP - HP)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[12/09/2012 07:21:48] - C:\Windows\Installer\4996ee.msi : ( - HP)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[12/09/2012 07:21:36] - C:\Windows\Installer\4996f4.msi : ( - HP)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[10/05/2013 06:15:08] - C:\Windows\Installer\4996fb.msi : (HP LaserJet Pro MFP M127-M128 Fax - Hewlett-Packard Co.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[01/05/2013 00:45:46] - C:\Windows\Installer\499701.msi : (HP Product FWUpdater - Hewlett-Packard Company)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[19/10/2015 14:58:53] - C:\Windows\Installer\4db3e.msi : (AO Help - ASUS)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[19/03/2015 14:59:04] - C:\Windows\Installer\538ef.msi : (Google Update Helper - Google Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/08/2015 21:05:25] - C:\Windows\Installer\561615.msi : (Java SE Runtime Environment 8.0 - Oracle Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[19/05/2017 18:28:25] - C:\Windows\Installer\710258.msi : (Java SE Runtime Environment 8 Update 131 - Oracle Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[19/05/2017 18:28:42] - C:\Windows\Installer\710265.msi : (Java Auto Updater - Oracle Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[24/11/2016 12:53:19] - C:\Windows\Installer\71c21b.msi : (PlatineX - Nom de votre société)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[24/11/2016 12:56:31] - C:\Windows\Installer\71c21f.msi : (PressionHertz - CTICM)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[24/11/2016 12:57:44] - C:\Windows\Installer\71c223.msi : (PotArtX - CTICM)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[11/04/2014 10:33:00] - C:\Windows\Installer\7e29.msi : (Intel(R) Rapid Storage Technology - Intel Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[27/08/2013 11:15:07] - C:\Windows\Installer\7e2f.msi : (ASUS Product Register Program - ASUSTek Computer Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[20/03/2014 12:44:52] - C:\Windows\Installer\82ea.msi : (Intel(R) Management Engine Components - Intel Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[20/03/2014 12:45:10] - C:\Windows\Installer\82f7.msi : (Intel(R) Management Engine Components - Intel Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[20/03/2014 12:42:56] - C:\Windows\Installer\82fd.msi : (Intel(R) Trusted Connect Service Client - Intel Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[26/03/2014 18:00:32] - C:\Windows\Installer\83f16.msi : (Intel(R) Chipset Device Software - Intel Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[06/10/2012 10:04:06] - C:\Windows\Installer\89e6ae.msi : (SolidWorks 2012 - SolidWorks Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[06/10/2012 10:32:04] - C:\Windows\Installer\89e6b5.msi : (Package d'installation des langues pour SolidWorks - InstallShield)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[12/12/2015 00:58:00] - C:\Windows\Installer\9122b4.msi : (Google Talk Plugin Installer - Google)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[30/09/2014 01:47:39] - C:\Windows\Installer\a07e1.msi : ([ProductName] Installer - Apple Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[04/05/2017 17:39:02] - C:\Windows\Installer\a8d9b.msi : (Adobe ARM Installer - Adobe Systems Incorporated)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/06/2016 10:29:42] - C:\Windows\Installer\c7add.msi : (MappyPlus - Mappy)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[02/12/2015 06:10:02] - C:\Windows\Installer\de2a20.msi : ( -)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[02/12/2015 07:13:24] - C:\Windows\Installer\de2a29.msi : (Package d'installation des langues pour SOLIDWORKS - Dassault Systemes SolidWorks Corp)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[02/12/2015 06:16:06] - C:\Windows\Installer\de2a3c.msi : ([ProductName] - Dassault Systemes SolidWorks Corp)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[19/08/2015 17:25:23] - C:\Windows\Installer\e1d2c2.msi : (HP Update - Hewlett-Packard)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]

---------- | %System%\*.in*

[14/07/2009 06:57:09] - [73] - C:\Windows\System32\desktop.ini
[16/09/2009 11:44:52] - [3235] - C:\Windows\System32\hptcpmon.ini
[17/04/2015 15:54:32] - [16303] - C:\Windows\System32\ieuinit.inf
[14/07/2009 07:13:15] - [1671678] - C:\Windows\System32\PerfStringBackup.INI
[13/10/2015 20:11:30] - [148] - C:\Windows\System32\ricdb.ini
[10/06/2009 23:01:25] - [60124] - C:\Windows\System32\tcpmon.ini
[17/04/2015 15:54:33] - [16303] - C:\Windows\Syswow64\ieuinit.inf
[14/07/2009 06:55:01] - [535] - C:\Windows\Syswow64\mapisvc.inf
[09/11/2014 19:47:47] - [1645810] - C:\Windows\Syswow64\PerfStringBackup.INI

---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan

[MD5.D9FDE19432E8B011DB8574C6CF5443AA] - |A| - [12/10/2016 20:06:02] - (.-.) - [122.35 Ko] - (0.0.0.0) - C:\Windows\AppPatch\AppPatch64\sysmain.sdb
[MD5.00000000000000000000000000000000] - |D| - [22/06/2017 09:14:54] - [0 Ko] - C:\Windows\Temp\avast_ash2
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [22/06/2017 09:29:22] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\CProgram FilesAVAST SoftwareSZBrowser3.55.2393.607SZBrowser_autoupdate.download.lock
[MD5.67A3811AA106C2D3EFC0C2383013160F] - |A| - [21/06/2017 19:39:53] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\Windows\Temp\fwtsqmfile00.sqm
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |N| - [08/06/2017 09:24:58] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\FXSAPIDebugLogFile.txt
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |N| - [08/06/2017 09:24:58] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\FXSTIFFDebugLogFile.txt
[MD5.00000000000000000000000000000000] - |D| - [22/06/2017 09:14:28] - [0 Ko] - C:\Windows\Temp\hsperfdata_JHAD-PC$
[MD5.00000000000000000000000000000000] - |D| - [15/03/2016 16:35:54] - [318.25 Ko] - C:\Windows\Temp\SafeZone Installer
[MD5.EBBB161339CC7D5FFC0749EB6BE8A126] - |RA| - [22/06/2017 09:15:14] - (.Copyright 2013 ASUSTeK Computer Inc. - ASUS Kernel Mode Driver for NT.) - [24.24 Ko] - (1.2.0.0) - C:\Windows\Temp\UDD3B8.tmp
[MD5.EBBB161339CC7D5FFC0749EB6BE8A126] - |RA| - [21/06/2017 10:05:31] - (.Copyright 2013 ASUSTeK Computer Inc. - ASUS Kernel Mode Driver for NT.) - [24.24 Ko] - (1.2.0.0) - C:\Windows\Temp\UDD7CB1.tmp
[MD5.EBBB161339CC7D5FFC0749EB6BE8A126] - |RA| - [21/06/2017 20:51:52] - (.Copyright 2013 ASUSTeK Computer Inc. - ASUS Kernel Mode Driver for NT.) - [24.24 Ko] - (1.2.0.0) - C:\Windows\Temp\UDD9178.tmp
[MD5.EBBB161339CC7D5FFC0749EB6BE8A126] - |RA| - [21/06/2017 17:01:06] - (.Copyright 2013 ASUSTeK Computer Inc. - ASUS Kernel Mode Driver for NT.) - [24.24 Ko] - (1.2.0.0) - C:\Windows\Temp\UDD9723.tmp
[MD5.00000000000000000000000000000000] - |D| - [13/11/2014 00:01:05] - [0 Ko] - C:\Windows\Temp\_avast_
[MD5.00000000000000000000000000000000] - |D| - [12/04/2011 11:16:34] - [0 Ko] - C:\Windows\System32\040C
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |AH| - [14/07/2009 06:45:49] - (.-.) - [21.58 Ko] - (0.0.0.0) - C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |AH| - [14/07/2009 06:45:49] - (.-.) - [21.58 Ko] - (0.0.0.0) - C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[MD5.F2CF417EF502555B139EDCD9FEBF9CD3] - |A| - [17/01/2015 12:03:47] - (.-.) - [107.27 Ko] - (0.0.0.0) - C:\Windows\System32\AcpiServiceVnA64.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [4986 Ko] - C:\Windows\System32\AdvancedInstallers
[MD5.B2BB2A38D02A040E8DD39B6C7857A278] - |A| - [19/12/2012 17:44:20] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenCL 1.1 Runtime.) - [33709 Ko] - (10.0.1084.4) - C:\Windows\System32\amdocl64.dll
[MD5.95495BC287FF9A6FB2F3871F4A25B362] - |A| - [19/12/2012 21:33:50] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [55 Ko] - (8.14.10.23) - C:\Windows\System32\amdpcom64.dll
[MD5.00000000000000000000000000000000] - |D| - [12/11/2014 23:33:42] - [0 Ko] - C:\Windows\System32\appmgmt
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [201.5 Ko] - C:\Windows\System32\ar-SA
[MD5.C7FB2578AD61DB530FF8169348EE9A30] - |A| - [11/05/2017 13:56:46] - (.Copyright (c) 2014 AVAST Software - Avast start-up scanner.) - [391.07 Ko] - (17.4.3482.0) - C:\Windows\System32\aswBoot.exe
[MD5.500CE062629FB734989AEEC2A23A6CD8] - |A| - [19/12/2012 21:33:42] - (.Copyright (C) 2008-2011 Advanced Micro Devices, Inc. - ADL.) - [604.5 Ko] - (6.14.10.1124) - C:\Windows\System32\atiadlxx.dll
[MD5.8F45207A3E6D1102BD92A5DF53CBD27D] - |A| - [10/11/2014 00:55:11] - (.-.) - [320.27 Ko] - (0.0.0.0) - C:\Windows\System32\atiapfxx.blb
[MD5.EAC00C092652BD1E39E50DB562BF2A82] - |A| - [19/12/2012 22:19:46] - (.Copyright (C) 2009 Advanced Micro Devices, Inc. - atiapfxx Application.) - [160 Ko] - (6.14.10.1001) - C:\Windows\System32\atiapfxx.exe
[MD5.749584902AE80A53EFDA4F8FA03E1713] - |A| - [11/05/2009 23:35:28] - (.Copyright (C) 2008 Advanced Micro Devices, Inc. - ATIBRTMON.) - [116 Ko] - (2.0.0.0) - C:\Windows\System32\atibtmon.exe
[MD5.F1D91A723EA37A9DB63608562A4E46B1] - |A| - [19/12/2012 22:17:54] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL compiler runtime.) - [43.5 Ko] - (6.14.10.1741) - C:\Windows\System32\aticalcl64.dll
[MD5.6E78A8A22BB70F9B88C33B2E9C798B2A] - |A| - [19/12/2012 22:17:40] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL DD.) - [15706 Ko] - (6.14.10.1741) - C:\Windows\System32\aticaldd64.dll
[MD5.14EF6DFCA5A42FFC728E7790F0CF4815] - |A| - [19/12/2012 22:18:04] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL runtime.) - [50 Ko] - (6.14.10.1741) - C:\Windows\System32\aticalrt64.dll
[MD5.D1F1D20DADF0C6882306126026E54EE2] - |A| - [19/12/2012 22:08:04] - (.Copyright (C) 1998-2012 AMD Inc. - aticfx64.dll.) - [1124.5 Ko] - (8.17.10.1172) - C:\Windows\System32\aticfx64.dll
[MD5.5518AB4339D1108D6E924D5D56F4469E] - |A| - [10/11/2014 00:55:11] - (.2002-2012 - Graphics DEM.) - [432 Ko] - (4.0.4736.26909) - C:\Windows\System32\atidemgy.dll
[MD5.6935BD1DD8CD2149DAC2C395F33EFF08] - |A| - [19/12/2012 21:49:00] - (.Copyright (C) 1998-2011 AMD Inc. - atidxx64.dll.) - [7198 Ko] - (8.17.10.472) - C:\Windows\System32\atidxx64.dll
[MD5.0620FE89F70FC0895DC312EEBAA62B06] - |A| - [19/12/2012 21:56:46] - (.Copyright © 2008-2009 AMD - AMD External Events Client Module.) - [538 Ko] - (6.14.11.1137) - C:\Windows\System32\atieclxx.exe
[MD5.6535C38915C7808F0EAAC82944ACB3BD] - |A| - [19/12/2012 21:54:18] - (.Copyright (c) ATI Technologies Inc. 2003-2009 - atiedu64.) - [58 Ko] - (6.14.10.2514) - C:\Windows\System32\atiedu64.dll
[MD5.4EAAAAB8759644D572522FBCDD196A13] - |A| - [19/12/2012 21:56:00] - (.Copyright © 2008-2009 AMD - AMD External Events Service Module.) - [235 Ko] - (6.14.11.1137) - C:\Windows\System32\atiesrxx.exe
[MD5.8C8E5D647855E338772BF0275044ACE6] - |A| - [19/12/2012 21:33:18] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [17.5 Ko] - (8.14.1.6290) - C:\Windows\System32\atig6pxx.dll
[MD5.0D55C9DA275E7AF24D69438937CA6291] - |A| - [19/12/2012 21:33:10] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [41 Ko] - (8.14.1.6290) - C:\Windows\System32\atig6txx.dll
[MD5.C19C6B78FB1AE8E5BB3810AEF05E87EC] - |A| - [19/12/2012 21:33:14] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [14.5 Ko] - (8.14.1.6290) - C:\Windows\System32\atiglpxx.dll
[MD5.6CA564E87DECD02A47BA0A839E34D05E] - |A| - [29/11/2012 17:40:02] - (.-.) - [647.25 Ko] - (0.0.0.0) - C:\Windows\System32\atiicdxx.dat
[MD5.95495BC287FF9A6FB2F3871F4A25B362] - |A| - [19/12/2012 21:33:50] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [55 Ko] - (8.14.10.23) - C:\Windows\System32\atimpc64.dll
[MD5.FB0CFFDAF02A34E5A4211474D3ED870E] - |A| - [19/12/2012 21:54:22] - (.Copyright ? 2009 AMD - Multi-language DPPE DLL.) - [21 Ko] - (6.14.10.1002) - C:\Windows\System32\atimuixx.dll
[MD5.D89D58F11E0B7017B815751A89B9F748] - |A| - [19/12/2012 22:29:36] - (.Copyright (C) 1998-2011 Advanced Micro Devices, Inc. - AMD OpenGL driver.) - [22911.5 Ko] - (6.14.10.12002) - C:\Windows\System32\atio6axx.dll
[MD5.A6BAAA6608A9B00220E9D5C023FC53D1] - |A| - [22/06/2009 17:34:36] - (.Copyright (C) 2008 - ATIODCLI Application.) - [50 Ko] - (1.0.0.1) - C:\Windows\System32\ATIODCLI.exe
[MD5.463FFBD3350E3EB57F7D5746EBD233CA] - |A| - [27/08/2010 20:33:08] - (.Copyright (C) 2008 - ATIODE Application.) - [325 Ko] - (1.0.0.1) - C:\Windows\System32\ATIODE.exe
[MD5.64A0869F18560CD529120ADE00155C3E] - |A| - [10/11/2014 00:55:11] - (.-.) - [3.83 Ko] - (0.0.0.0) - C:\Windows\System32\atipblag.dat
[MD5.CD15442F1F70AE3FC8A746257F153DD3] - |A| - [19/12/2012 21:54:38] - (.Copy Right © 2012 Advanced Micro Devices, Inc - TMM Clone Control Module.) - [117.5 Ko] - (6.14.11.23) - C:\Windows\System32\atitmm64.dll
[MD5.3DA9C887F25F1968D4E49C76BEF819AD] - |A| - [19/12/2012 21:31:00] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiu9pag.dll.) - [102 Ko] - (8.14.1.6290) - C:\Windows\System32\atiu9p64.dll
[MD5.4E338289BD68D11543D8E34313DB47F0] - |A| - [19/12/2012 21:44:12] - (.Copyright (C) 1998-2011 AMD Inc. - atiumd64.dll.) - [6627.5 Ko] - (9.14.10.945) - C:\Windows\System32\atiumd64.dll
[MD5.2531582EF6150AD966489B46D4A4BFE8] - |A| - [19/12/2012 21:52:22] - (.-.) - [2990.11 Ko] - (0.0.0.0) - C:\Windows\System32\atiumd6a.cap
[MD5.CAB32D558F7711E9A129B3A98A9D13A4] - |A| - [19/12/2012 21:59:44] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) - [4968.5 Ko] - (8.14.10.381) - C:\Windows\System32\atiumd6a.dll
[MD5.1C045AA40FC86CAF02D64B6218DC1DD6] - |A| - [19/12/2012 21:31:14] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiuxpag.dll.) - [127 Ko] - (8.14.1.6290) - C:\Windows\System32\atiuxp64.dll
[MD5.9B094BDCC8779740D38DB097860E7661] - |A| - [10/11/2014 00:55:11] - (.-.) - [74.86 Ko] - (0.0.0.0) - C:\Windows\System32\ativce02.dat
[MD5.76BEEC61155FF533BC59DBC8CD14BA8E] - |A| - [10/11/2014 00:55:11] - (.-.) - [223.17 Ko] - (0.0.0.0) - C:\Windows\System32\ativvaxy_cik.dat
[MD5.76BEEC61155FF533BC59DBC8CD14BA8E] - |A| - [10/11/2014 00:55:11] - (.-.) - [223.17 Ko] - (0.0.0.0) - C:\Windows\System32\ativvaxy_cik_nd.dat
[MD5.7C163EDE63854539828F5B2C1BC529FD] - |A| - [10/11/2014 00:55:11] - (.-.) - [153.46 Ko] - (0.0.0.0) - C:\Windows\System32\ativvsva.dat
[MD5.219D7091DD1D93728392337FE9C7ADD6] - |A| - [10/11/2014 00:55:11] - (.-.) - [200.15 Ko] - (0.0.0.0) - C:\Windows\System32\ativvsvl.dat
[MD5.2D0895BED270D1A8CADD981A5BFC0AE5] - |A| - [17/01/2015 12:03:47] - (.-.) - [591.3 Ko] - (0.0.0.0) - C:\Windows\System32\audioLibVc.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [173 Ko] - C:\Windows\System32\bg-BG
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [2590.92 Ko] - C:\Windows\System32\Boot
[MD5.F02F93D5AEC524052E4A37C1BB7CCF31] - |A| - [14/07/2009 03:20:24] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother Multi Function CoInstaller.) - [19 Ko] - (1.0.0.20) - C:\Windows\System32\brcoinst.dll
[MD5.7D00FF6A4315FDF4ACAFBB4EF157EA9F] - |A| - [14/07/2009 02:07:04] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [91.5 Ko] - (1.0.0.1) - C:\Windows\System32\BthpanContextHandler.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [80354.64 Ko] - C:\Windows\System32\catroot
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [28165.48 Ko] - C:\Windows\System32\catroot2
[MD5.4B5459A80C4DCCCAEA78A555823F5F91] - |A| - [19/12/2012 17:45:12] - (.-.) - [217.5 Ko] - (0.0.0.0) - C:\Windows\System32\clinfo.exe
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [10189.83 Ko] - C:\Windows\System32\CodeIntegrity
[MD5.3A55177584983AFE1F7DB245C1BD41B8] - |A| - [10/11/2014 00:55:11] - (.AMD. - CoInstaller DLL.) - [68.5 Ko] - (1.0.4.8) - C:\Windows\System32\coinst_9.012.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [357 Ko] - C:\Windows\System32\com
[MD5.6E14F444A2506049EEC25CB5EDFE0905] - |A| - [17/01/2015 12:03:47] - (.2013 © Real Sound Lab SIA, iSoft Solutions - CONEQ™ Media Suite APO GUI Library.) - [110.91 Ko] - (1.0.0.4) - C:\Windows\System32\CONEQMSAPOGUILibrary.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [459825.14 Ko] - C:\Windows\System32\config
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [432 Ko] - C:\Windows\System32\cs-CZ
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [427.5 Ko] - C:\Windows\System32\da-DK
[MD5.27C042B16AAB77DA585FDD2A145FAC0D] - |A| - [17/01/2015 12:03:47] - (.©2014 Dolby Laboratories. - Dolby Digital Plus API x86.) - [255.34 Ko] - (7.6.3.1) - C:\Windows\System32\DDPA64.dll
[MD5.897250C97A775A7A667328F849D93D6F] - |A| - [17/01/2015 12:03:47] - (.©2014 Dolby Laboratories. - Dolby Digital Plus COM DLL x86.) - [1894.34 Ko] - (7.6.3.1) - C:\Windows\System32\DDPD64A.dll
[MD5.A2D8B4C56F55F0349DC7A0C942833E0F] - |A| - [17/01/2015 12:03:47] - (.©2014 Dolby Laboratories. - Dolby Digital Plus APO x86.) - [308.34 Ko] - (7.6.3.1) - C:\Windows\System32\DDPO64A.dll
[MD5.CCFDC399241063EF7F3EBA80F273F1A2] - |A| - [17/01/2015 12:03:47] - (.©2014 Dolby Laboratories. - Dolby DS1PC Control Panel x86.) - [6072.34 Ko] - (7.6.3.1) - C:\Windows\System32\DDPP64A.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [457.5 Ko] - C:\Windows\System32\de-DE
[MD5.079B8AEB4A55BF8493BD1EC70285D920] - |ASH| - [14/07/2009 06:57:09] - (.-.) - [0.07 Ko] - (0.0.0.0) - C:\Windows\System32\desktop.ini
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [5334.5 Ko] - C:\Windows\System32\Dism
[MD5.8B5A737AD11EF45D9B1AEB4ED6884968] - |A| - [17/01/2015 12:03:47] - (.(c) DTS. - DTS Bass Enhancement COM DLL.) - [711.6 Ko] - (1.0.0.1) - C:\Windows\System32\DTSBassEnhancementDLL64.dll
[MD5.21B38D4D86A87909491F690883AE6D1E] - |A| - [17/01/2015 12:03:47] - (.(c) DTS. - DTS Boost COM DLL.) - [1452.1 Ko] - (1.0.0.1) - C:\Windows\System32\DTSBoostDLL64.dll
[MD5.FF31A2F57AAAB58DB78FCC961A58B206] - |A| - [17/01/2015 12:03:47] - (.(c) DTS. - DTS Gain Compensator COM DLL.) - [418.6 Ko] - (1.0.0.1) - C:\Windows\System32\DTSGainCompensatorDLL64.dll
[MD5.BC0474E5476E5EA0D0E1AA5AC41E2061] - |A| - [17/01/2015 12:03:47] - (.(c) DTS. - DTS GFX APO.) - [237.1 Ko] - (1.0.0.3) - C:\Windows\System32\DTSGFXAPO64.dll
[MD5.3B8FB5376F5431C0101747D5138BCB9B] - |A| - [17/01/2015 12:03:47] - (.(c) DTS. - DTS GFX APO.) - [236.1 Ko] - (1.0.0.3) - C:\Windows\System32\DTSGFXAPONS64.dll
[MD5.B3977C8BA77559F4F8752AE8EB724C87] - |A| - [17/01/2015 12:03:47] - (.(c) DTS. - DTS LFX APO.) - [237.1 Ko] - (1.0.0.3) - C:\Windows\System32\DTSLFXAPO64.dll
[MD5.192A03A21636D3775CEE4C049C3BEB2A] - |A| - [17/01/2015 12:03:47] - (.(c) DTS. - DTS Limiter COM DLL.) - [422.6 Ko] - (1.0.0.1) - C:\Windows\System32\DTSLimiterDLL64.dll
[MD5.2EF5442E8E7ED20F7634EEFB09640C8F] - |A| - [17/01/2015 12:03:47] - (.(c) DTS. - DTS NEO:PC COM DLL.) - [479.6 Ko] - (1.0.0.1) - C:\Windows\System32\DTSNeoPCDLL64.dll
[MD5.F7C357462077156DC211AC2112FC8C53] - |A| - [17/01/2015 12:03:47] - (.(c) DTS. - DTS Surround Sensation Headphone COM DLL.) - [1531.6 Ko] - (1.0.0.1) - C:\Windows\System32\DTSS2HeadphoneDLL64.dll
[MD5.F132C08BD8C58579B400DFAA71F34CFB] - |A| - [17/01/2015 12:03:47] - (.(c) DTS. - DTS Surround Sensation Speaker COM DLL.) - [1715.1 Ko] - (1.0.0.1) - C:\Windows\System32\DTSS2SpeakerDLL64.dll
[MD5.9948969B2C1987B1D64789EFEB284A84] - |A| - [17/01/2015 12:03:47] - (.(c) DTS. - DTS Symmetry COM DLL.) - [695.6 Ko] - (1.0.0.1) - C:\Windows\System32\DTSSymmetryDLL64.dll
[MD5.37B8A8089ECED77F6CEAF74917C5D12B] - |A| - [17/01/2015 12:03:47] - (.(c) DTS. - DTS GFX APO.) - [475.94 Ko] - (2.1.1.0) - C:\Windows\System32\DTSU2PGFX64.dll
[MD5.8AE860D92752CFA136979B1FF797FFDC] - |A| - [17/01/2015 12:03:47] - (.(c) DTS. - DTS LFX APO.) - [489.44 Ko] - (2.1.1.0) - C:\Windows\System32\DTSU2PLFX64.dll
[MD5.A9B98F96FBE514ADEABD20B2BD132172] - |A| - [17/01/2015 12:03:47] - (.(c) DTS. - DTS LFX APO.) - [405.94 Ko] - (2.1.1.0) - C:\Windows\System32\DTSU2PREC64.dll
[MD5.DE32448E6B40141C80DAABFF6FBE1744] - |A| - [17/01/2015 12:03:47] - (.(c) DTS. - DTS Voice Clarity COM DLL.) - [677.1 Ko] - (1.0.0.1) - C:\Windows\System32\DTSVoiceClarityDLL64.dll
[MD5.CF19E5E7A3D0673EF3FD3E1FEC1BE995] - |A| - [10/11/2014 00:11:27] - (.-.) - [3.04 Ko] - (0.0.0.0) - C:\Windows\System32\e1d62x64.din
[MD5.0C71AC33C7E2281E914CBECFE4BBCB95] - |A| - [31/12/2011 15:16:38] - (.- Microsoft® Forms DLL.) - [1552.78 Ko] - (15.0.3628.1000) - C:\Windows\System32\FM20.DLL
[MD5.B062F368280585276C5B01A9B812CB86] - |A| - [31/12/2011 15:16:38] - (.- Microsoft® Forms International DLL.) - [31.31 Ko] - (15.0.3628.1000) - C:\Windows\System32\FM20enu.DLL
[MD5.25B36C6788D9FBD0E39D4F057C8E434A] - |A| - [31/12/2011 15:30:48] - (.- Microsoft® Forms International DLL.) - [35.81 Ko] - (15.0.3628.1000) - C:\Windows\System32\FM20fra.DLL
[MD5.80387DD589A705984F74EADE7FB2D58D] - |A| - [14/07/2009 06:45:34] - (.-.) - [361.02 Ko] - (0.0.0.0) - C:\Windows\System32\FNTCACHE.DAT
[MD5.00000000000000000000000000000000] - |D| - [12/04/2011 11:16:34] - [1840 Ko] - C:\Windows\System32\fr
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [42389.95 Ko] - C:\Windows\System32\fr-FR
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\System32\FxsTmp
[MD5.2AE808CB0D9A667B0CF41EA74B3B9BAC] - |A| - [10/06/2009 22:36:24] - (.-.) - [39.6 Ko] - (0.0.0.0) - C:\Windows\System32\gatherNetworkInfo.vbs
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0 Ko] - C:\Windows\System32\GroupPolicy
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0 Ko] - C:\Windows\System32\GroupPolicyUsers
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [191.5 Ko] - C:\Windows\System32\he-IL
[MD5.A93573055D33BE69F55F168597E1D767] - |A| - [16/09/2009 11:44:52] - (.-.) - [3.16 Ko] - (0.0.0.0) - C:\Windows\System32\hptcpmon.ini
[MD5.EAE1BC3F0A324751E87A3FE32BCF4A08] - |A| - [16/09/2009 11:44:42] - (.Copyright © 2003-2005 - HP Rediscovery Library.) - [129 Ko] - (2.2.0.3) - C:\Windows\System32\hpzjrd01.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [168 Ko] - C:\Windows\System32\hr-HR
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [434.5 Ko] - C:\Windows\System32\hu-HU
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [5.36 Ko] - C:\Windows\System32\ias
[MD5.5950161AD9643B7153CC509DA76DF15E] - |A| - [17/01/2015 12:03:48] - (.Copyright (c) 2014, ICEpower a/s - ICEpower ICEsound audio effects.) - [284.66 Ko] - (1.0.0.4) - C:\Windows\System32\ICEsoundAPO64.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [36.27 Ko] - C:\Windows\System32\icsxml
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [36875.94 Ko] - C:\Windows\System32\IME
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0 Ko] - C:\Windows\System32\inetsrv
[MD5.AAA0C03BF54FC8A4E895B576861A9848] - |A| - [21/11/2010 05:07:41] - (.-.) - [29.12 Ko] - (0.0.0.0) - C:\Windows\System32\InstallPackage_ETW.Log
[MD5.6F7D1601DA55BBE5C7A79E01E236D7B9] - |A| - [17/01/2015 12:03:48] - (.© Knowles Electronics. - Knowles HD Audio APO.) - [589.83 Ko] - (4.1105.6000.53) - C:\Windows\System32\KAAPORT64.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [360 Ko] - C:\Windows\System32\ko-KR
[MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - |A| - [14/07/2009 04:35:50] - (.-.) - [11687.04 Ko] - (0.0.0.0) - C:\Windows\System32\korwbrkr.lex
[MD5.E89C001FB4D9E08CC7072CE774CDB999] - |A| - [21/11/2010 04:52:07] - (.-.) - [0.01 Ko] - (0.0.0.0) - C:\Windows\System32\LocalGroupAdminAdd.log
[MD5.563C3703A9B57CC9B370A76D6173D09C] - |A| - [21/11/2010 04:52:08] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\Windows\System32\Local_LLU.log
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [2505.35 Ko] - C:\Windows\System32\LogFiles
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [165 Ko] - C:\Windows\System32\lt-LT
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [166 Ko] - C:\Windows\System32\lv-LV
[MD5.00000000000000000000000000000000] - |D| - [20/11/2014 16:47:50] - [28828.1 Ko] - C:\Windows\System32\Macromed
[MD5.7A495CA1402C2F9F5D035092AD808669] - |A| - [13/07/2009 22:17:48] - (.-.) - [0.85 Ko] - (0.0.0.0) - C:\Windows\System32\manage-bde.wsf
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [1981.88 Ko] - C:\Windows\System32\manifeststore
[MD5.75616F8DB5C092A8A50AFEC273859DD7] - |A| - [17/01/2015 12:03:48] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [311.34 Ko] - (2.2.9.0) - C:\Windows\System32\MaxxAudioAPO20.dll
[MD5.06080807E61471A18AD99F3E6FF3C9B5] - |A| - [17/01/2015 12:03:48] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [647.75 Ko] - (3.6.0.0) - C:\Windows\System32\MaxxAudioAPO30.dll
[MD5.80C4F3C1718C9EB97872E8074F215D35] - |A| - [17/01/2015 12:03:48] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [1110.09 Ko] - (4.5.5.0) - C:\Windows\System32\MaxxAudioAPO4064.dll
[MD5.9AC502A3BCBB5A61A652D21280F947B6] - |A| - [17/01/2015 12:03:48] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [1141.09 Ko] - (5.5.1.0) - C:\Windows\System32\MaxxAudioAPO5064.dll
[MD5.3107A0536287C4BB89D70377642F6B4A] - |A| - [17/01/2015 12:03:48] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [1287.09 Ko] - (6.0.15.0) - C:\Windows\System32\MaxxAudioAPO6064.dll
[MD5.20033C3A104038F59668D563F0A0A048] - |A| - [17/01/2015 12:03:49] - (.Copyright (C) 2010-2014 - MaxxAudio APO Shell.) - [1038.59 Ko] - (4.15.0.0) - C:\Windows\System32\MaxxAudioAPOShell64.dll
[MD5.E93ADE8C38CA41442FE60E844DED92AC] - |A| - [17/01/2015 12:03:49] - (.Copyright © 1996-2014 -.) - [1993.59 Ko] - (4.1.1.0) - C:\Windows\System32\MaxxAudioEQ64.dll
[MD5.75EA61BDD02296302A61B9188DB2F5A9] - |A| - [17/01/2015 12:03:49] - (.- Waves Realtek App.) - [1889.09 Ko] - (5.2.21.0) - C:\Windows\System32\MaxxAudioRealtek264.dll
[MD5.CF1FBA842B8F4E9AA8926B0BAC1DE47D] - |A| - [17/01/2015 12:03:49] - (.Copyright © 1996-2014 -.) - [14515.09 Ko] - (4.5.7.0) - C:\Windows\System32\MaxxAudioRealtek64.dll
[MD5.E151AAB6C22879648EC0C37422214E08] - |A| - [17/01/2015 12:03:49] - (.Copyright © 1996-2014 -.) - [27679.09 Ko] - (1.7.11.0) - C:\Windows\System32\MaxxAudioVnA64.dll
[MD5.631A4E29274E7F0DCDD336F54C8E24BA] - |A| - [17/01/2015 12:03:49] - (.Copyright © 1996-2014 -.) - [3866.59 Ko] - (1.4.5.0) - C:\Windows\System32\MaxxAudioVnN64.dll
[MD5.581778867AEB80C4366057B3DE1DC4D0] - |A| - [17/01/2015 12:03:49] - (.© Waves Audio Ltd. - MaxxSpeech APO.) - [1283.11 Ko] - (1.1.4.0) - C:\Windows\System32\MaxxSpeechAPO64.dll
[MD5.08CF8AE5EC57381F41F3851C5351A155] - |A| - [17/01/2015 12:03:49] - (.© Waves Audio Ltd. - MaxxVoice APO.) - [934.09 Ko] - (2.5.0.0) - C:\Windows\System32\MaxxVoiceAPO2064.dll
[MD5.9ABDB1ED02FA5E401DF621329CFEB6EA] - |A| - [17/01/2015 12:03:49] - (.© Waves Audio Ltd. - MaxxVoice APO.) - [12592.59 Ko] - (3.0.15.0) - C:\Windows\System32\MaxxVoiceAPO3064.dll
[MD5.587A8CF457604D84266FF858CEB60223] - |A| - [17/01/2015 12:03:50] - (.© Waves Audio Ltd. - MaxxVolumeSD APO.) - [647.25 Ko] - (3.6.0.0) - C:\Windows\System32\MaxxVolumeSDAPO.dll
[MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 06:45:42] - [11.95 Ko] - C:\Windows\System32\Microsoft
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [3464.93 Ko] - C:\Windows\System32\migration
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [37792.2 Ko] - C:\Windows\System32\migwiz
[MD5.39E801545FFF6230C80140E0F8A06629] - |A| - [14/07/2009 06:57:09] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\Windows\System32\migwiz.lnk
[MD5.A50250D5D6502D3BD2B99C974BD4C524] - |A| - [17/01/2015 12:03:50] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO lfx dll.) - [5616.26 Ko] - (6.3.9600.16384) - C:\Windows\System32\NAHIMICAPOlfx.dll
[MD5.79EF9AAA516436DEB230DA04F67BA859] - |A| - [17/01/2015 12:03:50] - (.Copyright © 2013 Nahimic Inc. All rights reserved - Nahimic APO Settings Communication Dll.) - [920.3 Ko] - (1.0.0.14866) - C:\Windows\System32\NAHIMICAPOSettingsIPC.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [422.5 Ko] - C:\Windows\System32\nb-NO
[MD5.CD48AD912839B9FB6CCA5D4AA9B37500] - |A| - [14/07/2009 00:01:19] - (.-.) - [21.3 Ko] - (0.0.0.0) - C:\Windows\System32\NetTrace.PLA.Diagnostics.xml
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [102 Ko] - C:\Windows\System32\NetworkList
[MD5.8E24A7BCAEF2045DA1FF29217622843E] - |A| - [21/11/2010 04:52:07] - (.-.) - [0.04 Ko] - (0.0.0.0) - C:\Windows\System32\Network_LLU.log
[MD5.BBCBDD58230CF4353694AA8114E33FFB] - |A| - [07/02/2012 22:33:20] - (.(c) ComponentOne LLC. - VSFlexGrid8 (Light).) - [963.13 Ko] - (20.2000.0.0) - C:\Windows\System32\nikflex8l.ocx
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [443.5 Ko] - C:\Windows\System32\nl-NL
[MD5.1C96B3DA6ABE5E18B63C64DF75884F6A] - |A| - [14/07/2009 04:35:51] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\Windows\System32\noise.kor
[MD5.78B1DD0BE630C276E98347088A76CE30] - |A| - [09/09/2016 23:03:45] - (.-.) - [0.58 Ko] - (0.0.0.0) - C:\Windows\System32\nv-vk64.json
[MD5.1D58353EB6286B21D22A615D08F52E95] - |A| - [25/07/2015 14:53:54] - (.-.) - [6107.15 Ko] - (0.0.0.0) - C:\Windows\System32\nvcoproc.bin
[MD5.CE4BF5DA33B9FE818945E1A3AAAAE0D6] - |A| - [09/09/2016 23:03:45] - (.-.) - [670.8 Ko] - (0.0.0.0) - C:\Windows\System32\nvfatbinaryLoader.dll
[MD5.8F05C8D17AF78FE86286A5126C0CB560] - |A| - [25/07/2015 14:53:41] - (.-.) - [34.22 Ko] - (0.0.0.0) - C:\Windows\System32\nvinfo.pb
[MD5.4BE1500B3C4B176DD87560C3A1C78216] - |A| - [25/07/2015 14:54:20] - (.-.) - [4.66 Ko] - (0.0.0.0) - C:\Windows\System32\nvPerfProvider.man
[MD5.D11ADBECD384FEED2C93FEE0CFB4997F] - |A| - [09/09/2016 23:03:45] - (.-.) - [10741.31 Ko] - (0.0.0.0) - C:\Windows\System32\nvptxJitCompiler.dll
[MD5.D37FB861D764F7B81D0E7C35F2B1F62D] - |A| - [25/07/2015 14:54:20] - (.-.) - [3092.94 Ko] - (2.25.0.0) - C:\Windows\System32\nvwmi64.exe
[MD5.77C35BC54025814E9482022A81424D53] - |A| - [29/09/2014 19:56:28] - (.(c) ComponentOne LLC. - ComponentOne Chart 8.0 2D OLE/ActiveX Control Module.) - [3651.27 Ko] - (8.0.20053.63) - C:\Windows\System32\olch2x8.ocx
[MD5.4B12F74248BA86169EA537687A2EA53F] - |A| - [29/09/2014 19:56:28] - (.(c) ComponentOne LLC. - ComponentOne Chart 8.0 2D OLE/ActiveX Control Module.) - [3742.01 Ko] - (8.0.20082.87) - C:\Windows\System32\olch2xu8.ocx
[MD5.9029D7A600D1A301D77B16040634AB0C] - |A| - [29/09/2014 19:56:28] - (.(c) ComponentOne LLC. - ComponentOne Chart 8.0 3D OLE/ActiveX Control Module.) - [3093.77 Ko] - (8.0.20053.63) - C:\Windows\System32\olch3x8.ocx
[MD5.0F01AC66593991D151475CC273288369] - |A| - [29/09/2014 19:56:28] - (.(c) ComponentOne LLC. - ComponentOne Chart 8.0 3D OLE/ActiveX Control Module.) - [3181.01 Ko] - (8.0.20082.87) - C:\Windows\System32\olch3xu8.ocx
[MD5.2901049544FDF863362FABA2363EB647] - |A| - [13/07/2009 22:24:21] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\Windows\System32\onlinesetup.cmd
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [13095.58 Ko] - C:\Windows\System32\oobe
[MD5.69E06872C7BF52C039BBAE90365790AD] - |A| - [19/12/2012 17:44:48] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenVideo 1.1 Runtime.) - [74.5 Ko] - (10.0.1084.4) - C:\Windows\System32\OpenVideo64.dll
[MD5.9F7D62A5D073E6A643A5572296CEB863] - |A| - [19/12/2012 17:44:36] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OVDecode 1.1 Runtime.) - [62.5 Ko] - (10.0.1084.4) - C:\Windows\System32\OVDecode64.dll
[MD5.C2691F0B63359C72926AF3636F687D10] - |A| - [05/04/2016 11:24:20] - (.Copyright (c) by pdfforge - pdfcmon.) - [112.5 Ko] - (0.9.4.0) - C:\Windows\System32\pdfcmon.dll
[MD5.CF9660DDDFAC95518258A1C0D40496AB] - |A| - [14/07/2009 04:36:59] - (.-.) - [119.47 Ko] - (0.0.0.0) - C:\Windows\System32\perfc009.dat
[MD5.85AD0409631BDD4CCB4DCBB8EEE938CC] - |A| - [12/04/2011 11:16:45] - (.-.) - [146.86 Ko] - (0.0.0.0) - C:\Windows\System32\perfc00C.dat
[MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |A| - [10/06/2009 22:33:35] - (.-.) - [113.56 Ko] - (0.0.0.0) - C:\Windows\System32\PerfCenterCpl.ico
[MD5.7AAA3E23CE4C7845B112F7A79B110E60] - |A| - [14/07/2009 04:36:59] - (.-.) - [30.81 Ko] - (0.0.0.0) - C:\Windows\System32\perfd009.dat
[MD5.07BA000B2E67565BDF112C35171865A5] - |A| - [12/04/2011 11:16:45] - (.-.) - [37.27 Ko] - (0.0.0.0) - C:\Windows\System32\perfd00C.dat
[MD5.F95F55A189F18166F9A8E17C37149979] - |A| - [14/07/2009 04:36:59] - (.-.) - [639.62 Ko] - (0.0.0.0) - C:\Windows\System32\perfh009.dat
[MD5.59E9B63822444C6E7435A3E1F5629F92] - |A| - [12/04/2011 11:16:45] - (.-.) - [730.82 Ko] - (0.0.0.0) - C:\Windows\System32\perfh00C.dat
[MD5.5DE6EA8387CC9698BD1C55D9A177202D] - |A| - [14/07/2009 07:13:15] - (.-.) - [1632.5 Ko] - (0.0.0.0) - C:\Windows\System32\PerfStringBackup.INI
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [439 Ko] - C:\Windows\System32\pl-PL
[MD5.E0CC2789C9BDED18253C0FD624840056] - |A| - [14/07/2009 02:40:54] - (.Copyright (C) 2001 - Application PrintBrm.) - [70 Ko] - (1.0.0.0) - C:\Windows\System32\PrintBrmUi.exe
[MD5.00000000000000000000000000000000] - |D| - [12/04/2011 11:16:34] - [420.42 Ko] - C:\Windows\System32\Printing_Admin_Scripts
[MD5.8882AD10853E45402CABD3BAF48A7EFC] - |A| - [17/01/2015 12:03:50] - (.©2012 Dolby Laboratories. - Dolby PCEE4 ASL Analog x64.) - [121.27 Ko] - (7.2.8000.17) - C:\Windows\System32\R4EEA64A.dll
[MD5.0B5EF50E26CFD1E7BF01E32E053532B2] - |A| - [17/01/2015 12:03:50] - (.©2012 Dolby Laboratories. - Dolby PCEE4 COM DLL x64.) - [424.77 Ko] - (7.2.8000.17) - C:\Windows\System32\R4EED64A.dll
[MD5.01096663377134C41D618AF0E53A953E] - |A| - [17/01/2015 12:03:50] - (.©2012 Dolby Laboratories. - Dolby PCEE4 GFX APO x64.) - [73.27 Ko] - (7.2.8000.17) - C:\Windows\System32\R4EEG64A.dll
[MD5.D0EB28022A91A5C084E8A7DEBB08D8D2] - |A| - [17/01/2015 12:03:50] - (.©2012 Dolby Laboratories. - Dolby PCEE4 LFX APO x64.) - [138.27 Ko] - (7.2.8000.17) - C:\Windows\System32\R4EEL64A.dll
[MD5.03625A179B27362D3A90E3331AEBE95E] - |A| - [17/01/2015 12:03:50] - (.©2012 Dolby Laboratories. - Dolby PCEE4 Control Panel x64.) - [6996.27 Ko] - (7.2.8000.17) - C:\Windows\System32\R4EEP64A.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [23.75 Ko] - C:\Windows\System32\ras
[MD5.9BEA6D08D6B3917239FCFC9CBCAC022E] - |A| - [13/10/2015 20:11:30] - (.-.) - [0.14 Ko] - (0.0.0.0) - C:\Windows\System32\ricdb.ini
[MD5.4F081B99ACB769088FA72A35C438EEBF] - |A| - [06/12/2011 13:42:32] - (.Copyright(C) 1999-2011 RICOH CO., LTD. - RICOH BIDI Language Monitor.) - [115 Ko] - (4.4.0.0) - C:\Windows\System32\ricl0dlm.dll
[MD5.81B792C4710357A52684764D5401B675] - |AH| - [13/10/2015 20:12:00] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\Windows\System32\RICOH AficioSG2100N RPCS-R.CAC
[MD5.E9D4A333DF15D06C68AC4BFB9B6581CB] - |A| - [17/01/2015 12:03:51] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x64.) - [302.84 Ko] - (6.0.6001.18) - C:\Windows\System32\RP3DAA64.dll
[MD5.B6FE01558CC03F3866C9AD0ED19261D8] - |A| - [17/01/2015 12:03:51] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x64.) - [302.84 Ko] - (6.0.6001.18) - C:\Windows\System32\RP3DHT64.dll
[MD5.A6286A6C7A1BBFCBA17AA54384A21D1C] - |A| - [17/01/2015 12:03:51] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x64.) - [199.34 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEED64A.dll
[MD5.6F4CD493196100EEF349D7132CECAFD9] - |A| - [17/01/2015 12:03:51] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x64.) - [76.84 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEG64A.dll
[MD5.ECAEC5FBBBEF8612AF0A866AFA5F7EF2] - |A| - [17/01/2015 12:03:51] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x64.) - [98.84 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEL64A.dll
[MD5.D0D0D82B7366E691275E433CD34F89B2] - |A| - [17/01/2015 12:03:51] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x64.) - [366.34 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEP64A.dll
[MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [21/11/2010 05:24:25] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\Windows\System32\ScavengeSpace.xml
[MD5.8C3D0C73A0850A0EE62DF9EC36DBDE80] - |N| - [10/11/2014 00:11:51] - (.-.) - [1.86 Ko] - (0.0.0.0) - C:\Windows\System32\SetupBD.din
[MD5.17ABCAD44A75C635583A238ED6333357] - |A| - [17/01/2015 12:03:51] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFAPO.DLL.) - [76.84 Ko] - (3.0.0.16) - C:\Windows\System32\SFAPO64.dll
[MD5.2C25AF115BDDC05D9A84D26227A08E63] - |A| - [17/01/2015 12:03:51] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFCOM.DLL.) - [79.34 Ko] - (3.0.0.16) - C:\Windows\System32\SFCOM64.dll
[MD5.7B3E9344FB43D799C6462227A0E65877] - |A| - [17/01/2015 12:03:51] - (.Copyright (c) 2006-2011 Synopsys, Inc. All Rights Reserved - SFNHK.DLL.) - [215.84 Ko] - (3.0.0.16) - C:\Windows\System32\SFNHK64.dll
[MD5.55D8C5F89695CBDE93201671F5A4A23F] - |A| - [17/01/2015 12:03:52] - (.Copyright (C) 2013 DTS, Inc. - DTS Studio Sound.) - [868.74 Ko] - (3.1.23.0) - C:\Windows\System32\sl3apo64.dll
[MD5.1671AE03E56BEED80A0FBD8519557232] - |A| - [17/01/2015 12:03:52] - (.Copyright (C) 2011 SRS Labs, Inc. - SRS Labs.) - [1024.24 Ko] - (3.1.23.0) - C:\Windows\System32\slcnt64.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2011 11:16:34] - [42.67 Ko] - C:\Windows\System32\slmgr
[MD5.DF311261706F2026AFC0A3125844DE7B] - |A| - [06/09/2012 19:05:54] - (.- SlotMaximizerAg.dll.) - [193.5 Ko] - (1.0.4.1) - C:\Windows\System32\SlotMaximizerAg.dll
[MD5.58C6976DFCEB5BEC87801E12826E4F2A] - |A| - [06/09/2012 19:05:54] - (.- SlotMaximizerBe.dll.) - [3860.5 Ko] - (1.0.4.1) - C:\Windows\System32\SlotMaximizerBe.dll
[MD5.CBC5F17C1A77DFAC7825575A7BBB15C1] - |A| - [17/01/2015 12:03:52] - (.TODO: (c) <Company name>. - TODO: <File description>.) - [240.24 Ko] - (1.0.0.1) - C:\Windows\System32\slprp64.dll
[MD5.AD8A1086FEBF23D98532659B82F68891] - |A| - [17/01/2015 12:03:52] - (.Copyright (C) 2013 DTS, Inc. - DTS Studio Sound.) - [707.74 Ko] - (3.1.23.0) - C:\Windows\System32\sltech64.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [27778.02 Ko] - C:\Windows\System32\SMI
[MD5.C74D61FCA22F36791105D7878AF73572] - |A| - [10/06/2009 23:08:17] - (.-.) - [8.09 Ko] - (0.0.0.0) - C:\Windows\System32\spcinstrumentation.man
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [17378 Ko] - C:\Windows\System32\Speech
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [140427.96 Ko] - C:\Windows\System32\spool
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [2133.41 Ko] - C:\Windows\System32\spp
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [30.19 Ko] - C:\Windows\System32\sppui
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [170 Ko] - C:\Windows\System32\sr-Latn-CS
[MD5.A88BE9A6C4E646A2B2A1BD3A7F4B58E7] - |A| - [17/01/2015 12:03:52] - (.(c) 2007 SRS Labs, Inc. - COM object implementing SRS Headphone 360.) - [194.23 Ko] - (1.1.0.0) - C:\Windows\System32\SRSHP64.dll
[MD5.A028717B791416182959B325D5B40679] - |A| - [17/01/2015 12:03:52] - (.Copyright (c) 2006 SRS Labs, Inc.. - TruSurround HD and HD4 COM object for Windows.) - [206.23 Ko] - (1.1.4.0) - C:\Windows\System32\SRSTSH64.dll
[MD5.018D3D2478754AA411DE6DA6DE5F8F21] - |A| - [17/01/2015 12:03:52] - (.Copyright 2002 SRS Labs, Inc. - TruSurroundXT Module.) - [506.73 Ko] - (3.2.0.0) - C:\Windows\System32\SRSTSX64.dll
[MD5.2FCADCC14F8E540F6ADE4BF92BD8AEDD] - |A| - [17/01/2015 12:03:52] - (.(c) 2006 SRS Labs, Inc. - WOW HD COM object for Windows.) - [152.23 Ko] - (1.1.3.0) - C:\Windows\System32\SRSWOW64.dll
[MD5.835525EACA15B662E933CAD998D66014] - |A| - [17/01/2015 12:03:52] - (.-.) - [2062.3 Ko] - (0.0.0.0) - C:\Windows\System32\SStudio.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [426.5 Ko] - C:\Windows\System32\sv-SE
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [137.88 Ko] - C:\Windows\System32\sysprep
[MD5.5EC92F0EAE3CA59F647C3CA5AA7CB053] - |A| - [21/11/2010 05:24:36] - (.-.) - [339.75 Ko] - (0.0.0.0) - C:\Windows\System32\systemsf.ebd
[MD5.47F22CAD4A16BB40153555D631546B94] - |A| - [10/06/2009 23:01:25] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\Windows\System32\tcpmon.ini
[MD5.05F9840831C29F5BE93AD8BE810D5614] - |A| - [14/07/2009 06:45:37] - (.-.) - [18 Ko] - (0.0.0.0) - C:\Windows\System32\umstartup.etl
[MD5.F736AA948D0C3CBCE212B7B2CB0EF115] - |A| - [14/07/2009 06:45:37] - (.-.) - [45 Ko] - (0.0.0.0) - C:\Windows\System32\umstartup000.etl
[MD5.CAC5063F48729935156E934F36F4D0F7] - |A| - [01/12/2015 21:01:46] - (.(c) ComponentOne LLC. - VSFlexGrid8 (UNICODE Light).) - [802.49 Ko] - (8.0.50000.100) - C:\Windows\System32\vsflex8n.ocx
[MD5.D70BEDB9436DBCA77D3E470C1BAB373E] - |A| - [04/05/2016 04:22:42] - (.-.) - [127.78 Ko] - (0.0.0.0) - C:\Windows\System32\vulkan-1-1-0-11-1.dll
[MD5.D70BEDB9436DBCA77D3E470C1BAB373E] - |A| - [09/09/2016 23:04:27] - (.-.) - [127.78 Ko] - (0.0.0.0) - C:\Windows\System32\vulkan-1.dll
[MD5.0597F21B1DCADAB5F28806671670CDE4] - |A| - [04/05/2016 04:22:10] - (.-.) - [44.28 Ko] - (0.0.0.0) - C:\Windows\System32\vulkaninfo-1-1-0-11-1.exe
[MD5.0597F21B1DCADAB5F28806671670CDE4] - |A| - [09/09/2016 23:04:27] - (.-.) - [44.28 Ko] - (0.0.0.0) - C:\Windows\System32\vulkaninfo.exe
[MD5.00000000000000000000000000000000] - |D| - [10/11/2014 21:42:05] - [1754.83 Ko] - C:\Windows\System32\Wat
[MD5.D5DBBF94106B931112FBFB19A1351506] - |A| - [17/01/2015 12:03:52] - (.Copyright © 1996-2012 - General Library for Plug-Ins.) - [2052.59 Ko] - (4.4.5.0) - C:\Windows\System32\WavesGUILib64.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [56425.1 Ko] - C:\Windows\System32\wbem
[MD5.00000000000000000000000000000000] - |D| - [12/04/2011 11:16:34] - [47.61 Ko] - C:\Windows\System32\WCN
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [63301.16 Ko] - C:\Windows\System32\wdi
[MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [13/07/2009 23:54:15] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\Windows\System32\WdsUnattendTemplate.xml
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [160 Ko] - C:\Windows\System32\wfp
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\System32\WinBioDatabase
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [73.5 Ko] - C:\Windows\System32\WinBioPlugIns
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [9207.93 Ko] - C:\Windows\System32\WindowsPowerShell
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [110676 Ko] - C:\Windows\System32\winevt
[MD5.00000000000000000000000000000000] - |D| - [12/04/2011 11:16:35] - [106.26 Ko] - C:\Windows\System32\winrm
[MD5.7DB2EF40218CAB6B6C03C70ABE4981C2] - |A| - [07/09/2010 17:23:38] - (.Copyright © 1996-2009 Xceed Software Inc. - Xceed Zip Compression Library.) - [785.69 Ko] - (6.5.10316.0) - C:\Windows\System32\xceedzipx64.dll
[MD5.D9DF5524F3A43E1565F89302DE0806B3] - |A| - [19/12/2012 17:38:48] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenCL 1.1 Runtime.) - [28059.5 Ko] - (10.0.1084.4) - C:\Windows\SysWOW64\amdocl.dll
[MD5.2C3FBB31F8FB8035F12F440C08014F6F] - |A| - [19/12/2012 21:33:40] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [55.5 Ko] - (8.14.10.23) - C:\Windows\SysWOW64\amdpcom32.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [201.5 Ko] - C:\Windows\SysWOW64\ar-SA
[MD5.8128B54EAA48F9C06B19A86C87752996] - |A| - [09/11/2014 19:43:23] - (.Copyright (C) 2010 - AsIO DLL.) - [28 Ko] - (1.0.0.4) - C:\Windows\SysWOW64\AsIO.dll
[MD5.6C42287B1AD2CCBE169BE2B4862B858E] - |A| - [19/12/2012 21:54:12] - (.Copyright (c) ATI Technologies Inc. 2003-2009 - ati2edxx.) - [42.5 Ko] - (6.14.10.2514) - C:\Windows\SysWOW64\ati2edxx.dll
[MD5.8608FB2C0383CDECD405E2611F04ED68] - |A| - [19/12/2012 21:33:32] - (.Copyright (C) 2008-2011 Advanced Micro Devices, Inc. - ADL.) - [412 Ko] - (6.14.10.1124) - C:\Windows\SysWOW64\atiadlxy.dll
[MD5.8F45207A3E6D1102BD92A5DF53CBD27D] - |A| - [10/11/2014 00:55:11] - (.-.) - [320.27 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\atiapfxx.blb
[MD5.05FAD13DE6830080C07882ACF8EE3207] - |A| - [19/12/2012 22:17:52] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL compiler runtime.) - [43 Ko] - (6.14.10.1741) - C:\Windows\SysWOW64\aticalcl.dll
[MD5.2B17E49872ADC43EA21C2691E5C53695] - |A| - [19/12/2012 22:13:24] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL DD.) - [13382 Ko] - (6.14.10.1741) - C:\Windows\SysWOW64\aticaldd.dll
[MD5.1A747CDBB641B92B09358EE91BD20611] - |A| - [19/12/2012 22:18:02] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL runtime.) - [45 Ko] - (6.14.10.1741) - C:\Windows\SysWOW64\aticalrt.dll
[MD5.AA0AC5B8C45AF41D1215B156272FC869] - |A| - [19/12/2012 22:09:52] - (.Copyright (C) 1998-2012 AMD Inc. - aticfx32.dll.) - [938 Ko] - (8.17.10.1172) - C:\Windows\SysWOW64\aticfx32.dll
[MD5.D12FA9A85243BE480828BA78DB7B7BE5] - |A| - [19/12/2012 22:06:00] - (.Copyright (C) 1998-2011 AMD Inc. - atidxx32.dll.) - [6524.5 Ko] - (8.17.10.472) - C:\Windows\SysWOW64\atidxx32.dll
[MD5.22FB400D9210610A726B71A5DF9BFCEF] - |A| - [19/12/2012 21:33:04] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [32.5 Ko] - (8.14.1.6290) - C:\Windows\SysWOW64\atigktxx.dll
[MD5.C19C6B78FB1AE8E5BB3810AEF05E87EC] - |A| - [19/12/2012 21:33:14] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [14.5 Ko] - (8.14.1.6290) - C:\Windows\SysWOW64\atiglpxx.dll
[MD5.2C3FBB31F8FB8035F12F440C08014F6F] - |A| - [19/12/2012 21:33:40] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [55.5 Ko] - (8.14.10.23) - C:\Windows\SysWOW64\atimpc32.dll
[MD5.F3CAB97077A2994AC3AEC4325ED3DA61] - |A| - [19/12/2012 22:12:44] - (.Copyright (C) 1998-2011 Advanced Micro Devices, Inc. - AMD OpenGL driver.) - [18537.5 Ko] - (6.14.10.12002) - C:\Windows\SysWOW64\atioglxx.dll
[MD5.64A0869F18560CD529120ADE00155C3E] - |A| - [10/11/2014 00:55:11] - (.-.) - [3.83 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\atipblag.dat
[MD5.5D09A0DCE86829EB91A82EA13691CAC6] - |A| - [19/12/2012 21:30:52] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiu9pag.dll.) - [82 Ko] - (8.14.1.6290) - C:\Windows\SysWOW64\atiu9pag.dll
[MD5.EB9F220E8DC22310B199AE6A49B7E168] - |A| - [19/12/2012 22:50:14] - (.Copyright (C) 1998-2011 AMD Inc. - atiumdag.dll.) - [5498.24 Ko] - (9.14.10.945) - C:\Windows\SysWOW64\atiumdag.dll
[MD5.DB5E2CCB3C525118C623339BAD266B2C] - |A| - [19/12/2012 21:42:40] - (.-.) - [3021.28 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\atiumdva.cap
[MD5.2402608897A8BCBAC7469A7DB1C874DA] - |A| - [19/12/2012 21:44:28] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) - [4064.5 Ko] - (8.14.10.381) - C:\Windows\SysWOW64\atiumdva.dll
[MD5.C2E178B380E585590D9198762A45AB64] - |A| - [19/12/2012 21:31:08] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiuxpag.dll.) - [107 Ko] - (8.14.1.6290) - C:\Windows\SysWOW64\atiuxpag.dll
[MD5.7C163EDE63854539828F5B2C1BC529FD] - |A| - [10/11/2014 00:55:11] - (.-.) - [153.46 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ativvsva.dat
[MD5.219D7091DD1D93728392337FE9C7ADD6] - |A| - [10/11/2014 00:55:11] - (.-.) - [200.15 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ativvsvl.dat
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [173 Ko] - C:\Windows\SysWOW64\bg-BG
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\catroot
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\catroot2
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [302.5 Ko] - C:\Windows\SysWOW64\com
[MD5.1A6EEB04C5F5CD11859962EA25F6A96E] - |A| - [17/01/2017 01:10:44] - (.-.) - [23.66 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\comwmp_sb.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [9781.52 Ko] - C:\Windows\SysWOW64\config
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [427.5 Ko] - C:\Windows\SysWOW64\cs-CZ
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [422.5 Ko] - C:\Windows\SysWOW64\da-DK
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [452 Ko] - C:\Windows\SysWOW64\de-DE
[MD5.CB40B7A2C967945519250CD24A0F967E] - |A| - [20/03/2016 23:16:02] - (.-.) - [0.21 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\debug.log
[MD5.00000000000000000000000000000000] - |D| - [13/11/2014 17:15:31] - [0 Ko] - C:\Windows\SysWOW64\directx
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [4156 Ko] - C:\Windows\SysWOW64\Dism
[MD5.2392A872CFEB79C8A47FF0CE3253882F] - |A| - [15/03/2016 17:48:11] - (.-.) - [25.98 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\generic_uninstaller.log
[MD5.3BB00B8DBEE1378C77BF6293F7FE8321] - |A| - [10/11/2014 00:29:45] - (.-.) - [6.31 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\Gms.log
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicy
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicyUsers
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [191.5 Ko] - C:\Windows\SysWOW64\he-IL
[MD5.5F3110954E7320FEAD137641246ED979] - |A| - [16/09/2009 18:40:14] - (.-.) - [9.52 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\hptcpmui.hlp
[MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - |A| - [14/07/2009 04:35:50] - (.-.) - [11687.04 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\korwbrkr.lex
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\SysWOW64\LogFiles
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [165 Ko] - C:\Windows\SysWOW64\lt-LT
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [166 Ko] - C:\Windows\SysWOW64\lv-LV
[MD5.00000000000000000000000000000000] - |D| - [20/11/2014 16:47:51] - [41298.78 Ko] - C:\Windows\SysWOW64\Macromed
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [1968.26 Ko] - C:\Windows\SysWOW64\manifeststore
[MD5.98071B6EE16AA76DABFF377A5DC69C86] - |A| - [14/07/2009 06:55:01] - (.-.) - [0.52 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\mapisvc.inf
[MD5.59434189B1C1BCAC73E49E9D74291C5B] - |A| - [17/01/2015 12:03:48] - (.Copyright (C) 2010-2014 - MaxxAudio APO Shell.) - [879.59 Ko] - (4.15.0.0) - C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
[MD5.00000000000000000000000000000000] - |SD| - [27/10/2016 17:52:17] - [0 Ko] - C:\Windows\SysWOW64\Microsoft
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [3178.93 Ko] - C:\Windows\SysWOW64\migration
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [32695.71 Ko] - C:\Windows\SysWOW64\migwiz
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [52.28 Ko] - C:\Windows\SysWOW64\Msdtc
[MD5.EA65E37686BA38E13CA722A81F622C2E] - |A| - [05/08/2015 16:12:00] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\msiexec.log
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [24.48 Ko] - C:\Windows\SysWOW64\MUI
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [418 Ko] - C:\Windows\SysWOW64\nb-NO
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\NDF
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [51 Ko] - C:\Windows\SysWOW64\NetworkList
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [438.5 Ko] - C:\Windows\SysWOW64\nl-NL
[MD5.1C96B3DA6ABE5E18B63C64DF75884F6A] - |A| - [14/07/2009 04:35:50] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\noise.kor
[MD5.E7DE1E8FD721BFD89B9F586272FBA14C] - |A| - [09/09/2016 23:03:45] - (.-.) - [0.58 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\nv-vk32.json
[MD5.D1F93D92F768CB526377DD026701F163] - |A| - [09/09/2016 23:03:45] - (.-.) - [561.98 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\nvfatbinaryLoader.dll
[MD5.6B7FDFB33A836F260E277F18FA8EF150] - |A| - [09/09/2016 23:03:45] - (.-.) - [8767.48 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\nvptxJitCompiler.dll
[MD5.20FFBC469D4F2CEBAEB8ED8238C59D0C] - |A| - [19/12/2012 17:44:42] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenVideo 1.1 Runtime.) - [64 Ko] - (10.0.1084.4) - C:\Windows\SysWOW64\OpenVideo.dll
[MD5.D4A92BFA345CCE383799A80AA662F860] - |A| - [19/12/2012 17:44:32] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OVDecode 1.1 Runtime.) - [55 Ko] - (10.0.1084.4) - C:\Windows\SysWOW64\OVDecode.dll
[MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |A| - [10/06/2009 23:17:19] - (.-.) - [113.56 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PerfCenterCpl.ico
[MD5.4B77596A3EC21D23248BE98005331894] - |A| - [09/11/2014 19:47:47] - (.-.) - [1607.24 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PerfStringBackup.INI
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [434 Ko] - C:\Windows\SysWOW64\pl-PL
[MD5.00000000000000000000000000000000] - |D| - [12/04/2011 11:16:35] - [420.42 Ko] - C:\Windows\SysWOW64\Printing_Admin_Scripts
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [431 Ko] - C:\Windows\SysWOW64\pt-BR
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [433 Ko] - C:\Windows\SysWOW64\pt-PT
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [23.75 Ko] - C:\Windows\SysWOW64\ras
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0.64 Ko] - C:\Windows\SysWOW64\Recovery
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\SysWOW64\restore
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [169 Ko] - C:\Windows\SysWOW64\ro-RO
[MD5.00000000000000000000000000000000] - |D| - [17/01/2015 12:04:04] - [5336.77 Ko] - C:\Windows\SysWOW64\RTCOM
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [429.5 Ko] - C:\Windows\SysWOW64\ru-RU
[MD5.FECA09BBCF1DA11EFA4A12C269F5C32C] - |A| - [06/09/2012 19:05:54] - (.- SlotMaximizerAg.dll.) - [158 Ko] - (1.0.4.1) - C:\Windows\SysWOW64\SlotMaximizerAg.dll
[MD5.D005960CD4E410B2177A8772EE037A04] - |A| - [06/09/2012 19:05:54] - (.- SlotMaximizerBe.dll.) - [2773 Ko] - (1.0.4.1) - C:\Windows\SysWOW64\SlotMaximizerBe.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [2803 Ko] - C:\Windows\SysWOW64\Speech
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [1142.37 Ko] - C:\Windows\SysWOW64\spp
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [30.19 Ko] - C:\Windows\SysWOW64\sppui
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [170 Ko] - C:\Windows\SysWOW64\sr-Latn-CS
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [421.5 Ko] - C:\Windows\SysWOW64\sv-SE
[MD5.D5410CB860650024816E212CCB137168] - |A| - [13/05/2017 17:17:46] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\swhealthex.log
[MD5.00000000000000000000000000000000] - |D| - [12/04/2011 11:16:35] - [0 Ko] - C:\Windows\SysWOW64\sysprep
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\Tasks
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [157 Ko] - C:\Windows\SysWOW64\th-TH
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [419 Ko] - C:\Windows\SysWOW64\tr-TR
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [166.5 Ko] - C:\Windows\SysWOW64\uk-UA
[MD5.227C85266F07849B564C7390D84D2CAB] - |A| - [17/01/2017 01:10:44] - (.-.) - [0.33 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\vattmpjStb.ocx
[MD5.15BD0F8D507546F512EE5D73C3721FA8] - |A| - [14/07/2009 04:35:41] - (.Copyright © 2000 - vfpodbc.) - [20.05 Ko] - (1.0.2.0) - C:\Windows\SysWOW64\vfpodbc.dll
[MD5.079A4AE62F19553E76A692655BB877E0] - |A| - [15/08/2000 04:58:12] - (.Copyright 1999, 2000 VideoSoft - VSFlexGrid 7.0 Pro (Light).) - [409.41 Ko] - (7.0.0.78) - C:\Windows\SysWOW64\Vsflex7L.ocx
[MD5.23EEB7034F3F7AA8554D9093B7EB319A] - |A| - [04/05/2016 04:23:30] - (.-.) - [126.78 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\vulkan-1-1-0-11-1.dll
[MD5.23EEB7034F3F7AA8554D9093B7EB319A] - |A| - [09/09/2016 23:04:27] - (.-.) - [126.78 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\vulkan-1.dll
[MD5.B1F9C56E5F3C20FEF261E2510221F6E4] - |A| - [04/05/2016 04:22:58] - (.-.) - [39.28 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\vulkaninfo-1-1-0-11-1.exe
[MD5.B1F9C56E5F3C20FEF261E2510221F6E4] - |A| - [09/09/2016 23:04:27] - (.-.) - [39.28 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\vulkaninfo.exe
[MD5.00000000000000000000000000000000] - |D| - [10/11/2014 21:42:05] - [237.33 Ko] - C:\Windows\SysWOW64\Wat
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [9093.99 Ko] - C:\Windows\SysWOW64\wbem
[MD5.00000000000000000000000000000000] - |D| - [12/04/2011 11:16:35] - [47.61 Ko] - C:\Windows\SysWOW64\WCN
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [101.23 Ko] - C:\Windows\SysWOW64\wdi
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [9079.89 Ko] - C:\Windows\SysWOW64\WindowsPowerShell
[MD5.00000000000000000000000000000000] - |D| - [12/04/2011 11:16:36] - [106.26 Ko] - C:\Windows\SysWOW64\winrm
[MD5.6AE50EBBF5B12E4B62C96487EB112F29] - |A| - [07/09/2010 17:23:38] - (.Copyright © 1996-2009 Xceed Software Inc. - Xceed Zip Compression Library.) - [619.69 Ko] - (6.5.10316.0) - C:\Windows\SysWOW64\xceedzip.dll
[MD5.00000000000000000000000000000000] - |D| - [12/04/2011 11:16:35] - [10.16 Ko] - C:\Windows\SysWOW64\XPSViewer
[MD5.9A3DDBCA71D6BDAB4789038BC768A58E] - |A| - [22/11/2000 22:17:08] - (.Copyright (c) 1999 Persits Software, Inc. - XUpload ActiveX Control.) - [222.34 Ko] - (2.1.0.0) - C:\Windows\SysWOW64\xupload.ocx
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [333.5 Ko] - C:\Windows\SysWOW64\zh-CN
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [255.5 Ko] - C:\Windows\SysWOW64\zh-HK
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [334 Ko] - C:\Windows\SysWOW64\zh-TW
[MD5.56E930837F23FB5E710E9202A75264E8] - |A| - [29/09/2014 20:38:32] - (.(C) 1995-2002 Jean-loup Gailly & Mark Adler - zlib data compression library.) - [57.77 Ko] - (1.1.4.1) - C:\Windows\SysWOW64\zlib.dll

---------- | Shell Folders

[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"!Do not use this registry key"=Use the SHGetFolderPath or SHGetKnownFolderPath function instead   
"AppData"=C:\Users\JHAD\AppData\Roaming   [09/11/2014 19:07:12]
"Local AppData"=C:\Users\JHAD\AppData\Local   [09/11/2014 19:07:12]
"My Video"=C:\Users\JHAD\Videos   [09/11/2014 19:07:12]
"{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}"=C:\Users\JHAD\AppData\Roaming\Microsoft\Windows\Libraries   [09/11/2014 19:07:21]
"My Pictures"=C:\Users\JHAD\Pictures   [09/11/2014 19:07:12]
"Desktop"=C:\Users\JHAD\Desktop   [09/11/2014 19:07:12]
"History"=C:\Users\JHAD\AppData\Local\Microsoft\Windows\History   [09/11/2014 19:07:12]
"NetHood"=C:\Users\JHAD\AppData\Roaming\Microsoft\Windows\Network Shortcuts   [09/11/2014 19:07:12]
"{56784854-C6CB-462B-8169-88E350ACB882}"=C:\Users\JHAD\Contacts   [09/11/2014 19:07:15]
"Cookies"=C:\Users\JHAD\AppData\Roaming\Microsoft\Windows\Cookies   [09/11/2014 19:07:12]
"Favorites"=C:\Users\JHAD\Favorites   [09/11/2014 19:07:12]
"SendTo"=C:\Users\JHAD\AppData\Roaming\Microsoft\Windows\SendTo   [09/11/2014 19:07:12]
"Start Menu"=C:\Users\JHAD\AppData\Roaming\Microsoft\Windows\Start Menu   [09/11/2014 19:07:12]
"My Music"=C:\Users\JHAD\Music   [09/11/2014 19:07:12]
"Programs"=C:\Users\JHAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs   [09/11/2014 19:07:12]
"Recent"=C:\Users\JHAD\AppData\Roaming\Microsoft\Windows\Recent   [09/11/2014 19:07:12]
"CD Burning"=C:\Users\JHAD\AppData\Local\Microsoft\Windows\Burn\Burn   [09/11/2014 19:07:23]
"PrintHood"=C:\Users\JHAD\AppData\Roaming\Microsoft\Windows\Printer Shortcuts   [09/11/2014 19:07:12]
"{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}"=C:\Users\JHAD\Searches   [09/11/2014 19:07:21]
"{374DE290-123F-4565-9164-39C4925E467B}"=C:\Users\JHAD\Downloads   [09/11/2014 19:07:12]
"{A520A1A4-1780-4FF6-BD18-167343C5AF16}"=C:\Users\JHAD\AppData\LocalLow   [09/11/2014 19:07:12]
"Startup"=C:\Users\JHAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup   [09/11/2014 19:07:21]
"Administrative Tools"=C:\Users\JHAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools   [09/11/2014 19:07:21]
"Personal"=C:\Users\JHAD\Documents   [09/11/2014 19:07:12]
"{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}"=C:\Users\JHAD\Links   [09/11/2014 19:07:12]
"Cache"=C:\Users\JHAD\AppData\Local\Microsoft\Windows\Temporary Internet Files   [09/11/2014 19:07:12]
"Templates"=C:\Users\JHAD\AppData\Roaming\Microsoft\Windows\Templates   [09/11/2014 19:07:12]
"{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}"=C:\Users\JHAD\Saved Games   [09/11/2014 19:07:12]
"Fonts"=C:\Windows\Fonts   [14/07/2009 05:20:09]

[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders]
"AppData"=%USERPROFILE%\AppData\Roaming   
"Cache"=%USERPROFILE%\AppData\Local\Microsoft\Windows\Temporary Internet Files   
"Cookies"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Cookies   
"Desktop"=%USERPROFILE%\Desktop   
"Favorites"=%USERPROFILE%\Favorites   
"History"=%USERPROFILE%\AppData\Local\Microsoft\Windows\History   
"Local AppData"=%USERPROFILE%\AppData\Local   
"My Music"=%USERPROFILE%\Music   
"My Pictures"=%USERPROFILE%\Pictures   
"My Video"=%USERPROFILE%\Videos   
"NetHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Network Shortcuts   
"Personal"=%USERPROFILE%\Documents   
"Programs"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs   
"Recent"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Recent   
"SendTo"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\SendTo   
"Startup"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup   
"Start Menu"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu   
"Templates"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Templates   
"{374DE290-123F-4565-9164-39C4925E467B}"=%USERPROFILE%\Downloads   
"PrintHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Printer Shortcuts   

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common Desktop"=C:\Users\Public\Desktop   [14/07/2009 05:20:08]
"Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu   [14/07/2009 05:20:08]
"CommonVideo"=C:\Users\Public\Videos   [14/07/2009 05:20:08]
"CommonPictures"=C:\Users\Public\Pictures   [14/07/2009 05:20:08]
"Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs   [14/07/2009 05:20:08]
"CommonMusic"=C:\Users\Public\Music   [14/07/2009 05:20:08]
"Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools   [14/07/2009 07:32:38]
"Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup   [14/07/2009 05:20:08]
"Common Documents"=C:\Users\Public\Documents   [14/07/2009 05:20:08]
"OEM Links"=C:\ProgramData\OEM Links   
"Common Templates"=C:\ProgramData\Microsoft\Windows\Templates   [14/07/2009 05:20:08]
"Common AppData"=C:\ProgramData   [14/07/2009 05:20:08]

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders]
"Common Desktop"=%PUBLIC%\Desktop   
"Common Documents"=%PUBLIC%\Documents   
"CommonPictures"=%PUBLIC%\Pictures   
"CommonMusic"=%PUBLIC%\Music   
"CommonVideo"=%PUBLIC%\Videos   
"{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads   
"Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu   
"Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs   
"Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup   
"Common AppData"=%ProgramData%   
"Common Templates"=%ProgramData%\Microsoft\Windows\Templates   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common Desktop"=C:\Users\Public\Desktop   [14/07/2009 05:20:08]
"Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu   [14/07/2009 05:20:08]
"CommonVideo"=C:\Users\Public\Videos   [14/07/2009 05:20:08]
"CommonPictures"=C:\Users\Public\Pictures   [14/07/2009 05:20:08]
"Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs   [14/07/2009 05:20:08]
"CommonMusic"=C:\Users\Public\Music   [14/07/2009 05:20:08]
"Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools   [14/07/2009 07:32:38]
"Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup   [14/07/2009 05:20:08]
"Common Documents"=C:\Users\Public\Documents   [14/07/2009 05:20:08]
"OEM Links"=C:\ProgramData\OEM Links   
"Common Templates"=C:\ProgramData\Microsoft\Windows\Templates   [14/07/2009 05:20:08]
"Common AppData"=C:\ProgramData   [14/07/2009 05:20:08]
"Personal"=C:\Users\JHAD\Documents\   [// ::]

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders]
"Common Desktop"=%PUBLIC%\Desktop   
"Common Documents"=%PUBLIC%\Documents   
"CommonPictures"=%PUBLIC%\Pictures   
"CommonMusic"=%PUBLIC%\Music   
"CommonVideo"=%PUBLIC%\Videos   
"{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads   
"Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu   
"Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs   
"Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup   
"Common AppData"=%ProgramData%   
"Common Templates"=%ProgramData%\Microsoft\Windows\Templates   


---------- | [JHAD]

[09/11/2014 19:07:12] - |D| - [2442616164] - C:\Users\JHAD\AppData\Local
[09/11/2014 19:07:12] - |D| - [90755406] - C:\Users\JHAD\AppData\LocalLow
[09/11/2014 19:07:12] - |D| - [678909453] - C:\Users\JHAD\AppData\Roaming
[10/11/2014 20:59:52] - |D| - [31641909] - C:\Users\JHAD\AppData\Local\Adobe
[09/11/2014 19:07:12] - |SHD| - [26713389884] - C:\Users\JHAD\AppData\Local\Application Data
[10/11/2014 00:57:30] - |D| - [60385] - C:\Users\JHAD\AppData\Local\ATI
[03/10/2015 16:45:34] - |D| - [6063] - C:\Users\JHAD\AppData\Local\Axemble
[22/11/2015 18:13:04] - |D| - [0] - C:\Users\JHAD\AppData\Local\CEF
[24/01/2015 23:08:16] - |D| - [130844330] - C:\Users\JHAD\AppData\Local\Citrix
[21/06/2017 22:26:01] - |D| - [1009664] - C:\Users\JHAD\AppData\Local\Clarus
[19/10/2015 15:15:39] - |D| - [0] - C:\Users\JHAD\AppData\Local\CrashDumps
[22/12/2014 16:38:40] - |D| - [0] - C:\Users\JHAD\AppData\Local\DassaultSystemes
[04/04/2016 16:04:03] - |D| - [17445] - C:\Users\JHAD\AppData\Local\Dassault_Systèmes
[10/11/2014 00:08:40] - |D| - [16042947] - C:\Users\JHAD\AppData\Local\Diagnostics
[15/03/2015 15:51:31] - |D| - [15809810] - C:\Users\JHAD\AppData\Local\Downloaded Installations
[12/11/2014 23:18:34] - |SHD| - [0] - C:\Users\JHAD\AppData\Local\EmieBrowserModeList
[10/11/2014 22:23:08] - |SHD| - [0] - C:\Users\JHAD\AppData\Local\EmieSiteList
[10/11/2014 22:23:08] - |SHD| - [0] - C:\Users\JHAD\AppData\Local\EmieUserList
[10/10/2016 17:20:46] - |D| - [1578308] - C:\Users\JHAD\AppData\Local\fontconfig
[09/11/2014 19:56:25] - |A| - [99648] - C:\Users\JHAD\AppData\Local\GDIPFONTCACHEV1.DAT
[10/10/2016 17:20:46] - |D| - [660] - C:\Users\JHAD\AppData\Local\gegl-0.2
[10/11/2014 00:17:09] - |D| - [60868848] - C:\Users\JHAD\AppData\Local\Google
[10/10/2016 17:22:49] - |D| - [202] - C:\Users\JHAD\AppData\Local\gtk-2.0
[09/11/2014 19:07:12] - |SHD| - [290] - C:\Users\JHAD\AppData\Local\Historique
[05/08/2015 16:14:43] - |D| - [28970] - C:\Users\JHAD\AppData\Local\HP
[08/06/2017 22:36:09] - |AH| - [6163491] - C:\Users\JHAD\AppData\Local\IconCache.db
[04/12/2016 12:19:47] - |D| - [914432] - C:\Users\JHAD\AppData\Local\III
[17/01/2017 01:10:42] - |D| - [530] - C:\Users\JHAD\AppData\Local\IsolatedStorage
[03/10/2015 16:45:34] - |D| - [797] - C:\Users\JHAD\AppData\Local\Lynkoa
[20/11/2014 17:45:14] - |D| - [0] - C:\Users\JHAD\AppData\Local\Macromedia
[16/06/2016 10:30:24] - |D| - [2038419778] - C:\Users\JHAD\AppData\Local\Mappy
[09/11/2014 19:07:12] - |D| - [90723488] - C:\Users\JHAD\AppData\Local\Microsoft
[22/12/2014 16:22:10] - |D| - [0] - C:\Users\JHAD\AppData\Local\Microsoft Help
[20/11/2014 16:07:48] - |D| - [14434732] - C:\Users\JHAD\AppData\Local\Mozilla
[10/10/2016 17:21:03] - |D| - [64] - C:\Users\JHAD\AppData\Local\paint.net
[13/11/2014 17:48:18] - |D| - [7231] - C:\Users\JHAD\AppData\Local\PassMark
[29/11/2016 18:47:49] - |D| - [11535] - C:\Users\JHAD\AppData\Local\PDFCreator
[09/11/2014 20:37:15] - |D| - [0] - C:\Users\JHAD\AppData\Local\Programs
[20/06/2017 18:19:42] - |A| - [334587] - C:\Users\JHAD\AppData\Local\recently-used.xbel
[09/11/2014 19:09:22] - |A| - [7633] - C:\Users\JHAD\AppData\Local\Resmon.ResmonCfg
[25/07/2015 19:51:26] - |D| - [12112798] - C:\Users\JHAD\AppData\Local\SolidWorks
[09/11/2014 19:07:12] - |D| - [11988492] - C:\Users\JHAD\AppData\Local\Temp
[22/12/2014 16:46:10] - |D| - [1052160] - C:\Users\JHAD\AppData\Local\TempFichierSauvegardeSW
[09/11/2014 19:07:12] - |SHD| - [128] - C:\Users\JHAD\AppData\Local\Temporary Internet Files
[23/02/2015 12:09:42] - |A| - [952] - C:\Users\JHAD\AppData\Local\TreehouseSettings.settings
[09/11/2014 19:07:14] - |D| - [8254361] - C:\Users\JHAD\AppData\Local\VirtualStore
[10/10/2016 17:25:23] - |D| - [17408] - C:\Users\JHAD\AppData\Local\webkit
[04/06/2017 14:42:25] - |D| - [162433] - C:\Users\JHAD\AppData\Local\ZHP
[11/09/2016 16:19:45] - |D| - [73] - C:\Users\JHAD\AppData\Local\{141822A3-314A-4FD5-5A7C-680786AE9539}
[13/11/2014 00:14:00] - |D| - [7781739] - C:\Users\JHAD\AppData\LocalLow\Adobe
[12/11/2014 23:17:59] - |SHD| - [0] - C:\Users\JHAD\AppData\LocalLow\EmieBrowserModeList
[10/11/2014 22:23:07] - |SHD| - [0] - C:\Users\JHAD\AppData\LocalLow\EmieSiteList
[10/11/2014 22:23:11] - |SHD| - [0] - C:\Users\JHAD\AppData\LocalLow\EmieUserList
[10/11/2014 00:55:55] - |D| - [2669735] - C:\Users\JHAD\AppData\LocalLow\Microsoft
[18/11/2016 11:21:55] - |D| - [1069056] - C:\Users\JHAD\AppData\LocalLow\Mozilla
[15/03/2016 16:38:49] - |D| - [49774592] - C:\Users\JHAD\AppData\LocalLow\Oracle
[17/08/2015 21:04:49] - |D| - [29460284] - C:\Users\JHAD\AppData\LocalLow\Sun
[07/07/2015 17:10:10] - |D| - [0] - C:\Users\JHAD\AppData\LocalLow\Temp
[10/11/2014 20:59:52] - |D| - [11421863] - C:\Users\JHAD\AppData\Roaming\Adobe
[20/08/2015 16:45:28] - |D| - [544] - C:\Users\JHAD\AppData\Roaming\Ariane Software
[10/11/2014 00:57:30] - |D| - [0] - C:\Users\JHAD\AppData\Roaming\ATI
[13/11/2014 00:01:09] - |D| - [43456958] - C:\Users\JHAD\AppData\Roaming\AVAST Software
[08/10/2016 14:52:29] - |D| - [119837] - C:\Users\JHAD\AppData\Roaming\Blender Foundation
[03/10/2015 11:19:36] - |D| - [18020004] - C:\Users\JHAD\AppData\Roaming\CADClick
[04/02/2015 10:52:37] - |D| - [31724] - C:\Users\JHAD\AppData\Roaming\CircuitWorks
[24/11/2016 12:54:04] - |D| - [0] - C:\Users\JHAD\AppData\Roaming\CTICM
[22/12/2014 16:38:40] - |D| - [0] - C:\Users\JHAD\AppData\Roaming\DassaultSystemes
[04/12/2016 12:20:09] - |D| - [215] - C:\Users\JHAD\AppData\Roaming\EasternGraphics
[10/02/2015 23:00:52] - |D| - [7772] - C:\Users\JHAD\AppData\Roaming\EDrawings
[08/10/2016 14:13:24] - |D| - [1664] - C:\Users\JHAD\AppData\Roaming\eTeks
[22/11/2015 17:52:06] - |D| - [4312] - C:\Users\JHAD\AppData\Roaming\help_images_otherUI
[05/08/2015 16:12:23] - |D| - [159] - C:\Users\JHAD\AppData\Roaming\Hewlett-Packard Company
[05/08/2015 16:11:54] - |D| - [37461] - C:\Users\JHAD\AppData\Roaming\HpUpdate
[09/11/2014 19:07:15] - |D| - [0] - C:\Users\JHAD\AppData\Roaming\Identities
[10/11/2014 00:28:15] - |D| - [676] - C:\Users\JHAD\AppData\Roaming\Intel Corporation
[02/01/2017 23:53:19] - |D| - [367433] - C:\Users\JHAD\AppData\Roaming\Itsth
[06/02/2016 15:59:49] - |D| - [8406] - C:\Users\JHAD\AppData\Roaming\KISSsoft AG
[22/12/2014 18:45:07] - |D| - [0] - C:\Users\JHAD\AppData\Roaming\Kits
[07/07/2015 17:21:36] - |D| - [22753624] - C:\Users\JHAD\AppData\Roaming\LibreOffice
[22/12/2014 18:45:06] - |D| - [871688] - C:\Users\JHAD\AppData\Roaming\Luxology
[20/11/2014 17:45:14] - |D| - [506] - C:\Users\JHAD\AppData\Roaming\Macromedia
[09/11/2014 19:07:12] - |D| - [0] - C:\Users\JHAD\AppData\Roaming\Media Center Programs
[09/11/2014 19:07:12] - |SD| - [2741476] - C:\Users\JHAD\AppData\Roaming\Microsoft
[20/11/2014 16:07:48] - |D| - [121831399] - C:\Users\JHAD\AppData\Roaming\Mozilla
[25/07/2015 14:59:09] - |D| - [19583207] - C:\Users\JHAD\AppData\Roaming\NVIDIA
[05/04/2016 11:25:36] - |D| - [162475] - C:\Users\JHAD\AppData\Roaming\PDF Architect 4
[05/04/2016 10:45:53] - |D| - [4257] - C:\Users\JHAD\AppData\Roaming\PDF Pro 10 9
[31/05/2015 18:45:48] - |D| - [6771] - C:\Users\JHAD\AppData\Roaming\PhotoFiltre 7
[23/12/2016 17:48:16] - |D| - [0] - C:\Users\JHAD\AppData\Roaming\PhotoScape
[11/12/2014 22:06:54] - |D| - [1519] - C:\Users\JHAD\AppData\Roaming\rdm6
[17/01/2017 01:09:26] - |D| - [0] - C:\Users\JHAD\AppData\Roaming\Rothoblaas
[24/04/2016 11:12:06] - |D| - [43562] - C:\Users\JHAD\AppData\Roaming\Scilab
[12/11/2014 23:13:21] - |D| - [272139300] - C:\Users\JHAD\AppData\Roaming\SolidWorks
[20/09/2015 21:45:58] - |D| - [160768] - C:\Users\JHAD\AppData\Roaming\SOLIDWORKS 2015
[30/09/2016 22:18:18] - |D| - [160768] - C:\Users\JHAD\AppData\Roaming\SOLIDWORKS 2016
[15/03/2016 16:39:08] - |D| - [0] - C:\Users\JHAD\AppData\Roaming\Sun
[17/01/2017 01:10:43] - |SHD| - [43] - C:\Users\JHAD\AppData\Roaming\wyUpdate AU
[17/01/2017 18:03:26] - |D| - [222] - C:\Users\JHAD\AppData\Roaming\Würth
[22/01/2017 13:08:33] - |D| - [70995571] - C:\Users\JHAD\AppData\Roaming\XMind
[04/06/2017 14:42:25] - |D| - [92369256] - C:\Users\JHAD\AppData\Roaming\ZHP
[11/12/2014 20:17:07] - |AD| - [1600082] - C:\Users\JHAD\AppData\Roaming\ZW3D 2014 Fra (x64)
[11/12/2014 20:17:15] - |D| - [537] - C:\Users\JHAD\AppData\Roaming\ZWMold4.0
[11/12/2014 20:18:42] - |D| - [3394] - C:\Users\JHAD\AppData\Roaming\ZWSOFT
[09/11/2014 19:07:21] - |ASH| - [174] - C:\Users\JHAD\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
[09/11/2014 19:07:12] - |SHD| - [25082] - C:\Users\JHAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
[09/11/2014 19:07:12] - |RD| - [25082] - C:\Users\JHAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
[09/11/2014 19:07:12] - |RD| - [14625] - C:\Users\JHAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[09/11/2014 19:07:21] - |RD| - [174] - C:\Users\JHAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[08/10/2016 14:48:21] - |D| - [1116] - C:\Users\JHAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
[09/11/2014 19:07:21] - |ASH| - [476] - C:\Users\JHAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
[05/08/2015 16:11:50] - |D| - [2962] - C:\Users\JHAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
[09/11/2014 19:07:22] - |A| - [1433] - C:\Users\JHAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[09/11/2014 19:07:12] - |RD| - [580] - C:\Users\JHAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[08/10/2016 15:34:13] - |D| - [0] - C:\Users\JHAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MeshLab
[08/06/2017 16:24:40] - |D| - [3542] - C:\Users\JHAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft ProduKey
[31/05/2015 18:45:46] - |D| - [0] - C:\Users\JHAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
[09/11/2014 19:07:21] - |RD| - [174] - C:\Users\JHAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[09/11/2014 19:07:21] - |ASH| - [174] - C:\Users\JHAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

---------- | [Public]


---------- | C:\ProgramData

[10/11/2014 20:59:28] - |D| - [184602607] - C:\ProgramData\Adobe
[10/11/2014 00:55:39] - |D| - [0] - C:\ProgramData\AMD
[22/12/2014 16:22:25] - |D| - [2682368] - C:\ProgramData\Apple
[14/07/2009 07:08:56] - |SHD| - [24866680552] - C:\ProgramData\Application Data
[09/11/2014 19:52:27] - |D| - [119975067] - C:\ProgramData\ASUS
[05/04/2016 10:47:08] - |D| - [0] - C:\ProgramData\Avanquest Software
[12/11/2014 23:58:22] - |D| - [452619153] - C:\ProgramData\AVAST Software
[03/10/2015 16:45:34] - |D| - [0] - C:\ProgramData\Axemble
[09/11/2014 19:07:11] - |SHD| - [53335] - C:\ProgramData\Bureau
[25/07/2015 17:00:16] - |D| - [0] - C:\ProgramData\DassaultSystemes
[14/07/2009 07:08:56] - |SHD| - [53335] - C:\ProgramData\Desktop
[17/01/2017 01:10:43] - |D| - [172533] - C:\ProgramData\devDept Software
[14/07/2009 07:08:56] - |SHD| - [237633529] - C:\ProgramData\Documents
[09/11/2014 19:48:59] - |AH| - [0] - C:\ProgramData\DP45977C.lfl
[04/12/2016 12:19:48] - |D| - [2802] - C:\ProgramData\EasternGraphics
[09/11/2014 19:07:11] - |SHD| - [0] - C:\ProgramData\Favoris
[14/07/2009 07:08:56] - |SHD| - [0] - C:\ProgramData\Favorites
[11/12/2014 20:17:08] - |D| - [217665] - C:\ProgramData\FLEXnet
[04/09/2016 14:56:25] - |D| - [281721] - C:\ProgramData\Free Devis Factures
[05/08/2015 16:12:06] - |D| - [4525] - C:\ProgramData\Hewlett-Packard
[05/08/2015 15:41:42] - |D| - [34263] - C:\ProgramData\HP
[10/11/2014 00:23:55] - |D| - [44451799] - C:\ProgramData\Intel
[03/10/2015 16:45:34] - |D| - [395] - C:\ProgramData\Lynkoa
[07/11/2015 15:31:30] - |D| - [80482616] - C:\ProgramData\Malwarebytes
[07/11/2015 15:31:27] - |D| - [0] - C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[09/11/2014 19:07:11] - |SHD| - [433521] - C:\ProgramData\Menu Démarrer
[14/07/2009 05:20:08] - |SD| - [474479252] - C:\ProgramData\Microsoft
[22/12/2014 16:22:01] - |D| - [5932] - C:\ProgramData\Microsoft Help
[09/11/2014 19:07:11] - |SHD| - [0] - C:\ProgramData\Modèles
[20/11/2014 16:07:41] - |D| - [38180] - C:\ProgramData\Mozilla
[17/01/2017 01:09:45] - |D| - [38134] - C:\ProgramData\MyProject
[25/07/2015 14:54:12] - |D| - [2405341] - C:\ProgramData\NVIDIA
[25/07/2015 14:53:46] - |D| - [2830330] - C:\ProgramData\NVIDIA Corporation
[17/08/2015 21:05:38] - |D| - [72300688] - C:\ProgramData\Oracle
[09/11/2014 19:45:22] - |D| - [39470713] - C:\ProgramData\Package Cache
[13/11/2014 17:48:12] - |D| - [60] - C:\ProgramData\Passmark
[05/04/2016 11:24:21] - |D| - [0] - C:\ProgramData\PDF Architect 4
[05/04/2016 11:26:36] - |D| - [0] - C:\ProgramData\pdfforge
[13/10/2015 20:10:39] - |HD| - [21527715] - C:\ProgramData\RICOH_DRV
[17/10/2015 13:43:56] - |D| - [1167679] - C:\ProgramData\RogueKiller
[10/11/2014 00:42:11] - |D| - [30732538] - C:\ProgramData\Samsung
[17/01/2017 16:35:56] - |D| - [593] - C:\ProgramData\SCS
[25/07/2015 20:53:51] - |D| - [719617997] - C:\ProgramData\SOLIDWORKS
[14/07/2009 07:08:56] - |SHD| - [433521] - C:\ProgramData\Start Menu
[17/08/2015 21:06:22] - |D| - [119] - C:\ProgramData\Sun
[22/06/2017 09:33:32] - |D| - [0] - C:\ProgramData\SWCUTemp
[02/01/2017 23:53:19] - |D| - [0] - C:\ProgramData\TEMP
[14/07/2009 07:08:56] - |SHD| - [0] - C:\ProgramData\Templates
[17/01/2017 18:03:26] - |D| - [205] - C:\ProgramData\Würth
[04/12/2016 12:19:48] - |HD| - [21713286] - C:\ProgramData\{0ADFD9B5-DE61-4915-9B79-1B8FF79919DC}

---------- | C:\ProgramData\Microsoft\Windows\Start Menu

[14/07/2009 07:01:14] - |A| - [1282] - C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
[14/07/2009 06:49:40] - |ASH| - [442] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini
[09/11/2014 19:07:11] - |SHD| - [430531] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes
[14/07/2009 05:20:08] - |RD| - [430531] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs
[14/07/2009 06:49:40] - |A| - [1266] - C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk

---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs

[24/12/2016 15:27:23] - |D| - [1637] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[14/07/2009 05:20:08] - |RD| - [44960] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
[11/04/2017 17:53:39] - |A| - [2441] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
[22/11/2015 18:12:05] - |A| - [2441] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
[14/07/2009 07:32:38] - |RD| - [22696] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[17/01/2015 12:14:29] - |D| - [5704] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
[15/03/2016 16:35:57] - |A| - [1037] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
[26/09/2016 13:49:43] - |D| - [1940] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
[17/01/2015 12:16:33] - |D| - [2844] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[24/11/2016 12:53:38] - |D| - [8273] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CTICM
[10/11/2014 21:16:46] - |D| - [5728] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link
[14/07/2009 06:54:23] - |ASH| - [1130] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
[17/01/2017 16:35:45] - |D| - [1880] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dimensionnement Würth
[08/10/2016 14:03:19] - |D| - [1823] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D
[31/05/2015 21:18:43] - |D| - [2890] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fotosizer
[14/07/2009 07:32:38] - |RD| - [778] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[17/08/2015 21:03:44] - |D| - [6061] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GanttProject
[25/07/2015 20:46:14] - |D| - [2806] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gestionnaire d'installation SOLIDWORKS
[10/10/2016 17:15:35] - |A| - [894] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[05/08/2015 16:11:55] - |D| - [7257] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[10/11/2014 00:28:13] - |RD| - [2398] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[17/08/2015 21:06:00] - |D| - [6655] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[08/10/2016 18:38:24] - |D| - [6693] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kerkythea Rendering System
[24/01/2016 20:15:22] - |D| - [9616] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.0
[14/07/2009 05:20:08] - |RD| - [4370] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
[20/05/2017 18:42:25] - |D| - [3794] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
[16/06/2016 10:29:59] - |D| - [2521] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mappy
[10/11/2014 01:56:28] - |A| - [1345] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[08/10/2016 15:34:13] - |D| - [3231] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MeshLab
[29/08/2015 21:05:03] - |D| - [2265] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[22/12/2014 16:22:11] - |D| - [2748] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005
[20/11/2014 16:07:41] - |A| - [1065] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[15/03/2015 15:51:50] - |D| - [2549] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NEC Electronics
[07/12/2016 19:13:08] - |D| - [9722] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[29/11/2016 18:46:32] - |D| - [7615] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[31/05/2015 18:45:46] - |D| - [4299] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
[23/12/2016 17:48:13] - |D| - [2101] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
[11/12/2014 22:06:38] - |D| - [4167] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RDM 6
[07/12/2015 15:55:45] - |D| - [5133] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[08/06/2017 09:24:50] - |D| - [2205] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
[14/07/2009 06:57:08] - |A| - [1330] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[05/09/2015 11:42:55] - |D| - [33633] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolidWorks 2012
[25/07/2015 20:54:32] - |D| - [47538] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS 2015
[21/12/2015 19:38:32] - |D| - [54558] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS 2016
[07/12/2016 12:30:00] - |D| - [48543] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS 2017
[14/07/2009 05:20:08] - |RD| - [12603] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[12/04/2011 11:28:08] - |RHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
[14/07/2009 06:57:09] - |A| - [1352] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
[10/11/2014 01:56:27] - |A| - [1326] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[14/07/2009 06:54:59] - |A| - [1210] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[21/12/2015 19:36:47] - |D| - [6013] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
[14/07/2009 06:57:06] - |A| - [1547] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[05/12/2016 16:29:49] - |D| - [6827] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack
[22/01/2017 13:08:17] - |D| - [3093] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMind
[14/07/2009 06:57:08] - |A| - [1246] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk

---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

[14/07/2009 06:54:23] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
[25/07/2015 20:54:32] - |A| - [2753] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lancement rapide de SOLIDWORKS 2015.lnk
[07/12/2015 15:55:45] - |A| - [1816] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Drive Manager Real-Time.lnk
[21/12/2015 19:38:32] - |A| - [2761] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2016 Démarrage rapide.lnk
[07/12/2016 12:30:00] - |A| - [2761] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2017 Démarrage rapide.lnk
[25/07/2015 20:46:14] - |A| - [1416] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Téléchargement en arrière-plan de SOLIDWORKS.lnk
[10/11/2014 21:16:49] - |A| - [922] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Connection Manager.lnk

---------- | C:\Program Files (x86)

[22/11/2015 18:12:05] - |D| - [264542008] - C:\Program Files (x86)\Adobe
[09/11/2014 19:43:23] - |D| - [332939126] - C:\Program Files (x86)\ASUS
[10/11/2014 00:54:54] - |D| - [0] - C:\Program Files (x86)\ATI Technologies
[25/07/2015 20:48:09] - |D| - [631113] - C:\Program Files (x86)\Bonjour
[18/08/2015 20:59:18] - |D| - [5173506] - C:\Program Files (x86)\Business-in-a-Box
[07/12/2015 15:55:45] - |D| - [56443236] - C:\Program Files (x86)\Clarus
[14/07/2009 05:20:08] - |D| - [2136510745] - C:\Program Files (x86)\Common Files
[24/11/2016 12:53:38] - |D| - [17039319] - C:\Program Files (x86)\CTICM
[10/11/2014 21:16:49] - |D| - [23130166] - C:\Program Files (x86)\D-Link
[14/07/2009 06:54:24] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini
[04/12/2016 12:19:48] - |D| - [7217210] - C:\Program Files (x86)\EasternGraphics
[31/05/2015 21:18:43] - |D| - [4290082] - C:\Program Files (x86)\Fotosizer
[04/09/2016 14:56:25] - |D| - [330] - C:\Program Files (x86)\Free Devis Factures
[17/08/2015 21:03:44] - |D| - [16458612] - C:\Program Files (x86)\GanttProject-2.7
[10/11/2014 00:17:09] - |D| - [0] - C:\Program Files (x86)\Google
[05/08/2015 15:42:29] - |D| - [66767219] - C:\Program Files (x86)\HP
[09/11/2014 19:48:10] - |HD| - [57759893] - C:\Program Files (x86)\InstallShield Installation Information
[09/11/2014 19:54:23] - |D| - [21999049] - C:\Program Files (x86)\Intel
[14/07/2009 05:20:08] - |D| - [10535665] - C:\Program Files (x86)\Internet Explorer
[17/08/2015 21:05:34] - |D| - [642333930] - C:\Program Files (x86)\Java
[24/01/2016 20:15:11] - |D| - [452466312] - C:\Program Files (x86)\LibreOffice 5
[16/06/2016 10:29:58] - |D| - [68694113] - C:\Program Files (x86)\Mappy
[22/12/2014 16:21:43] - |D| - [9786321] - C:\Program Files (x86)\Microsoft Office
[29/08/2015 21:05:02] - |D| - [42884494] - C:\Program Files (x86)\Microsoft Silverlight
[22/12/2014 16:22:01] - |D| - [56275015] - C:\Program Files (x86)\Microsoft Visual Studio 8
[04/10/2016 11:58:36] - |D| - [5587678] - C:\Program Files (x86)\Microsoft XNA
[09/11/2014 19:46:59] - |D| - [8175999] - C:\Program Files (x86)\Microsoft.NET
[18/11/2016 11:18:44] - |D| - [93982342] - C:\Program Files (x86)\Mozilla Firefox
[20/11/2014 16:07:40] - |D| - [321051] - C:\Program Files (x86)\Mozilla Maintenance Service
[14/07/2009 07:32:38] - |D| - [25757] - C:\Program Files (x86)\MSBuild
[22/12/2014 16:21:42] - |D| - [20198326] - C:\Program Files (x86)\MSECache
[25/12/2014 22:00:06] - |D| - [0] - C:\Program Files (x86)\MSXML 4.0
[15/03/2015 15:51:49] - |D| - [973158] - C:\Program Files (x86)\NEC Electronics
[08/06/2017 16:24:40] - |D| - [179986] - C:\Program Files (x86)\NirSoft
[22/12/2014 16:28:14] - |D| - [29270868] - C:\Program Files (x86)\NVIDIA Corporation
[31/05/2015 18:45:45] - |D| - [8324967] - C:\Program Files (x86)\PhotoFiltre 7
[23/12/2016 17:48:11] - |D| - [26702047] - C:\Program Files (x86)\PhotoScape
[01/08/2015 20:47:01] - |D| - [10790473] - C:\Program Files (x86)\rdm6
[09/11/2014 19:48:11] - |D| - [3562036] - C:\Program Files (x86)\Realtek
[14/07/2009 07:32:38] - |D| - [39175425] - C:\Program Files (x86)\Reference Assemblies
[12/08/2015 17:01:04] - |D| - [0] - C:\Program Files (x86)\Roller Calculation V3.4
[10/11/2014 21:32:36] - |D| - [36151899] - C:\Program Files (x86)\Samsung Magician
[09/11/2014 19:47:59] - |HD| - [0] - C:\Program Files (x86)\Temp
[14/07/2009 06:57:06] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information
[09/09/2016 23:04:25] - |D| - [623954] - C:\Program Files (x86)\VulkanRT
[14/07/2009 07:32:38] - |D| - [524800] - C:\Program Files (x86)\Windows Defender
[21/12/2015 19:36:47] - |D| - [33354325] - C:\Program Files (x86)\Windows Kits
[14/07/2009 05:20:08] - |D| - [6181376] - C:\Program Files (x86)\Windows Mail
[14/07/2009 07:32:38] - |D| - [5024017] - C:\Program Files (x86)\Windows Media Player
[14/07/2009 05:20:08] - |D| - [12197556] - C:\Program Files (x86)\Windows NT
[14/07/2009 07:32:38] - |D| - [4417800] - C:\Program Files (x86)\Windows Photo Viewer
[14/07/2009 07:32:38] - |D| - [189952] - C:\Program Files (x86)\Windows Portable Devices
[14/07/2009 07:32:38] - |D| - [5994626] - C:\Program Files (x86)\Windows Sidebar
[05/12/2016 16:29:48] - |D| - [12839054] - C:\Program Files (x86)\WinHTTrack
[17/01/2017 16:35:04] - |D| - [604420030] - C:\Program Files (x86)\Würth Bemessung
[22/01/2017 13:08:09] - |D| - [307060744] - C:\Program Files (x86)\XMind

---------- | C:\Program Files

[24/12/2016 15:27:22] - |D| - [4975890] - C:\Program Files\7-Zip
[09/11/2014 19:43:18] - |D| - [2502313] - C:\Program Files\ASUS
[12/11/2014 23:59:42] - |D| - [1387708120] - C:\Program Files\AVAST Software
[08/10/2016 14:48:14] - |D| - [387783194] - C:\Program Files\Blender Foundation
[25/07/2015 20:48:09] - |D| - [613967] - C:\Program Files\Bonjour
[25/01/2015 01:07:28] - |D| - [15810424] - C:\Program Files\CCleaner
[14/07/2009 05:20:08] - |D| - [230462343] - C:\Program Files\Common Files
[17/01/2015 12:16:33] - |D| - [6667615] - C:\Program Files\CPUID
[14/07/2009 06:54:24] - |ASH| - [174] - C:\Program Files\desktop.ini
[14/07/2009 07:32:38] - |D| - [90256916] - C:\Program Files\DVD Maker
[09/11/2014 19:07:11] - |SHD| - [230462343] - C:\Program Files\Fichiers communs
[10/10/2016 17:15:24] - |D| - [295953600] - C:\Program Files\GIMP 2
[05/08/2015 16:11:58] - |D| - [21407916] - C:\Program Files\HP
[09/11/2014 19:45:28] - |D| - [44340934] - C:\Program Files\Intel
[14/07/2009 05:20:08] - |D| - [30572412] - C:\Program Files\Internet Explorer
[20/05/2017 18:42:21] - |D| - [208942426] - C:\Program Files\Malwarebytes
[29/08/2015 21:05:02] - |D| - [55714702] - C:\Program Files\Microsoft Silverlight
[22/12/2014 16:22:30] - |D| - [11279258] - C:\Program Files\Microsoft Visual Studio 8
[14/07/2009 07:32:38] - |D| - [25757] - C:\Program Files\MSBuild
[25/07/2015 14:52:26] - |D| - [1169051741] - C:\Program Files\NVIDIA Corporation
[10/10/2016 17:21:08] - |D| - [0] - C:\Program Files\paint.net
[05/04/2016 11:24:11] - |D| - [38754496] - C:\Program Files\PDFCreator
[17/01/2015 12:04:05] - |D| - [44187256] - C:\Program Files\Realtek
[14/07/2009 07:32:38] - |D| - [36834473] - C:\Program Files\Reference Assemblies
[25/07/2015 20:53:51] - |D| - [21797173089] - C:\Program Files\SOLIDWORKS Corp
[08/10/2016 14:03:17] - |D| - [132118379] - C:\Program Files\Sweet Home 3D
[14/07/2009 07:09:26] - |HD| - [0] - C:\Program Files\Uninstall Information
[08/10/2016 15:34:13] - |D| - [83193016] - C:\Program Files\VCG
[14/07/2009 07:32:38] - |D| - [4039680] - C:\Program Files\Windows Defender
[12/04/2011 11:28:29] - |D| - [9250772] - C:\Program Files\Windows Journal
[14/07/2009 05:20:08] - |D| - [6667776] - C:\Program Files\Windows Mail
[14/07/2009 07:32:38] - |D| - [7687085] - C:\Program Files\Windows Media Player
[14/07/2009 05:20:08] - |D| - [12627636] - C:\Program Files\Windows NT
[14/07/2009 07:32:38] - |D| - [5516056] - C:\Program Files\Windows Photo Viewer
[14/07/2009 07:32:38] - |D| - [244736] - C:\Program Files\Windows Portable Devices
[14/07/2009 07:32:38] - |D| - [7044767] - C:\Program Files\Windows Sidebar

---------- | C:\Program Files (x86)\Common Files

[13/11/2014 00:13:19] - |D| - [9328571] - C:\Program Files (x86)\Common Files\Adobe
[03/12/2015 16:32:52] - |D| - [963861] - C:\Program Files (x86)\Common Files\AV
[22/12/2014 16:22:05] - |D| - [197392] - C:\Program Files (x86)\Common Files\Designer
[25/07/2015 20:46:05] - |D| - [99959267] - C:\Program Files (x86)\Common Files\Gestionnaire d'installation SOLIDWORKS
[09/11/2014 19:47:57] - |D| - [4843880] - C:\Program Files (x86)\Common Files\InstallShield
[10/11/2014 00:28:59] - |D| - [248056] - C:\Program Files (x86)\Common Files\Intel Corporation
[19/05/2017 18:28:43] - |D| - [1941576] - C:\Program Files (x86)\Common Files\Java
[25/07/2015 20:54:38] - |D| - [1236780] - C:\Program Files (x86)\Common Files\Macrovision Shared
[14/07/2009 05:20:08] - |D| - [73154006] - C:\Program Files (x86)\Common Files\microsoft shared
[10/11/2014 00:23:57] - |D| - [196972] - C:\Program Files (x86)\Common Files\PostureAgent
[17/01/2017 16:35:43] - |D| - [1874873811] - C:\Program Files (x86)\Common Files\scs
[14/07/2009 05:20:08] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services
[22/12/2014 16:27:57] - |D| - [12182785] - C:\Program Files (x86)\Common Files\SOLIDWORKS Shared
[14/07/2009 05:20:08] - |D| - [41103783] - C:\Program Files (x86)\Common Files\SpeechEngines
[14/07/2009 05:20:08] - |D| - [16253075] - C:\Program Files (x86)\Common Files\System
[17/01/2017 01:10:44] - |A| - [24228] - C:\Program Files (x86)\Common Files\Wmpj121b.dll

---------- | C:\Program Files\Common files

[03/12/2015 16:32:52] - |D| - [963861] - C:\Program Files\Common files\AV
[11/12/2014 20:16:49] - |D| - [1595998] - C:\Program Files\Common files\Macrovision Shared
[14/07/2009 05:20:08] - |D| - [70651589] - C:\Program Files\Common files\Microsoft Shared
[14/07/2009 05:20:08] - |D| - [2702] - C:\Program Files\Common files\Services
[25/07/2015 20:53:51] - |D| - [144449230] - C:\Program Files\Common files\SOLIDWORKS Shared
[14/07/2009 05:20:08] - |D| - [608768] - C:\Program Files\Common files\SpeechEngines
[14/07/2009 05:20:08] - |D| - [12190195] - C:\Program Files\Common files\System

---------- | Tasks

[MD5.1B579E002B5D4F1600227A990B63D1B3] - [24/01/2015 23:08:30] - |A| - [556] - C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2265211203-1710933605-3900688500-1000.job
[MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [14/07/2009 07:08:49] - |AH| - [6] - C:\Windows\Tasks\SA.DAT
[MD5.4639568A32CCCCD883C3271208C802AB] - [14/07/2009 07:08:49] - |A| - [32482] - C:\Windows\Tasks\SCHEDLGU(17).TXT
[MD5.EBB6AFD7B0CE377A42D86A2AD76BCAF8] - [14/07/2009 07:08:49] - |A| - [32496] - C:\Windows\Tasks\SCHEDLGU.TXT
[MD5.95D2F4DD5F0970D49CCABFE8B0D3156C] - [25/12/2014 19:54:24] - |A| - [4476] - C:\Windows\System32\Tasks\Adobe Acrobat Update Task         :   C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[MD5.CDC0F50F158D0B1AF5D9C1DD0BF21865] - [02/02/2015 14:20:08] - |A| - [4484] - C:\Windows\System32\Tasks\Adobe Flash Player Updater         :   C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
[MD5.00000000000000000000000000000000] - [09/11/2014 19:53:59] - |D| - [30288] - C:\Windows\System32\Tasks\ASUS
[MD5.8413C14A65AA4ACA488256CE989656D2] - [18/03/2017 14:21:07] - |A| - [4172] - C:\Windows\System32\Tasks\Avast Emergency Update         :   C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
[MD5.00000000000000000000000000000000] - [03/12/2015 16:32:52] - |D| - [3860] - C:\Windows\System32\Tasks\AVAST Software
[MD5.9757C57262FA15A5EF6F2D8E245150A3] - [25/01/2015 01:07:30] - |A| - [2770] - C:\Windows\System32\Tasks\CCleanerSkipUAC         :   "C:\Program Files\CCleaner\CCleaner.exe"
[MD5.E49BF40A21317AB6B96B2FA202224B39] - [24/01/2015 23:08:30] - |A| - [3578] - C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2265211203-1710933605-3900688500-1000         :   C:\Users\JHAD\AppData\Local\Citrix\GoToMeeting\2491\g2mupdate.exe
[MD5.00000000000000000000000000000000] - [09/11/2014 20:47:27] - |D| - [0] - C:\Windows\System32\Tasks\Games
[MD5.326F4E47FBC16E20FC587AE87FF504AB] - [24/04/2016 15:25:49] - |A| - [3404] - C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2265211203-1710933605-3900688500-1000Core         :   C:\Users\JHAD\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.F719405AA4EB165BE4E6E115697C6B95] - [24/04/2016 15:25:50] - |A| - [3676] - C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2265211203-1710933605-3900688500-1000UA         :   C:\Users\JHAD\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.C4A3229A4E851D99D9DC9C7AC24A9888] - [10/11/2014 00:40:32] - |A| - [3722] - C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473         :   "C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe"
[MD5.43060D88FC6326F9A12DDF57C7D0D31B] - [10/11/2014 00:40:32] - |A| - [3476] - C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon         :   "C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe"
[MD5.00000000000000000000000000000000] - [14/07/2009 05:20:13] - |D| - [276148] - C:\Windows\System32\Tasks\Microsoft
[MD5.366EE64DE52A24CBDDCEB47807A02B4F] - [15/03/2016 16:35:57] - |A| - [3916] - C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1458052557         :   C:\Program Files\AVAST Software\SZBrowser\launcher.exe
[MD5.8ED1CF0EB7A8E4E7ABAA91D63163130A] - [10/11/2014 21:32:39] - |A| - [3236] - C:\Windows\System32\Tasks\SamsungMagician         :   "C:\Program Files (x86)\Samsung Magician\SamsungMagician.exe"
[MD5.00000000000000000000000000000000] - [14/07/2009 07:09:57] - |D| - [4474] - C:\Windows\System32\Tasks\WPD
[MD5.00000000000000000000000000000000] - [14/07/2009 05:20:14] - |D| - [0] - C:\Windows\Syswow64\Tasks\Microsoft

---------- | Firewall

[HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules]
"Netlogon-NamedPipe-In"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010|
"{0E36BB83-B3CB-4B7E-978C-5A221E4034B3}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=808|App=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe|Svc=NetTcpActivator|Name=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2000|Desc=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2001|EmbedCtxt=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2002|
"TCP Query User{C2B25E7E-10E6-42BB-9E3E-E557665AC47D}C:\program files (x86)\asus\ao help\ao help.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\asus\ao help\ao help.exe|Name=AsusHomeAdmin|Desc=AsusHomeAdmin|Defer=User|
"UDP Query User{33136FB6-2AD4-4CB5-A48B-7FC4D0701005}C:\program files (x86)\asus\ao help\ao help.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\asus\ao help\ao help.exe|Name=AsusHomeAdmin|Desc=AsusHomeAdmin|Defer=User|
"{BD484308-C184-41F6-BE3D-6731B59B7719}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files (x86)\Mozilla Firefox)|
"{2D48CD0D-5934-41A0-AD3A-33975688B305}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files (x86)\Mozilla Firefox)|
"{FD673730-8644-44D5-B542-5A8FD0F5FB1F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour|
"{66D53EB2-7C5B-4D22-880E-E2A9EAA73D40}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour|
"{230BE3BA-84AA-4252-9EE6-6B1305CB8DEC}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour|
"{F246DC7D-1BD6-4281-9544-AEA70A56471D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour|
"{6935EFF3-DA9F-4AC1-A135-34AAA68CD1E8}"=v2.10|Action=Allow|Active=TRUE|Dir=In|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\HP\HP LaserJet Pro MFP M127-M128\bin\SendAFax.exe|Name=HP LaserJet Pro MFP M127-M128 SendAFax|Edge=TRUE|
"{6842A23F-3FE6-4BB8-807B-C6F3FD5653D6}"=v2.10|Action=Allow|Active=TRUE|Dir=In|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\HP\HP LaserJet Pro MFP M127-M128\Bin\HPNetworkCommunicatorCom.exe|Name=Communicateur réseau COM HP x64 (HP LaserJet Pro MFP M127-M128)|Edge=TRUE|
"{BA8F6E4E-D6DB-40FB-B332-5A7CEF93AB61}"=v2.10|Action=Allow|Active=TRUE|Dir=In|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\HP\HP LaserJet Pro MFP M127-M128\bin\FaxPrinterUtility.exe|Name=HP LaserJet Pro MFP M127-M128 FaxPrinterUtility|Edge=TRUE|
"{10DC818E-212D-4D0F-8CC2-43D48A4669AE}"=v2.10|Action=Allow|Active=TRUE|Dir=In|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files (x86)\HP\HP LaserJet Pro MFP M127-M128\bin\FaxApplications.exe|Name=HP LaserJet Pro MFP M127-M128 FaxApplications|Edge=TRUE|
"{778C0FDF-777F-48F3-A3A4-B51764075E4B}"=v2.10|Action=Allow|Active=TRUE|Dir=In|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files (x86)\HP\HP LaserJet Pro MFP M127-M128\Bin\HPNetworkCommunicatorCom.exe|Name=Communicateur réseau COM HP x86 (HP LaserJet Pro MFP M127-M128)|Edge=TRUE|
"TCP Query User{E7167CE4-0BA1-4C94-B8F6-E58C2E9BB899}C:\program files\solidworks corp\photoview 360 network render client\pvnetrenderclient.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\solidworks corp\photoview 360 network render client\pvnetrenderclient.exe|Name=Photoview360 Net Render Client|Desc=Photoview360 Net Render Client|Defer=User|
"UDP Query User{19D41191-D953-4D1D-85DB-BF4FEDDC0BF5}C:\program files\solidworks corp\photoview 360 network render client\pvnetrenderclient.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\solidworks corp\photoview 360 network render client\pvnetrenderclient.exe|Name=Photoview360 Net Render Client|Desc=Photoview360 Net Render Client|Defer=User|
"{C35338A6-07A7-4671-AF65-5D8C21AFDFDD}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name='Firefox' (C:\Program Files (x86)\Mozilla Firefox)|
"{956A712D-7ABB-4A7E-A2CD-4B7E7AC9E54B}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name='Firefox' (C:\Program Files (x86)\Mozilla Firefox)|
"{9D9F7D4F-94E8-4BE5-AE07-148E9206FC3D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe|Name=SOLIDWORKS Distributed Task Scheduler|
"{68864C76-09A1-4B29-8D87-2B046B3F4568}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe|Name=SOLIDWORKS Distributed Task Scheduler|
"TCP Query User{113ED994-3C25-45DE-9500-96BD6835FF43}C:\program files\solidworks corp\solidworks (2)\photoview\photoview360.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\solidworks corp\solidworks (2)\photoview\photoview360.exe|Name=PhotoView 360|Desc=PhotoView 360|Defer=User|
"UDP Query User{1054F5BF-54DB-4A46-9CAA-CDE27B95C34D}C:\program files\solidworks corp\solidworks (2)\photoview\photoview360.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\solidworks corp\solidworks (2)\photoview\photoview360.exe|Name=PhotoView 360|Desc=PhotoView 360|Defer=User|
"TCP Query User{28BEDE72-88F7-48CE-AFC1-FC59595A0D0F}C:\program files\solidworks corp\solidworks\photoview\photoview360.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\solidworks corp\solidworks\photoview\photoview360.exe|Name=PhotoView 360|Desc=PhotoView 360|Defer=User|
"UDP Query User{6508DC5A-5449-4732-8937-546DA33B7110}C:\program files\solidworks corp\solidworks\photoview\photoview360.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\solidworks corp\solidworks\photoview\photoview360.exe|Name=PhotoView 360|Desc=PhotoView 360|Defer=User|
"{3CE8AF6C-94B2-47D1-B1E3-ACC3D90885DF}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS (2)\swScheduler\DTSCoordinatorService.exe|Name=SOLIDWORKS Distributed Task Scheduler|
"{9E2392F7-97BA-4C12-956F-E4E2349506F9}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS (2)\swScheduler\DTSCoordinatorService.exe|Name=SOLIDWORKS Distributed Task Scheduler|
"{5BD5F7EC-35B7-4F82-96B8-68151B154906}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS (3)\swScheduler\DTSCoordinatorService.exe|Name=SOLIDWORKS Distributed Task Scheduler|
"{150BDDC8-BB0F-4C56-BA94-35235F6EE8D2}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS (3)\swScheduler\DTSCoordinatorService.exe|Name=SOLIDWORKS Distributed Task Scheduler|
"TCP Query User{ABEB2E34-4ECD-4118-9832-D6AF690409CE}C:\program files\solidworks corp\solidworks (3)\photoview\photoview360.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\solidworks corp\solidworks (3)\photoview\photoview360.exe|Name=PhotoView 360 10.1v1|Desc=PhotoView 360 10.1v1|Defer=User|
"UDP Query User{8D3889FC-FD43-478E-A3E2-5C8EA225DE46}C:\program files\solidworks corp\solidworks (3)\photoview\photoview360.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\solidworks corp\solidworks (3)\photoview\photoview360.exe|Name=PhotoView 360 10.1v1|Desc=PhotoView 360 10.1v1|Defer=User|
"TCP Query User{0C61FA3B-5045-41C9-BE3F-4719CAF5FDF6}C:\program files (x86)\xmind\xmind.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\xmind\xmind.exe|Name=XMind|Desc=XMind|
"UDP Query User{97BB4953-D474-4C3B-BE05-F99FED24277C}C:\program files (x86)\xmind\xmind.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\xmind\xmind.exe|Name=XMind|Desc=XMind|
"{0059D042-8C98-463F-A83A-72FB6F227046}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_0\SZBrowser.exe|Name=Opera Internet Browser (mDNS-In)|Desc=Inbound rule to allow mDNS traffic.|EmbedCtxt=Opera Internet Browser|
"{37647685-7C22-49D2-B28E-5A7FF96A0EE9}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files\AVAST Software\SZBrowser\3.55.2393.607\SZBrowser.exe|Name=Opera Internet Browser (mDNS-In)|Desc=Inbound rule to allow mDNS traffic.|EmbedCtxt=Opera Internet Browser|
"{29A8DC70-1FF3-45A8-BFC3-E7ED3BF50BAB}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe|Name=ASUS Push Notify Server TCP|Desc=|Edge=TRUE|
"{F0EC79AA-B839-4C71-BC44-53DC3BDE8E1C}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe|Name=ASUS Push Notify Server UDP|Desc=|Edge=TRUE|





---------- | Control\Class

[HKLM\SYSTEM\CurrentControlSet\Control\Class\{03F52937-1FD6-44FB-82C6-FE988F1B1D61}] : (aswSP) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{0475BB51-5A02-4EE0-B36C-29040FAD2650}] : (amdkmdap) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{04A83FC2-2AE2-4C88-B45F-E9707B377636}] : (aswHwid) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{24A0C840-2C3D-4410-8236-8B40816C7B90}] : (aswVmm) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{25DBCE51-6C8F-4A72-8A6D-B54C2B4FC835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4116F60B-25B3-4662-B732-99A6111EDC0B}] : (IPMIDRV) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{41966169-3FD7-4392-AFE4-E6A9D0A92C72}] : (ASUSFILTER) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675D81-502A-4A82-9F84-B75F418C5DEA}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658EE7E-F050-11D1-B6BD-00C04FA372A7}] : (PnpPrinters) [] -> @%systemroot%\system32\ntprint.dll,-1300
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721B56-6795-11D2-B1A8-0080C72E74A2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{49CE6AC8-6F86-11D2-B1E5-0080C72E74A2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E966-E325-11CE-BFC1-08002BE10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}] : (Display) [] -> @DispCI.dll,-3100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}] : (MEDIA) [] -> @mmci.dll,-3000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}] : (Monitor) [] -> @Montr_CI.dll,-3100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E970-E325-11CE-BFC1-08002BE10318}] : (MTD) [] -> @SysClass.Dll,-3021
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E971-E325-11CE-BFC1-08002BE10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}] : (Net) [] -> @NetCfgx.dll,-1502
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E973-E325-11CE-BFC1-08002BE10318}] : (NetClient) [] -> @NetCfgx.dll,-1504
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E974-E325-11CE-BFC1-08002BE10318}] : (NetService) [] -> @NetCfgx.dll,-1505
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E975-E325-11CE-BFC1-08002BE10318}] : (NetTrans) [] -> @NetCfgx.dll,-1503
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E977-E325-11CE-BFC1-08002BE10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E978-E325-11CE-BFC1-08002BE10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E979-E325-11CE-BFC1-08002BE10318}] : (Printer) [] -> @%systemroot%\system32\ntprint.dll,-1004
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97E-E325-11CE-BFC1-08002BE10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127DC3-0F36-415E-A6CC-4CB3BE910B65}] : (Processor) [] -> @%SystemRoot%\system32\procinst.dll,-100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906CB8-BA12-11D1-BF5D-0000F805F530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944A-F6B9-4057-A056-8C550228544C}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] : (SmartCardReader) [] -> @StorProp.dll,-17002
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175D334-C371-4806-B3BA-71FD53C9258D}] : (Sensor) [] -> @%systemroot%\system32\SensorsCpl.dll,-10000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{522119B9-1B9A-498A-AC52-148B533EFD50}] : (aswSP) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53D29EF7-377C-4D14-864B-EB3A85769359}] : (BiometricDevice) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6880337A-1EB4-4EF2-9659-0FD2EC60CB1B}] : (aswSP) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC5-810F-11D0-BEC7-08002BE2092F}] : (Infrared) [] -> @NetCfgx.dll,-1501
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC6-810F-11D0-BEC7-08002BE2092F}] : (Image) [] -> @%systemroot%\system32\sti_ci.dll,-52
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6D807884-7D21-11CF-801C-08002BE10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (amdkmdap) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631E54-78A4-11D0-BCF7-00AA00B7B32A}] : (Battery) [] -> @%SystemRoot%\system32\batt.dll,-100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : (HIDClass) [] -> @hid.dll,-101
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{7EBEFBC0-3200-11D2-B4C2-00A0C9697D07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{87C077B2-3D3B-4156-938A-EA51B451D6C6}] : (aswSP) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{8AE85550-832C-4A9B-81BB-2A49DBEE72B4}] : (aswRvrt) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ECC055D-047F-11D1-A537-0000F8753ED1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{990A2BD7-E738-46C7-B26F-1CF8FB9F1391}] : (SmartCard) [] -> @sccls.dll,-300
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{997B5D8D-C442-4F2E-BAF3-9C8E671E9E21}] : (SideShow) [] -> @%systemroot%\system32\AuxiliaryDisplayClassInstaller.dll,-10000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{A73C93F1-9727-4D1D-ACE1-0E333BA4E7DB}] : (nvlddmkm) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{BC103702-DD72-406F-9B28-95C868337B59}] : (Transfer Cable) [] -> @%SystemRoot%\System32\migwiz\migres.dll,-20
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{C06FF265-AE09-48F0-812C-16753D7CBA83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{C4A06E97-ED42-47B9-83E1-F12299B286A5}] : (aswRdr) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{C777C165-D422-426D-8EBF-6EAF3FB83ADF}] : (aswNdisFlt) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{CE5939AE-EBDE-11D0-B181-0000F8753EC4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{D61CA365-5AF4-4486-998B-9DB4734C6CA3}] : (XnaComposite) [] -> @%SystemRoot%\system32\XInput9_1_0.dll,-1000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{DB4F6DDD-9C0E-45E4-9597-78DBBAD0F412}] : (SmartCardFilter) [] -> @sccls.dll,-301
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{E004269C-D387-4461-B955-25A64CFE23CE}] : (amdkmdag) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{E0CBF06C-CD8B-4647-BB8A-263B43F0F974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEC5AD98-8080-425F-922A-DABF3DE3F69A}] : (WPD) [] -> @wpd_ci.dll,-101
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{F72FE0D4-CBCB-407D-8814-9ED673D0DD6B}] : (USB) [] -> @oem35.inf,%ClassName%;ADB Interface
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{FB58BE68-EA9E-4803-847F-2CE814E7B159}] : (aswSP) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.)
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.)
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.)

---------- | Loaded modules (whitelist)

[24/02/2014 11:49:22] - (0.0.0.0) - ( -) - C:\Windows\SysWow64\drivers\AsUpIO.sys
[09/11/2014 19:43:23] - (0.0.0.0) - ( -) - C:\Windows\SysWow64\drivers\AsIO.sys
[07/12/2016 19:12:16] - (10.18.13.6213) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 362.13) - C:\Windows\system32\DRIVERS\nvlddmkm.sys
[03/06/2013 18:57:22] - (6.1.7600.16385) - (Windows (R) Win 7 DDK provider - Mirror Miniport Driver) - C:\Windows\system32\DRIVERS\mirror.sys
[07/12/2016 19:12:17] - (1.3.34.4) - (NVIDIA Corporation - NVIDIA HDMI Audio Driver) - C:\Windows\system32\drivers\nvhda64v.sys
[20/09/2011 06:25:56] - (5.28.10.0) - (MCCI Corporation - ASUS USB Hub filter driver) - C:\Windows\SysWow64\drivers\ASUSFILTER.sys
[13/11/2016 20:25:18] - (5.1.2.250) - (Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver) - C:\Windows\System32\ATMFD.DLL
[07/12/2015 15:55:45] - (1.6.0.0) - ( - Driver for SecretZone) - C:\Program Files (x86)\Clarus\Samsung Drive Manager\mdf16.sys
[07/12/2015 15:55:45] - (2.3.3.0) - ( - Virtual Disk Driver for SecretZone) - C:\Program Files (x86)\Clarus\Samsung Drive Manager\mvd23.sys
[09/11/2014 19:54:22] - (1.2.0.0) - (ASUSTeK Computer Inc. - ASUS Kernel Mode Driver for NT) - C:\Windows\system32\drivers\IOMap64.sys

---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service

R0 - [Kernel Driver] - ACPI (Pilote ACPI Microsoft) -> system32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - amdxata () -> system32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - atapi (Canal IDE) -> system32\drivers\atapi.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\clfs.sys,-100) -> System32\CLFS.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - Disk (Pilote de disque) -> system32\drivers\disk.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> system32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - iaStorA () -> system32\DRIVERS\iaStorA.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - iaStorF () -> system32\DRIVERS\iaStorF.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - iusb3hcs (Pilote de commutateur de contrôleur d'hôte Intel(R) USB 3.0) -> system32\DRIVERS\iusb3hcs.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - msahci () -> system32\drivers\msahci.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - msisadrv () -> system32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - pci (Pilote de bus PCI) -> system32\drivers\pci.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - spldr (Security Processor Loader Driver) -> (?) - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - storflt (@%SystemRoot%\system32\vmstorfltres.dll,-1000) -> system32\drivers\vmstorfl.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - vdrvroot (Pilote d’énumérateur de lecteur virtuel Microsoft) -> system32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volmgr (Pilote du Gestionnaire de volume) -> system32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volsnap (Volumes de stockage) -> system32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - aswbidsdriver (aswbidsdriver) -> \SystemRoot\system32\drivers\aswbidsdrivera.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - aswKbd (aswKbd) -> \SystemRoot\system32\drivers\aswKbd.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - aswRdr (aswRdr) -> \SystemRoot\system32\drivers\aswRdr2.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - aswSnx (aswSnx) -> \SystemRoot\system32\drivers\aswSnx.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - aswSP (aswSP) -> \SystemRoot\system32\drivers\aswSP.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - blbdrive () -> system32\DRIVERS\blbdrive.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - cdrom (Pilote de CD-ROM) -> system32\DRIVERS\cdrom.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - CSC (@%systemroot%\system32\cscsvc.dll,-202) -> system32\drivers\csc.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - DfsC (@%systemroot%\system32\drivers\dfsc.sys,-101) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - discache (@%systemroot%\system32\drivers\discache.sys,-102) -> System32\drivers\discache.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - mssmbios (Pilote BIOS de gestion de systèmes Microsoft) -> system32\DRIVERS\mssmbios.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - NetBIOS (NetBIOS Interface) -> system32\DRIVERS\netbios.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Psched (@%SystemRoot%\System32\drivers\pacer.sys,-101) -> system32\DRIVERS\pacer.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - RDPCDD (@%systemroot%\system32\DRIVERS\RDPCDD.sys,-100) -> System32\DRIVERS\RDPCDD.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - RDPENCDD (@%systemroot%\system32\drivers\RDPENCDD.sys,-101) -> system32\drivers\rdpencdd.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - RDPREFMP (@%systemroot%\system32\drivers\RdpRefMp.sys,-101) -> system32\drivers\rdprefmp.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Serial (Pilote de port série) -> system32\DRIVERS\serial.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - TermDD (Pilote de périphérique terminal) -> system32\DRIVERS\termdd.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - VgaSave () -> \SystemRoot\System32\drivers\vga.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - vwififlt (Virtual WiFi Filter Driver) -> system32\DRIVERS\vwififlt.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Wanarpv6 (@%systemroot%\system32\rascfg.dll,-32012) -> system32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - WfpLwf (WFP Lightweight Filter) -> system32\DRIVERS\wfplwf.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - aswMonFlt (aswMonFlt) -> \SystemRoot\system32\drivers\aswMonFlt.sys - AcceptPause: False - AcceptStop: True
S2 - [Kernel Driver] - aswStm (aswStm) -> \SystemRoot\system32\drivers\aswStm.sys - AcceptPause: False - AcceptStop: False
R2 - [Kernel Driver] - lltdio (Link-Layer Topology Discovery Mapper I/O Driver) -> system32\DRIVERS\lltdio.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - rspndr (Link-Layer Topology Discovery Responder) -> system32\DRIVERS\rspndr.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True

---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted)

[MD5.798DE15F187C1F013095BBBEB6FB6197] - [09/11/2014 19:43:23] - (.-.) - [14.88 Ko] - (0.0.0.0) - C:\Windows\Syswow64\Drivers\AsIO.sys
[MD5.1392B92179B07B672720763D9B1028A5] - [24/02/2014 11:49:22] - (.-.) - [14.13 Ko] - (0.0.0.0) - C:\Windows\Syswow64\Drivers\AsUpIO.sys
[MD5.A5E4CDB420540095D1293C874B5F89AA] - [20/09/2011 06:25:56] - (.Copyright (c) MCCI Corporation 1997-2011 - ASUS USB Hub filter driver.) - [45.07 Ko] - (5.28.10.0) - C:\Windows\Syswow64\Drivers\ASUSFILTER.sys
[MD5.19166026A93206F9C6A8CD3A1F010AE4] - [02/04/2009 14:30:14] - (.-.) - [10.05 Ko] - (0.0.0.0) - C:\Windows\Syswow64\Drivers\ASUSHWIO.SYS

---------- | Uninstall

[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\0eadb8531453e3d958446a58ee5be05f] : (.-.) -> 
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\GoToMeeting] : (GoToMeeting 7.1.5.2491.-.CitrixOnline) -> C:\Users\JHAD\AppData\Local\Citrix\GoToMeeting\2491\G2MUninstall.exe /uninstall
[HKU\S-1-5-21-2265211203-1710933605-3900688500-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\PhotoFiltre 7] : (PhotoFiltre 7.-.) -> "C:\Program Files (x86)\PhotoFiltre 7\Uninst.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CCleaner] : (CCleaner.-.Piriform) -> "C:\Program Files\CCleaner\uninst.exe"
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CPUID ASUS CPU-Z_is1] : (CPUID ASUS CPU-Z 1.69.-.CPUID, Inc.) -> "C:\Program Files\CPUID\ASUS CPU-Z\unins000.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\GIMP-2_is1] : (GIMP 2.8.18.-.The GIMP Team) -> "C:\Program Files\GIMP 2\uninst\unins000.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\PROSetDX] : (Intel(R) Network Connections 19.1.51.0.-.Intel) -> MsiExec.exe /i{FD42EE05-18F9-459F-935D-770E75B3BEE5} ARPREMOVE=1
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Sweet Home 3D_is1] : (Sweet Home 3D version 5.2.-.eTeks) -> "C:\Program Files\Sweet Home 3D\unins000.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VulkanRT1.0.11.1] : (Vulkan Run Time Libraries 1.0.11.1.-.LunarG, Inc.) -> C:\Program Files (x86)\VulkanRT\1.0.11.1\UninstallVulkanRT.exe
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}] : (PDFCreator.-.pdfforge GmbH) -> C:\Program Files\PDFCreator\unins001.exe
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0B9D5D50-1530-496F-81FF-CB1B4A298FCA}] : (Intel(R) Chipset Device Software.-.Intel Corporation) -> MsiExec.exe /I{0B9D5D50-1530-496F-81FF-CB1B4A298FCA}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{10E5D94E-A434-4157-BFE2-A3C7B7C7F49F}] : (SOLIDWORKS Simulation Worker Agent 2017 SP01.-.Nom de votre société) -> MsiExec.exe /X{10E5D94E-A434-4157-BFE2-A3C7B7C7F49F}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{12339098-76B6-47CD-B52A-52E4809108F6}] : (SOLIDWORKS eDrawings 2016 x64 Edition SP05.-.Dassault Systèmes SolidWorks Corp) -> MsiExec.exe /I{12339098-76B6-47CD-B52A-52E4809108F6}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1CEAC85D-2590-4760-800F-8DE5E91F3700}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> "C:\ProgramData\Intel\Package Cache\{1CEAC85D-2590-4760-800F-8DE5E91F3700}\Setup.exe" -uninstall
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1E61F7DB-B483-4BAD-8B12-42EEA048FE33}] : (SOLIDWORKS 2017 French Resources.-.Dassault Systèmes SolidWorks Corp) -> MsiExec.exe /X{1E61F7DB-B483-4BAD-8B12-42EEA048FE33}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{23170F69-40C1-2702-1604-000001000000}] : (7-Zip 16.04 (x64 edition).-.Igor Pavlov) -> MsiExec.exe /I{23170F69-40C1-2702-1604-000001000000}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{30E20E5D-5E4E-4874-A35A-952DB3582C29}] : (HP Unified IO.-.HP) -> MsiExec.exe /I{30E20E5D-5E4E-4874-A35A-952DB3582C29}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1] : (Malwarebytes version 3.1.2.1733.-.Malwarebytes) -> "C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe"
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{3B0C2413-8D0E-46E6-87B1-8802A5544903}] : (Photoview 360 Network Render Client 2017 SP01.-.Dassault Systèmes SolidWorks Corp) -> MsiExec.exe /X{3B0C2413-8D0E-46E6-87B1-8802A5544903}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{3DE97849-544D-4D68-9255-11DF6F9F10D8}] : (Intel® Trusted Connect Service Client.-.Intel Corporation) -> MsiExec.exe /I{3DE97849-544D-4D68-9255-11DF6F9F10D8}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{409CB30E-E457-4008-9B1A-ED1B9EA21140}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> "C:\ProgramData\Intel\Package Cache\{409CB30E-E457-4008-9B1A-ED1B9EA21140}\Setup.exe" -uninstall
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{41E08694-1890-4B39-9D1C-B9D27A1D67B3}] : (SOLIDWORKS Explorer 2016 SP05 x64 Edition.-.Dassault Systèmes SolidWorks Corp) -> MsiExec.exe /I{41E08694-1890-4B39-9D1C-B9D27A1D67B3}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{4C66F076-D3AB-49C8-85D4-BAA6D82FCAE2}] : (SolidWorks 2012 x64 Edition SP05.-.SolidWorks) -> MsiExec.exe /X{4C66F076-D3AB-49C8-85D4-BAA6D82FCAE2}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{5751BE02-47BE-4822-B5E5-1F5FC1F5D100}] : (Photoview 360 Network Render Client 2015 SP05 x64 Edition.-.Dassault Systèmes SolidWorks Corp) -> MsiExec.exe /X{5751BE02-47BE-4822-B5E5-1F5FC1F5D100}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{65072E52-F51B-4280-9DA6-EA5F1EE72C3A}] : (HP LaserJet Pro MFP M127-M128 Fax Driver.-.Hewlett-Packard Co.) -> MsiExec.exe /I{65072E52-F51B-4280-9DA6-EA5F1EE72C3A}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}] : (Bonjour.-.Apple Inc.) -> MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{70DFC1C6-C234-4B4D-87C1-E01793AAB130}] : (Blender.-.Blender Foundation) -> MsiExec.exe /I{70DFC1C6-C234-4B4D-87C1-E01793AAB130}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{768F3B65-1695-47B7-9002-B11400CB111D}] : (SOLIDWORKS 2016 x64 Edition SP05.-.Dassault Systemes SolidWorks Corp) -> MsiExec.exe /I{768F3B65-1695-47B7-9002-B11400CB111D}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7C534131-6431-4ECB-9069-525CB5F75CC8}] : (Dassault Systemes Software VC10 Prerequisites x86-x64.-.Dassault Systemes) -> MsiExec.exe /X{7C534131-6431-4ECB-9069-525CB5F75CC8}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{801B5009-F332-4087-A93F-8E61A21FFA86}] : (SOLIDWORKS 2015 x64 French Resources.-.Dassault Systèmes SolidWorks Corp) -> MsiExec.exe /X{801B5009-F332-4087-A93F-8E61A21FFA86}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8537E059-C18B-4DE6-AED6-CD9B90240C35}] : (SOLIDWORKS Composer Player 2016 SP05 x64 Edition.-.Dassault Systèmes SolidWorks Corp) -> MsiExec.exe /I{8537E059-C18B-4DE6-AED6-CD9B90240C35}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision] : (NVIDIA Pilote 3D Vision 362.13.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.3DVision
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel] : (Panneau de configuration NVIDIA 362.13.-.NVIDIA Corporation) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver] : (NVIDIA Pilote graphique 362.13.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView] : (NVIDIA nView 147.00.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.NView
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB] : (NVIDIA Pilote du contrôleur 3D Vision 352.65.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.NVIRUSB
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI] : (NVIDIA WMI 2.25.0.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.NVWMI
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver] : (NVIDIA Pilote audio HD : 1.3.34.4.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage HDAudio.Driver
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] : (NVIDIA Install Application.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B9C27F57-AB84-425F-9D00-E18C5D65C18D}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> MsiExec.exe /I{B9C27F57-AB84-425F-9D00-E18C5D65C18D}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{BB965FD0-077F-4CA4-BFD1-39FFEFF15770}] : (SOLIDWORKS 2017 SP01.-.Dassault Systemes SolidWorks Corp) -> MsiExec.exe /X{BB965FD0-077F-4CA4-BFD1-39FFEFF15770}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C5835004-643A-4EB6-A280-706F9F62F985}] : (HP LaserJet Pro MFP M127-M128 Fax.-.Hewlett-Packard Co.) -> MsiExec.exe /I{C5835004-643A-4EB6-A280-706F9F62F985}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C85FA1D4-E006-42B0-9410-19A24E0E04B9}] : (SOLIDWORKS eDrawings 2015 x64 Edition SP05.-.Dassault Systèmes SolidWorks Corp) -> MsiExec.exe /I{C85FA1D4-E006-42B0-9410-19A24E0E04B9}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D4FC649C-0247-4873-930D-D9E6904DCAF5}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> MsiExec.exe /I{D4FC649C-0247-4873-930D-D9E6904DCAF5}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D61078D4-24FE-47AC-99EA-BA10A7DC7AAA}] : (SolidWorks 2012 x64 French Resources.-.Nom de votre société) -> MsiExec.exe /X{D61078D4-24FE-47AC-99EA-BA10A7DC7AAA}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E1CBE9A2-1323-488E-9F3B-736DF6399F38}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> MsiExec.exe /I{E1CBE9A2-1323-488E-9F3B-736DF6399F38}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F2F2DEA7-36AB-4E13-907C-D8BDE775EF97}] : (Dassault Systemes Software VC9 Prerequisites x86-x64.-.Dassault Systemes) -> MsiExec.exe /X{F2F2DEA7-36AB-4E13-907C-D8BDE775EF97}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}] : (SOLIDWORKS 2015 x64 Edition SP05.-.Dassault Systemes SolidWorks Corp) -> MsiExec.exe /I{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F83DD2AE-7DD6-4EDD-923C-BCE01E9EEDAD}] : (SOLIDWORKS 2016 x64 French Resources.-.Dassault Systèmes SolidWorks Corp) -> MsiExec.exe /X{F83DD2AE-7DD6-4EDD-923C-BCE01E9EEDAD}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{FD42EE05-18F9-459F-935D-770E75B3BEE5}] : (Intel(R) Network Connections 19.1.51.0.-.Intel) -> MsiExec.exe /i{FD42EE05-18F9-459F-935D-770E75B3BEE5} ARPREMOVE=1
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI] : (Adobe Flash Player 26 NPAPI.-.Adobe Systems Incorporated) -> C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_131_Plugin.exe -maintain plugin
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Avast Antivirus] : (Avast Antivirus Gratuit.-.AVAST Software) -> C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EGR-ShellExtension] : (EGR-ShellExtension.-.EasternGraphics) -> "C:\ProgramData\{0ADFD9B5-DE61-4915-9B79-1B8FF79919DC}\EGR-ShellExtension_setup.exe" REMOVE=TRUE MODIFY=FALSE
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fotosizer] : (Fotosizer 1.32.-.Fotosizer.com) -> C:\Program Files (x86)\Fotosizer\uninst.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\GanttProject] : (GanttProject.-.) -> "C:\Program Files (x86)\GanttProject-2.7\uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{D25B5189-FD08-4985-BF86-A52457A7A0A5}] : (AO Help.-.Nom de votre société) -> "C:\Program Files (x86)\InstallShield Installation Information\{D25B5189-FD08-4985-BF86-A52457A7A0A5}\setup.exe" -runfromtemp -l0x040c -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}] : (NEC Electronics USB 3.0 Host Controller Driver.-.NEC Electronics Corporation) -> "C:\Program Files (x86)\InstallShield Installation Information\{D7BF9739-8A68-4335-BBEE-37752AD9E86B}\setup.exe" -runfromtemp -l0x040c -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MeshLab_64b] : (MeshLab_64b 1.3.4BETA.-.Paolo Cignoni - Guido Ranzuglia VCG - ISTI - CNR) -> C:\Program Files\VCG\MeshLab\uninst.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Mozilla Firefox 54.0 (x86 fr)] : (Mozilla Firefox 54.0 (x86 fr).-.Mozilla) -> "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MozillaMaintenanceService] : (Mozilla Maintenance Service.-.Mozilla) -> "C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\NirSoft ProduKey] : (NirSoft ProduKey.-.) -> "C:\Program Files (x86)\NirSoft\ProduKey\uninst.exe"
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\NVIDIAStereo] : (NVIDIA Stereoscopic 3D Driver.-.NVIDIA Corporation) -> "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\PhotoScape] : (PhotoScape.-.) -> "C:\Program Files (x86)\PhotoScape\uninstall.exe"
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SafeZone 3.55.2393.607] : (SafeZone Stable 3.55.2393.607.-.Avast Software) -> "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" /uninstall
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SolidWorks Installation Manager 20120-40500-1100-100] : (SolidWorks 2012 x64 Edition SP05.-.SolidWorks Corporation) -> "C:\Windows\SolidWorks\IM_20120-40500-1100-100\sldim\sldIM.exe" /remove "C:\Windows\SolidWorks\IM_20120-40500-1100-100\sldim\sldIM_installed.xml"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SolidWorks Installation Manager 20150-40500-1100-100] : (SOLIDWORKS 2015 x64 Edition SP05.-.SolidWorks Corporation) -> "C:\Windows\SolidWorks\IM_20150-40500-1100-100\sldim\sldim.exe" /remove "C:\Windows\SolidWorks\IM_20150-40500-1100-100\sldim\sldIM_installed.xml"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SolidWorks Installation Manager 20160-40500-1100-100] : (SOLIDWORKS 2016 x64 Edition SP05.-.SolidWorks Corporation) -> "C:\Windows\SolidWorks\IM_20160-40500-1100-100\sldim\sldim.exe" /remove "C:\Windows\SolidWorks\IM_20160-40500-1100-100\sldim\sldIM_installed.xml"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SolidWorks Installation Manager 20170-40100-1100-100] : (SOLIDWORKS 2017 SP01.-.SolidWorks Corporation) -> "C:\Windows\SolidWorks\IM_20170-40100-1100-100\sldim\sldIM.exe" /remove "C:\Windows\SolidWorks\IM_20170-40100-1100-100\sldim\sldIM_installed.xml"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WinHTTrack Website Copier_is1] : (WinHTTrack Website Copier 3.48-22.-.HTTrack) -> "C:\Program Files (x86)\WinHTTrack\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\XMind_is1] : (XMind 7.5 Update 1 (v3.6.51).-.XMind Ltd.) -> "C:\Program Files (x86)\XMind\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{015CFA5F-1377-48B2-84DB-F4D3DE8EBAF7}] : (.-.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{015CFA5F-1377-48B2-84DB-F4D3DE8EBAF7}\Setup.exe" -l0x9 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{14B5DDCF-61C4-4F1E-A621-844685D60B5A}] : (LibreOffice 5.0.4.2.-.The Document Foundation) -> MsiExec.exe /I{14B5DDCF-61C4-4F1E-A621-844685D60B5A}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{178F0383-A2F1-427C-9881-6EACB8728C76}] : (hppLaserJetService.-.Hewlett-Packard) -> 
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}] : (hppM125LaserJetService.-.Hewlett-Packard) -> MsiExec.exe /I{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1F83046C-90BD-49E2-B918-5E28EDB7D7EF}] : (.-.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1F83046C-90BD-49E2-B918-5E28EDB7D7EF}\Setup.exe" -l0x9 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}] : (Intel(R) USB 3.0 eXtensible Host Controller Driver.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Uninstall\setup.exe -uninstall
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F32180111F0}] : (Java 8 Update 111.-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F32180111F0}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F32180131F0}] : (Java 8 Update 131.-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F32180131F0}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218051F0}] : (Java 8 Update 51.-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83218051F0}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218074F0}] : (Java 8 Update 74.-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83218074F0}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1] : (Samsung Magician.-.Samsung Electronics) -> "C:\Program Files (x86)\Samsung Magician\unins000.exe"
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2F518061-89DB-4AF0-9A7A-2BF73B60E6F0}] : (HP LJ M127128 Scan HP Scan.-.Hewlett-Packard Co.) -> MsiExec.exe /I{2F518061-89DB-4AF0-9A7A-2BF73B60E6F0}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{31AE3593-448E-43AB-B865-C235F64B0FB5}] : (.-.) -> C:\ProgramData\{0ADFD9B5-DE61-4915-9B79-1B8FF79919DC}\EGR-ShellExtension_setup.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3b050369-8d19-413d-9dec-84ff278472eb}] : (HP LaserJet Pro MFP M127-M128.-.Hewlett-Packard) -> C:\Program Files (x86)\HP\csiInstaller\3b050369-8d19-413d-9dec-84ff278472eb\Setup.exe /Uninstall
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{40650318-CC69-4907-9EB7-1EC5AC0DC337}] : (PlatineX.-.Nom de votre société) -> MsiExec.exe /I{40650318-CC69-4907-9EB7-1EC5AC0DC337}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{478F482D-C30B-4876-A080-BE3916268682}] : (MappyPlus.-.Mappy) -> MsiExec.exe /X{478F482D-C30B-4876-A080-BE3916268682}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{51F0751A-46A4-48D6-B106-AFE97D57FC3B}] : (PressionHertz.-.CTICM) -> MsiExec.exe /I{51F0751A-46A4-48D6-B106-AFE97D57FC3B}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5E4DD8C2-A906-4F1B-94B6-4F6A51D625B2}] : (HPLJDXPHelper.-.HP) -> 
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{62022DCB-BA92-4EC2-AE03-9B946E4DBF12}] : (hpbDSService.-.Hewlett-Packard) -> 
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6470E292-3B55-41DC-B5EB-91C34C5ACB5D}] : (hpStatusAlerts.-.Hewlett Packard) -> MsiExec.exe /I{6470E292-3B55-41DC-B5EB-91C34C5ACB5D}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{69713025-2E02-40A5-AFDD-8571C515F038}] : (Würth Technical Software.-.S&P SCS) -> "C:\Program Files (x86)\InstallShield Installation Information\{69713025-2E02-40A5-AFDD-8571C515F038}\setup.exe" -runfromtemp -l0x040c -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7B40EADF-CA1B-423A-A110-89DA90679788}] : (.-.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{7B40EADF-CA1B-423A-A110-89DA90679788}\Setup.exe" -l0x9 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}] : (HP Update.-.Hewlett-Packard) -> MsiExec.exe /X{912D30CF-F39E-4B31-AD9A-123C6B794EE2}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{92374A19-CD4A-498F-92CB-26473EF31FB3}] : (hpStatusAlertsM127-M128.-.Hewlett-Packard) -> MsiExec.exe /I{92374A19-CD4A-498F-92CB-26473EF31FB3}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{98B82958-1DCA-4504-BE88-C91F1C7A7225}] : (D-Link DWA-131 Wireless N Nano USB Adapter.-.D-Link) -> "C:\Program Files (x86)\InstallShield Installation Information\{98B82958-1DCA-4504-BE88-C91F1C7A7225}\setup.exe" -runfromtemp -l0x040c -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9F1A6A24-4901-42F6-A355-5DD2B82E62AE}] : (Samsung Drive Manager.-.Clarus, Inc.) -> "C:\Program Files (x86)\InstallShield Installation Information\{9F1A6A24-4901-42F6-A355-5DD2B82E62AE}\setup.exe" -runfromtemp -l0x040c -removeonly
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A484CDF7-6B53-4191-95D8-17C6259A965B}] : (HP Product FWUpdater.-.Hewlett-Packard Company) -> MsiExec.exe /I{A484CDF7-6B53-4191-95D8-17C6259A965B}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824225037}] : (Adobe Refresh Manager.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-0804-1033-1959-001824225037}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}] : (Adobe Acrobat Reader DC - Français.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-AC0F074E4100}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AF8D8D0D-1262-4368-895E-44DA5632CD7B}] : (.-.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{AF8D8D0D-1262-4368-895E-44DA5632CD7B}\Setup.exe" -l0x9 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AFB80939-4486-49D8-A04E-2B05C0F2DE39}] : (Citrix Online Launcher.-.Citrix) -> MsiExec.exe /I{AFB80939-4486-49D8-A04E-2B05C0F2DE39}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B1CB7E99-4685-45CB-867E-2FB58EDA0A39}] : (HP Unified IO.-.HP) -> MsiExec.exe /I{B1CB7E99-4685-45CB-867E-2FB58EDA0A39}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C0FEE440-FA2F-4C0D-B64C-35F1D4B7A009}] : (.-.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C0FEE440-FA2F-4C0D-B64C-35F1D4B7A009}\Setup.exe" -l0x9 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C740780B-F589-481C-8F59-A32735DEFCFF}] : (.-.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{C740780B-F589-481C-8F59-A32735DEFCFF}\Setup.exe" -l0x9 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}] : (ASUS Product Register Program.-.ASUSTek Computer Inc.) -> MsiExec.exe /I{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D25B5189-FD08-4985-BF86-A52457A7A0A5}] : (AO Help.-.Nom de votre société) -> MsiExec.exe /I{D25B5189-FD08-4985-BF86-A52457A7A0A5}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D46DA5F0-25AD-4B77-98DA-6DD6AF39FBD9}] : (AI Suite 3.-.ASUSTeK Computer Inc.) -> "C:\ProgramData\ASUS\AI Suite III\Setup.exe" -u
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D7BF9739-8A68-4335-BBEE-37752AD9E86B}] : (NEC Electronics USB 3.0 Host Controller Driver.-.NEC Electronics Corporation) -> MsiExec.exe /I{D7BF9739-8A68-4335-BBEE-37752AD9E86B}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EAECD0D7-F27D-4F13-8312-A9C0B5C5F1B7}] : (LJDXPHelperUI.-.HP) -> 
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EF292659-1504-4F78-A737-471E50D8E0A1}] : (HPDXP.-.HP) -> 
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F08687B3-BB9A-4CBC-AE6B-BDF4B642E7BA}] : (hpbM128DSService.-.Hewlett-Packard) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F097B421-3599-4F76-B2A7-F489F70AFCC0}] : (PotArtX.-.CTICM) -> MsiExec.exe /I{F097B421-3599-4F76-B2A7-F489F70AFCC0}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] : (Realtek High Definition Audio Driver.-.Realtek Semiconductor Corp.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{f3e3c5dd-edd0-406b-8aa2-ce5acb93660e}] : (Logiciel pour périphérique à chipset Intel®.-.Intel(R) Corporation) -> "C:\ProgramData\Package Cache\{f3e3c5dd-edd0-406b-8aa2-ce5acb93660e}\SetupChipset.exe"  /uninstall
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F9B579C2-D854-300A-BE62-A09EB9D722E4}] : (Google Talk Plugin.-.Google) -> MsiExec.exe /I{F9B579C2-D854-300A-BE62-A09EB9D722E4}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FAE97B40-E8E2-4B52-9A9E-219C3CCC0107}] : (HP LaserJet Pro MFP M127-M128 Fax.-.Hewlett-Packard Co.) -> MsiExec.exe /I{FAE97B40-E8E2-4B52-9A9E-219C3CCC0107}

---------- | Ports 


---------- | Installer

[HKCR\Installer\Products\04B79EAF2E8E25B4A9E912C9C3CC1070] : HP LaserJet Pro MFP M127-M128 Fax
[HKCR\Installer\Products\05D5D9B00351F69418FFBCB1A492F8AC] : Intel(R) Chipset Device Software
[HKCR\Installer\Products\0DF569BBF7704AC4FB1D93FFFE1F7507] : SOLIDWORKS 2017 SP01 -> C:\Windows\Installer\{BB965FD0-077F-4CA4-BFD1-39FFEFF15770}\i386_SldWorks.exe
[HKCR\Installer\Products\124B790F995367F42B7A4F987FA0CF0C] : PotArtX -> C:\Windows\Installer\{F097B421-3599-4F76-B2A7-F489F70AFCC0}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\131435C71346BCE4099625C55B7FC58C] : Dassault Systemes Software VC10 Prerequisites x86-x64
[HKCR\Installer\Products\160815F2BD980FA4A9A7B27FB3066E0F] : HP LJ M127128 Scan HP Scan
[HKCR\Installer\Products\20EB1575EB7422845B5EF1F51C5F1D00] : Photoview 360 Network Render Client 2015 SP05 x64 Edition -> C:\Windows\Installer\{5751BE02-47BE-4822-B5E5-1F5FC1F5D100}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\25E27056B15F0824D96AAEF5E17EC2A3] : HP LaserJet Pro MFP M127-M128 Fax Driver
[HKCR\Installer\Products\292E074655B3CD145BBE193CC4A5BCD5] : hpStatusAlerts
[HKCR\Installer\Products\2A9EBC1E3231E884F9B337D66F93F983] : Intel(R) Management Engine Components
[HKCR\Installer\Products\2B0163E6D0340BE4183EB2758E9BEDD8] : Bonjour -> C:\Windows\Installer\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}\Bonjour.ico
[HKCR\Installer\Products\2C8DD4E5609AB1F4496BF4A6156D522B] : HPLJDXPHelper
[HKCR\Installer\Products\3142C0B3E0D86E64781B88205A459430] : Photoview 360 Network Render Client 2017 SP01 -> C:\Windows\Installer\{3B0C2413-8D0E-46E6-87B1-8802A5544903}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\3830F8711F2AC7248918E6CA8B27C867] : hppLaserJetService
[HKCR\Installer\Products\3B78680FA9BBCBC4EAB6DB4F6B247EAB] : hpbM128DSService
[HKCR\Installer\Products\4005385CA3466BE42A0807F6F9269F58] : HP LaserJet Pro MFP M127-M128 Fax
[HKCR\Installer\Products\49680E14098193B4D9C19B2DA7D1763B] : SOLIDWORKS Explorer 2016 SP05 x64 Edition -> C:\Windows\Installer\{41E08694-1890-4B39-9D1C-B9D27A1D67B3}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\4D1AF58C600E0B244901912AE4E0409B] : SOLIDWORKS eDrawings 2015 x64 Edition SP05 -> C:\Windows\Installer\{C85FA1D4-E006-42B0-9410-19A24E0E04B9}\eModelViewer1.exe
[HKCR\Installer\Products\4D87016DEF42CA7499AEAB017ACDA7AA] : SolidWorks 2012 x64 French Resources -> C:\Windows\Installer\{D61078D4-24FE-47AC-99EA-BA10A7DC7AAA}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\4EA42A62D9304AC4784BF2238110110F] : Java 8 Update 111 -> C:\Program Files (x86)\Java\jre1.8.0_111\\bin\javaws.exe
[HKCR\Installer\Products\4EA42A62D9304AC4784BF2238110130F] : Java 8 Update 131 -> C:\Program Files (x86)\Java\jre1.8.0_131\\bin\javaws.exe
[HKCR\Installer\Products\4EA42A62D9304AC4784BF2381208150F] : Java 8 Update 51
[HKCR\Installer\Products\4EA42A62D9304AC4784BF2381208470F] : Java 8 Update 74 -> C:\Program Files (x86)\Java\jre1.8.0_74\\bin\javaws.exe
[HKCR\Installer\Products\50EE24DF9F81F95439D577E0573BEB5E] : -> C:\Windows\Installer\{FD42EE05-18F9-459F-935D-770E75B3BEE5}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\56B3F86759617B7409201B4100BC11D1] : SOLIDWORKS 2016 x64 Edition SP05 -> C:\Windows\Installer\{768F3B65-1695-47B7-9002-B11400CB111D}\i386_SldWorks.exe
[HKCR\Installer\Products\670F66C4BA3D8C94584DAB6A8DF2AC2E] : SolidWorks 2012 x64 Edition SP05 -> C:\Windows\Installer\{4C66F076-D3AB-49C8-85D4-BAA6D82FCAE2}\i386_SldWorks.exe
[HKCR\Installer\Products\68AB67CA408033019195008142220573] : Adobe Refresh Manager -> C:\Windows\Installer\{AC76BA86-0804-1033-1959-001824225037}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\68AB67CA7DA76301B744CAF070E41400] : Adobe Acrobat Reader DC - Français -> C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}\SC_Reader.ico
[HKCR\Installer\Products\6E8A266FCD4F2A1409E1C8110F44DBCE] : MSXML 4.0 SP2 (KB973688)
[HKCR\Installer\Products\6F97D78C318F21847B9ACCACBAB81188] : ASUS Product Register Program -> C:\Windows\Installer\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}\_853F67D554F05449430E7E.exe
[HKCR\Installer\Products\75F72C9B48BAF524D9001EC8D5561CD8] : Intel(R) Rapid Storage Technology
[HKCR\Installer\Products\7783908FC2F4DE04B97AF2F9845F71F6] : SOLIDWORKS 2015 x64 Edition SP05 -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\i386_SldWorks.exe
[HKCR\Installer\Products\7AED2F2FBA6331E409C78DDB7E57FE79] : Dassault Systemes Software VC9 Prerequisites x86-x64
[HKCR\Installer\Products\7D0DCEAED72F31F438219A0C5B5C1F7B] : LJDXPHelperUI
[HKCR\Installer\Products\8130560496CC7094E97BE15CCAD03C73] : PlatineX -> C:\Windows\Installer\{40650318-CC69-4907-9EB7-1EC5AC0DC337}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\890933216B67DC745BA2254E0819806F] : SOLIDWORKS eDrawings 2016 x64 Edition SP05 -> C:\Windows\Installer\{12339098-76B6-47CD-B52A-52E4809108F6}\eModelViewer1.exe
[HKCR\Installer\Products\9005B108233F78049AF3E8162AF1AF68] : SOLIDWORKS 2015 x64 French Resources -> C:\Windows\Installer\{801B5009-F332-4087-A93F-8E61A21FFA86}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\91A47329A4DCF89429BC6274E33FF13B] : hpStatusAlertsM127-M128
[HKCR\Installer\Products\9379FB7D86A85334BBEE7357A29D8EB6] : NEC Electronics USB 3.0 Host Controller Driver -> C:\Windows\Installer\{D7BF9739-8A68-4335-BBEE-37752AD9E86B}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E] : Google Update Helper
[HKCR\Installer\Products\94879ED3D44586D4295511FDF6F9018D] : Intel® Trusted Connect Service Client
[HKCR\Installer\Products\950E7358B81C6ED4EA6DDCB90942C053] : SOLIDWORKS Composer Player 2016 SP05 x64 Edition -> C:\Windows\Installer\{8537E059-C18B-4DE6-AED6-CD9B90240C35}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\956292FE405187F47A7374E1058D0E1A] : HPDXP
[HKCR\Installer\Products\96F071321C0420726140000010000000] : 7-Zip 16.04 (x64 edition)
[HKCR\Installer\Products\9815B52D80DF5894FB685A42757A0A5A] : AO Help -> C:\Windows\Installer\{D25B5189-FD08-4985-BF86-A52457A7A0A5}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\981B5D81DDBD75E48AB4857C07E0B90B] : hppM125LaserJetService
[HKCR\Installer\Products\99E7BC1B5864BC5468E7F25BE8ADA093] : HP Unified IO
[HKCR\Installer\Products\A1570F154A646D841B60FA9ED775CFB3] : PressionHertz -> C:\Windows\Installer\{51F0751A-46A4-48D6-B106-AFE97D57FC3B}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\BCD2202629AB2CE4EA30B949E6D4FB21] : hpbDSService
[HKCR\Installer\Products\BD7F16E1384BDAB4B82124EE0A84EF33] : SOLIDWORKS 2017 French Resources -> C:\Windows\Installer\{1E61F7DB-B483-4BAD-8B12-42EEA048FE33}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\BE85C2B02A76B522062B1D99E055DD33] : WPTx64
[HKCR\Installer\Products\C946CF4D7420378439D09D6E09D4AC5F] : Intel(R) Management Engine Components
[HKCR\Installer\Products\D284F874B03C67840A08EB9361626828] : MappyPlus -> C:\Windows\Installer\{478F482D-C30B-4876-A080-BE3916268682}\app_icon.ico
[HKCR\Installer\Products\D5E02E03E4E547843AA559D23B85C292] : HP Unified IO
[HKCR\Installer\Products\DDA39468D428E8B4DB27C8D5DC5CA217] : MSXML 4.0 SP2 (KB954430)
[HKCR\Installer\Products\E49D5E01434A7514FB2E3A7C7B7C4FF9] : SOLIDWORKS Simulation Worker Agent 2017 SP01 -> C:\Windows\Installer\{10E5D94E-A434-4157-BFE2-A3C7B7C7F49F}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\EA2DD38F6DD7DDE429C3CB0EE1E9DEDA] : SOLIDWORKS 2016 x64 French Resources -> C:\Windows\Installer\{F83DD2AE-7DD6-4EDD-923C-BCE01E9EEDAD}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater
[HKCR\Installer\Products\FC03D219E93F13B4DAA921C3B697E42E] : HP Update -> C:\Windows\Installer\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\FCDD5B414C16E1F46A124864586DB0A5] : LibreOffice 5.0.4.2 -> C:\Windows\Installer\{14B5DDCF-61C4-4F1E-A621-844685D60B5A}\soffice.ico

---------- | ADS


---------- | Drives

 Disk: 0   Size=122G
 Pos MBRndx Type/Name  Size Active Hide Start Sector   Sectors
 --- ------ ---------- ---- ------ ---- ------------ ------------
  0    0    07-NTFS    100M   Yes   No         2,048      204,800
  1    1    07-NTFS    122G   No    No       206,848  249,858,048

---------- | MBR

Windows Version:		Windows 7 Professional
Windows Information:		Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer:	ASUSTeK COMPUTER INC.
BIOS Manufacturer:		American Megatrends Inc.
System Manufacturer:		ASUS
System Product Name:		All Series
Logical Drives Mask:		0x0000000e

Analysis of file "C:\QuickDiag\MBR.bin":
Windows 7 MBR code detected

64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin

---------- | 20 LastEventLog

.NET Runtime version 4.0.30319.0 - Échec de l'initialisation de l'infrastructure d'attachement de l'API de profilage. Ce processus ne permet pas l'attachement d'un profileur. HRESULT : 0x80004005.  ID de processus (décimal) : 5124. Id de message : [0x2509].
------------

.NET Runtime version 4.0.30319.0 - Échec de l'initialisation de l'infrastructure d'attachement de l'API de profilage. Ce processus ne permet pas l'attachement d'un profileur. HRESULT : 0x80004005.  ID de processus (décimal) : 5996. Id de message : [0x2509].
------------

.NET Runtime version 4.0.30319.0 - Échec de l'initialisation de l'infrastructure d'attachement de l'API de profilage. Ce processus ne permet pas l'attachement d'un profileur. HRESULT : 0x80004005.  ID de processus (décimal) : 2752. Id de message : [0x2509].
------------

Impossible d’initialiser l’index.

Détails :
	Le catalogue d’index des contenus est endommagé.  (HRESULT : 0xc0041801) (0xc0041801)

------------

Impossible d’initialiser l’application.

Contexte : Application Windows

Détails :
	Le catalogue d’index des contenus est endommagé.  (HRESULT : 0xc0041801) (0xc0041801)

------------

Impossible d’initialiser l’objet rassembleur.

Contexte : Application Windows, Catalogue SystemIndex

Détails :
	Le catalogue d’index des contenus est endommagé.  (HRESULT : 0xc0041801) (0xc0041801)

------------

Impossible d’initialiser le plug-in dans <Search.TripoliIndexer>.

Contexte : Application Windows, Catalogue SystemIndex

Détails :
	Élément introuvable.  (HRESULT : 0x80070490) (0x80070490)

------------

Impossible d’initialiser le plug-in dans <Search.JetPropStore>.

Contexte : Application Windows, Catalogue SystemIndex

Détails :
	Le catalogue d’index des contenus est endommagé.  (HRESULT : 0xc0041801) (0xc0041801)

------------

Le service Windows Search ne peut pas charger les informations de la banque de propriétés.

Contexte : Application Windows, Catalogue SystemIndex

Détails :
	La base de données d’index des contenus est endommagée.  (HRESULT : 0xc0041800) (0xc0041800)

------------

Le service de recherche Windows a été arrêté à cause d’un problème avec l’indexeur : The catalog is corrupt.

Détails :
	Le catalogue d’index des contenus est endommagé.  (HRESULT : 0xc0041801) (0xc0041801)

------------

Le service de recherche a détecté des fichiers de données endommagés dans l’index {id=4700}. Le service tentera de corriger automatiquement ce problème en recréant l’index.

Détails :
	Le catalogue d’index des contenus est endommagé.  (HRESULT : 0xc0041801) (0xc0041801)

------------


------------

Windows (4928) Windows: L'Erreur -1811 s'est produite lors de l'ouverture du fichier journal C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00049.log.
------------

Le filtre d’événement avec la requête « SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 » n’a pas pu être réactivé dans l’espace de noms « //./root/CIMV2 » à cause de l’erreur 0x80041003. Les événements ne peuvent pas être délivrés à travers ce filtre tant que le problème ne sera pas corrigé.
------------

.NET Runtime version 4.0.30319.0 - Échec de l'initialisation de l'infrastructure d'attachement de l'API de profilage. Ce processus ne permet pas l'attachement d'un profileur. HRESULT : 0x80004005.  ID de processus (décimal) : 5356. Id de message : [0x2509].
------------

.NET Runtime version 4.0.30319.0 - Échec de l'initialisation de l'infrastructure d'attachement de l'API de profilage. Ce processus ne permet pas l'attachement d'un profileur. HRESULT : 0x80004005.  ID de processus (décimal) : 6228. Id de message : [0x2509].
------------

.NET Runtime version 4.0.30319.0 - Échec de l'initialisation de l'infrastructure d'attachement de l'API de profilage. Ce processus ne permet pas l'attachement d'un profileur. HRESULT : 0x80004005.  ID de processus (décimal) : 6612. Id de message : [0x2509].
------------

Impossible d’initialiser l’index.

Détails :
	Le catalogue d’index des contenus est endommagé.  (HRESULT : 0xc0041801) (0xc0041801)

------------

Impossible d’initialiser l’application.

Contexte : Application Windows

Détails :
	Le catalogue d’index des contenus est endommagé.  (HRESULT : 0xc0041801) (0xc0041801)

------------


----------( EOF)---------- - 3751 | 09:37:19