--------------- QuickDiag | g3n-h@ckm@n | V3_24.06.17.1 ---------------

----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 24/06/2017 16:27:42

Updated 24/06/2017 | 13.30 (GMT) by g3n-h@ckm@n
Contact : http://www.sosvirus.net/

Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris
[Sylvain (Administrator)] - [SYLVAIN-PC] (S-1-5-21-1977720525-337058645-3963175332-1000)

System: Microsoft Windows 7 Édition Intégrale - Service Pack 1 - (6.1.7601) -  BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> ()
System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True
Boot : Microsoft Windows 7 Édition Intégrale |C:\Windows|\Device\Harddisk0\Partition2
Boot : Normal boot
PC: H55M-S2 - Gigabyte Technology Co., Ltd. - IdNumber:  - UUID: 00000000-0000-0000-0000-1C6F654DA78A
Processor : X64 - 3199 Mhz - Intel(R) Core(TM) i5 CPU         650  @ 3.20GHz
Award Modular BIOS v6.00PG - n|US|iso8859-1 - Award Software International, Inc. - S/N:  - F4 - GBT   - 42302e31
CoreTemp : ? Celsius

----------| Quick


---------- | SoundDevice

NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0012&SUBSYS_10DE0101&REV_1001\5&2F81C93B&0&0001
NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0012&SUBSYS_10DE0101&REV_1001\5&2F81C93B&0&0101
NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0012&SUBSYS_10DE0101&REV_1001\5&2F81C93B&0&0201
NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0012&SUBSYS_10DE0101&REV_1001\5&2F81C93B&0&0301
Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0887&SUBSYS_1458A002&REV_1003\4&35A89E12&0&0201
NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: ROOT\UNNAMED_DEVICE\0000

---------- | Video

NVIDIA GeForce GTX 460 - Resolution: 1920x1080 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: nvd3dumx.dll,nvwgf2umx.dll,nvwgf2umx.dll,nvd3dum,nvwgf2um,nvwgf2um - PNPDeviceID: PCI\VEN_10DE&DEV_0E22&SUBSYS_086510DE&REV_A1\4&25EF8B73&0&0008 - AdapterCompatibility: NVIDIA - RAM: 1073741824
Inegrated Video Chipset DeviceName: NVIDIA GeForce GTX 460 - DriverVersion: 9.18.13.5012 - SpecificationVersion: 1025

---------- | Codecs

c:\windows\system32\lvcod64.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 475672 -  Manufacturer: Logitech Inc. - Status: OK
c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16384 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 24064 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25600 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 29184 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 22016 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 81408 -  Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK
c:\windows\system32\frapsv64.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 71680 -  Manufacturer: Beepa P/L - Status: OK

---------- | CPU

CPU #1 value:12 %
CPU #2 value:62 %
CPU #3 value:25 %
CPU #4 value:0 %
Total Overall CPU Usage value:25 %

---------- | Network

Realtek PCIe GBE Family Controller : SENT:0 bytes/sec / RECVD:0 bytes/sec
TRENDnet Wireless N PC Card_PCI Adapter : SENT:0 bytes/sec / RECVD:0 bytes/sec
Microsoft Virtual WiFi Miniport Adapter : SENT:0 bytes/sec / RECVD:0 bytes/sec

Overall -> SEND Maxium:25 bytes/sec,  /  RECEIVE Maximum:0 bytes/sec

WAN Miniport (SSTP) - - Microsoft - Status: - PnPID : ROOT\MS_SSTPMINIPORT\0000
WAN Miniport (IKEv2) - - Microsoft - Status: - PnPID : ROOT\MS_AGILEVPNMINIPORT\0000
WAN Miniport (L2TP) - - Microsoft - Status: - PnPID : ROOT\MS_L2TPMINIPORT\0000
WAN Miniport (PPTP) - - Microsoft - Status: - PnPID : ROOT\MS_PPTPMINIPORT\0000
WAN Miniport (PPPOE) - - Microsoft - Status: - PnPID : ROOT\MS_PPPOEMINIPORT\0000
WAN Miniport (IPv6) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANIPV6\0000
WAN Miniport (Network Monitor) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANBH\0000
Realtek PCIe GBE Family Controller - Ethernet 802.3 - Realtek - Status: - PnPID : PCI\VEN_10EC&DEV_8168&SUBSYS_E0001458&REV_06\4&906ED74&0&00E5
WAN Miniport (IP) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANIP\0000
Apple Mobile Device Ethernet - - - Status: - PnPID : 
RAS Async Adapter - - - Status: - PnPID : 
Microsoft Teredo Tunneling Adapter - - Microsoft - Status: - PnPID : ROOT\*TEREDO\0000
TRENDnet Wireless N PC Card/PCI Adapter - Ethernet 802.3 - Realtek Semiconductor Corp. - Status: - PnPID : PCI\VEN_10EC&DEV_8190&SUBSYS_819010EC&REV_00\4&F52DBAB&0&10F0
Microsoft Virtual WiFi Miniport Adapter - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&2DCFC333&0&01

---------- | Memory

RAM = Total (MB) : 4055 | Free (MB) : 1972
Pagefile = Total (MB) : 8107 | Free (MB) : 5716
Virtual = Total (MB) : 4194 | Free (MB) : 4012

Physical Memory 0 : Capacity: 2147483648 - A0 - Posit.: 0 - Manufacturer:  - PartNumber:  - S/N:  
Physical Memory 2 : Capacity: 2147483648 - A2 - Posit.: 0 - Manufacturer:  - PartNumber:  - S/N:  

---------- | SID Users

Administrateur : [S-1-5-21-1977720525-337058645-3963175332-500]
HomeGroupUser$ : [S-1-5-21-1977720525-337058645-3963175332-1002]
Invité : [S-1-5-21-1977720525-337058645-3963175332-501]
Sylvain : [S-1-5-21-1977720525-337058645-3963175332-1000]
Administrateurs : [S-1-5-32-544]
Duplicateurs : [S-1-5-32-552]
IIS_IUSRS : [S-1-5-32-568]
Invités : [S-1-5-32-546]
Lecteurs des journaux d’événements : [S-1-5-32-573]
Opérateurs de chiffrement : [S-1-5-32-569]
Opérateurs de configuration réseau : [S-1-5-32-556]
Opérateurs de sauvegarde : [S-1-5-32-551]
Utilisateurs : [S-1-5-32-545]
Utilisateurs avec pouvoir : [S-1-5-32-547]
Utilisateurs de l’Analyseur de performances : [S-1-5-32-558]
Utilisateurs du Bureau à distance : [S-1-5-32-555]
Utilisateurs du journal de performances : [S-1-5-32-559]
Utilisateurs du modèle COM distribué : [S-1-5-32-562]
HomeUsers : [S-1-5-21-1977720525-337058645-3963175332-1001]

---------- | SystemAccounts

Name: Tout le monde - SID: S-1-1-0 - SIDType: 5 - Status: OK
Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK
Name: CREATEUR PROPRIETAIRE - SID: S-1-3-0 - SIDType: 5 - Status: OK
Name: GROUPE CREATEUR - SID: S-1-3-1 - SIDType: 5 - Status: OK
Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK
Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK
Name: DROITS DU PROPRIÉTAIRE - SID: S-1-3-4 - SIDType: 5 - Status: OK
Name: LIGNE - SID: S-1-5-1 - SIDType: 5 - Status: OK
Name: RESEAU - SID: S-1-5-2 - SIDType: 5 - Status: OK
Name: TACHE - SID: S-1-5-3 - SIDType: 5 - Status: OK
Name: INTERACTIF - SID: S-1-5-4 - SIDType: 5 - Status: OK
Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK
Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK
Name: Proxy - SID: S-1-5-8 - SIDType: 5 - Status: OK
Name: Système - SID: S-1-5-18 - SIDType: 5 - Status: OK
Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK
Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK
Name: Utilisateurs authentifiés - SID: S-1-5-11 - SIDType: 5 - Status: OK
Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK
Name: UTILISATEUR TERMINAL SERVER - SID: S-1-5-13 - SIDType: 5 - Status: OK
Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK
Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK
Name: SERVICE LOCAL - SID: S-1-5-19 - SIDType: 5 - Status: OK
Name: SERVICE RÉSEAU - SID: S-1-5-20 - SIDType: 5 - Status: OK
Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK

---------- | Drives

C:\ -> [Fixed] | [Partition Système et Software] | Total : 387.54 Go | Free : 289.18 Go -> NTFS [ATA]
E:\ -> [Fixed] | [Partition Documents] | Total : 78.12 Go | Free : 62.95 Go -> NTFS [ATA]

Disk Usage Information [1 total Physical Disks]

Physical Drive #0 [C:, E:] : Read:0 bytes/sec, Written:15,716 bytes/sec Max Read:0 bytes/sec, Max Write:15,716 bytes/sec 

Overall - Read Maximum:0 bytes/sec, Write Maximum:15,716 bytes/sec

DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 3 Part. - PnPID : IDE\DISKST3500418AS_____________________________CC46____\5&2CA5C2&0&0.0.0

---------- | Windows updates

Last detection : 2016-09-06 16:35:01
Downloaded last ones : 2016-12-15 11:25:39
Installed last ones : 2016-12-15 22:36:57
Next search : 2017-06-24 12:42:57

Test 1 : Windows Is Activated

---------- | Browsers

IE : 11.0.9600.18450     (© Microsoft Corporation. Tous droits réservés.)
GC : 58.0.3029.110     (Copyright 2016 Google Inc.)

Default : "C:\Program Files\Internet Explorer\iexplore.exe" ""

---------- | FlashPlayer


---------- | Security

AV : avast! Antivirus Enabled
AS : avast! Antivirus Enabled
AM : Malwarebytes' Anti-Malware   ( 1.0.2.929)     [Update : 04/09/2014 14:22:12]
FW : WINDOWS Firewall
WMI : OK
WU: Windows Update Service [Auto(2)] = Running
AS: Windows Defender [Auto(2)] = Running
WMI: Windows Management Instrumentation [Auto(2)] = Running



---------- | Running processes

376 | [Owner : Système | Parent : 4(System) | 1.22 Mo] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (6.1.7601.23539) = C:\Windows\System32\smss.exe     [15/12/2016 13:24:06]    CPU Usage:0 %
556 | [Owner : Système | Parent : 548() | 4.75 Mo] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe     [14/07/2009 01:19:49]    CPU Usage:0 %
596 | [Owner : Système | Parent : 548() | 4.66 Mo] - (.Microsoft Corporation - Application de démarrage de Windows.) - (6.1.7600.16385) = C:\Windows\System32\wininit.exe     [14/07/2009 01:52:37]    CPU Usage:0 %
620 | [Owner : Système | Parent : 608(svchost.exe) | 14.84 Mo] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe     [14/07/2009 01:19:49]    CPU Usage:0 %
664 | [Owner : Système | Parent : 608(svchost.exe) | 7.74 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (6.1.7601.18540) = C:\Windows\System32\winlogon.exe     [15/10/2014 09:56:08]    CPU Usage:0 %
712 | [Owner : Système | Parent : 596(wininit.exe) | 10.98 Mo] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (6.1.7601.18829) = C:\Windows\System32\services.exe     [13/05/2015 09:27:17]    CPU Usage:0 %
720 | [Owner : Système | Parent : 596(wininit.exe) | 14.37 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7601.23539) = C:\Windows\System32\lsass.exe     [15/12/2016 13:24:06]    CPU Usage:0 %
728 | [Owner : Système | Parent : 596(wininit.exe) | 4.49 Mo] - (.Microsoft Corporation - Service du gestionnaire de session locale.) - (6.1.7601.17514) = C:\Windows\System32\lsm.exe     [17/01/2011 22:14:56]    CPU Usage:0 %
824 | [Owner : Système | Parent : 712(services.exe) | 10.13 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
912 | [Owner : Système | Parent : 712(services.exe) | 7.9 Mo] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 350.12.) - (8.17.13.5012) = C:\Windows\System32\nvvsvc.exe     [21/12/2010 19:08:02]    CPU Usage:0 %
936 | [Owner : Système | Parent : 712(services.exe) | 5.91 Mo] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - (7.17.13.5012) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe     [23/04/2015 17:41:50]    CPU Usage:0 %
980 | [Owner : SERVICE RÉSEAU | Parent : 712(services.exe) | 8.56 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
292 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 19.21 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
508 | [Owner : Système | Parent : 712(services.exe) | 164.64 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
484 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 12.97 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
608 | [Owner : Système | Parent : 712(services.exe) | 169.9 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:23 %
1196 | [Owner : SERVICE RÉSEAU | Parent : 712(services.exe) | 17.26 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
1288 | [Owner : Système | Parent : 712(services.exe) | 41.85 Mo] - (.AVAST Software - avast! Service.) - (12.1.3076.0) = C:\Program Files\AVAST Software\Avast\AvastSvc.exe     [12/07/2016 10:56:58]    CPU Usage:0 %
1320 | [Owner : Système | Parent : 912(nvvsvc.exe) | 21.92 Mo] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.5012) = C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe     [21/12/2010 19:07:44]    CPU Usage:0 %
1328 | [Owner : Système | Parent : 912(nvvsvc.exe) | 13.3 Mo] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 350.12.) - (8.17.13.5012) = C:\Windows\System32\nvvsvc.exe     [21/12/2010 19:08:02]    CPU Usage:0 %
1628 | [Owner : Sylvain | Parent : 508(svchost.exe) | 8.83 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (6.1.7600.16385) = C:\Windows\System32\dwm.exe     [14/07/2009 01:37:38]    CPU Usage:0 %
1644 | [Owner : Sylvain | Parent : 1616() | 69.14 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (6.1.7601.23418) = C:\Windows\explorer.exe     [15/06/2016 16:59:54]    CPU Usage:0 %
1692 | [Owner : Système | Parent : 608(svchost.exe) | 5.76 Mo] - (.Microsoft Corporation - Moteur du Planificateur de tâches.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe     [17/01/2011 22:16:05]    CPU Usage:0 %
1716 | [Owner : Système | Parent : 712(services.exe) | 13.5 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (6.1.7601.17777) = C:\Windows\System32\spoolsv.exe     [20/08/2012 17:09:31]    CPU Usage:0 %
1736 | [Owner : Sylvain | Parent : 712(services.exe) | 11.48 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.1.7601.18010) = C:\Windows\System32\taskhost.exe     [09/01/2013 10:28:27]    CPU Usage:0 %
1840 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 16.85 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
1984 | [Owner : Système | Parent : 712(services.exe) | 4.12 Mo] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.22.5037) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe     [25/04/2017 09:12:12]    CPU Usage:0 %
2012 | [Owner : Système | Parent : 712(services.exe) | 9.55 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
2044 | [Owner : Système | Parent : 712(services.exe) | 4.06 Mo] - (.Flexera Software LLC - Activation Licensing Service.) - (11.11.0.0) = C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe     [18/03/2011 21:15:58]    CPU Usage:0 %
1488 | [Owner : Système | Parent : 712(services.exe) | 5.68 Mo] - (.Intel Corporation - Local Manageability Service.) - (6.0.0.1184) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe     [26/02/2011 20:23:45]    CPU Usage:0 %
2096 | [Owner : Système | Parent : 712(services.exe) | 4.99 Mo] - (.Nalpeiron Ltd. - This service enables products that use the Nalpeiron Licensing System.) - (6.1.6.0) = C:\Windows\SysWOW64\nlssrv32.exe     [08/12/2009 21:10:24]    CPU Usage:0 %
2156 | [Owner : Système | Parent : 712(services.exe) | 5.9 Mo] - (.NVIDIA Corporation - NVIDIA Network Service.) - (2.0.2.28) = C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe     [29/10/2014 13:42:30]    CPU Usage:0 %
2204 | [Owner : Système | Parent : 712(services.exe) | 10.34 Mo] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (3.1.1000.0) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe     [29/10/2014 13:43:26]    CPU Usage:0 %
2304 | [Owner : Sylvain | Parent : 1644(explorer.exe) | 14.86 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.501) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe     [26/02/2011 20:24:17]    CPU Usage:0 %
2348 | [Owner : Sylvain | Parent : 1644(explorer.exe) | 10.53 Mo] - (.DT Soft Ltd - DAEMON Tools Lite.) - (4.40.2.131) = C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe     [20/01/2011 11:20:12]    CPU Usage:0 %
2408 | [Owner : Sylvain | Parent : 1644(explorer.exe) | 16.02 Mo] - (.- WlanCU MFC Application.) - (1.24.124.50) = C:\Program Files\TRENDnet\TEW-641PC_TEW-643PI\WlanCU.exe     [09/05/2012 21:52:59]    CPU Usage:0 %
2576 | [Owner : Sylvain | Parent : 1320(NvXDSync.exe) | 12.88 Mo] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.5012) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe     [21/12/2010 19:07:58]    CPU Usage:0 %
2624 | [Owner : SERVICE RÉSEAU | Parent : 2204(nvstreamsvc.exe) | 13.05 Mo] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (3.1.1000.0) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe     [29/10/2014 13:43:26]    CPU Usage:0 %
2632 | [Owner : Système | Parent : 2204(nvstreamsvc.exe) | 14.29 Mo] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (3.1.1000.0) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe     [29/10/2014 13:43:26]    CPU Usage:0 %
2644 | [Owner : Système | Parent : 620(csrss.exe) | 4.72 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (6.1.7601.23539) = C:\Windows\System32\conhost.exe     [15/12/2016 13:24:06]    CPU Usage:0 %
2652 | [Owner : SERVICE RÉSEAU | Parent : 556(csrss.exe) | 3.09 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (6.1.7601.23539) = C:\Windows\System32\conhost.exe     [15/12/2016 13:24:06]    CPU Usage:0 %
2800 | [Owner : Sylvain | Parent : 2384() | 25.59 Mo] - (.AVAST Software - avast! Antivirus.) - (12.1.3076.11) = C:\Program Files\AVAST Software\Avast\avastui.exe     [09/08/2016 10:42:23]    CPU Usage:0 %
2820 | [Owner : Sylvain | Parent : 2384() | 5.5 Mo] - (.M-Audio, a brand of inMusic Brands, Inc. - M-Audio ProFire Tray Application.) - (5.10.0.5084) = C:\Windows\SysWOW64\MAFWDITray.exe     [03/06/2013 18:17:36]    CPU Usage:0 %
2840 | [Owner : Sylvain | Parent : 2576(nvtray.exe) | 25.19 Mo] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) - (16.13.56.0) = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe     [29/10/2014 13:43:19]    CPU Usage:0 %
2864 | [Owner : Sylvain | Parent : 2384() | 25.67 Mo] - (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) - (2.6.46.129) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe     [23/06/2017 22:31:02]    CPU Usage:0 %
3204 | [Owner : Système | Parent : 712(services.exe) | 14.57 Mo] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - (2.6.46.77) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe     [23/06/2017 22:31:08]    CPU Usage:0 %
3264 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 6.44 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
3296 | [Owner : Système | Parent : 712(services.exe) | 7.5 Mo] - (.- WlanSvc Application.) - (1.0.0.4) = C:\Program Files\TRENDnet\TEW-641PC_TEW-643PI\WlanWpsSvc.exe     [09/05/2012 21:52:59]    CPU Usage:0 %
3448 | [Owner : Système | Parent : 712(services.exe) | 10.39 Mo] - (.Safer-Networking Ltd. - Windows Security Center integration..) - (2.6.46.3) = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe     [23/06/2017 22:31:11]    CPU Usage:0 %
3792 | [Owner : SERVICE RÉSEAU | Parent : 824(svchost.exe) | 13.3 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\System32\wbem\WmiPrvSE.exe     [17/01/2011 22:15:43]    CPU Usage:0 %
4692 | [Owner : Sylvain | Parent : 824(svchost.exe) | 6.25 Mo] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.1.7600.16385) = C:\Windows\System32\wbem\unsecapp.exe     [14/07/2009 01:47:12]    CPU Usage:0 %
4792 | [Owner : Système | Parent : 712(services.exe) | 15.36 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe     [27/08/2011 20:28:47]    CPU Usage:0 %
4988 | [Owner : SERVICE RÉSEAU | Parent : 712(services.exe) | 6.08 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
2620 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 9.97 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
3892 | [Owner : Système | Parent : 712(services.exe) | 11.72 Mo] - (.Intel Corporation - User Notification Service.) - (6.0.0.1184) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe     [26/02/2011 20:23:46]    CPU Usage:0 %
1548 | [Owner : Système | Parent : 712(services.exe) | 35.93 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.1.7600.16385) = C:\Windows\System32\svchost.exe     [14/07/2009 01:31:13]    CPU Usage:0 %
1356 | [Owner : SERVICE RÉSEAU | Parent : 712(services.exe) | 6.99 Mo] - (.Microsoft Corporation - Service Partage réseau du Lecteur Windows Media.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe     [17/01/2011 22:17:37]    CPU Usage:0 %
4876 | [Owner : Sylvain | Parent : 1644(explorer.exe) | 120.19 Mo] - (.Google Inc. - Google Chrome.) - (58.0.3029.110) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [05/09/2014 16:51:37]    CPU Usage:0 %
4508 | [Owner : Sylvain | Parent : 4876(chrome.exe) | 6.1 Mo] - (.Google Inc. - Google Chrome.) - (58.0.3029.110) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [05/09/2014 16:51:37]    CPU Usage:0 %
2640 | [Owner : Sylvain | Parent : 4876(chrome.exe) | 7.22 Mo] - (.Google Inc. - Google Chrome.) - (58.0.3029.110) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [05/09/2014 16:51:37]    CPU Usage:0 %
5012 | [Owner : Sylvain | Parent : 4876(chrome.exe) | 92.5 Mo] - (.Google Inc. - Google Chrome.) - (58.0.3029.110) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [05/09/2014 16:51:37]    CPU Usage:9 %
4872 | [Owner : Sylvain | Parent : 4876(chrome.exe) | 188.67 Mo] - (.Google Inc. - Google Chrome.) - (58.0.3029.110) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [05/09/2014 16:51:37]    CPU Usage:0 %
3968 | [Owner : Sylvain | Parent : 4876(chrome.exe) | 65.09 Mo] - (.Google Inc. - Google Chrome.) - (58.0.3029.110) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [05/09/2014 16:51:37]    CPU Usage:0 %
3352 | [Owner : Sylvain | Parent : 4876(chrome.exe) | 74.36 Mo] - (.Google Inc. - Google Chrome.) - (58.0.3029.110) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [05/09/2014 16:51:37]    CPU Usage:0 %
4592 | [Owner : Sylvain | Parent : 4876(chrome.exe) | 102.72 Mo] - (.Google Inc. - Google Chrome.) - (58.0.3029.110) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe     [05/09/2014 16:51:37]    CPU Usage:0 %
4420 | [Owner : SERVICE LOCAL | Parent : 292(svchost.exe) | ?????] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (6.1.7601.18741) = C:\Windows\System32\audiodg.exe     [11/03/2015 09:59:20]    CPU Usage:0 %
1856 | [Owner : Sylvain | Parent : 1644(explorer.exe) | 36.13 Mo] - (.SosVirus - QuickDiag.) - (24.6.17.1) = C:\Users\Sylvain\Downloads\QuickDiag.exe     [24/06/2017 16:26:29]    CPU Usage:0 %
1136 | [Owner : Système | Parent : 824(svchost.exe) | 6.58 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\System32\wbem\WmiPrvSE.exe     [17/01/2011 22:15:43]    CPU Usage:0 %
536 | [Owner : SERVICE RÉSEAU | Parent : 824(svchost.exe) | 7.35 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe     [17/01/2011 22:16:05]    CPU Usage:0 %
2736 | [Owner : SERVICE RÉSEAU | Parent : 712(services.exe) | 11.8 Mo] - (.Microsoft Corporation - Service de la plateforme de protection logicielle Microsoft.) - (6.1.7601.17514) = C:\Windows\System32\sppsvc.exe     [17/01/2011 22:15:05]    CPU Usage:0 %

---------- | MD5

[MD5.9DA3B83F80E205B6C601EEE1312FD0A0] - [15/06/2016 16:59:54] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3155.5 Ko] - (6.1.7601.23418) : C:\Windows\Explorer.exe
[MD5.5746BD7E255DD6A8AFA06F7C42C1BA41] - [17/01/2011 22:15:00] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [337 Ko] - (6.1.7601.17514) : C:\Windows\System32\cmd.exe
[MD5.60C2862B4BF0FD9F582EF344C2B1EC72] - [14/07/2009 01:19:49] - (.© Microsoft Corporation. Tous droits réservés. - Processus d’exécution client-serveur.) - [7.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\csrss.exe
[MD5.A8EDB86FC2A4D6D1285E4C70384AC35A] - [14/07/2009 01:59:17] - (.© Microsoft Corporation. - COM Surrogate.) - [9.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\dllhost.exe
[MD5.C9805CDE0B275E7554F9023497169B9B] - [15/12/2016 13:24:07] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [1136 Ko] - (6.1.7601.23539) : C:\Windows\System32\Kernel32.dll
[MD5.07932D7BA536B0BB58306A156A9AFC31] - [15/12/2016 13:24:06] - (.© Microsoft Corporation. - Local Security Authority Process.) - [30 Ko] - (6.1.7601.23539) : C:\Windows\System32\lsass.exe
[MD5.622C96AFB07BB82C8650B47172137AC4] - [13/04/2016 10:46:10] - (.© Microsoft Corporation. - Distributed COM Services.) - [499.5 Ko] - (6.1.7601.19143) : C:\Windows\System32\rpcss.dll
[MD5.DD81D91FF3B0763C392422865C9AC12E] - [14/07/2009 01:57:20] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [44.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\rundll32.exe
[MD5.71C85477DF9347FE8E7BC55768473FCA] - [13/05/2015 09:27:17] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [321 Ko] - (6.1.7601.18829) : C:\Windows\System32\services.exe
[MD5.C78655BC80301D76ED4FEF1C1EA40A7D] - [14/07/2009 01:31:13] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [26.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\svchost.exe
[MD5.8F4B991E7837E8E0F90C856659456652] - [15/12/2016 13:20:38] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l’API uilisateur de Windows multi-utilisateurs.) - [985.5 Ko] - (6.1.7601.23528) : C:\Windows\System32\user32.dll
[MD5.BAFE84E637BF7388C96EF48D4D3FDD53] - [17/01/2011 22:16:12] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Userinit.) - [30 Ko] - (6.1.7601.17514) : C:\Windows\System32\userinit.exe
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - [14/07/2009 01:52:37] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [126 Ko] - (6.1.7600.16385) : C:\Windows\System32\Wininit.exe
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - [15/10/2014 09:56:08] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Windows.) - [444.5 Ko] - (6.1.7601.18540) : C:\Windows\System32\Winlogon.exe
[MD5.9A4A1EEE802BF2F878EE8EAB407B21B7] - [11/11/2015 12:25:32] - (.© Microsoft Corporation. Tous droits réservés. - Ancillary Function Driver for WinSock.) - [486 Ko] - (6.1.7601.19031) : C:\Windows\System32\Drivers\afd.sys
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - [14/07/2009 01:19:47] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [23.56 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\atapi.sys
[MD5.059F00DEF82BF41E433B7ED465847726] - [06/10/2013 19:39:12] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [151.94 Ko] - (6.1.7601.18231) : C:\Windows\System32\Drivers\ataport.sys
[MD5.B8BD2BB284668C84865658C77574381A] - [14/07/2009 01:19:47] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [90 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\cdfs.sys
[MD5.F036CE71586E93D94DAB220D7BDF4416] - [17/01/2011 22:14:40] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [144 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\cdrom.sys
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - [17/01/2011 22:16:16] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [100 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\dfsc.sys
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - [17/01/2011 22:14:39] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [119.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\hdaudbus.sys
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - [14/07/2009 01:19:58] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [103 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\i8042prt.sys
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - [14/07/2009 02:10:03] - (.© Microsoft Corporation. - IP Network Address Translator.) - [113.5 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\ipnat.sys
[MD5.341C65D6D4E9AB705258AC83511F7ADD] - [15/12/2016 13:24:06] - (.© Microsoft Corporation. - Windows NT SMB Minirdr.) - [156 Ko] - (6.1.7601.23539) : C:\Windows\System32\Drivers\mrxsmb.sys
[MD5.F7309F42555F8AAB7144A51A1F2585B0] - [11/11/2015 12:25:24] - (.© Microsoft Corporation. Tous droits réservés. - Pilote NDIS 6.20.) - [928.44 Ko] - (6.1.7601.19030) : C:\Windows\System32\Drivers\ndis.sys
[MD5.E47D571FEC2C76E867935109AB2A770C] - [15/06/2016 17:00:09] - (.© Microsoft Corporation. - MBT Transport driver.) - [256 Ko] - (6.1.7601.23451) : C:\Windows\System32\Drivers\netbt.sys
[MD5.47B2D0B31BDC3EBE6090228E2BA3764D] - [09/03/2016 11:54:44] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [1644.94 Ko] - (6.1.7601.19116) : C:\Windows\System32\Drivers\ntfs.sys
[MD5.0086431C29C35BE1DBC43F52CC273887] - [14/07/2009 02:00:41] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [95 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\parport.sys
[MD5.471815800AE33E6F1C32FB1B97C490CA] - [17/01/2011 22:16:17] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [126.5 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\rasl2tp.sys
[MD5.1B6163C503398B23FF8B939C67747683] - [17/01/2011 22:17:40] - (.© Microsoft Corporation. - Microsoft RDP Device redirector.) - [162 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\rdpdr.sys
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - [14/07/2009 02:09:09] - (.© Microsoft Corporation. - SMB Transport driver.) - [91 Ko] - (6.1.7600.16385) : C:\Windows\System32\Drivers\smb.sys
[MD5.B2875D7ABB82867DC3AA03D991940201] - [15/12/2016 13:20:37] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [1851.73 Ko] - (6.1.7601.23496) : C:\Windows\System32\Drivers\tcpip.sys
[MD5.AA77EB517D2F07A947294F260E3ACA83] - [11/11/2015 12:25:32] - (.© Microsoft Corporation. - TDI Translation Driver.) - [115.5 Ko] - (6.1.7601.19031) : C:\Windows\System32\Drivers\tdx.sys
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - [17/01/2011 22:14:40] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de cliché instantané du volume.) - [288.88 Ko] - (6.1.7601.17514) : C:\Windows\System32\Drivers\volsnap.sys

---------- | Locked Applications


---------- | Explorer.exe component call (Microsoft Files Whitelisted)

(.AVAST Software.-.avast! Shell Extension.) - (12.1.3076.0) -- C:\Program Files\AVAST Software\Avast\ashShA64.dll
(.Autodesk, Inc..-.AutoCAD component.) - (19.1.18.0) -- C:\Windows\system32\AcSignIcon.dll
(..-..) - (14.0.7109.5000) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
(.Malwarebytes Corporation.-.Malwarebytes Anti-Malware.) - (3.0.6.0) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll
(.Safer-Networking Ltd..-.Windows Explorer context menu integration.) - (2.6.46.0) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll
(.Autodesk.-.AutoCAD Dwg common shell extension handler.) - (19.1.18.0) -- C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll

---------- | Svchost.exe component call (Microsoft Files Whitelisted)


---------- | ZeroAccess Check

Zaccess : C:\Users\Sylvain\AppData\Local\Dropbox
[HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll
[HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll
[HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll

---------- | Startings up

Sidebar - (%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL
Sidebar - (%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU
DAEMON Tools Lite - ("C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [HKU\S-1-5-21-1977720525-337058645-3963175332-1000\SOFTWARE\...\Run]) - User: Sylvain-PC\Sylvain
Wireless Configuration Utility - (C:\PROGRA~1\TRENDnet\TEW-64~1\WlanCU.exe  [Common Startup]) - User: Public
RtHDVCpl - (C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [HKLM\SOFTWARE\...\Run]) - User: Public
BCSSync - ("C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [HKLM\SOFTWARE\...\Run]) - User: Public

[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Microsoft\Command Processor]
"CompletionChar"=9   
"DefaultColor"=0   
"EnableExtensions"=1   
"PathCompletionChar"=9   

[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun   

[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"UserSelectedDefault"=1   
"Run"=   
"Load"=   
"Device"=PDFCreator,winspool,Ne00:   

[HKLM\Software\Microsoft\Command Processor]
"CompletionChar"=64   
"DefaultColor"=0   
"EnableExtensions"=1   
"PathCompletionChar"=64   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s   
"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices   

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"IconServiceLib"=IconCodecService.dll   
"DdeSendTimeout"=0   
"DesktopHeapLogging"=1   
"GDIProcessHandleQuota"=10000   
"ShutdownWarningDialogTimeout"=4294967295   
"USERNestedWindowLimit"=50   
"USERPostMessageLimit"=10000   
"USERProcessHandleQuota"=10000   
""=mnmsrvc   
"DeviceNotSelectedTimeout"=15   
"Spooler"=yes   
"TransmissionRetryTimeout"=90   
"AppInit_DLLs"=   
"LoadAppInit_DLLs"=0   

[HKLM\Software\WOW6432Node\Microsoft\Command Processor]
"CompletionChar"=64   
"DefaultColor"=0   
"EnableExtensions"=1   
"PathCompletionChar"=64   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui   
"kxesc"="c:\program files (x86)\kingsoft\kingsoft antivirus\kxetray.exe" -autorun   
"M-Audio Taskbar Icon"=C:\Windows\system32\MAFWDITray.exe   
"SDTray"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows]
"IconServiceLib"=IconCodecService.dll   
"DdeSendTimeout"=0   
"DesktopHeapLogging"=1   
"GDIProcessHandleQuota"=10000   
"ShutdownWarningDialogTimeout"=4294967295   
"USERNestedWindowLimit"=50   
"USERPostMessageLimit"=10000   
"USERProcessHandleQuota"=10000   
""=mnmsrvc   
"DeviceNotSelectedTimeout"=15   
"Spooler"=yes   
"TransmissionRetryTimeout"=90   
"LoadAppInit_DLLs"=0   
"AppInit_DLLs"=   

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED}   


---------- | Win.ini : 



---------- | System.ini : 



---------- | Tasks List

Adobe Acrobat Update Task
avast! Emergency Update
CCleanerSkipUAC
GoogleUpdateTaskMachineCore
GoogleUpdateTaskMachineUA
SafeZone scheduled Autoupdate 1468396191
{4D21073F-F9D2-48C0-BAA2-FD2B61D75935}
{8F7BB595-E856-41C1-8D2E-F897D6C5D3CB}
{ABB20271-B0C9-4437-874F-706654CF579B}

---------- | Startings up registry ¦ Folder

[HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] : "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"  
[HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0] : "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"  
[HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS4ServiceManager] : "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin  
[HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS6ServiceManager] : "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin  
[HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe_ID0EYTHM] : C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE  
[HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Autodesk Sync] : C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe  
[HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync] : "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices  
[HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite] : "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun  
[HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DivXUpdate] : "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW  
[HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ISUSPM Startup] : C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup  
[HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Lexmark 6500 Series] : "C:\Program Files (x86) (x86)\Lexmark 6500 Series\fm3032.exe" /s  
[HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\lxdfamon] : "C:\Program Files (x86) (x86)\Lexmark 6500 Series\lxdfamon.exe"  
[HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\lxdfmon.exe] : "C:\Program Files (x86) (x86)\Lexmark 6500 Series\lxdfmon.exe"  
[HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvBackend] : "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"  
[HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PCFIXTRAYRGKYT] : c:\pcfiXtraynllhp.lnk  [13/05/2016 10:08:37]
[HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] : "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime  
[HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ShadowPlay] : C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart  
[HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SwitchBoard] : C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe  

---------- | Other keys


[HKLM\System\CurrentControlSet\Control\SecurityProviders]
"SecurityProviders"=credssp.dll   

[HKLM\System\CurrentControlSet\Control\Terminal Server]
"RCDependentServices"=CertPropSvc
SessionEnv   
"NotificationTimeOut"=0   
"SnapshotMonitors"=1   
"ProductVersion"=5.1   
"AllowRemoteRPC"=0   
"DelayConMgrTimeout"=0   
"fDenyTSConnections"=1   
"StartRCM"=0   
"TSAdvertise"=0   
"DeleteTempDirsOnExit"=1   
"fSingleSessionPerUser"=1   
"PerSessionTempDir"=0   
"TSUserEnabled"=0   
"InstanceID"=d3031456-c580-4a20-832e-8c472fd   
"RailShowallNotifyIcons"=1   
"RDPVGCInstalled"=1   
"fCredentialLessLogonSupported"=1   
"fCredentialLessLogonSupportedTSS"=1   
"fCredentialLessLogonSupportedKMRDP"=1   

[HKLM\System\CurrentControlSet\Control\Session Manager]
"CriticalSectionTimeout"=2592000   
"GlobalFlag"=0   
"HeapDeCommitFreeBlockThreshold"=0   
"HeapDeCommitTotalFreeThreshold"=0   
"HeapSegmentCommit"=0   
"HeapSegmentReserve"=0   
"ProcessorControl"=2   
"ResourceTimeoutCount"=648000   
"BootExecute"=autocheck autochk *

sdnclean64.exe   
"ExcludeFromKnownDlls"=   
"ObjectDirectories"=\Windows
\RPC Control   
"ProtectionMode"=1   
"NumberOfInitialSessions"=2   
"SetupExecute"=   
"AutoChkTimeOut"=5   

[HKLM\System\CurrentControlSet\Control]
"PreshutdownOrder"=wuauserv
gpsvc
trustedinstaller   
"WaitToKillServiceTimeout"=200   
"CurrentUser"=USERNAME   
"BootDriverFlags"=0   
"ServiceControlManagerExtension"=%systemroot%\system32\scext.dll   
"SystemStartOptions"= NOEXECUTE=OPTIN   
"SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(2)   
"FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1)   

[HKLM\System\CurrentControlSet\Control\lsa]
"auditbaseobjects"=0   
"auditbasedirectories"=0   
"crashonauditfail"=0   
"fullprivilegeauditing"=0x00   
"Bounds"=0x0030000000200000   
"LimitBlankPasswordUse"=1   
"NoLmHash"=1   
"Notification Packages"=scecli   
"Security Packages"=kerberos
msv1_0
schannel
wdigest
tspkg
pku2u   
"Authentication Packages"=msv1_0   
"LsaPid"=720   
"SecureBoot"=1   
"ProductType"=1   
"disabledomaincreds"=0   
"everyoneincludesanonymous"=0   
"forceguest"=0   
"restrictanonymous"=0   
"restrictanonymoussam"=1   


---------- | .LNK with Arguments

C:\pcfiXtraynllhp.lnk        (/qqrepair /regrun) iles%\Tencent\QQPCMGR\Plugins\QQPCTRAY.exe
c:\users\sylvain\appdata\roaming\microsoft\internet explorer\quick launch\user pinned\startmenu\games.lnk - Encrypted: False - Target: C:\Windows\System32\cmd.exe - Args: (/c "start hxxp://socialgames.splashtop.com/gbsp/mb/?p=w") - Hidden: False - Status: OK

---------- | AppCertDlls


---------- | Dnsapi.dll

C:\Windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts
C:\Windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts

---------- | Policies | Registry

[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Control Panel\Desktop]
"ScreenSaveActive"=0   
"ActiveWndTrackTimeout"=0   
"BlockSendInputResets"=0   
"CaretWidth"=1   
"ClickLockTime"=1200   
"CoolSwitchColumns"=7   
"CoolSwitchRows"=3   
"CursorBlinkRate"=530   
"DockMoving"=1   
"DragFromMaximize"=1   
"DragFullWindows"=1   
"DragHeight"=4   
"DragWidth"=4   
"FocusBorderHeight"=1   
"FocusBorderWidth"=1   
"FontSmoothing"=2   
"FontSmoothingGamma"=0   
"FontSmoothingOrientation"=1   
"FontSmoothingType"=2   
"ForegroundFlashCount"=7   
"ForegroundLockTimeout"=1633108   
"LeftOverlapChars"=3   
"MenuShowDelay"=0   
"PaintDesktopVersion"=0   
"RightOverlapChars"=3   
"SnapSizing"=1   
"TileWallpaper"=0   
"WallpaperOriginX"=0   
"WallpaperOriginY"=0   
"WallpaperStyle"=0   
"WheelScrollChars"=3   
"WheelScrollLines"=3   
"WindowArrangementActive"=1   
"UserPreferencesMask"=0x9E3E078012000000   
"Wallpaper"=C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg   [26/02/2011 13:17:18]
"Pattern Upgrade"=TRUE   
"WaitToKillAppTimeout"=200   
"HungAppTimeout"=3000   
"AutoEndTasks"=1   

[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
""=   
"NoDriveTypeAutoRun"=181   
"NoLowDiskSpaceChecks"=1   

[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer]
"ExplorerStartupTraceRecorded"=1   
"ShellState"=0x240000003028000000000000000000000000000001000000120000000000000022000000   
"CleanShutdown"=0   
"Browse For Folder Width"=505   
"Browse For Folder Height"=346   
"Reason Setting"=255   
"link"=0x1E000000   
"EnableAutoTray"=0   
"DesktopProcess"=1   

[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Start_SearchFiles"=2   
"ServerAdminUI"=0   
"Hidden"=1   
"ShowCompColor"=1   
"HideFileExt"=0   
"DontPrettyPath"=0   
"ShowInfoTip"=1   
"HideIcons"=0   
"MapNetDrvBtn"=0   
"WebView"=1   
"Filter"=0   
"SuperHidden"=0   
"SeparateProcess"=0   
"AutoCheckSelect"=0   
"IconsOnly"=0   
"ShowTypeOverlay"=1   
"ListviewAlphaSelect"=0   
"ListviewShadow"=1   
"TaskbarAnimations"=0   
"StartMenuInit"=4   
"TaskbarSizeMove"=1   
"DisablePreviewDesktop"=0   
"TaskbarSmallIcons"=0   
"TaskbarGlomLevel"=0   
"Start_PowerButtonAction"=2   
"ShowSuperHidden"=0   
"NavPaneShowAllFolders"=1   
""=0   
"ExtendedUIHoverTime"=0   
"DesktopLivePreviewHoverTime"=0   
"AlwaysShowMenus"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5   
"ConsentPromptBehaviorUser"=3   
"EnableInstallerDetection"=1   
"EnableSecureUIAPaths"=1   
"EnableUIADesktopToggle"=0   
"EnableVirtualization"=1   
"PromptOnSecureDesktop"=1   
"ValidateAdminCodeSignatures"=0   
"dontdisplaylastusername"=0   
"legalnoticecaption"=   
"legalnoticetext"=   
"scforceoption"=0   
"shutdownwithoutlogon"=1   
"undockwithoutlogon"=1   
"FilterAdministratorToken"=0   
"EnableLUA"=1   
"EnableSecureUIAPath"=1   
"SoftwareSASGeneration"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoActiveDesktop"=1   
"NoActiveDesktopChanges"=1   
"ForceActiveDesktopOn"=0   
"NoDriveTypeAutoRun"=221   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop]
"NoAddingComponents"=1   
"NoComponents"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
"{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1   
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1   
"{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1   
"{871C5380-42A0-1069-A2EA-08002B30309D}"=1   
"{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1   
"{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1   
"{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1   
"{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu]
"{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced   
"Text"=@shell32.dll,-30500   
"Type"=radio   
"CheckedValue"=1   
"ValueName"=Hidden   
"DefaultValue"=2   
"HKeyRoot"=2147483649   
"HelpID"=shell.hlp#51105   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer]
"ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed}   
"BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd}   
"GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}   
"LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff}   
"FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7}   
"IconUnderline"=2   
"GlobalAssocChangedCounter"=39   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"TaskbarSizeMove"=0   

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations]
"Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5   
"ConsentPromptBehaviorUser"=3   
"EnableInstallerDetection"=1   
"EnableSecureUIAPaths"=1   
"EnableUIADesktopToggle"=0   
"EnableVirtualization"=1   
"PromptOnSecureDesktop"=1   
"ValidateAdminCodeSignatures"=0   
"dontdisplaylastusername"=0   
"legalnoticecaption"=   
"legalnoticetext"=   
"scforceoption"=0   
"shutdownwithoutlogon"=1   
"undockwithoutlogon"=1   
"FilterAdministratorToken"=0   
"EnableLUA"=1   
"EnableSecureUIAPath"=1   
"SoftwareSASGeneration"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoActiveDesktop"=1   
"NoActiveDesktopChanges"=1   
"ForceActiveDesktopOn"=0   
"NoDriveTypeAutoRun"=221   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop]
"NoAddingComponents"=1   
"NoComponents"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
"{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1   
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1   
"{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1   
"{871C5380-42A0-1069-A2EA-08002B30309D}"=1   
"{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1   
"{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1   
"{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1   
"{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu]
"{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced   
"Text"=@shell32.dll,-30500   
"Type"=radio   
"CheckedValue"=1   
"ValueName"=Hidden   
"DefaultValue"=2   
"HKeyRoot"=2147483649   
"HelpID"=shell.hlp#51105   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer]
"ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed}   
"BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd}   
"GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}   
"LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff}   
"FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7}   
"IconUnderline"=2   
"GlobalAssocChangedCounter"=283   
"Max Cached Icons"=2000   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"TaskbarSizeMove"=0   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations]
"Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s   


---------- | Winlogon 

[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin   
"BuildNumber"=7601   
"FirstLogon"=0   
"ParseAutoexec"=1   

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"ReportBootOk"=1   
"Shell"=explorer.exe   
"PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16}   
"Userinit"=C:\Windows\system32\userinit.exe,   
"VMApplet"=SystemPropertiesPerformance.exe /pagefile   
"AutoRestartShell"=1   
"Background"=0 0 0   
"CachedLogonsCount"=10   
"DebugServerCommand"=no   
"ForceUnlockLogon"=0   
"LegalNoticeCaption"=   
"LegalNoticeText"=   
"PasswordExpiryWarning"=5   
"PowerdownAfterShutdown"=0   
"ShutdownWithoutLogon"=0   
"WinStationsDisabled"=0   
"DisableCAD"=1   
"scremoveoption"=0   
"ShutdownFlags"=43   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon]
"ReportBootOk"=1   
"Shell"=explorer.exe   
"PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16}   
"DefaultDomainName"=   
"DefaultUserName"=   
"Userinit"=userinit.exe,   
"VMApplet"=SystemPropertiesPerformance.exe /pagefile   
"System"=   
"Taskman"=   
"AutoRestartShell"=1   


---------- | Associations

[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Classes\.scr]
""=AutoCADScriptFile   

[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Classes\.url]
""=InternetShortcut   

[HKLM\Software\Classes\.exe]
""=exefile   
"Content Type"=application/x-msdownload   

[HKLM\Software\Classes\exefile\Shell\Open\Command]
""="%1" %*   
"IsolatedCommand"="%1" %*   

[HKLM\Software\Classes\.com]
""=comfile   

[HKLM\Software\Classes\comfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.reg]
""=regfile   

[HKLM\Software\Classes\regfile\Shell\Open\Command]
""=regedit.exe "%1"   

[HKLM\Software\Classes\.scr]
""=scrfile   

[HKLM\Software\Classes\scrfile\Shell\Open\Command]
""="%1" /S   

[HKLM\Software\Classes\.bat]
""=batfile   

[HKLM\Software\Classes\batfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.cmd]
""=cmdfile   

[HKLM\Software\Classes\cmdfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.pif]
""=piffile   

[HKLM\Software\Classes\piffile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.inf]
""=inffile   

[HKLM\Software\Classes\inffile\Shell\Open\Command]
""=%SystemRoot%\system32\NOTEPAD.EXE %1   

[HKLM\Software\Classes\.url]
""=InternetShortcut   

[HKLM\Software\Classes\.lnk]
""=lnkfile   

[HKLM\Software\Classes\.hta]
"PerceivedType"=text   
""=htafile   
"Content Type"=application/hta   

[HKLM\Software\Classes\htafile\Shell\Open\Command]
""=C:\Windows\SysWOW64\mshta.exe "%1" %*   

[HKLM\Software\Classes\InternetShortcut]
"NeverShowExt"=   
"InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"EditFlags"=2   
"FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"IsShortcut"=   
"FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046   
"PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment   

[HKLM\Software\Classes\Application.Manifest]
""=Application Manifest   
"EditFlags"=65536   
"BrowserFlags"=4096   
"FriendlyTypeName"=@dfshim.dll,-200   

[HKLM\Software\Classes\Application.Reference]
"NeverShowExt"=   
""=Application Reference   
"IsShortcut"=   
"EditFlags"=131072   
"FriendlyTypeName"=@dfshim.dll,-201   

[HKLM\Software\Classes\Folder]
"ContentViewModeLayoutPatternForBrowse"=delta   
"ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified   
"ContentViewModeLayoutPatternForSearch"=alpha   
"ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay   
""=Folder   
"EditFlags"=0xD2030000   
"FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size   
"NoRecentDocs"=   
"ThumbnailCutoff"=0   
"TileInfo"=prop:System.Title;System.ItemTypeText   

[HKLM\Software\WOW6432Node\Classes\.exe]
""=exefile   
"Content Type"=application/x-msdownload   

[HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command]
""="%1" %*   
"IsolatedCommand"="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.com]
""=comfile   

[HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.reg]
""=regfile   

[HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command]
""=regedit.exe "%1"   

[HKLM\Software\WOW6432Node\Classes\.scr]
""=scrfile   

[HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command]
""="%1" /S   

[HKLM\Software\WOW6432Node\Classes\.bat]
""=batfile   

[HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.cmd]
""=cmdfile   

[HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.pif]
""=piffile   

[HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.inf]
""=inffile   

[HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command]
""=%SystemRoot%\system32\NOTEPAD.EXE %1   

[HKLM\Software\WOW6432Node\Classes\.url]
""=InternetShortcut   

[HKLM\Software\WOW6432Node\Classes\.lnk]
""=lnkfile   

[HKLM\Software\WOW6432Node\Classes\.hta]
"PerceivedType"=text   
""=htafile   
"Content Type"=application/hta   

[HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command]
""=C:\Windows\SysWOW64\mshta.exe "%1" %*   

[HKLM\Software\WOW6432Node\Classes\InternetShortcut]
"NeverShowExt"=   
"InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"EditFlags"=2   
"FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"IsShortcut"=   
"FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046   
"PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment   

[HKLM\Software\WOW6432Node\Classes\Application.Manifest]
""=Application Manifest   
"EditFlags"=65536   
"BrowserFlags"=4096   
"FriendlyTypeName"=@dfshim.dll,-200   

[HKLM\Software\WOW6432Node\Classes\Application.Reference]
"NeverShowExt"=   
""=Application Reference   
"IsShortcut"=   
"EditFlags"=131072   
"FriendlyTypeName"=@dfshim.dll,-201   

[HKLM\Software\WOW6432Node\Classes\Folder]
"ContentViewModeLayoutPatternForBrowse"=delta   
"ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified   
"ContentViewModeLayoutPatternForSearch"=alpha   
"ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay   
""=Folder   
"EditFlags"=0xD2030000   
"FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size   
"NoRecentDocs"=   
"ThumbnailCutoff"=0   
"TileInfo"=prop:System.Title;System.ItemTypeText   

[HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command]
""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"   
[HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo]
"ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser

[HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command]
""=C:\Program Files\Internet Explorer\iexplore.exe   [15/12/2016 13:25:30]
[HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo]
"ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall

[HKLM\Software\Clients\StartMenuInternet\SafeZoneStable\Shell\open\Command]
""="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe"   
[HKLM\Software\Clients\StartMenuInternet\SafeZoneStable\InstallInfo]
"ReinstallCommand"="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" --makedefaultbrowser

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command]
""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"   
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo]
"ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command]
""=C:\Program Files\Internet Explorer\iexplore.exe   [15/12/2016 13:25:30]
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo]
"ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\SafeZoneStable\Shell\open\Command]
""="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe"   
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\SafeZoneStable\InstallInfo]
"ReinstallCommand"="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" --makedefaultbrowser


---------- | AppcompatFlags

[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]
"SIGN.MEDIA=438031C setup.exe"=1
"C:\Users\Sylvain\Desktop\daemon-tools_daemon_tools_4.40.2.0131_francais_10729.exe"=1
"D:\NETWORK\RTL8111\W7\setup.exe"=1
"C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe"=33
"C:\Program Files (x86)\Realtek\NICDRV_8169\RTINSTALLER64.EXE"=1
"D:\AUDIO\REALTEK\Setup.exe"=1
"SIGN.MEDIA=3613918 Run.exe"=1
"SIGN.MEDIA=167A98F Setup.exe"=1
"C:\Users\Sylvain\Desktop\Win RAR 3.2 + Crack\wrar320.exe"=1
"C:\Program Files (x86)\WinRAR\WinRAR.exe"=1
"C:\Users\Sylvain\Desktop\vray\vray\[PC ENG ~ x32] VRay 1.5 SP3 ~ 3DS Max 2010\vray-adv-150SP3a-max2010-x86.exe"=8
"C:\Users\Sylvain\Desktop\VRay.v.1.5.RC5.x86.for.3ds.max.9\vray_adv_150R5_max90_x86.exe"=8
"C:\Program Files (x86)\Chaos Group\V-Ray\3dsmax R9 for x86\uninstall\wininstaller.exe"=33
"C:\Users\Sylvain\Desktop\3dsmax2010\setup.exe"=1
"C:\Users\Sylvain\Desktop\ADOBE PHOTOSHOP CS4\ADBEPHSPCS4_LS1\Adobe CS4\Setup.exe"=1
"C:\Users\Sylvain\Desktop\ADOBE PHOTOSHOP CS4\ADBEPHSPCS4_LS1\Adobe CS4\payloads\AdobeAIR1.0\AdobeAIRInstaller.exe"=1
"C:\Users\Sylvain\Desktop\ViveZ2\Viveza2.0\Viveza-ver2.000all.exe"=1
"C:\Users\Sylvain\Desktop\Nik.Software.Color.Efex.Pro.v3\CEP_3.0_Complete_Win_EN.exe"=1
"C:\Users\Sylvain\Desktop\winamp532_full.exe"=1
"C:\Users\Sylvain\Desktop\SketchUp Pro 7.1\GoogleSketchUpProWFR.exe"=1
"C:\Users\Sylvain\Downloads\avira_antivir_personal_free.exe"=1
"C:\Users\Sylvain\Downloads\FileZilla_3.4.0_win32-setup.exe"=1
"C:\Users\Sylvain\Downloads\setup-adsltv.exe"=1
"C:\Users\Sylvain\Downloads\DivXWebPlayerInstaller.exe"=1
"C:\Users\Sylvain\Downloads\malwarebytes-anti-malware_malwarebytes_anti-malware_1.50.1_francais_215092.exe"=1
"C:\Users\Sylvain\Downloads\vlc-1.1.9-win32.exe"=1
"C:\Users\Sylvain\Downloads\cg32v410.cmut (1).exe"=1
"C:\Users\Sylvain\Downloads\idman605.exe"=1
"SIGN.MEDIA=D3AB4262 autorun.exe"=1
"C:\Program Files (x86)\Internet Download Manager\Uninstall.exe"=1
"C:\Users\Sylvain\Downloads\vlc.exe"=1
"C:\Users\Sylvain\Downloads\vlc-1.1.11-win32.exe"=1
"SIGN.MEDIA=5E216E30 Autorun.exe"=1
"C:\Program Files (x86)\Cuisine Delinia\unins000.exe"=1
"C:\Users\Sylvain\Desktop\news 3d\ITOO_FOREST_PACK_PRO_V3.6.2_3DSMAX\ITOO_FOREST_PACK_PRO_V3.6.2_FOR_3DSMAX\ForestPackPro362.exe"=1
"C:\Users\Sylvain\Downloads\urban_park_VRay9.exe"=1
"C:\Program Files (x86)\Google\Google SketchUp 7\SketchUp.exe"=8
"C:\Users\Sylvain\AppData\Local\Temp\QuickTimeInstaller.exe"=1
"C:\Users\Sylvain\Downloads\CuteWriter.exe"=1
"C:\Users\Sylvain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LP85GE83\install_flashplayer11x64ax_gtba_aih[1].exe"=1
"C:\Users\Sylvain\Downloads\spybotsd162.exe"=1
"C:\Users\Sylvain\Downloads\SkypeSetup.exe"=1
"C:\Users\Sylvain\AppData\Local\Temp\A1BE3496-BAB0-7891-A53C-42D40E5BEF73\Setup.exe"=1
"C:\Users\Sylvain\AppData\Local\Temp\MyBabylonTB.exe"=1
"C:\Users\Sylvain\Downloads\Setup_V17FR.exe"=1
"C:\Users\Sylvain\Downloads\7-zip_7-zip_9.20_francais_11161.exe"=1
"C:\Users\Sylvain\Downloads\chromeinstall-7u7.exe"=1
"C:\Users\Sylvain\AppData\Local\Temp\IS1668~1\BoxoreInstaller.exe"=1
"C:\Users\Sylvain\Downloads\avira_free_antivirus_fr.exe"=1
"C:\Users\Sylvain\Downloads\idman612.exe"=1
"C:\Users\Sylvain\Downloads\JDownloaderSetup.exe"=1
"C:\Users\Sylvain\Downloads\audacity-win-2.0.2.exe"=1
"C:\Program Files (x86)\Common Files\InstallShield\Driver\10\Intel 32\IDriver.exe"=1
"C:\Users\Sylvain\Downloads\ccsetup327.exe"=1
"C:\Users\Sylvain\Downloads\game.of.thrones.s01e01.french.bdrip.xvid-jmt.avi.exe"=1
"C:\Users\Sylvain\Downloads\reaper4581_x64-install.exe"=1
"C:\Users\Sylvain\Downloads\games\D_S_FR_23-04-13\D_S_FR_23-04-13.exe"=1
"SIGN.MEDIA=62D14D54 setup.exe"=1
"SIGN.MEDIA=52B4C00 setup.exe"=1
"C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe"=32
"SIGN.MEDIA=5D66D7FB setup.exe"=1
"C:\Users\Sylvain\AppData\Local\Temp\MySearchDial.exe"=1
"C:\Users\Sylvain\AppData\Local\Temp\IS2125~1\7435860_stp\MegaBrowseSetup.exe"=1
"C:\Users\Sylvain\Downloads\install_reader11_fr_mssd_aaa_aih.exe"=1
"SIGN.MEDIA=71B567E6 setup.exe"=1
"SIGN.MEDIA=3775DD25 setup.exe"=1
"C:\Users\Sylvain\AppData\Local\Adobe\OOBE\PDApp\DECore\Setup.exe"=1
"C:\Users\Sylvain\Desktop\Master CS6\a recompresser\Adobe CS6\Set-up.exe"=1
"C:\Users\Sylvain\Downloads\Unlocker1.9.2 [1].exe"=1
"C:\Users\Sylvain\Downloads\Unlocker1.9.2.exe"=1
"C:\Users\Sylvain\Downloads\ZHPDiag2.exe"=1
"C:\Program Files (x86)\ZHPDiag\ZHPhep.exe"=1
"C:\Users\Sylvain\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9PQ6BKYQ\avast_free_antivirus_setup_online.exe"=1
"C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe"=1
"C:\Users\Sylvain\Downloads\GoogleEarthSetup.exe"=1
"C:\Users\Sylvain\Downloads\GoogleEarthPluginSetup.exe"=1
"C:\Users\Sylvain\Downloads\camtasia.exe"=1
"C:\Users\Sylvain\Downloads\TrimbleSketchUpPro14.1.1282-FR\SketchUpPro14.1.1282-fr\SketchUpPro14.1.1282-fr.exe"=1
"SIGN.MEDIA=75F0F6 Setup.exe"=1
"H:\sylvain\_03 LOGICIELS\logiciels archis\Nik.Software.Color.Efex.Pro.v3\CEP_3.0_Complete_Win_EN.exe"=1
"C:\Users\Sylvain\Downloads\colfx4\colfx4\Setup\ColorEfexPro4_full_pl_win_all_4.000.exe"=1
"C:\Users\Sylvain\Downloads\setup.exe"=1
"SIGN.MEDIA=6888614B setup.exe"=1
"C:\Users\Sylvain\Downloads\344.48-desktop-win8-win7-winvista-64bit-international-whql.exe"=1
"C:\Users\Sylvain\AppData\Local\Temp\jre-8u25-windows-au.exe"=1
"C:\Users\Sylvain\Downloads\OCCTPT4.4.1.exe"=1
"C:\Users\Sylvain\Downloads\kodi-14.0-Helix_rc3.exe"=1
"H:\sylvain\_03 LOGICIELS\logiciels archis\ADOBE PHOTOSHOP CS4\ADBEPHSPCS4_LS1\Adobe CS4\Setup.exe"=1
"C:\Users\Sylvain\Downloads\nikcollection-latest.exe"=1
"C:\Users\Sylvain\Downloads\Thunderbird Setup 31.3.0.exe"=1
"SIGN.MEDIA=A078FF53 Setup.exe"=1
"C:\Program Files (x86)\Double Eleven\Frozen Synapse Prime\unins000.exe"=1
"C:\Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\Plug-ins\Nik Software\Color Efex Pro 3.0 Complete\Uninstall.exe"=1
"I:\sylvain\_03 LOGICIELS\logiciels archis\Nik.Software.Color.Efex.Pro.v3\CEP_3.0_Complete_Win_EN.exe"=1
"I:\sylvain\_03 LOGICIELS\logiciels archis\ViveZ2\Viveza2.0\Viveza-ver2.000all.exe"=1
"I:\sylvain\_03 LOGICIELS\lightroom 64x\Adobe.Photoshop.Lightroom.v5.3.Multilingual.x64.Incl.Keymaker-CORE\setup\setup64.exe"=1
"E:\Documents persos archives\_02 bibliothèques 2015\SGRVMPP210\SGRVMPP2\VMPP2_setup.exe"=1
"C:\Users\Sylvain\Desktop\Nik Software Complete Collection v1.0.0.7 Final Eng_Rus\NikCollection_1.0.0.7full.exe"=1
"E:\Documents persos archives\_02 bibliothèques 2015\3D ESSENTIAL 2015\SGRVMPP210\SGRVMPP2\VMPP2_setup.exe"=1
"C:\Users\Sylvain\Downloads\Autodesk_3ds_Max_2014\Autodesk_3ds_Max_2014_EFGJKS_Win_64bit_dlm.sfx.exe"=1
"C:\Users\Sylvain\Downloads\710_b042_multilanguage.exe"=1
"C:\Program Files\Autodesk\3ds Max 2014\3dsmax.exe"=512
"SIGN.MEDIA=B2AACD0E setup.exe"=1
"SIGN.MEDIA=B2AACD0E gfwlivesetup.exe"=1
"SIGN.MEDIA=EEBD4D98 setup.exe"=1
"C:\Users\Sylvain\Downloads\332.21-desktop-win8-win7-winvista-64bit-international-whql.exe"=1
"C:\Users\Sylvain\Downloads\320.18-desktop-win8-win7-winvista-64bit-english-whql.exe"=1
"SIGN.MEDIA=5C8BDFEB setup.exe"=1
"C:\Program Files (x86)\Helicopter 2015 Natural Disasters\redists\x264vfw_23_1659bm_23819.exe"=1
"SIGN.MEDIA=149C4B2 SetupRA.exe"=1
"C:\Users\Sylvain\Downloads\DropboxInstaller.exe"=1
"SIGN.MEDIA=59E85B43 setup.exe"=1
"C:\Users\Sylvain\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe"=1
"C:\Users\Sylvain\Downloads\DIALux_evo5.1.exe"=1
"C:\Users\Sylvain\Downloads\PPS5260_emea_19062012\setup.exe"=1
"C:\Users\Sylvain\AppData\Local\Temp\MSETUP4.EXE"=1
"C:\Users\Sylvain\AppData\Local\Temp\7zS1DDC.tmp\setup.exe"=1
"C:\Users\Sylvain\Downloads\fileassassin-setup-1.06.exe"=1
"C:\Users\Sylvain\AppData\Roaming\Tencent\QQMusicMMInstallCache\QQSetup5712.exe"=1
"C:\Program Files (x86)\Tencent\QQ\XDfJ\njqqoi.exe"=1
"C:\Program Files (x86)\Tencent\QQMusic\QQMusic1257.18.23.45\QQMusicUninst.exe"=33
"C:\Program Files (x86)\Tencent\QQMusic\QQMusic1257.18.23.45\Uninstall.exe"=1
"C:\Program Files (x86)\Tencent\QQBrowser\uninst.exe"=1
"C:\Program Files (x86)\Tencent\QQPhoneManager\QQPMUnInst.exe"=1
"C:\Users\Sylvain\Downloads\keyshot_w64_6.1.72.exe"=1
"C:\Users\Sylvain\Downloads\setupeosinfo.exe"=1
"SIGN.MEDIA=B9C9AC9E setup.exe"=1
"C:\Users\Sylvain\Downloads\ProFire_6_1_1\ProFire_6_1_1\Install M-Audio ProFire Series Windows 6.1.1.exe"=1
"C:\Users\Sylvain\Downloads\spybotsd-2.6.46.exe"=1
"C:\Users\Sylvain\Downloads\hwmonitor_1.31.exe"=1
"C:\Users\Sylvain\Downloads\SpeedFan_4_7942.exe"=1

[HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]
"C:\Program Files\AVAST Software\SZBrowser\Launcher.exe"=32


---------- | IFEO


---------- | Mountpoints2

[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{e476367e-41a0-11e0-94d7-98045fc9b27d}] : G:\setup.exe     (AutoRun)

---------- | Windows

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows]
"MouseSpeed"=#USR:Control Panel\Mouse   
"MouseThreshold1"=#USR:Control Panel\Mouse   
"MouseThreshold2"=#USR:Control Panel\Mouse   
"SwapMouseButtons"=#USR:Control Panel\Mouse   
"Beep"=#USR:Control Panel\Sound   
"DoubleClickSpeed"=#USR:Control Panel\Mouse   
"CoolSwitch"=USR:Control Panel\Desktop   
"DoubleClickHeight"=#USR:Control Panel\Mouse   
"DoubleClickWidth"=#USR:Control Panel\Mouse   
"DragFullWindows"=USR:Control Panel\Desktop   
"InitialKeyboardIndicators"=USR:Control Panel\Keyboard   
"LowPowerActive"=#USR:Control Panel\Desktop   
"LowPowerTimeOut"=#USR:Control Panel\Desktop   
"PowerOffActive"=#USR:Control Panel\Desktop   
"PowerOffTimeOut"=#USR:Control Panel\Desktop   
"ScreenSaveActive"=#USR:Control Panel\Desktop   
"ScreenSaveTimeOut"=#USR:Control Panel\Desktop   
"SnapToDefaultButton"=#USR:Control Panel\Mouse   
""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows   
"Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows   
"TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW   
"APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]
""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot   
"ScreenSaverActive"=USR:Control Panel\Desktop   
"ScreenSaverIsSecure"=USR:Control Panel\Desktop   
"SCRNSAVE.EXE"=USR:Control Panel\Desktop   
"Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows]
"MouseSpeed"=#USR:Control Panel\Mouse   
"MouseThreshold1"=#USR:Control Panel\Mouse   
"MouseThreshold2"=#USR:Control Panel\Mouse   
"SwapMouseButtons"=#USR:Control Panel\Mouse   
"Beep"=#USR:Control Panel\Sound   
"DoubleClickSpeed"=#USR:Control Panel\Mouse   
"CoolSwitch"=USR:Control Panel\Desktop   
"DoubleClickHeight"=#USR:Control Panel\Mouse   
"DoubleClickWidth"=#USR:Control Panel\Mouse   
"DragFullWindows"=USR:Control Panel\Desktop   
"InitialKeyboardIndicators"=USR:Control Panel\Keyboard   
"LowPowerActive"=#USR:Control Panel\Desktop   
"LowPowerTimeOut"=#USR:Control Panel\Desktop   
"PowerOffActive"=#USR:Control Panel\Desktop   
"PowerOffTimeOut"=#USR:Control Panel\Desktop   
"ScreenSaveActive"=#USR:Control Panel\Desktop   
"ScreenSaveTimeOut"=#USR:Control Panel\Desktop   
"SnapToDefaultButton"=#USR:Control Panel\Mouse   
"TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW   
"APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]
""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot   
"ScreenSaverActive"=USR:Control Panel\Desktop   
"ScreenSaverIsSecure"=USR:Control Panel\Desktop   
"SCRNSAVE.EXE"=USR:Control Panel\Desktop   
"Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon   

[HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems]
"windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

---------- | Security center

[HKLM\SOFTWARE\Microsoft\Security Center]
"cval"=1

[HKLM\SOFTWARE\Microsoft\Security Center\svc]
"VistaSp1"=128920218544262440
"AntiVirusOverride"=0
"AntiSpywareOverride"=0
"FirewallOverride"=0

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=0
"DisableRoutinelyTakingAction"=1
"ProductStatus"=0
"InstallTime"=0xCAF856D0A5D5CB01

[HKLM\Software\WOW6432Node\Microsoft\Windows Defender]
"DisableAntiSpyware"=0
"DisableRoutinelyTakingAction"=1

[HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=1

[HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=1

[HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=1


---------- | Safeboot

[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

---------- | Winsock (Whitelist)


---------- | Hosts

127.0.0.1                   www.happy-digital.com

---------- | Ping

Envoi d'une requ?te 'ping' sur google.com [172.217.22.142] avec 32 octets de donn?es?:
R?ponse de 172.217.22.142?: octets=32 temps=25 ms TTL=54
R?ponse de 172.217.22.142?: octets=32 temps=36 ms TTL=54
R?ponse de 172.217.22.142?: octets=32 temps=27 ms TTL=54
R?ponse de 172.217.22.142?: octets=32 temps=25 ms TTL=54

Statistiques Ping pour 172.217.22.142:
    Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%),
Dur?e approximative des boucles en millisecondes :
    Minimum = 25ms, Maximum = 36ms, Moyenne = 28ms

---------- | @

[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Microsoft\Internet Explorer\Main]
"Disable Script Debugger"=yes
"Anchor Underline"=yes
"Cache_Update_Frequency"=Once_Per_Session
"Display Inline Images"=yes
"Do404Search"=0x01000000
"Local Page"=C:\Windows\SysWOW64\blank.htm
"Save_Session_History_On_Exit"=no
"Show_FullURL"=no
"Show_StatusBar"=yes
"Show_ToolBar"=yes
"Show_URLinStatusBar"=yes
"Show_URLToolBar"=yes
"Use_DlgBox_Colors"=yes
"Search Page"=www.google.com
"XMLHTTP"=1
"NoUpdateCheck"=1
"UseClearType"=no
"Enable Browser Extensions"=yes
"Play_Background_Sounds"=yes
"Play_Animations"=yes
"Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE12&ocid=UE12DHP
"CompatibilityFlags"=0
"FullScreen"=no
"Window_Placement"=0x2C0000000200000003000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF8A03000017000000800700003B030000
"IE8RunOnceLastShown"=1
"IE8RunOnceLastShown_TIMESTAMP"=0x3195AAAF7812CE01
"IE8TourShown"=1
"IE8TourShownTime"=0x5CFA7B66AFD5CB01
"NotifyDownloadComplete"=no
"Start Page Redirect Cache_TIMESTAMP"=0x086245D1B704CC01
"Start Page Redirect Cache AcceptLangs"=fr
"Check_Associations"=No
"Use FormSuggest"=no
"AlwaysShowMenus"=1
"Use Custom Search URL"=0
"DisableScriptDebuggerIE"=yes
"OperationalData"=5
"IconCache"=nh4u7f8
"IE10RunOncePerInstallCompleted"=1
"IE10RunOnceCompletionTime"=0x5149B726F2F5CE01
"IE10TourShown"=1
"IE10TourShownTime"=0x726DBE26F2F5CE01
"ImageStoreRandomFolder"=iju1zhy
"DoNotTrack"=1
"ApplicationTileImmersiveActivation"=1
"AssociationActivationMode"=0
"Search Bar"=www.google.com
"Use Search Asst"=yes
"Isolation"=PMIL
"Isolation64Bit"=0
"Move System Caret"=no
"PlaySounds"=0
"Expand Alt Text"=no
"UseSWRender"=0
"Enable AutoImageResize"=yes
"EnableAlternativeCodec"=yes
"Show image placeholders"=0
"GotoIntranetSiteForSingleWordEntry"=0
"UseThemes"=1
"Friendly http errors"=yes
"Error Dlg Displayed On Every Error"=no
"NscSingleExpand"=0
"SmoothScroll"=1
"DOMStorage"=1
"MixedContentBlockImages"=0
"DownloadWindowPlacement"=0x2C0000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5002000005010000D0040000E5020000
"DefSpellLang"=fr-FR
"Start Default_Page_URL"=http://www.google.com/
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"CustomizeSearch"=http://www.google.com/
"StatusBarWeb"=1
"Start Page_TIMESTAMP"=0xDB25D83DC3EAD201
"SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"=

[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"=www.google.com
"SearchAssistant"=www.google.com
"Search Bar"=http://www.google.com/
"Start Page"=http://www.google.com/
"Start Default_Page_URL"=http://www.google.com/
"Local Page"=C:\Windows\SysWOW64\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"CustomizeSearch"=http://www.google.com/

[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Microsoft\Internet Explorer\SearchURL]
"Default"=www.google.com

[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Microsoft\Internet Explorer\AboutURLs]
"Tabs"=http://www.google.com/

[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings]
"IE5_UA_Backup_Flag"=5.0
"User Agent"=Mozilla/4.0 (compatible; MSIE; Win32)
"EmailName"=User@
"PrivDiscUiShown"=1
"EnableHttp1_1"=1
"WarnOnIntranet"=1
"MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges 
"AutoConfigProxy"=wininet.dll
"UseSchannelDirectly"=0x01000000
"WarnOnPost"=0x01000000
"UrlEncoding"=0
"SecureProtocols"=2688
"PrivacyAdvanced"=0
"ZonesSecurityUpgrade"=0xB6383C760FF4CE01
"DisableCachingOfSSLPages"=0
"WarnonZoneCrossing"=0
"CertificateRevocation"=1
"EnableNegotiate"=1
"MigrateProxy"=1
"ProxyEnable"=0
"ProxyOverride"=*.local
"GlobalUserOffline"=0
"EnableAutodial"=0
"NoNetAutodial"=0
"ReceiveTimeout"=600000
"DisableIDNPrompt"=0
"EnablePunycode"=1
"ShowPunycode"=0
"ProxyHttp1.1"=1
"EnforceP3PValidity"=0
"WarnOnPostRedirect"=1
"WarnonBadCertRecving"=1
"ServerInfoTimeOut"=0
"DnsCacheTimeout"=0
"DnsCacheEnabled"=0
"MaxConnectionsPerServer"=10
"MaxConnectionsPer1_0Server"=10

[HKLM\Software\Microsoft\Internet Explorer\Main]
"AutoHide"=yes
"Security Risk Page"=about:SecurityRisk
"Extensions Off Page"=about:NoAdd-ons
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141
"Anchor_Visitation_Horizon"=0x01000000
"Cache_Percent_of_Disk"=0x0A000000
"Placeholder_Width"=0x1A000000
"Placeholder_Height"=0x1A000000
"Default_Secondary_Page_URL"=
"Use_Async_DNS"=yes
"Start Page"=http://www.google.com
"Local Page"=C:\Windows\SysWOW64\blank.htm
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Delete_Temp_Files_On_Exit"=yes
"Enable_Disk_Cache"=yes
"ApplicationTileImmersiveActivation"=1
"AssociationActivationMode"=0
"x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"Search Bar"=http://www.google.com/
"Start Default_Page_URL"=http://www.google.com/
"CustomizeSearch"=http://www.google.com/

[HKLM\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"=http://www.google.com/
"Search Bar"=http://www.google.com/
"Start Page"=http://www.google.com/
"Start Default_Page_URL"=http://www.google.com/
"Local Page"=C:\Windows\SysWOW64\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"CustomizeSearch"=http://www.google.com/

[HKLM\Software\Microsoft\Internet Explorer\SearchURL]
"Default"=http://www.google.com/

[HKLM\Software\Microsoft\Internet Explorer\AboutURLs]
"blank"=res://mshtml.dll/blank.htm
"NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm
"InPrivate"=res://ieframe.dll/inprivate_win7.htm
"NavigationFailure"=res://ieframe.dll/navcancl.htm
"NoAdd-ons"=res://ieframe.dll/noaddon.htm
"Home"=270
"PostNotCached"=res://ieframe.dll/repost.htm
"DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm
"NavigationCanceled"=res://ieframe.dll/navcancl.htm
"SecurityRisk"=res://ieframe.dll/securityatrisk.htm
"Tabs"=http://www.google.com/
"Compat"=res://mshtml.dll/compat.htm

[HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

[HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes]
"mosaic"=http://
"www"=http://
"home"=http://
"ftp"=ftp://

[HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings]
"EnablePunycode"=1
"CodeBaseSearchPath"=CODEBASE
"WarnOnIntranet"=1
"MinorVersion"=0
"ActiveXCache"=C:\Windows\Downloaded Program Files

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main]
"AutoHide"=yes
"Security Risk Page"=about:SecurityRisk
"Extensions Off Page"=about:NoAdd-ons
"Default_Search_URL"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141
"Anchor_Visitation_Horizon"=0x01000000
"Cache_Percent_of_Disk"=0x0A000000
"Placeholder_Width"=0x1A000000
"Placeholder_Height"=0x1A000000
"Default_Secondary_Page_URL"=
"Use_Async_DNS"=yes
"Start Page"=
"Local Page"=C:\Windows\SysWOW64\blank.htm
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Delete_Temp_Files_On_Exit"=yes
"Enable_Disk_Cache"=yes
"Check_Associations"=yes
"ApplicationTileImmersiveActivation"=1
"AssociationActivationMode"=0
"x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
"Search Bar"=http://www.google.com/
"Start Default_Page_URL"=http://www.google.com/
"CustomizeSearch"=http://www.google.com/

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Search]
"SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
"Search Bar"=http://www.google.com/
"Start Page"=http://www.google.com/
"Start Default_Page_URL"=http://www.google.com/
"Local Page"=C:\Windows\SysWOW64\blank.htm
"Search Page"=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"CustomizeSearch"=http://www.google.com/

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\SearchURL]
"Default"=www.google.com

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs]
"blank"=res://mshtml.dll/blank.htm
"NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm
"InPrivate"=res://ieframe.dll/inprivate_win7.htm
"NavigationFailure"=res://ieframe.dll/navcancl.htm
"NoAdd-ons"=res://ieframe.dll/noaddon.htm
"Home"=270
"PostNotCached"=res://ieframe.dll/repost.htm
"DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm
"NavigationCanceled"=res://ieframe.dll/navcancl.htm
"SecurityRisk"=res://ieframe.dll/securityatrisk.htm
"Tabs"=http://www.google.com/
"Compat"=res://mshtml.dll/compat.htm

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes]
"mosaic"=http://
"www"=http://
"home"=http://
"ftp"=ftp://

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings]
"EnablePunycode"=1
"CodeBaseSearchPath"=CODEBASE
"WarnOnIntranet"=1
"MinorVersion"=0
"ActiveXCache"=C:\Windows\Downloaded Program Files


---------- | Proxy


[HKLM\System\CurrentControlSet\Services\NLASVC\Parameters\Internet\Manualproxies]

---------- | reparsepoint


---------- | Detection of offsets


---------- | Notify 

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon] : SDWinLogon.dll

---------- | Execution FileExts


[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apk]
"Progid"=TencentAndroidAssistant
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi]
"DivX.AAR.backup"=Windows Media Player
"Progid"=divx_avi_file
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.div]
"Progid"=divx_div_file
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.divx]
"Progid"=divx_divx_file
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kml]
"Application"=googleearth.exe
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kmz]
"Application"=googleearth.exe
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv]
"Progid"=divx_mkv_file
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qt]
"Progid"=divx_qt_file
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tix]
"Progid"=divx_tix_file
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vob]
"Progid"=divx_vob_file







---------- | SIOI | SEH | URLSH

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt1"] - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt2"] - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt3"] - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt4"] - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt5"] - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt6"] - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt7"] - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt8"] - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast] - {472083B0-C522-11CF-8763-00608CC02F24} --  C:\Program Files\AVAST Software\Avast\ashShA64.dll   [12/07/2016 10:59:30]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\AutoCAD Digital Signatures Icon Overlay Handler] - {36A21736-36C2-4C11-8ACB-D4136F2B57BD} --  C:\Windows\system32\AcSignIcon.dll   [08/02/2013 11:08:43]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} --  %SystemRoot%\system32\EhStorShell.dll   
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7} --  C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL   [19/12/2013 00:44:34]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} --  C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL   [19/12/2013 00:44:34]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399} --  C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL   [19/12/2013 00:44:34]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619} --  C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL   [19/12/2013 00:44:34]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} --  C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL   [19/12/2013 00:44:34]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81} --  %SystemRoot%\System32\cscui.dll   
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235} --  %SystemRoot%\system32\ntshrui.dll   
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} --  %SystemRoot%\system32\EhStorShell.dll   
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7} --  C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL   [19/12/2013 00:41:02]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} --  C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL   [19/12/2013 00:41:02]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399} --  C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL   [19/12/2013 00:41:02]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619} --  C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL   [19/12/2013 00:41:02]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} --  C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL   [19/12/2013 00:41:02]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235} --  %SystemRoot%\system32\ntshrui.dll   

[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"=   

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=Groove GFS Stub Execution Hook   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=Groove GFS Stub Execution Hook   


---------- | Toolbar

[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"Locked"=1   
"ShowDiscussionButton"=Yes   

[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"ITBar7Layout"=0x13000000000000000000000020000000100000000000000001000000000700005E01000006000000490100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000039358347C5D025419FA80819E2EAAC930000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000   
"{47833539-D0C5-4125-9FA8-0819E2EAAC93}"=0x39358347C5D025419FA80819E2EAAC93   
"ITBar7Height"=0   
"ITBar7Height64"=0   

[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DownloadRetries"=5   
"Version"=4   
"KnownProvidersUpgradeTime"=0x123CF829F2F5CE01   
"UpgradeTime"=0xB57F7489DB7DD001   
"DoNotAskAgain"=yahoo.com   
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}   
"DefaultPackCorrection"=1   
"DefaultPackNTCorrection"=1   

[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}   

[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}   


---------- | Extensions

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (&Envoyer à OneNote) -       []
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (Notes &liées OneNote) -       []
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (&Envoyer à OneNote) -       []
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (Notes &liées OneNote) -       []

---------- | SearchScopes

[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : 

---------- | Browser Helper Objects

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] -> (Groove GFS Browser Helper) : C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL  [19/12/2013 00:41:02]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) :   
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] -> (avast! Online Security) : C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll  [12/07/2016 10:55:14]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] -> (Office Document Cache Handler) : C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL  [06/03/2013 07:37:48]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) :   
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] -> (Aide pour le lien d'Adobe PDF Reader) : C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll  [23/09/2012 20:43:36]
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}] -> (DivX Plus Web Player HTML5 <video>) : C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll  [08/02/2011 02:17:52]
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}] -> (DivX HiQ) : C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll  [08/02/2011 02:17:52]
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] -> (Groove GFS Browser Helper) : C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL  [19/12/2013 00:41:02]
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] -> (avast! Online Security) : C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll  [12/07/2016 10:55:14]
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] -> (Office Document Cache Handler) : C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL  [06/03/2013 07:37:48]
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C9C7334B-5657-41e1-8F79-F6AACECA05F4}] -> (QQMiniDL Helper Class) : C:\Program Files (x86)\Common Files\Tencent\QQMiniDL\60\Browser\QQIEHelper01.dll  
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F586CB96-7091-42ec-9829-F5D5CE65AFC1}] -> (DIALux Browser Helper Object) : C:\Program Files (x86)\DIAL GmbH\DIALux\Dialux.BHO_x86.dll  [20/08/2015 08:45:25]

---------- | Chrome

C:\Users\Sylvain\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf =  : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx
C:\Users\Sylvain\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo =  : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx
C:\Users\Sylvain\AppData\Local\Google\Chrome\User Data\Default\extensions\coobgpohoikkiipiblmjeljniedjpjpf =  : Google & co - http://www.google.com/webhp?source=search_app - Google & co - [*://www.google.com/search*://www.google.com/webhp*://www.google.com/imgres] - http://clients2.google.com/service/update2/crx
C:\Users\Sylvain\AppData\Local\Google\Chrome\User Data\Default\extensions\daanglpcpkjjlkhcbladppjphglbigam =  :     Avast Browser Security and Web Reputation Plugin. -     Avast Online Security (BETA) - matches:[\u003Call_urls>] - https://clients2.google.com/service/update2/crx
C:\Users\Sylvain\AppData\Local\Google\Chrome\User Data\Default\extensions\eobojkjbpolpnaolkijihjkpmhieijhb =  :     QQ?????? -     QQ?????? - https://clients2.google.com/service/update2/crx
C:\Users\Sylvain\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi =  :     __MSG_extDesc__ -     __MSG_extName__ - https://clients2.google.com/service/update2/crx
C:\Users\Sylvain\AppData\Local\Google\Chrome\User Data\Default\extensions\ldhcdlnondjolfdmlagafpjnhglkfefl =  :     __MSG_liloDesc__ -     Lilo Search - https://clients2.google.com/service/update2/crx
C:\Users\Sylvain\AppData\Local\Google\Chrome\User Data\Default\extensions\mfifcboiomeogenbbmnbeiobeplcmdhm =  :     __MSG_liloDesc__ -     Lilo Tab - permissions:[http://*/*https://*/*\u003Call_urls>tabsactiveTabidlewebRequestwebRequestBlockingwebNavigationcookies] - https://clients2.google.com/service/update2/crx
C:\Users\Sylvain\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda =  : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx
C:\Users\Sylvain\AppData\Local\Google\Chrome\User Data\Default\extensions\oejnkhmeilmiplpmenkegjaibnjbappo =  :     __MSG_liloDesc__ -     Lilo.org - permissions:[managementhttp://*/*https://*/*\u003Call_urls>tabsactiveTabidlewebRequestwebRequestBlockingwebNavigationcookieshistory] - https://clients2.google.com/service/update2/crx
C:\Users\Sylvain\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia =  : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx
C:\Users\Sylvain\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm =  :     Provider for discovery and services for mirroring of Chrome Media Router -     Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx

[HKLM\Software\WOW6432Node\Google\Chrome\Extensions\daanglpcpkjjlkhcbladppjphglbigam]
[HKLM\Software\WOW6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk]
[HKLM\Software\WOW6432Node\Google\Chrome\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae]
[HKLM\Software\WOW6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
[HKLM\Software\WOW6432Node\Google\Chrome\Extensions\nneajnkjbffgblleaoojgaacokifdkhm]

---------- | Opera


---------- | Firefox


[HKLM\Software\mozilla\Firefox\Extensions]
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
[HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions]
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
"{6904342A-8307-11DF-A508-4AE2DFD72085}"=C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\MozillaPlugins\ubisoft.com/uplaypc] - () : C:\Program Files (x86)\Ubisoft\Trials Evolution Gold Edition\datapack\orbit\npuplaypc.dll
[HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2] - (Java™ Deployment Toolkit) : C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll
[HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
[HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE] - () : disabled
[HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] - (Office Authorization plug-in for NPAPI browsers) : C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
[HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect] - () : C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0] - (DivX Plus Web Player) : C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0] - (DivX VOD Helper Plug-in) : C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.7.2] - (Java™ Deployment Toolkit) : C:\Windows\SysWOW64\npDeployJava1.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/GENUINE] - () : disabled
[HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] - (Office Authorization plug-in for NPAPI browsers) : C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVision] - (NVIDIA stereo images plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] - (NVIDIA 3D Vision Streaming plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@tencent.com/npQQMailWebKit,version=1.0.0.1] - (Tencent QQMail Plugin for Webkit) : C:\Program Files (x86)\QQMailPlugin\npQQMailWebKit.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@tencent.com/nptxftnWebKit,version=1.0.0.1] - (Tencent FTN plug-in) : C:\Program Files (x86)\QQMailPlugin\nptxftnWebKit.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\Adobe Reader] - (Handles PDFs in-place in Firefox) : C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll



---------- | DNS

[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters]
"DhcpNameServer"=192.168.1.254
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{54A24601-E2AD-41EB-9459-68049121E238}]
"DhcpNameServer"=192.168.1.254
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{5A3BB530-7217-4431-BE23-D3F34152D4C9}]
"DhcpNameServer"=192.168.1.254
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{D67E75BF-EE15-4052-A769-B8E8684EDE3E}]
"DhcpNameServer"=172.20.10.1
[HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{54A24601-E2AD-41EB-9459-68049121E238}]
"DhcpNameServer"=192.168.1.254
[HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{5A3BB530-7217-4431-BE23-D3F34152D4C9}]
"DhcpNameServer"=192.168.1.254
[HKLM\SYSTEM\ControlSet002\services\Tcpip\Parameters\Interfaces\{D67E75BF-EE15-4052-A769-B8E8684EDE3E}]
"DhcpNameServer"=172.20.10.1
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{54A24601-E2AD-41EB-9459-68049121E238}]
"DhcpNameServer"=192.168.1.254
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{5A3BB530-7217-4431-BE23-D3F34152D4C9}]
"DhcpNameServer"=192.168.1.254
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{D67E75BF-EE15-4052-A769-B8E8684EDE3E}]
"DhcpNameServer"=172.20.10.1

---------- | Applications

[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\SOFTWARE\Classes\Applications\7zFM.exe] : "C:\Program Files (x86)\7-Zip\7zFM.exe" "%1"
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\SOFTWARE\Classes\Applications\7zG.exe] : "C:\Program Files (x86)\7-Zip\7zG.exe" "%1"
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\SOFTWARE\Classes\Applications\DTLite.exe] : "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" "%1"
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\SOFTWARE\Classes\Applications\Flash.exe] : "C:\Program Files (x86)\Adobe\Adobe Flash CS6\Flash.exe" "%1"
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\SOFTWARE\Classes\Applications\InDesign.exe] : "C:\Program Files (x86)\Adobe\Adobe InDesign CS6\InDesign.exe" "%1"
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\SOFTWARE\Classes\Applications\Photoshop.exe] : "C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\Photoshop.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\dreamweaver.exe] : "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\dreamweaver.exe", "%1"
[HKLM\SOFTWARE\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1
[HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1
[HKLM\SOFTWARE\Classes\Applications\ois.exe] : C:\PROGRA~1\MICROS~2\Office14\OIS.EXE /shellOpen "%1"
[HKLM\SOFTWARE\Classes\Applications\Photoshop.exe] : "C:\Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\Photoshop.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1
[HKLM\SOFTWARE\Classes\Applications\SZBrowser.exe] : "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1"
[HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L"
[HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\dreamweaver.exe] : "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\dreamweaver.exe", "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ois.exe] : C:\PROGRA~1\MICROS~2\Office14\OIS.EXE /shellOpen "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Photoshop.exe] : "C:\Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\Photoshop.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\SZBrowser.exe] : "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1"

---------- | SvcHost (Whitelist)

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost]
"regsvc"=RemoteRegistry
"DcomLaunch"=Power
PlugPlay
DcomLaunch
"secsvcs"=WinDefend
"bthsvcs"=bthserv
"PeerDist"=PeerDistSvc

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost]
"DcomLaunch"=Power
PlugPlay
DcomLaunch
"QQLiveService"=QQLiveService


---------- | SvcHost - Netsvcs (Whitelist)

Term -  : 

---------- | Software

[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\7-Zip]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\AceTomato]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Acro Software Inc]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Adobe]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Adobe Lightroom]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Affinix]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\AppDataLow]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Apple Computer, Inc.]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Apple Inc.]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Arkane]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Audacity]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Autodesk]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\AVAST Software]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Bugsplat]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Canon]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Chromium]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Clients]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\DebugKHelp]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\DIAL GmbH]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\DivX]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\DivXNetworks]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\DownloadCenter]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Dropbox]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\DSS]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\DT Soft]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\ej-technologies]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\EMU]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Etiam]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Extended Systems]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\fnord]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Fraps3]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\g3n-h@ckm@n]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Google]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\GPL Ghostscript]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Hewlett-Packard]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\IM Providers]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\InstallShield]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\IO Interactive]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Itoo Software]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\iZotope]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\JavaSoft]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\kdesk]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\kingsoft]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\KWallpaper]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Lexmark 6500 Series]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Licenses]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Local AppWizard-Generated Applications]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Logitech]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Luxion]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\M-Audio]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Macromedia]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\MainConcept]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Malwarebytes' Anti-Malware]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\McNeel]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Microsoft]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Mootools]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Motion Analysis]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Mozilla]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\MozillaPlugins]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Netscape]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Nik Software]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Nik_Soft]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Nucleous]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\NVIDIA Corporation]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\ODBC]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\PACE Anti-Piracy]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\PANTONE]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\PDF Architect 4]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\pdfforge]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\perforce]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Philips]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Philips Lighting]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Piriform]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Policies]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\QtProject]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Realtek]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Redemption]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Related Designs]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Research In Motion]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Safer Networking Limited]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\SketchUp]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Skype]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\SpeedFan]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Squad]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Synthetic Aperture]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Sysinternals]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\TechSmith]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Tencent]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\The Document Foundation]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\THETA AnIn]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Thunderbird]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Trolltech]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Ubisoft]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Unity]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Valve]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\VirtualDJ]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\WebApp]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\WinRAR]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\WinRAR SFX]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Wow6432Node]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\ZebHelpProcess Helper]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\{2821797B-00BB-781C-549D-A8C160E797DC}]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\{E155C648-57C8-0C3F-6AFC-71ACF2580F04}]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\SOFTWARE\AppDataLow\Software\DivX]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\SOFTWARE\AppDataLow\Software\JavaSoft]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\SOFTWARE\AppDataLow\Software\Microsoft]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\SOFTWARE\AppDataLow\Software\Unity]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Microsoft\Windows\CurrentVersion]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Microsoft\Windows\DWM]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Microsoft\Windows\Shell]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Microsoft\Windows\TabletPC]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Microsoft\Windows\Windows Error Reporting]
[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\Software\Microsoft\Windows NT\CurrentVersion]
[HKLM\Software\<MyProduct>]
[HKLM\Software\Acro Software Inc]
[HKLM\Software\Adobe]
[HKLM\Software\AdsFix]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\ASIO]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Autodesk]
[HKLM\Software\Canon]
[HKLM\Software\Clients]
[HKLM\Software\CPUID]
[HKLM\Software\Creative Tech]
[HKLM\Software\DirectConnect]
[HKLM\Software\DivX]
[HKLM\Software\FLEXlm License Manager]
[HKLM\Software\g3n-h@ckm@n]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\Intel]
[HKLM\Software\Itoo Software]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Kaydara]
[HKLM\Software\Khronos]
[HKLM\Software\LexmarkInkjet]
[HKLM\Software\Logitech]
[HKLM\Software\Macromedia]
[HKLM\Software\Macrovision]
[HKLM\Software\Microsoft]
[HKLM\Software\Minnetonka Audio Software]
[HKLM\Software\Mozilla]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\PACE Anti-Piracy]
[HKLM\Software\PDF Architect 4]
[HKLM\Software\PDF Tools AG]
[HKLM\Software\pdfforge]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Propellerhead Software]
[HKLM\Software\Realtek]
[HKLM\Software\REAPER]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RTLSetup]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Sonic]
[HKLM\Software\SRS Labs]
[HKLM\Software\Sysinternals]
[HKLM\Software\Volatile]
[HKLM\Software\Waves Audio]
[HKLM\Software\Wow6432Node]
[HKLM\Software\ZSMC]
[HKLM\Software\{D216A0C4-5560-20AE-AE34-2FF22C76FD71}]
[HKLM\Software\Microsoft\Windows\CurrentVersion]
[HKLM\Software\Microsoft\Windows\Help]
[HKLM\Software\Microsoft\Windows\HTML Help]
[HKLM\Software\Microsoft\Windows\ITStorage]
[HKLM\Software\Microsoft\Windows\ScheduledDiagnostics]
[HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider]
[HKLM\Software\Microsoft\Windows\Tablet PC]
[HKLM\Software\Microsoft\Windows\TabletPC]
[HKLM\Software\Microsoft\Windows\Windows Error Reporting]
[HKLM\Software\Microsoft\Windows\Windows Search]
[HKLM\Software\Microsoft\Windows NT\CurrentVersion]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AxInstSVGroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport]
[HKLM\Software\WOW6432Node\7-Zip]
[HKLM\Software\WOW6432Node\Acro Software Inc]
[HKLM\Software\WOW6432Node\Adobe]
[HKLM\Software\WOW6432Node\AGEIA Technologies]
[HKLM\Software\WOW6432Node\Apple Computer, Inc.]
[HKLM\Software\WOW6432Node\ASIO]
[HKLM\Software\WOW6432Node\Autodesk]
[HKLM\Software\WOW6432Node\AVAST Software]
[HKLM\Software\WOW6432Node\BioWare]
[HKLM\Software\WOW6432Node\BrowserCapabilities]
[HKLM\Software\WOW6432Node\Canon]
[HKLM\Software\WOW6432Node\Caphyon]
[HKLM\Software\WOW6432Node\Chromium]
[HKLM\Software\WOW6432Node\DIAL GmbH]
[HKLM\Software\WOW6432Node\DivX]
[HKLM\Software\WOW6432Node\DivXNetworks]
[HKLM\Software\WOW6432Node\DT Soft]
[HKLM\Software\WOW6432Node\ej-technologies]
[HKLM\Software\WOW6432Node\f9e9]
[HKLM\Software\WOW6432Node\Fraps]
[HKLM\Software\WOW6432Node\Google]
[HKLM\Software\WOW6432Node\GPL Ghostscript]
[HKLM\Software\WOW6432Node\InstallShield]
[HKLM\Software\WOW6432Node\Intel]
[HKLM\Software\WOW6432Node\Internet Download Manager]
[HKLM\Software\WOW6432Node\Itoo Software]
[HKLM\Software\WOW6432Node\JavaSoft]
[HKLM\Software\WOW6432Node\JreMetrics]
[HKLM\Software\WOW6432Node\Khronos]
[HKLM\Software\WOW6432Node\kingsoft]
[HKLM\Software\WOW6432Node\Lexmark]
[HKLM\Software\WOW6432Node\LexmarkInkjet]
[HKLM\Software\WOW6432Node\LibreOffice]
[HKLM\Software\WOW6432Node\Macromedia]
[HKLM\Software\WOW6432Node\Macrovision]
[HKLM\Software\WOW6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\WOW6432Node\Microsoft]
[HKLM\Software\WOW6432Node\Mozilla]
[HKLM\Software\WOW6432Node\MozillaPlugins]
[HKLM\Software\WOW6432Node\Nalpeiron]
[HKLM\Software\WOW6432Node\NVIDIA Corporation]
[HKLM\Software\WOW6432Node\ODBC]
[HKLM\Software\WOW6432Node\PDF Architect 4]
[HKLM\Software\WOW6432Node\Realtek]
[HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\WOW6432Node\Rebellion]
[HKLM\Software\WOW6432Node\Research In Motion]
[HKLM\Software\WOW6432Node\RtWLan]
[HKLM\Software\WOW6432Node\Safer Networking Limited]
[HKLM\Software\WOW6432Node\SketchUp]
[HKLM\Software\WOW6432Node\Skype]
[HKLM\Software\WOW6432Node\Software]
[HKLM\Software\WOW6432Node\Sonic]
[HKLM\Software\WOW6432Node\SpeedFan]
[HKLM\Software\WOW6432Node\Sysinternals]
[HKLM\Software\WOW6432Node\TechSmith]
[HKLM\Software\WOW6432Node\Tencent]
[HKLM\Software\WOW6432Node\The Document Foundation]
[HKLM\Software\WOW6432Node\TRENDnet]
[HKLM\Software\WOW6432Node\Valve]
[HKLM\Software\WOW6432Node\VirtualDJ]
[HKLM\Software\WOW6432Node\Volatile]
[HKLM\Software\WOW6432Node\WIBU-SYSTEMS]
[HKLM\Software\WOW6432Node\Wow6432Node]
[HKLM\Software\WOW6432Node\Clients]
[HKLM\Software\WOW6432Node\Policies]
[HKLM\Software\WOW6432Node\RegisteredApplications]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion]
[HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help]
[HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage]
[HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc]

---------- | Drives


E:


---------- | C:

[14/07/2009 05:18:56] - |SHD| - [129] - C:\$Recycle.Bin
[23/06/2017 22:33:07] - |D| - [341893729] - C:\AdwCleaner
[25/02/2015 17:30:50] - |D| - [7283964276] - C:\Autodesk
[22/06/2017 21:50:46] - |SHD| - [0] - C:\Config.Msi
[MD5.3DFED40454579A06740BC34EAEEB3898] - [26/02/2011 20:24:04] - |A| - (.-.) - [180] - (0.0.0.0) - C:\csb.log
[MD5.545F06221619D75C15CCEEE25C2F29F1] - [13/09/2014 09:46:56] - |A| - (.-.) - [1092] - (0.0.0.0) - C:\DelFix.txt
[MD5.C8992F9CC9733E3987C722F8458D9A2F] - [10/09/2015 11:45:49] - |A| - (.-.) - [5941] - (0.0.0.0) - C:\DIAL Communication Framework Setup Log.txt
[MD5.C23E761DD48B26E5281FFD98F767DFEB] - [10/09/2015 11:45:56] - |A| - (.-.) - [36501] - (0.0.0.0) - C:\DIALux Setup Information.txt
[14/07/2009 07:08:56] - |SHD| - [0] - C:\Documents and Settings
[MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 09:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.1028.txt
[MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 09:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.1031.txt
[MD5.99C22D4A31F4EAD4351B71D6F4E5F6A1] - [07/11/2007 09:00:40] - |A| - (.-.) - [10134] - (0.0.0.0) - C:\eula.1033.txt
[MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 09:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.1036.txt
[MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 09:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.1040.txt
[MD5.9B15A3A055CC6E67EA191A1B7885649A] - [07/11/2007 09:00:40] - |A| - (.-.) - [118] - (0.0.0.0) - C:\eula.1041.txt
[MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 09:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.1042.txt
[MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 09:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.2052.txt
[MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 09:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.3082.txt
[17/10/2014 15:58:34] - |D| - [3089250] - C:\Fraps
[MD5.0A6B586FABD072BD7382B5E24194EAC7] - [07/11/2007 09:00:40] - |A| - (.-.) - [1110] - (0.0.0.0) - C:\globdata.ini
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [26/02/2011 13:07:19] - |ASH| - (.-.) - [3113869312] - (0.0.0.0) - C:\hiberfil.sys
[MD5.E015A2D8890E2A96A93CA818F834C45B] - [07/11/2007 09:44:20] - |A| - (.© Microsoft Corporation. - External Installer.) - [855040] - (9.0.21022.8) - C:\install.exe
[MD5.0DA9AB4977F3E7BA8C65734DF42FDAB6] - [07/11/2007 09:00:40] - |A| - (.-.) - [843] - (0.0.0.0) - C:\install.ini
[MD5.911565B063D17794EF2F38AC1604F85D] - [26/02/2011 20:24:24] - |A| - (.-.) - [217] - (0.0.0.0) - C:\Install.log
[MD5.8F05FE39BDD336C8FA2A18EC3DFE418C] - [07/11/2007 09:44:20] - |A| - (.(C) Microsoft Corporation. - UI Wrapper Resource DLL.) - [75280] - (9.0.21022.8) - C:\install.res.1028.dll
[MD5.7D9EBB7DCA62BA75361346CAF4EC196B] - [07/11/2007 09:44:20] - |A| - (.© Microsoft Corporation. Alle Rechte vorbehalten. - Ressourcen-DLL für UI-Wrapper.) - [95248] - (9.0.21022.8) - C:\install.res.1031.dll
[MD5.43FB29E3A676D26FCBF0352207991523] - [07/11/2007 09:44:20] - |A| - (.© Microsoft Corporation. - UI Wrapper Resource DLL.) - [90128] - (9.0.21022.8) - C:\install.res.1033.dll
[MD5.37C8A4717B40540816A3B92C470FD58F] - [07/11/2007 09:44:20] - |A| - (.© Microsoft Corporation. Tous droits réservés. - UI Wrapper Resource DLL.) - [96272] - (9.0.21022.8) - C:\install.res.1036.dll
[MD5.03576876C7E9A5B44EB7916492B5B0F6] - [07/11/2007 09:44:20] - |A| - (.© Microsoft Corporation. Tutti i diritti riservati. - DLL di risorse del wrapper dell'interfaccia utente.) - [94224] - (9.0.21022.8) - C:\install.res.1040.dll
[MD5.A3946D3C9ED130AF89D1C1A9E63DEAA6] - [07/11/2007 09:44:20] - |A| - (.(C) Copyright Microsoft Corporation. - UI Wrapper Resource DLL.) - [80400] - (9.0.21022.8) - C:\install.res.1041.dll
[MD5.A5CFFE01D83AFECCD9590B4D696AA44E] - [07/11/2007 09:44:20] - |A| - (.(C) Microsoft Corporation. - UI ?? ??? DLL.) - [78864] - (9.0.21022.8) - C:\install.res.1042.dll
[MD5.213BF3AD8A5F31C021BBE011D6460752] - [07/11/2007 09:44:20] - |A| - (.(C) Microsoft Corporation???????? - ???????? DLL.) - [74768] - (9.0.21022.8) - C:\install.res.2052.dll
[MD5.FACD045628070999B43EB7C13AB2E0FE] - [07/11/2007 09:44:20] - |A| - (.© Microsoft Corporation. Reservados todos los derechos. - Archivo DLL de recursos del contenedor de la interfaz de usuario.) - [95248] - (9.0.21022.8) - C:\install.res.3082.dll
[26/02/2011 20:22:30] - |D| - [532490] - C:\Intel
[11/05/2016 18:34:12] - |SHD| - [0] - C:\KRECYCLE
[03/12/2015 14:10:31] - |D| - [127572985] - C:\lexmark
[MD5.881BFE943F75C13A20E9F2390A4226F2] - [03/12/2015 14:37:56] - |A| - (.-.) - [200] - (0.0.0.0) - C:\lxdf.log
[MD5.22EE8ABBF9A00F57EF945CC745A85CEC] - [03/12/2015 14:21:35] - |A| - (.-.) - [360] - (0.0.0.0) - C:\lxdfcomx.log
[MD5.800B746FDC4D80469AFC7E5E9B510C9C] - [02/12/2006 00:37:14] - |A| - (.© Microsoft Corporation. - Microsoft® Debug Information Accessor.) - [904704] - (8.0.50727.762) - C:\msdia80.dll
[16/07/2011 14:14:33] - |RHD| - [828206174] - C:\MSOCache
[05/09/2014 12:09:38] - |D| - [82] - C:\OETemp
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [26/02/2011 13:07:20] - |ASH| - (.-.) - [4151828480] - (0.0.0.0) - C:\pagefile.sys
[MD5.07AD68549054493CEF23631FD968ECC9] - [13/05/2016 10:08:37] - |A| - (.-.) - [2131] - (0.0.0.0) - C:\pcfiXtraynllhp.lnk
[14/07/2009 05:20:08] - |D| - [16456043] - C:\PerfLogs
[14/07/2009 05:20:08] - |RD| - [8920774546] - C:\Program Files
[14/07/2009 05:20:08] - |RD| - [5264650373] - C:\Program Files (x86)
[03/12/2015 14:20:22] - |D| - [94654308] - C:\Program Files (x86) (x86)
[14/07/2009 05:20:08] - |HD| - [3395346284] - C:\ProgramData
[24/06/2017 16:27:34] - |D| - [262057] - C:\QuickDiag
[MD5.0901B4D2CBB3664AAF0FD6206907873B] - [24/06/2017 16:27:42] - |A| - (.-.) - [149600] - (0.0.0.0) - C:\QuickDiag.txt
[26/02/2011 13:17:05] - |SHD| - [173147937] - C:\Recovery
[MD5.223BB46FDB328A9D2C235CC2B9E0D9AA] - [26/02/2011 20:24:08] - |A| - (.-.) - [2188] - (0.0.0.0) - C:\RHDSetup.log
[MD5.BFE9C3FC046D010B737464681ED1DD33] - [15/03/2011 14:56:16] - |A| - (.-.) - [208] - (0.0.0.0) - C:\startvrlservice_log.txt
[26/02/2011 13:07:19] - |SHD| - [0] - C:\System Volume Information
[14/07/2009 05:20:08] - |RD| - [19843765360] - C:\Users
[MD5.06FBA95313F26E300917C6CEA4480890] - [07/11/2007 09:00:40] - |A| - (.-.) - [5686] - (0.0.0.0) - C:\vcredist.bmp
[MD5.E2758D09B59904CE852E05C8F2827FAF] - [07/11/2007 09:50:40] - |A| - (.-.) - [1927956] - (0.0.0.0) - C:\VC_RED.cab
[MD5.D53737CEA320B066C099894ED1780705] - [07/11/2007 09:53:12] - |A| - (.-.) - [242176] - (0.0.0.0) - C:\VC_RED.MSI
[13/03/2011 21:56:49] - |D| - [971264] - C:\vrayplugins
[MD5.1A3A8A654E2F25B3493BB8124E7BBA69] - [15/03/2011 14:56:16] - |A| - (.-.) - [109] - (0.0.0.0) - C:\VRSpawner.log
[14/07/2009 05:20:08] - |AD| - [51270110954] - C:\Windows

---------- | C:\Windows

[14/07/2009 07:32:38] - |D| - [802] - C:\Windows\addins
[14/07/2009 05:20:08] - |D| - [48532291] - C:\Windows\AppCompat
[14/07/2009 05:20:08] - |D| - [11036468] - C:\Windows\AppPatch
[14/07/2009 05:20:08] - |RSD| - [1717673973] - C:\Windows\assembly
[16/07/2011 14:24:11] - |D| - [27366] - C:\Windows\AutoKMS
[MD5.7EFB1577EFBD72521E670188AA546C7D] - [12/07/2016 10:57:16] - |A| - (.Copyright (c) 2014 AVAST Software - avast! Screen Saver stub.) - [53208] - (12.1.3076.0) - C:\Windows\avastSS.scr
[MD5.317CD1CE327B6520BF4EE007BCD39E61] - [17/01/2011 22:15:57] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [71168] - (6.1.7601.17514) - C:\Windows\bfsvc.exe
[14/07/2009 17:35:06] - |SHD| - [553227] - C:\Windows\BitLockerDiscoveryVolumeContents
[14/07/2009 05:20:09] - |D| - [29163158] - C:\Windows\Boot
[MD5.CBB6E8B0D0109B73A076C1328B6784A0] - [14/07/2009 07:38:36] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\Windows\bootstat.dat
[14/07/2009 05:20:09] - |D| - [3233280] - C:\Windows\Branding
[27/08/2011 20:44:15] - |D| - [96945533] - C:\Windows\CheckSur
[14/07/2009 17:35:06] - |D| - [0] - C:\Windows\CSC
[14/07/2009 05:20:09] - |D| - [2113488] - C:\Windows\Cursors
[14/07/2009 06:45:54] - |D| - [115382] - C:\Windows\debug
[14/07/2009 07:32:38] - |D| - [3046207] - C:\Windows\diagnostics
[14/07/2009 07:37:46] - |D| - [0] - C:\Windows\DigitalLocker
[14/07/2009 07:32:38] - |D| - [1504081] - C:\Windows\Downloaded Program Files
[14/07/2009 17:35:06] - |D| - [118084593] - C:\Windows\ehome
[14/07/2009 07:37:46] - |D| - [0] - C:\Windows\en-US
[20/07/2016 16:27:33] - |D| - [6388816] - C:\Windows\EOONotify
[13/09/2014 09:46:58] - |D| - [132000816] - C:\Windows\ERUNT
[MD5.9DA3B83F80E205B6C601EEE1312FD0A0] - [15/06/2016 16:59:54] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3231232] - (6.1.7601.23418) - C:\Windows\explorer.exe
[14/07/2009 05:20:09] - |RSD| - [677934499] - C:\Windows\Fonts
[14/07/2009 17:24:08] - |D| - [142848] - C:\Windows\fr-FR
[MD5.92BB2E9AA28542C685C59EFCBAC2490B] - [14/07/2009 01:22:13] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de chiffrement de lecteur BitLocker.) - [15360] - (6.1.7600.16385) - C:\Windows\fveupdate.exe
[14/07/2009 05:20:09] - |D| - [21741460] - C:\Windows\Globalization
[MD5.46E77AB5E91094D6C1EE518CA4626972] - [27/08/2009 09:04:14] - |RA| - (.Copyright (C) 2007 - GSetup MFC Application.) - [207400] - (1.0.0.1) - C:\Windows\GSetup.exe
[MD5.BF826C174E027AF6BBA1CFFF09A45F96] - [26/02/2011 20:21:54] - |A| - (.-.) - [10] - (0.0.0.0) - C:\Windows\GSetup.ini
[14/07/2009 05:20:09] - |D| - [110025372] - C:\Windows\Help
[MD5.CD47548A52B02D254BF6D7F7A5F2BFD3] - [14/07/2009 02:29:53] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [733696] - (6.1.7600.16385) - C:\Windows\HelpPane.exe
[MD5.3D0B9EA79BF1F828324447D84AA9DCE2] - [14/07/2009 02:29:03] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [16896] - (6.1.7600.16385) - C:\Windows\hh.exe
[14/07/2009 05:20:09] - |D| - [143547244] - C:\Windows\IME
[14/07/2009 05:20:10] - |D| - [139189412] - C:\Windows\inf
[26/02/2011 13:26:20] - |SHD| - [7774130618] - C:\Windows\Installer
[MD5.485055033BCDDFDE56325C0D2FEEA4F2] - [16/07/2011 14:23:49] - |A| - (.-.) - [151552] - (0.0.0.0) - C:\Windows\KMSEmulator.exe
[14/07/2009 05:20:10] - |D| - [48371] - C:\Windows\L2Schemas
[14/07/2009 05:20:10] - |D| - [81091698] - C:\Windows\LiveKernelReports
[14/07/2009 05:20:10] - |D| - [133041150] - C:\Windows\Logs
[14/07/2009 05:20:10] - |RSD| - [13358214] - C:\Windows\Media
[MD5.23AF90D2355D8C83AA4567EF1763B467] - [14/07/2009 02:10:29] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\Windows\mib.bin
[14/07/2009 05:20:10] - |D| - [1079625436] - C:\Windows\Microsoft.NET
[28/02/2014 01:04:06] - |D| - [5787] - C:\Windows\Migration
[28/02/2011 13:45:00] - |D| - [0] - C:\Windows\Minidump
[14/07/2009 05:20:10] - |D| - [0] - C:\Windows\ModemLogs
[MD5.B9FB94A8DA62711C6955825DEFB25C5A] - [14/07/2009 04:35:42] - |A| - (.-.) - [1405] - (0.0.0.0) - C:\Windows\msdfmap.ini
[29/08/2011 20:28:47] - |HD| - [0] - C:\Windows\msdownld.tmp
[03/04/2011 17:29:42] - |D| - [2004] - C:\Windows\MSSecurityNi
[03/04/2011 17:29:42] - |D| - [2004] - C:\Windows\MSSecurityNS
[MD5.B32189BDFF6E577A92BAA61AD49264E6] - [19/08/2015 09:46:58] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [193536] - (6.1.7601.18917) - C:\Windows\notepad.exe
[14/07/2009 07:32:38] - |D| - [65] - C:\Windows\Offline Web Pages
[26/02/2011 13:06:35] - |D| - [983112] - C:\Windows\Panther
[16/07/2011 14:16:56] - |D| - [0] - C:\Windows\PCHEALTH
[14/07/2009 07:32:38] - |D| - [63611123] - C:\Windows\Performance
[28/07/2016 16:11:01] - |HD| - [0] - C:\Windows\PIF
[14/07/2009 05:20:10] - |D| - [1132015] - C:\Windows\PLA
[14/07/2009 05:20:10] - |D| - [5801246] - C:\Windows\PolicyDefinitions
[10/09/2014 10:10:20] - |D| - [45588424] - C:\Windows\Prefetch
[MD5.2E2C937846A0B8789E5E91739284D17A] - [14/07/2009 01:27:10] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [427008] - (6.1.7600.16385) - C:\Windows\regedit.exe
[14/07/2009 05:20:10] - |D| - [22588] - C:\Windows\registration
[14/07/2009 17:35:06] - |D| - [0] - C:\Windows\RemotePackages
[14/07/2009 05:20:10] - |D| - [7880330] - C:\Windows\rescache
[14/07/2009 05:20:10] - |D| - [1674534] - C:\Windows\Resources
[MD5.2E03C9437355CA8F499037F896380F53] - [26/02/2011 20:24:08] - |R| - (.Realtek Semiconductor Corp. Copyright (C) 2010 - RtlExUpd DLL for setup utility function.) - [1247776] - (1.0.2.0) - C:\Windows\RtlExUpd.dll
[14/07/2009 05:20:10] - |D| - [0] - C:\Windows\SchCache
[14/07/2009 05:20:10] - |D| - [58021] - C:\Windows\schemas
[14/07/2009 05:20:10] - |D| - [1070380] - C:\Windows\security
[14/07/2009 06:45:47] - |D| - [79037561] - C:\Windows\ServiceProfiles
[14/07/2009 05:20:10] - |D| - [206957926] - C:\Windows\servicing
[14/07/2009 06:45:50] - |D| - [42] - C:\Windows\Setup
[MD5.FD7E6F9DCCD7FEEBDD6E8D3F14AD24F8] - [24/06/2017 14:47:25] - |A| - (.-.) - [392] - (0.0.0.0) - C:\Windows\setupact.log
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [24/06/2017 14:47:25] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\setuperr.log
[14/07/2009 17:35:06] - |D| - [98104] - C:\Windows\ShellNew
[26/02/2011 13:10:51] - |D| - [1480824974] - C:\Windows\SoftwareDistribution
[14/07/2009 05:20:10] - |D| - [70579144] - C:\Windows\Speech
[MD5.127AA81343A7C6F665C22CB1293B0A90] - [20/08/2012 17:09:31] - |A| - (.© Microsoft Corporation. - Print driver host for 32bit applications.) - [67072] - (6.1.7601.17777) - C:\Windows\splwow64.exe
[MD5.9060C3C745E7B2D8E1A81DD061021546] - [14/07/2009 07:28:38] - |A| - (.-.) - [48201] - (0.0.0.0) - C:\Windows\Starter.xml
[MD5.7F53B91F1E1765F9C5C50F40B2CBF792] - [10/09/2014 21:55:30] - |A| - (.-.) - [21] - (0.0.0.0) - C:\Windows\SurCode.INI
[14/07/2009 05:20:10] - |D| - [0] - C:\Windows\system
[MD5.286A9EDB379DC3423A528B0864A0F111] - [14/07/2009 04:34:57] - |A| - (.-.) - [219] - (0.0.0.0) - C:\Windows\system.ini
[14/07/2009 05:20:10] - |D| - [6514689532] - C:\Windows\System32
[14/07/2009 05:20:14] - |D| - [1436026299] - C:\Windows\SysWOW64
[14/07/2009 05:20:14] - |D| - [15] - C:\Windows\TAPI
[14/07/2009 05:20:14] - |D| - [32488] - C:\Windows\Tasks
[14/07/2009 05:20:14] - |D| - [120566] - C:\Windows\Temp
[14/07/2009 05:20:14] - |D| - [0] - C:\Windows\tracing
[MD5.0BEA3F79A36B1F67B2CE0F595524C77C] - [10/06/2009 23:41:17] - |A| - (.- Twain Source Manager (Image Acquisition Interface).) - [94784] - (1.7.0.0) - C:\Windows\twain.dll
[14/07/2009 07:32:38] - |D| - [6144] - C:\Windows\twain_32
[MD5.163A95975E1D8819E653AA3E961371CA] - [17/01/2011 22:17:47] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [51200] - (1.7.1.3) - C:\Windows\twain_32.dll
[MD5.F36A271706EDD23C94956AFB56981184] - [14/07/2009 00:47:26] - |A| - (.- Twain_32.dll Client's 16-Bit Thunking Server.) - [49680] - (1.7.0.0) - C:\Windows\twunk_16.exe
[MD5.0BD6E68F3EA0DD62CD86283D86895381] - [14/07/2009 02:14:40] - |A| - (.- Twain.dll Client's 32-Bit Thunking Server.) - [31232] - (1.7.1.0) - C:\Windows\twunk_32.exe
[MD5.BE9ABBA239905C914B050195978E4D02] - [14/07/2009 17:35:44] - |A| - (.-.) - [51867] - (0.0.0.0) - C:\Windows\Ultimate.xml
[14/07/2009 05:20:14] - |D| - [12420] - C:\Windows\Vss
[14/07/2009 05:20:14] - |D| - [40681427] - C:\Windows\Web
[MD5.B34CCD85EEEBAA20583C115CE2A97511] - [14/07/2009 04:34:57] - |A| - (.-.) - [580] - (0.0.0.0) - C:\Windows\win.ini
[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - [14/07/2009 06:54:24] - |RAH| - (.-.) - [749] - (0.0.0.0) - C:\Windows\WindowsShell.Manifest
[MD5.86927F04E9F79CD111BE08A85F0E7B5E] - [26/02/2011 13:10:49] - |N| - (.-.) - [1818057] - (0.0.0.0) - C:\Windows\WindowsUpdate.log
[MD5.1D420D66250BCAAAED05724FB34008CF] - [14/07/2009 02:12:29] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [9728] - (6.1.7600.16385) - C:\Windows\winhlp32.exe
[14/07/2009 05:20:14] - |D| - [28959905252] - C:\Windows\winsxs
[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - [10/06/2009 22:52:44] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\Windows\WMSysPr9.prx
[MD5.F8ED3B4B209E2CB49028E36CF06CA851] - [14/07/2009 01:56:28] - |A| - (.© Microsoft Corporation. - Windows Write.) - [10240] - (6.1.7600.16385) - C:\Windows\write.exe

---------- | C:\Windows\System32\GroupPolicy


---------- | Systemroot\System


---------- | Systemroot\Installer (Microsoft Files Whitelisted)

[31/12/2009 00:03:17] - C:\Windows\Installer\154195.msi : (Google SketchUp Pro 7 Installer - Google, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[08/03/2013 19:20:40] - C:\Windows\Installer\1585ff2.msi : (Backburner - Autodesk)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[12/03/2009 20:56:14] - C:\Windows\Installer\17b49be.msi : ( - Autodesk)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[21/06/2017 21:25:23] - C:\Windows\Installer\1a1603.msi : (Installer for M-Audio ProFire 6.1.1 (x64) - M-Audio)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[26/02/2011 20:22:19] - C:\Windows\Installer\1ad83c.msi : (Browser Configuraion Utility - DeviceVM Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[08/02/2013 13:23:49] - C:\Windows\Installer\1f50321.msi : (AutoCAD 2014 - Autodesk, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[21/02/2013 19:51:13] - C:\Windows\Installer\1f503b4.msi : (AutoCAD 2014 LanguagePack - French - Autodesk, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[21/02/2013 19:51:11] - C:\Windows\Installer\1f503be.msi : (AutoCAD 2014 - Autodesk, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[25/01/2013 05:22:26] - C:\Windows\Installer\1f503ce.msi : (SketchUp ImportSkp for AutoCAD - Autodesk, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[10/04/2013 14:48:32] - C:\Windows\Installer\3fece5.msi : (Install package for Revit Architecture 2014 Language Pack - French - Autodesk, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[12/08/2008 17:12:02] - C:\Windows\Installer\4a4fa18.msi : ( - Adobe Systems, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[12/08/2008 09:39:22] - C:\Windows\Installer\4a4fab4.msi : ( - Adobe Systems, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[01/01/2015 14:22:14] - C:\Windows\Installer\52e92f.msi : (Google Update Helper - Google Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[08/03/2010 19:59:24] - C:\Windows\Installer\5d5557.msi : ( - DivX, Inc)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[29/10/2014 17:32:58] - C:\Windows\Installer\61e6d.msi : (Java SE Runtime Environment 8.0 - Oracle Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[29/10/2014 17:32:58] - C:\Windows\Installer\61e7c.msi : (Java Auto Updater - Oracle Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[13/11/2012 12:34:36] - C:\Windows\Installer\73edf9.msi : (VirtualDJ PRO Full Installer - Atomix Productions)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[12/06/2017 17:44:36] - C:\Windows\Installer\8046a.msi : (Google Update Helper - Google Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[21/06/2017 21:43:05] - C:\Windows\Installer\c0e84.msi : (Adobe ARM Installer - Adobe Systems Incorporated)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[15/04/2012 06:48:04] - C:\Windows\Installer\d27628.msi : (Blank Project Template - Adobe)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[15/04/2012 06:48:04] - C:\Windows\Installer\d2762f.msi : (Blank Project Template - Adobe)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[15/04/2012 06:48:04] - C:\Windows\Installer\d27636.msi : (Blank Project Template - Adobe)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[15/04/2012 06:48:04] - C:\Windows\Installer\d2763d.msi : (Blank Project Template - Adobe)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[15/04/2012 06:48:06] - C:\Windows\Installer\d2768a.msi : (Blank Project Template - InstallShield)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[15/04/2012 06:48:06] - C:\Windows\Installer\d27693.msi : (Blank Project Template - InstallShield)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[24/09/2012 05:48:11] - C:\Windows\Installer\d6611.msi : ( - Adobe Systems Incorporated)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]

---------- | %System%\*.in*

[14/07/2009 06:57:09] - [73] - C:\Windows\System32\desktop.ini
[15/04/2015 12:42:45] - [16303] - C:\Windows\System32\ieuinit.inf
[26/07/2008 15:42:52] - [66482] - C:\Windows\System32\lvcoin64.ini
[14/07/2009 07:13:15] - [1669656] - C:\Windows\System32\PerfStringBackup.INI
[10/06/2009 23:01:25] - [60124] - C:\Windows\System32\tcpmon.ini
[15/04/2015 12:42:47] - [16303] - C:\Windows\Syswow64\ieuinit.inf
[14/07/2009 06:55:01] - [535] - C:\Windows\Syswow64\mapisvc.inf
[28/02/2014 01:05:46] - [1643788] - C:\Windows\Syswow64\PerfStringBackup.INI

---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan

[MD5.00DE4CDA0CC3020D2D9FD44F1C0C5CB8] - |A| - [13/07/2016 12:37:49] - (.-.) - [122.35 Ko] - (0.0.0.0) - C:\Windows\AppPatch\AppPatch64\sysmain.sdb
[MD5.00000000000000000000000000000000] - |D| - [24/06/2017 14:50:29] - [0 Ko] - C:\Windows\Temp\avast_ash2
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [24/06/2017 14:48:48] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\CProgram FilesAVAST SoftwareSZBrowser1.48.2066.114SZBrowser_autoupdate.download.lock
[MD5.00000000000000000000000000000000] - |D| - [09/06/2012 09:22:53] - [0 Ko] - C:\Windows\Temp\Low
[MD5.00000000000000000000000000000000] - |D| - [13/07/2016 09:49:23] - [117.74 Ko] - C:\Windows\Temp\SafeZone Installer
[MD5.00000000000000000000000000000000] - |D| - [05/09/2014 16:51:55] - [0 Ko] - C:\Windows\Temp\_avast_
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 17:24:06] - [0 Ko] - C:\Windows\System32\040C
[MD5.B6A1F5AD3232F42000CC9D37DF482E75] - |AH| - [14/07/2009 06:45:49] - (.-.) - [20.39 Ko] - (0.0.0.0) - C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[MD5.B6A1F5AD3232F42000CC9D37DF482E75] - |AH| - [14/07/2009 06:45:49] - (.-.) - [20.39 Ko] - (0.0.0.0) - C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[MD5.CA360B669F7E100B0A48A7A9C13671AF] - |A| - [08/02/2013 11:08:43] - (.Copyright 2013 by Autodesk, Inc. - AutoCAD component.) - [35.32 Ko] - (19.1.18.0) - C:\Windows\System32\AcSignExt.dll
[MD5.93917C6C075A2EB7F6D61A66C60C0AD4] - |A| - [21/02/2013 19:22:23] - (.Copyright 2013 by Autodesk, Inc. - AutoCAD component.) - [16.3 Ko] - (19.1.18.0) - C:\Windows\System32\AcSignExtRes.dll
[MD5.BB8E9045B93F41BECA6AAFD1F86350DE] - |A| - [08/02/2013 11:08:43] - (.Copyright 2013 by Autodesk, Inc. - AutoCAD component.) - [46.82 Ko] - (19.1.18.0) - C:\Windows\System32\AcSignIcon.dll
[MD5.EC3DD2C84E8DCE568528FC3BFA5362AC] - |A| - [08/02/2013 11:08:44] - (.Copyright 2013 by Autodesk, Inc. - AutoCAD component.) - [426.32 Ko] - (19.1.18.0) - C:\Windows\System32\AcSignOpt.exe
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [4987.5 Ko] - C:\Windows\System32\AdvancedInstallers
[MD5.95EF7247C50C7241FDAE39A9B3AFF4AE] - |A| - [26/02/2011 20:25:35] - (.-.) - [30.54 Ko] - (0.0.0.0) - C:\Windows\System32\AppleChargerSrv.exe
[MD5.00000000000000000000000000000000] - |D| - [26/02/2011 21:07:55] - [0 Ko] - C:\Windows\System32\appmgmt
[MD5.00000000000000000000000000000000] - |D| - [16/04/2015 08:28:24] - [9580.21 Ko] - C:\Windows\System32\appraiser
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [201.5 Ko] - C:\Windows\System32\ar-SA
[MD5.4E118AC95A15BD14B8C1E49C5B4CD79B] - |A| - [12/07/2016 11:00:31] - (.Copyright (c) 2014 AVAST Software - avast! start-up scanner.) - [381.82 Ko] - (12.1.3076.0) - C:\Windows\System32\aswBoot.exe
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [173 Ko] - C:\Windows\System32\bg-BG
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [2590.42 Ko] - C:\Windows\System32\Boot
[MD5.F02F93D5AEC524052E4A37C1BB7CCF31] - |A| - [14/07/2009 03:20:24] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother Multi Function CoInstaller.) - [19 Ko] - (1.0.0.20) - C:\Windows\System32\brcoinst.dll
[MD5.7D00FF6A4315FDF4ACAFBB4EF157EA9F] - |A| - [14/07/2009 02:07:04] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [91.5 Ko] - (1.0.0.1) - C:\Windows\System32\BthpanContextHandler.dll
[MD5.6794D9D442E31DC5E95BDF65F37E4386] - |A| - [14/07/2009 01:56:54] - (.Copyright (C) 2006 - CardGames Resources.) - [6068.5 Ko] - (1.0.0.1) - C:\Windows\System32\CardGames.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [140436.85 Ko] - C:\Windows\System32\catroot
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [33018.95 Ko] - C:\Windows\System32\catroot2
[MD5.289EB64D1A81F4A8F905D0351D61086B] - |A| - [27/08/2015 16:33:30] - (.-.) - [86 Ko] - (0.0.0.0) - C:\Windows\System32\CNC176DD.TBL
[MD5.493574E218AA18161D14EECFD572A0E8] - |A| - [27/08/2015 16:33:30] - (.Copyright CANON INC. 2007-2008 All Rights Reserved - Canon Device Dependent Informations for Scanner Library.) - [17.5 Ko] - (1.4.1.1) - C:\Windows\System32\CNHMCA6.dll
[MD5.839716DD47274E18BC704880B41E51EC] - |A| - [27/08/2015 16:38:28] - (.Copyright CANON INC. 2000-2012 All Rights Reserved - IJ Language Monitor.) - [382 Ko] - (0.3.0.1) - C:\Windows\System32\CNMLMBX.DLL
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [9650.18 Ko] - C:\Windows\System32\CodeIntegrity
[MD5.4B2123C3B6BE4A3436135C80A72EDB78] - |A| - [15/10/2014 20:48:23] - (.-.) - [3.5 Ko] - (0.0.0.0) - C:\Windows\System32\ColorEfexPro4FC32.dll
[MD5.C8C7D194A9F401773BD00C1F03CCEDE0] - |A| - [22/09/2011 18:31:04] - (.-.) - [346.5 Ko] - (0.0.0.0) - C:\Windows\System32\ColorEfexPro4FC64.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [357 Ko] - C:\Windows\System32\com
[MD5.00000000000000000000000000000000] - |SD| - [07/05/2014 01:08:00] - [4774.19 Ko] - C:\Windows\System32\CompatTel
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [633206.21 Ko] - C:\Windows\System32\config
[MD5.12A0531ADED17176D6B0CBFE8F9B4326] - |A| - [04/12/2011 20:33:41] - (.-.) - [83.5 Ko] - (0.0.0.0) - C:\Windows\System32\cpwmon64.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [432 Ko] - C:\Windows\System32\cs-CZ
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [427.5 Ko] - C:\Windows\System32\da-DK
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [457.5 Ko] - C:\Windows\System32\de-DE
[MD5.079B8AEB4A55BF8493BD1EC70285D920] - |ASH| - [14/07/2009 06:57:09] - (.-.) - [0.07 Ko] - (0.0.0.0) - C:\Windows\System32\desktop.ini
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [5332 Ko] - C:\Windows\System32\Dism
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:10] - [65885.78 Ko] - C:\Windows\System32\drivers
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [3250451.78 Ko] - C:\Windows\System32\DriverStore
[MD5.00000000000000000000000000000000] - |DC| - [19/01/2013 12:32:18] - [0 Ko] - C:\Windows\System32\DRVSTORE
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [457 Ko] - C:\Windows\System32\el-GR
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [2875.59 Ko] - C:\Windows\System32\en-US
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [448 Ko] - C:\Windows\System32\es-ES
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [160.5 Ko] - C:\Windows\System32\et-EE
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [430 Ko] - C:\Windows\System32\fi-FI
[MD5.B1E135E06134025153F0BFA46E3FFF8A] - |A| - [14/07/2009 06:45:34] - (.-.) - [5383.42 Ko] - (0.0.0.0) - C:\Windows\System32\FNTCACHE.DAT
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 17:24:06] - [1840 Ko] - C:\Windows\System32\fr
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [42559.95 Ko] - C:\Windows\System32\fr-FR
[MD5.B6E154D478A5BAEC3A12B2EE50D396D4] - |A| - [26/02/2013 08:55:24] - (.Copyright © Beepa P/L 2013 - Fraps.) - [70 Ko] - (3.5.99.15619) - C:\Windows\System32\frapsv64.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\System32\FxsTmp
[MD5.2AE808CB0D9A667B0CF41EA74B3B9BAC] - |A| - [10/06/2009 22:36:24] - (.-.) - [39.6 Ko] - (0.0.0.0) - C:\Windows\System32\gatherNetworkInfo.vbs
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0 Ko] - C:\Windows\System32\GroupPolicy
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0 Ko] - C:\Windows\System32\GroupPolicyUsers
[MD5.00000000000000000000000000000000] - |SD| - [08/04/2015 22:51:30] - [31710.06 Ko] - C:\Windows\System32\GWX
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [191.5 Ko] - C:\Windows\System32\he-IL
[MD5.189CE0C268ACEB8A7EEA3D364B984D65] - |A| - [14/07/2009 03:17:33] - (.-.) - [1668 Ko] - (7.0.0.0) - C:\Windows\System32\hpotiop1.dll
[MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - |A| - [14/07/2009 04:35:50] - (.-.) - [11687.04 Ko] - (0.0.0.0) - C:\Windows\System32\korwbrkr.lex
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [3192.81 Ko] - C:\Windows\System32\LogFiles
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [165 Ko] - C:\Windows\System32\lt-LT
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [166 Ko] - C:\Windows\System32\lv-LV
[MD5.7346D47C6BC367779DA111EB93788918] - |A| - [26/07/2008 16:23:30] - (.(c) 1996-2008 Logitech. - Logitech Co-Installer.) - [252.02 Ko] - (11.80.1048.0) - C:\Windows\System32\lvco11801048.dll
[MD5.B3062F888B7A41E92409A9837E7B0B1D] - |A| - [26/07/2008 16:23:20] - (.(c) 1996-2008 Logitech. - Video Codec.) - [464.52 Ko] - (11.80.1048.0) - C:\Windows\System32\lvcod64.dll
[MD5.2D5DD5F7CB2E798BCBDCD13876AAE1B0] - |A| - [26/07/2008 15:42:52] - (.-.) - [64.92 Ko] - (0.0.0.0) - C:\Windows\System32\lvcoin64.ini
[MD5.06253A836674FA0524BAA92D6EAF3ECE] - |A| - [08/02/2012 20:15:09] - (.-.) - [5.35 Ko] - (0.0.0.0) - C:\Windows\System32\lvcoinst.log
[MD5.FCA3B5BD6586FD2228598AB5441A6D24] - |A| - [26/07/2008 16:26:10] - (.(c) 1996-2008 Logitech. - Logitech Camera Property Pages.) - [669.02 Ko] - (11.80.1048.0) - C:\Windows\System32\LVUI64.dll
[MD5.4935F7E3DA01571DF17D408826B18E05] - |A| - [26/07/2008 16:26:22] - (.(c) 1996-2008 Logitech. - Logitech Camera Property Pages.) - [475.52 Ko] - (11.80.1048.0) - C:\Windows\System32\LVUIRC64.dll
[MD5.828BE430B249C56DA2F9D177D696DDFF] - |A| - [03/06/2013 18:17:36] - (.2013 inMusic Brands, Inc. - M-Audio ProFire control panel applet.) - [233.2 Ko] - (1.0.4.0) - C:\Windows\System32\M-AudioProFireControlPanelApplet.cpl
[MD5.00000000000000000000000000000000] - |D| - [19/12/2011 00:51:13] - [113.49 Ko] - C:\Windows\System32\Macromed
[MD5.8D31A13AED3B8CAD25DB8AF866471E3E] - |A| - [03/06/2013 18:17:32] - (.2013 inMusic Brands, Inc., - M-Audio ProFire ASIO Support Library.) - [31.7 Ko] - (5.10.0.5084) - C:\Windows\System32\mafwdiasio64.dll
[MD5.7A495CA1402C2F9F5D035092AD808669] - |A| - [13/07/2009 22:17:48] - (.-.) - [0.85 Ko] - (0.0.0.0) - C:\Windows\System32\manage-bde.wsf
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [1981.88 Ko] - C:\Windows\System32\manifeststore
[MD5.0ECBE652DF11AFF8629225DE4497956B] - |A| - [26/02/2011 20:24:17] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [318.27 Ko] - (2.2.7.0) - C:\Windows\System32\MaxxAudioAPO20.dll
[MD5.87B5AB256A5A068EDDA0F4B4FAC728CC] - |A| - [26/02/2011 20:24:17] - (.Copyright © 1996-2007 -.) - [2145.77 Ko] - (5.9.7.0) - C:\Windows\System32\MaxxAudioEQ.dll
[MD5.25D74864274539330DCC4234140D11AF] - |A| - [26/02/2011 20:24:16] - (.Copyright (c) 2006-2009 Creative Technology Ltd. - Creative Audio Processing Object Module.) - [593.59 Ko] - (1.0.19.0) - C:\Windows\System32\MBAPO64.dll
[MD5.09D9D2C960A14D3857B6E5B1AB6F4D0E] - |A| - [26/02/2011 20:24:16] - (.Copyright (c) 2006-2008 Creative Technology Ltd. - Creative Chaining Property Page Loader Module.) - [59.09 Ko] - (1.0.0.110) - C:\Windows\System32\MBPPCn64.dll
[MD5.5B56FAF6FC0D3D940DFD0C997178317B] - |A| - [26/02/2011 20:24:17] - (.Copyright (c) 2006-2009 Creative Technology Ltd. - Creative Property Page Loader Module.) - [63.09 Ko] - (1.0.22.0) - C:\Windows\System32\MBppld64.dll
[MD5.04CFE870C30640C9A369E0FE8C654B98] - |A| - [26/02/2011 20:24:17] - (.Copyright (c) 2006-2008 Creative Technology Ltd. - Audio Processing Object Chaining Module.) - [77.09 Ko] - (1.0.0.110) - C:\Windows\System32\MBWrp64.dll
[MD5.00000000000000000000000000000000] - |SD| - [14/07/2009 06:45:42] - [1131.26 Ko] - C:\Windows\System32\Microsoft
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [3464.93 Ko] - C:\Windows\System32\migration
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [37792.2 Ko] - C:\Windows\System32\migwiz
[MD5.39E801545FFF6230C80140E0F8A06629] - |A| - [14/07/2009 06:57:09] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\Windows\System32\migwiz.lnk
[MD5.00000000000000000000000000000000] - |D| - [06/10/2013 23:45:09] - [0 Ko] - C:\Windows\System32\MRT
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [4148.28 Ko] - C:\Windows\System32\Msdtc
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [24.48 Ko] - C:\Windows\System32\MUI
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [422.5 Ko] - C:\Windows\System32\nb-NO
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [1024 Ko] - C:\Windows\System32\NDF
[MD5.CD48AD912839B9FB6CCA5D4AA9B37500] - |A| - [14/07/2009 00:01:19] - (.-.) - [21.3 Ko] - (0.0.0.0) - C:\Windows\System32\NetTrace.PLA.Diagnostics.xml
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [102 Ko] - C:\Windows\System32\NetworkList
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [443.5 Ko] - C:\Windows\System32\nl-NL
[MD5.1C96B3DA6ABE5E18B63C64DF75884F6A] - |A| - [14/07/2009 04:35:51] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\Windows\System32\noise.kor
[MD5.0F188021C49A15BC264553C1E2D71DEC] - |A| - [18/11/2012 22:43:38] - (.-.) - [4234.45 Ko] - (0.0.0.0) - C:\Windows\System32\nvcoproc.bin
[MD5.B45B99B2940DEC2E830B22298D959E13] - |A| - [26/02/2011 13:25:44] - (.-.) - [28.64 Ko] - (0.0.0.0) - C:\Windows\System32\nvinfo.pb
[MD5.2901049544FDF863362FABA2363EB647] - |A| - [13/07/2009 22:24:21] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\Windows\System32\onlinesetup.cmd
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [13095.58 Ko] - C:\Windows\System32\oobe
[MD5.05B9C8A69D786E92CAD741B8A7AE1731] - |A| - [29/12/2015 18:23:43] - (.Copyright (c) by pdfforge - pdfcmon.) - [117.38 Ko] - (0.8.4.0) - C:\Windows\System32\pdfcmon.dll
[MD5.EAFF8BCBBA9FA3F1AC44440DDDD431DB] - |A| - [14/07/2009 04:36:59] - (.-.) - [119.28 Ko] - (0.0.0.0) - C:\Windows\System32\perfc009.dat
[MD5.8D1BBD7F503E6B64FE828B530763305E] - |A| - [14/07/2009 17:24:17] - (.-.) - [146.66 Ko] - (0.0.0.0) - C:\Windows\System32\perfc00C.dat
[MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |A| - [10/06/2009 22:33:35] - (.-.) - [113.56 Ko] - (0.0.0.0) - C:\Windows\System32\PerfCenterCpl.ico
[MD5.7AAA3E23CE4C7845B112F7A79B110E60] - |A| - [14/07/2009 04:36:59] - (.-.) - [30.81 Ko] - (0.0.0.0) - C:\Windows\System32\perfd009.dat
[MD5.07BA000B2E67565BDF112C35171865A5] - |A| - [14/07/2009 17:24:17] - (.-.) - [37.27 Ko] - (0.0.0.0) - C:\Windows\System32\perfd00C.dat
[MD5.EAB665C8D02B0500C5770A3BE195F9C3] - |A| - [14/07/2009 04:36:59] - (.-.) - [638.94 Ko] - (0.0.0.0) - C:\Windows\System32\perfh009.dat
[MD5.14062682E27FC0A411B510103E2A8087] - |A| - [14/07/2009 17:24:17] - (.-.) - [730.14 Ko] - (0.0.0.0) - C:\Windows\System32\perfh00C.dat
[MD5.9DD962EC84E862513E0B362B4E45E50D] - |A| - [14/07/2009 07:13:15] - (.-.) - [1630.52 Ko] - (0.0.0.0) - C:\Windows\System32\PerfStringBackup.INI
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [439 Ko] - C:\Windows\System32\pl-PL
[MD5.27B07E92BD8AA5A234CE75D7AAF8A203] - |A| - [21/02/2013 19:23:12] - (.Copyright 2012 Autodesk, Inc. - Autodesk Hardcopy component.) - [2259.8 Ko] - (11.1.18.0) - C:\Windows\System32\plotman.cpl
[MD5.E0CC2789C9BDED18253C0FD624840056] - |A| - [14/07/2009 02:40:54] - (.Copyright (C) 2001 - Application PrintBrm.) - [70 Ko] - (1.0.0.0) - C:\Windows\System32\PrintBrmUi.exe
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 17:24:06] - [420.42 Ko] - C:\Windows\System32\Printing_Admin_Scripts
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [436 Ko] - C:\Windows\System32\pt-BR
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [438.5 Ko] - C:\Windows\System32\pt-PT
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [23.75 Ko] - C:\Windows\System32\ras
[MD5.53FDA4AF81E7C4895357A50E848B7CFE] - |A| - [17/01/2011 22:16:38] - (.Copyright (C) 2009 - RemoteFX Helper.) - [93.5 Ko] - (1.1.0.0) - C:\Windows\System32\RDVGHelper.exe
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [0.78 Ko] - C:\Windows\System32\Recovery
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0.07 Ko] - C:\Windows\System32\restore
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:11] - [169 Ko] - C:\Windows\System32\ro-RO
[MD5.5245E1443EE4DC110DF9217E1D0AEB0A] - |A| - [26/02/2011 20:24:18] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x64.) - [300.7 Ko] - (6.0.6001.18) - C:\Windows\System32\RP3DAA64.dll
[MD5.95A95297D5689F61F1FBC6A328075356] - |A| - [26/02/2011 20:24:19] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x64.) - [300.7 Ko] - (6.0.6001.18) - C:\Windows\System32\RP3DHT64.dll
[MD5.483849E481652C22BAFC8052414B3099] - |A| - [26/02/2011 20:24:19] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x64.) - [197.2 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEED64A.dll
[MD5.CDB380C1138EDCDC5BE166DE887D581C] - |A| - [26/02/2011 20:24:19] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x64.) - [74.7 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEG64A.dll
[MD5.CB3CF9915ED7888FDBAF3694775DCCC7] - |A| - [26/02/2011 20:24:19] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x64.) - [96.7 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEL64A.dll
[MD5.6B0EBD56951F62D4E86B7CBE8613B05A] - |A| - [26/02/2011 20:24:19] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x64.) - [364.2 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEP64A.dll
[MD5.92C704590FCEDDA971B7A77945DCCDA4] - |A| - [26/02/2011 20:24:57] - (.- About Page.) - [72.53 Ko] - (1.2.0.3) - C:\Windows\System32\RtNicProp64.dll
[MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [17/01/2011 22:16:03] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\Windows\System32\ScavengeSpace.xml
[MD5.AC9E53EA53FA841346FD76E272F65304] - |A| - [23/06/2017 22:31:04] - (.Copyright © 2008-2017 Safer-Networking Limited. -.) - [31.48 Ko] - (2.6.46.1001) - C:\Windows\System32\sdnclean64.exe
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [169.5 Ko] - C:\Windows\System32\sk-SK
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [166 Ko] - C:\Windows\System32\sl-SI
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 17:24:06] - [42.67 Ko] - C:\Windows\System32\slmgr
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [46018.02 Ko] - C:\Windows\System32\SMI
[MD5.C74D61FCA22F36791105D7878AF73572] - |A| - [10/06/2009 23:08:17] - (.-.) - [8.09 Ko] - (0.0.0.0) - C:\Windows\System32\spcinstrumentation.man
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [17378 Ko] - C:\Windows\System32\Speech
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [89864.06 Ko] - C:\Windows\System32\spool
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [1843.23 Ko] - C:\Windows\System32\spp
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [30.19 Ko] - C:\Windows\System32\sppui
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [170 Ko] - C:\Windows\System32\sr-Latn-CS
[MD5.A88BE9A6C4E646A2B2A1BD3A7F4B58E7] - |A| - [26/02/2011 20:24:25] - (.(c) 2007 SRS Labs, Inc. - COM object implementing SRS Headphone 360.) - [194.23 Ko] - (1.1.0.0) - C:\Windows\System32\SRSHP64.dll
[MD5.A028717B791416182959B325D5B40679] - |A| - [26/02/2011 20:24:25] - (.Copyright (c) 2006 SRS Labs, Inc.. - TruSurround HD and HD4 COM object for Windows.) - [206.23 Ko] - (1.1.4.0) - C:\Windows\System32\SRSTSH64.dll
[MD5.018D3D2478754AA411DE6DA6DE5F8F21] - |A| - [26/02/2011 20:24:25] - (.Copyright 2002 SRS Labs, Inc. - TruSurroundXT Module.) - [506.73 Ko] - (3.2.0.0) - C:\Windows\System32\SRSTSX64.dll
[MD5.2FCADCC14F8E540F6ADE4BF92BD8AEDD] - |A| - [26/02/2011 20:24:25] - (.(c) 2006 SRS Labs, Inc. - WOW HD COM object for Windows.) - [152.23 Ko] - (1.1.3.0) - C:\Windows\System32\SRSWOW64.dll
[MD5.C998463E3B8253BD68EC0B305BD674F7] - |A| - [21/02/2013 19:23:18] - (.Copyright 2012 Autodesk, Inc. - Autodesk Hardcopy component.) - [2259.8 Ko] - (11.1.18.0) - C:\Windows\System32\styleman.cpl
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [426.5 Ko] - C:\Windows\System32\sv-SE
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [137.88 Ko] - C:\Windows\System32\sysprep
[MD5.5EC92F0EAE3CA59F647C3CA5AA7CB053] - |A| - [17/01/2011 22:16:21] - (.-.) - [339.75 Ko] - (0.0.0.0) - C:\Windows\System32\systemsf.ebd
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [344.33 Ko] - C:\Windows\System32\Tasks
[MD5.47F22CAD4A16BB40153555D631546B94] - |A| - [10/06/2009 23:01:25] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\Windows\System32\tcpmon.ini
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [157 Ko] - C:\Windows\System32\th-TH
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [424 Ko] - C:\Windows\System32\tr-TR
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:13] - [166.5 Ko] - C:\Windows\System32\uk-UA
[MD5.B0D8E26D3CC725F0CC6D33FDBEA061F7] - |A| - [14/07/2009 06:45:37] - (.-.) - [21 Ko] - (0.0.0.0) - C:\Windows\System32\umstartup.etl
[MD5.E2090ABBDE0128166584C1534810D334] - |A| - [14/07/2009 06:45:37] - (.-.) - [9 Ko] - (0.0.0.0) - C:\Windows\System32\umstartup000.etl
[MD5.D7768F2BE67C02379448E4F4C1D82CBF] - |A| - [19/01/2015 13:20:02] - (.-.) - [3 Ko] - (0.0.0.0) - C:\Windows\System32\Viveza2FC32.dll
[MD5.00000000000000000000000000000000] - |D| - [28/08/2011 09:36:28] - [1754.83 Ko] - C:\Windows\System32\Wat
[MD5.80007E259BCB3C0534AF73E9E1DB81EC] - |A| - [26/02/2011 20:24:25] - (.Copyright © 1996-2007 - General Library for Plug-Ins.) - [2655.77 Ko] - (1.2.3.4) - C:\Windows\System32\WavesGUILib.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [53436.75 Ko] - C:\Windows\System32\wbem
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 17:24:06] - [47.61 Ko] - C:\Windows\System32\WCN
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [36763.12 Ko] - C:\Windows\System32\wdi
[MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [13/07/2009 23:54:15] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\Windows\System32\WdsUnattendTemplate.xml
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [16 Ko] - C:\Windows\System32\wfp
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\System32\WinBioDatabase
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [73.5 Ko] - C:\Windows\System32\WinBioPlugIns
[MD5.1738AF59D7E2D56078A35CD2D2E1D5F4] - |A| - [11/09/2014 08:24:40] - (.Copyright © 2014 - Java(TM) Platform SE binary.) - [108.41 Ko] - (8.0.25.18) - C:\Windows\System32\WindowsAccessBridge-64.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [9207.93 Ko] - C:\Windows\System32\WindowsPowerShell
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [117604 Ko] - C:\Windows\System32\winevt
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 17:24:07] - [106.26 Ko] - C:\Windows\System32\winrm
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [336.5 Ko] - C:\Windows\System32\zh-CN
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [258.5 Ko] - C:\Windows\System32\zh-HK
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [337 Ko] - C:\Windows\System32\zh-TW
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 17:24:07] - [0 Ko] - C:\Windows\SysWOW64\040C
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [2258.5 Ko] - C:\Windows\SysWOW64\AdvancedInstallers
[MD5.B7FEAD7B7486480C34EE30945E03AC1E] - |A| - [18/09/2014 10:03:39] - (.-.) - [3.05 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ALLFSAF14a.ocx
[MD5.726ADA0FD6F4A0E8F59EE87E366CDBE5] - |A| - [05/04/2011 20:14:10] - (.-.) - [3.05 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ALLFSAF7a.ocx
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [201.5 Ko] - C:\Windows\SysWOW64\ar-SA
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [173 Ko] - C:\Windows\SysWOW64\bg-BG
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\catroot
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\catroot2
[MD5.0EFAA0D591CDA4661D0D2141D0A895F1] - |AS| - [29/10/2011 21:06:36] - (.-.) - [480 Ko] - (1.0.0.287) - C:\Windows\SysWOW64\CF2D_V2.ocx
[MD5.F5351810196A224712EED771009462BA] - |A| - [26/05/2011 20:53:00] - (.Copyright © 1997-2004, EID - Librairie Europe commune Crédit Mutuel et CIC.) - [100 Ko] - (1.1.305.0) - C:\Windows\SysWOW64\CmutEuro32.dll
[MD5.289EB64D1A81F4A8F905D0351D61086B] - |A| - [23/09/2015 15:55:27] - (.-.) - [86 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\CNC176DD.TBL
[MD5.D16CF34B17899F90A8FCF2A3F77B4A27] - |A| - [23/09/2015 15:55:27] - (.Copyright CANON INC. 2007-2008 All Rights Reserved - Canon Device Dependent Informations for Scanner Library.) - [15.5 Ko] - (1.4.1.1) - C:\Windows\SysWOW64\CNHMCA.dll
[MD5.2B06FD3665AADB226C28B7F7AA5A3234] - |A| - [22/09/2011 18:31:04] - (.-.) - [318.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ColorEfexPro4FC32.dll
[MD5.1F8887963CD87ACEB6201A0BE172AFFD] - |A| - [15/10/2014 20:47:24] - (.-.) - [4.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ColorEfexPro4FC64.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [302.5 Ko] - C:\Windows\SysWOW64\com
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [14481.04 Ko] - C:\Windows\SysWOW64\config
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [427.5 Ko] - C:\Windows\SysWOW64\cs-CZ
[MD5.C54C3127819B7B2F94C6E3C4BF7FA222] - |RA| - [26/02/2011 20:22:35] - (.Copyright  2010 - CSVer.) - [52 Ko] - (9.1.2.1007) - C:\Windows\SysWOW64\CSVer.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [422.5 Ko] - C:\Windows\SysWOW64\da-DK
[MD5.47583479078E5918C18D62E628627649] - |A| - [12/05/2016 10:58:40] - (.-.) - [16.97 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\debug.log
[MD5.26AA6FE941BEF224B97589B3FA191509] - |A| - [15/09/2012 17:31:47] - (.Copyright © 2012 - Java(TM) Platform SE binary.) - [729.48 Ko] - (10.7.2.11) - C:\Windows\SysWOW64\deployJava1.dll
[MD5.00000000000000000000000000000000] - |D| - [29/08/2011 20:28:42] - [0 Ko] - C:\Windows\SysWOW64\directx
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [4134 Ko] - C:\Windows\SysWOW64\Dism
[MD5.F42E95BFB193754E9148DB6434D2E88E] - |A| - [19/02/2010 21:27:36] - (.Copyright © 2000-2009 DivX, Inc. - DivX.) - [703.5 Ko] - (6.9.2.26) - C:\Windows\SysWOW64\DivX.dll
[MD5.1C77D47E513E7DBD9A280F7F60C9D47F] - |A| - [09/11/2010 00:57:04] - (.© Copyright 2000 - 2009 DivX, Inc. - DivX Control Panel.) - [345.3 Ko] - (1.2.0.6) - C:\Windows\SysWOW64\DivXControlPanelApplet.cpl
[MD5.A266D3E430E9FF97E9D659E5F087EF99] - |A| - [19/02/2010 21:27:16] - (.Copyright © 2001-2008 DivX, Inc. - DivX.) - [836 Ko] - (6.9.2.26) - C:\Windows\SysWOW64\divx_xx07.dll
[MD5.0DADCB1C15AB04A655F7B386FE625B35] - |A| - [19/02/2010 21:27:16] - (.Copyright © 2001-2008 DivX, Inc. - DivX.) - [828 Ko] - (6.9.2.26) - C:\Windows\SysWOW64\divx_xx0a.dll
[MD5.725C556795DFC534660E784F9324515C] - |A| - [19/02/2010 21:27:16] - (.Copyright © 2001-2008 DivX, Inc. - DivX.) - [836 Ko] - (6.9.2.26) - C:\Windows\SysWOW64\divx_xx0c.dll
[MD5.E1F94DFDC350BB8CE14655F5DB567149] - |A| - [19/02/2010 21:27:16] - (.Copyright ? 2001-2008 DivX, Inc. - DivX.) - [820 Ko] - (6.9.2.26) - C:\Windows\SysWOW64\divx_xx11.dll
[MD5.AD8E4393EAD5A8A71378BEEE95C59FDA] - |A| - [19/02/2010 21:27:16] - (.Copyright © 2001-2008 DivX, Inc. - DivX.) - [824 Ko] - (6.9.2.26) - C:\Windows\SysWOW64\divx_xx16.dll
[MD5.90C7F5E71EEFE13F762CFE7B42C7157A] - |A| - [12/11/2010 02:44:54] - (.Copyright © 2005-2006 - dpl100.) - [92 Ko] - (1.3.0.25) - C:\Windows\SysWOW64\dpl100.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [3575.95 Ko] - C:\Windows\SysWOW64\drivers
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [1.09 Ko] - C:\Windows\SysWOW64\DriverStore
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [451.5 Ko] - C:\Windows\SysWOW64\el-GR
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [2845.59 Ko] - C:\Windows\SysWOW64\en-US
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [443 Ko] - C:\Windows\SysWOW64\es-ES
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [160.5 Ko] - C:\Windows\SysWOW64\et-EE
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [425 Ko] - C:\Windows\SysWOW64\fi-FI
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 17:24:07] - [1680 Ko] - C:\Windows\SysWOW64\fr
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [38418.51 Ko] - C:\Windows\SysWOW64\fr-FR
[MD5.D4046F6784F46D545DB063A6553CB49C] - |A| - [26/02/2013 08:55:22] - (.Copyright © Beepa P/L 2013 - Fraps.) - [64 Ko] - (3.5.99.15619) - C:\Windows\SysWOW64\frapsvid.dll
[MD5.FFBA2F33C9E7C64DBC103B68CCD9BC9D] - |AS| - [29/10/2011 21:06:36] - (.Tradition Bois 2006 -.) - [28 Ko] - (2.4.0.0) - C:\Windows\SysWOW64\ftdbcf.dll
[MD5.AC008EAFA3A1D30C96010732E525553C] - |A| - [03/06/2013 18:16:26] - (.2009 Avid Technology, Inc., - Digidesign ProFire Support Library.) - [2564.81 Ko] - (5.10.0.5082) - C:\Windows\SysWOW64\fwfmdio.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\SysWOW64\FxsTmp
[MD5.8EA55BA51F158B053DB48E7A8F481F40] - |AS| - [29/10/2011 21:06:36] - (.-.) - [216 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\glut32.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicy
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicyUsers
[MD5.00000000000000000000000000000000] - |SD| - [08/04/2015 22:51:31] - [446 Ko] - C:\Windows\SysWOW64\GWX
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [191.5 Ko] - C:\Windows\SysWOW64\he-IL
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [168 Ko] - C:\Windows\SysWOW64\hr-HR
[MD5.520A03D1F113D251EFBFA00C164F2087] - |AS| - [29/10/2011 21:06:36] - (.Copyright © Hilgraeve, Inc. 2001 - HyperTerminal Applet Library.) - [43.5 Ko] - (5.1.2600.0) - C:\Windows\SysWOW64\hticons.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [429 Ko] - C:\Windows\SysWOW64\hu-HU
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [36.27 Ko] - C:\Windows\SysWOW64\icsxml
[MD5.A0CE0247D48FECAAC607EDB1E2D87FD8] - |AS| - [29/10/2011 21:06:36] - (.Copyright © 1999 - Intel® JPEG Library - Retail Version.) - [176 Ko] - (1.1.2.16) - C:\Windows\SysWOW64\ijl11.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [34096.44 Ko] - C:\Windows\SysWOW64\IME
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\inetsrv
[MD5.CA111A455B16716E5EF2CB683166647E] - |AS| - [29/10/2011 21:06:50] - (.-.) - [68 Ko] - (1.0.0.0) - C:\Windows\SysWOW64\Infobulle.ocx
[MD5.A4001C78F2806662B3BD91ACB44E6330] - |A| - [24/06/2017 09:30:48] - (.-.) - [0.04 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\initdebug.nfo
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [1160 Ko] - C:\Windows\SysWOW64\InstallShield
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [447 Ko] - C:\Windows\SysWOW64\it-IT
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [361 Ko] - C:\Windows\SysWOW64\ja-JP
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [356.5 Ko] - C:\Windows\SysWOW64\ko-KR
[MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - |A| - [14/07/2009 04:35:50] - (.-.) - [11687.04 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\korwbrkr.lex
[MD5.E9D2D4D1F326E5E721F4E03A58460C9E] - |A| - [03/12/2015 14:20:16] - (.-.) - [92.09 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\LexFiles.ulf
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [26/02/2011 20:24:02] - (.-.) - [0.04 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\log.txt
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\SysWOW64\LogFiles
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [165 Ko] - C:\Windows\SysWOW64\lt-LT
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [166 Ko] - C:\Windows\SysWOW64\lv-LV
[MD5.842E14DBE96F4D38E43AD318C4894C84] - |A| - [26/07/2008 16:23:20] - (.(c) 1996-2008 Logitech. - Video Codec.) - [406.52 Ko] - (11.80.1048.0) - C:\Windows\SysWOW64\lvcodec2.dll
[MD5.D370F75A420A33FB1F854891CFB15B22] - |A| - [26/07/2008 16:26:10] - (.(c) 1996-2008 Logitech. - Logitech Camera Property Pages.) - [478.52 Ko] - (11.80.1048.0) - C:\Windows\SysWOW64\LVUI2.dll
[MD5.B763DDFBE9D324A488D5567E9569AAF1] - |A| - [26/07/2008 16:26:22] - (.(c) 1996-2008 Logitech. - Logitech Camera Property Pages.) - [454.52 Ko] - (11.80.1048.0) - C:\Windows\SysWOW64\LVUI2RC.dll
[MD5.EC84E5E7EBEE36DB0A3A857470720363] - |A| - [03/12/2015 14:20:16] - (.-.) - [1.96 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\lxdf.loc
[MD5.4CF580F5385FC08C7121204740A6EAAE] - |A| - [03/12/2015 14:20:16] - (.- config.) - [76.08 Ko] - (1.0.0.1) - C:\Windows\SysWOW64\lxdfcfg.dll
[MD5.5CBDC74FC9236222873ECC86B6DA2E2F] - |A| - [03/12/2015 14:20:16] - (.- Printer Communication System.) - [356.92 Ko] - (1.0.2.0) - C:\Windows\SysWOW64\lxdfcfg.exe
[MD5.2D1161FDF76044A560879DB9C8302DEC] - |A| - [03/12/2015 14:20:16] - (.- Printer Communication System.) - [840 Ko] - (1.0.2.0) - C:\Windows\SysWOW64\lxdfcomc.dll
[MD5.92138D63DCD489679EA5C5BE39F7C49E] - |A| - [03/12/2015 14:20:16] - (.- Printer Communication System.) - [356 Ko] - (1.0.2.0) - C:\Windows\SysWOW64\lxdfcomm.dll
[MD5.1E1D5BC74946FCB4484B7E3169EAD414] - |A| - [03/12/2015 14:20:16] - (.- Printer Communication System.) - [584.92 Ko] - (1.0.2.0) - C:\Windows\SysWOW64\lxdfcoms.exe
[MD5.68DBB0A529811D6AEAA7212D2C9110A9] - |A| - [03/12/2015 14:20:17] - (.- COMX Dynamic Link Library.) - [376 Ko] - (3.383.0.0) - C:\Windows\SysWOW64\lxdfcomx.dll
[MD5.1BE74FC511FF898DD7907E3A5DAB5B77] - |A| - [03/12/2015 14:20:17] - (.(C) 2003 Lexmark International, Inc. - Cu DLL.) - [76 Ko] - (5.219.0.0) - C:\Windows\SysWOW64\lxdfcu.dll
[MD5.E260C9C65E6CDB2774C6FE16EB50867C] - |A| - [03/12/2015 14:20:17] - (.(C) 2003 Lexmark International, Inc. - CU bitmap resource DLL.) - [88 Ko] - (5.219.0.0) - C:\Windows\SysWOW64\lxdfcub.dll
[MD5.5620BFD6435363E8774573F13B9B4F31] - |A| - [03/12/2015 14:20:17] - (.(C) 2003 Lexmark International, Inc. - Cu resource DLL.) - [36 Ko] - (0.0.7.0) - C:\Windows\SysWOW64\lxdfcur.dll
[MD5.F92A789D4F7CCE19F6875CE859F5076A] - |A| - [03/12/2015 14:20:16] - (.- Printer Communication System.) - [648 Ko] - (1.0.2.0) - C:\Windows\SysWOW64\lxdfhbn3.dll
[MD5.D1AAE97AF768A83F5632C47AD4C3B98B] - |A| - [03/12/2015 14:20:16] - (.-.) - [1477.92 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\LXDFhelp.chm
[MD5.3D2A34C7BFB995478A0320E05AB86C32] - |A| - [03/12/2015 14:20:17] - (.- Printer Communication System.) - [332 Ko] - (1.0.2.0) - C:\Windows\SysWOW64\lxdfiesc.dll
[MD5.05FB6FE88CE52AA04BA0B6CE748D51DD] - |A| - [03/12/2015 14:20:16] - (.- Printer Communication System.) - [312.92 Ko] - (1.0.2.0) - C:\Windows\SysWOW64\lxdfih.exe
[MD5.831F4435E172E105425F6CE99FBC4B59] - |A| - [03/12/2015 14:20:17] - (.- Printer Communication System.) - [348 Ko] - (1.0.2.0) - C:\Windows\SysWOW64\lxdfinpa.dll
[MD5.BFBEA2D77FD028035E17160BBB053A40] - |A| - [03/12/2015 14:20:17] - (.(C) 2003 Lexmark International, Inc. - ins DLL.) - [172 Ko] - (5.219.0.0) - C:\Windows\SysWOW64\lxdfins.dll
[MD5.8816D53866DF28E17F9B93804B98B18E] - |A| - [03/12/2015 14:20:17] - (.(C) 2003 Lexmark International, Inc. - INS bitmap resource DLL.) - [204 Ko] - (5.219.0.0) - C:\Windows\SysWOW64\lxdfinsb.dll
[MD5.D265862FB129EDBBCE328A0F964570E9] - |A| - [03/12/2015 14:20:17] - (.(C) 2003 Lexmark International, Inc. - Ins resource DLL.) - [112 Ko] - (0.0.7.0) - C:\Windows\SysWOW64\lxdfinsr.dll
[MD5.114DBFF3A35ACD1EA5C9FF1C63BFEE46] - |A| - [03/12/2015 14:20:17] - (.-.) - [340 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\lxdfinst.dll
[MD5.6B0D14D01A5692D9D3381734E16C50DA] - |A| - [03/12/2015 14:20:17] - (.(C) 2003 Lexmark International, Inc. - Jsw resource DLL.) - [144 Ko] - (0.0.7.0) - C:\Windows\SysWOW64\lxdfjswr.dll
[MD5.6321712532FEA3528062675E894FAC6D] - |A| - [03/12/2015 14:20:16] - (.- Printer Communication System.) - [552 Ko] - (1.0.2.0) - C:\Windows\SysWOW64\lxdflmpm.dll
[MD5.65F09084438B734A9BE305CBA3591120] - |A| - [03/12/2015 14:20:17] - (.- Lexmark Rewards.) - [124 Ko] - (1.0.0.1) - C:\Windows\SysWOW64\lxdflnks.dll
[MD5.8418E6A0D3CFE7B275440CA5DDFFF8F6] - |A| - [03/12/2015 14:20:17] - (.- Printer Communication System.) - [632 Ko] - (1.0.2.0) - C:\Windows\SysWOW64\lxdfpmui.dll
[MD5.250058B0A4816EEF5A7506623E230661] - |A| - [03/12/2015 14:20:17] - (.- Printer Communication System.) - [52 Ko] - (1.0.2.0) - C:\Windows\SysWOW64\lxdfprox.dll
[MD5.A1982F103C97B2C8C0802E58908617FB] - |A| - [03/12/2015 14:20:17] - (.- Printer Communication System.) - [1172 Ko] - (1.0.2.0) - C:\Windows\SysWOW64\lxdfserv.dll
[MD5.4871A8A56F33AF27A506E0D06554D42D] - |A| - [03/12/2015 14:20:17] - (.- Printer Communication System.) - [928 Ko] - (1.0.2.0) - C:\Windows\SysWOW64\lxdfusb1.dll
[MD5.25785C72FFCD9975079A148547E47C80] - |A| - [03/12/2015 14:20:17] - (.(C) 2003 Lexmark International, Inc. - utilities DLL.) - [492 Ko] - (5.219.0.0) - C:\Windows\SysWOW64\lxdfutil.dll
[MD5.BD22093E66372F504AD4B62113749DF6] - |A| - [03/06/2013 18:17:34] - (.2013 inMusic Brands, Inc. - M-Audio ProFire control panel.) - [1276.2 Ko] - (1.0.9.1) - C:\Windows\SysWOW64\M-AudioProFireControlPanel.exe
[MD5.00000000000000000000000000000000] - |D| - [26/02/2011 14:22:45] - [154.44 Ko] - C:\Windows\SysWOW64\Macromed
[MD5.47B90DFD1E831610B4B430037849C7DE] - |A| - [03/06/2013 18:17:32] - (.2013 inMusic Brands, Inc., - M-Audio ProFire ASIO Support Library.) - [26.7 Ko] - (5.10.0.5084) - C:\Windows\SysWOW64\mafwdiasio.dll
[MD5.CEF7CD8C816A0DFEE770136CBA1D417D] - |A| - [03/06/2013 18:17:36] - (.2013 inMusic Brands, Inc., - M-Audio ProFire Tray Application.) - [307.7 Ko] - (5.10.0.5084) - C:\Windows\SysWOW64\MAFWDITray.exe
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [1968.26 Ko] - C:\Windows\SysWOW64\manifeststore
[MD5.98071B6EE16AA76DABFF377A5DC69C86] - |A| - [14/07/2009 06:55:01] - (.-.) - [0.52 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\mapisvc.inf
[MD5.53407BDDFBB93BFBC2F2E7948F05A7AC] - |A| - [26/02/2011 20:24:16] - (.Copyright (c) 2006-2009 Creative Technology Ltd. - Creative Audio Processing Object Module.) - [518.59 Ko] - (1.0.19.0) - C:\Windows\SysWOW64\MBAPO32.dll
[MD5.00000000000000000000000000000000] - |SD| - [04/12/2015 16:30:23] - [0 Ko] - C:\Windows\SysWOW64\Microsoft
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [3178.93 Ko] - C:\Windows\SysWOW64\migration
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [32695.71 Ko] - C:\Windows\SysWOW64\migwiz
[MD5.302BC12D6661081CC02C77ADF639C41F] - |A| - [11/05/2016 18:30:05] - (.Copyright (C) 1998 - 2015 Tencent. All Rights Reserved - MMInstaller.) - [155.6 Ko] - (9.13.1376.0) - C:\Windows\SysWOW64\MMInstaller.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [52.28 Ko] - C:\Windows\SysWOW64\Msdtc
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [24.48 Ko] - C:\Windows\SysWOW64\MUI
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [418 Ko] - C:\Windows\SysWOW64\nb-NO
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\NDF
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [51 Ko] - C:\Windows\SysWOW64\NetworkList
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [438.5 Ko] - C:\Windows\SysWOW64\nl-NL
[MD5.538B8EE581ECF4BFF4FCBA030DF70505] - |A| - [08/12/2009 21:10:24] - (.Copyright © 2004 - 2009 - This service enables products that use the Nalpeiron Licensing System.) - [56 Ko] - (6.1.6.0) - C:\Windows\SysWOW64\nlssrv32.exe
[MD5.1C96B3DA6ABE5E18B63C64DF75884F6A] - |A| - [14/07/2009 04:35:50] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\noise.kor
[MD5.AB87C54CA19675880B0CAE65B8AF140C] - |A| - [15/09/2012 17:31:47] - (.Copyright © 2012 - NPRuntime Script Plug-in Library for Java(TM) Deploy.) - [802.48 Ko] - (10.7.2.11) - C:\Windows\SysWOW64\npDeployJava1.dll
[MD5.EDF220A1DCDB2CB01DCEA8E80B1435C5] - |A| - [26/02/2011 14:24:57] - (.-.) - [2406.23 Ko] - (9.0.45.0) - C:\Windows\SysWOW64\NPSWF32.dll
[MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |A| - [10/06/2009 23:17:19] - (.-.) - [113.56 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PerfCenterCpl.ico
[MD5.1B60900BA580CE4CC337BFC60F83C130] - |A| - [28/02/2014 01:05:46] - (.-.) - [1605.26 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PerfStringBackup.INI
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [434 Ko] - C:\Windows\SysWOW64\pl-PL
[MD5.5564EE004708EBB76086F6D66ACF60FF] - |A| - [08/06/2011 13:06:25] - (.-.) - [275.09 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PnkBstrB.ex0
[MD5.5564EE004708EBB76086F6D66ACF60FF] - |A| - [26/04/2014 12:20:32] - (.-.) - [275.09 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PnkBstrB.xtr
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 17:24:07] - [420.42 Ko] - C:\Windows\SysWOW64\Printing_Admin_Scripts
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [431 Ko] - C:\Windows\SysWOW64\pt-BR
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [433 Ko] - C:\Windows\SysWOW64\pt-PT
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [23.75 Ko] - C:\Windows\SysWOW64\ras
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0.64 Ko] - C:\Windows\SysWOW64\Recovery
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 07:32:38] - [0 Ko] - C:\Windows\SysWOW64\restore
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [169 Ko] - C:\Windows\SysWOW64\ro-RO
[MD5.00000000000000000000000000000000] - |D| - [26/02/2011 20:24:39] - [1331.59 Ko] - C:\Windows\SysWOW64\RTCOM
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [429.5 Ko] - C:\Windows\SysWOW64\ru-RU
[MD5.F35081AEA874E604549197C40DA74504] - |AS| - [29/10/2011 21:06:50] - (.2000/12/18 - SaveToJpeg 1.00.) - [56 Ko] - (1.0.0.0) - C:\Windows\SysWOW64\SaveJpeg.ocx
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [169.5 Ko] - C:\Windows\SysWOW64\sk-SK
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [166 Ko] - C:\Windows\SysWOW64\sl-SI
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 17:24:07] - [42.67 Ko] - C:\Windows\SysWOW64\slmgr
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [2803 Ko] - C:\Windows\SysWOW64\Speech
[MD5.12583AF6CBE0050651EAF2723B3AD7B3] - |A| - [18/03/2011 18:08:56] - (.Copyright © Almico Software 2001-2011 - SpeedFan x64 Driver.) - [28.9 Ko] - (2.1.7.0) - C:\Windows\SysWOW64\speedfan.sys
[MD5.00000000000000000000000000000000] - |D| - [26/02/2011 14:23:05] - [0 Ko] - C:\Windows\SysWOW64\spool
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [1142.37 Ko] - C:\Windows\SysWOW64\spp
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [30.19 Ko] - C:\Windows\SysWOW64\sppui
[MD5.0DC5AF80D059DEC792B665ED598C6567] - |A| - [05/09/2014 12:03:17] - (.2000-2010 Public Domain - SQLite Dynamic Link Library (No TCL).) - [524 Ko] - (3.7.2.0) - C:\Windows\SysWOW64\sqlite3.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [170 Ko] - C:\Windows\SysWOW64\sr-Latn-CS
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [421.5 Ko] - C:\Windows\SysWOW64\sv-SE
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 17:24:07] - [0 Ko] - C:\Windows\SysWOW64\sysprep
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [0 Ko] - C:\Windows\SysWOW64\Tasks
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [157 Ko] - C:\Windows\SysWOW64\th-TH
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [419 Ko] - C:\Windows\SysWOW64\tr-TR
[MD5.63E0B16CEBB27CAAD1D2970AF77934E0] - |A| - [03/04/2007 06:31:38] - (.- Twain_32 Source Manager (Image Acquisition Interface).) - [75.5 Ko] - (1.6.0.3) - C:\Windows\SysWOW64\TWAIN_32.DLL
[MD5.74B8802CE5CD6F4E7AC83152E0E17D25] - |A| - [03/04/2007 06:31:38] - (.- Twain_32.dll Client's 16-Bit Thunking Server.) - [47.42 Ko] - (1.6.0.1) - C:\Windows\SysWOW64\TWUNK_16.EXE
[MD5.E2D4BA3248CB1DCB51383267868715E5] - |A| - [03/04/2007 06:31:38] - (.- Twain.dll Client's 32-Bit Thunking Server.) - [68 Ko] - (1.6.0.1) - C:\Windows\SysWOW64\TWUNK_32.EXE
[MD5.1C4DFF257563CCC9D1F146019895577D] - |A| - [25/04/2013 09:32:14] - (.Copyright (C) 1997 - 2012 TENCENT Inc. All Rights Reserved - ScreenCapture Control.) - [308 Ko] - (1.0.1.54) - C:\Windows\SysWOW64\TXGYMailActiveX.dll
[MD5.E5D8F83EDC36D89621BB93438444EF72] - |A| - [25/04/2013 09:31:52] - (.Copyright (C) 1998 - 2012 TENCENT Inc. All Rights Reserved - CameraDll DLL.) - [384 Ko] - (7.3.0.20) - C:\Windows\SysWOW64\TXGYMailCamera.dll
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [166.5 Ko] - C:\Windows\SysWOW64\uk-UA
[MD5.0D671A9FE9226427069CC6F0C4594A87] - |AS| - [29/10/2011 21:06:50] - (.-.) - [538.2 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\VBOGL.TLB
[MD5.15BD0F8D507546F512EE5D73C3721FA8] - |A| - [14/07/2009 04:35:41] - (.Copyright © 2000 - vfpodbc.) - [20.05 Ko] - (1.0.2.0) - C:\Windows\SysWOW64\vfpodbc.dll
[MD5.050F177850C1BD466C4B4DC323BF1DBC] - |A| - [08/12/2009 21:10:24] - (.-.) - [289 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\Viveza2FC32.dll
[MD5.87BF9BFD8CCD216D5C2DB74D3E42D39C] - |A| - [08/12/2009 21:10:24] - (.-.) - [315 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\Viveza2FC64.dll
[MD5.37846AD19B2E6C354722AE14A16EC6E5] - |AS| - [29/10/2011 21:06:50] - (.by violent_ken - XP style controls.) - [1112 Ko] - (2.0.0.0) - C:\Windows\SysWOW64\vkUserControlsXP.ocx
[MD5.1EFC0462DD53429A18031C1AAF4BC263] - |A| - [04/05/2015 18:40:06] - (.-.) - [66.35 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\x264vfw-uninstall.exe
[MD5.CC1CDBEED2AAE1770DFEA62539FFF644] - |A| - [27/06/2010 15:08:50] - (.-.) - [3116.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\x264vfw.dll
[MD5.D18CF28F15A31599655C9B9D9F2BE4FE] - |A| - [27/06/2010 15:08:58] - (.-.) - [6.8 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\x264vfw.ico
[MD5.00000000000000000000000000000000] - |D| - [30/03/2015 11:28:26] - [137.65 Ko] - C:\Windows\SysWOW64\xlive
[MD5.340292C12C3533CE83BDC694D27A261E] - |A| - [09/04/2011 18:55:28] - (.-.) - [175.06 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\xlive.dll.cat
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 17:24:07] - [10.16 Ko] - C:\Windows\SysWOW64\XPSViewer
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [333.5 Ko] - C:\Windows\SysWOW64\zh-CN
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [255.5 Ko] - C:\Windows\SysWOW64\zh-HK
[MD5.00000000000000000000000000000000] - |D| - [14/07/2009 05:20:14] - [334 Ko] - C:\Windows\SysWOW64\zh-TW

---------- | Shell Folders

[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"!Do not use this registry key"=Use the SHGetFolderPath or SHGetKnownFolderPath function instead   
"AppData"=C:\Users\Sylvain\AppData\Roaming   [26/02/2011 13:17:12]
"Local AppData"=C:\Users\Sylvain\AppData\Local   [26/02/2011 13:17:12]
"My Video"=C:\Users\Sylvain\Videos   [26/02/2011 13:17:12]
"{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}"=C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Libraries   [26/02/2011 13:17:28]
"My Pictures"=C:\Users\Sylvain\Pictures   [26/02/2011 13:17:12]
"Desktop"=C:\Users\Sylvain\Desktop   [26/02/2011 13:17:12]
"History"=C:\Users\Sylvain\AppData\Local\Microsoft\Windows\History   [26/02/2011 13:17:12]
"NetHood"=C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Network Shortcuts   [26/02/2011 13:17:12]
"{56784854-C6CB-462B-8169-88E350ACB882}"=C:\Users\Sylvain\Contacts   [26/02/2011 13:17:19]
"Cookies"=C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Cookies   [26/02/2011 13:17:12]
"Favorites"=C:\Users\Sylvain\Favorites   [26/02/2011 13:17:12]
"SendTo"=C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\SendTo   [26/02/2011 13:17:12]
"Start Menu"=C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Start Menu   [26/02/2011 13:17:12]
"My Music"=C:\Users\Sylvain\Music   [26/02/2011 13:17:12]
"Programs"=C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs   [26/02/2011 13:17:12]
"Recent"=C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Recent   [26/02/2011 13:17:12]
"CD Burning"=C:\Users\Sylvain\AppData\Local\Microsoft\Windows\Burn\Burn2   [16/07/2012 20:33:16]
"PrintHood"=C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Printer Shortcuts   [26/02/2011 13:17:12]
"{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}"=C:\Users\Sylvain\Searches   [26/02/2011 13:17:28]
"{374DE290-123F-4565-9164-39C4925E467B}"=C:\Users\Sylvain\Downloads   [26/02/2011 13:17:12]
"{A520A1A4-1780-4FF6-BD18-167343C5AF16}"=C:\Users\Sylvain\AppData\LocalLow   [26/02/2011 13:17:12]
"Startup"=C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup   [26/02/2011 13:17:28]
"Administrative Tools"=C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools   [26/02/2011 13:17:28]
"Personal"=C:\Users\Sylvain\Documents   [26/02/2011 13:17:12]
"{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}"=C:\Users\Sylvain\Links   [26/02/2011 13:17:12]
"Cache"=C:\Users\Sylvain\AppData\Local\Microsoft\Windows\Temporary Internet Files   [26/02/2011 13:17:12]
"Templates"=C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Templates   [26/02/2011 13:17:12]
"{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}"=C:\Users\Sylvain\Saved Games   [26/02/2011 13:17:12]
"Fonts"=C:\Windows\Fonts   [14/07/2009 05:20:09]

[HKU\S-1-5-21-1977720525-337058645-3963175332-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders]
"AppData"=%USERPROFILE%\AppData\Roaming   
"Cache"=%USERPROFILE%\AppData\Local\Microsoft\Windows\Temporary Internet Files   
"Cookies"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Cookies   
"Desktop"=%USERPROFILE%\Desktop   
"Favorites"=%USERPROFILE%\Favorites   
"History"=%USERPROFILE%\AppData\Local\Microsoft\Windows\History   
"Local AppData"=%USERPROFILE%\AppData\Local   
"My Music"=%USERPROFILE%\Music   
"My Pictures"=%USERPROFILE%\Pictures   
"My Video"=%USERPROFILE%\Videos   
"NetHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Network Shortcuts   
"Personal"=%USERPROFILE%\Documents   
"Programs"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs   
"Recent"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Recent   
"SendTo"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\SendTo   
"Startup"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup   
"Start Menu"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu   
"Templates"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Templates   
"{374DE290-123F-4565-9164-39C4925E467B}"=%USERPROFILE%\Downloads   
"PrintHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Printer Shortcuts   
"CD Burning"=%USERPROFILE%\AppData\Local\Microsoft\Windows\Burn\Burn2   

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common Desktop"=C:\Users\Public\Desktop   [14/07/2009 05:20:08]
"Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu   [14/07/2009 05:20:08]
"CommonVideo"=C:\Users\Public\Videos   [14/07/2009 05:20:08]
"CommonPictures"=C:\Users\Public\Pictures   [14/07/2009 05:20:08]
"Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs   [14/07/2009 05:20:08]
"CommonMusic"=C:\Users\Public\Music   [14/07/2009 05:20:08]
"Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools   [14/07/2009 07:32:38]
"Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup   [14/07/2009 05:20:08]
"Common Documents"=C:\Users\Public\Documents   [14/07/2009 05:20:08]
"OEM Links"=C:\ProgramData\OEM Links   
"Common Templates"=C:\ProgramData\Microsoft\Windows\Templates   [14/07/2009 05:20:08]
"Common AppData"=C:\ProgramData   [14/07/2009 05:20:08]

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders]
"Common Desktop"=%PUBLIC%\Desktop   
"Common Documents"=%PUBLIC%\Documents   
"CommonPictures"=%PUBLIC%\Pictures   
"CommonMusic"=%PUBLIC%\Music   
"CommonVideo"=%PUBLIC%\Videos   
"{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads   
"Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu   
"Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs   
"Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup   
"Common AppData"=%ProgramData%   
"Common Templates"=%ProgramData%\Microsoft\Windows\Templates   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common Desktop"=C:\Users\Public\Desktop   [14/07/2009 05:20:08]
"Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu   [14/07/2009 05:20:08]
"CommonVideo"=C:\Users\Public\Videos   [14/07/2009 05:20:08]
"CommonPictures"=C:\Users\Public\Pictures   [14/07/2009 05:20:08]
"Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs   [14/07/2009 05:20:08]
"CommonMusic"=C:\Users\Public\Music   [14/07/2009 05:20:08]
"Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools   [14/07/2009 07:32:38]
"Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup   [14/07/2009 05:20:08]
"Common Documents"=C:\Users\Public\Documents   [14/07/2009 05:20:08]
"OEM Links"=C:\ProgramData\OEM Links   
"Common Templates"=C:\ProgramData\Microsoft\Windows\Templates   [14/07/2009 05:20:08]
"Common AppData"=C:\ProgramData   [14/07/2009 05:20:08]

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders]
"Common Desktop"=%PUBLIC%\Desktop   
"Common Documents"=%PUBLIC%\Documents   
"CommonPictures"=%PUBLIC%\Pictures   
"CommonMusic"=%PUBLIC%\Music   
"CommonVideo"=%PUBLIC%\Videos   
"{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads   
"Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu   
"Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs   
"Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup   
"Common AppData"=%ProgramData%   
"Common Templates"=%ProgramData%\Microsoft\Windows\Templates   


---------- | [Administrator]

[14/07/2009 07:08:59] - |D| - [0] - C:\Users\Administrator\AppData\Local
[14/07/2009 07:08:59] - |D| - [0] - C:\Users\Administrator\AppData\Local\Microsoft

---------- | [Public]


---------- | [Sylvain]

[26/02/2011 13:17:12] - |D| - [5287565920] - C:\Users\Sylvain\AppData\Local
[26/02/2011 13:17:12] - |D| - [97111585] - C:\Users\Sylvain\AppData\LocalLow
[26/02/2011 13:17:12] - |D| - [6100221070] - C:\Users\Sylvain\AppData\Roaming
[26/02/2011 14:27:12] - |D| - [850424741] - C:\Users\Sylvain\AppData\Local\Adobe
[21/10/2014 12:38:47] - |A| - [1456] - C:\Users\Sylvain\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
[27/04/2011 22:34:39] - |D| - [13726097] - C:\Users\Sylvain\AppData\Local\adslTV
[27/11/2011 16:59:30] - |D| - [0] - C:\Users\Sylvain\AppData\Local\Apple
[07/01/2013 00:56:08] - |D| - [24586867] - C:\Users\Sylvain\AppData\Local\Apple Computer
[26/02/2011 13:17:12] - |SHD| - [49199768473] - C:\Users\Sylvain\AppData\Local\Application Data
[27/04/2011 20:29:17] - |D| - [3128265] - C:\Users\Sylvain\AppData\Local\Apps
[26/02/2011 20:58:15] - |D| - [366462053] - C:\Users\Sylvain\AppData\Local\Autodesk
[22/06/2017 23:11:30] - |D| - [3507] - C:\Users\Sylvain\AppData\Local\backburner
[18/09/2014 19:07:27] - |D| - [1311669] - C:\Users\Sylvain\AppData\Local\cache
[20/08/2015 17:41:08] - |D| - [6015085] - C:\Users\Sylvain\AppData\Local\CEF
[05/09/2014 16:47:56] - |D| - [0] - C:\Users\Sylvain\AppData\Local\CrashDumps
[04/12/2011 20:35:15] - |D| - [21838100] - C:\Users\Sylvain\AppData\Local\CutePDF Writer
[06/09/2014 13:34:17] - |A| - [8192] - C:\Users\Sylvain\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[08/05/2011 21:41:21] - |D| - [518] - C:\Users\Sylvain\AppData\Local\DDMSettings
[27/04/2011 20:29:16] - |D| - [0] - C:\Users\Sylvain\AppData\Local\Deployment
[26/02/2011 21:30:40] - |D| - [9594481] - C:\Users\Sylvain\AppData\Local\Diagnostics
[10/09/2015 11:46:40] - |D| - [78430191] - C:\Users\Sylvain\AppData\Local\DIAL GmbH
[01/03/2015 14:15:14] - |D| - [34444288] - C:\Users\Sylvain\AppData\Local\Downloaded Installations
[16/06/2015 18:08:24] - |D| - [12926468] - C:\Users\Sylvain\AppData\Local\Dropbox
[17/04/2011 20:16:19] - |D| - [1142363] - C:\Users\Sylvain\AppData\Local\ElevatedDiagnostics
[05/07/2014 00:41:09] - |SHD| - [0] - C:\Users\Sylvain\AppData\Local\EmieSiteList
[05/07/2014 00:41:09] - |SHD| - [0] - C:\Users\Sylvain\AppData\Local\EmieUserList
[28/07/2016 16:14:50] - |D| - [308404] - C:\Users\Sylvain\AppData\Local\EMU
[26/02/2011 14:35:54] - |A| - [160392] - C:\Users\Sylvain\AppData\Local\GDIPFONTCACHEV1.DAT
[11/01/2016 16:35:31] - |D| - [34957824] - C:\Users\Sylvain\AppData\Local\GMap.NET
[27/04/2011 20:29:31] - |D| - [208638511] - C:\Users\Sylvain\AppData\Local\Google
[20/06/2015 21:08:31] - |D| - [71] - C:\Users\Sylvain\AppData\Local\GWX
[26/02/2011 13:17:12] - |SHD| - [290] - C:\Users\Sylvain\AppData\Local\Historique
[26/02/2011 13:27:31] - |AH| - [10185107] - C:\Users\Sylvain\AppData\Local\IconCache.db
[11/05/2016 18:33:55] - |D| - [218] - C:\Users\Sylvain\AppData\Local\Kingsoft
[08/06/2016 12:27:20] - |D| - [112739] - C:\Users\Sylvain\AppData\Local\Luxion
[26/02/2011 13:17:12] - |D| - [3269335396] - C:\Users\Sylvain\AppData\Local\Microsoft
[26/02/2011 14:39:39] - |D| - [532890] - C:\Users\Sylvain\AppData\Local\Microsoft Games
[16/07/2011 14:14:57] - |D| - [218584] - C:\Users\Sylvain\AppData\Local\Microsoft Help
[01/01/2015 14:29:29] - |D| - [0] - C:\Users\Sylvain\AppData\Local\NikLicenseFiles
[29/10/2014 13:43:33] - |D| - [116083555] - C:\Users\Sylvain\AppData\Local\NVIDIA
[29/10/2014 13:43:33] - |D| - [188384] - C:\Users\Sylvain\AppData\Local\NVIDIA Corporation
[29/10/2014 17:51:16] - |D| - [16803] - C:\Users\Sylvain\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me
[10/09/2014 21:55:29] - |D| - [0] - C:\Users\Sylvain\AppData\Local\PACE Anti-Piracy
[06/03/2014 22:24:34] - |D| - [144] - C:\Users\Sylvain\AppData\Local\Packages
[29/12/2015 18:28:50] - |D| - [22589] - C:\Users\Sylvain\AppData\Local\PDFCreator
[10/02/2015 21:34:50] - |D| - [88323968] - C:\Users\Sylvain\AppData\Local\Popcorn Time
[18/02/2013 20:20:39] - |D| - [0] - C:\Users\Sylvain\AppData\Local\Programs
[26/04/2014 12:20:27] - |D| - [2866497] - C:\Users\Sylvain\AppData\Local\PunkBuster
[01/03/2015 13:39:00] - |D| - [2344056] - C:\Users\Sylvain\AppData\Local\Research In Motion
[01/03/2014 13:37:25] - |D| - [469519] - C:\Users\Sylvain\AppData\Local\SKIDROW
[17/09/2014 10:53:43] - |D| - [0] - C:\Users\Sylvain\AppData\Local\Skype
[28/10/2014 18:52:38] - |D| - [6423626] - C:\Users\Sylvain\AppData\Local\Sniper3
[01/01/2015 14:29:27] - |D| - [2000] - C:\Users\Sylvain\AppData\Local\Software
[12/09/2014 10:44:51] - |D| - [0] - C:\Users\Sylvain\AppData\Local\TechSmith
[26/02/2011 13:17:12] - |D| - [23046] - C:\Users\Sylvain\AppData\Local\Temp
[26/02/2011 13:17:12] - |SHD| - [128] - C:\Users\Sylvain\AppData\Local\Temporary Internet Files
[06/01/2015 11:29:43] - |D| - [2816740] - C:\Users\Sylvain\AppData\Local\Thunderbird
[01/03/2014 19:34:27] - |D| - [0] - C:\Users\Sylvain\AppData\Local\Ubisoft Game Launcher
[31/12/2014 11:27:46] - |D| - [0] - C:\Users\Sylvain\AppData\Local\Unity
[26/02/2011 13:17:18] - |D| - [119554194] - C:\Users\Sylvain\AppData\Local\VirtualStore
[25/07/2013 17:59:28] - |HD| - [1028] - C:\Users\Sylvain\AppData\Local\zidolXuHA33Mg
[12/04/2014 09:33:40] - |D| - [1871944] - C:\Users\Sylvain\AppData\LocalLow\Adobe
[27/11/2011 16:59:11] - |D| - [10235] - C:\Users\Sylvain\AppData\LocalLow\Apple Computer
[22/01/2015 14:04:05] - |SHD| - [0] - C:\Users\Sylvain\AppData\LocalLow\EmieBrowserModeList
[05/07/2014 00:41:05] - |SHD| - [0] - C:\Users\Sylvain\AppData\LocalLow\EmieSiteList
[05/07/2014 00:41:14] - |SHD| - [0] - C:\Users\Sylvain\AppData\LocalLow\EmieUserList
[11/09/2014 09:08:25] - |D| - [71194] - C:\Users\Sylvain\AppData\LocalLow\Google
[26/02/2011 14:19:27] - |D| - [228897] - C:\Users\Sylvain\AppData\LocalLow\Microsoft
[11/09/2014 08:25:15] - |D| - [913408] - C:\Users\Sylvain\AppData\LocalLow\Oracle
[11/05/2016 18:23:10] - |D| - [0] - C:\Users\Sylvain\AppData\LocalLow\QQMiniDL
[15/09/2012 17:29:53] - |D| - [94015907] - C:\Users\Sylvain\AppData\LocalLow\Sun
[22/06/2015 11:09:26] - |D| - [0] - C:\Users\Sylvain\AppData\LocalLow\Temp
[31/12/2014 11:27:45] - |D| - [0] - C:\Users\Sylvain\AppData\LocalLow\Unity
[03/12/2015 17:19:03] - |D| - [16674] - C:\Users\Sylvain\AppData\Roaming\6500 Series
[26/02/2011 14:21:22] - |D| - [1385915454] - C:\Users\Sylvain\AppData\Roaming\Adobe
[19/01/2013 12:32:30] - |D| - [1062457746] - C:\Users\Sylvain\AppData\Roaming\Apple Computer
[21/10/2012 12:17:52] - |D| - [8624] - C:\Users\Sylvain\AppData\Roaming\Audacity
[26/02/2011 22:42:30] - |D| - [10989757] - C:\Users\Sylvain\AppData\Roaming\Autodesk
[05/09/2014 17:00:11] - |D| - [39713020] - C:\Users\Sylvain\AppData\Roaming\AVAST Software
[08/12/2012 22:12:56] - |D| - [1370] - C:\Users\Sylvain\AppData\Roaming\Canon
[20/11/2011 01:56:53] - |D| - [0] - C:\Users\Sylvain\AppData\Roaming\com.adobe.ExMan
[08/12/2015 13:16:49] - |A| - [11615] - C:\Users\Sylvain\AppData\Roaming\ContactSheetII.log
[26/02/2011 14:18:14] - |D| - [0] - C:\Users\Sylvain\AppData\Roaming\DAEMON Tools Lite
[11/05/2016 18:34:15] - |D| - [0] - C:\Users\Sylvain\AppData\Roaming\dg
[08/05/2011 21:38:38] - |D| - [180224] - C:\Users\Sylvain\AppData\Roaming\DivX
[05/06/2011 16:54:59] - |D| - [0] - C:\Users\Sylvain\AppData\Roaming\DMCache
[04/11/2011 20:08:00] - |D| - [278344] - C:\Users\Sylvain\AppData\Roaming\Dropbox
[20/01/2013 18:47:24] - |D| - [199] - C:\Users\Sylvain\AppData\Roaming\dvdcss
[27/04/2011 20:42:06] - |D| - [25990] - C:\Users\Sylvain\AppData\Roaming\FileZilla
[05/04/2011 20:16:20] - |D| - [539721] - C:\Users\Sylvain\AppData\Roaming\Google
[04/05/2015 18:40:22] - |D| - [134570] - C:\Users\Sylvain\AppData\Roaming\HND
[27/08/2015 11:47:39] - |D| - [26624] - C:\Users\Sylvain\AppData\Roaming\hugin
[26/02/2011 13:17:21] - |D| - [0] - C:\Users\Sylvain\AppData\Roaming\Identities
[09/05/2012 21:52:37] - |D| - [0] - C:\Users\Sylvain\AppData\Roaming\InstallShield
[11/05/2016 18:32:30] - |D| - [62932] - C:\Users\Sylvain\AppData\Roaming\Kingsoft
[03/12/2015 14:24:46] - |D| - [132297] - C:\Users\Sylvain\AppData\Roaming\Lexmark Productivity Studio
[30/09/2015 13:13:47] - |D| - [2800738] - C:\Users\Sylvain\AppData\Roaming\LibreOffice
[26/02/2011 22:48:07] - |D| - [1374] - C:\Users\Sylvain\AppData\Roaming\Macromedia
[10/05/2011 19:31:51] - |D| - [0] - C:\Users\Sylvain\AppData\Roaming\Malwarebytes
[26/02/2011 13:17:12] - |D| - [0] - C:\Users\Sylvain\AppData\Roaming\Media Center Programs
[26/02/2011 13:17:12] - |SD| - [8137072] - C:\Users\Sylvain\AppData\Roaming\Microsoft
[06/01/2015 11:29:44] - |D| - [0] - C:\Users\Sylvain\AppData\Roaming\Mozilla
[11/05/2016 17:06:55] - |D| - [1974096] - C:\Users\Sylvain\AppData\Roaming\NJ59D8SHR
[01/12/2012 21:03:02] - |D| - [5776795] - C:\Users\Sylvain\AppData\Roaming\NVIDIA
[10/09/2014 21:55:29] - |D| - [1943] - C:\Users\Sylvain\AppData\Roaming\PACE Anti-Piracy
[29/12/2015 18:27:03] - |D| - [95035] - C:\Users\Sylvain\AppData\Roaming\PDF Architect 4
[08/12/2015 13:16:49] - |A| - [724] - C:\Users\Sylvain\AppData\Roaming\Planche contact II.xml
[10/11/2014 19:12:18] - |A| - [132] - C:\Users\Sylvain\AppData\Roaming\Préfs Filtre IllExportation Adobe CS6
[18/02/2015 21:04:25] - |A| - [132] - C:\Users\Sylvain\AppData\Roaming\Préfs Format BMP Adobe CS6
[16/01/2015 22:02:51] - |A| - [132] - C:\Users\Sylvain\AppData\Roaming\Préfs Format OpenEXR Adobe CS6
[19/12/2014 13:13:36] - |A| - [132] - C:\Users\Sylvain\AppData\Roaming\Préfs Format PNG Adobe CS6
[08/06/2011 13:06:23] - |D| - [835440] - C:\Users\Sylvain\AppData\Roaming\PunkBuster
[11/05/2016 18:23:26] - |A| - [45323840] - C:\Users\Sylvain\AppData\Roaming\QQBrowserModule114.dll
[07/01/2014 20:04:33] - |D| - [16039991] - C:\Users\Sylvain\AppData\Roaming\REAPER
[01/03/2015 13:38:59] - |D| - [3992271] - C:\Users\Sylvain\AppData\Roaming\Research In Motion
[01/03/2015 13:39:00] - |A| - [154] - C:\Users\Sylvain\AppData\Roaming\Rim.Desktop.Exception.log
[01/03/2015 13:31:51] - |A| - [2021] - C:\Users\Sylvain\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
[01/03/2015 13:39:03] - |A| - [154] - C:\Users\Sylvain\AppData\Roaming\Rim.DesktopHelper.Exception.log
[18/09/2014 10:08:04] - |D| - [2304902] - C:\Users\Sylvain\AppData\Roaming\SketchUp
[30/05/2012 20:18:52] - |D| - [9861983] - C:\Users\Sylvain\AppData\Roaming\Skype
[02/09/2014 16:04:11] - |D| - [0] - C:\Users\Sylvain\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[04/05/2015 18:40:21] - |D| - [64] - C:\Users\Sylvain\AppData\Roaming\Steam
[12/09/2014 10:38:39] - |D| - [71] - C:\Users\Sylvain\AppData\Roaming\TechSmith
[06/01/2015 11:29:43] - |D| - [3493720562] - C:\Users\Sylvain\AppData\Roaming\Thunderbird
[11/01/2016 16:13:24] - |D| - [4104981] - C:\Users\Sylvain\AppData\Roaming\Twinmotion3-Pro
[02/12/2011 14:24:03] - |D| - [1696] - C:\Users\Sylvain\AppData\Roaming\Ubisoft
[02/01/2015 18:27:13] - |D| - [459] - C:\Users\Sylvain\AppData\Roaming\Unity
[17/01/2015 17:07:03] - |D| - [4669291] - C:\Users\Sylvain\AppData\Roaming\uTorrent
[04/09/2011 15:20:03] - |D| - [79682] - C:\Users\Sylvain\AppData\Roaming\vlc
[15/03/2014 11:59:54] - |A| - [42] - C:\Users\Sylvain\AppData\Roaming\WB.CFG
[19/01/2013 13:29:10] - |D| - [0] - C:\Users\Sylvain\AppData\Roaming\WindSolutions
[04/11/2012 11:24:15] - |D| - [0] - C:\Users\Sylvain\AppData\Roaming\WinRAR
[26/02/2011 13:17:28] - |ASH| - [174] - C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
[26/02/2011 13:17:12] - |SHD| - [33860] - C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
[26/02/2011 13:17:12] - |RD| - [33860] - C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
[26/02/2011 13:17:12] - |RD| - [14668] - C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[26/02/2011 13:17:28] - |RD| - [174] - C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[26/02/2011 13:17:28] - |ASH| - [718] - C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
[27/08/2011 21:06:59] - |D| - [436] - C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[27/08/2015 11:46:58] - |D| - [1954] - C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hugin
[26/02/2011 13:17:30] - |A| - [1458] - C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[26/02/2011 13:17:12] - |RD| - [580] - C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[10/02/2015 21:35:40] - |D| - [4381] - C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time
[27/08/2011 21:06:52] - |D| - [0] - C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sierra
[26/02/2011 20:22:26] - |A| - [1216] - C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Social Games.lnk
[24/06/2017 09:30:49] - |D| - [0] - C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[26/02/2011 13:17:28] - |RD| - [174] - C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[18/05/2013 13:23:58] - |D| - [8101] - C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
[13/03/2011 15:28:49] - |D| - [0] - C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[04/05/2015 18:40:06] - |D| - [0] - C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\x264vfw
[26/02/2011 13:17:28] - |ASH| - [174] - C:\Users\Sylvain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

---------- | C:\ProgramData

[19/01/2013 12:32:00] - |D| - [7432] - C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[03/12/2015 14:21:11] - |D| - [27148] - C:\ProgramData\6500 Series
[26/02/2011 14:23:53] - |D| - [359483920] - C:\ProgramData\Adobe
[27/11/2011 16:59:23] - |D| - [18795] - C:\ProgramData\Apple
[27/11/2011 17:00:27] - |D| - [357094] - C:\ProgramData\Apple Computer
[14/07/2009 07:08:56] - |SHD| - [36216921397] - C:\ProgramData\Application Data
[26/02/2011 20:54:07] - |D| - [925700862] - C:\ProgramData\Autodesk
[10/09/2014 21:47:00] - |D| - [1822] - C:\ProgramData\Automatic Duck
[05/09/2014 16:49:53] - |D| - [117590678] - C:\ProgramData\AVAST Software
[08/10/2013 20:57:55] - |D| - [123066] - C:\ProgramData\Avira
[26/02/2011 13:17:05] - |SHD| - [12771] - C:\ProgramData\Bureau
[23/09/2015 15:57:44] - |HD| - [2497] - C:\ProgramData\CanonIJScan
[23/09/2015 15:55:06] - |D| - [86518] - C:\ProgramData\CanonIJWSpt
[09/12/2012 12:43:02] - |D| - [25943] - C:\ProgramData\Canon_Inc_IC
[26/02/2011 14:18:14] - |D| - [1284] - C:\ProgramData\DAEMON Tools Lite
[14/07/2009 07:08:56] - |SHD| - [12771] - C:\ProgramData\Desktop
[10/09/2015 10:04:06] - |D| - [30285607] - C:\ProgramData\DIAL GmbH
[08/05/2011 21:28:38] - |D| - [2291905] - C:\ProgramData\DivX
[14/07/2009 07:08:56] - |SHD| - [1929495] - C:\ProgramData\Documents
[16/06/2015 18:08:24] - |D| - [1250158] - C:\ProgramData\Dropbox
[06/03/2015 19:06:40] - |D| - [7432] - C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
[11/09/2011 22:17:16] - |D| - [0] - C:\ProgramData\EA Core
[11/09/2011 22:17:16] - |D| - [18575] - C:\ProgramData\Electronic Arts
[08/02/2014 12:58:49] - |D| - [1075] - C:\ProgramData\Etiam
[18/09/2014 18:44:47] - |D| - [0] - C:\ProgramData\FARO
[26/02/2011 13:17:05] - |SHD| - [0] - C:\ProgramData\Favoris
[14/07/2009 07:08:56] - |SHD| - [0] - C:\ProgramData\Favorites
[26/02/2011 14:32:35] - |D| - [53947] - C:\ProgramData\FLEXnet
[05/04/2011 20:13:24] - |D| - [527270448] - C:\ProgramData\Google
[10/04/2011 12:09:07] - |D| - [75138] - C:\ProgramData\Hewlett-Packard
[26/02/2011 20:25:37] - |D| - [5319] - C:\ProgramData\InstallShield
[16/11/2011 20:46:42] - |D| - [148] - C:\ProgramData\Itoo Software
[11/05/2016 18:32:04] - |D| - [0] - C:\ProgramData\kdesk
[11/05/2016 18:32:03] - |D| - [3382698] - C:\ProgramData\Kingsoft
[03/12/2015 14:31:43] - |A| - [142] - C:\ProgramData\lxdf.log
[21/06/2017 21:25:23] - |D| - [5983744] - C:\ProgramData\M-Audio
[10/05/2011 19:28:39] - |D| - [65294929] - C:\ProgramData\Malwarebytes
[06/01/2015 12:45:23] - |D| - [661186] - C:\ProgramData\McNeel
[26/02/2011 13:17:05] - |SHD| - [341419] - C:\ProgramData\Menu Démarrer
[14/07/2009 05:20:08] - |ASD| - [451688224] - C:\ProgramData\Microsoft
[16/07/2011 14:14:51] - |D| - [16632] - C:\ProgramData\Microsoft Help
[26/02/2011 13:17:05] - |SHD| - [0] - C:\ProgramData\Modèles
[06/01/2015 11:29:34] - |D| - [38203] - C:\ProgramData\Mozilla
[26/02/2011 13:27:03] - |D| - [2398161] - C:\ProgramData\NVIDIA
[26/02/2011 13:26:08] - |D| - [597344346] - C:\ProgramData\NVIDIA Corporation
[11/09/2014 08:24:11] - |D| - [82551925] - C:\ProgramData\Oracle
[26/04/2014 12:20:05] - |D| - [118645] - C:\ProgramData\Orbit
[10/09/2014 21:55:29] - |D| - [2192] - C:\ProgramData\PACE Anti-Piracy
[21/08/2014 20:19:21] - |D| - [28397696] - C:\ProgramData\Package Cache
[29/12/2015 18:23:53] - |D| - [0] - C:\ProgramData\PDF Architect 4
[29/12/2015 18:27:32] - |D| - [283359] - C:\ProgramData\pdfforge
[11/12/2016 19:39:11] - |A| - [1696960] - C:\ProgramData\QQGAMEQCK2205.DLL
[11/12/2016 19:39:15] - |A| - [1389760] - C:\ProgramData\QQGameQCK3708.exe
[30/08/2014 20:28:42] - |D| - [3423] - C:\ProgramData\regid.1986-12.com.adobe
[01/03/2014 14:23:12] - |D| - [366479] - C:\ProgramData\RELOADED
[20/11/2015 12:40:10] - |AD| - [210] - C:\ProgramData\Reprise
[04/09/2014 12:22:24] - |D| - [5543] - C:\ProgramData\RogueKiller
[18/09/2014 10:03:03] - |D| - [9154227] - C:\ProgramData\SketchUp
[30/05/2012 20:18:43] - |D| - [166465536] - C:\ProgramData\Skype
[23/06/2017 22:31:02] - |D| - [154645] - C:\ProgramData\Spybot - Search & Destroy
[14/07/2009 07:08:56] - |SHD| - [341419] - C:\ProgramData\Start Menu
[28/10/2014 18:52:41] - |D| - [13260567] - C:\ProgramData\Steam
[15/09/2012 17:32:07] - |D| - [154] - C:\ProgramData\Sun
[12/09/2014 10:13:43] - |D| - [214] - C:\ProgramData\TechSmith
[14/07/2009 07:08:56] - |SHD| - [0] - C:\ProgramData\Templates
[26/02/2011 20:17:05] - |D| - [325] - C:\ProgramData\Ubisoft
[19/01/2013 13:29:09] - |D| - [12552] - C:\ProgramData\WindSolutions

---------- | C:\ProgramData\Microsoft\Windows\Start Menu

[14/07/2009 07:01:14] - |A| - [1282] - C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
[14/07/2009 06:49:40] - |ASH| - [442] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini
[26/02/2011 13:17:05] - |SHD| - [338429] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes
[14/07/2009 05:20:08] - |RD| - [338429] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs
[14/07/2009 06:49:40] - |A| - [1266] - C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk

---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs

[03/08/2012 21:15:03] - |D| - [2015] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[14/07/2009 05:20:08] - |RD| - [43301] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
[14/07/2009 07:32:38] - |RD| - [21157] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[10/04/2014 20:55:43] - |A| - [2441] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[18/03/2011 21:12:15] - |D| - [25576] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
[13/07/2016 09:49:54] - |A| - [1066] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
[12/07/2016 11:02:48] - |D| - [1969] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
[18/02/2013 23:09:49] - |D| - [951] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[24/06/2017 09:15:10] - |D| - [1961] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[04/12/2011 20:33:42] - |D| - [1190] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF
[26/05/2011 20:53:00] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberMUT
[14/07/2009 06:54:23] - |ASH| - [964] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
[08/05/2011 21:38:26] - |D| - [9293] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[17/10/2014 15:58:36] - |D| - [2708] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
[14/07/2009 07:32:38] - |RD| - [6348] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[05/09/2014 16:51:37] - |A| - [2222] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[05/04/2011 20:13:37] - |D| - [6472] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google SketchUp 7
[11/09/2014 08:24:27] - |D| - [8815] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[28/07/2015 17:52:45] - |D| - [2245] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kerbal Space Program
[03/12/2015 14:20:22] - |D| - [11850] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 6500 Series
[30/09/2015 13:10:13] - |D| - [9616] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.4
[21/06/2017 21:26:17] - |D| - [2004] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M-Audio
[14/07/2009 05:20:08] - |RD| - [4370] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
[04/09/2014 14:22:13] - |D| - [3766] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[26/02/2011 13:13:04] - |A| - [1345] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[30/03/2015 11:28:20] - |D| - [1274] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[16/07/2011 14:17:52] - |D| - [45935] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[20/11/2012 19:42:55] - |D| - [11216] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[29/10/2014 17:43:45] - |D| - [2812] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OCCT
[29/12/2015 18:23:31] - |D| - [7673] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[07/01/2014 20:04:14] - |D| - [9682] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)
[16/07/2011 14:17:53] - |D| - [3181] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[14/07/2009 06:57:08] - |A| - [1330] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[27/08/2011 21:06:52] - |D| - [34065] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
[18/09/2014 10:03:32] - |D| - [6448] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2014
[24/06/2017 09:30:49] - |D| - [3974] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[23/06/2017 22:31:11] - |D| - [11187] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[23/06/2017 22:31:12] - |A| - [1420] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[14/07/2009 05:20:08] - |RD| - [2071] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[09/05/2012 21:52:59] - |D| - [4329] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TRENDnet
[04/09/2011 15:19:38] - |D| - [6924] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[26/02/2011 13:12:53] - |A| - [1326] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[14/07/2009 06:54:59] - |A| - [1210] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[14/07/2009 06:57:06] - |A| - [1547] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[13/03/2011 15:28:49] - |D| - [3137] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[04/05/2015 18:40:07] - |D| - [2797] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\x264vfw
[14/07/2009 06:57:08] - |A| - [1246] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk

---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

[14/07/2009 06:54:23] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
[09/05/2012 21:52:59] - |A| - [1897] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Configuration Utility.lnk

---------- | C:\Program Files (x86)

[03/08/2012 21:15:03] - |D| - [3511045] - C:\Program Files (x86)\7-Zip
[04/12/2011 20:33:41] - |D| - [271938] - C:\Program Files (x86)\Acro Software
[26/02/2011 14:22:04] - |D| - [233715888] - C:\Program Files (x86)\Adobe
[26/02/2011 20:53:51] - |D| - [14310688] - C:\Program Files (x86)\Autodesk
[08/10/2013 20:57:55] - |D| - [0] - C:\Program Files (x86)\Avira
[01/03/2014 14:03:39] - |D| - [764] - C:\Program Files (x86)\Bethesda Softworks
[20/07/2014 16:44:32] - |D| - [1481515] - C:\Program Files (x86)\BioWare
[08/12/2012 22:10:20] - |D| - [100160925] - C:\Program Files (x86)\Canon
[14/07/2009 05:20:08] - |D| - [324828491] - C:\Program Files (x86)\Common Files
[26/05/2011 20:52:58] - |D| - [1263] - C:\Program Files (x86)\CyberMUT
[26/02/2011 14:18:54] - |D| - [17468238] - C:\Program Files (x86)\DAEMON Tools Lite
[14/07/2009 06:54:24] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini
[10/09/2015 11:44:49] - |D| - [1215248] - C:\Program Files (x86)\DIAL GmbH
[08/05/2011 21:30:23] - |D| - [103065228] - C:\Program Files (x86)\DivX
[09/01/2015 18:35:59] - |D| - [9198664] - C:\Program Files (x86)\Double Eleven
[05/04/2011 20:13:24] - |D| - [585424683] - C:\Program Files (x86)\Google
[17/07/2015 09:47:14] - |D| - [0] - C:\Program Files (x86)\GUME4E2.tmp
[26/02/2011 20:24:10] - |HD| - [12220950] - C:\Program Files (x86)\InstallShield Installation Information
[26/02/2011 20:22:35] - |D| - [12998613] - C:\Program Files (x86)\Intel
[14/07/2009 05:20:08] - |D| - [11543385] - C:\Program Files (x86)\Internet Explorer
[16/11/2011 20:45:29] - |D| - [212019010] - C:\Program Files (x86)\Itoo Software
[14/10/2012 14:30:23] - |D| - [23109] - C:\Program Files (x86)\JDownloader
[28/07/2015 17:51:06] - |D| - [1652445161] - C:\Program Files (x86)\Kerbal Space Program
[11/05/2016 18:30:30] - |D| - [111240958] - C:\Program Files (x86)\kingsoft
[03/12/2015 14:20:13] - |D| - [211183] - C:\Program Files (x86)\Lexmark 6500 Series
[30/09/2015 13:09:17] - |D| - [451773956] - C:\Program Files (x86)\LibreOffice 4
[04/09/2014 14:22:10] - |D| - [49239248] - C:\Program Files (x86)\Malwarebytes Anti-Malware
[10/05/2011 19:28:36] - |D| - [0] - C:\Program Files (x86)\Malwarebytes' Anti-Malware
[16/07/2011 14:15:27] - |D| - [39769547] - C:\Program Files (x86)\Microsoft Analysis Services
[30/03/2015 11:28:15] - |D| - [9362570] - C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[16/07/2011 14:14:57] - |D| - [29599908] - C:\Program Files (x86)\Microsoft Office
[16/07/2011 14:16:11] - |D| - [1378033] - C:\Program Files (x86)\Microsoft Visual Studio 8
[16/07/2011 14:16:56] - |D| - [8175999] - C:\Program Files (x86)\Microsoft.NET
[14/10/2012 14:31:10] - |D| - [0] - C:\Program Files (x86)\Mozilla Firefox
[06/01/2015 11:29:33] - |D| - [278068] - C:\Program Files (x86)\Mozilla Maintenance Service
[06/07/2016 17:31:10] - |D| - [13013667] - C:\Program Files (x86)\Mozilla Thunderbird
[14/07/2009 07:32:38] - |D| - [26521] - C:\Program Files (x86)\MSBuild
[02/09/2014 15:22:25] - |D| - [0] - C:\Program Files (x86)\My Company Name
[26/02/2011 13:26:50] - |D| - [245142606] - C:\Program Files (x86)\NVIDIA Corporation
[29/10/2014 17:43:43] - |D| - [11] - C:\Program Files (x86)\OCCTPT
[10/09/2015 12:04:07] - |D| - [320] - C:\Program Files (x86)\Philips Lighting
[11/05/2016 18:22:53] - |D| - [1268634] - C:\Program Files (x86)\QQMailPlugin
[26/02/2011 14:27:21] - |D| - [367104] - C:\Program Files (x86)\QuickTime
[26/02/2011 20:24:10] - |D| - [5494426] - C:\Program Files (x86)\Realtek
[14/07/2009 07:32:38] - |D| - [39175425] - C:\Program Files (x86)\Reference Assemblies
[18/09/2014 10:03:03] - |D| - [205868642] - C:\Program Files (x86)\SketchUp
[30/05/2012 20:18:45] - |RD| - [1926632] - C:\Program Files (x86)\Skype
[28/10/2014 18:27:19] - |D| - [177068612] - C:\Program Files (x86)\Sniper Elite 3
[24/06/2017 09:30:48] - |D| - [5757902] - C:\Program Files (x86)\SpeedFan
[23/06/2017 22:30:59] - |D| - [317310434] - C:\Program Files (x86)\Spybot - Search & Destroy 2
[30/03/2015 14:22:17] - |D| - [35872308] - C:\Program Files (x86)\SQUARE ENIX
[26/02/2011 20:24:10] - |HD| - [0] - C:\Program Files (x86)\Temp
[08/06/2011 12:59:00] - |D| - [70417165] - C:\Program Files (x86)\Ubisoft
[14/07/2009 06:57:06] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information
[10/05/2011 20:58:14] - |D| - [84718031] - C:\Program Files (x86)\VideoLAN
[18/05/2013 13:23:58] - |D| - [26976420] - C:\Program Files (x86)\VirtualDJ
[14/07/2009 07:32:38] - |D| - [524800] - C:\Program Files (x86)\Windows Defender
[14/07/2009 05:20:08] - |D| - [6181376] - C:\Program Files (x86)\Windows Mail
[14/07/2009 07:32:38] - |D| - [5024017] - C:\Program Files (x86)\Windows Media Player
[14/07/2009 05:20:08] - |D| - [12197556] - C:\Program Files (x86)\Windows NT
[14/07/2009 07:32:38] - |D| - [4417800] - C:\Program Files (x86)\Windows Photo Viewer
[14/07/2009 07:32:38] - |D| - [189952] - C:\Program Files (x86)\Windows Portable Devices
[14/07/2009 07:32:38] - |D| - [5994626] - C:\Program Files (x86)\Windows Sidebar
[13/03/2011 15:28:46] - |D| - [2780936] - C:\Program Files (x86)\WinRAR

---------- | C:\Program Files

[03/04/2011 17:22:30] - |D| - [9521542] - C:\Program Files\Adobe
[26/02/2011 20:54:07] - |D| - [2033606854] - C:\Program Files\Autodesk
[05/09/2014 16:50:32] - |D| - [1420210717] - C:\Program Files\AVAST Software
[18/02/2013 23:09:48] - |D| - [13946240] - C:\Program Files\CCleaner
[26/02/2015 16:59:53] - |D| - [253440] - C:\Program Files\Chaos Group
[14/07/2009 05:20:08] - |D| - [596294821] - C:\Program Files\Common Files
[24/06/2017 09:15:10] - |D| - [2973327] - C:\Program Files\CPUID
[14/07/2009 06:54:24] - |ASH| - [174] - C:\Program Files\desktop.ini
[09/05/2012 21:53:30] - |D| - [677952] - C:\Program Files\DIFX
[08/05/2011 21:38:28] - |D| - [5602816] - C:\Program Files\DivX
[14/07/2009 07:32:38] - |D| - [90256916] - C:\Program Files\DVD Maker
[26/02/2011 13:17:05] - |SHD| - [596294821] - C:\Program Files\Fichiers communs
[18/02/2015 14:23:58] - |D| - [492461512] - C:\Program Files\Google
[14/07/2009 05:20:08] - |D| - [30573436] - C:\Program Files\Internet Explorer
[11/09/2014 08:24:07] - |D| - [159923046] - C:\Program Files\Java
[21/06/2017 21:26:02] - |D| - [956134] - C:\Program Files\M-Audio
[16/07/2011 14:15:27] - |D| - [66182091] - C:\Program Files\Microsoft Analysis Services
[14/07/2009 07:32:38] - |D| - [149237810] - C:\Program Files\Microsoft Games
[16/07/2011 14:14:51] - |D| - [1144775895] - C:\Program Files\Microsoft Office
[16/07/2011 14:16:56] - |D| - [2966976] - C:\Program Files\Microsoft SQL Server Compact Edition
[16/07/2011 14:16:56] - |D| - [1014647] - C:\Program Files\Microsoft Sync Framework
[16/07/2011 14:17:11] - |D| - [326800] - C:\Program Files\Microsoft Synchronization Services
[14/07/2009 07:32:38] - |D| - [25757] - C:\Program Files\MSBuild
[26/02/2011 13:24:38] - |D| - [2506841898] - C:\Program Files\NVIDIA Corporation
[29/12/2015 18:23:30] - |D| - [32802246] - C:\Program Files\PDFCreator
[26/02/2011 20:24:39] - |D| - [14642208] - C:\Program Files\Realtek
[07/01/2014 20:04:07] - |D| - [48479495] - C:\Program Files\REAPER (x64)
[14/07/2009 07:32:38] - |D| - [36834473] - C:\Program Files\Reference Assemblies
[09/05/2012 21:52:58] - |D| - [15365008] - C:\Program Files\TRENDnet
[14/07/2009 07:09:26] - |HD| - [0] - C:\Program Files\Uninstall Information
[14/07/2009 07:32:38] - |D| - [4039680] - C:\Program Files\Windows Defender
[14/07/2009 05:20:08] - |D| - [6667776] - C:\Program Files\Windows Mail
[14/07/2009 07:32:38] - |D| - [7687085] - C:\Program Files\Windows Media Player
[14/07/2009 05:20:08] - |D| - [12627636] - C:\Program Files\Windows NT
[14/07/2009 07:32:38] - |D| - [5516056] - C:\Program Files\Windows Photo Viewer
[14/07/2009 07:32:38] - |D| - [244736] - C:\Program Files\Windows Portable Devices
[14/07/2009 07:32:38] - |D| - [7241184] - C:\Program Files\Windows Sidebar

---------- | C:\Program Files (x86)\Common Files

[26/02/2011 14:20:26] - |D| - [81622844] - C:\Program Files (x86)\Common Files\Adobe
[18/03/2011 21:12:53] - |D| - [979580] - C:\Program Files (x86)\Common Files\Autodesk Shared
[04/12/2015 12:30:46] - |D| - [1640512] - C:\Program Files (x86)\Common Files\AV
[08/12/2012 22:07:19] - |D| - [68464] - C:\Program Files (x86)\Common Files\Canon
[09/12/2012 12:43:21] - |D| - [37034] - C:\Program Files (x86)\Common Files\Canon_Inc_IC
[29/10/2011 21:06:37] - |D| - [645632] - C:\Program Files (x86)\Common Files\DESIGNER
[10/09/2015 11:45:16] - |D| - [7371042] - C:\Program Files (x86)\Common Files\DIAL GmbH
[10/09/2015 11:45:23] - |D| - [4520448] - C:\Program Files (x86)\Common Files\DIALux
[21/06/2017 21:26:02] - |D| - [2626365] - C:\Program Files (x86)\Common Files\Digidesign
[08/05/2011 21:38:19] - |D| - [24006656] - C:\Program Files (x86)\Common Files\DivX Shared
[26/02/2011 20:24:05] - |D| - [6750890] - C:\Program Files (x86)\Common Files\InstallShield
[29/10/2014 17:33:45] - |D| - [2150795] - C:\Program Files (x86)\Common Files\Java
[06/01/2015 12:45:35] - |D| - [299952] - C:\Program Files (x86)\Common Files\McNeel Shared
[14/07/2009 05:20:08] - |D| - [132393299] - C:\Program Files (x86)\Common Files\microsoft shared
[26/02/2011 20:23:45] - |D| - [166332] - C:\Program Files (x86)\Common Files\postureAgent
[08/05/2011 21:38:31] - |D| - [4814480] - C:\Program Files (x86)\Common Files\PX Storage Engine
[01/03/2015 13:30:50] - |D| - [2012371] - C:\Program Files (x86)\Common Files\Research In Motion
[14/07/2009 05:20:08] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services
[02/09/2014 15:22:31] - |D| - [379139] - C:\Program Files (x86)\Common Files\Sonic Shared
[14/07/2009 05:20:08] - |D| - [41103783] - C:\Program Files (x86)\Common Files\SpeechEngines
[29/08/2011 20:34:12] - |D| - [411432] - C:\Program Files (x86)\Common Files\Steam
[14/07/2009 05:20:08] - |D| - [10534435] - C:\Program Files (x86)\Common Files\System
[01/03/2015 13:30:50] - |D| - [290304] - C:\Program Files (x86)\Common Files\XCPCSync.OEM

---------- | C:\Program Files\Common files

[03/04/2011 17:16:13] - |D| - [133355612] - C:\Program Files\Common files\Adobe
[18/03/2011 21:15:09] - |D| - [171261330] - C:\Program Files\Common files\Autodesk Shared
[04/12/2015 12:30:46] - |D| - [1640512] - C:\Program Files\Common files\AV
[25/02/2015 20:48:22] - |D| - [251] - C:\Program Files\Common files\ChaosGroup
[02/04/2015 03:11:07] - |D| - [99992] - C:\Program Files\Common files\DESIGNER
[08/02/2012 20:15:09] - |D| - [663312] - C:\Program Files\Common files\logishrd
[18/03/2011 21:15:58] - |D| - [1471596] - C:\Program Files\Common files\Macrovision Shared
[14/07/2009 05:20:08] - |D| - [272253967] - C:\Program Files\Common files\Microsoft Shared
[10/09/2014 21:55:29] - |D| - [18480] - C:\Program Files\Common files\PACE Anti-Piracy
[07/01/2014 20:04:14] - |D| - [2189312] - C:\Program Files\Common files\Propellerhead Software
[14/07/2009 05:20:08] - |D| - [2702] - C:\Program Files\Common files\Services
[14/07/2009 05:20:08] - |D| - [608768] - C:\Program Files\Common files\SpeechEngines
[14/07/2009 05:20:08] - |AD| - [12728987] - C:\Program Files\Common files\System

---------- | Tasks

[MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [14/07/2009 07:08:49] - |AH| - [6] - C:\Windows\Tasks\SA.DAT
[MD5.9E1E70908953F762ABE6FACE9D78F12D] - [14/07/2009 07:08:49] - |A| - [32482] - C:\Windows\Tasks\SCHEDLGU.TXT
[MD5.1ADEB41B91EA8A07A39BFEA5219F8006] - [23/06/2015 14:55:25] - |A| - [4476] - C:\Windows\System32\Tasks\Adobe Acrobat Update Task         :   C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[MD5.00000000000000000000000000000000] - [04/12/2015 12:30:46] - |D| - [3860] - C:\Windows\System32\Tasks\AVAST Software
[MD5.6848984D597A1789C8C272C983D6DCC8] - [05/09/2014 16:51:40] - |A| - [4180] - C:\Windows\System32\Tasks\avast! Emergency Update         :   C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
[MD5.2EF848EC3091840F13484E75DD0ED473] - [18/02/2013 23:09:49] - |A| - [2776] - C:\Windows\System32\Tasks\CCleanerSkipUAC         :   "C:\Program Files\CCleaner\CCleaner.exe"
[MD5.52FE54615ACA97F1C81A3180DDBC8AB5] - [05/09/2014 16:47:54] - |A| - [3372] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore         :   C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.8026CD2AB9412D718DCCD0BC3B0A506F] - [05/09/2014 16:47:55] - |A| - [3500] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA         :   C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.00000000000000000000000000000000] - [14/07/2009 05:20:13] - |D| - [295756] - C:\Windows\System32\Tasks\Microsoft
[MD5.00000000000000000000000000000000] - [16/07/2011 14:18:30] - |D| - [4392] - C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
[MD5.00000000000000000000000000000000] - [23/06/2017 22:31:27] - |D| - [12108] - C:\Windows\System32\Tasks\Safer-Networking
[MD5.B119EEBE39826CF6A58D13D198DF9ABE] - [13/07/2016 09:49:55] - |A| - [3920] - C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1468396191         :   C:\Program Files\AVAST Software\SZBrowser\launcher.exe
[MD5.00000000000000000000000000000000] - [14/07/2009 07:09:57] - |D| - [4484] - C:\Windows\System32\Tasks\WPD
[MD5.0E34B48A14FC26D340C48A147F30E8F1] - [05/09/2014 12:01:50] - |A| - [3160] - C:\Windows\System32\Tasks\{4D21073F-F9D2-48C0-BAA2-FD2B61D75935}         :   C:\Windows\system32\pcalua.exe
[MD5.1F01310913903C06EE45416A13871ECC] - [13/03/2011 22:43:48] - |A| - [3458] - C:\Windows\System32\Tasks\{8F7BB595-E856-41C1-8D2E-F897D6C5D3CB}         :   C:\Windows\system32\pcalua.exe
[MD5.27FAFCC05B709E8610A61D6C3854CCF0] - [16/11/2011 22:20:29] - |A| - [3156] - C:\Windows\System32\Tasks\{ABB20271-B0C9-4437-874F-706654CF579B}         :   C:\Windows\system32\pcalua.exe
[MD5.00000000000000000000000000000000] - [14/07/2009 05:20:14] - |D| - [0] - C:\Windows\Syswow64\Tasks\Microsoft

---------- | Firewall

[HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules]
"Netlogon-NamedPipe-In"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010|
"{988D2D4A-2291-45F2-B278-5B055E655BDE}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|LPort=3703|Name=Adobe Version Cue CS3 Server|
"{EB0BEF10-CC82-4FA7-9A63-0C8EDF82AF27}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|LPort=3704|Name=Adobe Version Cue CS3 Server|
"{0CE30E62-A339-4464-A8A1-255541A4562F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|LPort=50900|Name=Adobe Version Cue CS3 Server|
"{E0621CAC-6681-45B7-9603-93DF164D4409}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|LPort=50901|Name=Adobe Version Cue CS3 Server|
"{8F7F371C-C9AF-4D68-8873-97A1698E0D2D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe|Name=Adobe Version Cue CS3 Server|
"{F70420A2-F7B7-4117-8D90-4F7179D411C3}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe|Name=Adobe Version Cue CS3 Server|
"TCP Query User{61648F83-E78B-429D-96B8-4144802CAADC}C:\program files (x86)\chaos group\v-ray\3dsmax r9 for x86\vrlserver.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\chaos group\v-ray\3dsmax r9 for x86\vrlserver.exe|Name=VRLServer|Desc=VRLServer|Defer=User|
"UDP Query User{AB15FC77-15A8-4995-A5AB-2AC78D675A70}C:\program files (x86)\chaos group\v-ray\3dsmax r9 for x86\vrlserver.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\chaos group\v-ray\3dsmax r9 for x86\vrlserver.exe|Name=VRLServer|Desc=VRLServer|Defer=User|
"{CC7108ED-DA16-4E4B-A1C9-0AEC6763E166}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Autodesk\Backburner\monitor.exe|Name=backburner 2.3 monitor|
"{55B2B63F-9076-4C1F-BDE2-9AAAB29C42D3}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Autodesk\Backburner\monitor.exe|Name=backburner 2.3 monitor|
"{DD50D9A6-1A03-40C1-9D59-40FACA3AC552}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Autodesk\Backburner\manager.exe|Name=backburner 2.3 manager|
"{894BEF89-F1A2-43A2-8EC2-7512C26E0716}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Autodesk\Backburner\manager.exe|Name=backburner 2.3 manager|
"{6046CFBC-8AD9-4ECD-8164-53DDD795A5EB}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Autodesk\Backburner\server.exe|Name=backburner 2.3 server|
"{FC81E3AC-BBF3-4C0C-8D5B-460FB188CB9A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Autodesk\Backburner\server.exe|Name=backburner 2.3 server|
"{4EC6A1AD-A782-4530-BFCE-30B3354AAADD}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Autodesk\3ds Max 2010\3dsmax.exe|Name=Autodesk 3ds Max 2010 32-bit|
"{2BA6F5E1-AAEA-47A4-97B4-01626B0B6F76}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Autodesk\3ds Max 2010\3dsmax.exe|Name=Autodesk 3ds Max 2010 32-bit|
"{B2EBE813-9DE8-4454-87B3-64F4AE55EB5E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe|Name=mental ray satellite server for Autodesk 3ds Max 2010 32-bit|
"{6F4CC5F8-4D41-4281-A37E-90A5A453420B}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe|Name=mental ray satellite server for Autodesk 3ds Max 2010 32-bit|
"{F40CB0FF-356C-4D7D-A835-5947ADD5F403}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32.exe|Name=mental ray satellite for Autodesk 3ds Max 2010 32-bit|
"{15033FDE-C869-4560-BD0C-247D975CB9B3}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32.exe|Name=mental ray satellite for Autodesk 3ds Max 2010 32-bit|
"{33784C67-0AF5-4E45-BAD5-5224CF6E0751}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64.exe|Name=mental ray satellite for Autodesk 3ds Max 2010 64-bit|
"{B25E7171-C3C8-4A64-8F3C-59D418ABDD66}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64.exe|Name=mental ray satellite for Autodesk 3ds Max 2010 64-bit|
"{A76E87DD-5EC8-4522-A43C-CD272A4988EC}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\Autodesk\3ds Max 2010\3dsmax.exe|Name=Autodesk 3ds Max 2010 64-bit|
"{BB20AD7A-78BD-4902-AEC8-82BFF931813F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\Autodesk\3ds Max 2010\3dsmax.exe|Name=Autodesk 3ds Max 2010 64-bit|
"{6C849E3C-7835-40F5-ABC2-9879359C9D88}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe|Name=mental ray satellite server for Autodesk 3ds Max 2010 64-bit|
"{4BFDB0E1-689A-4511-A779-F6B8F46D2BEE}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe|Name=mental ray satellite server for Autodesk 3ds Max 2010 64-bit|
"{D8F2203B-E1CB-4C2D-A43D-5D20496EB61D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|LPort=5353|Name=Adobe CSI CS4|
"{9C93C439-238A-4559-91DE-47376E0D2989}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe|Name=Adobe CSI CS4|
"{A8A8D44B-4B6D-46F6-82ED-2E4F742752AB}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe|Name=Adobe CSI CS4|
"TCP Query User{39F4F1B9-8CC0-4098-8594-2100C4ADCEB8}C:\windows\kmsemulator.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\windows\kmsemulator.exe|Name=KMSEmulator|Desc=KMSEmulator|Defer=User|
"UDP Query User{2EBF731E-2267-401E-A2EA-3615BC20E324}C:\windows\kmsemulator.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\windows\kmsemulator.exe|Name=KMSEmulator|Desc=KMSEmulator|Defer=User|
"TCP Query User{3087934D-6879-4BD9-A477-275B53172A02}C:\program files\chaos group\v-ray\rt for 3ds max 2010 for x64\bin\vray.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files\chaos group\v-ray\rt for 3ds max 2010 for x64\bin\vray.exe|Name=V-Ray Standalone|Desc=V-Ray Standalone|Defer=User|
"UDP Query User{B01BB8D7-FA89-40D0-BFD5-65865F6BAD84}C:\program files\chaos group\v-ray\rt for 3ds max 2010 for x64\bin\vray.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files\chaos group\v-ray\rt for 3ds max 2010 for x64\bin\vray.exe|Name=V-Ray Standalone|Desc=V-Ray Standalone|Defer=User|
"TCP Query User{610D3B81-0436-4D03-844F-5EB3CE5D80B2}C:\users\sylvain\appdata\roaming\spotify\spotify.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\sylvain\appdata\roaming\spotify\spotify.exe|Name=spotify.exe|Desc=spotify.exe|Defer=User|
"UDP Query User{A26FA92F-B721-4567-A2B4-2603C5FDC58C}C:\users\sylvain\appdata\roaming\spotify\spotify.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\sylvain\appdata\roaming\spotify\spotify.exe|Name=spotify.exe|Desc=spotify.exe|Defer=User|
"TCP Query User{6CC5EA78-93E9-4376-8EB7-59A031C6AE15}C:\users\sylvain\appdata\roaming\spotify\spotify.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\sylvain\appdata\roaming\spotify\spotify.exe|Name=spotify.exe|Desc=spotify.exe|
"UDP Query User{A65380F6-96A7-43AC-AABF-B3845A27FC4A}C:\users\sylvain\appdata\roaming\spotify\spotify.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\sylvain\appdata\roaming\spotify\spotify.exe|Name=spotify.exe|Desc=spotify.exe|
"TCP Query User{55C9CFD5-C9B4-44F1-8C10-C20C590D9647}C:\program files (x86)\java\jre7\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\java\jre7\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User|
"UDP Query User{DF7C32DC-3AE8-4DF5-AB6E-2F5635BAF412}C:\program files (x86)\java\jre7\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\java\jre7\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User|
"TCP Query User{114568B6-7445-4A8D-A30E-A043CD77B65B}C:\program files (x86)\xbmc\xbmc.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\xbmc\xbmc.exe|Name=XBMC|Desc=XBMC|Defer=User|
"UDP Query User{7B9FF0BB-D066-451B-A0E6-429748C860C7}C:\program files (x86)\xbmc\xbmc.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\xbmc\xbmc.exe|Name=XBMC|Desc=XBMC|Defer=User|
"TCP Query User{E559226E-B5D3-4E8E-9739-A111F11D9D74}C:\program files (x86)\xbmc\xbmc.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\xbmc\xbmc.exe|Name=XBMC|Desc=XBMC|Defer=User|
"UDP Query User{33F82702-1241-40CC-BBED-A9AECA130E10}C:\program files (x86)\xbmc\xbmc.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\xbmc\xbmc.exe|Name=XBMC|Desc=XBMC|Defer=User|
"{15E7C69D-2C2D-4BC3-9A8C-600BCB238F3A}"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=808|App=C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe|Svc=NetTcpActivator|Name=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2000|Desc=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2001|EmbedCtxt=@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelEvents.dll,-2002|
"TCP Query User{7E8B223B-4EF1-42E8-BD5E-3885D0627ED9}C:\program files (x86)\videolan\vlc\vlc.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\videolan\vlc\vlc.exe|Name=VLC media player|Desc=VLC media player|Edge=TRUE|Defer=App|
"UDP Query User{E384B144-14A0-4CA8-877C-06BDEE749079}C:\program files (x86)\videolan\vlc\vlc.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\videolan\vlc\vlc.exe|Name=VLC media player|Desc=VLC media player|Edge=TRUE|Defer=App|
"{F6EED59C-D258-4986-BC07-51D14098B1BB}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=80|App=C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe|Name=NVIDIA Network Service TCP Exception (HTTP)|Desc=TCP exceptions for NVIDIA Network Service|
"{42F638D8-982F-4752-AD82-D14A37868D33}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=443|App=C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe|Name=NVIDIA Network Service TCP Exception (HTTPS)|Desc=TCP exceptions for NVIDIA Network Service|
"{06442EDA-55E0-4A83-9FBD-6CD08FF9C375}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=47984|LPort=47987|LPort=47988|LPort=47989|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe|Name=SHIELD Streaming Service TCP Exception|Desc=TCP exceptions for SHIELD Streaming service|
"{F20EFFFE-EEEC-48C1-8641-D90106EEA781}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|LPort=47998|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe|Name=SHIELD Streaming Service UDP Exception|Desc=UDP exceptions for SHIELD Streaming service|
"{ACD18696-C732-4DA6-BB8E-864C5581776C}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=47991|LPort=47995|LPort=47996|LPort=47998|LPort=35043|LPort=48010|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe|Name=SHIELD Streaming Application TCP Exception|Desc=TCP exceptions for SHIELD Streaming|
"{3D24683C-CBF0-4837-B023-A2BC9F89DD92}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=48000|LPort=47999|LPort=47998|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe|Name=SHIELD Streaming Application UDP Exception|Desc=UDP exceptions for SHIELD Streaming|
"TCP Query User{1F9D8E75-0A26-4EE5-88EC-665324A20032}C:\program files (x86)\kodi\kodi.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\kodi\kodi.exe|Name=Kodi|Desc=Kodi|Defer=User|
"UDP Query User{37BCA378-1716-4BED-B048-B5446F81220B}C:\program files (x86)\kodi\kodi.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\kodi\kodi.exe|Name=Kodi|Desc=Kodi|Defer=User|
"{3CD58D31-5513-40BF-B9CB-90FF88E8F83E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe|Name=mental ray satellite server for Autodesk 3ds Max 2014|
"{091CA990-2205-44A3-A17B-D9DBA2D740B9}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe|Name=mental ray satellite server for Autodesk 3ds Max 2014|
"{74DAE026-140E-47FF-ADD6-B099D8FEAF2F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64.exe|Name=mental ray satellite for Autodesk 3ds Max 2014|
"{D3EFD87F-7DD5-4D84-85CC-B73490FCBD54}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64.exe|Name=mental ray satellite for Autodesk 3ds Max 2014|
"{6637A69C-53C8-46B0-821C-1D2922271014}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Autodesk\Backburner\monitor.exe|Name=backburner 2.3 monitor|
"{3011D5DB-7880-4EDE-8A97-EF537A99C47E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Autodesk\Backburner\monitor.exe|Name=backburner 2.3 monitor|
"{25916322-ED62-41FF-A7C1-06099E9782BA}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Autodesk\Backburner\manager.exe|Name=backburner 2.3 manager|
"{981B6288-DDF5-4678-A6BB-9BBEF001CA91}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Autodesk\Backburner\manager.exe|Name=backburner 2.3 manager|
"{441144EC-CAC2-4DD1-AE12-EE4B642AEB65}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Autodesk\Backburner\server.exe|Name=backburner 2.3 server|
"{63543572-9A59-4CCF-9155-CCDA5417C2BD}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Autodesk\Backburner\server.exe|Name=backburner 2.3 server|
"TCP Query User{55740E06-6F0F-4F89-AAC8-9D1FF61A20C1}C:\program files\autodesk\3ds max 2014\3dsmax.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files\autodesk\3ds max 2014\3dsmax.exe|Name=3ds Max application|Desc=3ds Max application|Defer=User|
"UDP Query User{CE88F9BA-F46B-456C-AAB7-13889CE94216}C:\program files\autodesk\3ds max 2014\3dsmax.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files\autodesk\3ds max 2014\3dsmax.exe|Name=3ds Max application|Desc=3ds Max application|Defer=User|
"TCP Query User{6CCCDB29-880E-462A-8619-07486AA8ABC4}C:\program files\chaos group\v-ray\rt for 3ds max 2014 for x64\bin\vray.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files\chaos group\v-ray\rt for 3ds max 2014 for x64\bin\vray.exe|Name=V-Ray Standalone|Desc=V-Ray Standalone|Defer=User|
"UDP Query User{8470DB8F-750D-49D0-BADE-C40BDB194F03}C:\program files\chaos group\v-ray\rt for 3ds max 2014 for x64\bin\vray.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files\chaos group\v-ray\rt for 3ds max 2014 for x64\bin\vray.exe|Name=V-Ray Standalone|Desc=V-Ray Standalone|Defer=User|
"{1D5A10C2-9627-45BE-A038-F0C1B7EED455}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe|Name=BlackBerry Desktop Software|
"{6C7109A7-CE49-4644-A1F7-75F1F279B69C}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe|Name=BlackBerry Desktop Software|
"{39F94462-2AE7-45EE-848B-51789232630D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=4481|RA4=LocalSubnet|RA6=LocalSubnet|Name=BlackBerry Desktop Software Wireless Music Sync data transfer|
"{CE19636F-D6F2-4261-AD7E-BFF11A1C5FFC}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|LPort=4481|RA4=LocalSubnet|RA6=LocalSubnet|Name=BlackBerry Desktop Software Wireless Music Sync discovery|
"{63727787-B32E-4D2D-9DF8-EDE30E714797}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=4482|RA4=LocalSubnet|RA6=LocalSubnet|Name=BlackBerry Desktop Software Wireless Music Sync data transfer|
"{6E638CD2-0CAA-4E60-95CD-83BA6B4431F3}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|LPort=4482|RA4=LocalSubnet|RA6=LocalSubnet|Name=BlackBerry Desktop Software Wireless Music Sync discovery|
"{3D041A5E-7624-41A2-9D97-B68F53C5FCA8}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour|
"{E0EC5692-B327-4215-9E9A-C164FEE5D6EF}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour|
"{34679366-1221-42D9-9266-4BFC02B19DF7}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour|
"{39EC679E-758C-416D-8EEB-15A598954B4F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour|
"TCP Query User{495DC995-F6D8-44EE-9E76-808F2D5CF2FA}C:\program files (x86)\batman arkham city\binaries\win32\batmanac.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\batman arkham city\binaries\win32\batmanac.exe|Name=Batman: Arkham City|Desc=Batman: Arkham City|
"UDP Query User{686917DA-22BE-47D3-A664-750BFC5167A3}C:\program files (x86)\batman arkham city\binaries\win32\batmanac.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\batman arkham city\binaries\win32\batmanac.exe|Name=Batman: Arkham City|Desc=Batman: Arkham City|
"{39B042AE-DB9C-43A1-9F45-34E6161C5453}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\Sylvain\AppData\Roaming\Dropbox\bin\Dropbox.exe|Name=Dropbox|
"{60510D1C-0F10-4566-A90B-C48545FA0C2C}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\Sylvain\AppData\Roaming\Dropbox\bin\Dropbox.exe|Name=Dropbox|
"TCP Query User{8F5214C2-EAA0-4A7A-9713-C8657E054B22}C:\users\sylvain\appdata\roaming\dropbox\bin\dropbox.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\sylvain\appdata\roaming\dropbox\bin\dropbox.exe|Name=dropbox.exe|Desc=dropbox.exe|
"UDP Query User{40C4020C-AD73-4F62-97C5-5666F79BA70B}C:\users\sylvain\appdata\roaming\dropbox\bin\dropbox.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\sylvain\appdata\roaming\dropbox\bin\dropbox.exe|Name=dropbox.exe|Desc=dropbox.exe|
"TCP Query User{6D7BEE31-EA04-4CF7-B53B-04F021002F4D}C:\program files\autodesk\3ds max 2014\3dsmax.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\autodesk\3ds max 2014\3dsmax.exe|Name=3ds Max application|Desc=3ds Max application|Defer=User|
"UDP Query User{58F4661B-E4F2-4263-8D7A-6B8706610D0F}C:\program files\autodesk\3ds max 2014\3dsmax.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\autodesk\3ds max 2014\3dsmax.exe|Name=3ds Max application|Desc=3ds Max application|Defer=User|
"TCP Query User{FA776109-1E30-48D9-980B-D5585EE59A9E}C:\program files\chaos group\v-ray\rt for 3ds max 2014 for x64\bin\vray.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\chaos group\v-ray\rt for 3ds max 2014 for x64\bin\vray.exe|Name=V-Ray Standalone|Desc=V-Ray Standalone|Defer=User|
"UDP Query User{D227AF02-D09C-433E-B6C7-A32A8908E305}C:\program files\chaos group\v-ray\rt for 3ds max 2014 for x64\bin\vray.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\chaos group\v-ray\rt for 3ds max 2014 for x64\bin\vray.exe|Name=V-Ray Standalone|Desc=V-Ray Standalone|Defer=User|
"{684B421A-5096-466E-8D4C-A26F2E1C4B1A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Windows\SysWOW64\lxdfcoms.exe|Name=6500 Series Server|
"{9451C063-E633-421C-9888-A8149607C7B5}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Windows\SysWOW64\lxdfcoms.exe|Name=6500 Series Server|
"{36756454-DA36-42A9-8256-31D9B841E62B}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86) (x86)\Lexmark 6500 Series\lxdfmon.exe|Name=Printer Device Monitor|
"{30DA5553-40D2-47ED-A9A8-B5E8AFA11ECB}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86) (x86)\Lexmark 6500 Series\lxdfmon.exe|Name=Printer Device Monitor|
"{F6AA579E-3E83-491F-AA30-2E39491C5CAC}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86) (x86)\Lexmark 6500 Series\Wireless\lxdfwpss.exe|Name= |
"{22D7D74F-2D2A-473B-9C4D-D5B16D5C066A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86) (x86)\Lexmark 6500 Series\Wireless\lxdfwpss.exe|Name= |
"{C546C685-9F8F-491E-82CD-081CCD788C1D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86) (x86)\Lexmark 6500 Series\lxdfamon.exe|Name=Lexmark Device Monitor|
"{E23B00EE-7CF6-481C-A569-263577E9DBD8}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86) (x86)\Lexmark 6500 Series\lxdfamon.exe|Name=Lexmark Device Monitor|
"{033C69A4-0A1D-478D-88CE-E6E70C395FE2}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86) (x86)\Lexmark 6500 Series\frun.exe|Name=Lexmark Productivity Studio|
"{7D113A62-8B01-4181-81FB-E79706AD44FD}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86) (x86)\Lexmark 6500 Series\frun.exe|Name=Lexmark Productivity Studio|
"{4F21F711-173F-4693-9B97-C573D520E602}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86) (x86)\Lexmark 6500 Series\LXDFFax.exe|Name=Fax software|
"{DC0218EC-A64A-4C29-96FA-109EB91198A9}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86) (x86)\Lexmark 6500 Series\LXDFFax.exe|Name=Fax software|
"{273DDC37-750C-4EB6-86BD-D190C805A62D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\Sylvain\AppData\Roaming\Tencent\QQ\STemp\SetupEx0\QQSetupEx.exe|Name=QQSetupEX|
"{767E2099-CA72-4705-915B-FF14E09F6C4C}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe|Name=??QQ|
"{2864AD8E-90CC-4203-8FBD-A10D005D0EDB}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Tencent\QQ\Bin\auclt.exe|Name=QQUpdate|
"{D5B275A9-FE1D-47F9-A1DB-17D4D184DCAA}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Tencent\QQ\Bin\txupd.exe|Name=QQUpdate2011|
"{EF36FAFE-92D4-4287-96BE-82BAD9AF0171}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Tencent\QQ\Bin\SetupEx\SetupEx.exe|Name=SetupEX|
"{539479EB-6673-4E67-B3D4-FC786BF7D6AE}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Tencent\QQ\Bin\maLauncher.exe|Name=maLauncher|
"{D8C57035-FDBD-4BA8-B329-0EBC12DA889C}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Tencent\QQ\Bin\maUpdat.exe|Name=maUpdat|
"{4065EDCA-4B93-4DC1-9578-A82C750EDBB5}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\program files (x86)\common files\tencent\qqdownload\131\tencentdl.exe|Name=????????|Desc=C:\program files (x86)\common files\tencent\qqdownload\131\tencentdl.exe|
"{EAAC632B-A990-42AB-B25A-9D82256A09FC}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\program files (x86)\common files\tencent\qqdownload\131\bugreport_xf.exe|Name=????????Crash??|Desc=C:\program files (x86)\common files\tencent\qqdownload\131\bugreport_xf.exe|
"{3AEA4586-E04F-4449-A0AD-3723AACFE822}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Windows\system32\config\systemprofile\AppData\Roaming\WIN10CHECK0106.EXE|Name=???????|
"{E5AB064E-57A3-40F3-883A-01BD503981CA}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMusic\QzoneMusic\QzoneMusic.exe|Name=QzoneMusic|
"{BDA58987-F24F-4E09-8EA4-C7C7CCC9C523}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMusic\QzoneMusic\QzoneMusic.exe|Name=QzoneMusic|
"{916249EB-54CD-4BE1-B057-57FC39A10D78}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\program files (x86)\common files\tencent\qqminidl\60\QQGameUpUI.exe|Name=QQ??????|Desc=C:\program files (x86)\common files\tencent\qqminidl\60\QQGameUpUI.exe|
"{A4E54808-9F3E-4BBA-ADD5-A1EFF973616B}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\program files (x86)\common files\tencent\qqminidl\60\qqminidl.exe|Name=QQ??????|Desc=C:\program files (x86)\common files\tencent\qqminidl\60\qqminidl.exe|
"{5335D20A-2742-48AB-94EA-78160626AECC}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\program files (x86)\common files\tencent\qqminidl\60\QQMiniDLUI.exe|Name=QQ??????|Desc=C:\program files (x86)\common files\tencent\qqminidl\60\QQMiniDLUI.exe|
"{3D46EE05-FBF0-43FB-BE36-6EAFAF553697}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Tencent\QQMusic\QQMusicInstall\QQMusicMMInstaller.exe|Name=QQMusicMMInstaller|
"{F873CBC5-6993-4AF7-8EA6-191A2E4E4031}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Tencent\QQMusic\QQMusic1257.18.23.45\QQMusicExternal.exe|Name=QQMusicExternal|
"{A3C5253B-4344-4D51-93DA-B78467BD961C}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Tencent\QQMusic\QQMusic1257.18.23.45\moleplugin\tadb.exe|Name=tadb|
"{28FD1585-EEA6-459F-BEAE-F6E3DE5E2EEF}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Tencent\QQMusic\QQMusic1257.18.23.45\QQMusicIE.exe|Name=QQMusicIE|
"{8195E169-7FE6-46CE-B7D8-136D1F837A5B}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Tencent\QQMusic\QQMusic1257.18.23.45\QQMusic.exe|Name=QQMusic|
"{8F032851-B331-41E7-94B4-F4C8492F8D8C}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Common Files\Tencent\QQMusic\QQMusicService.exe|Name=QQMusicService|
"{A1D8016A-02E6-476B-BF9B-B55DAAE53F4A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Tencent\QQMusic\QQMusic1257.18.23.45\QQMusicUp.exe|Name=QQMusicUp|
"{81E6375D-B88F-440D-8709-1A5F7440980D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Tencent\QQMusicHelper\QQMusicHelper1254.18.24.18\QQMusicDownloader.exe|Name=QQMusicDownloader|
"{3A1091AC-BE63-4616-806A-7D34DC7FC462}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\Sylvain\AppData\Local\Temp\Tencent\MiniQQGameDownloader.1.0.0.6\QQGameDownload.exe|Name=QQÓÎÏ·ÏÂÔØÆ÷|
"{B947BBAC-AA88-40CF-B42B-27FB4018F9A7}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\Sylvain\AppData\Local\Temp\Tencent\MiniQQGameDownloader.1.0.0.6\QQGameDownload.exe|Name=QQÓÎÏ·ÏÂÔØÆ÷|
"{8852FD50-DDFF-4D23-A6B4-4E8035B770F2}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Tencent\QQPhoneManager\QQPhoneManager.exe|Name=Tencent Phone Manager|
"{241D770D-85BC-49BB-AD4F-F2A91A59408A}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Tencent\QQPhoneManager\QQPhoneManager.exe|Name=Tencent Phone Manager|
"{2E049C2D-73CE-4AB6-910F-8D5D1FFD216C}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMicroGameBoxService\1.0.0.1\QQMicroGameBoxService.exe|Name=??????????|
"{4CE4CDDC-46A6-4382-A656-2B9F7C81F574}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMicroGameBoxService\1.0.0.1\QQMicroGameBoxService.exe|Name=??????????|
"{F54060AB-095F-48F4-86D4-E585E1C59784}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMicroGameBoxService\1.0.0.1\QQMicroGameBoxServiceUpdate.exe|Name=????????????|
"{E5DFE52B-65CD-4F84-BD20-5946A4416771}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMicroGameBoxService\1.0.0.1\QQMicroGameBoxServiceUpdate.exe|Name=????????????|
"{1BDEE139-4DE9-41A4-9648-FEE574E90ED4}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMicroGameBoxService\1.0.0.1\QQMGBWebserver.exe|Name=?????????|
"{1FAF6C25-688D-4EC1-B442-C798B4218492}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMicroGameBoxService\1.0.0.1\QQMGBWebserver.exe|Name=?????????|
"{1FFDEDB0-FBCF-442D-A85D-B6EA5CCA35C0}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\Tencent\QQGame\QQGame.exe|Name=QQ??|
"{14F31CBA-1DBA-48D1-B961-CE588CE68EA2}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\Tencent\QQGame\QQGame.exe|Name=QQ??|
"{47D037FE-6DA8-43CB-8584-081A8DEE9119}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\Tencent\QQGame\QQGameHall.exe|Name=QQ??|
"{4A5ADE31-B36A-46C4-8145-990D54E70989}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\Tencent\QQGame\QQGameHall.exe|Name=QQ??|
"{CAADC46A-93A5-452C-A9E1-3C989C48EF15}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\Tencent\QQGame\QQGameLogic.exe|Name=QQ??|
"{85C16D95-F856-4C2D-9B01-E839430D3AA5}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\Tencent\QQGame\QQGameLogic.exe|Name=QQ??|
"{918D57E2-6C56-43E2-A357-DCD3DE08EAED}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\Tencent\QQGame\QQGameDl.exe|Name=QQ??|
"{EF1BFAC5-D5BB-4D79-A65D-470900F9189B}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\Tencent\QQGame\QQGameDl.exe|Name=QQ??|
"{3A0449EE-2453-4ACA-BE9B-FFD6969FF40E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\Tencent\QQGame\video\QQGameNet.exe|Name=QQ??|
"{1C619763-342C-4607-B4C6-CCBCC1A53071}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\Tencent\QQGame\video\QQGameNet.exe|Name=QQ??|
"{081F6C2B-83FD-4587-8825-E9FBB36428C9}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMicroGameBoxService\1.0.4.8\QQMicroGameBoxService.exe|Name=??????????|
"{709249F1-8F45-49A9-A71B-710185A2CC0B}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMicroGameBoxService\1.0.4.8\QQMicroGameBoxService.exe|Name=??????????|
"{58128604-9EB1-444F-8E67-1488ABD1F694}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMicroGameBoxService\1.0.4.8\QQMicroGameBoxServiceUpdate.exe|Name=????????????|
"{8FD71D53-299D-4F3D-B6BB-213D75BD9842}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMicroGameBoxService\1.0.4.8\QQMicroGameBoxServiceUpdate.exe|Name=????????????|
"{2C614A8A-9DF3-4F48-80CC-87783E167D46}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMicroGameBoxService\1.0.4.8\QQMGBWebserver.exe|Name=?????????|
"{C2742C92-D6BD-4429-AF4E-91B1A190A988}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMicroGameBoxService\1.0.4.8\QQMGBWebserver.exe|Name=?????????|
"{0E87D9CC-E7F7-4EF3-A2FE-48E0261393A2}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMicroGameBoxService\1.0.4.9\QQMicroGameBoxService.exe|Name=??????????|
"{3F704C11-EED7-45FC-8684-4196BAD1BE99}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMicroGameBoxService\1.0.4.9\QQMicroGameBoxService.exe|Name=??????????|
"{B08A60C7-0B8C-482C-A175-0FDC5089EDE4}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMicroGameBoxService\1.0.4.9\QQMicroGameBoxServiceUpdate.exe|Name=????????????|
"{1952C145-2D87-4986-9092-6421325B2A02}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMicroGameBoxService\1.0.4.9\QQMicroGameBoxServiceUpdate.exe|Name=????????????|
"{740D2CDA-69A0-4354-967B-4727FB8302D5}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMicroGameBoxService\1.0.4.9\QQMGBWebserver.exe|Name=?????????|
"{58231BBF-B4CC-4127-8209-177816248713}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMicroGameBoxService\1.0.4.9\QQMGBWebserver.exe|Name=?????????|
"{641E274D-2018-423D-944E-8BC627BED98E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\KeyShot6\bin\keyshot_daemon.exe|Name=KeyShot 6 Daemon|
"TCP Query User{AE8B761C-D945-4D75-A0D5-091E17014096}C:\program files (x86)\worms clan wars\wormsclanwars.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\worms clan wars\wormsclanwars.exe|Name=WormsClanWars|Desc=WormsClanWars|Defer=User|
"UDP Query User{0330A474-8843-4244-BCA1-A841FAD0892D}C:\program files (x86)\worms clan wars\wormsclanwars.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\worms clan wars\wormsclanwars.exe|Name=WormsClanWars|Desc=WormsClanWars|Defer=User|
"{7743C3EA-7E35-4A57-AB74-996D96CF7816}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMicroGameBoxService\1.0.5.1\QQMicroGameBoxService.exe|Name=??????????|
"{FE2770BB-ECB6-4B67-93F9-FD9B742061F3}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMicroGameBoxService\1.0.5.1\QQMicroGameBoxService.exe|Name=??????????|
"{935F7E31-F0F7-4510-8F2A-02C674698071}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMicroGameBoxService\1.0.5.1\QQMicroGameBoxServiceUpdate.exe|Name=????????????|
"{5E5DEEDF-74B5-4F99-88A8-79F26F5DE28B}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMicroGameBoxService\1.0.5.1\QQMicroGameBoxServiceUpdate.exe|Name=????????????|
"{00B0032C-6483-42AB-8C3A-B1162FA4D4F9}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMicroGameBoxService\1.0.5.1\QQMGBWebserver.exe|Name=?????????|
"{7BA18FD4-66DA-47EA-BF3E-342F8D7C1A0F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMicroGameBoxService\1.0.5.1\QQMGBWebserver.exe|Name=?????????|
"{C30A6ABD-6DA3-4398-B25A-12173D60BC6D}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMicroGameBoxService\1.0.5.2\QQMicroGameBoxService.exe|Name=??????????|
"{0F9F34CE-F7F9-49F1-BC7C-6CE1A3C365D2}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMicroGameBoxService\1.0.5.2\QQMicroGameBoxService.exe|Name=??????????|
"{62307DB9-A709-4AC3-8AC9-304988CFDBF1}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMicroGameBoxService\1.0.5.2\QQMicroGameBoxServiceUpdate.exe|Name=????????????|
"{FB89858A-D79D-4CD1-9913-F68A0BB3A237}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMicroGameBoxService\1.0.5.2\QQMicroGameBoxServiceUpdate.exe|Name=????????????|
"{06B1A5E9-D615-4393-B405-83D37D0793FA}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMicroGameBoxService\1.0.5.2\QQMGBWebserver.exe|Name=?????????|
"{8D6395A5-4EF3-4B50-A682-1E308B7EB67F}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Tencent\QQMicroGameBoxService\1.0.5.2\QQMGBWebserver.exe|Name=?????????|
"{F1250DF5-698E-421F-9808-A6B040200C1E}"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome|

[HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service




---------- | Control\Class

[HKLM\SYSTEM\CurrentControlSet\Control\Class\{03F52937-1FD6-44FB-82C6-FE988F1B1D61}] : (aswSP) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{0475BB51-5A02-4EE0-B36C-29040FAD2650}] : (nvlddmkm) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{04A83FC2-2AE2-4C88-B45F-E9707B377636}] : (aswHwid) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{17FDD8F0-53DF-406F-8287-8C38F6FC9BCC}] : (RIMUSBBB) [] -> BlackBerry
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{24A0C840-2C3D-4410-8236-8B40816C7B90}] : (aswVmm) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{25DBCE51-6C8F-4A72-8A6D-B54C2B4FC835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4116F60B-25B3-4662-B732-99A6111EDC0B}] : (IPMIDRV) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675D81-502A-4A82-9F84-B75F418C5DEA}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658EE7E-F050-11D1-B6BD-00C04FA372A7}] : (PnpPrinters) [] -> @%systemroot%\system32\ntprint.dll,-1300
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721B56-6795-11D2-B1A8-0080C72E74A2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{49CE6AC8-6F86-11D2-B1E5-0080C72E74A2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E966-E325-11CE-BFC1-08002BE10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}] : (Display) [] -> @DispCI.dll,-3100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}] : (MEDIA) [] -> @mmci.dll,-3000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}] : (Monitor) [] -> @Montr_CI.dll,-3100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E970-E325-11CE-BFC1-08002BE10318}] : (MTD) [] -> @SysClass.Dll,-3021
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E971-E325-11CE-BFC1-08002BE10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}] : (Net) [] -> @NetCfgx.dll,-1502
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E973-E325-11CE-BFC1-08002BE10318}] : (NetClient) [] -> @NetCfgx.dll,-1504
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E974-E325-11CE-BFC1-08002BE10318}] : (NetService) [] -> @NetCfgx.dll,-1505
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E975-E325-11CE-BFC1-08002BE10318}] : (NetTrans) [] -> @NetCfgx.dll,-1503
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E977-E325-11CE-BFC1-08002BE10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E978-E325-11CE-BFC1-08002BE10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E979-E325-11CE-BFC1-08002BE10318}] : (Printer) [] -> @%systemroot%\system32\ntprint.dll,-1004
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97E-E325-11CE-BFC1-08002BE10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127DC3-0F36-415E-A6CC-4CB3BE910B65}] : (Processor) [] -> @%SystemRoot%\system32\procinst.dll,-100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906CB8-BA12-11D1-BF5D-0000F805F530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944A-F6B9-4057-A056-8C550228544C}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] : (SmartCardReader) [] -> @StorProp.dll,-17002
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175D334-C371-4806-B3BA-71FD53C9258D}] : (Sensor) [] -> @%systemroot%\system32\SensorsCpl.dll,-10000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{522119B9-1B9A-498A-AC52-148B533EFD50}] : (aswSP) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53D29EF7-377C-4D14-864B-EB3A85769359}] : (BiometricDevice) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{59F44B03-CCD2-460B-ACD8-53CBF375D174}] : (GEARAspiWDM) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC5-810F-11D0-BEC7-08002BE2092F}] : (Infrared) [] -> @NetCfgx.dll,-1501
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC6-810F-11D0-BEC7-08002BE2092F}] : (Image) [] -> @%systemroot%\system32\sti_ci.dll,-52
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6D807884-7D21-11CF-801C-08002BE10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (nvlddmkm) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631E54-78A4-11D0-BCF7-00AA00B7B32A}] : (Battery) [] -> @%SystemRoot%\system32\batt.dll,-100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : (HIDClass) [] -> @hid.dll,-101
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{7EBEFBC0-3200-11D2-B4C2-00A0C9697D07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{8496E87E-C0A1-4102-9D8D-BD9A9B8B07A9}] : (WDC_SAM) [] -> @oem40.inf,%WDC_SAM_ClassName%;WD Drive Management devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{87C077B2-3D3B-4156-938A-EA51B451D6C6}] : (aswSP) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{8AE85550-832C-4A9B-81BB-2A49DBEE72B4}] : (aswRvrt) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ECC055D-047F-11D1-A537-0000F8753ED1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{990A2BD7-E738-46C7-B26F-1CF8FB9F1391}] : (SmartCard) [] -> @sccls.dll,-300
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{997B5D8D-C442-4F2E-BAF3-9C8E671E9E21}] : (SideShow) [] -> @%systemroot%\system32\AuxiliaryDisplayClassInstaller.dll,-10000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{9D3039DD-CCA5-4B4D-B33D-E2DDC8A8C52E}] : (dtsoftbus01) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{A73C93F1-9727-4D1D-ACE1-0E333BA4E7DB}] : (nvlddmkm) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{BC103702-DD72-406F-9B28-95C868337B59}] : (Transfer Cable) [] -> @%SystemRoot%\System32\migwiz\migres.dll,-20
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{C06FF265-AE09-48F0-812C-16753D7CBA83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{C4A06E97-ED42-47B9-83E1-F12299B286A5}] : (aswRdr) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{CE5939AE-EBDE-11D0-B181-0000F8753EC4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{D61CA365-5AF4-4486-998B-9DB4734C6CA3}] : (XnaComposite) [] -> @%SystemRoot%\system32\XInput9_1_0.dll,-1000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{DB4F6DDD-9C0E-45E4-9597-78DBBAD0F412}] : (SmartCardFilter) [] -> @sccls.dll,-301
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{E0CBF06C-CD8B-4647-BB8A-263B43F0F974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEC5AD98-8080-425F-922A-DABF3DE3F69A}] : (WPD) [] -> @wpd_ci.dll,-101
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{FB58BE68-EA9E-4803-847F-2CE814E7B159}] : (aswSP) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.)
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.)
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.)

---------- | Loaded modules (whitelist)

[02/09/2014 15:22:31] - (3.0.96.0) - (Rovi Corporation - Px Engine Device Driver for 64-bit Windows) - C:\Windows\System32\Drivers\PxHlpa64.sys
[18/03/2011 18:08:56] - (2.1.7.0) - (Almico Software - SpeedFan x64 Driver) - C:\Windows\SysWOW64\speedfan.sys
[26/02/2011 14:18:58] - (4.40.2.210) - (DT Soft Ltd - DAEMON Tools Virtual Bus Driver) - C:\Windows\system32\DRIVERS\dtsoftbus01.sys
[23/04/2015 17:39:03] - (9.18.13.5012) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 350.12) - C:\Windows\system32\DRIVERS\nvlddmkm.sys
[29/10/2014 13:39:57] - (1.2.25.0) - (NVIDIA Corporation - NVIDIA Virtual Audio Driver) - C:\Windows\system32\drivers\nvvad64v.sys
[23/04/2015 17:39:04] - (1.3.33.0) - (NVIDIA Corporation - NVIDIA HDMI Audio Driver) - C:\Windows\system32\drivers\nvhda64v.sys
[15/06/2016 17:00:12] - (5.1.2.248) - (Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver) - C:\Windows\System32\ATMFD.DLL
[27/06/2008 07:51:10] - (1.0.0.0) - (Adobe Systems, Inc. - Adobe Drive File System Driver) - C:\Windows\System32\Drivers\adfs.SYS
[29/10/2014 13:43:26] - (1.0.0.0) - (NVIDIA Corporation - Nvidia Streaming Kernel Service) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
[23/04/2015 17:39:03] - (9.18.13.5012) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 350.12) - C:\Windows\System32\drivers\nvlddmkm.sys
[23/04/2015 17:39:04] - (1.3.33.0) - (NVIDIA Corporation - NVIDIA HDMI Audio Driver) - C:\Windows\System32\drivers\nvhda64v.sys

---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service

R0 - [Kernel Driver] - ACPI (Pilote ACPI Microsoft) -> system32\DRIVERS\ACPI.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - amdxata () -> system32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - aswRvrt (avast! Revert) -> (?) - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - aswVmm (avast! VM Monitor) -> (?) - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - atapi (Canal IDE) -> system32\drivers\atapi.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\clfs.sys,-100) -> System32\CLFS.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - Disk (Pilote de disque) -> system32\drivers\disk.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> system32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - msisadrv () -> system32\DRIVERS\msisadrv.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - pci (Pilote de bus PCI) -> system32\DRIVERS\pci.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - pciide () -> system32\drivers\pciide.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - PxHlpa64 (PxHlpa64) -> System32\Drivers\PxHlpa64.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - spldr (Security Processor Loader Driver) -> (?) - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - storflt (@%SystemRoot%\system32\vmstorfltres.dll,-1000) -> system32\DRIVERS\vmstorfl.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - vdrvroot (Pilote d’énumérateur de lecteur virtuel Microsoft) -> system32\DRIVERS\vdrvroot.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volmgr (Pilote du Gestionnaire de volume) -> system32\DRIVERS\volmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volsnap (Volumes de stockage) -> system32\DRIVERS\volsnap.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - aswKbd (aswKbd) -> \SystemRoot\system32\drivers\aswKbd.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - aswRdr (aswRdr) -> \SystemRoot\system32\drivers\aswRdr2.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - aswSnx (aswSnx) -> \SystemRoot\system32\drivers\aswSnx.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - aswSP (aswSP) -> \SystemRoot\system32\drivers\aswSP.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - blbdrive () -> system32\DRIVERS\blbdrive.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - cdrom (Pilote de CD-ROM) -> system32\DRIVERS\cdrom.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - CSC (@%systemroot%\system32\cscsvc.dll,-202) -> system32\drivers\csc.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - DfsC (@%systemroot%\system32\drivers\dfsc.sys,-101) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - discache (@%systemroot%\system32\drivers\discache.sys,-102) -> System32\drivers\discache.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - dtsoftbus01 (DAEMON Tools Virtual Bus Driver) -> system32\DRIVERS\dtsoftbus01.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - mssmbios (Pilote BIOS de gestion de systèmes Microsoft) -> system32\DRIVERS\mssmbios.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - NetBIOS (NetBIOS Interface) -> system32\DRIVERS\netbios.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Psched (@%SystemRoot%\System32\drivers\pacer.sys,-101) -> system32\DRIVERS\pacer.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - RDPCDD (@%systemroot%\system32\DRIVERS\RDPCDD.sys,-100) -> System32\DRIVERS\RDPCDD.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - RDPENCDD (@%systemroot%\system32\drivers\RDPENCDD.sys,-101) -> system32\drivers\rdpencdd.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - RDPREFMP (@%systemroot%\system32\drivers\RdpRefMp.sys,-101) -> system32\drivers\rdprefmp.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - TermDD (Pilote de périphérique terminal) -> system32\DRIVERS\termdd.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - VgaSave () -> \SystemRoot\System32\drivers\vga.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - vwififlt (Virtual WiFi Filter Driver) -> system32\DRIVERS\vwififlt.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Wanarpv6 (@%systemroot%\system32\rascfg.dll,-32012) -> system32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - WfpLwf (WFP Lightweight Filter) -> system32\DRIVERS\wfplwf.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - adfs () -> (?) - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - aswHwid (avast! HardwareID) -> \SystemRoot\system32\drivers\aswHwid.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - aswMonFlt (aswMonFlt) -> \SystemRoot\system32\drivers\aswMonFlt.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - aswStm (aswStm) -> \SystemRoot\system32\drivers\aswStm.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - lltdio (Link-Layer Topology Discovery Mapper I/O Driver) -> system32\DRIVERS\lltdio.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - rspndr (Link-Layer Topology Discovery Responder) -> system32\DRIVERS\rspndr.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True

---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted)

[MD5.3FDF4D8474D0285E1B1A952914820E11] - [11/05/2016 18:24:20] - (.Copyright © 2014 Tencent. - QQBrowser Driver.) - [93.23 Ko] - (2.0.586.400) - C:\Windows\Syswow64\Drivers\tsqbdrv.sys

---------- | Uninstall

[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AutoCAD 2014 - Français (French)] : (Autodesk AutoCAD 2014 - Français (French).-.Autodesk) -> C:\Program Files\Autodesk\AutoCAD 2014\Setup\fr-fr\Setup\Setup.exe /P {5783F2D7-D001-0000-0102-0060B0CE6BBA} /M ACAD /language fr-FR
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Autodesk Revit Architecture 2014 - Module linguistique - Français (French)] : (Autodesk Revit Architecture 2014 - Module linguistique - Français (French).-.Autodesk) -> C:\Program Files\Autodesk\Revit Architecture 2014\Setup\fr-FR\Setup\Setup.exe /P {7346B4A0-1400-0111-040C-705C0D862004} /M RAC2014_SLP /LANG fr-FR
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CCCEFA182E4523A863E4A7685B35D3DC3BAE16B0] : (Windows Driver Package - Realtek Semiconductor Corp. (rtl819xp) Net  (07/02/2009 1676.5.0702.2009).-.Realtek Semiconductor Corp.) -> C:\PROGRA~1\DIFX\1E5F57120B769A13\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\net819xp.inf_amd64_neutral_4fe538203bb455de\net819xp.inf
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CCleaner] : (CCleaner.-.Piriform) -> "C:\Program Files\CCleaner\uninst.exe"
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CPUID HWMonitor_is1] : (CPUID HWMonitor 1.31.-.) -> "C:\Program Files\CPUID\HWMonitor\unins000.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CutePDF Writer Installation] : (CutePDF Writer 2.8.-.) -> C:\Program Files (x86)\Acro Software\CutePDF Writer\Setup64.exe /uninstall
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\REAPER] : (REAPER (x64).-.) -> "C:\Program Files\REAPER (x64)\Uninstall.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Revit Architecture 2014 - Module linguistique - Français (French)] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}] : (PDFCreator.-.pdfforge) -> C:\Program Files\PDFCreator\unins000.exe
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0230235F-CEC7-4EBD-9CB4-2C54FA61FE15}] : (M-Audio ProFire 6.1.1 (x64).-.M-Audio) -> MsiExec.exe /X{0230235F-CEC7-4EBD-9CB4-2C54FA61FE15}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F86418025F0}] : (Java 8 Update 25 (64-bit).-.Oracle Corporation) -> MsiExec.exe /I{26A24AE4-039D-4CA4-87B4-2F86418025F0}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{5783F2D7-D001-0000-0102-0060B0CE6BBA}] : (AutoCAD 2014 - Français (French).-.Autodesk) -> C:\Program Files\Autodesk\AutoCAD 2014\Setup\fr-fr\Setup\Setup.exe /P {5783F2D7-D001-0000-0102-0060B0CE6BBA} /M ACAD /language fr-FR
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{5783F2D7-D001-040C-1102-0060B0CE6BBA}] : (AutoCAD 2014 Language Pack - Français (French).-.Autodesk) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{5783F2D7-D001-040C-2102-0060B0CE6BBA}] : (AutoCAD 2014 - Français (French).-.Autodesk) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7346B4A0-1400-0111-040C-705C0D862004}] : (Revit Architecture 2014 - Module linguistique - Français (French).-.Autodesk) -> MsiExec.exe /X{7346B4A0-1400-0111-040C-705C0D862004}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision] : (NVIDIA Pilote 3D Vision 350.12.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.3DVision
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel] : (Panneau de configuration NVIDIA 350.12.-.NVIDIA Corporation) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver] : (NVIDIA Pilote graphique 350.12.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience] : (NVIDIA GeForce Experience 2.1.3.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB] : (NVIDIA Pilote du contrôleur 3D Vision 349.95.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.NVIRUSB
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX] : (NVIDIA Logiciel système PhysX 9.15.0324.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] : (Mises à jour NVIDIA 16.13.56.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer] : (NVIDIA LED Visualizer 1.0.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv] : (SHIELD Streaming.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService] : (NVIDIA GeForce Experience Service.-.NVIDIA Corporation) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver] : (NVIDIA Pilote audio HD : 1.3.33.0.-.NVIDIA Corporation) -> "C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage HDAudio.Driver
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] : (NVIDIA Install Application.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service] : (NVIDIA Network Service.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay] : (NVIDIA ShadowPlay 16.13.56.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController] : (SHIELD Wireless Controller Driver.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core] : (NVIDIA Update Core.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver] : (NVIDIA Virtual Audio 1.2.25.-.NVIDIA Corporation) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\7-Zip] : (7-Zip 9.20.-.) -> "C:\Program Files (x86)\7-Zip\Uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Avast] : (Avast Antivirus Gratuit.-.AVAST Software) -> C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DAEMON Tools Lite] : (DAEMON Tools Lite.-.DT Soft Ltd) -> C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fraps] : (Fraps.-.) -> "C:\Fraps\uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Google Chrome] : (Google Chrome.-.Google Inc.) -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\Installer\setup.exe" --uninstall --system-level --verbose-logging
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Kerbal Space Program_is1] : (Kerbal Space Program.-.) -> "C:\Program Files (x86)\Kerbal Space Program\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1] : (Malwarebytes Anti-Malware version 2.1.6.1022.-.Malwarebytes Corporation) -> "C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MozillaMaintenanceService] : (Mozilla Maintenance Service.-.Mozilla) -> "C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Nik Collection] : (Nik Collection.-.Google) -> C:\Program Files\Google\Nik Collection\Uninstall Nik Collection.exe
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\NVIDIAStereo] : (NVIDIA Stereoscopic 3D Driver.-.NVIDIA Corporation) -> "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SafeZone 1.48.2066.114] : (SafeZone Stable 1.48.2066.114.-.Avast Software) -> "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" /uninstall
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SpeedFan] : (SpeedFan (remove only).-.) -> "C:\Program Files (x86)\SpeedFan\uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\VLC media player] : (VLC media player 1.1.11.-.VideoLAN) -> C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WinRAR archiver] : (WinRAR archiver.-.) -> C:\Program Files (x86)\WinRAR\uninstall.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\x264vfw] : (x264vfw - H.264/MPEG-4 AVC codec (remove only).-.) -> C:\Windows\SysWOW64\x264vfw-uninstall.exe
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{08D2E121-7F6A-43EB-97FD-629B44903403}] : (Microsoft_VC90_CRT_x86.-.Adobe) -> MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}] : (AdobeColorCommonSetRGB.-.Adobe Systems Incorporated) -> MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{185F9795-9663-4F13-9EF9-307A282ADB5A}] : (ph.-.Your Company Name) -> MsiExec.exe /I{185F9795-9663-4F13-9EF9-307A282ADB5A}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}] : (bl.-.Your Company Name) -> MsiExec.exe /I{2A075BB4-E976-4278-BF3F-E5C6945D84C0}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3D347E6D-5A03-4342-B5BA-6A771885F379}] : (Autodesk Backburner 2014.-.Autodesk, Inc.) -> MsiExec.exe /I{3D347E6D-5A03-4342-B5BA-6A771885F379}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{406EECCC-AF98-4F2C-A99F-FED788F7580C}] : (LibreOffice 4.4.5.2.-.The Document Foundation) -> MsiExec.exe /I{406EECCC-AF98-4F2C-A99F-FED788F7580C}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{53E43AAC-82D6-4E27-9C29-0EB70A216A9D}] : (Google SketchUp Pro 7.-.Google, Inc.) -> MsiExec.exe /X{53E43AAC-82D6-4E27-9C29-0EB70A216A9D}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5EE7D259-D137-4438-9A5F-42F432EC0421}] : (VC80CRTRedist - 8.0.50727.4053.-.DivX, Inc) -> MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}] : (Microsoft_VC90_MFC_x86.-.Adobe) -> MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{63C24A08-70F3-4C8E-B9FB-9F21A903801D}] : (Adobe Color Video Profiles CS CS4.-.Adobe Systems Incorporated) -> MsiExec.exe /I{63C24A08-70F3-4C8E-B9FB-9F21A903801D}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{644E9589-F73A-49A4-AC61-A953B9DE5669}] : (SketchUp Import for AutoCAD 2014.-.Autodesk) -> MsiExec.exe /X{644E9589-F73A-49A4-AC61-A953B9DE5669}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7B63B2922B174135AFC0E1377DD81EC2}] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}] : (Realtek Ethernet Controller Driver For Windows 7.-.Realtek) -> C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.Exe -runfromtemp -removeonly
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}] : (Microsoft_VC80_CRT_x86.-.Adobe) -> MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}] : (Browser Configuration Utility.-.DeviceVM Inc.) -> MsiExec.exe /X{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A9A1B8A2-D2EC-4A05-951D-7E337B07B5C3}] : (TRENDnet TEW-641PC/TEW-643PI Wireless Cardbus/PCI Adapter.-.TRENDnet) -> C:\Program Files (x86)\InstallShield Installation Information\{A9A1B8A2-D2EC-4A05-951D-7E337B07B5C3}\setup.exe -runfromtemp -l0x0009 -removeonly
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824225037}] : (Adobe Refresh Manager.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-0804-1033-1959-001824225037}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1036-7B44-AB0000000001}] : (Adobe Reader XI (11.0.20) - Français.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-AB0000000001}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1] : (Spybot - Search & Destroy.-.Safer-Networking Ltd.) -> "C:\Program Files (x86)\Spybot - Search & Destroy 2\unins000.exe"
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B6D38690-755E-4F40-A35A-23F8BC2B86AC}] : (Microsoft_VC90_MFCLOC_x86.-.Adobe) -> MsiExec.exe /I{B6D38690-755E-4F40-A35A-23F8BC2B86AC}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BB8B979E-E336-47E7-96BC-1031C1B94561}] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C515E2A3-4878-4C85-A519-52630C7AB08B}] : (VirtualDJ PRO Full.-.Atomix Productions) -> MsiExec.exe /I{C515E2A3-4878-4C85-A519-52630C7AB08B}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E4FCC129-5053-E37B-1C04-D81C1B3B5D38}] : (.-.) -> C:\PROGRA~3\INSTAL~2\{AE545~1\Setup.exe /remove /q0
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] : (Realtek High Definition Audio Driver.-.Realtek Semiconductor Corp.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FFF3FC8A-02ED-4581-9D08-7BFDA09242DC}] : (SketchUp 2014.-.Trimble Navigation Limited) -> MsiExec.exe /X{FFF3FC8A-02ED-4581-9D08-7BFDA09242DC}

---------- | Ports 


---------- | Installer

[HKCR\Installer\Products\0A4B64370041111040C007C5D0680240] : Revit Architecture 2014 - Module linguistique - Français (French) -> C:\Windows\Installer\{7346B4A0-1400-0111-040C-705C0D862004}\REVT.ico
[HKCR\Installer\Products\1C2D6E6109C79034E84C2D126209AA4A] : AdobeColorCommonSetRGB
[HKCR\Installer\Products\4BB570A2679E8724FBF35E6C49D5480C] : bl -> C:\Windows\Installer\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\4EA42A62D9304AC4784BF2681408520F] : Java 8 Update 25 (64-bit)
[HKCR\Installer\Products\5979F581366931F4E99F03A782A2BDA5] : ph -> C:\Windows\Installer\{185F9795-9663-4F13-9EF9-307A282ADB5A}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\68AB67CA408033019195008142220573] : Adobe Refresh Manager -> C:\Windows\Installer\{AC76BA86-0804-1033-1959-001824225037}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\68AB67CA7DA76301B744BA0000000010] : Adobe Reader XI (11.0.20) - Français -> C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico
[HKCR\Installer\Products\7D2F3875100D0000102000060BECB6AB] : AutoCAD 2014 - Français (French)
[HKCR\Installer\Products\7D2F3875100DC040112000060BECB6AB] : AutoCAD 2014 Language Pack - Français (French)
[HKCR\Installer\Products\7D2F3875100DC040122000060BECB6AB] : AutoCAD 2014 - Français (French)
[HKCR\Installer\Products\7E199F2ADCDD7B24FACE7487A990F9CD] : Browser Configuration Utility -> C:\Windows\Installer\{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\80A42C363F07E8C49BBFF9129A3008D1] : Adobe Color Video Profiles CS CS4
[HKCR\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E] : Google Update Helper
[HKCR\Installer\Products\952D7EE5731D8344A9F5244F23CE4012] : VC80CRTRedist - 8.0.50727.4053
[HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper
[HKCR\Installer\Products\A8CF3FFFDE201854D980B7DF0A2924CD] : SketchUp 2014 -> C:\Windows\Installer\{FFF3FC8A-02ED-4581-9D08-7BFDA09242DC}\SketchUpARPIcon
[HKCR\Installer\Products\CAA34E356D2872E4C992E07BA012A6D9] : Google SketchUp Pro 7
[HKCR\Installer\Products\CCCEE60489FAC2F49AF9EF7D887F85C0] : LibreOffice 4.4.5.2 -> C:\Windows\Installer\{406EECCC-AF98-4F2C-A99F-FED788F7580C}\soffice.ico
[HKCR\Installer\Products\D6E743D330A524345BABA67781583F97] : Autodesk Backburner 2014
[HKCR\Installer\Products\F53203207CECDBE4C94BC245AF16EF51] : M-Audio ProFire 6.1.1 (x64) -> C:\Windows\Installer\{0230235F-CEC7-4EBD-9CB4-2C54FA61FE15}\M_Audio.ico
[HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater

---------- | ADS

@C:\Windows:nlsPreferences
@C:\ProgramData\Microsoft:1Ey4PbNCzix3erLBETricM
@C:\ProgramData\Microsoft:cusikIlgugkALkwIdepXpDpPU
@C:\ProgramData\Microsoft:yMIsIs7SUTBIL06MapoENhHokUQ

---------- | Drives

 Disk: 0   Size=477G
 Pos MBRndx Type/Name  Size Active Hide Start Sector   Sectors
 --- ------ ---------- ---- ------ ---- ------------ ------------
  0    0    07-NTFS    100M   Yes   No         2,048      204,800
  1    1    07-NTFS    397G   No    No       206,848  812,724,224
  2    2    07-NTFS     80G   No    No   812,931,072  163,837,952

---------- | MBR


64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin

---------- | 20 LastEventLog

Impossible d’initialiser l’index.

Détails :
	Le catalogue d’index des contenus est endommagé.  (HRESULT : 0xc0041801) (0xc0041801)

------------

Impossible d’initialiser l’application.

Contexte : Application Windows

Détails :
	Le catalogue d’index des contenus est endommagé.  (HRESULT : 0xc0041801) (0xc0041801)

------------

Impossible d’initialiser l’objet rassembleur.

Contexte : Application Windows, Catalogue SystemIndex

Détails :
	Le catalogue d’index des contenus est endommagé.  (HRESULT : 0xc0041801) (0xc0041801)

------------

Impossible d’initialiser le plug-in dans <Search.TripoliIndexer>.

Contexte : Application Windows, Catalogue SystemIndex

Détails :
	Élément introuvable.  (HRESULT : 0x80070490) (0x80070490)

------------

Impossible d’initialiser le plug-in dans <Search.JetPropStore>.

Contexte : Application Windows, Catalogue SystemIndex

Détails :
	Le catalogue d’index des contenus est endommagé.  (HRESULT : 0xc0041801) (0xc0041801)

------------

Le service Windows Search ne peut pas charger les informations de la banque de propriétés.

Contexte : Application Windows, Catalogue SystemIndex

Détails :
	La base de données d’index des contenus est endommagée.  (HRESULT : 0xc0041800) (0xc0041800)

------------

Le service de recherche Windows a été arrêté à cause d’un problème avec l’indexeur : The catalog is corrupt.

Détails :
	Le catalogue d’index des contenus est endommagé.  (HRESULT : 0xc0041801) (0xc0041801)

------------

Le service de recherche a détecté des fichiers de données endommagés dans l’index {id=4700}. Le service tentera de corriger automatiquement ce problème en recréant l’index.

Détails :
	Le catalogue d’index des contenus est endommagé.  (HRESULT : 0xc0041801) (0xc0041801)

------------


------------

Windows (5628) Windows: L'Erreur -1811 s'est produite lors de l'ouverture du fichier journal C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS00066.log.
------------

Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary GEAR ASPI Filter Driver.

System Error:
Le fichier spécifié est introuvable.
.
------------

Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary GEAR ASPI Filter Driver.

System Error:
Le fichier spécifié est introuvable.
.
------------

Produit : Revit Architecture 2014 - Module linguistique - Français (French) -- Erreur 1606. Impossible d’accéder à l’emplacement réseau \.
------------

Produit : Revit Architecture 2014 - Module linguistique - Français (French) -- Erreur 1606. Impossible d’accéder à l’emplacement réseau \.
------------

Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary GEAR ASPI Filter Driver.

System Error:
Le fichier spécifié est introuvable.
.
------------

Product: Autodesk Backburner 2014 -- Error 1722. There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor.  Action StopBBManagerService, location: C:\Program Files (x86)\Autodesk\Backburner\managersvc.exe, command: -r 
------------

Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary GEAR ASPI Filter Driver.

System Error:
Le fichier spécifié est introuvable.
.
------------

Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary GEAR ASPI Filter Driver.

System Error:
Le fichier spécifié est introuvable.
.
------------

Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary GEAR ASPI Filter Driver.

System Error:
Le fichier spécifié est introuvable.
.
------------


----------( EOF)---------- - 4123 | 16:41:54