--------------- QuickDiag | g3n-h@ckm@n | V3_31.01.17.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 25/02/2017 18:57:36 Updated 31/01/2017 | 13.00 by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [philippe (Administrator)] - [PHILIPPE] (S-1-5-21-4158283954-3335988523-2550848084) System: Microsoft Windows 10 Famille - - (10.0.14393) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Famille|C:\WINDOWS|\Device\Harddisk0\Partition4 Boot : Normal boot PC: HP Pavilion 17 Notebook PC - Hewlett-Packard - IdNumber: 5CD4495P9H - UUID: 34444335-3934-5035-3948-3863BBA96D7B Processor : X64 - 1996 Mhz - AMD A8-6410 APU with AMD Radeon R5 Graphics F.43 - en|US|iso8859-1 - American Megatrends Inc. - S/N: 5CD4495P9H - F.43 - HPQOEM - 1072009 CoreTemp : 47 Celsius ----------| Quick ---------- | SoundDevice Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0282&SUBSYS_103C226B&REV_1000\4&70F6875&0&0001 AMD High Definition Audio Device - Status: OK - Manufacturer: Advanced Micro Devices - PNPDeviceID: HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100&REV_1005\4&80BD665&0&0001 ---------- | Video AMD Radeon R7 M260 - Resolution: x - Colors: - RefreshRate: - Bits Per Pixel - DeviceID: VideoController1 - Drivers: aticfx64.dll,aticfx64.dll,aticfx64.dll,amdxc64.dll,aticfx32,aticfx32,aticfx32,amdxc32,atiumd64.dll,atidxx64.dll,atidxx64.dll,atiumdag,atidxx32,atidxx32,atiumdva,atiumd6a.cap,atitmm64 - PNPDeviceID: PCI\VEN_1002&DEV_6900&SUBSYS_226B103C&REV_00\4&38D8CEA&0&0011 - AdapterCompatibility: Advanced Micro Devices, Inc. - RAM: -2147483648 AMD Radeon(TM) R5 Graphics - Resolution: 1600x900 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController2 - Drivers: aticfx64.dll,aticfx64.dll,aticfx64.dll,amdxc64.dll,aticfx32,aticfx32,aticfx32,amdxc32,atiumd64.dll,atidxx64.dll,atidxx64.dll,atiumdag,atidxx32,atidxx32,atiumdva,atiumd6a.cap,atitmm64 - PNPDeviceID: PCI\VEN_1002&DEV_9851&SUBSYS_226B103C&REV_05\3&11583659&1&08 - AdapterCompatibility: Advanced Micro Devices, Inc. - RAM: 1073741824 Inegrated Video Chipset DeviceName: AMD Radeon R7 M260 - DriverVersion: 8.14.1.6538 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 27648 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 87040 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 35696 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25352 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42936 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34640 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 17920 - Manufacturer: Microsoft Corporation - Status: OK ---------- | CPU CPU #1 value:10 % CPU #2 value:4 % CPU #3 value:4 % CPU #4 value:10 % Total Overall CPU Usage value:7 % ---------- | Network Realtek PCIe FE Family Controller : SENT:0 bytes/sec / RECVD:0 bytes/sec Realtek RTL8723BE 802.11 b_g_n Wi-Fi Adapter : SENT:0 bytes/sec / RECVD:0 bytes/sec isatap.{C4785CA9-5FF4-4FC2-80E0-98A4FD3C6BA3} : SENT:0 bytes/sec / RECVD:0 bytes/sec Teredo Tunneling Pseudo-Interface : SENT:0 bytes/sec / RECVD:0 bytes/sec Overall -> SEND Maxium:7 bytes/sec, / RECEIVE Maximum:0 bytes/sec Microsoft Kernel Debug Network Adapter - - Microsoft - Status: - PnPID : ROOT\KDNIC\0000 Realtek PCIe FE Family Controller - Ethernet 802.3 - Realtek - Status: - PnPID : PCI\VEN_10EC&DEV_8136&SUBSYS_226B103C&REV_07\4&19B4F5A7&0&0013 Realtek RTL8723BE 802.11 b/g/n Wi-Fi Adapter - Ethernet 802.3 - Realtek Semiconductor Corp. - Status: - PnPID : PCI\VEN_10EC&DEV_B723&SUBSYS_2231103C&REV_00\4&2C6EA64C&0&0012 Carte virtuelle directe Wi-Fi Microsoft #2 - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\5&29519D72&0&01 Microsoft ISATAP Adapter - Tunnel - Microsoft - Status: - PnPID : SWD\IP_TUNNEL_VBUS\ISATAP_0 Teredo Tunneling Pseudo-Interface - Tunnel - Microsoft - Status: - PnPID : SWD\IP_TUNNEL_VBUS\TEREDO_TUNNEL_DEVICE WAN Miniport (SSTP) - - - Status: - PnPID : WAN Miniport (IKEv2) - - - Status: - PnPID : WAN Miniport (L2TP) - - - Status: - PnPID : WAN Miniport (PPTP) - - - Status: - PnPID : WAN Miniport (PPPOE) - - - Status: - PnPID : WAN Miniport (IP) - - - Status: - PnPID : WAN Miniport (IPv6) - - - Status: - PnPID : WAN Miniport (Network Monitor) - - - Status: - PnPID : ---------- | Memory RAM = Total (MB) : 11468 | Free (MB) : 8591 Pagefile = Total (MB) : 13238 | Free (MB) : 9899 Virtual = Total (MB) : 4194 | Free (MB) : 3960 Physical Memory 0 : Capacity: 4294967296 - Bottom-Slot 1 (left) - Posit.: 0 - Manufacturer: Hynix - PartNumber: HMT451S6BFR8A-PB - S/N: 2180D369 Physical Memory 1 : Capacity: 8589934592 - Bottom-Slot 2 (right) - Posit.: 0 - Manufacturer: - PartNumber: CT102464BF186D.M16 - S/N: E0134F3E ---------- | SID Users Administrateur : [S-1-5-21-4158283954-3335988523-2550848084-500] DefaultAccount : [S-1-5-21-4158283954-3335988523-2550848084-503] HomeGroupUser$ : [S-1-5-21-4158283954-3335988523-2550848084-1004] Invité : [S-1-5-21-4158283954-3335988523-2550848084-501] philippe : [S-1-5-21-4158283954-3335988523-2550848084] Administrateurs : [S-1-5-32-544] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] System Managed Accounts Group : [S-1-5-32-581] Utilisateurs : [S-1-5-32-545] Utilisateurs de gestion à distance : [S-1-5-32-580] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] AMD FUEL : [S-1-5-21-4158283954-3335988523-2550848084-1001] HomeUsers : [S-1-5-21-4158283954-3335988523-2550848084-1003] WinRMRemoteWMIUsers__ : [S-1-5-21-4158283954-3335988523-2550848084-1000] ---------- | SystemAccounts Name: Tout le monde - SID: S-1-1-0 - SIDType: 5 - Status: OK Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK Name: CREATEUR PROPRIETAIRE - SID: S-1-3-0 - SIDType: 5 - Status: OK Name: GROUPE CREATEUR - SID: S-1-3-1 - SIDType: 5 - Status: OK Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK Name: DROITS DU PROPRIÉTAIRE - SID: S-1-3-4 - SIDType: 5 - Status: OK Name: LIGNE - SID: S-1-5-1 - SIDType: 5 - Status: OK Name: RESEAU - SID: S-1-5-2 - SIDType: 5 - Status: OK Name: TACHE - SID: S-1-5-3 - SIDType: 5 - Status: OK Name: INTERACTIF - SID: S-1-5-4 - SIDType: 5 - Status: OK Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK Name: Proxy - SID: S-1-5-8 - SIDType: 5 - Status: OK Name: Système - SID: S-1-5-18 - SIDType: 5 - Status: OK Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK Name: Utilisateurs authentifiés - SID: S-1-5-11 - SIDType: 5 - Status: OK Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK Name: UTILISATEUR TERMINAL SERVER - SID: S-1-5-13 - SIDType: 5 - Status: OK Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK Name: SERVICE LOCAL - SID: S-1-5-19 - SIDType: 5 - Status: OK Name: SERVICE RÉSEAU - SID: S-1-5-20 - SIDType: 5 - Status: OK Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK ---------- | Drives C:\ -> [Fixed] | [Windows] | Total : 673.52 Go | Free : 249.12 Go -> NTFS [SATA] D:\ -> [Fixed] | [RECOVERY] | Total : 23.27 Go | Free : 1.5 Go -> NTFS [SATA] Disk Usage Information [1 total Physical Disks] Physical Drive #0 [C:, D:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:0 bytes/sec, Write Maximum:0 bytes/sec DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 5 Part. - PnPID : SCSI\DISK&VEN_WDC&PROD_WD7500BPVX-60JC3\4&3A0842BD&0&000000 ---------- | Windows updates No detected update !!! Windows Is Activated ---------- | Browsers IE : 11.0.14393.0 (© Microsoft Corporation. Tous droits réservés.) GC : 56.0.2924.87 (Copyright 2016 Google Inc.) Default : "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" ---------- | FlashPlayer FlashPlayer ActiveX : 24.0.0.221 ---------- | Security AV : Windows Defender Disabled FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Manual(3)] = stopped AS: Windows Defender [Manual(3)] = stopped WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 428 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.14393.0) = C:\WINDOWS\System32\smss.exe [16/07/2016 12:42:27] CPU Usage:0 % 868 | [Owner : | Parent : 732() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.14393.0) = C:\WINDOWS\System32\wininit.exe [16/07/2016 12:42:27] CPU Usage:0 % 968 | [Owner : | Parent : 868(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.14393.479) = C:\WINDOWS\System32\services.exe [09/12/2016 21:23:07] CPU Usage:0 % 1000 | [Owner : | Parent : 868(wininit.exe) | ?????] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.14393.187) = C:\WINDOWS\System32\lsass.exe [14/09/2016 14:00:48] CPU Usage:0 % 592 | [Owner : | Parent : 968(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\WINDOWS\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 284 | [Owner : | Parent : 968(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\WINDOWS\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 744 | [Owner : | Parent : 968(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\WINDOWS\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 1028 | [Owner : | Parent : 968(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\WINDOWS\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 1112 | [Owner : | Parent : 968(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\WINDOWS\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 1148 | [Owner : | Parent : 968(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\WINDOWS\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 1316 | [Owner : | Parent : 968(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\WINDOWS\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 1400 | [Owner : | Parent : 968(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\WINDOWS\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 1416 | [Owner : | Parent : 968(services.exe) | ?????] - (.AMD - AMD External Events Service Module.) - (21.19.519.2) = C:\WINDOWS\System32\atiesrxx.exe [13/02/2017 18:32:34] CPU Usage:0 % 1412 | [Owner : | Parent : 968(services.exe) | ?????] - (.Advanced Micro Devices, Inc. - tbaseprovisioning.) - (1.0.0.0) = C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [23/06/2015 10:39:28] CPU Usage:0 % 1708 | [Owner : | Parent : 968(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\WINDOWS\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 1768 | [Owner : | Parent : 968(services.exe) | ?????] - (.Hewlett-Packard Company - HpService.) - (6.0.5.1) = C:\WINDOWS\System32\hpservice.exe [23/07/2013 11:28:56] CPU Usage:0 % 1808 | [Owner : | Parent : 968(services.exe) | ?????] - (.Realtek Semiconductor - Realtek Audio Service.) - (1.0.0.66) = C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [24/11/2015 00:55:02] CPU Usage:0 % 1940 | [Owner : | Parent : 968(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\WINDOWS\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 1992 | [Owner : | Parent : 968(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\WINDOWS\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 2040 | [Owner : | Parent : 968(services.exe) | ?????] - (.AVAST Software - Avast Service.) - (17.1.3394.0) = C:\Program Files\AVAST Software\Avast\AvastSvc.exe [16/02/2017 19:29:21] CPU Usage:0 % 2304 | [Owner : | Parent : 968(services.exe) | ?????] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.14393.351) = C:\WINDOWS\System32\spoolsv.exe [28/10/2016 19:02:26] CPU Usage:0 % 2376 | [Owner : | Parent : 968(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\WINDOWS\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 2384 | [Owner : | Parent : 968(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\WINDOWS\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 2620 | [Owner : | Parent : 968(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\WINDOWS\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 2636 | [Owner : | Parent : 968(services.exe) | ?????] - (.Apple Inc. - Bonjour Service.) - (3.0.0.10) = C:\Program Files\Bonjour\mDNSResponder.exe [30/08/2011 23:05:32] CPU Usage:0 % 2656 | [Owner : | Parent : 968(services.exe) | ?????] - (.- Realtek Bluetooth BTDevManager Service Application.) - (1.2.36.1) = C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe [24/11/2014 05:35:56] CPU Usage:0 % 2692 | [Owner : | Parent : 968(services.exe) | ?????] - (.BlueStack Systems, Inc. - BlueStacks Log Rotator Service.) - (2.2.27.6431) = C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [01/06/2016 02:29:41] CPU Usage:0 % 2700 | [Owner : | Parent : 968(services.exe) | ?????] - (.Hewlett-Packard Development Company, L.P. - HP WMI Service.) - (1.4.1.0) = C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [29/06/2015 16:53:30] CPU Usage:0 % 2712 | [Owner : | Parent : 968(services.exe) | ?????] - (.Advanced Micro Devices, Inc. - Service Fusion Utility.) - (1.0.0.0) = C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [06/09/2014 23:32:46] CPU Usage:0 % 2732 | [Owner : | Parent : 968(services.exe) | ?????] - (.-.) - (0.0.0.0) = C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe [06/09/2014 23:34:00] CPU Usage:0 % 2944 | [Owner : | Parent : 968(services.exe) | ?????] - (.TomTom - Windows Service for TomTom HOME.) - (2.9.94.450) = C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [29/11/2016 16:36:10] CPU Usage:0 % 2980 | [Owner : | Parent : 968(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\WINDOWS\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 3100 | [Owner : | Parent : 968(services.exe) | ?????] - (.- RichVideo Module.) - (2.0.1.7413) = C:\Program Files\CyberLink\Shared files\RichVideo64.exe [24/11/2014 06:11:32] CPU Usage:0 % 3140 | [Owner : | Parent : 968(services.exe) | ?????] - (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) - (19.2.4.10) = C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [09/12/2015 08:34:46] CPU Usage:0 % 5448 | [Owner : | Parent : 968(services.exe) | ?????] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.14393.206) = C:\WINDOWS\System32\SearchIndexer.exe [30/09/2016 18:27:31] CPU Usage:0 % 696 | [Owner : | Parent : 968(services.exe) | ?????] - (.HP Inc. - HP Support Solutions Framework Service.) - (8.5.32.203) = C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [28/09/2015 09:19:10] CPU Usage:0 % 5356 | [Owner : | Parent : 968(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\WINDOWS\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 6304 | [Owner : | Parent : 968(services.exe) | ?????] - (.Hewlett-Packard Company - HP Software Framework WMI Service.) - (6.5.6.1) = C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [28/04/2015 15:39:48] CPU Usage:0 % 5476 | [Owner : | Parent : 8108() | ?????] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.14393.594) = C:\WINDOWS\System32\winlogon.exe [10/01/2017 21:40:15] CPU Usage:0 % 4752 | [Owner : | Parent : 1416(atiesrxx.exe) | ?????] - (.AMD - AMD External Events Client Module.) - (21.19.519.2) = C:\WINDOWS\System32\atieclxx.exe [13/02/2017 18:32:34] CPU Usage:0 % 4648 | [Owner : | Parent : 1808(RtkAudioService64.exe) | ?????] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.221) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [24/11/2015 00:54:56] CPU Usage:0 % 7544 | [Owner : philippe | Parent : 3140(SynTPEnhService.exe) | 19.65 Mo] - (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) - (19.2.4.10) = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [09/12/2015 08:29:00] CPU Usage:0 % 1896 | [Owner : philippe | Parent : 968(services.exe) | 32.7 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\WINDOWS\System32\svchost.exe [16/07/2016 12:42:27] CPU Usage:0 % 6300 | [Owner : philippe | Parent : 744(svchost.exe) | 26.72 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.14393.0) = C:\WINDOWS\System32\sihost.exe [16/07/2016 12:42:09] CPU Usage:0 % 6636 | [Owner : philippe | Parent : 744(svchost.exe) | 18.81 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.14393.0) = C:\WINDOWS\System32\taskhostw.exe [16/07/2016 12:42:36] CPU Usage:0 % 3724 | [Owner : philippe | Parent : 592(svchost.exe) | 37.14 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.14393.0) = C:\WINDOWS\System32\RuntimeBroker.exe [16/07/2016 12:42:05] CPU Usage:0 % 2484 | [Owner : philippe | Parent : 5996() | 85.92 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.14393.479) = C:\WINDOWS\explorer.exe [09/12/2016 21:22:31] CPU Usage:0 % 1524 | [Owner : philippe | Parent : 6104() | 5.34 Mo] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) - (19.2.4.10) = C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [09/12/2015 08:29:00] CPU Usage:0 % 6588 | [Owner : philippe | Parent : 592(svchost.exe) | 73.44 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.14393.447) = C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [08/11/2016 22:23:34] CPU Usage:0 % 6724 | [Owner : philippe | Parent : 592(svchost.exe) | 127.16 Mo] - (.Microsoft Corporation - Search and Cortana application.) - (10.0.14393.693) = C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [10/01/2017 21:39:36] CPU Usage:0 % 896 | [Owner : philippe | Parent : 592(svchost.exe) | 7.97 Mo] - (.-.) - (11.11.110.0) = C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe [23/02/2017 00:00:52] CPU Usage:0 % 3164 | [Owner : philippe | Parent : 592(svchost.exe) | 3.63 Mo] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.14393.594) = C:\WINDOWS\System32\SettingSyncHost.exe [10/01/2017 21:39:44] CPU Usage:0 % 5384 | [Owner : philippe | Parent : 8120() | 0.88 Mo] - (.Advanced Micro Devices, Inc. - Radeon Settings: Host Application.) - (10.1.1.1674) = C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [10/02/2017 09:21:38] CPU Usage:0 % 928 | [Owner : philippe | Parent : 2484(explorer.exe) | 13 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.485.0) = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [24/11/2015 00:55:02] CPU Usage:0 % 5396 | [Owner : philippe | Parent : 2484(explorer.exe) | 32.35 Mo] - (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) - (6.67.83.0) = C:\Program Files\Logitech\SetPointP\SetPoint.exe [26/08/2015 02:21:56] CPU Usage:0 % 3204 | [Owner : philippe | Parent : 2484(explorer.exe) | 33.88 Mo] - (.Microsoft Corporation - Microsoft OneDrive.) - (17.3.6764.111) = C:\Users\philippe\AppData\Local\Microsoft\OneDrive\OneDrive.exe [23/11/2015 04:04:25] CPU Usage:0 % 6268 | [Owner : philippe | Parent : 5396(SetPoint.exe) | 12.07 Mo] - (.Logitech, Inc. - Logitech KHAL Main Process.) - (5.90.41.0) = C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe [02/07/2015 21:28:44] CPU Usage:0 % 6452 | [Owner : philippe | Parent : 7196() | 2.72 Mo] - (.Hewlett-Packard Company - Hp Accelerometer System Tray.) - (6.0.19.1) = C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe [01/04/2014 14:37:38] CPU Usage:0 % 6368 | [Owner : philippe | Parent : 804() | 40.29 Mo] - (.AVAST Software - Avast Antivirus.) - (17.1.3394.46) = C:\Program Files\AVAST Software\Avast\avastui.exe [16/02/2017 19:29:40] CPU Usage:0 % 6160 | [Owner : philippe | Parent : 7196() | 8.39 Mo] - (.Hewlett-Packard Development Company, L.P. - HP Message Service.) - (1.4.1.0) = C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [29/06/2015 11:27:42] CPU Usage:0 % 4848 | [Owner : philippe | Parent : 7196() | 7.41 Mo] - (.Oracle Corporation - Java Update Scheduler.) - (2.8.121.13) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [12/12/2016 19:21:48] CPU Usage:0 % 4544 | [Owner : philippe | Parent : 592(svchost.exe) | 19.23 Mo] - (.Microsoft Corporation - Application Frame Host.) - (10.0.14393.0) = C:\WINDOWS\System32\ApplicationFrameHost.exe [16/07/2016 12:42:40] CPU Usage:0 % 7052 | [Owner : philippe | Parent : 7524() | 0.87 Mo] - (.Glarysoft Ltd - Glary Utilities 5.) - (5.69.0.90) = C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [10/02/2017 07:55:38] CPU Usage:0 % 1040 | [Owner : philippe | Parent : 592(svchost.exe) | 9.88 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.14393.0) = C:\WINDOWS\System32\dllhost.exe [16/07/2016 12:42:27] CPU Usage:0 % 8156 | [Owner : philippe | Parent : 2484(explorer.exe) | 125.09 Mo] - (.Google Inc. - Google Chrome.) - (56.0.2924.87) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [22/11/2015 00:48:42] CPU Usage:0 % 7024 | [Owner : philippe | Parent : 8156(chrome.exe) | 8.9 Mo] - (.Google Inc. - Google Chrome.) - (56.0.2924.87) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [22/11/2015 00:48:42] CPU Usage:0 % 4656 | [Owner : philippe | Parent : 8156(chrome.exe) | 9.86 Mo] - (.Google Inc. - Google Chrome.) - (56.0.2924.87) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [22/11/2015 00:48:42] CPU Usage:0 % 2200 | [Owner : philippe | Parent : 8156(chrome.exe) | 82.04 Mo] - (.Google Inc. - Google Chrome.) - (56.0.2924.87) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [22/11/2015 00:48:42] CPU Usage:0 % 1160 | [Owner : philippe | Parent : 8156(chrome.exe) | 72.81 Mo] - (.Google Inc. - Google Chrome.) - (56.0.2924.87) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [22/11/2015 00:48:42] CPU Usage:0 % 7732 | [Owner : philippe | Parent : 8156(chrome.exe) | 74.39 Mo] - (.Google Inc. - Google Chrome.) - (56.0.2924.87) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [22/11/2015 00:48:42] CPU Usage:0 % 3216 | [Owner : philippe | Parent : 8156(chrome.exe) | 207.72 Mo] - (.Google Inc. - Google Chrome.) - (56.0.2924.87) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [22/11/2015 00:48:42] CPU Usage:0 % 9076 | [Owner : philippe | Parent : 6368(avastui.exe) | 8.9 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.14393.0) = C:\WINDOWS\SysWOW64\ctfmon.exe [16/07/2016 12:43:04] CPU Usage:0 % 2668 | [Owner : philippe | Parent : 8156(chrome.exe) | 200.31 Mo] - (.Google Inc. - Google Chrome.) - (56.0.2924.87) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [22/11/2015 00:48:42] CPU Usage:0 % 5588 | [Owner : philippe | Parent : 592(svchost.exe) | 23.77 Mo] - (.Microsoft Corporation - SmartScreen.) - (10.0.14393.321) = C:\WINDOWS\System32\smartscreen.exe [11/10/2016 19:34:06] CPU Usage:0 % 2108 | [Owner : | Parent : 1708(svchost.exe) | ?????] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (10.0.14393.0) = C:\WINDOWS\System32\audiodg.exe [16/07/2016 12:42:22] CPU Usage:0 % 4476 | [Owner : philippe | Parent : 8156(chrome.exe) | 30.43 Mo] - (.SosVirus - QuickDiag.) - (31.1.17.1) = C:\Users\philippe\Downloads\QuickDiag.exe [25/02/2017 18:55:58] CPU Usage:0 % ---------- | MD5 [MD5.4E10FB1A015B49AC68F76C1A3F4D9C0F] - [09/12/2016 21:22:31] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4563.77 Ko] - (10.0.14393.479) : C:\WINDOWS\Explorer.exe [MD5.F4F684066175B77E0C3A000549D2922C] - [16/07/2016 12:42:36] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [227.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\cmd.exe [MD5.77DBC745D957B4F0404ABABC10696784] - [16/07/2016 12:42:27] - (.© Microsoft Corporation. Tous droits réservés. - Processus d’exécution client-serveur.) - [17.72 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\csrss.exe [MD5.DA63852A2B0340E94D74EAF0CD444979] - [16/07/2016 12:42:27] - (.© Microsoft Corporation. - COM Surrogate.) - [20.84 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\dllhost.exe [MD5.6955067712F2F4752CA12192B08EF860] - [16/07/2016 12:42:16] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [683.48 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Kernel32.dll [MD5.6F8E95716C1A27FF2FE96D30B147F1C1] - [14/09/2016 14:00:48] - (.© Microsoft Corporation. - Local Security Authority Process.) - [56.05 Ko] - (10.0.14393.187) : C:\WINDOWS\System32\lsass.exe [MD5.7BD259FC59CF9C2AE1B979564B374CC6] - [16/07/2016 12:42:27] - (.© Microsoft Corporation. - Distributed COM Services.) - [867.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\rpcss.dll [MD5.C7645D43451C6D94D87F4D07BDE59C89] - [16/07/2016 12:42:42] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [68 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\rundll32.exe [MD5.3C69CC28665854F1AAB4B4005005FA31] - [09/12/2016 21:23:07] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [443.94 Ko] - (10.0.14393.479) : C:\WINDOWS\System32\services.exe [MD5.36F670D89040709013F6A460176767EC] - [16/07/2016 12:42:27] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [43.45 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\svchost.exe [MD5.C46EA86BF0E7C96235E9064CBAD6ED26] - [14/12/2016 18:02:27] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l’API uilisateur de Windows multi-utilisateurs.) - [1426.95 Ko] - (10.0.14393.576) : C:\WINDOWS\System32\user32.dll [MD5.C1B1FFC800BE2F31EB2CF8CB40629C69] - [16/07/2016 12:42:27] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Userinit.) - [32.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\userinit.exe [MD5.99A19C9A74E2F9820E501DCE77F84F70] - [16/07/2016 12:42:27] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [297.11 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Wininit.exe [MD5.917F081E2AB667C44F7D96DE1D16DFAE] - [10/01/2017 21:40:15] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Windows.) - [658 Ko] - (10.0.14393.594) : C:\WINDOWS\System32\Winlogon.exe [MD5.323AA1953ED9C01E23F740FA891FE064] - [28/10/2016 19:01:25] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de fonction connexe pour WinSock.) - [570.34 Ko] - (10.0.14393.351) : C:\WINDOWS\System32\Drivers\afd.sys [MD5.A10F989A812B57B9695F6C305907C9C6] - [16/07/2016 12:41:53] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [27.84 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\atapi.sys [MD5.65DEB05FC234BFF207379F06F0754402] - [16/07/2016 12:41:53] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [187.34 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\ataport.sys [MD5.F8FB51B9EF6372610E9B31A1D86B62FC] - [16/07/2016 12:42:35] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [90 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\cdfs.sys [MD5.613D0137C269187FA298A157E3D14A18] - [16/07/2016 12:41:53] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [169 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\cdrom.sys [MD5.0D1D392ED2597F295956D058D33BD7C3] - [11/10/2016 19:33:30] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [141.5 Ko] - (10.0.14393.321) : C:\WINDOWS\System32\Drivers\dfsc.sys [MD5.10E3515FE5DBA6656FA62C29342EC4A1] - [16/07/2016 12:41:52] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [81.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\hdaudbus.sys [MD5.B54B30992620C97230013A74461C8517] - [16/07/2016 12:41:54] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [111.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\i8042prt.sys [MD5.F1DAECC3B3D6399875D4F10529D6A77C] - [16/07/2016 12:42:39] - (.© Microsoft Corporation. - IP Network Address Translator.) - [207.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\ipnat.sys [MD5.E671EDAB0726E05ECEF4058B4CD73C4D] - [14/09/2016 13:59:28] - (.© Microsoft Corporation. Tous droits réservés. - Minirdr SMB Windows NT.) - [439.84 Ko] - (10.0.14393.187) : C:\WINDOWS\System32\Drivers\mrxsmb.sys [MD5.D5564FC81350458ED570528C4E3B1CCF] - [11/10/2016 19:33:29] - (.© Microsoft Corporation. Tous droits réservés. - NDIS (Network Driver Interface Specification).) - [1153.84 Ko] - (10.0.14393.321) : C:\WINDOWS\System32\Drivers\ndis.sys [MD5.6FEBB0A847FFD5F057B9AC8889F1B9A7] - [16/07/2016 12:42:35] - (.© Microsoft Corporation. - MBT Transport driver.) - [272.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\netbt.sys [MD5.DB69C6DA8B3DDFDC547D455CA23A8250] - [08/11/2016 22:22:02] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [2202.84 Ko] - (10.0.14393.447) : C:\WINDOWS\System32\Drivers\ntfs.sys [MD5.6B81BF7853D161DB8AC62CD8B9C2DE6B] - [16/07/2016 12:41:53] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [94.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\parport.sys [MD5.17E565710172ED71B8531D8822E1C5D1] - [16/07/2016 12:42:39] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [102.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\rasl2tp.sys [MD5.7135785C21CA79D270D11037C43D3F19] - [16/07/2016 12:44:03] - (.© Microsoft Corporation. Tous droits réservés. - Redirecteur de périphérique de Microsoft RDP.) - [173 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\rdpdr.sys [MD5.4F25E481124059CC593B4C68BC485640] - [28/10/2016 19:01:45] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [2478.34 Ko] - (10.0.14393.351) : C:\WINDOWS\System32\Drivers\tcpip.sys [MD5.9D2DD64A0B51C56285512DC9454340F6] - [16/07/2016 12:42:27] - (.© Microsoft Corporation. - TDI Translation Driver.) - [115.34 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\tdx.sys [MD5.BF2546583BB75F01DDA60A7921DFB230] - [16/07/2016 12:42:35] - (.© Microsoft Corporation. - Volume Shadow Copy driver.) - [382.34 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\volsnap.sys ---------- | Locked Applications ---------- | Explorer.exe component call (Microsoft Files Whitelisted) (.AVAST Software s.r.o..-.Hook Library.) - (17.1.2.60246) -- C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll (..-..) - (0.0.0.0) -- C:\WINDOWS\SYSTEM32\CoreUIComponents.dll (.SQLite Development Team.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.12.2.0) -- C:\WINDOWS\System32\winsqlite3.dll (.Advanced Micro Devices, Inc. .-.aticfx64.dll.) - (21.19.519.2) -- C:\WINDOWS\System32\DriverStore\FileRepository\c0311139.inf_amd64_2aa9c01a2af97538\aticfx64.dll (.Advanced Micro Devices, Inc. .-.atiuxpag.dll.) - (21.19.519.2) -- C:\WINDOWS\System32\DriverStore\FileRepository\c0311139.inf_amd64_2aa9c01a2af97538\atiuxp64.dll (.Advanced Micro Devices, Inc. .-.atidxx64.dll.) - (21.19.519.2) -- C:\WINDOWS\System32\DriverStore\FileRepository\c0311139.inf_amd64_2aa9c01a2af97538\atidxx64.dll (.Apple Inc..-.Bonjour Namespace Provider.) - (3.0.0.10) -- C:\Program Files\Bonjour\mdnsNSP.dll (.AVAST Software.-.Avast Shell Extension.) - (17.1.3394.0) -- C:\Program Files\AVAST Software\Avast\ashShA64.dll ---------- | Svchost.exe component call (Microsoft Files Whitelisted) (.Apple Inc..-.Bonjour Namespace Provider.) - (3.0.0.10) -- C:\Program Files\Bonjour\mdnsNSP.dll (.SQLite Development Team.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.12.2.0) -- C:\WINDOWS\System32\winsqlite3.dll (.AVAST Software s.r.o..-.Hook Library.) - (17.1.2.60246) -- C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU OneDrive - ("C:\Users\philippe\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [HKU\S-1-5-21-4158283954-3335988523-2550848084-1002\SOFTWARE\...\Run]) - User: PHILIPPE\philippe GUDelayStartup - ("C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun [HKU\S-1-5-21-4158283954-3335988523-2550848084-1002\SOFTWARE\...\Run]) - User: PHILIPPE\philippe RTHDVCPL - ("C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s [HKLM\SOFTWARE\...\Run]) - User: Public Logitech Download Assistant - (C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [HKLM\SOFTWARE\...\Run]) - User: Public EvtMgr6 - (C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming [HKLM\SOFTWARE\...\Run]) - User: Public [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s "Logitech Download Assistant"=C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch "EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "RTHDVCPL"=0x060000000000000000000000 "SynTPEnh"=0x060000000000000000000000 "Logitech Download Assistant"=0x060000000000000000000000 "!DiskInfo"=0x040000000000000000000000 "RUNFBI"=0x040000000000000000000000 "DisableStartScreen"=0x040000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32] "StartCCC"=0x040000000000000000000000 "AccelerometerSysTrayApplet"=0x060000000000000000000000 "mcpltui_exe"=0x040000000000000000000000 "HPMessageService"=0x060000000000000000000000 "DropboxOEM"=0x060000000000000000000000 "AvastUI.exe"=0x020000000000000000000000 "BlueStacks Agent"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [16/07/2016 12:47:48] "Common AppData"=C:\ProgramData [16/07/2016 12:47:48] "Common Desktop"=C:\Users\Public\Desktop [22/08/2013 16:36:30] "Common Documents"=C:\Users\Public\Documents [22/08/2013 16:36:30] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [16/07/2016 12:47:48] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [16/07/2016 12:47:48] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [16/07/2016 12:47:48] "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [22/08/2013 16:36:30] "CommonMusic"=C:\Users\Public\Music [22/08/2013 16:36:30] "CommonPictures"=C:\Users\Public\Pictures [22/08/2013 16:36:30] "CommonVideo"=C:\Users\Public\Videos [22/08/2013 16:36:30] "OEM Links"=C:\ProgramData\OEM\Links [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common AppData"=%ProgramData% "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common Templates"=%ProgramData%\Microsoft\Windows\Templates "CommonMusic"=%PUBLIC%\Music "CommonPictures"=%PUBLIC%\Pictures "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 "Win32kLastWriteTime"=1D255C50DCC143C [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "AccelerometerSysTrayApplet"=C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [01/04/2014 14:37:38] "DropboxOEM"="C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe" auto "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui "HPMessageService"=C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [29/06/2015 11:27:42] "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [16/07/2016 12:47:48] "Common AppData"=C:\ProgramData [16/07/2016 12:47:48] "Common Desktop"=C:\Users\Public\Desktop [22/08/2013 16:36:30] "Common Documents"=C:\Users\Public\Documents [22/08/2013 16:36:30] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [16/07/2016 12:47:48] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [16/07/2016 12:47:48] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [16/07/2016 12:47:48] "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [22/08/2013 16:36:30] "CommonMusic"=C:\Users\Public\Music [22/08/2013 16:36:30] "CommonPictures"=C:\Users\Public\Pictures [22/08/2013 16:36:30] "CommonVideo"=C:\Users\Public\Videos [22/08/2013 16:36:30] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common AppData"=%ProgramData% "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common Templates"=%ProgramData%\Microsoft\Windows\Templates "CommonMusic"=%PUBLIC%\Music "CommonPictures"=%PUBLIC%\Pictures "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Win.ini : ---------- | System.ini : ---------- | Winstart.bat : ---------- | Startings up registry ¦ Folder ---------- | Other keys [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Terminal Server] "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "DeleteTempDirsOnExit"=1 "fDenyTSConnections"=1 "fSingleSessionPerUser"=1 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "ProductVersion"=5.1 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "StartRCM"=0 "TSUserEnabled"=0 "InstanceID"=c5b6ea33-e68d-4803-b8ad-a5dc4bf "GlassSessionId"=2 [HKLM\System\CurrentControlSet\Control\Session Manager] "AutoChkTimeout"=8 "BootExecute"=autocheck autochk * "BootShell"=%SystemRoot%\system32\bootim.exe "CriticalSectionTimeout"=2592000 "ExcludeFromKnownDlls"= "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "InitConsoleFlags"=0 "NumberOfInitialSessions"=2 "ObjectDirectories"=\Windows \RPC Control "ProcessorControl"=2 "ProtectionMode"=1 "ResourceTimeoutCount"=648000 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager "SETUPEXECUTE"= [HKLM\System\CurrentControlSet\Control] "BootDriverFlags"=28 "CurrentUser"=USERNAME "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM AppIdSvc "PreshutdownOrder"=UsoSvc gpsvc trustedinstaller "WaitToKillServiceTimeout"=200 "SystemStartOptions"= NOEXECUTE=OPTIN NOVGA "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(4) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(2) "LastBootSucceeded"=1 "LastBootShutdown"=1 "DirtyShutdownCount"=44 [HKLM\System\CurrentControlSet\Control\lsa] "auditbasedirectories"=0 "auditbaseobjects"=0 "Bounds"=0x0030000000200000 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Security Packages"="" [22/11/2015 00:08:29] "Notification Packages"=scecli "Authentication Packages"=msv1_0 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "LsaPid"=1000 "ProductType"=3 "restrictanonymous"=0 "restrictanonymoussam"=1 "SamConnectedAccountsExist"=1 "SecureBoot"=1 ---------- | .LNK c:\hp\hpqware\dtshortcuts\de-de\aut\snapfish fotos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_at) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\de-de\che\snapfish fotos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_de_ch) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\de-de\deu\snapfish fotos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_de) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en-gb\gbr\snapfish photos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_gb) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en-gb\irl\snapfish photos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_ie) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en-us\aus\snapfish photos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_au) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en-us\can\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_ca) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en-us\gbr\snapfish photos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_gb) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en-us\irl\snapfish photos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_ie) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en-us\nzl\snapfish photos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_nz) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\en-us\usa\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_us) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\es-es\usa\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_us) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\fr-fr\can\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_fr_ca) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\fr-fr\che\photos snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_fr_ch) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\fr-fr\fra\photos snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_fr) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\it-it\che\snapfish foto.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_it_ch) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\it-it\ita\snapfish foto.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_it_it) - Hidden: False - Status: OK c:\hp\hpqware\dtshortcuts\zh-cn\chn\?????.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_cn) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\de-de\aut\music, photos and videos\snapfish fotos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_at) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\de-de\che\music, photos and videos\snapfish fotos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_de_ch) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\de-de\deu\music, photos and videos\snapfish fotos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_de) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en-gb\gbr\music, photos and videos\snapfish photos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_gb) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en-gb\irl\music, photos and videos\snapfish photos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_ie) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en-us\aus\music, photos and videos\snapfish photos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_au) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en-us\can\music, photos and videos\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_ca) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en-us\gbr\music, photos and videos\snapfish photos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_gb) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en-us\irl\music, photos and videos\snapfish photos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_ie) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en-us\nzl\music, photos and videos\snapfish photos.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_nz) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\en-us\usa\music, photos and videos\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_us) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\es-es\usa\music, photos and videos\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_us) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\fr-fr\can\music, photos and videos\snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_fr_ca) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\fr-fr\che\music, photos and videos\photos snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_fr_ch) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\fr-fr\fra\music, photos and videos\photos snapfish.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_fr) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\it-it\che\music, photos and videos\snapfish foto.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_it_ch) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\it-it\ita\music, photos and videos\snapfish foto.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_it_it) - Hidden: False - Status: OK c:\hp\hpqware\startmenulink\zh-cn\chn\music, photos and videos\?????.lnk - Encrypted: False - Target: C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe - Args: (hxxp://www.snapfish.com/hp_notebook_desktopicon_2014_cn) - Hidden: False - Status: OK c:\programdata\microsoft\windows\start menu\programs\reanimator\update reanimator.lnk - Encrypted: False - Target: C:\Program Files (x86)\Greatis\Reanimator\GWebUpdate.exe - Args: (hxxp://greatis.com/reanimator.ini /r) - Hidden: False - Status: OK ---------- | AppCertDlls ---------- | Dnsapi.dll C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "undockwithoutlogon"=1 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "SoftwareSASGeneration"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "SmartScreenEnabled"=RequireAdmin "GlobalAssocChangedCounter"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "undockwithoutlogon"=1 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "SoftwareSASGeneration"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=28 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "DefaultDomainName"= "DisableBackButton"=1 "EnableSIHostIntegration"=1 "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "ReportBootOk"=1 "Shell"=explorer.exe "ShellCritical"=0 "ShellInfrastructure"=sihost.exe "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "VMApplet"=SystemPropertiesPerformance.exe /pagefile "WinStationsDisabled"=0 "LastLogOffEndTimePerfCounter"=71616693524 "ShutdownFlags"=2147483687 "Userinit"=C:\Windows\system32\userinit.exe, "scremoveoption"=0 "DisableCad"=1 "AutoAdminLogon"=0 "DefaultUserName"=MicrosoftAccount\philipperolland512@hotmail.com "ShutdownWithoutLogon"=0 "EnableFirstLogonAnimation"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultDomainName"= "DefaultUserName"= "EnableSIHostIntegration"=1 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell"=explorer.exe "ShellCritical"=0 "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\WOW6432Node\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [16/07/2016 12:43:06] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"= [HKLM\Software\Clients\StartMenuInternet\SafeZoneStable\Shell\open\Command] ""="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" [HKLM\Software\Clients\StartMenuInternet\SafeZoneStable\InstallInfo] "ReinstallCommand"="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" --makedefaultbrowser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [16/07/2016 12:43:06] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"= [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\SafeZoneStable\Shell\open\Command] ""="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\SafeZoneStable\InstallInfo] "ReinstallCommand"="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" --makedefaultbrowser ---------- | AppcompatFlags [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe"=32 ---------- | IFEO ---------- | Mountpoints2 ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=131155399823227228 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe "DisableAntiSpyware"=1 "TrustedImageIdentifier"=791097-051 "ProductType"=2 "ProductStatus"=0 "DisableAntiVirus"=1 "InstallTime"=0x36D320709E25D101 "ManagedDefenderProductType"=0 "InstallLocation"=C:\Program Files\Windows Defender\ [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] ---------- | Winsock (Whitelist) ---------- | Hosts ---------- | Ping Envoi d'une requ?te 'ping' sur google.fr [216.58.198.195] avec 32 octets de donn?es?: R?ponse de 216.58.198.195?: octets=32 temps=25 ms TTL=52 R?ponse de 216.58.198.195?: octets=32 temps=24 ms TTL=52 R?ponse de 216.58.198.195?: octets=32 temps=21 ms TTL=52 R?ponse de 216.58.198.195?: octets=32 temps=24 ms TTL=52 Statistiques Ping pour 216.58.198.195: Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%), Dur?e approximative des boucles en millisecondes : Minimum = 21ms, Maximum = 25ms, Moyenne = 23ms ---------- | @ [HKLM\Software\Microsoft\Internet Explorer\Main] "Anchor_Visitation_Horizon"=0x01000000 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "DoNotTrack"=1 [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "Anchor_Visitation_Horizon"=0x01000000 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn] : c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll ---------- | Execution FileExts ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw] - {472083B0-C522-11CF-8763-00608CC02F24} -- C:\Program Files\AVAST Software\Avast\ashShA64.dll [16/02/2017 19:29:48] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast] - {472083B0-C522-11CF-8763-00608CC02F24} -- C:\Program Files\AVAST Software\Avast\ashShA64.dll [16/02/2017 19:29:48] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- C:\Windows\System32\EhStorShell.dll [16/07/2016 12:42:17] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- ---------- | Toolbar [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ---------- | Extensions [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{25510184-5A38-4A99-B273-DCA8EEF6CD08}] : (@C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A95fe080-8f5d-11d2-a20b-00aa003c157a}] : (@C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{25510184-5A38-4A99-B273-DCA8EEF6CD08}] : (@C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{A95fe080-8f5d-11d2-a20b-00aa003c157a}] : (@C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101) - [] ---------- | SearchScopes [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=HPNTDFJS : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{C5030FC4-A3F3-4E8D-A0C5-C52B742E1BF8}] - (Propositions de recherche Amazon.fr) - http://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} : ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}] -> (Logitech SetPoint) : C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [26/08/2015 02:16:26] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] -> () : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [22/02/2017 02:58:29] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}] -> (Evernote extension) : C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [23/09/2016 15:20:14] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}] -> (Logitech SetPoint) : C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [26/08/2015 02:16:26] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [22/02/2017 02:58:29] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] -> () : ---------- | Chrome [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\daanglpcpkjjlkhcbladppjphglbigam] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki] ---------- | Opera ---------- | Firefox [HKLM\Software\mozilla\Firefox\Extensions] "wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF "sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF [HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions] "wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF "sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF "{F003DA68-8256-4b37-A6C4-350FA04494DF}"=C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer] - (Adobe Shockwave Player) : C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1227197.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf] - () : C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf] - () : C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.121.2] - (Java™ Deployment Toolkit) : C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.121.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0] - (WildTangent Games App V2 Presence Detector Plugin) : C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.0.254 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{1e52faa7-9145-436a-ba04-ecd056c4786b}] "DhcpNameServer"=192.168.1.254 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{c4785ca9-5ff4-4fc2-80e0-98a4fd3c6ba3}] "DhcpNameServer"=192.168.0.254 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{1e52faa7-9145-436a-ba04-ecd056c4786b}] "DhcpNameServer"=192.168.1.254 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{c4785ca9-5ff4-4fc2-80e0-98a4fd3c6ba3}] "DhcpNameServer"=192.168.0.254 ---------- | Applications [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\SZBrowser.exe] : "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\SZBrowser.exe] : "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | SvcHost [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "bthaudiosvc"=BthHFSrv "DcomLaunch"=Power LSM BrokerInfrastructure PlugPlay DeviceInstall SystemEventsBroker DcomLaunch "defragsvc"=defragsvc "LocalServiceNetworkRestricted"=TimeBrokerSvc wscsvc LmHosts AppIDSvc homegroupprovider NgcCtnrSvc AJRouter icssvc wcmsvc eventlog AudioSrv RmSvc vmictimesync DHCP "RPCSS"=RpcEptMapper RpcSs "sdrsvc"=sdrsvc "utcsvc"=DiagTrack "WepHostSvcGroup"=WepHostSvc "LocalService"=nsi WdiServiceHost EventSystem RemoteRegistry SstpSvc netprofm lltdsvc fdphost bthserv PhoneSvc WebClient workfolderssvc w32time LicenseManager tzautoupdate FontCache CDPSvc WinHttpAutoProxySvc "LocalSystemNetworkRestricted"=HvHost WdiSystemHost ScDeviceEnum WiaRpc trkwks WUDFSvc hidserv dot3svc DsSvc WPDBusEnum fhsvc sysmain irmon EmbeddedMode DevQueryBroker svsvc Netman TabletInputService PcaSvc SmsRouter homegrouplistener vmicvss wlansvc NcbService UmRdpService DeviceAssociationService StorSvc AudioEndpointBuilder NgcSvc SensorService vmickvpexchange vmicshutdown vmicguestinterface vmicvmsession "netsvcs"=CertPropSvc SCPolicySvc lanmanserver gpsvc IKEEXT iphlpsvc seclogon AppInfo msiscsi EapHost schedule winmgmt browser SessionEnv wercplsupport shpamsvc Themes lfsvc DmEnrollmentSvc FastUserSwitchingCompatibility Ias Irmon Nla Ntmssvc NWCWorkstation Nwsapagent Rasauto Rasman Remoteaccess SENS Sharedaccess SRService Tapisrv Wmi WmdmPmSp wuauserv BITS ShellHWDetection LogonHours PCAudit helpsvc uploadmgr dmwappushservice WpnService XboxNetApiSvc DcpSvc RetailDemo BDESVC DsmSvc NcaSvc dosvc XblAuthManager UsoSvc ProfSvc UserManager XblGameSave wisvc wlidsvc NetSetupSvc "WerSvcGroup"=wersvc "WbioSvcGroup"=WbioSrvc "LocalServiceNoNetwork"=DPS PLA BFE NcdAutoSetup mpssvc WwanSvc CoreMessagingRegistrar "imgsvc"=StiSvc "termsvcs"=TermService "swprv"=swprv "smphost"=smphost "ICService"=vmicrdv vmicheartbeat "wsappx"=clipsvc AppXSvc "Camera"=FrameServer "LocalServicePeerNet"=PNRPSvc p2pimsvc p2psvc PnrpAutoReg "NetworkServiceAndNoImpersonation"=KtmRm "appmodel"=TileDataModelSvc WalletService StateRepository EntAppSvc "LocalServiceAndNoImpersonation"=SSDPSRV upnphost SCardSvr QWAVE fdrespub wcncsvc SensrSvc BthHFSrv "NetworkServiceNetworkRestricted"=PolicyAgent "AxInstSVGroup"=AxInstSV "AppReadiness"=AppReadiness "NetworkService"=CryptSvc WECSVC MapsBroker DHCP TermService Tapisrv lanmanworkstation WinRM DNSCache nlasvc "smbsvcs"=lanmanserver browser "UnistackSvcGroup"=UnistoreSvc UserDataSvc OneSyncSvc MessagingService WpnUserService PimIndexMaintenanceSvc CDPUserSvc "apphost"=apphostsvc w3logsvc "iissvcs"=w3svc was "print"=PrintNotify [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "netsvcs"=CertPropSvc SCPolicySvc lanmanserver gpsvc iphlpsvc msiscsi schedule winmgmt SessionEnv FastUserSwitchingCompatibility Ias Irmon Nla Ntmssvc NWCWorkstation Nwsapagent Rasauto Rasman Remoteaccess SENS Sharedaccess SRService Tapisrv Wmi WmdmPmSp wuauserv BITS ShellHWDetection LogonHours PCAudit helpsvc uploadmgr UserManager NetSetupSvc "LocalSystemNetworkRestricted"=ScDeviceEnum WiaRpc dot3svc Netman WPDBusEnum NcbService wlansvc DeviceAssociationService AudioEndpointBuilder "LocalService"=netprofm WebClient WinHttpAutoProxySvc "imgsvc"=StiSvc "LocalServiceNoNetwork"=PLA "smphost"=smphost "rpcss"=RpcSs "LocalServiceNetworkRestricted"=wscsvc LmHosts AudioSrv DHCP "appmodel"=StateRepository "LocalServiceAndNoImpersonation"=SSDPSRV upnphost SCardSvr QWAVE wcncsvc BthHFSrv "DcomLaunch"=PlugPlay DeviceInstall DcomLaunch "NetworkService"=CryptSvc WECSVC DHCP TermService Tapisrv WinRM DNSCache "smbsvcs"=lanmanserver "apphost"=apphostsvc w3logsvc "iissvcs"=w3svc was ---------- | SvcHost - Netsvcs (Whitelisted) ---------- | Software [HKLM\Software\7-Zip] [HKLM\Software\AGEIA Technologies] [HKLM\Software\Alienware] [HKLM\Software\AMD] [HKLM\Software\AMDDVR] [HKLM\Software\Apple Inc.] [HKLM\Software\ATI] [HKLM\Software\ATI Technologies] [HKLM\Software\BlueStacks] [HKLM\Software\Clients] [HKLM\Software\cybelsoft] [HKLM\Software\CyberLink] [HKLM\Software\Foxit Software] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\GlarySoft] [HKLM\Software\Hewlett-Packard] [HKLM\Software\IM Providers] [HKLM\Software\INextUUID] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\Khronos] [HKLM\Software\Logishrd] [HKLM\Software\Logitech] [HKLM\Software\Macromedia] [HKLM\Software\McAfee.com] [HKLM\Software\mcafeeupdater] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\MozillaPlugins] [HKLM\Software\Network Associates] [HKLM\Software\Nuance] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\Partner] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\RTLSetup] [HKLM\Software\SonicFocus] [HKLM\Software\SoundResearch] [HKLM\Software\SRS Labs] [HKLM\Software\Synaptics] [HKLM\Software\sysinternals] [HKLM\Software\TeamSpeak 3 Client] [HKLM\Software\WOW6432Node] [HKLM\Software\Microsoft\Windows\ClickNote] [HKLM\Software\Microsoft\Windows\Configuration] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\DWM] [HKLM\Software\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\Microsoft\Windows\GameDVR] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\apphost] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\Camera] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\iissvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\AGEIA Technologies] [HKLM\Software\WOW6432Node\AppDataLow] [HKLM\Software\WOW6432Node\Apple Inc.] [HKLM\Software\WOW6432Node\ATI] [HKLM\Software\WOW6432Node\ATI Technologies] [HKLM\Software\WOW6432Node\AVAST Software] [HKLM\Software\WOW6432Node\Blizzard Entertainment] [HKLM\Software\WOW6432Node\BlueStacks] [HKLM\Software\WOW6432Node\Chromium] [HKLM\Software\WOW6432Node\CyberLink] [HKLM\Software\WOW6432Node\Dropbox] [HKLM\Software\WOW6432Node\Evernote] [HKLM\Software\WOW6432Node\Foxit Software] [HKLM\Software\WOW6432Node\GlarySoft] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\Greatis] [HKLM\Software\WOW6432Node\Hewlett-Packard] [HKLM\Software\WOW6432Node\IM Providers] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\Lake] [HKLM\Software\WOW6432Node\Logitech] [HKLM\Software\WOW6432Node\LogMeInRescueCallingCard] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\McAfee] [HKLM\Software\WOW6432Node\mcafeeupdater] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\MimarSinan] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\NCWest] [HKLM\Software\WOW6432Node\Nuance] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\Piriform] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\Reto-Moto] [HKLM\Software\WOW6432Node\Rockstar Games] [HKLM\Software\WOW6432Node\RtWLan] [HKLM\Software\WOW6432Node\Sandbox Interactive GmbH] [HKLM\Software\WOW6432Node\Skype] [HKLM\Software\WOW6432Node\Symantec] [HKLM\Software\WOW6432Node\Valve] [HKLM\Software\WOW6432Node\WildTangent] [HKLM\Software\WOW6432Node\Wizards of the Coast] [HKLM\Software\WOW6432Node\WOW6432Node] [HKLM\Software\WOW6432Node\XLGames] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\iissvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] ---------- | Drives D: [24/11/2014 16:30:34] - |RASH| - (.-.) - [55] - (0.0.0.0) - D:\RP.ini ---------- | C: [22/11/2015 00:12:40] - |SHD| - [258] - C:\$RECYCLE.BIN [12/10/2016 17:17:24] - |HD| - [89266056] - C:\$SysReset [12/10/2016 18:42:37] - |D| - [80948096] - C:\$WINDOWS.~BT [10/10/2016 03:33:07] - |D| - [1133977] - C:\AdwCleaner [21/01/2017 04:45:46] - |D| - [1275246465] - C:\AMD [27/10/2016 17:44:29] - |D| - [29840117434] - C:\ArcheAge [MD5.55272FE96AD87017755FD82F7928FDA0] - [22/08/2013 16:44:03] - |RASH| - (.-.) - [398356] - (0.0.0.0) - C:\bootmgr [MD5.93B885ADFE0DA089CDF634904FD59F71] - [22/08/2013 16:44:04] - |ASH| - (.-.) - [1] - (0.0.0.0) - C:\BOOTNXT [MD5.DFCDA746510AA2225E9D7FA5ACFF9E81] - [22/02/2017 04:06:04] - |N| - (.-.) - [12864] - (0.0.0.0) - C:\bootsqm.dat [22/08/2013 15:45:52] - |SHD| - [0] - C:\Documents and Settings [24/02/2017 03:20:47] - |D| - [38911625825] - C:\Games [MD5.BF8CAC60D7DE589F48329DE187A69270] - [26/06/2016 19:51:11] - |A| - (.-.) - [4847] - (0.0.0.0) - C:\GUDownLoaddebug.txt [MD5.D41D8CD98F00B204E9800998ECF8427E] - [13/10/2016 16:39:25] - |ASH| - (.-.) - [4697403392] - (0.0.0.0) - C:\hiberfil.sys [26/09/2014 02:13:49] - |HD| - [17606962] - C:\HP [13/08/2016 06:40:23] - |D| - [154353] - C:\inetpub [04/10/2016 18:16:58] - |D| - [10562207606] - C:\Nexon [MD5.12537D5D0D98E812FE85BB0170E61404] - [20/11/2015 06:48:05] - |A| - (.-.) - [3349] - (0.0.0.0) - C:\OA3.Trace.xml [25/02/2017 18:39:05] - |HD| - [0] - C:\OneDriveTemp [MD5.D41D8CD98F00B204E9800998ECF8427E] - [20/11/2015 06:48:59] - |ASH| - (.-.) - [1811939328] - (0.0.0.0) - C:\pagefile.sys [16/07/2016 12:47:47] - |D| - [0] - C:\PerfLogs [16/07/2016 07:04:24] - |RD| - [6332084898] - C:\Program Files [16/07/2016 07:04:24] - |RD| - [332226978545] - C:\Program Files (x86) [16/07/2016 12:47:48] - |HD| - [17188200175] - C:\ProgramData [25/02/2017 18:56:37] - |D| - [262051] - C:\QuickDiag [MD5.D3CB36D8B48D9AE40E83D7B51E508D83] - [25/02/2017 18:57:36] - |A| - (.-.) - [121423] - (0.0.0.0) - C:\QuickDiag.txt [13/08/2016 06:54:02] - |SHD| - [971] - C:\Recovery [MD5.D41D8CD98F00B204E9800998ECF8427E] - [20/11/2015 06:48:23] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Recovery.txt [MD5.D41D8CD98F00B204E9800998ECF8427E] - [20/11/2015 06:48:59] - |ASH| - (.-.) - [268435456] - (0.0.0.0) - C:\swapfile.sys [05/04/2014 00:55:36] - |D| - [4483248111] - C:\SWSetup [20/11/2015 06:48:57] - |SHD| - [0] - C:\System Volume Information [05/04/2014 00:45:54] - |AHD| - [410420090] - C:\SYSTEM.SAV [MD5.14413C64CAC6AD3A485BD6A75F6C80C7] - [12/10/2016 19:27:02] - |ASH| - (.-.) - [8388608] - (0.0.0.0) - C:\tmpgfile.sys [16/07/2016 07:04:24] - |RD| - [29134179155] - C:\Users [16/07/2016 07:04:24] - |D| - [20474663934] - C:\WINDOWS ---------- | C:\WINDOWS [16/07/2016 12:47:48] - |D| - [802] - C:\WINDOWS\addins [16/07/2016 12:47:48] - |D| - [13485644] - C:\WINDOWS\appcompat [16/07/2016 12:47:48] - |D| - [12471204] - C:\WINDOWS\AppPatch [16/07/2016 12:47:48] - |D| - [0] - C:\WINDOWS\AppReadiness [16/07/2016 12:47:47] - |RSD| - [876238153] - C:\WINDOWS\assembly [MD5.D41D8CD98F00B204E9800998ECF8427E] - [13/08/2016 05:58:12] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\ativpsrm.bin [MD5.12EBDA58437CD1EA7066FCB6455241D2] - [10/09/2016 03:47:35] - |A| - (.Copyright (c) 2014 AVAST Software - avast! Screen Saver stub.) - [53208] - (12.3.3154.0) - C:\WINDOWS\avastSS.scr [16/07/2016 12:47:48] - |D| - [281160] - C:\WINDOWS\bcastdvr [MD5.7B465E25ADF5D6DBCE9DCAE3C6545405] - [16/07/2016 12:42:16] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [61440] - (10.0.14393.0) - C:\WINDOWS\bfsvc.exe [16/07/2016 12:47:48] - |D| - [38116021] - C:\WINDOWS\Boot [MD5.F7A2D1AAEF46FD62F2915630CD3B441D] - [13/08/2016 05:56:55] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat.dat [16/07/2016 12:47:48] - |D| - [3715608] - C:\WINDOWS\Branding [16/07/2016 12:36:22] - |D| - [0] - C:\WINDOWS\CbsTemp [MD5.D6CE3EEAB0B72F8014E62C728CEA5605] - [16/07/2016 23:46:34] - |A| - (.-.) - [33498] - (0.0.0.0) - C:\WINDOWS\Core.xml [MD5.0505315076F50DE128B8256927B94722] - [18/03/2014 10:38:12] - |A| - (.-.) - [35851] - (0.0.0.0) - C:\WINDOWS\CoreConnectedSingleLanguage.xml [MD5.C70FFF016945F5585DDC586D655F839C] - [26/09/2014 02:25:39] - |A| - (.-.) - [12] - (0.0.0.0) - C:\WINDOWS\CSUP.txt [16/07/2016 12:47:48] - |D| - [8970858] - C:\WINDOWS\Cursors [16/07/2016 12:47:48] - |D| - [211498] - C:\WINDOWS\debug [MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [13/08/2016 06:30:55] - |A| - (.-.) - [7623] - (0.0.0.0) - C:\WINDOWS\diagerr.xml [16/07/2016 12:47:48] - |D| - [4543876] - C:\WINDOWS\diagnostics [MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [13/08/2016 06:30:56] - |A| - (.-.) - [7623] - (0.0.0.0) - C:\WINDOWS\diagwrn.xml [MD5.9CADC91DF349C198FFB5477A5B23B6C2] - [24/10/2016 17:00:39] - |RA| - (.© Microsoft Corporation. - Driver Install Frameworks for API library module.) - [524768] - (2.1.0.0) - C:\WINDOWS\difxapi.dll [16/07/2016 23:40:08] - |D| - [0] - C:\WINDOWS\DigitalLocker [16/07/2016 12:47:48] - |SD| - [65] - C:\WINDOWS\Downloaded Program Files [16/07/2016 12:47:48] - |HD| - [44056] - C:\WINDOWS\ELAMBKUP [16/07/2016 23:40:08] - |D| - [0] - C:\WINDOWS\en-US [MD5.4E10FB1A015B49AC68F76C1A3F4D9C0F] - [09/12/2016 21:22:31] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4673304] - (10.0.14393.479) - C:\WINDOWS\explorer.exe [16/07/2016 12:47:48] - |RSD| - [362000888] - C:\WINDOWS\Fonts [16/07/2016 23:40:08] - |D| - [122368] - C:\WINDOWS\fr-FR [16/07/2016 12:47:48] - |D| - [0] - C:\WINDOWS\GameBarPresenceWriter [16/07/2016 12:47:48] - |D| - [20732976] - C:\WINDOWS\Globalization [16/07/2016 12:47:48] - |D| - [3996509] - C:\WINDOWS\Help [MD5.553DF2ABF34649763324BC5470D04317] - [16/07/2016 12:42:20] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [975360] - (10.0.14393.0) - C:\WINDOWS\HelpPane.exe [24/11/2014 05:39:48] - |D| - [32281934] - C:\WINDOWS\Hewlett-Packard [MD5.52AFE6DE5E463B7A08C184B1EB49DD6A] - [16/07/2016 12:42:21] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [18432] - (10.0.14393.0) - C:\WINDOWS\hh.exe [16/07/2016 12:47:48] - |D| - [173191976] - C:\WINDOWS\IME [16/07/2016 12:47:48] - |RD| - [6842480] - C:\WINDOWS\ImmersiveControlPanel [16/07/2016 12:45:54] - |D| - [121034599] - C:\WINDOWS\INF [16/07/2016 12:47:48] - |D| - [1082161303] - C:\WINDOWS\InfusedApps [16/07/2016 12:47:48] - |D| - [36285422] - C:\WINDOWS\InputMethod [MD5.FB1F46900FBE595AA662E86E5C460FC1] - [22/11/2015 00:11:43] - |A| - (.-.) - [205] - (0.0.0.0) - C:\WINDOWS\insFileSpec [16/07/2016 12:47:48] - |SHD| - [1207299141] - C:\WINDOWS\Installer [16/07/2016 12:47:48] - |D| - [89407] - C:\WINDOWS\L2Schemas [16/07/2016 12:47:48] - |D| - [6796554] - C:\WINDOWS\LiveKernelReports [16/07/2016 07:04:29] - |D| - [368927296] - C:\WINDOWS\Logs [16/07/2016 12:47:48] - |RSD| - [20316123] - C:\WINDOWS\Media [22/08/2013 16:36:31] - |D| - [1636864] - C:\WINDOWS\MediaViewer [MD5.23AF90D2355D8C83AA4567EF1763B467] - [16/07/2016 12:42:12] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\WINDOWS\mib.bin [16/07/2016 12:47:47] - |RD| - [820047495] - C:\WINDOWS\Microsoft.NET [16/07/2016 12:47:48] - |D| - [2563] - C:\WINDOWS\Migration [21/01/2017 04:51:35] - |D| - [0] - C:\WINDOWS\Minidump [16/07/2016 12:47:48] - |RD| - [484593] - C:\WINDOWS\MiracastView [16/07/2016 12:47:48] - |D| - [0] - C:\WINDOWS\ModemLogs [28/07/2016 17:46:21] - |HD| - [0] - C:\WINDOWS\msdownld.tmp [MD5.3B508CAE5DEBCBA928B5BC355517E2E6] - [16/07/2016 12:43:51] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [243200] - (10.0.14393.0) - C:\WINDOWS\notepad.exe [16/07/2016 23:41:15] - |D| - [199472] - C:\WINDOWS\OCR [16/07/2016 12:47:48] - |RD| - [65] - C:\WINDOWS\Offline Web Pages [13/08/2016 06:53:56] - |DC| - [159144522] - C:\WINDOWS\Panther [16/07/2016 12:47:48] - |D| - [29424661] - C:\WINDOWS\Performance [16/07/2016 12:47:48] - |D| - [1136442] - C:\WINDOWS\PLA [16/07/2016 12:47:48] - |D| - [2656332] - C:\WINDOWS\PolicyDefinitions [13/08/2016 05:56:14] - |D| - [43372726] - C:\WINDOWS\Prefetch [16/07/2016 12:47:48] - |RD| - [2036530] - C:\WINDOWS\PrintDialog [16/07/2016 12:47:48] - |D| - [1415119] - C:\WINDOWS\Provisioning [MD5.EFE3D78833FEDAF7F24C264BF9976301] - [16/07/2016 12:42:17] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [320512] - (10.0.14393.0) - C:\WINDOWS\regedit.exe [16/07/2016 12:47:48] - |D| - [1117876] - C:\WINDOWS\registration [16/07/2016 12:47:48] - |D| - [11456849] - C:\WINDOWS\rescache [16/07/2016 12:47:48] - |D| - [3904450] - C:\WINDOWS\Resources [MD5.DD3B71B8EA28D589E1D6EC341FED2682] - [04/06/2015 10:35:56] - |A| - (.-.) - [37244] - (0.0.0.0) - C:\WINDOWS\rlt8723a_chip_bt40_fw_asic_rom_patch.dll [MD5.D771B233940A2DAF88944C20FE60A3C4] - [04/06/2015 10:35:56] - |A| - (.-.) - [50920] - (0.0.0.0) - C:\WINDOWS\rtl8723b_mp_chip_bt40_fw_asic_rom_patch_new.dll [MD5.E347754D711FE43BF664279227315D98] - [04/06/2015 10:35:56] - |A| - (.-.) - [50868] - (0.0.0.0) - C:\WINDOWS\rtl8723b_mp_chip_bt40_fw_asic_rom_patch_new_s1.dll [MD5.0911ADEA56EBBAA0D72E43CC291F9E89] - [04/06/2015 10:35:56] - |A| - (.-.) - [50144] - (0.0.0.0) - C:\WINDOWS\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8192ee_new.dll [MD5.F099C70CF67332356860E7872D24CA7D] - [04/06/2015 10:35:56] - |A| - (.-.) - [50060] - (0.0.0.0) - C:\WINDOWS\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8192eu_new.dll [MD5.B5937944F030BC8FE5087D5B0F211594] - [04/06/2015 10:35:56] - |A| - (.-.) - [50956] - (0.0.0.0) - C:\WINDOWS\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8812ae_new.dll [MD5.E261DCA8282CEF97B130BA94FC9200F9] - [04/06/2015 10:35:56] - |A| - (.-.) - [47692] - (0.0.0.0) - C:\WINDOWS\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_new.dll [MD5.E69C86BE29408F817B9729FCDB2C6E81] - [04/06/2015 10:35:56] - |A| - (.-.) - [34840] - (0.0.0.0) - C:\WINDOWS\rtl8821a_mp_chip_bt40_fw_asic_rom_patch_new.dll [MD5.429D9EEB1DA2386625DF4601CC1C875A] - [24/11/2014 05:30:12] - |A| - (.Copyright (C) 2015 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [2825944] - (1.0.6.5) - C:\WINDOWS\RtlExUpd.dll [16/07/2016 12:47:48] - |D| - [0] - C:\WINDOWS\SchCache [16/07/2016 12:47:48] - |D| - [121229] - C:\WINDOWS\schemas [16/07/2016 12:47:48] - |D| - [5636096] - C:\WINDOWS\security [13/08/2016 05:55:20] - |D| - [52030816] - C:\WINDOWS\ServiceProfiles [16/07/2016 07:04:24] - |D| - [186791667] - C:\WINDOWS\servicing [16/07/2016 12:49:46] - |D| - [42] - C:\WINDOWS\Setup [MD5.D41D8CD98F00B204E9800998ECF8427E] - [24/02/2017 21:22:22] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [24/02/2017 21:22:22] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\setuperr.log [16/07/2016 12:47:48] - |D| - [31190016] - C:\WINDOWS\ShellExperiences [30/10/2015 20:03:03] - |D| - [0] - C:\WINDOWS\ShellNew [16/07/2016 23:40:46] - |D| - [3070736] - C:\WINDOWS\SKB [21/11/2015 23:56:02] - |D| - [145441346] - C:\WINDOWS\SoftwareDistribution [16/07/2016 12:47:48] - |D| - [86037697] - C:\WINDOWS\Speech [16/07/2016 12:47:48] - |D| - [53541356] - C:\WINDOWS\Speech_OneCore [MD5.BCDB205132974EC3AB6F5C01DD93489B] - [28/10/2016 19:02:26] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [130560] - (10.0.14393.351) - C:\WINDOWS\splwow64.exe [16/07/2016 12:47:48] - |D| - [31039] - C:\WINDOWS\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [22/08/2013 14:25:43] - |A| - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\system.ini [16/07/2016 07:04:24] - |D| - [6279661225] - C:\WINDOWS\System32 [16/07/2016 12:47:48] - |D| - [144046344] - C:\WINDOWS\SystemApps [16/07/2016 12:47:48] - |D| - [17529069] - C:\WINDOWS\SystemResources [16/07/2016 07:04:27] - |D| - [1432611057] - C:\WINDOWS\SysWOW64 [16/07/2016 12:47:48] - |D| - [0] - C:\WINDOWS\TAPI [22/08/2013 16:36:30] - |D| - [2434] - C:\WINDOWS\Tasks [24/11/2014 05:42:18] - |D| - [21007] - C:\WINDOWS\tbaseregistry [16/07/2016 12:47:48] - |D| - [126654] - C:\WINDOWS\Temp [22/08/2013 16:36:30] - |RD| - [0] - C:\WINDOWS\ToastData [16/07/2016 12:47:48] - |D| - [0] - C:\WINDOWS\tracing [16/07/2016 12:47:48] - |D| - [7680] - C:\WINDOWS\twain_32 [MD5.21F91141B4796108A50733B14850CDF2] - [16/07/2016 12:43:52] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [66560] - (1.7.1.3) - C:\WINDOWS\twain_32.dll [22/08/2013 16:36:30] - |D| - [0] - C:\WINDOWS\vpnplugins [16/07/2016 12:47:48] - |D| - [12420] - C:\WINDOWS\Vss [16/07/2016 12:47:48] - |D| - [18297624] - C:\WINDOWS\Web [MD5.60CDAF0811BF825164C0E246F4F5620D] - [22/08/2013 14:25:43] - |A| - (.-.) - [124] - (0.0.0.0) - C:\WINDOWS\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [16/07/2016 12:42:32] - |RAH| - (.-.) - [670] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest [MD5.038356387332650843BCB352BB89A101] - [24/02/2017 21:22:06] - |A| - (.-.) - [275] - (0.0.0.0) - C:\WINDOWS\WindowsUpdate.log [MD5.9328E170E5407D9DDE7EB1E208A2CBB4] - [16/07/2016 12:42:48] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [10240] - (10.0.14393.0) - C:\WINDOWS\winhlp32.exe [MD5.81051BCC2CF1BEDF378224B0A93E2877] - [10/10/2016 05:47:53] - |RASHOT| - (.-.) - [2] - (0.0.0.0) - C:\WINDOWS\winstart.bat [16/07/2016 07:04:24] - |D| - [6529460927] - C:\WINDOWS\WinSxS [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [16/07/2016 12:43:08] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx [MD5.E87C6A38E61A712C48025A6AD54C1113] - [16/07/2016 12:42:39] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.14393.0) - C:\WINDOWS\write.exe ---------- | C:\WINDOWS\System32\GroupPolicy ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [10/10/2016 00:49:21] - C:\WINDOWS\Installer\10a89f9.msi : (7-Zip (x64 edition) Package - Igor Pavlov) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [06/09/2014 02:43:58] - C:\WINDOWS\Installer\10dfab.msi : (Blank Project Template - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/07/2014 18:38:16] - C:\WINDOWS\Installer\10dfaf.msi : (Blank Project Template - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/02/2013 08:53:16] - C:\WINDOWS\Installer\10dfb3.msi : ( - Hewlett-Packard Company) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/02/2017 02:57:46] - C:\WINDOWS\Installer\12cb585.msi : (Java SE Runtime Environment 8 Update 121 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/02/2017 02:57:33] - C:\WINDOWS\Installer\12cb58a.msi : (Java Auto Updater - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/02/2017 20:49:42] - C:\WINDOWS\Installer\15279ea.msi : (AMD Software (64 bit) - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/02/2017 20:38:38] - C:\WINDOWS\Installer\15279ef.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/02/2017 20:39:02] - C:\WINDOWS\Installer\15279f4.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/02/2017 20:39:28] - C:\WINDOWS\Installer\15279f9.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/02/2017 20:39:52] - C:\WINDOWS\Installer\15279fe.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/02/2017 20:40:18] - C:\WINDOWS\Installer\1527a03.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/02/2017 20:40:42] - C:\WINDOWS\Installer\1527a08.msi : (Catalyst Control Center next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/02/2017 20:41:06] - C:\WINDOWS\Installer\1527a0d.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/02/2017 20:41:44] - C:\WINDOWS\Installer\1527a12.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/02/2017 20:42:10] - C:\WINDOWS\Installer\1527a17.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/02/2017 20:42:36] - C:\WINDOWS\Installer\1527a1c.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/02/2017 20:43:00] - C:\WINDOWS\Installer\1527a21.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/02/2017 20:43:28] - C:\WINDOWS\Installer\1527a26.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/02/2017 20:43:52] - C:\WINDOWS\Installer\1527a2b.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/02/2017 20:44:18] - C:\WINDOWS\Installer\1527a30.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/02/2017 20:44:44] - C:\WINDOWS\Installer\1527a35.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/02/2017 20:45:08] - C:\WINDOWS\Installer\1527a3a.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/02/2017 20:45:34] - C:\WINDOWS\Installer\1527a3f.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/02/2017 20:46:00] - C:\WINDOWS\Installer\1527a44.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/02/2017 20:46:26] - C:\WINDOWS\Installer\1527a49.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/02/2017 20:46:52] - C:\WINDOWS\Installer\1527a4e.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/02/2017 20:47:16] - C:\WINDOWS\Installer\1527a53.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/02/2017 21:12:10] - C:\WINDOWS\Installer\1527a58.msi : (AMD Settings - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/02/2017 21:12:44] - C:\WINDOWS\Installer\1527a5d.msi : (AMD Start Now Installation package - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/02/2017 20:50:52] - C:\WINDOWS\Installer\1527a62.msi : (AMD Settings - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/11/2016 07:04:26] - C:\WINDOWS\Installer\1527a67.msi : (Branding - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/02/2017 20:46:08] - C:\WINDOWS\Installer\1527a6c.msi : (AMD Problem Report Wizard (64 bit) - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/08/2014 02:48:02] - C:\WINDOWS\Installer\1928e2.msi : (Blank Project Template - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/09/2014 04:03:30] - C:\WINDOWS\Installer\19293e.msi : (Blank Project Template - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [04/09/2014 00:25:42] - C:\WINDOWS\Installer\192942.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/05/2014 12:24:50] - C:\WINDOWS\Installer\192946.msi : (Blank Project Template - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/09/2016 03:33:54] - C:\WINDOWS\Installer\21193222.msi : (Install/UnInstall PhysX Driver + Engines: 2.3.1/2/3; 2.4.0/1/4; 2.5.0/1/3/4; 2.6.0/1/2/3/4; 2.7.0/1/2/3/4/5/6; 2.8.0/1/2/3/3 - NVIDIA Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/09/2016 03:54:24] - C:\WINDOWS\Installer\2129626d.msi : (Blade & Soul Client - NC Interactive, LLC) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/12/2015 23:57:06] - C:\WINDOWS\Installer\23b4d9d0.msi : (HP Support Solutions Framework - Hewlett-Packard Company) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/12/2015 23:59:31] - C:\WINDOWS\Installer\23b4df98.msi : (HP Support Assistant - Hewlett-Packard Company) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/12/2015 00:02:24] - C:\WINDOWS\Installer\23b4df9d.msi : (Blank Project Template - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/09/2013 10:45:54] - C:\WINDOWS\Installer\240db.msi : (swMSM - Adobe Systems, Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/09/2014 17:11:42] - C:\WINDOWS\Installer\240e0.msi : (Dropbox 25 GB - Dropbox, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/05/2014 01:28:56] - C:\WINDOWS\Installer\240eb.msi : ( - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/09/2014 23:03:42] - C:\WINDOWS\Installer\240f0.msi : ( - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/08/2013 12:03:14] - C:\WINDOWS\Installer\240fb.msi : (Blank Project Template - Hewlett-Packard Company) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/09/2014 19:03:49] - C:\WINDOWS\Installer\24100.msi : (Blank Project Template - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/11/2015 00:46:53] - C:\WINDOWS\Installer\2550d4.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/02/2017 01:41:51] - C:\WINDOWS\Installer\2589492.msi : (Skype - Skype Technologies S.A.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/09/2014 23:22:20] - C:\WINDOWS\Installer\29de1.msi : (AMD Start Now Installation package - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/11/2013 00:47:48] - C:\WINDOWS\Installer\29de5.msi : (Branding - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/09/2014 23:20:52] - C:\WINDOWS\Installer\29dea.msi : (AMD Fuel - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/09/2014 23:21:24] - C:\WINDOWS\Installer\29dee.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/09/2014 23:17:30] - C:\WINDOWS\Installer\29df2.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/09/2014 23:17:36] - C:\WINDOWS\Installer\29df6.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/09/2014 23:17:42] - C:\WINDOWS\Installer\29dfa.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/09/2014 23:17:50] - C:\WINDOWS\Installer\29dfe.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/09/2014 23:17:56] - C:\WINDOWS\Installer\29e02.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/09/2014 23:18:02] - C:\WINDOWS\Installer\29e06.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/09/2014 23:18:08] - C:\WINDOWS\Installer\29e0a.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/09/2014 23:18:14] - C:\WINDOWS\Installer\29e0e.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/09/2014 23:18:20] - C:\WINDOWS\Installer\29e12.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/09/2014 23:18:26] - C:\WINDOWS\Installer\29e16.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/09/2014 23:18:34] - C:\WINDOWS\Installer\29e1a.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/09/2014 23:18:40] - C:\WINDOWS\Installer\29e1e.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/09/2014 23:18:46] - C:\WINDOWS\Installer\29e22.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/09/2014 23:18:52] - C:\WINDOWS\Installer\29e26.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/09/2014 23:18:58] - C:\WINDOWS\Installer\29e2a.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/09/2014 23:19:04] - C:\WINDOWS\Installer\29e2e.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/09/2014 23:19:12] - C:\WINDOWS\Installer\29e32.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/09/2014 23:19:18] - C:\WINDOWS\Installer\29e36.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/09/2014 23:19:24] - C:\WINDOWS\Installer\29e3a.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/09/2014 23:19:30] - C:\WINDOWS\Installer\29e3e.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/09/2014 23:19:36] - C:\WINDOWS\Installer\29e42.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/09/2014 23:19:42] - C:\WINDOWS\Installer\29e46.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/09/2014 23:19:52] - C:\WINDOWS\Installer\29e4a.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/09/2014 23:20:10] - C:\WINDOWS\Installer\29e4e.msi : (Catalyst Control Center Utility 64 - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/09/2014 23:17:22] - C:\WINDOWS\Installer\29e53.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/09/2014 23:26:22] - C:\WINDOWS\Installer\29e5c.msi : (AMD Accelerated Video Transcoding INstallation package - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/11/2015 00:23:19] - C:\WINDOWS\Installer\44b19c5.msi : ( - © 2008-2015 Hewlett-Packard Development Compay, L.P.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/09/2014 08:28:00] - C:\WINDOWS\Installer\4c94a.msi : (HP Documentation - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [02/10/2012 02:27:56] - C:\WINDOWS\Installer\4c94e.msi : ( - Hewlett-Packard Company) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/08/2014 01:21:42] - C:\WINDOWS\Installer\4c95a.msi : (Blank Project Template - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/09/2014 01:16:56] - C:\WINDOWS\Installer\4c962.msi : (Blank Project Template - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/12/2016 16:45:30] - C:\WINDOWS\Installer\64f12.msi : (Hardware Detection DriversCloud.com - Cybelsoft) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/01/2017 16:52:19] - C:\WINDOWS\Installer\ca967.msi : (Blank Project Template - TomTom) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/12/2016 22:18:47] - C:\WINDOWS\Installer\d8f7f8.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/11/2012 16:30:52] - C:\WINDOWS\Installer\edbf7.msi : ( - Cisco Systems, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/11/2012 16:39:00] - C:\WINDOWS\Installer\edbfb.msi : ( - Cisco Systems, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/11/2012 16:37:52] - C:\WINDOWS\Installer\edbff.msi : ( - Cisco Systems, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/11/2014 05:37:19] - C:\WINDOWS\Installer\edc42.msi : (HP Wireless Button Driver - Hewlett-Packard Company) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/11/2014 05:38:22] - C:\WINDOWS\Installer\edc4f.msi : (HP 3D DriveGuard - Hewlett-Packard Company) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/11/2014 05:39:47] - C:\WINDOWS\Installer\edc54.msi : (HP PC Hardware Diagnostics UEFI - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/06/2014 17:19:12] - C:\WINDOWS\Installer\edc58.msi : ([ProductName] Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] ---------- | %System%\*.in* [16/07/2016 12:43:08] - [3458] - C:\WINDOWS\System32\ieuinit.inf [13/08/2016 06:02:19] - [2308146] - C:\WINDOWS\System32\PerfStringBackup.INI [16/07/2016 12:42:39] - [60124] - C:\WINDOWS\System32\tcpmon.ini [16/07/2016 12:42:11] - [2307] - C:\WINDOWS\System32\WimBootCompress.ini [16/07/2016 12:43:59] - [3458] - C:\WINDOWS\Syswow64\ieuinit.inf [13/08/2016 06:02:14] - [1567484] - C:\WINDOWS\Syswow64\PerfStringBackup.INI [16/07/2016 12:42:43] - [2307] - C:\WINDOWS\Syswow64\WimBootCompress.ini ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.B7C476BBE4F001F4F33C04D9ABC33DC8] - |A| - [16/07/2016 12:42:17] - (.-.) - [14.52 Ko] - (0.0.0.0) - C:\WINDOWS\AppPatch\AppPatch64\pcamain.sdb [MD5.6457DB2C0EA3AEB8589D9AADE59698B5] - |A| - [14/12/2016 18:02:24] - (.-.) - [541.03 Ko] - (0.0.0.0) - C:\WINDOWS\AppPatch\AppPatch64\sysmain.sdb [MD5.00000000000000000000000000000000] - |D| - [02/10/2016 23:24:11] - [0 Ko] - C:\WINDOWS\Temp\ACLM [MD5.00000000000000000000000000000000] - |D| - [21/01/2017 05:40:15] - [0 Ko] - C:\WINDOWS\Temp\AE4903A6-AE7B-483B-A118-E9EBD1108C6A [MD5.00000000000000000000000000000000] - |D| - [04/10/2016 17:47:09] - [0 Ko] - C:\WINDOWS\Temp\avast_ash2 [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [25/02/2017 04:50:40] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\CProgram FilesAVAST SoftwareSZBrowser3.55.2393.561SZBrowser_autoupdate.download.lock [MD5.00000000000000000000000000000000] - |D| - [03/10/2016 23:18:36] - [0 Ko] - C:\WINDOWS\Temp\Crashpad [MD5.00000000000000000000000000000000] - |D| - [06/02/2017 22:24:49] - [0 Ko] - C:\WINDOWS\Temp\CR_52860.tmp [MD5.00000000000000000000000000000000] - |D| - [21/01/2017 04:54:38] - [0 Ko] - C:\WINDOWS\Temp\EB4286F6-7E18-41C4-8117-15331E43070B [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [25/02/2017 03:45:34] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\FXSAPIDebugLogFile.txt [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [25/02/2017 03:45:34] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\FXSTIFFDebugLogFile.txt [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [24/02/2017 21:18:35] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\gumarktemp.dat [MD5.00000000000000000000000000000000] - |D| - [27/09/2016 18:41:41] - [76.85 Ko] - C:\WINDOWS\Temp\HP Support Framework [MD5.6629EC034983BC66736C930A845404A7] - |A| - [24/02/2017 21:21:59] - (.-.) - [4.25 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpCmdRun.log [MD5.B34CBCF896FBD1E39E13FFF345512D7F] - |A| - [24/02/2017 21:23:07] - (.-.) - [10.6 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpSigStub.log [MD5.00000000000000000000000000000000] - |D| - [29/10/2016 01:52:59] - [0 Ko] - C:\WINDOWS\Temp\MPTelemetrySubmit [MD5.00000000000000000000000000000000] - |D| - [04/10/2016 17:49:29] - [0 Ko] - C:\WINDOWS\Temp\MRT [MD5.00000000000000000000000000000000] - |D| - [09/02/2017 01:35:14] - [0 Ko] - C:\WINDOWS\Temp\nskF49A.tmp [MD5.00000000000000000000000000000000] - |D| - [11/09/2016 04:06:56] - [31.99 Ko] - C:\WINDOWS\Temp\SafeZone Installer [MD5.00000000000000000000000000000000] - |D| - [17/01/2017 12:18:26] - [0 Ko] - C:\WINDOWS\Temp\tw1569.tmp [MD5.00000000000000000000000000000000] - |D| - [27/10/2016 16:05:13] - [0 Ko] - C:\WINDOWS\Temp\tw7B07.tmp [MD5.00000000000000000000000000000000] - |D| - [08/12/2016 18:08:51] - [0 Ko] - C:\WINDOWS\Temp\tw8D5B.tmp [MD5.00000000000000000000000000000000] - |D| - [04/12/2016 19:13:12] - [0 Ko] - C:\WINDOWS\Temp\tw8DD1.tmp [MD5.00000000000000000000000000000000] - |D| - [26/12/2016 18:28:19] - [0 Ko] - C:\WINDOWS\Temp\twAF7A.tmp [MD5.00000000000000000000000000000000] - |D| - [03/01/2017 20:18:39] - [0 Ko] - C:\WINDOWS\Temp\twCB28.tmp [MD5.00000000000000000000000000000000] - |D| - [04/10/2016 20:50:00] - [0 Ko] - C:\WINDOWS\Temp\twDAB3.tmp [MD5.00000000000000000000000000000000] - |D| - [22/02/2017 04:53:42] - [0 Ko] - C:\WINDOWS\Temp\usgthrsvc [MD5.00000000000000000000000000000000] - |D| - [13/08/2016 06:15:44] - [0 Ko] - C:\WINDOWS\Temp\_avast_ [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 23:40:09] - [0 Ko] - C:\WINDOWS\System32\0409 [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [16/07/2016 12:42:35] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AudioToastIcon.png [MD5.8E4B25CC8E98F63DBD54176DFAB539E0] - |A| - [16/07/2016 12:42:05] - (.-.) - [0.44 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@BackgroundAccessToastIcon.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [16/07/2016 12:42:38] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@EnrollmentToastIcon.png [MD5.373CF57FF3DAAEEB629F90CE7226B30D] - |A| - [16/07/2016 12:42:41] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@language_notification_icon.png [MD5.46DACDA5036EBECEDF08427407E3017C] - |A| - [16/07/2016 12:42:40] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@optionalfeatures.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [16/07/2016 12:42:38] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@VpnToastIcon.png [MD5.7AC3EA1A5175106ED6467FF0C5315541] - |A| - [16/07/2016 12:42:38] - (.-.) - [14.75 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WiFiNotificationIcon.png [MD5.58B6CB6A8528BA1B267CFAE325E6B834] - |A| - [16/07/2016 12:42:23] - (.-.) - [20.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsHelloFaceToastIcon.png [MD5.15E48BE612310DCE461355B5FA6EFEB0] - |A| - [13/02/2017 18:31:58] - (.-.) - [0.14 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amd-vulkan64.json [MD5.04D6207D85E833060317FBBC983FEEC0] - |A| - [13/02/2017 18:31:58] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon AMD AVE Driver Component.) - [122.62 Ko] - (21.19.519.2) - C:\WINDOWS\System32\amdave64.dll [MD5.4B10D8998C824DD84AD597F9E058F6F0] - |A| - [05/09/2015 10:39:04] - (.-.) - [171.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amde31a.dat [MD5.8433ABFA6CF4794324EC9AE1121E16DF] - |A| - [13/02/2017 18:31:58] - (.-.) - [251.52 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amdgfxinfo64.dll [MD5.78F0653E020ED83B892A4A213ABB53F4] - |A| - [13/02/2017 18:32:00] - (.Copyright (C) 2013 - Universal Adapter for Adobe.) - [148.52 Ko] - (21.19.519.2) - C:\WINDOWS\System32\amdhcp64.dll [MD5.DDEB20626133878B0CE79CCE29B031B9] - |A| - [05/09/2015 10:39:04] - (.-.) - [814.26 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amdicdxx.dat [MD5.C61602FA1A72826D3C0E9483BDDF1AB7] - |A| - [13/02/2017 18:32:00] - (.-.) - [20.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AMDKernelEvents.man [MD5.E5955D2F151680F2BC1D294B20516765] - |A| - [13/02/2017 18:32:00] - (.Advanced Micro Devices, Inc. Copyright (C) 2015 - LiquidVR SDK 1.0.) - [871.52 Ko] - (1.0.10.0) - C:\WINDOWS\System32\amdlvr64.dll [MD5.2AC17B6CAD79CA45143608ECF37FC6FB] - |A| - [13/02/2017 18:32:02] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MCL Universal Driver.) - [90.02 Ko] - (1.6.0.0) - C:\WINDOWS\System32\amdmcl64.dll [MD5.E84519CD0D0B3CB7C3D2E3769B207ABF] - |A| - [13/02/2017 18:32:02] - (.-.) - [464.48 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amdmiracast.dll [MD5.A5E10734A54DCF009B22BCD9DF58F1F0] - |A| - [08/10/2015 19:38:32] - (.-.) - [1176.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amdocl_as64.exe [MD5.21233699A2773DFEC2039CFA49160BFC] - |A| - [08/10/2015 19:38:30] - (.-.) - [1055.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amdocl_ld64.exe [MD5.455096DA4C06C196642CE3A911FACB33] - |A| - [13/02/2017 18:32:04] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [117.55 Ko] - (21.19.519.2) - C:\WINDOWS\System32\amdpcom64.dll [MD5.D4FDA6EF84B27BA99D0C6009A327CC8C] - |A| - [23/06/2015 10:39:28] - (.Copyright (c) 2013 - 2015 Advanced Micro Devices, Inc. - amdumcsp dll.) - [89.52 Ko] - (2.21.0.0) - C:\WINDOWS\System32\amdumcsp.dll [MD5.FE8A72784BB9743BB37A5220C1826C5E] - |A| - [13/02/2017 18:32:10] - (.Copyright (C) 2015 AMD Inc. - Vulkan driver, support for SI family and above.) - [9650.02 Ko] - (1.0.37.0) - C:\WINDOWS\System32\amdvlk64.dll [MD5.D5787C580A9DD76661043A20EC6A66C8] - |A| - [13/02/2017 18:32:14] - (.Copyright (C) 2014-2015 AMD Inc. - amdxcstub64.dll.) - [106.52 Ko] - (8.18.10.161) - C:\WINDOWS\System32\amdxc64.dll [MD5.B8A29ACC2671AFF49AF2E3276EB92B0F] - |A| - [13/02/2017 18:32:22] - (.Advanced Micro Devices, Inc. Copyright (C) 2016 - Advanced Media Framework.) - [2446.02 Ko] - (1.4.1.0) - C:\WINDOWS\System32\amfrt64.dll [MD5.971819F3DD0996BCCB9E4330C52C4207] - |A| - [08/11/2016 22:23:33] - (.-.) - [436.42 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ApnDatabase.xml [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\System32\AppLocker [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [7762.11 Ko] - C:\WINDOWS\System32\appraiser [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [272 Ko] - C:\WINDOWS\System32\ar-SA [MD5.E772C4A712FAD216D0DAA6B09C81CC01] - |A| - [16/02/2017 19:29:58] - (.Copyright (c) 2014 AVAST Software - Avast start-up scanner.) - [389.07 Ko] - (17.1.3394.0) - C:\WINDOWS\System32\aswBoot.exe [MD5.16E36CC8653E2BBFAC394FF0F101BD8D] - |A| - [13/02/2017 18:32:22] - (.© 2004 Advanced Micro Devices, Inc. - eRecord Message Resource File.) - [67.52 Ko] - (21.19.519.2) - C:\WINDOWS\System32\ati2erec.dll [MD5.262F29A1E7947010D9607C80C73ED327] - |A| - [08/10/2015 19:38:32] - (.Copyright (C) 2008-2016 Advanced Micro Devices, Inc. - ADL.) - [1233.02 Ko] - (21.19.519.2) - C:\WINDOWS\System32\atiadlxx.dll [MD5.96BE5218FC574ACD2AF4A5F1FA5F25F6] - |A| - [13/02/2017 18:32:22] - (.-.) - [763.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\atiapfxx.blb [MD5.A3C149013330AEB70442FA8E7C5C7BE2] - |A| - [13/02/2017 18:32:22] - (.Copyright (C) 2009 Advanced Micro Devices, Inc. - atiapfxx Application.) - [402.02 Ko] - (21.19.519.2) - C:\WINDOWS\System32\atiapfxx.exe [MD5.0D53C8E94F41C41DDF5093F87E40732B] - |A| - [08/10/2015 19:39:16] - (.Copyright (C) 1998-2012 AMD Inc. - aticfxstub64.dll.) - [146.63 Ko] - (8.17.10.1513) - C:\WINDOWS\System32\aticfx64.dll [MD5.3B78C5780C05750C7B49799A6F46E726] - |A| - [13/02/2017 18:32:30] - (.2002-2012 - Graphics DEM.) - [457.02 Ko] - (4.5.6250.15489) - C:\WINDOWS\System32\atidemgy.dll [MD5.352A10BD66A96B01B76962747D55B387] - |A| - [08/10/2015 19:39:18] - (.-.) - [108.52 Ko] - (0.0.0.0) - C:\WINDOWS\System32\atidxx64.dll [MD5.7BF6B60E7BD89A19A3E347E3BDEAA601] - |A| - [13/02/2017 18:32:34] - (.-.) - [234.02 Ko] - (0.0.0.0) - C:\WINDOWS\System32\atieah64.exe [MD5.0CB29BC0C72CA370B6556E31F3857E69] - |A| - [13/02/2017 18:32:34] - (.Copyright © 2008-2009 AMD - AMD External Events Client Module.) - [524.02 Ko] - (21.19.519.2) - C:\WINDOWS\System32\atieclxx.exe [MD5.0A428931525CEA11656FA3234CBE2A62] - |A| - [13/02/2017 18:32:34] - (.Copyright © 2008-2009 AMD - AMD External Events Service Module.) - [292.52 Ko] - (21.19.519.2) - C:\WINDOWS\System32\atiesrxx.exe [MD5.51735FD93CE4C4573F5D21BE456CB19E] - |N| - [08/10/2015 19:38:32] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [90.53 Ko] - (8.14.1.6463) - C:\WINDOWS\System32\atig6pxx.dll [MD5.90B367120FCA93E20E9A3A21D4AE3BCB] - |A| - [08/10/2015 19:38:32] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [207.52 Ko] - (21.19.519.2) - C:\WINDOWS\System32\atig6txx.dll [MD5.079EFFD5BECB418FE6596229B28D7324] - |A| - [05/09/2015 10:39:54] - (.-.) - [720.13 Ko] - (0.0.0.0) - C:\WINDOWS\System32\atiicdxx.dat [MD5.2AA2BEAE11DBDC2633C5A184BC790EC3] - |A| - [13/02/2017 18:32:36] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [117.55 Ko] - (21.19.519.2) - C:\WINDOWS\System32\atimpc64.dll [MD5.626170D619B2FA8D4EE3A7EA56061FB1] - |A| - [13/02/2017 18:32:36] - (.Copyright ? 2009 AMD - Multi-language DPPE DLL.) - [117.02 Ko] - (21.19.519.2) - C:\WINDOWS\System32\atimuixx.dll [MD5.9618A4A11B73036C47B592276C01FA62] - |N| - [08/10/2015 19:38:38] - (.Copyright (C) 1998-2011 Advanced Micro Devices, Inc. - AMD OpenGL driver.) - [30062.03 Ko] - (6.14.10.13399) - C:\WINDOWS\System32\atio6axx.dll [MD5.83519D2A5B6F84AE48992830F42192EE] - |A| - [13/02/2017 18:32:38] - (.Copyright (c) 2010 Advanced Micro Devices, Inc. - Radeon spu api dll.) - [142.52 Ko] - (21.19.519.2) - C:\WINDOWS\System32\atisamu64.dll [MD5.8793FF85E8D926FC755734F9AB3AACBF] - |N| - [08/10/2015 19:39:16] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiu9pag.dll.) - [138.21 Ko] - (8.14.1.6463) - C:\WINDOWS\System32\atiu9p64.dll [MD5.423723A79C8200F09CFC468A68B72F92] - |N| - [08/10/2015 19:39:18] - (.Copyright (C) 1998-2011 AMD Inc. - atiumd64.dll.) - [8740.73 Ko] - (9.14.10.1128) - C:\WINDOWS\System32\atiumd64.dll [MD5.62F1004ABEDF91F318F5C2DCF69A34AC] - |A| - [13/02/2017 18:32:40] - (.-.) - [3357.06 Ko] - (0.0.0.0) - C:\WINDOWS\System32\atiumd6a.cap [MD5.6983F9FD31ADF16570F593D2A94D685C] - |N| - [08/10/2015 19:39:18] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) - [8856.55 Ko] - (8.14.10.513) - C:\WINDOWS\System32\atiumd6a.dll [MD5.1E0524270331B912DCC16640A212B0F6] - |N| - [08/10/2015 19:39:18] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiuxpag.dll.) - [168.39 Ko] - (8.14.1.6463) - C:\WINDOWS\System32\atiuxp64.dll [MD5.EFA5E3D55F1CC185BC690B7D79D015A9] - |A| - [05/09/2015 10:40:18] - (.-.) - [98.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativce02.dat [MD5.B974290EEE645249EE212FF62DD0824A] - |A| - [05/09/2015 10:40:18] - (.-.) - [173.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativce03.dat [MD5.5EBC73A78E5903E7CE6F6B25E4A6BE8F] - |A| - [05/09/2015 10:40:18] - (.-.) - [228.93 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvaxy_cik.dat [MD5.C55D2CBC17AAE1FBAC9135E7C31A4D31] - |A| - [05/09/2015 10:40:18] - (.-.) - [227.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvaxy_cik_nd.dat [MD5.0770A5AB5218E6D3134A7A7239B9A216] - |A| - [05/09/2015 10:40:18] - (.-.) - [249.81 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvaxy_cz_nd.dat [MD5.A81F68A0D3387A06182EFA3880D3F0BD] - |A| - [05/09/2015 10:40:18] - (.-.) - [245 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvaxy_FJ.dat [MD5.7EE8F6853798F7A900DB15F3054A0277] - |A| - [05/09/2015 10:40:18] - (.-.) - [243.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvaxy_FJ_nd.dat [MD5.11355CAC5334C8999211C09CAAE194EF] - |A| - [05/09/2015 10:40:18] - (.-.) - [315.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvaxy_vi.dat [MD5.3544D6AF6E0C9783C2CF6FA9CE42D520] - |A| - [05/09/2015 10:40:18] - (.-.) - [313.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvaxy_vi_nd.dat [MD5.7C163EDE63854539828F5B2C1BC529FD] - |A| - [05/09/2015 10:40:18] - (.-.) - [153.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvsva.dat [MD5.219D7091DD1D93728392337FE9C7ADD6] - |A| - [05/09/2015 10:40:18] - (.-.) - [200.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvsvl.dat [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [247.5 Ko] - C:\WINDOWS\System32\bg-BG [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [4474.56 Ko] - C:\WINDOWS\System32\Boot [MD5.31ABC8C02F1CCE0DA39550D763384184] - |A| - [16/07/2016 12:42:12] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [91.5 Ko] - (1.0.0.1) - C:\WINDOWS\System32\BthpanContextHandler.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0.93 Ko] - C:\WINDOWS\System32\Bthprops [MD5.6A33F3047345CC67D036DD0E6AA9C4BC] - |A| - [24/11/2014 05:35:56] - (.-.) - [3.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\bt_only_chip_bt40_fw_asic_rom_patch.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 07:04:24] - [74752.31 Ko] - C:\WINDOWS\System32\CatRoot [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [34155.24 Ko] - C:\WINDOWS\System32\catroot2 [MD5.9E98981EE740393557DB675BB9A2DF65] - |A| - [13/02/2017 18:32:44] - (.-.) - [272.02 Ko] - (0.0.0.0) - C:\WINDOWS\System32\clinfo.exe [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [1179.45 Ko] - C:\WINDOWS\System32\CodeIntegrity [MD5.126FC5702D7116F775F2857C6EE7DE18] - |A| - [08/10/2015 19:38:34] - (.AMD. - CoInstaller DLL.) - [864.02 Ko] - (1.0.5.9) - C:\WINDOWS\System32\coinst_15.20.dll [MD5.23311AD41A055668CD8FECA5B8CE3F7C] - |A| - [13/02/2017 18:32:46] - (.AMD. - CoInstaller DLL.) - [903.02 Ko] - (1.0.5.9) - C:\WINDOWS\System32\coinst_16.60.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [360 Ko] - C:\WINDOWS\System32\Com [MD5.6E14F444A2506049EEC25CB5EDFE0905] - |A| - [24/11/2015 00:54:40] - (.2013 © Real Sound Lab SIA, iSoft Solutions - CONEQ™ Media Suite APO GUI Library.) - [110.91 Ko] - (1.0.0.4) - C:\WINDOWS\System32\CONEQMSAPOGUILibrary.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 07:04:24] - [448112.2 Ko] - C:\WINDOWS\System32\config [MD5.00000000000000000000000000000000] - |SD| - [16/07/2016 12:47:48] - [51.22 Ko] - C:\WINDOWS\System32\Configuration [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [292.5 Ko] - C:\WINDOWS\System32\cs-CZ [MD5.66E6010C31A70C8C5C2853AF597D853E] - |A| - [24/11/2015 00:54:40] - (.©Conexant Systems Inc. - Conexant APO.) - [1540.02 Ko] - (1.28.0.0) - C:\WINDOWS\System32\CX64APO.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [288.5 Ko] - C:\WINDOWS\System32\da-DK [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [177.63 Ko] - C:\WINDOWS\System32\DDFs [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [324.5 Ko] - C:\WINDOWS\System32\de-DE [MD5.306B90493D00011EB635E161C6C024B8] - |A| - [16/07/2016 12:42:22] - (.-.) - [4128.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultHrtfs.bin [MD5.664AA698FC0106A2B075A641E8DC6302] - |A| - [16/07/2016 12:47:52] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultQuestions.json [MD5.583B680ABC0C80B7CFE9E370E603267C] - |A| - [08/12/2016 07:49:46] - (.Advanced Micro Devices. - Delay Audio Processing Object.) - [101 Ko] - (1.0.0.1) - C:\WINDOWS\System32\DelayAPO.dll [MD5.DCF2510E0745720E543E84F5E921FCC0] - |A| - [18/03/2014 10:55:23] - (.-.) - [256.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\dfpinc.dat [MD5.E8ED975075E75CF962F5A1C4E310AC39] - |A| - [13/02/2017 18:32:46] - (.-.) - [284.52 Ko] - (0.0.0.0) - C:\WINDOWS\System32\dgtrayicon.exe [MD5.00000000000000000000000000000000] - |SD| - [16/07/2016 12:47:48] - [642 Ko] - C:\WINDOWS\System32\DiagSvcs [MD5.8B5F7B8C2EFE38CA571FBE24658DF11F] - |A| - [16/07/2016 12:42:36] - (.-.) - [90.16 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DiskSnapshot.conf [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 07:04:27] - [7611.09 Ko] - C:\WINDOWS\System32\Dism [MD5.6B6BC820857D9DFD18E2469ED3F963FC] - |A| - [23/11/2015 03:38:02] - (.-.) - [22.66 Ko] - (0.0.0.0) - C:\WINDOWS\System32\emptyregdb.dat [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 23:40:09] - [0 Ko] - C:\WINDOWS\System32\en [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [236 Ko] - C:\WINDOWS\System32\en-GB [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [2198.6 Ko] - C:\WINDOWS\System32\en-US [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [313.5 Ko] - C:\WINDOWS\System32\es-ES [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [257.5 Ko] - C:\WINDOWS\System32\es-MX [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [232 Ko] - C:\WINDOWS\System32\et-EE [MD5.00000000000000000000000000000000] - |SD| - [16/07/2016 12:47:48] - [25882.16 Ko] - C:\WINDOWS\System32\F12 [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [292.5 Ko] - C:\WINDOWS\System32\fi-FI [MD5.DF75C61B6780695A40B0D9FB0E41F170] - |A| - [13/08/2016 05:55:08] - (.-.) - [212.4 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 23:40:09] - [3393.5 Ko] - C:\WINDOWS\System32\fr [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [264 Ko] - C:\WINDOWS\System32\fr-CA [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [44135.25 Ko] - C:\WINDOWS\System32\fr-FR [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\System32\FxsTmp [MD5.EB8C8487EA7280AB8D9A63879B96C02D] - |A| - [13/02/2017 18:32:48] - (.-.) - [278.02 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameManager64.dll [MD5.D07F2281427BD098356EE74B6CB26B86] - |A| - [16/07/2016 12:42:12] - (.-.) - [89 Ko] - (0.0.0.0) - C:\WINDOWS\System32\gatherNetworkInfo.vbs [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 16:36:31] - [0 Ko] - C:\WINDOWS\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 16:36:31] - [0 Ko] - C:\WINDOWS\System32\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [259.5 Ko] - C:\WINDOWS\System32\he-IL [MD5.52BE687924AAEE79FADCE950A266761A] - |A| - [24/11/2014 05:40:14] - (.© Copyright 2014 HPDC - Port Monitor Server DLL.) - [414 Ko] - (0.3.1282.13782) - C:\WINDOWS\System32\hpbprtmon.dll [MD5.EC51AF59B9C970E7BD51994CBECF0C1F] - |A| - [24/11/2014 05:40:14] - (.© Copyright 2014 HPDC - Port Monitor UI DLL.) - [226 Ko] - (0.3.1282.13782) - C:\WINDOWS\System32\hpbprtmonui.dll [MD5.BF515B1ACEEEA1F6C73BE8707D0CAFB8] - |A| - [24/11/2014 05:40:14] - (.© Copyright 2014 HPDC - Real Port Monitor DLL.) - [403.5 Ko] - (0.3.1282.13782) - C:\WINDOWS\System32\hpbrprtmon.dll [MD5.1A4695BDC5017B37E6D23A88CFEC0760] - |A| - [25/09/2014 18:48:56] - (.Copyright (C) 2011 -.) - [114.5 Ko] - (1.3.0.0) - C:\WINDOWS\System32\HPMUIDir.exe [MD5.8B9BD88D8360B55E857D494AB0BC95B9] - |A| - [13/02/2017 18:32:48] - (.-.) - [270.52 Ko] - (0.0.0.0) - C:\WINDOWS\System32\hsa-thunk64.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [296 Ko] - C:\WINDOWS\System32\hu-HU [MD5.2A571B7728F23E83A800527879105180] - |A| - [16/07/2016 12:42:04] - (.-.) - [44.17 Ko] - (0.0.0.0) - C:\WINDOWS\System32\hypervisor.mof [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [5.36 Ko] - C:\WINDOWS\System32\ias [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [36.27 Ko] - C:\WINDOWS\System32\icsxml [MD5.8898B09A8D08E138F238224648DF0739] - |A| - [16/07/2016 12:42:35] - (.-.) - [170.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\IHDS.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [25926.67 Ko] - C:\WINDOWS\System32\IME [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [4136.09 Ko] - C:\WINDOWS\System32\inetsrv [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [4896.5 Ko] - C:\WINDOWS\System32\InputMethod [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\System32\Ipmi [MD5.5EA855B4A875E08AD93FF901B5D9E275] - |A| - [16/07/2016 12:42:09] - (.-.) - [226 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ism32k.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [318.5 Ko] - C:\WINDOWS\System32\it-IT [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [231.5 Ko] - C:\WINDOWS\System32\ja-jp [MD5.F934EB6365607B5EA337F1AC26CF72B4] - |A| - [13/02/2017 18:32:48] - (.-.) - [118.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\kapp_ci.sbin [MD5.DA921F39CCD51EA50E74C53426A3D674] - |A| - [13/02/2017 18:32:48] - (.-.) - [112.02 Ko] - (0.0.0.0) - C:\WINDOWS\System32\kapp_si.sbin [MD5.C7937A485FE9DD25FFF1871BA77F0C07] - |A| - [07/09/2014 00:46:18] - (.-.) - [50 Ko] - (0.0.0.0) - C:\WINDOWS\System32\kdbsdk64.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [229 Ko] - C:\WINDOWS\System32\ko-KR [MD5.050BC9351A3386458B696F8BCA78B27B] - |A| - [16/07/2016 12:42:22] - (.-.) - [145.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LargeRoom.bin [MD5.C15D2C94E3C94CEFE8DE6A9D36C35FD1] - |A| - [13/10/2016 21:55:18] - (.(C) 1991-2012 Logitech. - LDA Component Extensions (UNICODE).) - [2410.45 Ko] - (1.10.77.0) - C:\WINDOWS\System32\LdaCx2.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [73.41 Ko] - C:\WINDOWS\System32\Licenses [MD5.3A990028C3616E00E7CA95A10408B80C] - |A| - [18/06/2015 03:25:00] - (.(C) 1998-2015 Logitech. - Logitech KMDF Co-Installer (UNICODE).) - [1810.64 Ko] - (5.90.38.0) - C:\WINDOWS\System32\LkmdfCoInst.dll [MD5.7C3788193D1E0F1ACE8B6E9F414FAD41] - |A| - [18/06/2015 03:25:00] - (.(C) 1998-2015 Logitech. - Logitech Bluetooth Co-Installer (UNICODE).) - [61.64 Ko] - (5.90.38.0) - C:\WINDOWS\System32\LMouFiltCoInst.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [8483.49 Ko] - C:\WINDOWS\System32\LogFiles [MD5.1F1E9FBB7FE7A39A84A061F6EF7003B4] - |A| - [20/09/2012 16:02:06] - (.Copyright © 2010-2012 Logitech. All Rights Reserved - Logitech Download Assistant.) - [3850.45 Ko] - (1.10.77.0) - C:\WINDOWS\System32\LogiLDA.DLL [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [237 Ko] - C:\WINDOWS\System32\lt-LT [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [238.5 Ko] - C:\WINDOWS\System32\lv-LV [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [61602.63 Ko] - C:\WINDOWS\System32\Macromed [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [32.68 Ko] - C:\WINDOWS\System32\MailContactsCalendarSync [MD5.71CDB1AD29B6E10897827FE6569D650F] - |A| - [13/02/2017 18:32:50] - (.Copyright (C) 2013 AMD Inc. - Mantle loader.) - [166.02 Ko] - (21.19.519.2) - C:\WINDOWS\System32\mantle64.dll [MD5.5119B32DF69A45E7082E45A84329FD57] - |A| - [13/02/2017 18:32:50] - (.Copyright (C) 2013 AMD Inc. - Mantle extension library.) - [135.52 Ko] - (21.19.519.2) - C:\WINDOWS\System32\mantleaxl64.dll [MD5.BC74BDA8DC53F722C2CA686071600AE2] - |A| - [16/07/2016 12:42:22] - (.-.) - [107.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediumRoom.bin [MD5.A42AED7C2881D562D6D0780C037FA577] - |A| - [24/11/2014 06:03:13] - (.Copyright© 1995-2014 McAfee, Inc. - McAfee Process Validation Service.) - [185.46 Ko] - (15.1.0.671) - C:\WINDOWS\System32\mfevtps.exe.3a00.deleteme [MD5.00000000000000000000000000000000] - |D| - [13/08/2016 06:43:46] - [1117.78 Ko] - C:\WINDOWS\System32\Microsoft [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [5650.12 Ko] - C:\WINDOWS\System32\migration [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [47559.48 Ko] - C:\WINDOWS\System32\migwiz [MD5.00000000000000000000000000000000] - |D| - [12/12/2015 04:22:37] - [9.39 Ko] - C:\WINDOWS\System32\MRT [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [45.5 Ko] - C:\WINDOWS\System32\MSDRM [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [4212.28 Ko] - C:\WINDOWS\System32\MsDtc [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [19.15 Ko] - C:\WINDOWS\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [283.5 Ko] - C:\WINDOWS\System32\nb-NO [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [640 Ko] - C:\WINDOWS\System32\NDF [MD5.4CDC418A081BB028A7EEA3D6E1572907] - |A| - [13/08/2016 05:55:27] - (.-.) - [30.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetSetupMig.log [MD5.C146E873B22C3B300B21A859FE66C27A] - |A| - [16/07/2016 12:42:12] - (.-.) - [21.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetTrace.PLA.Diagnostics.xml [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [51 Ko] - C:\WINDOWS\System32\networklist [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [303.5 Ko] - C:\WINDOWS\System32\nl-NL [MD5.00000000000000000000000000000000] - |SD| - [16/07/2016 12:47:48] - [16570.66 Ko] - C:\WINDOWS\System32\Nui [MD5.F54598052A618ADC0231853D870A22BE] - |A| - [16/07/2016 12:47:53] - (.-.) - [15.06 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OEMDefaultAssociations.xml [MD5.2901049544FDF863362FABA2363EB647] - |A| - [16/07/2016 12:42:11] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\onlinesetup.cmd [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [12883.3 Ko] - C:\WINDOWS\System32\oobe [MD5.42D2360079B1DF3230024AE920737367] - |A| - [16/07/2016 12:42:22] - (.-.) - [45.81 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OutdoorAudioEnvironment.bin [MD5.21DCA64C1C60108D5064623CDC8B5E4A] - |A| - [10/10/2016 05:47:45] - (.Copyright © 2006-2016 - Partizan - First Bootwatch Anti-Rootkit.) - [48.8 Ko] - (2.1.0.0) - C:\WINDOWS\System32\partizan.exe [MD5.6000C33D7E6C01822CF7187F0489D0F3] - |A| - [10/10/2016 05:55:11] - (.-.) - [0.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Partizan.RRI [MD5.173355AB3ECF7F75EC27E8E2447FA0C6] - |A| - [16/07/2016 12:49:31] - (.-.) - [249.64 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc009.dat [MD5.C250E1DC9BACE39C9FEEBF267F0D0EBD] - |A| - [16/07/2016 23:40:24] - (.-.) - [209.22 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc00C.dat [MD5.32BC2E0CC95E2DCEE25B15BFB82D07B8] - |A| - [16/07/2016 12:49:35] - (.-.) - [32.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd009.dat [MD5.AA180E09E4990FF71FBEAC8C4455CF47] - |A| - [16/07/2016 23:40:24] - (.-.) - [39.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd00C.dat [MD5.1B4F3F7D3965430E9BFFC41F558B7D06] - |A| - [16/07/2016 12:49:31] - (.-.) - [873.76 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh009.dat [MD5.B94F82C8376AF4EEB06A3E13F6317F91] - |A| - [16/07/2016 23:40:24] - (.-.) - [912.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh00C.dat [MD5.59C540160B7AAFE5D12F9113930A36A9] - |A| - [13/08/2016 06:02:19] - (.-.) - [2254.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [301.5 Ko] - C:\WINDOWS\System32\pl-PL [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [560 Ko] - C:\WINDOWS\System32\PointOfService [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 23:40:10] - [420.42 Ko] - C:\WINDOWS\System32\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\System32\ProximityToast [MD5.007893E8374C766471239EB291BA8C17] - |A| - [16/07/2016 12:42:31] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\psmodulediscoveryprovider.mof [MD5.775AC121468F9F91F46C38B3F11B2F2D] - |A| - [23/06/2015 10:39:28] - (.AMD. - CoInstaller DLL.) - [104.02 Ko] - (1.0.5.9) - C:\WINDOWS\System32\pspcoins.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [303.5 Ko] - C:\WINDOWS\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [299 Ko] - C:\WINDOWS\System32\pt-PT [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [23.75 Ko] - C:\WINDOWS\System32\ras [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\System32\RasToast [MD5.3765D9AED871EFDE4465C529E4122675] - |A| - [24/02/2017 21:17:36] - (.Copyright (c) 2003-2014 Glarysoft Ltd - RegBootDefrag.) - [34.95 Ko] - (5.0.0.4) - C:\WINDOWS\System32\RegBootDefrag.exe [MD5.692DC6EF573FFCDD9DFB55D1C783DB93] - |A| - [16/07/2016 12:42:04] - (.-.) - [0.16 Ko] - (0.0.0.0) - C:\WINDOWS\System32\removehypervisor.mof [MD5.D67CDB8D2584AAC165A77488C5A7A987] - |A| - [16/07/2016 12:42:37] - (.-.) - [8.92 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriHMImageList [MD5.4FE9CE56EFA89779D81B988698D2454C] - |A| - [16/07/2016 12:42:37] - (.-.) - [8.4 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriImageList [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0.07 Ko] - C:\WINDOWS\System32\restore [MD5.E1DE077241C852ED3681B09D75AD7A56] - |A| - [24/11/2014 05:35:56] - (.-.) - [36.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\rlt8723a_chip_bt40_fw_asic_rom_patch.dll [MD5.E9D4A333DF15D06C68AC4BFB9B6581CB] - |A| - [24/11/2015 00:55:01] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x64.) - [302.84 Ko] - (6.0.6001.18) - C:\WINDOWS\System32\RP3DAA64.dll [MD5.B6FE01558CC03F3866C9AD0ED19261D8] - |A| - [24/11/2015 00:55:01] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x64.) - [302.84 Ko] - (6.0.6001.18) - C:\WINDOWS\System32\RP3DHT64.dll [MD5.27930550C9A268BA57DFA23629135CE6] - |A| - [05/06/2015 02:12:54] - (.Copyright (C) 2014 - RtCRX.) - [89.75 Ko] - (1.11.9600.0) - C:\WINDOWS\System32\RtCRX64.dll [MD5.A6286A6C7A1BBFCBA17AA54384A21D1C] - |A| - [24/11/2015 00:55:02] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x64.) - [199.34 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEED64A.dll [MD5.6F4CD493196100EEF349D7132CECAFD9] - |A| - [24/11/2015 00:55:02] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x64.) - [76.84 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEG64A.dll [MD5.ECAEC5FBBBEF8612AF0A866AFA5F7EF2] - |A| - [24/11/2015 00:55:02] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x64.) - [98.84 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEL64A.dll [MD5.D0D0D82B7366E691275E433CD34F89B2] - |A| - [24/11/2015 00:55:02] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x64.) - [366.34 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEP64A.dll [MD5.4C37BCCBC1CB33F53A6F58FD6D0336E9] - |A| - [24/11/2014 05:35:56] - (.-.) - [6.59 Ko] - (0.0.0.0) - C:\WINDOWS\System32\rtl8723b_chip_bt40_fw_asic_rom_patch.dll [MD5.C0DFAAEF702AE534D4D7EF6FB99B61D7] - |A| - [24/11/2014 05:35:56] - (.-.) - [43.75 Ko] - (0.0.0.0) - C:\WINDOWS\System32\rtl8723b_mp_chip_bt40_fw_asic_rom_patch_new.dll [MD5.1FCEBF134E1D299D2C027760301526BC] - |A| - [24/11/2014 05:35:56] - (.-.) - [45.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\rtl8761a_bcut_bt40_fw_asic_rom_patch_new.dll [MD5.1FCEBF134E1D299D2C027760301526BC] - |A| - [24/11/2014 05:35:56] - (.-.) - [45.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8192ee_new.dll [MD5.352B34F0A10A22469989D6B29906DEDA] - |A| - [24/11/2014 05:35:56] - (.-.) - [42.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8192eu_new.dll [MD5.B39E94C958467033F284B70994321948] - |A| - [24/11/2014 05:35:56] - (.-.) - [69.13 Ko] - (0.0.0.0) - C:\WINDOWS\System32\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8812ae_new.dll [MD5.B56380E4A4365045ED4F7A71D9B30A0D] - |A| - [24/11/2014 05:35:56] - (.-.) - [44.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_new.dll [MD5.2D892215E329C6F7DCABCA7EA86D4F8D] - |A| - [24/11/2014 05:35:56] - (.-.) - [30.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\rtl8821a_mp_chip_bt40_fw_asic_rom_patch_new.dll [MD5.56B23318DE09559AE0A7EA51F068AC3B] - |A| - [13/02/2017 18:32:50] - (.-.) - [150.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\samu_krnl_ci.sbin [MD5.A769B352B827590EA4CCAC16E6269E33] - |A| - [05/09/2015 10:40:22] - (.-.) - [135.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\samu_krnl_isv_ci.sbin [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [16/07/2016 12:43:50] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScavengeSpace.xml [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [6.92 Ko] - C:\WINDOWS\System32\SecureBootUpdates [MD5.23311AD41A055668CD8FECA5B8CE3F7C] - |A| - [13/02/2017 18:32:46] - (.AMD. - CoInstaller DLL.) - [903.02 Ko] - (1.0.5.9) - C:\WINDOWS\System32\SET2316.tmp [MD5.3A280F5C5C1D61867C65F1B49FC36B22] - |A| - [08/10/2015 19:38:32] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [171.52 Ko] - (8.14.1.6463) - C:\WINDOWS\System32\SET441D.tmp [MD5.91BC9526051565F2C486D8B3CE4FECF8] - |A| - [08/10/2015 19:38:32] - (.Copyright (C) 2008-2014 Advanced Micro Devices, Inc. - ADL.) - [1235.53 Ko] - (7.15.20.1301) - C:\WINDOWS\System32\SET507C.tmp [MD5.098E1E9487848FA01991638E8696FD1C] - |A| - [08/10/2015 19:39:16] - (.Copyright (C) 1998-2012 AMD Inc. - aticfx64.dll.) - [1459.5 Ko] - (8.17.10.1404) - C:\WINDOWS\System32\SET512B.tmp [MD5.DED35AD223948CD2FB2A71940759842D] - |A| - [08/10/2015 19:39:18] - (.Copyright (C) 1998-2011 AMD Inc. - atidxx64.dll.) - [11890.03 Ko] - (8.17.10.625) - C:\WINDOWS\System32\SET517C.tmp [MD5.0D53C8E94F41C41DDF5093F87E40732B] - |A| - [08/10/2015 19:39:16] - (.Copyright (C) 1998-2012 AMD Inc. - aticfxstub64.dll.) - [146.63 Ko] - (8.17.10.1513) - C:\WINDOWS\System32\SET6F4.tmp [MD5.23311AD41A055668CD8FECA5B8CE3F7C] - |A| - [13/02/2017 18:32:46] - (.AMD. - CoInstaller DLL.) - [903.02 Ko] - (1.0.5.9) - C:\WINDOWS\System32\SETBCB.tmp [MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |A| - [16/07/2016 12:42:34] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\settings.dat [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [245 Ko] - C:\WINDOWS\System32\sk-SK [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [240.5 Ko] - C:\WINDOWS\System32\sl-SI [MD5.DBB99601D716F92CDD97CE4E60865319] - |A| - [24/11/2015 00:55:04] - (.Copyright (C) 2013 DTS, Inc. - DTS Studio Sound.) - [921.66 Ko] - (3.1.38.0) - C:\WINDOWS\System32\sl3apo64.dll [MD5.6F8B108E8B57AC88F90D6EA13B2A1755] - |A| - [24/11/2015 00:55:04] - (.Copyright (C) 2011 SRS Labs, Inc. - SRS Labs.) - [1078.16 Ko] - (3.1.38.0) - C:\WINDOWS\System32\slcnt64.dll [MD5.00000000000000000000000000000000] - |D| - [13/08/2016 05:55:20] - [24341.74 Ko] - C:\WINDOWS\System32\SleepStudy [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 23:40:10] - [52.14 Ko] - C:\WINDOWS\System32\slmgr [MD5.2E4C258CB2FF3D249FD0ABBCABC664A1] - |A| - [24/11/2015 00:55:04] - (.TODO: (c) . - TODO: .) - [244.66 Ko] - (1.0.0.1) - C:\WINDOWS\System32\slprp64.dll [MD5.EC05C33DF2CF20D839FE3650505ED6ED] - |A| - [24/11/2015 00:55:04] - (.Copyright (C) 2013 DTS, Inc. - DTS Studio Sound.) - [717.16 Ko] - (3.1.38.0) - C:\WINDOWS\System32\sltech64.dll [MD5.1C6F12AA3D178A0A953E8005B3CD4CDE] - |A| - [16/07/2016 12:42:22] - (.-.) - [68.14 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SmallRoom.bin [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 07:04:24] - [13393.02 Ko] - C:\WINDOWS\System32\SMI [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [7600.34 Ko] - C:\WINDOWS\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [7957.64 Ko] - C:\WINDOWS\System32\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [187294.13 Ko] - C:\WINDOWS\System32\spool [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [5602.9 Ko] - C:\WINDOWS\System32\spp [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [31.88 Ko] - C:\WINDOWS\System32\sppui [MD5.84F7C0C68F8DCDFDEE0A59419B72AB01] - |A| - [13/08/2016 05:58:10] - (.-.) - [64 Ko] - (0.0.0.0) - C:\WINDOWS\System32\spu_storage.bin [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [243.5 Ko] - C:\WINDOWS\System32\sr-Latn-CS [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [359.73 Ko] - C:\WINDOWS\System32\sr-Latn-RS [MD5.A5F6491F71A0DAF25140CA915600AB37] - |A| - [24/11/2015 00:55:04] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRAPO.DLL.) - [443.64 Ko] - (4.0.0.59) - C:\WINDOWS\System32\SRAPO64.dll [MD5.48435D12B45AB1F954CB579D1EA15D52] - |A| - [24/11/2015 00:55:04] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [321.64 Ko] - (4.0.0.59) - C:\WINDOWS\System32\SRCOM.dll [MD5.18F4327F7A659F4B1017C0E4C03EB50B] - |A| - [24/11/2015 00:55:05] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [360.64 Ko] - (4.0.0.59) - C:\WINDOWS\System32\SRCOM64.dll [MD5.C1AA14DBA23EB5AE5044727DF182FE5C] - |A| - [16/07/2016 12:42:16] - (.-.) - [54.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms.dat [MD5.D47D28D2AD44318805CF5EF15665D570] - |A| - [24/11/2015 00:55:05] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRRPTR.DLL.) - [1380.64 Ko] - (4.0.0.59) - C:\WINDOWS\System32\SRRPTR64.dll [MD5.00000000000000000000000000000000] - |D| - [13/08/2016 05:58:35] - [2144.28 Ko] - C:\WINDOWS\System32\SRSLabs [MD5.018D3D2478754AA411DE6DA6DE5F8F21] - |A| - [24/11/2015 00:55:05] - (.Copyright 2002 SRS Labs, Inc. - TruSurroundXT Module.) - [506.73 Ko] - (3.2.0.0) - C:\WINDOWS\System32\SRSTSX64.dll [MD5.2FCADCC14F8E540F6ADE4BF92BD8AEDD] - |A| - [24/11/2015 00:55:05] - (.(c) 2006 SRS Labs, Inc. - WOW HD COM object for Windows.) - [152.23 Ko] - (1.1.3.0) - C:\WINDOWS\System32\SRSWOW64.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [11480 Ko] - C:\WINDOWS\System32\sru [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [289 Ko] - C:\WINDOWS\System32\sv-SE [MD5.61DD51012264F6BD620AF3F79F1DE45E] - |A| - [09/12/2015 08:29:00] - (.Copyright (C) Synaptics Incorporated 1996-2016 - SynCOM.) - [787.59 Ko] - (19.2.4.10) - C:\WINDOWS\System32\SynCOM.dll [MD5.D9C6F94BAB95ED6465244DC2EDE1F6A1] - |A| - [09/12/2015 08:34:16] - (.Copyright (C) Synaptics Incorporated 1996-2016 - SynTPAPI.) - [279.09 Ko] - (19.2.4.10) - C:\WINDOWS\System32\SynTPAPI.dll [MD5.8785A6C87D621D5414081C2AA13C4D11] - |A| - [04/06/2014 21:27:00] - (.Copyright (C) Synaptics Incorporated 1996-2014 - Synaptics Pointing Device Driver Co-Installer.) - [203.73 Ko] - (18.1.7.13) - C:\WINDOWS\System32\SynTPCo20.dll [MD5.CE2F707CE83484EF6FCF03F77BAF3AB8] - |A| - [11/08/2015 10:51:40] - (.Copyright (C) Synaptics Incorporated 1996-2015 - Synaptics Pointing Device Driver Co-Installer.) - [249.7 Ko] - (19.0.12.95) - C:\WINDOWS\System32\SynTPCo31.dll [MD5.991BBE005A8CB7440CB705CC0448F46F] - |A| - [09/12/2015 08:34:18] - (.Copyright (C) Synaptics Incorporated 1996-2016 - Synaptics Pointing Device Driver Co-Installer.) - [281.09 Ko] - (19.2.4.10) - C:\WINDOWS\System32\SynTPCo41.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 07:04:27] - [1624.53 Ko] - C:\WINDOWS\System32\Sysprep [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [913.28 Ko] - C:\WINDOWS\System32\SystemResetPlatform [MD5.995B7547422DAC423565EBD396EF53C4] - |A| - [23/06/2015 10:39:28] - (.Copyright (c) 2013 - 2015 Advanced Micro Devices, Inc. - t-base_client_api dll.) - [24.52 Ko] - (2.21.0.0) - C:\WINDOWS\System32\t-base_client_api.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [601.33 Ko] - C:\WINDOWS\System32\Tasks [MD5.00000000000000000000000000000000] - |D| - [30/10/2015 08:24:25] - [537.95 Ko] - C:\WINDOWS\System32\Tasks_Migrated [MD5.A10AD6BB549B1C1555C10EA1A6E061CA] - |A| - [23/06/2015 10:39:28] - (.Copyright (c) 2013 - 2015 Advanced Micro Devices, Inc. - tbaseregistry dll.) - [126.02 Ko] - (2.21.0.0) - C:\WINDOWS\System32\tbaseregistry64.dll [MD5.D602CA245CC6774A0981B607F0675609] - |A| - [16/07/2016 12:42:39] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\tcpmon.ini [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [227.5 Ko] - C:\WINDOWS\System32\th-TH [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [285 Ko] - C:\WINDOWS\System32\tr-TR [MD5.C8F2952DAE3971614DBD0C509F35BE93] - |A| - [16/07/2016 12:42:38] - (.-.) - [10.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlan.xslt [MD5.2F05390B798363D51EBE65D6320CD45E] - |A| - [16/07/2016 12:42:38] - (.-.) - [1.65 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlanCredentials.xslt [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [240 Ko] - C:\WINDOWS\System32\uk-UA [MD5.E7482D1D449217C8641762F5C38E157C] - |A| - [16/07/2016 12:42:12] - (.-.) - [9.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\VpnSohDesktop.dll [MD5.9BFB55A0F7F1F0C0E467FADBB7722085] - |A| - [16/12/2016 01:33:00] - (.Copyright (C) 2015-2016 - Vulkan Loader.) - [260.28 Ko] - (1.0.37.0) - C:\WINDOWS\System32\vulkan-1-1-0-37-0.dll [MD5.9BFB55A0F7F1F0C0E467FADBB7722085] - |A| - [22/02/2017 03:40:44] - (.Copyright (C) 2015-2016 - Vulkan Loader.) - [260.28 Ko] - (1.0.37.0) - C:\WINDOWS\System32\vulkan-1.dll [MD5.80EF00DDE08771B8A2C1E823F6E86E92] - |A| - [16/12/2016 01:32:28] - (.-.) - [122.78 Ko] - (0.0.0.0) - C:\WINDOWS\System32\vulkaninfo-1-1-0-37-0.exe [MD5.80EF00DDE08771B8A2C1E823F6E86E92] - |A| - [22/02/2017 03:40:44] - (.-.) - [122.78 Ko] - (0.0.0.0) - C:\WINDOWS\System32\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [89141.66 Ko] - C:\WINDOWS\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 23:40:10] - [0 Ko] - C:\WINDOWS\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [82957.66 Ko] - C:\WINDOWS\System32\WDI [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [16/07/2016 12:42:11] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WdsUnattendTemplate.xml [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 16:36:30] - [0 Ko] - C:\WINDOWS\System32\wfp [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [1.1 Ko] - C:\WINDOWS\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [42585.77 Ko] - C:\WINDOWS\System32\WinBioPlugIns [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 16:36:31] - [14.53 Ko] - C:\WINDOWS\System32\WindowsInternal.Inbox.Media.Shared [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 16:36:31] - [27.59 Ko] - C:\WINDOWS\System32\WindowsInternal.Inbox.Shared [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [8369.07 Ko] - C:\WINDOWS\System32\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [173768 Ko] - C:\WINDOWS\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [4228.5 Ko] - C:\WINDOWS\System32\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 23:40:11] - [107.53 Ko] - C:\WINDOWS\System32\winrm [MD5.C30C621748C66CE751B19B2788559A3E] - |A| - [16/07/2016 12:42:35] - (.-.) - [4.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpcmon.png [MD5.B6B479B04C64AF5EF36C24EBDF278302] - |A| - [16/07/2016 12:42:27] - (.-.) - [0.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpr.config.xml [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [204.5 Ko] - C:\WINDOWS\System32\zh-CN [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [199 Ko] - C:\WINDOWS\System32\zh-HK [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [199 Ko] - C:\WINDOWS\System32\zh-TW [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 23:40:11] - [0 Ko] - C:\WINDOWS\SysWOW64\0409 [MD5.962466D810C66342C8B7CCF2CDE4CA78] - |A| - [23/06/2015 10:33:18] - (.-.) - [20.51 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\07010000000000000000000000000000.tlbin [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [16/07/2016 12:43:00] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@AudioToastIcon.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [16/07/2016 12:43:02] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@EnrollmentToastIcon.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [16/07/2016 12:43:02] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@VpnToastIcon.png [MD5.00000000000000000000000000000000] - |AD| - [25/09/2014 18:56:39] - [14002.73 Ko] - C:\WINDOWS\SysWOW64\Adobe [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 07:04:30] - [2141.84 Ko] - C:\WINDOWS\SysWOW64\AdvancedInstallers [MD5.4BD514B1671CE16F504AD60C64241952] - |A| - [13/02/2017 18:31:58] - (.-.) - [0.14 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\amd-vulkan32.json [MD5.498B60750692E64803D6F4846DE7D31B] - |A| - [13/02/2017 18:31:58] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon AMD AVE Driver Component.) - [110.94 Ko] - (21.19.519.2) - C:\WINDOWS\SysWOW64\amdave32.dll [MD5.432DC4BD0DFC046AC5124949B2F86F59] - |A| - [13/02/2017 18:31:58] - (.-.) - [225.02 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\amdgfxinfo32.dll [MD5.1EDF8019FA2165C9EB84CC0DF179912E] - |A| - [13/02/2017 18:32:00] - (.Copyright (C) 2013 - Universal Adapter for Adobe.) - [132.73 Ko] - (21.19.519.2) - C:\WINDOWS\SysWOW64\amdhcp32.dll [MD5.B8382F874F476EFE7684498F11921F00] - |A| - [13/02/2017 18:32:00] - (.Advanced Micro Devices, Inc. Copyright (C) 2015 - LiquidVR SDK 1.0.) - [700.02 Ko] - (1.0.10.0) - C:\WINDOWS\SysWOW64\amdlvr32.dll [MD5.B6C82FDEC7A5C01C9AB98CF66186F88C] - |A| - [13/02/2017 18:32:02] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MCL Universal Driver.) - [74.02 Ko] - (1.6.0.0) - C:\WINDOWS\SysWOW64\amdmcl32.dll [MD5.C2C4581ACBF99673797A4CA9A19A88B1] - |A| - [08/10/2015 19:38:32] - (.-.) - [990.53 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\amdocl_as32.exe [MD5.C9EBC96372A2C7C33ECC0F6EC044846A] - |A| - [08/10/2015 19:38:30] - (.-.) - [797.05 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\amdocl_ld32.exe [MD5.76A644B47C29500C7D4179965AE28F70] - |A| - [13/02/2017 18:32:04] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [100.27 Ko] - (21.19.519.2) - C:\WINDOWS\SysWOW64\amdpcom32.dll [MD5.F12ED717E6454D7DBB16A36D6A24FDA4] - |A| - [23/06/2015 10:39:28] - (.Copyright (c) 2013 - 2015 Advanced Micro Devices, Inc. - amdumcsp dll.) - [69.52 Ko] - (2.21.0.0) - C:\WINDOWS\SysWOW64\amdumcsp.dll [MD5.AA7E884FCA9B040D9CE43E5E5423E977] - |A| - [13/02/2017 18:32:06] - (.Copyright (C) 2015 AMD Inc. - Vulkan driver, support for SI family and above.) - [7743.02 Ko] - (1.0.37.0) - C:\WINDOWS\SysWOW64\amdvlk32.dll [MD5.50DC87BDC9838A178E34703DF3A9E2B3] - |A| - [13/02/2017 18:32:14] - (.Copyright (C) 2014-2015 AMD Inc. - amdxcstub32.dll.) - [94.52 Ko] - (8.18.10.161) - C:\WINDOWS\SysWOW64\amdxc32.dll [MD5.C1558CDC21A4C9C1142F1BE8F5C01E2D] - |A| - [13/02/2017 18:32:20] - (.Advanced Micro Devices, Inc. Copyright (C) 2016 - Advanced Media Framework.) - [2135.02 Ko] - (1.4.1.0) - C:\WINDOWS\SysWOW64\amfrt32.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\AppLocker [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [250 Ko] - C:\WINDOWS\SysWOW64\ar-SA [MD5.A1B48B5E54FEC12B9AFD55A8BF09763B] - |A| - [13/02/2017 18:32:22] - (.Copyright (C) 2008-2016 Advanced Micro Devices, Inc. - ADL.) - [929.52 Ko] - (21.19.519.2) - C:\WINDOWS\SysWOW64\atiadlxx.dll [MD5.A1B48B5E54FEC12B9AFD55A8BF09763B] - |A| - [13/02/2017 18:32:22] - (.Copyright (C) 2008-2016 Advanced Micro Devices, Inc. - ADL.) - [929.52 Ko] - (21.19.519.2) - C:\WINDOWS\SysWOW64\atiadlxy.dll [MD5.96BE5218FC574ACD2AF4A5F1FA5F25F6] - |A| - [13/02/2017 18:32:22] - (.-.) - [763.88 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\atiapfxx.blb [MD5.DFA79E5A1DDD68EB08F3C67CB5C14ACB] - |A| - [08/10/2015 19:39:16] - (.Copyright (C) 1998-2012 AMD Inc. - aticfxstub32.dll.) - [143.08 Ko] - (8.17.10.1513) - C:\WINDOWS\SysWOW64\aticfx32.dll [MD5.648F9D3B17614A554AB632513997F5CC] - |A| - [08/10/2015 19:39:18] - (.-.) - [96.52 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\atidxx32.dll [MD5.B723F5DB96CBB58EF265609ECAF05DED] - |A| - [13/02/2017 18:32:34] - (.-.) - [212.52 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\atieah32.exe [MD5.A200A83F296F0B924EB7A087B3217FA2] - |A| - [13/02/2017 18:32:36] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [181.52 Ko] - (21.19.519.2) - C:\WINDOWS\SysWOW64\atigktxx.dll [MD5.22E3B894E17FC70598517998CFF000D8] - |A| - [13/02/2017 18:32:36] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [100.27 Ko] - (21.19.519.2) - C:\WINDOWS\SysWOW64\atimpc32.dll [MD5.84BCE47AB34ED4DF7F7BA04114491498] - |A| - [13/02/2017 18:32:38] - (.Copyright (c) 2010 Advanced Micro Devices, Inc. - Radeon spu api dll.) - [124.02 Ko] - (21.19.519.2) - C:\WINDOWS\SysWOW64\atisamu32.dll [MD5.F4F63BDDD0977C7E06AA9564E9FE6664] - |A| - [13/02/2017 18:32:42] - (.-.) - [3390.02 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\atiumdva.cap [MD5.49ECDFAE9EE0CCC759DA5D19C42E28CF] - |N| - [08/10/2015 19:39:18] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) - [7898.02 Ko] - (8.14.10.513) - C:\WINDOWS\SysWOW64\atiumdva.dll [MD5.4C44550B194486F398AFF88FB1AF2543] - |N| - [08/10/2015 19:39:18] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiuxpag.dll.) - [149.52 Ko] - (8.14.1.6463) - C:\WINDOWS\SysWOW64\atiuxpag.dll [MD5.7C163EDE63854539828F5B2C1BC529FD] - |A| - [05/09/2015 10:40:18] - (.-.) - [153.46 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ativvsva.dat [MD5.219D7091DD1D93728392337FE9C7ADD6] - |A| - [05/09/2015 10:40:18] - (.-.) - [200.15 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ativvsvl.dat [MD5.81051BCC2CF1BEDF378224B0A93E2877] - |RASHOT| - [10/10/2016 05:47:53] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\AUTOEXEC.NT [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [222 Ko] - C:\WINDOWS\SysWOW64\bg-BG [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0.93 Ko] - C:\WINDOWS\SysWOW64\Bthprops [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\catroot [MD5.8605ED1B39215D2EA0BE6E6D0D80CACF] - |A| - [24/11/2014 05:28:21] - (.-.) - [70.11 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CCCInstall_201411240528214295.log [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [318 Ko] - C:\WINDOWS\SysWOW64\Com [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [4245.5 Ko] - C:\WINDOWS\SysWOW64\config [MD5.81051BCC2CF1BEDF378224B0A93E2877] - |RASHOT| - [10/10/2016 05:47:53] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CONFIG.NT [MD5.00000000000000000000000000000000] - |SD| - [16/07/2016 12:47:48] - [51.22 Ko] - C:\WINDOWS\SysWOW64\Configuration [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [267.5 Ko] - C:\WINDOWS\SysWOW64\cs-CZ [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [264.5 Ko] - C:\WINDOWS\SysWOW64\da-DK [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [298.5 Ko] - C:\WINDOWS\SysWOW64\de-DE [MD5.1607D09E56B568A41685ADA0F0D83370] - |A| - [04/06/2016 20:19:46] - (.-.) - [8.99 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\debug.log [MD5.00000000000000000000000000000000] - |SD| - [16/07/2016 12:47:48] - [19 Ko] - C:\WINDOWS\SysWOW64\DiagSvcs [MD5.00000000000000000000000000000000] - |D| - [25/08/2016 23:19:53] - [0 Ko] - C:\WINDOWS\SysWOW64\directx [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 07:04:27] - [6040.05 Ko] - C:\WINDOWS\SysWOW64\Dism [MD5.26B0F12F9A4C267AF5B2DA35F87A6EFA] - |A| - [24/11/2015 00:17:25] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\DOErrors.log [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 07:04:27] - [1068.16 Ko] - C:\WINDOWS\SysWOW64\downlevel [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [3398.15 Ko] - C:\WINDOWS\SysWOW64\drivers [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\DriverStore [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [293 Ko] - C:\WINDOWS\SysWOW64\el-GR [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 23:40:11] - [0 Ko] - C:\WINDOWS\SysWOW64\en [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [213 Ko] - C:\WINDOWS\SysWOW64\en-GB [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [1571.1 Ko] - C:\WINDOWS\SysWOW64\en-US [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [287.5 Ko] - C:\WINDOWS\SysWOW64\es-ES [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [231.5 Ko] - C:\WINDOWS\SysWOW64\es-MX [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [209 Ko] - C:\WINDOWS\SysWOW64\et-EE [MD5.00000000000000000000000000000000] - |SD| - [16/07/2016 12:47:48] - [21671.66 Ko] - C:\WINDOWS\SysWOW64\F12 [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [267.5 Ko] - C:\WINDOWS\SysWOW64\fi-FI [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 23:40:11] - [3140 Ko] - C:\WINDOWS\SysWOW64\fr [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [237 Ko] - C:\WINDOWS\SysWOW64\fr-CA [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [36637.23 Ko] - C:\WINDOWS\SysWOW64\fr-FR [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\FxsTmp [MD5.3F36E5A39BE1A72DB129D89C5037EF97] - |A| - [13/02/2017 18:32:48] - (.-.) - [243.52 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\GameManager32.dll [MD5.D474B25D37968604B4D9AEA01628C32E] - |A| - [11/09/2016 04:59:14] - (.Copyright ? 2000-2011 INCA Internet - nProtect Game Monitor Rev 2390.) - [4260.41 Ko] - (2016.2.25.1) - C:\WINDOWS\SysWOW64\GameMon.des [MD5.90C13992194EC4B39FC45A739D323455] - |A| - [04/02/2016 22:30:38] - (.-.) - [49.74 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\generic_uninstaller.log [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [238.5 Ko] - C:\WINDOWS\SysWOW64\he-IL [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [217 Ko] - C:\WINDOWS\SysWOW64\hr-HR [MD5.D8D28792AB12F5F4B105130B0FFF0DE6] - |A| - [13/02/2017 18:32:48] - (.-.) - [237.02 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\hsa-thunk.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [270.5 Ko] - C:\WINDOWS\SysWOW64\hu-HU [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [36.27 Ko] - C:\WINDOWS\SysWOW64\icsxml [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [21385.67 Ko] - C:\WINDOWS\SysWOW64\IME [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [3426.72 Ko] - C:\WINDOWS\SysWOW64\inetsrv [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [201 Ko] - C:\WINDOWS\SysWOW64\InputMethod [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [1160 Ko] - C:\WINDOWS\SysWOW64\InstallShield [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\Ipmi [MD5.EDD400CC92C6D43F98D3D3AFC97C2559] - |A| - [24/11/2014 05:33:24] - (.-.) - [440.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ISSRemoveSP.exe [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [293 Ko] - C:\WINDOWS\SysWOW64\it-IT [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [214.5 Ko] - C:\WINDOWS\SysWOW64\ja-JP [MD5.4097C6C2DC7063BF835EFD2C64CBC98E] - |A| - [07/09/2014 00:41:26] - (.-.) - [38 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\kdbsdk32.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [212.5 Ko] - C:\WINDOWS\SysWOW64\ko-KR [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [73.41 Ko] - C:\WINDOWS\SysWOW64\Licenses [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\LogFiles [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [213.5 Ko] - C:\WINDOWS\SysWOW64\lt-LT [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [214.5 Ko] - C:\WINDOWS\SysWOW64\lv-LV [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [43904.58 Ko] - C:\WINDOWS\SysWOW64\Macromed [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [32.68 Ko] - C:\WINDOWS\SysWOW64\MailContactsCalendarSync [MD5.1DC5EBF4837CD074963B2C4B172B09FF] - |A| - [13/02/2017 18:32:48] - (.Copyright (C) 2013 AMD Inc. - Mantle loader.) - [141.02 Ko] - (21.19.519.2) - C:\WINDOWS\SysWOW64\mantle32.dll [MD5.4AA5C2AAB67E0D114F9F258FE3D0B5D0] - |A| - [13/02/2017 18:32:50] - (.Copyright (C) 2013 AMD Inc. - Mantle extension library.) - [115.52 Ko] - (21.19.519.2) - C:\WINDOWS\SysWOW64\mantleaxl32.dll [MD5.00000000000000000000000000000000] - |SD| - [26/08/2016 04:39:38] - [0 Ko] - C:\WINDOWS\SysWOW64\Microsoft [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [3301.97 Ko] - C:\WINDOWS\SysWOW64\migration [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [821.34 Ko] - C:\WINDOWS\SysWOW64\migwiz [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [45.5 Ko] - C:\WINDOWS\SysWOW64\MSDRM [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [52.28 Ko] - C:\WINDOWS\SysWOW64\MsDtc [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [19.15 Ko] - C:\WINDOWS\SysWOW64\MUI [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [260.5 Ko] - C:\WINDOWS\SysWOW64\nb-NO [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\NDF [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [51 Ko] - C:\WINDOWS\SysWOW64\networklist [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [278 Ko] - C:\WINDOWS\SysWOW64\nl-NL [MD5.FB820C142B89F3037B8BEE0968B0276B] - |A| - [11/09/2016 04:58:58] - (.-.) - [5.05 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\nppt9x.vxd [MD5.9131FE60ADFAB595C8DA53AD6A06AA31] - |A| - [11/09/2016 04:58:58] - (.Copyright ? 2000-2005 INCA Internet - nProtect NPSC Kernel Mode Driver for NT.) - [4.57 Ko] - (2005.1.5.1) - C:\WINDOWS\SysWOW64\npptNT2.sys [MD5.00000000000000000000000000000000] - |SD| - [16/07/2016 12:47:48] - [3781.5 Ko] - C:\WINDOWS\SysWOW64\Nui [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [644.69 Ko] - C:\WINDOWS\SysWOW64\oobe [MD5.066D4FDE570ED2D1C6DEE09533E1A6BA] - |A| - [10/10/2016 06:05:34] - (.-.) - [0.25 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\PARTIZAN.TXT [MD5.3D10A0F0980C0D766616DFD2723805FF] - |A| - [13/08/2016 06:02:14] - (.-.) - [1530.75 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [275.5 Ko] - C:\WINDOWS\SysWOW64\pl-PL [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 23:40:11] - [420.42 Ko] - C:\WINDOWS\SysWOW64\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [278.5 Ko] - C:\WINDOWS\SysWOW64\pt-BR [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [273.5 Ko] - C:\WINDOWS\SysWOW64\pt-PT [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [23.75 Ko] - C:\WINDOWS\SysWOW64\ras [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\RasToast [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0.76 Ko] - C:\WINDOWS\SysWOW64\Recovery [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\restore [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [218.5 Ko] - C:\WINDOWS\SysWOW64\ro-RO [MD5.E70DC59B546D778AA76ED49996A6C78E] - |A| - [24/11/2014 05:42:19] - (.-.) - [12034.89 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\rootpa.e2e [MD5.50EE1B3DFF7D0857857C0D73F2224BA0] - |A| - [23/06/2015 10:39:30] - (.Copyright (c) 2013 - 2014 Advanced Micro Devices, Inc. - rootpacommon dll.) - [2906.02 Ko] - (1.22.0.0) - C:\WINDOWS\SysWOW64\rootpacommon.dll [MD5.5B8C0349323E82C0F6F17027362716D6] - |A| - [08/10/2015 19:39:16] - (.Copyright (C) 1998-2012 AMD Inc. - aticfx32.dll.) - [1209.2 Ko] - (8.17.10.1404) - C:\WINDOWS\SysWOW64\SET5B89.tmp [MD5.C4E4BB72470EC0E67A5CBE7E2B901B03] - |A| - [08/10/2015 19:39:18] - (.Copyright (C) 1998-2011 AMD Inc. - atidxx32.dll.) - [10047.23 Ko] - (8.17.10.625) - C:\WINDOWS\SysWOW64\SET5BAA.tmp [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [219 Ko] - C:\WINDOWS\SysWOW64\sk-SK [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [215.5 Ko] - C:\WINDOWS\SysWOW64\sl-SI [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 23:40:11] - [52.14 Ko] - C:\WINDOWS\SysWOW64\slmgr [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\SMI [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [4202.34 Ko] - C:\WINDOWS\SysWOW64\Speech [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [6318.84 Ko] - C:\WINDOWS\SysWOW64\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [1274.06 Ko] - C:\WINDOWS\SysWOW64\spp [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [31.88 Ko] - C:\WINDOWS\SysWOW64\sppui [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [223 Ko] - C:\WINDOWS\SysWOW64\sr-Latn-CS [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [335.23 Ko] - C:\WINDOWS\SysWOW64\sr-Latn-RS [MD5.48435D12B45AB1F954CB579D1EA15D52] - |A| - [24/11/2015 00:55:04] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [321.64 Ko] - (4.0.0.59) - C:\WINDOWS\SysWOW64\SRCOM.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\sru [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [265.5 Ko] - C:\WINDOWS\SysWOW64\sv-SE [MD5.D8F9D332407D0E72635C4963FA61F3D6] - |A| - [11/12/2016 19:59:44] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\swhealthex.log [MD5.03C2A0BD0A2C549546E7796DF3F6EFBA] - |A| - [02/09/2016 02:02:46] - (.Copyright (C) Synaptics Incorporated 1996-2016 - SynCOM.) - [425.09 Ko] - (19.2.4.10) - C:\WINDOWS\SysWOW64\SynCom.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 23:40:11] - [0 Ko] - C:\WINDOWS\SysWOW64\sysprep [MD5.37656330DAEAB5999B714BB8F2239957] - |A| - [23/06/2015 10:39:28] - (.Copyright (c) 2013 - 2015 Advanced Micro Devices, Inc. - t-base_client_api dll.) - [20.52 Ko] - (2.21.0.0) - C:\WINDOWS\SysWOW64\t-base_client_api.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [0 Ko] - C:\WINDOWS\SysWOW64\Tasks [MD5.B4CB306845507AB3D494EEAAD38EC5E4] - |A| - [23/06/2015 10:39:28] - (.Copyright © 2013 - 2014 Advanced Micro Devices, Inc. - tbaseprovisioning.) - [59.02 Ko] - (1.0.0.0) - C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [MD5.813A2EC812AB37D8EDF5116AD488A980] - |A| - [23/06/2015 10:33:20] - (.-.) - [2.42 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\tbaseprovisioning.exe.config [MD5.3F87ED21C995C6261527076911964163] - |A| - [23/06/2015 10:39:28] - (.Copyright (c) 2013 - 2015 Advanced Micro Devices, Inc. - tbaseregistry dll.) - [106.02 Ko] - (2.21.0.0) - C:\WINDOWS\SysWOW64\tbaseregistry32.dll [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [205 Ko] - C:\WINDOWS\SysWOW64\th-TH [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [261.5 Ko] - C:\WINDOWS\SysWOW64\tr-TR [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [215.5 Ko] - C:\WINDOWS\SysWOW64\uk-UA [MD5.FAC1B12B9CA744802AB85930703B64F1] - |A| - [16/12/2016 01:33:50] - (.Copyright (C) 2015-2016 - Vulkan Loader.) - [267.28 Ko] - (1.0.37.0) - C:\WINDOWS\SysWOW64\vulkan-1-1-0-37-0.dll [MD5.FAC1B12B9CA744802AB85930703B64F1] - |A| - [22/02/2017 03:40:44] - (.Copyright (C) 2015-2016 - Vulkan Loader.) - [267.28 Ko] - (1.0.37.0) - C:\WINDOWS\SysWOW64\vulkan-1.dll [MD5.CD202948D741C868F64A5FC006250C56] - |A| - [16/12/2016 01:33:18] - (.-.) - [108.78 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-37-0.exe [MD5.CD202948D741C868F64A5FC006250C56] - |A| - [22/02/2017 03:40:44] - (.-.) - [108.78 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [15540.58 Ko] - C:\WINDOWS\SysWOW64\wbem [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 23:40:11] - [0 Ko] - C:\WINDOWS\SysWOW64\WCN [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [7450.94 Ko] - C:\WINDOWS\SysWOW64\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [4228.5 Ko] - C:\WINDOWS\SysWOW64\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 23:40:11] - [107.53 Ko] - C:\WINDOWS\SysWOW64\winrm [MD5.00000000000000000000000000000000] - |D| - [13/08/2016 06:40:24] - [10.16 Ko] - C:\WINDOWS\SysWOW64\XPSViewer [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [190.5 Ko] - C:\WINDOWS\SysWOW64\zh-CN [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [185 Ko] - C:\WINDOWS\SysWOW64\zh-HK [MD5.00000000000000000000000000000000] - |D| - [16/07/2016 12:47:48] - [185 Ko] - C:\WINDOWS\SysWOW64\zh-TW ---------- | [philippe] [13/08/2016 06:03:08] - |D| - [4335241634] - C:\Users\philippe\AppData\Local [22/11/2015 00:08:30] - |D| - [4107536] - C:\Users\philippe\AppData\LocalLow [28/09/2016 01:02:37] - |A| - [222788] - C:\Users\philippe\AppData\Localtransition_0534e24a7a14c5d63f0e742a4d632bcc.ini [13/08/2016 06:03:08] - |D| - [312571385] - C:\Users\philippe\AppData\Roaming [23/11/2015 03:52:17] - |D| - [0] - C:\Users\philippe\AppData\Local\ActiveSync [16/01/2017 20:26:54] - |D| - [0] - C:\Users\philippe\AppData\Local\Adobe [26/05/2016 01:58:34] - |D| - [5105202] - C:\Users\philippe\AppData\Local\AMD [28/09/2016 01:02:19] - |D| - [2536105842] - C:\Users\philippe\AppData\Local\Ankama [13/08/2016 06:03:09] - |SHD| - [46419835348] - C:\Users\philippe\AppData\Local\Application Data [31/01/2017 23:44:50] - |D| - [25854903] - C:\Users\philippe\AppData\Local\Arktos Entertainment [22/02/2017 05:12:56] - |D| - [10384] - C:\Users\philippe\AppData\Local\ATI [25/09/2016 22:44:01] - |D| - [29601614] - C:\Users\philippe\AppData\Local\Battle.net [25/09/2016 23:02:12] - |D| - [326271] - C:\Users\philippe\AppData\Local\Blizzard [25/09/2016 22:44:16] - |D| - [264] - C:\Users\philippe\AppData\Local\Blizzard Entertainment [01/06/2016 02:30:00] - |D| - [1268369] - C:\Users\philippe\AppData\Local\Bluestacks [26/07/2016 22:54:17] - |D| - [5984542] - C:\Users\philippe\AppData\Local\CEF [15/01/2017 19:41:58] - |D| - [40] - C:\Users\philippe\AppData\Local\Chromium [23/11/2015 03:51:21] - |D| - [31997980] - C:\Users\philippe\AppData\Local\Comms [13/08/2016 15:47:55] - |D| - [2377371] - C:\Users\philippe\AppData\Local\ConnectedDevicesPlatform [04/10/2016 18:10:12] - |D| - [1346268] - C:\Users\philippe\AppData\Local\Crashpad [31/01/2017 23:38:44] - |D| - [0] - C:\Users\philippe\AppData\Local\CrashRpt [22/11/2015 00:15:58] - |D| - [156] - C:\Users\philippe\AppData\Local\CyberLink [26/11/2015 04:33:05] - |D| - [0] - C:\Users\philippe\AppData\Local\Diagnostics [09/11/2016 20:58:09] - |D| - [355664005] - C:\Users\philippe\AppData\Local\Discord [27/01/2017 16:52:20] - |D| - [30935040] - C:\Users\philippe\AppData\Local\Downloaded Installations [22/11/2015 00:13:14] - |D| - [1943] - C:\Users\philippe\AppData\Local\DropboxOEM [22/11/2015 00:15:05] - |SHD| - [0] - C:\Users\philippe\AppData\Local\EmieSiteList [22/11/2015 00:15:05] - |SHD| - [0] - C:\Users\philippe\AppData\Local\EmieUserList [03/05/2016 02:13:14] - |D| - [0] - C:\Users\philippe\AppData\Local\Evernote [31/01/2017 23:38:47] - |D| - [0] - C:\Users\philippe\AppData\Local\FredaikisAB [26/10/2016 21:18:18] - |D| - [1527541] - C:\Users\philippe\AppData\Local\Glyph [22/11/2015 00:46:59] - |D| - [444613382] - C:\Users\philippe\AppData\Local\Google [22/11/2015 00:14:41] - |D| - [71] - C:\Users\philippe\AppData\Local\GWX [22/11/2015 00:13:05] - |D| - [24846] - C:\Users\philippe\AppData\Local\Hewlett-Packard [13/08/2016 06:03:09] - |SHD| - [130] - C:\Users\philippe\AppData\Local\Historique [23/08/2016 22:00:48] - |AH| - [127810] - C:\Users\philippe\AppData\Local\IconCache.db [10/10/2016 01:00:59] - |D| - [174080] - C:\Users\philippe\AppData\Local\IIIQF [27/05/2016 04:55:57] - |D| - [0] - C:\Users\philippe\AppData\Local\Macromedia [13/08/2016 06:03:08] - |D| - [348057823] - C:\Users\philippe\AppData\Local\Microsoft [23/11/2015 03:56:54] - |D| - [86845] - C:\Users\philippe\AppData\Local\MicrosoftEdge [23/11/2015 03:53:06] - |D| - [0] - C:\Users\philippe\AppData\Local\NetworkTiles [04/10/2016 18:10:12] - |D| - [20341113] - C:\Users\philippe\AppData\Local\NexonLauncher [22/11/2015 00:11:37] - |D| - [206263066] - C:\Users\philippe\AppData\Local\Packages [22/11/2015 00:12:34] - |D| - [0] - C:\Users\philippe\AppData\Local\PackageStaging [25/08/2016 22:04:58] - |D| - [0] - C:\Users\philippe\AppData\Local\Programs [23/11/2015 03:53:57] - |D| - [131824] - C:\Users\philippe\AppData\Local\Publishers [05/10/2016 21:34:37] - |A| - [17] - C:\Users\philippe\AppData\Local\resmon.resmoncfg [03/02/2017 08:52:21] - |D| - [160] - C:\Users\philippe\AppData\Local\Rockstar Games [13/11/2016 22:53:29] - |D| - [4996644] - C:\Users\philippe\AppData\Local\Sandbox Interactive GmbH [11/09/2016 03:04:45] - |D| - [13803] - C:\Users\philippe\AppData\Local\SquirrelTemp [06/10/2016 02:08:41] - |D| - [97105517] - C:\Users\philippe\AppData\Local\Steam [20/02/2017 04:54:35] - |D| - [688496] - C:\Users\philippe\AppData\Local\TeamSpeak 3 [13/08/2016 06:03:08] - |D| - [165466132] - C:\Users\philippe\AppData\Local\Temp [13/08/2016 06:03:09] - |SHD| - [44694417] - C:\Users\philippe\AppData\Local\Temporary Internet Files [23/11/2015 03:50:15] - |D| - [14245888] - C:\Users\philippe\AppData\Local\TileDataLayer [27/01/2017 16:54:44] - |D| - [1454544] - C:\Users\philippe\AppData\Local\TomTom [01/12/2016 19:41:31] - |D| - [0] - C:\Users\philippe\AppData\Local\Unity [22/11/2015 00:11:35] - |D| - [3212] - C:\Users\philippe\AppData\Local\VirtualStore [25/01/2017 16:59:03] - |D| - [3035647] - C:\Users\philippe\AppData\Local\Warframe [22/02/2017 04:58:39] - |D| - [0] - C:\Users\philippe\AppData\LocalLow\AMD [25/09/2016 23:02:35] - |D| - [840] - C:\Users\philippe\AppData\LocalLow\Blizzard Entertainment [22/11/2015 00:14:59] - |SHD| - [0] - C:\Users\philippe\AppData\LocalLow\EmieSiteList [22/11/2015 00:15:10] - |SHD| - [0] - C:\Users\philippe\AppData\LocalLow\EmieUserList [24/11/2015 00:45:28] - |D| - [9] - C:\Users\philippe\AppData\LocalLow\Evernote [01/02/2017 23:29:15] - |D| - [538015] - C:\Users\philippe\AppData\LocalLow\Heroes and Generals [31/01/2017 19:42:00] - |D| - [10731] - C:\Users\philippe\AppData\LocalLow\IndieBrotherhood [22/11/2015 00:08:31] - |SD| - [3507282] - C:\Users\philippe\AppData\LocalLow\Microsoft [09/02/2017 03:36:27] - |D| - [0] - C:\Users\philippe\AppData\LocalLow\square_enix [22/02/2017 02:58:52] - |D| - [50659] - C:\Users\philippe\AppData\LocalLow\Sun [25/08/2016 21:54:47] - |D| - [0] - C:\Users\philippe\AppData\LocalLow\Temp [01/12/2016 19:41:31] - |D| - [0] - C:\Users\philippe\AppData\LocalLow\Unity [25/09/2016 23:02:19] - |D| - [0] - C:\Users\philippe\AppData\Roaming\.mono [22/11/2015 00:11:50] - |D| - [0] - C:\Users\philippe\AppData\Roaming\Adobe [13/11/2016 23:58:02] - |D| - [0] - C:\Users\philippe\AppData\Roaming\Albion [13/11/2016 23:57:28] - |D| - [30495] - C:\Users\philippe\AppData\Roaming\AlbionOnline [28/09/2016 02:50:19] - |D| - [0] - C:\Users\philippe\AppData\Roaming\AnkamaCertificates [28/09/2016 01:25:24] - |D| - [5113] - C:\Users\philippe\AppData\Roaming\app [22/11/2015 00:44:40] - |D| - [21089150] - C:\Users\philippe\AppData\Roaming\AVAST Software [25/09/2016 22:42:29] - |D| - [3179] - C:\Users\philippe\AppData\Roaming\Battle.net [29/12/2015 03:46:09] - |D| - [56] - C:\Users\philippe\AppData\Roaming\CyberLink [28/09/2016 01:25:07] - |A| - [117] - C:\Users\philippe\AppData\Roaming\D2Info0 [11/09/2016 03:05:16] - |D| - [61170656] - C:\Users\philippe\AppData\Roaming\discord [23/11/2015 04:04:34] - |D| - [0] - C:\Users\philippe\AppData\Roaming\DiskDefrag [28/09/2016 01:25:07] - |D| - [24033553] - C:\Users\philippe\AppData\Roaming\Dofus [28/09/2016 02:33:45] - |D| - [0] - C:\Users\philippe\AppData\Roaming\Dofus-2 [28/09/2016 01:25:07] - |A| - [8] - C:\Users\philippe\AppData\Roaming\DofusAppId0_1 [28/09/2016 02:33:45] - |A| - [8] - C:\Users\philippe\AppData\Roaming\DofusAppId0_2 [24/11/2015 00:34:39] - |D| - [53799089] - C:\Users\philippe\AppData\Roaming\DropboxOEM [23/11/2015 04:04:34] - |D| - [59057288] - C:\Users\philippe\AppData\Roaming\GlarySoft [01/02/2017 23:29:09] - |D| - [100278] - C:\Users\philippe\AppData\Roaming\HeroesAndGeneralsDesktop [22/11/2015 00:15:35] - |D| - [4717] - C:\Users\philippe\AppData\Roaming\Hewlett-Packard [22/11/2015 00:14:34] - |D| - [50458] - C:\Users\philippe\AppData\Roaming\hpqlog [21/01/2017 04:36:30] - |D| - [152976] - C:\Users\philippe\AppData\Roaming\Logishrd [21/01/2017 04:36:30] - |D| - [0] - C:\Users\philippe\AppData\Roaming\Logitech [22/11/2015 00:16:56] - |D| - [733] - C:\Users\philippe\AppData\Roaming\Macromedia [13/08/2016 06:03:08] - |SD| - [1621160] - C:\Users\philippe\AppData\Roaming\Microsoft [27/05/2016 04:55:53] - |D| - [0] - C:\Users\philippe\AppData\Roaming\Mozilla [04/10/2016 18:09:05] - |D| - [3142] - C:\Users\philippe\AppData\Roaming\NexonLauncher [28/09/2016 01:25:24] - |D| - [0] - C:\Users\philippe\AppData\Roaming\Reg [01/08/2016 17:37:27] - |D| - [35004128] - C:\Users\philippe\AppData\Roaming\Skype [22/02/2017 02:58:45] - |D| - [0] - C:\Users\philippe\AppData\Roaming\Sun [22/11/2015 00:11:10] - |D| - [0] - C:\Users\philippe\AppData\Roaming\Synaptics [27/01/2017 16:54:44] - |D| - [31305779] - C:\Users\philippe\AppData\Roaming\TomTom [21/08/2016 23:30:23] - |D| - [21958157] - C:\Users\philippe\AppData\Roaming\TS3Client [03/02/2017 09:07:51] - |D| - [3181145] - C:\Users\philippe\AppData\Roaming\WildTangent [22/11/2015 00:12:05] - |ASH| - [174] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [28/09/2016 01:02:30] - |A| - [1171] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Dofus.lnk [13/08/2016 06:03:09] - |SHD| - [35361] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [13/08/2016 06:03:08] - |RD| - [35361] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [13/08/2016 06:03:08] - |RD| - [3888] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [13/08/2016 06:03:08] - |RD| - [2936] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [22/11/2015 00:12:06] - |RD| - [174] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [13/11/2016 22:52:08] - |D| - [2499] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Albion Online [13/08/2016 15:48:14] - |ASH| - [174] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [10/10/2016 01:15:43] - |D| - [3436] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair [11/09/2016 03:05:23] - |D| - [2312] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc [13/08/2016 06:03:08] - |D| - [170] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [04/10/2016 18:09:16] - |D| - [4576] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nexon [23/11/2015 04:04:26] - |A| - [2466] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [22/11/2015 00:12:06] - |RD| - [174] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [13/08/2016 06:03:08] - |RD| - [5318] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [13/08/2016 06:03:08] - |RD| - [7238] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [22/11/2015 00:12:06] - |ASH| - [174] - C:\Users\philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [Public] ---------- | C:\ProgramData [25/09/2016 23:02:19] - |D| - [0] - C:\ProgramData\.mono [24/11/2014 05:27:48] - |D| - [24904] - C:\ProgramData\AMD [24/11/2014 05:40:16] - |D| - [2682368] - C:\ProgramData\Apple [13/08/2016 06:33:17] - |SHD| - [211700189468] - C:\ProgramData\Application Data [22/11/2015 00:38:13] - |D| - [394637579] - C:\ProgramData\AVAST Software [25/09/2016 22:41:39] - |D| - [15235922] - C:\ProgramData\Battle.net [25/09/2016 22:44:06] - |D| - [33253] - C:\ProgramData\Blizzard Entertainment [01/06/2016 02:30:26] - |D| - [11300389507] - C:\ProgramData\Bluestacks [30/05/2016 17:04:17] - |D| - [130541424] - C:\ProgramData\BlueStacksGameManager [22/11/2015 00:21:42] - |D| - [312530592] - C:\ProgramData\BlueStacksSetup [20/11/2015 06:54:26] - |SHD| - [31577] - C:\ProgramData\Bureau [16/07/2016 12:47:48] - |D| - [0] - C:\ProgramData\Comms [24/11/2014 05:50:44] - |D| - [56233081] - C:\ProgramData\CyberLink [13/08/2016 06:33:17] - |SHD| - [643862] - C:\ProgramData\Documents [21/01/2017 02:17:06] - |D| - [1973638] - C:\ProgramData\DriversCloud.com [24/10/2016 17:01:24] - |D| - [0] - C:\ProgramData\FaceLift [05/12/2015 21:25:04] - |D| - [8051559] - C:\ProgramData\GlarySoft [26/10/2016 21:18:16] - |D| - [93] - C:\ProgramData\Glyph [25/09/2014 19:01:25] - |D| - [45235998] - C:\ProgramData\Hewlett-Packard [24/11/2014 05:49:52] - |D| - [781026] - C:\ProgramData\install_clap [21/01/2017 04:37:36] - |D| - [23142627] - C:\ProgramData\Logishrd [21/01/2017 04:38:59] - |D| - [1632] - C:\ProgramData\Logitech [24/11/2014 06:03:00] - |D| - [59832] - C:\ProgramData\McAfee [20/11/2015 06:54:26] - |SHD| - [172748] - C:\ProgramData\Menu Démarrer [16/07/2016 12:47:48] - |SD| - [2319412997] - C:\ProgramData\Microsoft [13/08/2016 15:51:26] - |D| - [0] - C:\ProgramData\Microsoft OneDrive [04/10/2016 18:49:21] - |A| - [16] - C:\ProgramData\mntemp [20/11/2015 06:54:26] - |SHD| - [0] - C:\ProgramData\Modèles [22/02/2017 02:58:14] - |D| - [72300631] - C:\ProgramData\Oracle [25/09/2014 18:59:34] - |D| - [358929122] - C:\ProgramData\Package Cache [24/11/2014 05:35:43] - |D| - [2925660] - C:\ProgramData\Realtek [16/07/2016 12:47:48] - |AD| - [2045] - C:\ProgramData\regid.1991-06.com.microsoft [10/10/2016 05:49:02] - |D| - [0] - C:\ProgramData\RegRun [01/08/2016 17:37:00] - |D| - [43474944] - C:\ProgramData\Skype [16/07/2016 12:47:48] - |D| - [0] - C:\ProgramData\SoftwareDistribution [21/01/2017 04:25:55] - |D| - [133335] - C:\ProgramData\SRS Labs [25/02/2017 01:07:01] - |D| - [0] - C:\ProgramData\SWCUTemp [24/11/2014 05:41:48] - |D| - [3756] - C:\ProgramData\Synaptics [24/11/2014 05:49:53] - |D| - [2533816] - C:\ProgramData\Temp [27/01/2017 16:56:59] - |D| - [34899] - C:\ProgramData\TomTom [16/07/2016 12:47:48] - |D| - [4151] - C:\ProgramData\USOPrivate [13/08/2016 09:51:00] - |D| - [2498560] - C:\ProgramData\USOShared [24/11/2014 05:52:35] - |D| - [2056297021] - C:\ProgramData\WildTangent [25/09/2014 19:01:50] - |D| - [38225910] - C:\ProgramData\{65AB91D4-DDD0-48D4-804D-C24E1FC90D44} ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [01/06/2016 02:30:45] - |A| - [1874] - C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk [16/07/2016 12:47:50] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [20/11/2015 06:54:26] - |SHD| - [170700] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [16/07/2016 12:47:48] - |RD| - [170700] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [10/10/2016 00:49:39] - |D| - [1789] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [16/07/2016 12:47:48] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [16/07/2016 12:47:48] - |RD| - [14299] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [16/07/2016 12:47:48] - |RD| - [20488] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [22/02/2017 03:45:55] - |D| - [1964] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard [22/02/2017 03:45:39] - |D| - [2010] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings [03/06/2016 12:35:17] - |A| - [1986] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Antivirus Gratuit.lnk [03/06/2016 12:37:01] - |A| - [1095] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk [25/09/2016 22:43:37] - |D| - [1176] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net [24/11/2014 05:51:56] - |RD| - [1640] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat [16/07/2016 12:47:50] - |ASH| - [962] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [21/01/2017 06:09:02] - |D| - [2988] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com [25/09/2014 18:59:26] - |D| - [2069] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 25 GB [13/10/2016 17:54:38] - |A| - [2535] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote.lnk [24/11/2014 05:52:39] - |RD| - [26066] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [23/11/2015 04:04:43] - |D| - [1229] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5 [23/11/2015 04:04:43] - |A| - [1172] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk [26/10/2016 21:18:19] - |D| - [4248] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph [22/11/2015 00:48:48] - |A| - [2277] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [25/09/2016 23:01:24] - |D| - [1211] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone [19/02/2017 20:00:17] - |D| - [4595] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes & Generals [25/09/2014 19:01:24] - |D| - [4793] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support [16/07/2016 12:43:50] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [22/02/2017 02:58:37] - |D| - [6907] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [21/01/2017 06:14:12] - |D| - [2408] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech [16/07/2016 12:47:48] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [25/09/2014 18:55:50] - |A| - [1996] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk [16/07/2016 12:42:22] - |RAS| - [2219] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk [13/08/2016 05:58:45] - |D| - [11652] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos [11/09/2016 03:37:20] - |D| - [4490] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT [11/09/2016 03:33:26] - |D| - [2041] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest [16/07/2016 12:43:50] - |RAS| - [2199] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk [25/09/2014 18:53:23] - |RD| - [10303] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools [10/10/2016 05:47:45] - |D| - [5145] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reanimator [29/10/2016 00:37:43] - |D| - [2144] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [20/11/2016 19:31:33] - |D| - [942] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy [16/07/2016 12:47:48] - |RD| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [06/10/2016 02:04:59] - |D| - [1119] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [16/07/2016 12:47:48] - |RD| - [2670] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [30/10/2015 20:03:03] - |RHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC [21/08/2016 23:30:17] - |A| - [977] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk [27/01/2017 16:54:18] - |D| - [4703] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom [09/02/2017 01:35:29] - |A| - [2367] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - hp.lnk [13/08/2016 06:11:32] - |A| - [1519] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [16/07/2016 12:47:50] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [11/09/2016 03:35:33] - |D| - [7657398] - C:\Program Files (x86)\AGEIA Technologies [13/11/2016 22:50:52] - |D| - [3728890209] - C:\Program Files (x86)\AlbionOnline [22/02/2017 03:45:18] - |AD| - [56222657] - C:\Program Files (x86)\AMD [24/11/2014 05:28:23] - |D| - [717552] - C:\Program Files (x86)\AMD AVT [24/11/2014 05:25:48] - |AD| - [16586108] - C:\Program Files (x86)\ATI Technologies [25/09/2016 22:42:40] - |AD| - [155663395] - C:\Program Files (x86)\Battle.net [01/06/2016 02:30:25] - |D| - [69301519] - C:\Program Files (x86)\Bluestacks [24/11/2014 05:40:16] - |AD| - [631140] - C:\Program Files (x86)\Bonjour [24/11/2014 05:34:37] - |D| - [3558495] - C:\Program Files (x86)\Cisco [16/07/2016 07:04:24] - |D| - [403278520] - C:\Program Files (x86)\Common Files [24/11/2014 05:50:26] - |D| - [1108860578] - C:\Program Files (x86)\CyberLink [16/07/2016 12:47:50] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [25/08/2016 22:11:04] - |D| - [15212193940] - C:\Program Files (x86)\DragonsProphet [25/09/2014 18:59:26] - |D| - [2871172] - C:\Program Files (x86)\Dropbox [13/10/2016 17:54:23] - |D| - [235007603] - C:\Program Files (x86)\Evernote [25/09/2014 19:00:01] - |AD| - [591626413] - C:\Program Files (x86)\Foxit PhantomPDF [10/10/2016 01:15:42] - |D| - [2923739] - C:\Program Files (x86)\Free Window Registry Repair [23/11/2015 04:04:11] - |D| - [44966595] - C:\Program Files (x86)\Glary Utilities 5 [26/06/2016 19:59:59] - |D| - [0] - C:\Program Files (x86)\Glarysoft [26/10/2016 21:18:03] - |AD| - [29971503539] - C:\Program Files (x86)\Glyph [22/11/2015 00:46:59] - |D| - [373063099] - C:\Program Files (x86)\Google [10/10/2016 05:47:41] - |D| - [55245798] - C:\Program Files (x86)\Greatis [25/09/2016 22:51:25] - |AD| - [1882521786] - C:\Program Files (x86)\Hearthstone [19/02/2017 20:00:16] - |D| - [1181580714] - C:\Program Files (x86)\Heroes & Generals [25/09/2014 18:48:48] - |AD| - [471261333] - C:\Program Files (x86)\Hewlett-Packard [24/11/2015 00:23:48] - |D| - [5357019] - C:\Program Files (x86)\HP [28/07/2016 16:43:39] - |D| - [1847064] - C:\Program Files (x86)\infernum [25/09/2014 19:03:19] - |HD| - [285984442] - C:\Program Files (x86)\InstallShield Installation Information [16/07/2016 12:47:48] - |D| - [1990003] - C:\Program Files (x86)\Internet Explorer [22/02/2017 02:58:04] - |D| - [164215853] - C:\Program Files (x86)\Java [25/09/2014 18:55:42] - |D| - [2279680] - C:\Program Files (x86)\Microsoft Office [16/07/2016 12:47:48] - |D| - [23935] - C:\Program Files (x86)\Microsoft.NET [13/08/2016 06:40:23] - |D| - [25757] - C:\Program Files (x86)\MSBuild [11/09/2016 03:54:55] - |AD| - [27563446768] - C:\Program Files (x86)\NCSOFT [11/09/2016 03:33:24] - |D| - [27805142] - C:\Program Files (x86)\NCWest [04/10/2016 18:09:04] - |D| - [274426338] - C:\Program Files (x86)\Nexon [11/09/2016 03:35:29] - |D| - [86229849] - C:\Program Files (x86)\NVIDIA Corporation [25/09/2014 18:54:08] - |RD| - [3001258] - C:\Program Files (x86)\Online Services [24/11/2014 05:29:09] - |AD| - [44546533] - C:\Program Files (x86)\Realtek [13/08/2016 06:40:23] - |D| - [38450433] - C:\Program Files (x86)\Reference Assemblies [03/02/2017 08:51:53] - |D| - [84446586] - C:\Program Files (x86)\Rockstar Games [29/10/2016 00:37:39] - |RD| - [85321109] - C:\Program Files (x86)\Skype [06/10/2016 02:04:58] - |D| - [247553341637] - C:\Program Files (x86)\Steam [24/11/2014 05:30:12] - |HD| - [0] - C:\Program Files (x86)\Temp [27/01/2017 16:54:14] - |AD| - [51632343] - C:\Program Files (x86)\TomTom HOME 2 [21/01/2017 04:48:43] - |D| - [855769] - C:\Program Files (x86)\VulkanRT [24/11/2014 05:52:46] - |AD| - [306124990] - C:\Program Files (x86)\WildGames [24/11/2014 05:52:35] - |D| - [41997590] - C:\Program Files (x86)\WildTangent Games [16/07/2016 12:47:48] - |D| - [1941504] - C:\Program Files (x86)\Windows Defender [16/07/2016 12:47:48] - |D| - [5958656] - C:\Program Files (x86)\Windows Mail [16/07/2016 12:47:48] - |D| - [3275928] - C:\Program Files (x86)\Windows Media Player [16/07/2016 12:47:48] - |D| - [34128] - C:\Program Files (x86)\Windows Multimedia Platform [16/07/2016 12:47:48] - |D| - [7584962] - C:\Program Files (x86)\Windows NT [16/07/2016 12:47:48] - |D| - [5424832] - C:\Program Files (x86)\Windows Photo Viewer [16/07/2016 12:47:48] - |D| - [34128] - C:\Program Files (x86)\Windows Portable Devices [16/07/2016 12:47:48] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar [16/07/2016 12:47:48] - |D| - [3240833] - C:\Program Files (x86)\WindowsPowerShell ---------- | C:\Program Files [25/09/2014 18:53:21] - |AD| - [4990738] - C:\Program Files\7-Zip [13/08/2016 05:57:45] - |AD| - [344230540] - C:\Program Files\AMD [24/11/2014 05:26:20] - |D| - [45823] - C:\Program Files\ATI [24/11/2014 05:27:45] - |AD| - [5770570] - C:\Program Files\ATI Technologies [22/11/2015 00:38:48] - |D| - [1727654863] - C:\Program Files\AVAST Software [24/11/2014 05:40:16] - |AD| - [613987] - C:\Program Files\Bonjour [16/07/2016 07:04:24] - |D| - [122105632] - C:\Program Files\Common Files [24/11/2014 06:08:53] - |D| - [1402585637] - C:\Program Files\CyberLink [16/07/2016 12:47:50] - |ASH| - [174] - C:\Program Files\desktop.ini [21/01/2017 02:17:06] - |AD| - [19748147] - C:\Program Files\DriversCloud.com [20/11/2015 06:54:26] - |SHD| - [122105632] - C:\Program Files\Fichiers communs [22/11/2015 00:50:24] - |D| - [0] - C:\Program Files\Google [25/09/2014 18:48:43] - |D| - [3848048] - C:\Program Files\Hewlett-Packard [16/07/2016 12:47:47] - |D| - [2582366] - C:\Program Files\Internet Explorer [21/01/2017 04:37:27] - |D| - [62710039] - C:\Program Files\Logitech [13/08/2016 06:40:23] - |D| - [25757] - C:\Program Files\MSBuild [24/11/2014 05:43:18] - |RD| - [51998] - C:\Program Files\Online Services [13/08/2016 05:58:31] - |D| - [35217954] - C:\Program Files\Realtek [13/08/2016 06:40:23] - |D| - [36850857] - C:\Program Files\Reference Assemblies [03/02/2017 08:51:24] - |D| - [113316692] - C:\Program Files\Rockstar Games [20/10/2016 22:07:12] - |AD| - [15194768] - C:\Program Files\Speccy [13/08/2016 05:57:09] - |D| - [152999129] - C:\Program Files\Synaptics [21/08/2016 23:30:15] - |AD| - [183584949] - C:\Program Files\TeamSpeak 3 Client [22/08/2013 15:47:10] - |HD| - [0] - C:\Program Files\Uninstall Information [16/07/2016 12:47:47] - |RD| - [14913860] - C:\Program Files\Windows Defender [16/07/2016 12:47:47] - |D| - [6181888] - C:\Program Files\Windows Mail [16/07/2016 12:47:47] - |D| - [4989628] - C:\Program Files\Windows Media Player [16/07/2016 12:47:47] - |D| - [37784] - C:\Program Files\Windows Multimedia Platform [16/07/2016 12:47:47] - |D| - [7849154] - C:\Program Files\Windows NT [16/07/2016 12:47:47] - |D| - [6223552] - C:\Program Files\Windows Photo Viewer [16/07/2016 12:47:47] - |D| - [37784] - C:\Program Files\Windows Portable Devices [16/07/2016 12:47:47] - |SHD| - [0] - C:\Program Files\Windows Sidebar [16/07/2016 12:47:47] - |HD| - [2054070416] - C:\Program Files\WindowsApps [16/07/2016 12:47:47] - |D| - [3661506] - C:\Program Files\WindowsPowerShell ---------- | C:\Program Files (x86)\Common Files [24/11/2014 05:28:23] - |D| - [2350080] - C:\Program Files (x86)\Common Files\ATI Technologies [27/01/2017 16:49:12] - |D| - [987564] - C:\Program Files (x86)\Common Files\AV [21/01/2017 16:17:35] - |D| - [2930704] - C:\Program Files (x86)\Common Files\BattlEye [24/11/2014 06:01:15] - |D| - [96216] - C:\Program Files (x86)\Common Files\CyberLink [24/11/2014 05:30:08] - |D| - [2106564] - C:\Program Files (x86)\Common Files\InstallShield [22/02/2017 02:58:51] - |D| - [1941064] - C:\Program Files (x86)\Common Files\Java [16/07/2016 12:47:48] - |D| - [346699262] - C:\Program Files (x86)\Common Files\Microsoft Shared [24/11/2014 06:13:13] - |D| - [1488873] - C:\Program Files (x86)\Common Files\Nikon [16/07/2016 12:47:48] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [02/02/2017 23:01:03] - |AD| - [2574296] - C:\Program Files (x86)\Common Files\Skype [06/10/2016 02:05:01] - |D| - [3471936] - C:\Program Files (x86)\Common Files\Steam [16/07/2016 12:47:48] - |D| - [9639307] - C:\Program Files (x86)\Common Files\System [11/09/2016 03:33:54] - |D| - [28989952] - C:\Program Files (x86)\Common Files\Wise Installation Wizard ---------- | C:\Program Files\Common files [13/08/2016 05:57:46] - |D| - [36316472] - C:\Program Files\Common files\ATI Technologies [27/01/2017 16:49:12] - |D| - [987564] - C:\Program Files\Common files\AV [11/09/2016 04:58:50] - |D| - [0] - C:\Program Files\Common files\INCA Shared [21/01/2017 04:36:41] - |D| - [35733527] - C:\Program Files\Common files\LogiShrd [24/11/2014 06:03:00] - |D| - [49808] - C:\Program Files\Common files\McAfee [16/07/2016 12:47:47] - |D| - [38769532] - C:\Program Files\Common files\microsoft shared [16/07/2016 12:47:47] - |D| - [2702] - C:\Program Files\Common files\Services [16/07/2016 12:47:47] - |D| - [10246027] - C:\Program Files\Common files\System ---------- | Tasks [MD5.DD770B1C3CEA7D60EBBB8843F93073A1] - [16/01/2017 20:27:32] - |A| - [1064] - C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job [MD5.491A2387E4D6BF62B1A99C82C64E22F7] - [18/02/2017 06:53:36] - |A| - [1002] - C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [MD5.CE4694A954EEA9A4B7E70B32BB2EAB53] - [20/06/2016 01:06:46] - |A| - [362] - C:\WINDOWS\Tasks\HPCeeScheduleForphilippe.job [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [13/08/2016 06:21:08] - |AH| - [6] - C:\WINDOWS\Tasks\SA.DAT [MD5.EE6FA401D321BE32F6A1C23A29236256] - [16/01/2017 20:27:32] - |A| - [4204] - C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier : C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_221_pepper.exe [MD5.972A62CD3BAC0C3C2D38F44901B839CF] - [18/02/2017 06:53:36] - |A| - [3978] - C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater : C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [MD5.086E8CEF78C7419A1EDE8F0C258013C2] - [16/02/2017 19:30:20] - |A| - [3994] - C:\WINDOWS\System32\Tasks\Avast Emergency Update : C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [MD5.00000000000000000000000000000000] - [27/01/2017 16:49:12] - |D| - [3968] - C:\WINDOWS\System32\Tasks\AVAST Software [MD5.BC04D10B46FB920CF1A46187E99CAB19] - [13/08/2016 06:21:05] - |A| - [3388] - C:\WINDOWS\System32\Tasks\GlaryInitialize 5 : C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [MD5.985A3F8383CD8F9B474348773F9C170F] - [13/08/2016 06:21:05] - |A| - [3462] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.40439FE8F6CA423F363648108D760D3F] - [13/08/2016 06:21:05] - |A| - [3586] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.D4DD009B7AE048561839CCC9FA40AD8A] - [13/08/2016 06:21:05] - |A| - [3034] - C:\WINDOWS\System32\Tasks\GU5SkipUAC : C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [MD5.00000000000000000000000000000000] - [13/08/2016 06:21:05] - |D| - [30122] - C:\WINDOWS\System32\Tasks\Hewlett-Packard [MD5.00000000000000000000000000000000] - [13/08/2016 06:21:05] - |D| - [0] - C:\WINDOWS\System32\Tasks\McAfee [MD5.00000000000000000000000000000000] - [16/07/2016 12:47:48] - |D| - [517488] - C:\WINDOWS\System32\Tasks\Microsoft [MD5.8D3728E387629A9A8E35197C27D20E1C] - [16/12/2016 03:31:03] - |A| - [3282] - C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.6903E78E42C66D0C0DC683485B1048A9] - [13/08/2016 06:21:08] - |A| - [3594] - C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1403104675-1344878854-632344657-500 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.E4693A8BFA044290B4A7A04FFDEACCB8] - [13/08/2016 06:21:08] - |A| - [3592] - C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3955858502-164173220-955024353-500 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.884B9F3C5313448CE02E1270EE693E90] - [13/08/2016 06:21:08] - |A| - [2812] - C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4158283954-3335988523-2550848084-1002 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.AFFA325D82C54E065986C0ECC1E412B8] - [13/08/2016 06:21:08] - |A| - [2320] - C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4158283954-3335988523-2550848084-500 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.4DF277458470F2790BA272D81AC6A326] - [13/08/2016 06:21:08] - |A| - [3594] - C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-812815799-3560778303-1573595520-500 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.FD4D33E46893F00AC36CB39C47FA138E] - [13/08/2016 06:21:08] - |A| - [4034] - C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1464953820 : C:\Program Files\AVAST Software\SZBrowser\launcher.exe [MD5.21A8AD4B8ACA828DAE6B7B46371831DC] - [23/08/2016 21:30:23] - |A| - [3498] - C:\WINDOWS\System32\Tasks\SoftwareUpdate Pro : C:\Program Files (x86)\Glarysoft\Software Update Pro\SoftwareUpdatePro.exe [MD5.EE0FBCAB1EBD4284B0A421757B1F6BD0] - [22/02/2017 03:45:41] - |A| - [3160] - C:\WINDOWS\System32\Tasks\StartCN : "C:\Program Files\AMD\CNext\CNext\cncmd.exe" [MD5.EA4A30F5DABA72ACFECFAE4993E6E2DA] - [13/08/2016 06:21:08] - |A| - [3312] - C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7ED30738-C739-41C3-BF46-1163649FFDBF} : C:\WINDOWS\system32\msfeedssync.exe [MD5.00000000000000000000000000000000] - [13/08/2016 06:21:31] - |D| - [0] - C:\WINDOWS\System32\Tasks\WPD [MD5.E0AECA9315CBEF05B3D88E6106A8A829] - [13/08/2016 06:21:08] - |A| - [2346] - C:\WINDOWS\System32\Tasks\YCMServiceAgent : C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [MD5.03C0A19D476C86A43BF441C7ACC8B587] - [29/10/2016 00:37:10] - |A| - [3164] - C:\WINDOWS\System32\Tasks\{37A884F3-E5E2-4313-A212-7CA1962F6115} : "c:\program files (x86)\google\chrome\application\chrome.exe" [MD5.00000000000000000000000000000000] - [16/07/2016 12:47:48] - |D| - [0] - C:\WINDOWS\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "Wininit-Shutdown-In-Rule-TCP-RPC"=v2.26|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%systemroot%\system32\wininit.exe|Name=@firewallapi.dll,-36753|Desc=@firewallapi.dll,-36754|EmbedCtxt=@firewallapi.dll,-36751| "Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper"=v2.26|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC-EPMap|App=%systemroot%\system32\wininit.exe|Name=@firewallapi.dll,-36755|Desc=@firewallapi.dll,-36756|EmbedCtxt=@firewallapi.dll,-36751| "Netlogon-NamedPipe-In"=v2.26|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "Netlogon-TCP-RPC-In"=v2.26|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010| "WirelessDisplay-In-TCP"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-UDP"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Infra-In-TCP"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|LPort=7250|App=%systemroot%\system32\CastSrv.exe|Name=@wifidisplay.dll,-10206|Desc=@wifidisplay.dll,-10207|EmbedCtxt=@wifidisplay.dll,-100| "MDNS-In-UDP"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort2_24=mDNS|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@%SystemRoot%\system32\firewallapi.dll,-37303|Desc=@%SystemRoot%\system32\firewallapi.dll,-37304|EmbedCtxt=@%SystemRoot%\system32\firewallapi.dll,-37302| "MDNS-Out-UDP"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|LPort=5353|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@%SystemRoot%\system32\firewallapi.dll,-37305|Desc=@%SystemRoot%\system32\firewallapi.dll,-37306|EmbedCtxt=@%SystemRoot%\system32\firewallapi.dll,-37302| "{A766D6CB-E6CB-4C78-AEF1-732638135C83}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files (x86)\infernum\DragonsProphet\dp_x64.exe|Name=Dragon_Client_x64| "{331FBB55-7472-4ECC-90B5-A0AECD8D21E3}"=v2.25|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\infernum\DragonsProphet\dp_x64.exe|Name=Dragon_Client_x64| "{875391EC-4C04-44F4-8C79-66FFCE4FDA6E}"=v2.25|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\infernum\DragonsProphet\dp_x86.exe|Name=Dragon_Client_x86| "{140C3425-F005-4BA5-B487-8249159BB5C2}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Private|App=C:\Program Files (x86)\infernum\DragonsProphet\launcher.exe|Name=Dragon_PatchLauncher|Edge=TRUE|Defer=App| "{A5A1A7B6-B5A2-4493-8C78-CF8EE8DAB236}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files (x86)\infernum\DragonsProphet\dp_x86.exe|Name=Dragon_Client_x86| "{4765B308-107E-4E6B-B816-280E356AD057}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Private|App=C:\Program Files (x86)\infernum\DragonsProphet\launcher.exe|Name=Dragon_PatchLauncher| "UDP Query User{1089418A-BF21-4CD1-B91A-CF6DF1006962}C:\program files (x86)\infernum\dragonsprophet\launcher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\infernum\dragonsprophet\launcher.exe|Name=Dragon's Prophet|Desc=Dragon's Prophet|Edge=TRUE|Defer=App| "TCP Query User{0A46B0C9-D74D-4FD6-9053-C050F8F4CA37}C:\program files (x86)\infernum\dragonsprophet\launcher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\infernum\dragonsprophet\launcher.exe|Name=Dragon's Prophet|Desc=Dragon's Prophet|Edge=TRUE|Defer=App| "{7BC17E3A-D692-4F28-ACEA-59FC3E58286A}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|App=C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe|Name=HD-OBS| "{487B7AC0-4461-4637-9080-46D3FC4C48B6}"=v2.25|Action=Allow|Active=TRUE|Dir=In|App=C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe|Name=HD-OBS| "{028AC457-736D-454B-A8C7-315253D80091}"=v2.25|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe|Name=HP Device Detection| "{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=SonicWALL.MobileConnect|Desc=SonicWALL.MobileConnect|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-1141404472-3582312691-3771565717-2155153689-4284170330-1053580937-782359393|EmbedCtxt=SonicWALL.MobileConnect|Platform=2:6:2|Platform2=GTEQ| "{560448D6-095C-4907-B046-AC7F710701A7}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=SonicWALL.MobileConnect|Desc=SonicWALL.MobileConnect|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-1141404472-3582312691-3771565717-2155153689-4284170330-1053580937-782359393|EmbedCtxt=SonicWALL.MobileConnect|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{D6980480-941A-4DF6-AB81-3734ECD3D779}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=JuniperNetworks.JunosPulseVpn|Desc=JuniperNetworks.JunosPulseVpn|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-413786399-3497379642-531169432-1175633435-3083429259-2317590812-1892764672|EmbedCtxt=JuniperNetworks.JunosPulseVpn|Platform=2:6:2|Platform2=GTEQ| "{EC799E33-72BA-42D7-9127-DEFE68F9799D}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=JuniperNetworks.JunosPulseVpn|Desc=JuniperNetworks.JunosPulseVpn|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-413786399-3497379642-531169432-1175633435-3083429259-2317590812-1892764672|EmbedCtxt=JuniperNetworks.JunosPulseVpn|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{F64300AD-D559-4000-BD45-0997BCC8E70A}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=f5.vpn.client|Desc=f5.vpn.client|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3873129616-3864902477-3117653462-838095904-2337665935-1018217662-2152729480|EmbedCtxt=f5.vpn.client|Platform=2:6:2|Platform2=GTEQ| "{F77E5446-4378-4E99-8B7A-7061AAAEA193}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=f5.vpn.client|Desc=f5.vpn.client|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3873129616-3864902477-3117653462-838095904-2337665935-1018217662-2152729480|EmbedCtxt=f5.vpn.client|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{9E3D57FC-7C37-4424-9352-4831E97D029D}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Desc=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/Description}|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-2608634532-1453884237-1118350049-1925931850-670756941-1603938316-3764965493|EmbedCtxt=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Desc=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/Description}|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-2608634532-1453884237-1118350049-1925931850-670756941-1603938316-3764965493|EmbedCtxt=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=CheckPoint.VPN|Desc=CheckPoint.VPN|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3676279713-3632409675-756843784-3388909659-2454753834-4233625902-1413163418|EmbedCtxt=CheckPoint.VPN|Platform=2:6:2|Platform2=GTEQ| "{4282FE99-8560-4BC7-9576-5F3ED84E263F}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=CheckPoint.VPN|Desc=CheckPoint.VPN|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3676279713-3632409675-756843784-3388909659-2454753834-4233625902-1413163418|EmbedCtxt=CheckPoint.VPN|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{3C911C42-57DD-4F9D-AC8D-F6141FA96D5A}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-4158283954-3335988523-2550848084-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{B8C3ED31-D934-496C-BFD7-F59266D62388}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{B2F779D6-9AD9-4697-BC5D-82D70FC6E3F8}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{9C16C365-B48C-48C3-AA95-5D80EADD8D75}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{DDE209C1-5B96-4ED2-A5F0-EAC89532E004}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{7C616E08-114E-4C25-9B91-C99B78CE26E2}"=v2.22|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe|Name=CyberLink PowerDVD12|Desc=CyberLink PowerDVD12| "{1146B8C0-C99B-4640-BC4D-67EE47A8C33E}"=v2.22|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe|Name=CyberLink PowerDVD 12 DMREngine|Desc=CyberLink PowerDVD 12 DMREngine| "{D4D82C67-1C96-44E2-A4B5-30E930657F3E}"=v2.22|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe|Name=CyberLink PowerDVD 12 Media Server Service|Desc=CyberLink Media Server| "{E0321541-0591-4515-890B-087652C21934}"=v2.22|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe|Name=CyberLink PowerDVD12 Agent|Desc=CyberLink PowerDVD12 Agent| "{E2FB8530-3169-469E-BF09-1A47CE3E7467}"=v2.22|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe|Name=CyberLink PowerDVD12 Moovie Live|Desc=CyberLink PowerDVD12 Moovie Live| "{B4CD341A-AAD3-429F-AFCD-C7560285242D}"=v2.22|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe|Name=CyberLink PowerDVD12 Movie Module|Desc=CyberLink PowerDVD12 Movie Module| "{A5405ED8-8D8C-4995-BB66-DDD2476B31BC}"=v2.22|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE|Name=CyberLink PowerDirector|Desc=CyberLink PowerDirector| "{A3039B84-FDCF-415D-8ADD-DA720FE61200}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-18|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{5A074A90-E32F-4B79-953B-A67F8EB4C0B0}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=- Games App -|Desc=- Games App -|LUOwn=S-1-5-21-4158283954-3335988523-2550848084-1002|AppPkgId=S-1-15-2-54699281-1271618622-4162202136-1802718980-1937042405-523788449-2466384431|EmbedCtxt=- Games App -|Platform=2:6:2|Platform2=GTEQ| "{9E821168-D81F-43C0-8966-F8DC779F295E}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=The Weather Channel for HP|Desc=The Weather Channel for HP|LUOwn=S-1-5-21-4158283954-3335988523-2550848084-1002|AppPkgId=S-1-15-2-3014757049-742287530-3276480123-522130234-1319332414-1864015498-1940810061|EmbedCtxt=The Weather Channel for HP|Platform=2:6:2|Platform2=GTEQ| "{974A73A3-4C45-4C65-B0F2-F500743F6D7C}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=HP Registration|Desc=HP_Registration|LUOwn=S-1-5-21-4158283954-3335988523-2550848084-1002|AppPkgId=S-1-15-2-2378861296-2015544789-3629328051-2316572820-2405720470-604034908-561769599|EmbedCtxt=HP Registration|Platform=2:6:2|Platform2=GTEQ| "{BE9476D4-8F80-4EE5-BB2B-D6A20E1F0850}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Snapfish|Desc=Snapfish|LUOwn=S-1-5-21-4158283954-3335988523-2550848084-1002|AppPkgId=S-1-15-2-24713430-3312609791-1953074073-2220766950-192704244-1768595957-3502366569|EmbedCtxt=Snapfish|Platform=2:6:2|Platform2=GTEQ| "{2B93062E-2888-4534-B081-664B390AC3EF}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=HP Connected Music|Desc=HP Connected Music|LUOwn=S-1-5-21-4158283954-3335988523-2550848084-1002|AppPkgId=S-1-15-2-3494391362-645846966-2664288422-1104730290-679965363-4273658097-3560940607|EmbedCtxt=HP Connected Music|Platform=2:6:2|Platform2=GTEQ| "{83F47230-20D0-4897-A23D-F7FA5BA75D7B}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6?ms-resource://AD2F1837.GettingStartedwithWindows8/resources/id_app_title}|Desc=@{AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6?ms-resource://AD2F1837.GettingStartedwithWindows8/resources/id_app_title}|LUOwn=S-1-5-21-4158283954-3335988523-2550848084-1002|AppPkgId=S-1-15-2-1896734660-1176741147-3560790752-1583426572-2102545463-3029068088-1728687620|EmbedCtxt=@{AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6?ms-resource://AD2F1837.GettingStartedwithWindows8/resources/id_app_title}|Platform=2:6:2|Platform2=GTEQ| "{FBFAB2E0-F77E-4DF6-AC53-23CD34B4CB5E}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6?ms-resource://AD2F1837.GettingStartedwithWindows8/resources/id_app_title}|Desc=@{AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6?ms-resource://AD2F1837.GettingStartedwithWindows8/resources/id_app_title}|LUOwn=S-1-5-21-4158283954-3335988523-2550848084-1002|AppPkgId=S-1-15-2-1896734660-1176741147-3560790752-1583426572-2102545463-3029068088-1728687620|EmbedCtxt=@{AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6?ms-resource://AD2F1837.GettingStartedwithWindows8/resources/id_app_title}|Platform=2:6:2|Platform2=GTEQ| "DeliveryOptimization-TCP-In"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "DeliveryOptimization-UDP-In"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "TCP Query User{CCEB554A-1C99-4097-B6B1-92F8008CC0FA}C:\program files (x86)\glarysoft\software update pro\softwareupdatepro.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\glarysoft\software update pro\softwareupdatepro.exe|Name=Glary SoftwareUpdatePro|Desc=Glary SoftwareUpdatePro|Defer=User| "UDP Query User{FD5DF37F-BFE7-479E-812B-BE4FF80D9F84}C:\program files (x86)\glarysoft\software update pro\softwareupdatepro.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\glarysoft\software update pro\softwareupdatepro.exe|Name=Glary SoftwareUpdatePro|Desc=Glary SoftwareUpdatePro|Defer=User| "TCP Query User{69B65A9A-A1DF-4055-8D75-CE3239F717C4}C:\program files (x86)\dragonsprophet\launcher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\program files (x86)\dragonsprophet\launcher.exe|Name=Dragon's Prophet|Desc=Dragon's Prophet|Defer=User| "UDP Query User{DEEFE30F-7740-4AD9-964D-5AD7BA5E3381}C:\program files (x86)\dragonsprophet\launcher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\program files (x86)\dragonsprophet\launcher.exe|Name=Dragon's Prophet|Desc=Dragon's Prophet|Defer=User| "{3C786288-8E63-4DBF-BD16-5B5BBF7D46A6}"=v2.26|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\DragonsProphet\launcher.exe|Name=Dragon_PatchLauncher| "{55F53EE1-F698-4F1A-A3DC-FF8F289C0C9E}"=v2.26|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\DragonsProphet\dp_x86.exe|Name=Dragon_Client_x86| "{C5EEA367-3763-414B-A550-B8FCE4404C2F}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files (x86)\DragonsProphet\dp_x86.exe|Name=Dragon_Client_x86| "{D978B51A-A8EE-41A6-87BE-44BEEE0F2B35}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files (x86)\DragonsProphet\dp_x64.exe|Name=Dragon_Client_x64| "{0F25404A-B933-4615-8541-8AC698CACE43}"=v2.26|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\DragonsProphet\dp_x64.exe|Name=Dragon_Client_x64| "{071BF868-7B84-4DF7-BA70-BA82A6A61348}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files (x86)\DragonsProphet\launcher.exe|Name=Dragon_PatchLauncher| "TCP Query User{0A6A7D80-3147-4B64-824E-77DC9736D8B3}C:\program files (x86)\hearthstone\hearthstone.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\program files (x86)\hearthstone\hearthstone.exe|Name=hearthstone|Desc=hearthstone|Defer=User| "UDP Query User{7E2C3417-42E2-4A96-9239-7C83E311FA05}C:\program files (x86)\hearthstone\hearthstone.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\program files (x86)\hearthstone\hearthstone.exe|Name=hearthstone|Desc=hearthstone|Defer=User| "{F8D4A156-CDDC-4EB9-8A87-F07F5EEF91D5}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Store Purchase App|Desc=Store Purchase App|LUOwn=S-1-5-21-4158283954-3335988523-2550848084-1002|AppPkgId=S-1-15-2-2246242352-370130666-2593524754-1827188282-2313440240-2317694540-2761805292|EmbedCtxt=Store Purchase App|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{8864F998-8CDF-43BA-906F-08F9626D637E}C:\nexon\library\icarus\appdata\bin64\launcher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\nexon\library\icarus\appdata\bin64\launcher.exe|Name=launcher|Desc=launcher|Defer=User| "UDP Query User{62DC2D3C-A415-4335-9835-8A599E5588BA}C:\nexon\library\icarus\appdata\bin64\launcher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\nexon\library\icarus\appdata\bin64\launcher.exe|Name=launcher|Desc=launcher|Defer=User| "{99C87C03-F180-4568-B8A9-2CAC68A39724}"=v2.26|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Skype\Phone\Skype.exe|Name=Skype| "{AB053919-4CD7-4D17-A9E8-3806F70B3E8F}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Hearts Deluxe|Desc=Hearts Deluxe|LUOwn=S-1-5-21-4158283954-3335988523-2550848084-1002|AppPkgId=S-1-15-2-2167080689-2217557058-3789213989-3372864171-2373855141-1050472941-3297162624|EmbedCtxt=Hearts Deluxe|Platform=2:6:2|Platform2=GTEQ| "{4778655B-405F-47AD-94A0-3D42CAEBB741}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=TripAdvisor Hotels Flights Restaurants|Desc=TripAdvisor Hotels Flights Restaurants|LUOwn=S-1-5-21-4158283954-3335988523-2550848084-1002|AppPkgId=S-1-15-2-3043548224-2235967549-1382791125-3168413616-1702302935-4247438294-2497735402|EmbedCtxt=TripAdvisor Hotels Flights Restaurants|Platform=2:6:2|Platform2=GTEQ| "{977A9C26-7D48-432E-B1C7-B462DE1C1302}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Mahjong|Desc=Microsoft Mahjong|LUOwn=S-1-5-21-4158283954-3335988523-2550848084-1002|AppPkgId=S-1-15-2-2481395877-3904904754-2872837976-1880937080-3242436791-3293372984-3327460953|EmbedCtxt=Microsoft Mahjong|Platform=2:6:2|Platform2=GTEQ| "{168F1E09-09A1-435D-B992-9B04769B62A3}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Mahjong|Desc=Microsoft Mahjong|LUOwn=S-1-5-21-4158283954-3335988523-2550848084-1002|AppPkgId=S-1-15-2-2481395877-3904904754-2872837976-1880937080-3242436791-3293372984-3327460953|EmbedCtxt=Microsoft Mahjong|Platform=2:6:2|Platform2=GTEQ| "{568C5FC3-7C08-4083-8A3E-49021D3F499D}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\DriversCloud.com\DriversCloud.exe|Name=DriversCloud| "{B9AD3AA9-B517-4443-B58E-D2AD3479F784}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\DriversCloud.com\DriversCloud.exe|Name=DriversCloud| "TCP Query User{9673DE7A-6621-4FD0-A9F2-CE8785778EBA}C:\program files (x86)\steam\steamapps\common\newz\thenewz.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\steam\steamapps\common\newz\thenewz.exe|Name=thenewz|Desc=thenewz| "UDP Query User{51DF94C8-CEFE-40E3-8098-E9BD86090F2E}C:\program files (x86)\steam\steamapps\common\newz\thenewz.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\steam\steamapps\common\newz\thenewz.exe|Name=thenewz|Desc=thenewz| "TCP Query User{B1A5E4F0-8DE3-4C17-8C50-FF6B8F033B28}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe|Name=Grand Theft Auto V|Desc=Grand Theft Auto V|Defer=User| "UDP Query User{F52908AD-360D-4C0A-80E7-78757894A6D2}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe|Name=Grand Theft Auto V|Desc=Grand Theft Auto V|Defer=User| "{7467F56A-D830-4596-B55B-83A56648EF56}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome| "{F3A09D65-03FB-4DD3-B2DB-48E1F4C991FF}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-4158283954-3335988523-2550848084-1002|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ| "{1BB11F90-7318-46B8-B311-BCB57846D5BD}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-4158283954-3335988523-2550848084-1002|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{5CB14EF6-8EAB-479B-B9B7-EEA435096F7F}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-4158283954-3335988523-2550848084-1002|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ| "{CF81D54D-2B52-4693-907B-ACBD3A8A57D7}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-4158283954-3335988523-2550848084-1002|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{B5626790-7B98-42FE-A92F-DBF28DC786D1}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-4158283954-3335988523-2550848084-1002|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{6E17A99C-FFC6-4B22-8C33-407441151DD7}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-4158283954-3335988523-2550848084-1002|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{8EC60258-4D0B-44D5-9E44-30B8A1435F7B}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-4158283954-3335988523-2550848084-1002|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ| "{84D64A1F-20F1-4F1A-A998-535C0B62B436}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-4158283954-3335988523-2550848084-1002|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{D4AC900C-5BAF-4F4C-8C15-88D1B76A2BB0}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561\SZBrowser.exe|Name=Opera Internet Browser (mDNS-In)|Desc=Inbound rule to allow mDNS traffic.|EmbedCtxt=Opera Internet Browser| "{86D678B9-7C7E-4FA6-B4F4-AB13B10EF9B7}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Heroes & Generals\live\hng.exe|Name=Heroes & Generals| "{F50D4B38-632D-4362-B029-949862708F0B}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Heroes & Generals\live\hng.exe|Name=Heroes & Generals| "{43EEEDD3-86CE-44A0-9611-0A2A6EAF4A1B}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-4158283954-3335988523-2550848084-1002|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{DDD07F43-72A9-424D-A348-4B22FEAC57B5}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-4158283954-3335988523-2550848084-1002|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{5483B206-FDB9-441B-B179-1F8D1A8F1C87}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-4158283954-3335988523-2550848084-1002|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{6133AD6F-6912-45C8-BCCA-8E236784807D}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-4158283954-3335988523-2550848084-1002|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{622B5549-22F0-4570-9ECE-542BC7DBB7B7}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Twitter|Desc=Twitter|LUOwn=S-1-5-21-4158283954-3335988523-2550848084-1002|AppPkgId=S-1-15-2-1063257880-1914585122-1954150059-946145533-116938067-416079064-1690466945|EmbedCtxt=Twitter|Platform=2:6:2|Platform2=GTEQ| "{113F9974-C6D3-4F07-A2CC-0C4B61F45718}"=v2.26|Action=Allow|Active=TRUE|Dir=In|App=C:\Games\World_of_Warships\WoWSLauncher.exe|Name=World of Warships_Launcher in|Desc=|EmbedCtxt=World of Warships| "{7306A573-9EF2-44BC-BEBA-F713D92F00F5}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|App=C:\Games\World_of_Warships\WoWSLauncher.exe|Name=World of Warships_Launcher out|Desc=|EmbedCtxt=World of Warships| "{70353192-AD36-47E7-8958-A3F1FF951F6C}"=v2.26|Action=Allow|Active=TRUE|Dir=In|App=C:\Games\World_of_Warships\worldofwarships.exe|Name=World of Warships in|Desc=|EmbedCtxt=World of Warships| "{2CA53FCC-4D8B-4D1D-B897-1034A711A96D}"=v2.26|Action=Allow|Active=TRUE|Dir=Out|App=C:\Games\World_of_Warships\worldofwarships.exe|Name=World of Warships out|Desc=|EmbedCtxt=World of Warships| ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{03F52937-1FD6-44FB-82C6-FE988F1B1D61}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{04A83FC2-2AE2-4C88-B45F-E9707B377636}] : (aswHwid) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{24A0C840-2C3D-4410-8236-8B40816C7B90}] : (aswVmm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (Security Accelerator) [] -> @c_sslaccel.inf,%ClassName%;Security accelerators [HKLM\SYSTEM\CurrentControlSet\Control\Class\{281922b1-a910-451e-adb1-0b5567f1edb1}] : (BTDFU) [] -> @oem34.inf,%BTWClassName%;Périphériques Bluetooth [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2db15374-706e-4131-a0c7-d7c78eb0289a}] : (SystemRecovery) [] -> @c_fssystemrecovery.inf,%ClassDesc%;FS System recovery filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3e3f0674-c83c-4558-bb26-9820e1eba5c5}] : (ContentScreener) [] -> @c_fscontentscreener.inf,%ClassDesc%;FS Content screener filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @c_mcx.inf,%ClassDesc%;Media Center Extenders [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48d3ebc4-4cf8-48ff-b869-9c68ad42eb9f}] : (Replication) [] -> @c_fsreplication.inf,%ClassDesc%;FS Replication filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @c_diskdrive.inf,%ClassDesc%;Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @%SystemRoot%\System32\DispCI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (FDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (HDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @%SystemRoot%\System32\mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{522119B9-1B9A-498A-AC52-148B533EFD50}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53966cb1-4d46-4166-bf23-c522403cd495}] : (ScmDisk) [] -> @c_scmdisk.inf,%ClassDesc%;Persistent memory disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53ccb149-e543-4c84-b6e0-bce4f6b7e806}] : (ScmVolume) [] -> @c_scmvolume.inf,%ClassDesc%;Storage Class Memory volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5989fce8-9cd0-467d-8a6a-5419e31529d4}] : (AudioProcessingObject) [] -> @c_apo.inf,%ClassDesc%;Audio Processing Objects (APOs) [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5c4c3332-344d-483c-8739-259e934c9cc8}] : (SoftwareComponent) [] -> @c_swcomponent.inf,%ClassDesc%;Software components [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5d1b9aaa-01e2-46af-849f-272b3f324c46}] : (FSFilterSystem) [] -> @c_fssystem.inf,%ClassDesc%;FS System filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6880337A-1EB4-4EF2-9659-0FD2EC60CB1B}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6a0a8e78-bba6-4fc4-a709-1e33cd09d67e}] : (PhysicalQuotaManagement) [] -> @c_fsphysicalquotamgmt.inf,%ClassDesc%;FS Physical quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @c_volume.inf,%ClassDesc%;Storage volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71aa14f8-6fad-4622-ad77-92bb9d7e6947}] : (ContinuousBackup) [] -> @c_fscontinuousbackup.inf,%ClassDesc%;FS Continuous backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{81C87465-DE07-4EFC-9D93-61E891D52FD2}] : (RdpVideoMiniport) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8496e87e-c0a1-4102-9d8d-bd9a9b8b07a9}] : (WDC_SAM) [] -> @oem27.inf,%WDC_SAM_ClassName%;WD Drive Management devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8503c911-a6c7-4919-8f79-5028f5866b0c}] : (QuotaManagement) [] -> @c_fsquotamgmt.inf,%ClassDesc%;FS Quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87C077B2-3D3B-4156-938A-EA51B451D6C6}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{89786ff1-9c12-402f-9c9e-17753c7f4375}] : (CopyProtection) [] -> @c_fscopyprotection.inf,%ClassDesc%;FS Copy protection filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8AE85550-832C-4A9B-81BB-2A49DBEE72B4}] : (aswRvrt) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9d6d66a6-0b0c-4563-9077-a0e9a7955ae4}] : (Ramdisk) [] -> @ramdisk.inf,%ClassName%;RAM Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a701c0-a511-42ff-aa6c-06dc0395576f}] : (Encryption) [] -> @c_fsencryption.inf,%ClassDesc%;FS Encryption filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b1d1a169-c54f-4379-81db-bee7d88d7454}] : (AntiVirus) [] -> @c_fsantivirus.inf,%ClassDesc%;FS Anti-virus filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b86dff51-a31e-4bac-b3cf-e8cfe75c9fc2}] : (ActivityMonitor) [] -> @c_fsactivitymonitor.inf,%ClassDesc%;FS Activity monitor filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C4A06E97-ED42-47B9-83E1-F12299B286A5}] : (aswRdr) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{cdcf0939-b75b-4630-bf76-80f7ba655884}] : (CFSMetadataServer) [] -> @c_fscfsmetadataserver.inf,%ClassDesc%;FS CFS metadata server filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d02bc3da-0c8e-4945-9bd5-f1883c226c8c}] : (SecurityEnhancer) [] -> @c_fssecurityenhancer.inf,%ClassDesc%;FS Security enhancer filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d41dd63a-1395-4419-ae14-a534f5f2ad29}] : (DriverInterface) [] -> DriverInterface [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d546500a-2aeb-45f6-9482-f4b1799c3177}] : (HSM) [] -> @c_fshsm.inf,%ClassDesc%;FS HSM filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{DA89094D-4B35-4D92-ABF3-9808A44B6E59}] : (LMouFilt) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E004269C-D387-4461-B955-25A64CFE23CE}] : (amdkmdag) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e55fa6f9-128c-4d04-abab-630c74b1453a}] : (Infrastructure) [] -> @c_fsinfrastructure.inf,%ClassDesc%;FS Infrastructure filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f3586baf-b5aa-49b5-8d6c-0569284c639f}] : (Compression) [] -> @c_fscompression.inf,%ClassDesc%;FS Compression filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f75a86c0-10d8-4c3a-b233-ed60e4cdfaac}] : (Virtualization) [] -> @c_fsvirtualization.inf,%ClassDesc%;FS Virtualization filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f8ecafa6-66d1-41a5-899b-66585d7216b7}] : (OpenFileBackup) [] -> @c_fsopenfilebackup.inf,%ClassDesc%;FS Open file backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{FB58BE68-EA9E-4803-847F-2CE814E7B159}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{fe8f1572-c67a-48c0-bbac-0b5c6d66cafb}] : (Undelete) [] -> @c_fsundelete.inf,%ClassDesc%;FS Undelete filters [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [23/07/2013 11:28:56] - (6.0.5.1) - (Hewlett-Packard - HP Disk Filter - SATA/RAID) - C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [23/11/2015 04:04:37] - (1.1.0.263) - (Glarysoft Ltd - The driver for the Startup Manager tool) - C:\WINDOWS\System32\drivers\GUBootStartup.sys [24/11/2014 06:01:17] - (1.0.0.3512) - (CyberLink - It is a virtual device driver which could create multiple virtual devices and mount image files.) - C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [09/12/2015 08:34:14] - (19.2.4.10) - (Synaptics Incorporated - Synaptics Touchpad Win64 Driver) - C:\WINDOWS\system32\DRIVERS\SynTP.sys [22/07/2013 16:45:58] - (1.0.6.1) - (Hewlett-Packard Development Company, L.P. - HP Wireless Button Driver) - C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [23/11/2015 04:02:37] - (19.2.4.10) - (Synaptics Incorporated - Synaptics SMBus Driver) - C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [23/07/2013 11:28:56] - (6.0.5.1) - (Hewlett-Packard - HP Accelerometer) - C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [24/11/2014 05:52:01] - (1.0.27893.6128) - (CyberLink Corporation - CyberLink WebCam Virtual Driver) - C:\WINDOWS\system32\DRIVERS\clwvd.sys [08/11/2016 22:19:08] - (5.1.2.250) - (Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver) - C:\WINDOWS\System32\ATMFD.DLL ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service S0 - [Kernel Driver] - 3ware () -> System32\drivers\3ware.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ADP80XX () -> System32\drivers\ADP80XX.SYS - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdkmafd (@oem45.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter) -> System32\drivers\amdkmafd.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - amdkmpfd (@oem20.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter) -> System32\drivers\amdkmpfd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - amdpsp (@oem26.inf,%amdpsp.SVCDESC%;AMD PSP Service) -> system32\DRIVERS\amdpsp.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - amdsata () -> System32\drivers\amdsata.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - amdsbs () -> System32\drivers\amdsbs.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - amdxata () -> System32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;QLogic Network Adapter VBD) -> System32\drivers\bxvbda.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - disk (@disk.inf,%disk_ServiceDesc%;Disk Driver) -> System32\drivers\disk.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ebdrv (@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD) -> System32\drivers\evbda.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - EhStorTcgDrv (@EhStorTcgDrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys - AcceptPause: False - AcceptStop: False R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - hpdskflt (@oem9.inf,%service_desc%;HP Filter) -> system32\DRIVERS\hpdskflt.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - HpSAMD () -> System32\drivers\HpSAMD.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iaStorAV (@iastorav.inf,%iaStorAV.DeviceDesc%;Intel(R) SATA RAID Controller Windows) -> System32\drivers\iaStorAV.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - intelide () -> System32\drivers\intelide.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - iorate (@%SystemRoot%\system32\drivers\iorate.sys,-100) -> system32\drivers\iorate.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - isapnp () -> System32\drivers\isapnp.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - LSI_SAS () -> System32\drivers\lsi_sas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS2i () -> System32\drivers\lsi_sas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS3i () -> System32\drivers\lsi_sas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SSS () -> System32\drivers\lsi_sss.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas () -> System32\drivers\megasas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas2i () -> System32\drivers\MegaSas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasr () -> System32\drivers\megasr.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msisadrv () -> System32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - mvumis () -> System32\drivers\mvumis.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - nvraid () -> System32\drivers\nvraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - nvstor () -> System32\drivers\nvstor.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pci (@pci.inf,%pci_svcdesc%;Pilote de bus PCI) -> System32\drivers\pci.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - pciide () -> System32\drivers\pciide.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - pcmcia () -> System32\drivers\pcmcia.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - percsas2i () -> System32\drivers\percsas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - percsas3i () -> System32\drivers\percsas3i.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - scmbus (@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver) -> System32\drivers\scmbus.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SiSRaid2 () -> System32\drivers\SiSRaid2.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SiSRaid4 () -> System32\drivers\sisraid4.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - stexstor () -> System32\drivers\stexstor.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storflt (@wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator) -> System32\drivers\vmstorfl.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storufs (@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver) -> System32\drivers\storufs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storvsc () -> System32\drivers\storvsc.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vmbus (@wvmbus.inf,%vmbus.SVCDESC%;Virtual Machine Bus) -> System32\drivers\vmbus.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volsnap (@%SystemRoot%\system32\drivers\volsnap.sys,-100) -> System32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volume (@volume.inf,%VolumeServiceDesc%;Volume driver) -> System32\drivers\volume.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vsmraid () -> System32\drivers\vsmraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> System32\drivers\wfplwfs.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> system32\drivers\WindowsTrustedRT.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRTProxy (@WindowsTrustedRTProxy.inf,%WindowsTrustedRTProxy.SVCDESC%;Microsoft Windows Trusted Runtime Secure Service) -> System32\drivers\WindowsTrustedRTProxy.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Wof (Windows Overlay File System Filter Driver) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - aswbidsdriver (aswbidsdriver) -> \SystemRoot\system32\drivers\aswbidsdrivera.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswKbd (aswKbd) -> \SystemRoot\system32\drivers\aswKbd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswRdr (aswRdr) -> \SystemRoot\system32\drivers\aswRdr2.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - aswSnx (aswSnx) -> \SystemRoot\system32\drivers\aswSnx.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - aswSP (aswSP) -> \SystemRoot\system32\drivers\aswSP.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicDisplay () -> \SystemRoot\System32\drivers\BasicDisplay.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicRender () -> \SystemRoot\System32\drivers\BasicRender.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - CLVirtualDrive (CLVirtualDrive) -> \SystemRoot\system32\DRIVERS\CLVirtualDrive.sys - AcceptPause: False - AcceptStop: True S1 - [Kernel Driver] - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys - AcceptPause: False - AcceptStop: False R1 - [File System Driver] - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - FileCrypt (@%systemroot%\system32\drivers\filecrypt.sys,-100) -> system32\drivers\filecrypt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - GpuEnergyDrv (@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100) -> System32\drivers\gpuenergydrv.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - GUBootStartup (GUBootStartup) -> \??\C:\WINDOWS\System32\drivers\GUBootStartup.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - NetBIOS (@%windir%\system32\drivers\netbios.sys,-503) -> system32\drivers\netbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Psched (@%windir%\System32\drivers\pacer.sys,-101) -> System32\drivers\pacer.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> System32\drivers\vwififlt.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - aswMonFlt (aswMonFlt) -> \SystemRoot\system32\drivers\aswMonFlt.sys - AcceptPause: False - AcceptStop: True S2 - [Kernel Driver] - aswStm (aswStm) -> \SystemRoot\system32\drivers\aswStm.sys - AcceptPause: False - AcceptStop: False R2 - [Kernel Driver] - clreg (@%SystemRoot%\system32\drivers\registry.sys,-100) -> \SystemRoot\System32\drivers\registry.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - mrxsmb10 (@%systemroot%\system32\wkssvc.dll,-1004) -> system32\DRIVERS\mrxsmb10.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - srv (@%systemroot%\system32\srvsvc.dll,-102) -> System32\DRIVERS\srv.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - wanarp (@%systemroot%\system32\mprmsg.dll,-32011) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - wcifs (@%systemroot%\system32\drivers\wcifs.sys,-100) -> \SystemRoot\system32\drivers\wcifs.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - wcnfs (@%systemroot%\system32\drivers\wcnfs.sys,-100) -> \SystemRoot\system32\drivers\wcnfs.sys - AcceptPause: False - AcceptStop: True ---------- | System files (Microsoft Files whitelisted) [MD5.EE1CCC54F75C24727A218F98FC5349DA] - [16/07/2016 12:41:53] - (.Copyright (c) 2011 LSI - LSI 3ware SCSI Storport Driver.) - [104.84 Ko] - (5.1.0.51) - C:\WINDOWS\System32\Drivers\3ware.sys [MD5.F39180029723D7779C80360F9E255709] - [23/07/2013 11:28:56] - (.© Copyright 2001-2013 Hewlett-Packard Development Company, L.P. - HP Accelerometer.) - [42.3 Ko] - (6.0.5.1) - C:\WINDOWS\System32\Drivers\Accelerometer.sys [MD5.49B9DB97AFC85DCCBDACDAB2E90085B7] - [16/07/2016 12:41:53] - (.Copyright (C) PMC-Sierra 2001-2014 - PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller.) - [1108.84 Ko] - (1.3.0.10769) - C:\WINDOWS\System32\Drivers\adp80xx.sys [MD5.D5D2E3CC330E182C9519BC01A05F9D0E] - [08/10/2015 19:38:30] - (.© Advanced Micro Devices. - AMD ACP Binaries.) - [307.72 Ko] - (2.15.30.19) - C:\WINDOWS\System32\Drivers\amdacpksd.sys [MD5.C3E8F88B4D196110673DA03E2E95D83B] - [24/10/2013 09:59:40] - (.(C) 2012-2013 Advanced Micro Devices, INC. - AMD AS4 Driver.) - [17.23 Ko] - (1.1.0.22) - C:\WINDOWS\System32\Drivers\AmdAS4.sys [MD5.275B6F698CBEC36C42D3ABD7EE049BA1] - [18/08/2016 13:41:28] - (.Copyright (C) 2012 Advanced Micro Devices, Inc. - AMD Audio Bus Lower Filter.) - [48.29 Ko] - (8.14.1.6003) - C:\WINDOWS\System32\Drivers\amdkmafd.sys [MD5.63DBE05B7EE2040F3E4C443057150D75] - [23/06/2015 10:39:28] - (.Copyright (c) 2013 - 2015 Advanced Micro Devices, Inc. - amdkmcsp sys.) - [98.73 Ko] - (2.21.0.0) - C:\WINDOWS\System32\Drivers\amdkmcsp.sys [MD5.C04F35935BF6274F5593B78C7B295760] - [14/12/2013 13:00:58] - (.Copyright (C) 2011 Advanced Micro Devices, Inc. - AMD PCI Root Bus Lower Filter.) - [35.75 Ko] - (8.14.1.6020) - C:\WINDOWS\System32\Drivers\amdkmpfd.sys [MD5.A6A2F105FCCEF4CC07CD61CC004D8951] - [23/06/2015 10:39:28] - (.Copyright (c) 2013 - 2015 Advanced Micro Devices, Inc. - amdpsp sys.) - [270.74 Ko] - (2.21.0.0) - C:\WINDOWS\System32\Drivers\amdpsp.sys [MD5.74FFBC43B4B899C9A8CA06A892F2CE73] - [16/07/2016 12:41:53] - (.Copyright © 2008-2015 AMD, Inc. - AHCI 1.3 Device Driver.) - [81.34 Ko] - (1.1.3.277) - C:\WINDOWS\System32\Drivers\amdsata.sys [MD5.AAB0F1D8D7E54761ABAB13AF161F1680] - [16/07/2016 12:41:53] - (.2012 Advanced Micro Devices, Inc. - AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform.) - [253.34 Ko] - (3.7.1540.43) - C:\WINDOWS\System32\Drivers\amdsbs.sys [MD5.F91BAAC4237C40352A807000F3B716F9] - [16/07/2016 12:41:53] - (.Copyright © 2008-2015 AMD, Inc. - Storage Filter Driver.) - [26.34 Ko] - (1.1.3.277) - C:\WINDOWS\System32\Drivers\amdxata.sys [MD5.E6AB1F0B4C3D4E0D2A88332D76FECD03] - [16/07/2016 12:41:53] - (.Copyright 2014 PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) - [128.84 Ko] - (7.5.0.32048) - C:\WINDOWS\System32\Drivers\arcsas.sys [MD5.6F75DD4F4FD75123D25A0617EECE6FDE] - [16/02/2017 19:30:20] - (.Copyright (C) 2014 AVAST Software s.r.o. - IDS Application Activity Monitor Driver..) - [302.52 Ko] - (17.1.2.58407) - C:\WINDOWS\System32\Drivers\aswbidsdrivera.sys [MD5.40C2E8C97ECA864335FA3F0078B6B5EF] - [16/02/2017 19:30:20] - (.Copyright (C) 2014 AVAST Software s.r.o. - Application Activity Monitor Helper Driver.) - [185.32 Ko] - (17.1.2.58407) - C:\WINDOWS\System32\Drivers\aswbidsha.sys [MD5.92CF5055E25B608B54B42A88F805ACD4] - [16/02/2017 19:30:20] - (.Copyright (C) 2014 AVAST Software s.r.o. - Logging Driver.) - [326.76 Ko] - (17.1.2.58407) - C:\WINDOWS\System32\Drivers\aswbloga.sys [MD5.B322161C7CFC1F81B77CC87AD5D85BBA] - [16/02/2017 19:30:20] - (.Copyright (C) 2014 AVAST Software s.r.o. - Universal Driver.) - [47.39 Ko] - (17.1.2.58407) - C:\WINDOWS\System32\Drivers\aswbuniva.sys [MD5.1CB55C233334A3A3DACDD99647753055] - [22/11/2015 00:42:41] - (.Copyright (c) 2014 AVAST Software - Avast HWID.) - [37.4 Ko] - (17.1.3394.0) - C:\WINDOWS\System32\Drivers\aswHwid.sys [MD5.18ABFE3C4878E2F410A23383DB850CF6] - [03/06/2016 12:34:37] - (.Copyright (c) 2014 AVAST Software - Avast Keyboard Filter Driver.) - [31.34 Ko] - (17.1.3394.0) - C:\WINDOWS\System32\Drivers\aswKbd.sys [MD5.7534937F601E1CF6D63BCFD3768982F0] - [22/11/2015 00:42:41] - (.Copyright (c) 2014 AVAST Software - Avast File System Minifilter for Windows 2003/Vista.) - [123.13 Ko] - (17.1.3394.0) - C:\WINDOWS\System32\Drivers\aswMonFlt.sys [MD5.29EF51E9D17276AFAA354AE09A543688] - [22/11/2015 00:42:41] - (.Copyright (c) 2014 AVAST Software - Avast WFP Redirect Driver.) - [98.28 Ko] - (17.1.3394.0) - C:\WINDOWS\System32\Drivers\aswRdr2.sys [MD5.EF03E68187720D35092E3D6858064170] - [22/11/2015 00:42:41] - (.Copyright (c) 2014 AVAST Software - Avast Revert.) - [72.93 Ko] - (17.1.3394.0) - C:\WINDOWS\System32\Drivers\aswRvrt.sys [MD5.9A95D9A2726393975C3DD50751085B83] - [22/11/2015 00:42:41] - (.Copyright (c) 2014 AVAST Software - Avast Virtualization Driver.) - [968.26 Ko] - (17.1.3394.0) - C:\WINDOWS\System32\Drivers\aswSnx.sys [MD5.11DF322991B0E54278D5EBB7C7E3BCC8] - [22/11/2015 00:42:41] - (.Copyright (c) 2014 AVAST Software - Avast self protection module.) - [535.06 Ko] - (17.1.3394.0) - C:\WINDOWS\System32\Drivers\aswSP.sys [MD5.69AE094434DCDB5ABE292F4EBD261C9B] - [22/11/2015 00:42:41] - (.Copyright (c) 2014 AVAST Software - Stream Filter.) - [158.72 Ko] - (17.1.3394.0) - C:\WINDOWS\System32\Drivers\aswStm.sys [MD5.FF7843417D319B14F96AC4D883D5BEEA] - [22/11/2015 00:42:41] - (.Copyright (c) 2014 AVAST Software - Avast VM Monitor.) - [329.18 Ko] - (17.1.3394.23) - C:\WINDOWS\System32\Drivers\aswvmm.sys [MD5.482D2BAB840034F65046D0F2F42E2BEB] - [28/05/2015 07:00:44] - (.© Advanced Micro Devices. - AMD High Definition Audio Function Driver.) - [99 Ko] - (10.0.1.1) - C:\WINDOWS\System32\Drivers\AtihdWT6.sys [MD5.8DAE2E8580F5208F73EA785A007DC0D5] - [08/10/2015 19:38:36] - (.Copyright (C) 1998-2012 Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) - [21146.02 Ko] - (8.1.1.1500) - C:\WINDOWS\System32\Drivers\atikmdag.sys [MD5.DA82A3CAB7083267BBF0F0066354055C] - [08/10/2015 19:38:34] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) - [667.02 Ko] - (8.14.1.6463) - C:\WINDOWS\System32\Drivers\atikmpag.sys [MD5.3F5523DCEFE42B385659C5CB46A6B810] - [16/07/2016 12:41:53] - (.© Broadcom Corporation. - BCM Function 2 Device Driver.) - [9.5 Ko] - (6.3.9477.0) - C:\WINDOWS\System32\Drivers\bcmfn.sys [MD5.0B750A6A6D847E73CA48ADD7A0F5A393] - [16/07/2016 12:41:53] - (.© Broadcom Corporation. - BCM Function 2 Device Driver.) - [9.5 Ko] - (6.3.9391.6) - C:\WINDOWS\System32\Drivers\bcmfn2.sys [MD5.61BAC67048CA5C1D08C48FCC8012B613] - [16/07/2016 12:41:52] - (.(c) COPYRIGHT 2014-2016 QLogic Corporation - QLogic Gigabit Ethernet VBD.) - [521.34 Ko] - (7.12.31.105) - C:\WINDOWS\System32\Drivers\bxvbda.sys [MD5.48BC8B59BF348BD8C8702B93171008F2] - [16/07/2016 12:41:53] - (.Copyright © 2016 Chelsio Communications. - Chelsio iSCSI Crash Dump Driver.) - [100.34 Ko] - (6.1.14.200) - C:\WINDOWS\System32\Drivers\cht4dx64.sys [MD5.0AED948DA8D5F08B3D6F12E4E2089736] - [16/07/2016 12:41:53] - (.Copyright © 2016 Chelsio Communications. - Chelsio iSCSI VMiniport Driver.) - [338.84 Ko] - (6.1.14.200) - C:\WINDOWS\System32\Drivers\cht4sx64.sys [MD5.0002A0FDE087C1657AB31CE73077539C] - [16/07/2016 12:41:53] - (.Copyright © 2010 Chelsio Communications. - Virtual Bus Driver for Chelsio ® T4 Chipset.) - [2054.84 Ko] - (6.1.14.200) - C:\WINDOWS\System32\Drivers\cht4vx64.sys [MD5.5C646CAC91E086F7FF53C7F2E857F263] - [24/11/2014 06:01:17] - (.Copyright (C) 2011 CyberLink - It is a virtual device driver which could create multiple virtual devices and mount image files..) - [89.76 Ko] - (1.0.0.3512) - C:\WINDOWS\System32\Drivers\CLVirtualDrive.sys [MD5.9731DAFDC7B690B2C7752FDFF045BFD8] - [24/11/2014 05:52:01] - (.Copyright (C) 2009 CyberLink Corporation. - CyberLink WebCam Virtual Driver.) - [40.73 Ko] - (1.0.27893.6128) - C:\WINDOWS\System32\Drivers\clwvd.sys [MD5.7EC6FC0266D74BD47ABB130A328B70EC] - [16/07/2016 12:41:52] - (.(c) COPYRIGHT 2014-2016 QLogic Corporation - QLogic 10 GigE VBD.) - [3338.84 Ko] - (7.13.65.105) - C:\WINDOWS\System32\Drivers\evbda.sys [MD5.C06C3D6C5A0805B314E3E940632C97CB] - [23/11/2015 04:04:37] - (.Copyright (c) 2003-2015 Glarysoft Ltd - The driver for the Startup Manager tool.) - [19.69 Ko] - (1.1.0.263) - C:\WINDOWS\System32\Drivers\GUBootStartup.sys [MD5.8B8E6BD988EAF18C1B86704BF05E5C03] - [23/07/2013 11:28:56] - (.© Copyright 2001-2013 Hewlett-Packard Development Company, L.P. - HP Disk Filter - SATA/RAID.) - [29.8 Ko] - (6.0.5.1) - C:\WINDOWS\System32\Drivers\hpdskflt.sys [MD5.F5CA18197B4646E04DB9EB2D6642CC4D] - [16/07/2016 12:41:53] - (.Copyright (c) 2004-2011 Hewlett-Packard Development Company, L.P. - Smart Array SAS/SATA Controller Media Driver.) - [62.84 Ko] - (8.0.4.0) - C:\WINDOWS\System32\Drivers\HpSAMD.sys [MD5.C6B8743B213F06AA60943D8366FE968F] - [16/07/2016 12:41:54] - (.Copyright (C) 2013. - Intel(R) Serial IO GPIO Controller Driver.) - [32.5 Ko] - (604.10146.3023.12819) - C:\WINDOWS\System32\Drivers\iagpio.sys [MD5.9A2A2F3C69B9A30B6E78536F6D258BAD] - [16/07/2016 12:41:54] - (.Copyright (C) 2013. - Intel(R) Serial IO I2C Driver.) - [79.5 Ko] - (604.10146.2643.2818) - C:\WINDOWS\System32\Drivers\iai2c.sys [MD5.5A0E850F8CD17791A3E6A3CF81D0CA28] - [16/07/2016 12:41:54] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO GPIO Driver v2.) - [63 Ko] - (30.63.1610.8) - C:\WINDOWS\System32\Drivers\iaLPSS2i_GPIO2.sys [MD5.7508F1096803385D6376BFD0BD473AC4] - [16/07/2016 12:41:54] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO I2C Driver v2.) - [172.25 Ko] - (30.63.1610.8) - C:\WINDOWS\System32\Drivers\iaLPSS2i_I2C.sys [MD5.16A10CCEDCF5AC4CAAE43DC9FC40392F] - [16/07/2016 12:41:52] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO GPIO Controller Driver.) - [37.23 Ko] - (1.1.250.0) - C:\WINDOWS\System32\Drivers\iaLPSSi_GPIO.sys [MD5.EB82A11613326691508D9ED9A4FE29E7] - [16/07/2016 12:41:50] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO I2C Controller Driver.) - [110.5 Ko] - (1.1.253.0) - C:\WINDOWS\System32\Drivers\iaLPSSi_I2C.sys [MD5.97E553D03219D3D51705C7235D9EAEBD] - [16/07/2016 12:41:53] - (.Copyright (C), Intel Corporation. - Intel(R) Rapid Storage Technology driver (inbox) - x64.) - [657.34 Ko] - (13.2.0.1022) - C:\WINDOWS\System32\Drivers\iaStorAV.sys [MD5.8350FE3BCDE3428BC040877BB7E9EAEB] - [16/07/2016 12:41:53] - (.Copyright(C) Intel Corporation 1994-2008 - Intel Matrix Storage Manager driver - x64.) - [402.34 Ko] - (8.6.2.1019) - C:\WINDOWS\System32\Drivers\iaStorV.sys [MD5.3BA03F7C7700DDF4C383DDE9252F5817] - [16/07/2016 12:41:53] - (.Copyright© 2009 Mellanox Technologies Ltd - InfiniBand Fabric Bus Driver.) - [513.84 Ko] - (5.1.11548.0) - C:\WINDOWS\System32\Drivers\ibbus.sys [MD5.EAB70270BDDCFEF56FCC7425C2D9883D] - [18/06/2015 03:25:00] - (.© Logitech, Inc. 1987-2015. - Logitech Equad USB Driver..) - [85.64 Ko] - (5.90.38.0) - C:\WINDOWS\System32\Drivers\LEqdUsb.sys [MD5.5EBB7C1FC685D45A1D3D8B2B9A656E48] - [18/06/2015 03:25:00] - (.© Logitech, Inc. 1987-2015. - Logitech HID Filter Driver..) - [22.64 Ko] - (5.90.38.0) - C:\WINDOWS\System32\Drivers\LHidEqd.sys [MD5.AFDFA4A6B0F7B15AA38E494FD4595741] - [18/06/2015 03:25:00] - (.© Logitech, Inc. 1987-2015. - Logitech HID Filter Driver..) - [84.64 Ko] - (5.90.38.0) - C:\WINDOWS\System32\Drivers\LHidFilt.Sys [MD5.C3E82B320F34C97F32B8026F4C249BEF] - [18/06/2015 03:25:00] - (.© Logitech, Inc. 1987-2015. - Logitech Mouse Filter Driver..) - [67.64 Ko] - (5.90.38.0) - C:\WINDOWS\System32\Drivers\LMouFilt.Sys [MD5.64AEB5790901EA8854884981F104CAA6] - [21/01/2017 06:15:10] - (.© Logitech, Inc. 1987-2009. - Logitech Non-Plug and Play Driver..) - [18.52 Ko] - (4.90.30.0) - C:\WINDOWS\System32\Drivers\LNonPnP.sys [MD5.8E1B0946948CCC0BC1FA3CB70374A795] - [16/07/2016 12:41:53] - (.Copyright © LSI Corporation 2010 - LSI Fusion-MPT SAS Driver (StorPort).) - [106.34 Ko] - (1.34.3.83) - C:\WINDOWS\System32\Drivers\lsi_sas.sys [MD5.4F68163FC04C973500DC4DA0946917B0] - [16/07/2016 12:41:53] - (.Copyright © LSI Corporation 2012 - LSI SAS Gen2 Driver (StorPort).) - [103.34 Ko] - (2.0.79.80) - C:\WINDOWS\System32\Drivers\lsi_sas2i.sys [MD5.E5AC5F2815938651CDCC27F425474673] - [16/07/2016 12:41:53] - (.Copyright © Avago Technologies 2015 - Avago SAS Gen3 Driver (StorPort).) - [98.84 Ko] - (2.51.12.80) - C:\WINDOWS\System32\Drivers\lsi_sas3i.sys [MD5.CCF6EC9FB9B8F18E05B4253E81013E48] - [16/07/2016 12:41:53] - (.Copyright © LSI Corporation 2012 - LSI SSS PCIe/Flash Driver (StorPort).) - [80.84 Ko] - (2.10.61.81) - C:\WINDOWS\System32\Drivers\lsi_sss.sys [MD5.C3CDCCF07486BD2616A7B82946E07AC0] - [16/07/2016 12:41:53] - (.Copyright © Avago Technologies2013 - MEGASAS RAID Controller Driver for Windows.) - [58.34 Ko] - (6.706.6.0) - C:\WINDOWS\System32\Drivers\megasas.sys [MD5.2CF0CB2A0ED68C5455371E84C16F9627] - [11/10/2016 19:34:06] - (.Copyright © Avago Technologies2013 - MEGASAS RAID Controller Driver for Windows.) - [62.84 Ko] - (6.711.10.11) - C:\WINDOWS\System32\Drivers\MegaSas2i.sys [MD5.FADB2FE017E69EECE0E1BA78661C2E8C] - [16/07/2016 12:41:53] - (.Copyright (C) 2007 LSI Corporation. - LSI MegaRAID Software RAID Driver.) - [562.34 Ko] - (15.2.2013.129) - C:\WINDOWS\System32\Drivers\megasr.sys [MD5.FD60818B66B2E8A5415EA840E99A9D8F] - [16/07/2016 12:41:53] - (.Copyright© 2009 Mellanox Technologies Ltd - MLX4 Bus Driver.) - [822.84 Ko] - (5.1.11548.0) - C:\WINDOWS\System32\Drivers\mlx4_bus.sys [MD5.3D2C5B4995CA0751D32DEA0DE9FDFE44] - [16/07/2016 12:41:53] - (.Copyright (c) Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) - [62.34 Ko] - (1.0.5.1016) - C:\WINDOWS\System32\Drivers\mvumis.sys [MD5.629CB21AC49C8867E0F29DF1C16DB7B4] - [16/07/2016 12:41:53] - (.Copyright© 2009 Mellanox Technologies Ltd - NetworkDirect Support Filter Driver.) - [106.34 Ko] - (5.1.11548.0) - C:\WINDOWS\System32\Drivers\ndfltr.sys [MD5.6C76780A01FC2B885BD6E957B5C36B02] - [16/07/2016 12:42:03] - (.-.) - [88.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Drivers\NetAdapterCx.sys [MD5.D261DF41F0840F734856A2B4F5E072C7] - [16/07/2016 12:41:53] - (.Copyright(C) 2001-2011 NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - [146.84 Ko] - (10.6.0.23) - C:\WINDOWS\System32\Drivers\nvraid.sys [MD5.23B702B555EB0436B9DAA0BC63DA65CE] - [16/07/2016 12:41:53] - (.Copyright(C) 2001-2011 NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - [162.34 Ko] - (10.6.0.23) - C:\WINDOWS\System32\Drivers\nvstor.sys [MD5.540116170E2135FCD5DDE77702166B67] - [16/07/2016 12:41:53] - (.Copyright © Avago Technologies2013 - MEGASAS RAID Controller Driver for Windows.) - [57.34 Ko] - (6.805.3.0) - C:\WINDOWS\System32\Drivers\percsas2i.sys [MD5.8356F87553BF49C703CF382033815898] - [16/07/2016 12:41:53] - (.Copyright © Avago Technologies2013 - MEGASAS RAID Controller Driver for Windows.) - [60.34 Ko] - (6.603.6.0) - C:\WINDOWS\System32\Drivers\percsas3i.sys [MD5.12A3D1530E3F67B8664EBA923A3981E4] - [24/11/2015 00:58:04] - (.Copyright (C) 2015 Realtek Semiconductor Corporation. All Right Reserved. - Realtek 8101E/8168/8169 NDIS 6.40 64-bit Driver .) - [865.75 Ko] - (10.1.505.2015) - C:\WINDOWS\System32\Drivers\rt640x64.sys [MD5.F9CBA964C9AEA40ADD0108268E0194EC] - [30/10/2015 14:28:40] - (.Realtek All Rights Reserved - Realtek Bluetooth Filter Driver.) - [609.79 Ko] - (1.3.865.3) - C:\WINDOWS\System32\Drivers\RtkBtfilter.sys [MD5.09BA0096C574C5600B6A7A8D7049A7E4] - [24/11/2015 00:55:03] - (.Copyright (c) Realtek Semiconductor Corp.1998-2013 - Realtek(r) High Definition Audio Function Driver.) - [4401.21 Ko] - (6.0.1.7548) - C:\WINDOWS\System32\Drivers\RTKVHD64.sys [MD5.C8173EAA7EDAC1DB9063139A5FD57BF4] - [05/06/2015 02:12:54] - (.Copyright (C) Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7/Win8.) - [303.25 Ko] - (6.3.9600.29088) - C:\WINDOWS\System32\Drivers\RtsP2Stor.sys [MD5.DBF90D3C4F9CE933564B306E12E70742] - [01/02/2017 00:38:42] - (.Copyright (C) 2013 Realtek Semiconductor Corporation - Realtek PCIE NDIS Driver 47261 20277.) - [6146.5 Ko] - (2023.42.831.2016) - C:\WINDOWS\System32\Drivers\rtwlane.sys [MD5.A34CE1830E45DA98932295FDE4B7908A] - [16/07/2016 12:41:53] - (.Copyright (c) SiS Corp. 2000-2010 - SiS RAID Stor Miniport Driver.) - [43.84 Ko] - (5.1.1039.2600) - C:\WINDOWS\System32\Drivers\sisraid2.sys [MD5.A7B5C670770E908DA5FEF5BF1136E933] - [16/07/2016 12:41:53] - (.Copyright (c) SiS Corp. 2007-2013 - SiS AHCI Stor-Miniport Driver.) - [79.84 Ko] - (5.1.1039.3600) - C:\WINDOWS\System32\Drivers\sisraid4.sys [MD5.0E5948C58F8AB3A6086E7CC0854E9312] - [23/11/2015 04:02:37] - (.Copyright (C) Synaptics Incorporated 1996-2016 - Synaptics SMBus Driver.) - [66.09 Ko] - (19.2.4.10) - C:\WINDOWS\System32\Drivers\Smb_driver_AMDASF.sys [MD5.0E5948C58F8AB3A6086E7CC0854E9312] - [02/09/2016 02:02:40] - (.Copyright (C) Synaptics Incorporated 1996-2016 - Synaptics SMBus Driver.) - [66.09 Ko] - (19.2.4.10) - C:\WINDOWS\System32\Drivers\Smb_driver_AMDASF_Aux.sys [MD5.1F7AF7DC78C8137332ABBBBAA7D83D7C] - [04/06/2014 21:27:04] - (.Copyright (C) Synaptics Incorporated 1996-2014 - Synaptics SMBus Driver.) - [30.73 Ko] - (18.1.7.13) - C:\WINDOWS\System32\Drivers\Smb_driver_Intel.sys [MD5.5ABAB1FF9E0174C96AE711803D0B49A1] - [02/09/2016 02:02:42] - (.Copyright (C) Synaptics Incorporated 1996-2016 - Synaptics SMBus Driver.) - [69.59 Ko] - (19.2.4.10) - C:\WINDOWS\System32\Drivers\Smb_driver_Intel_Aux.sys [MD5.1D8F61346A123CC5CDE7E2AABB7DFEE0] - [30/08/2016 19:15:26] - (.-.) - [43.9 Ko] - (8.0.4624.2183) - C:\WINDOWS\System32\Drivers\staport.sys [MD5.29D26E1347AE1BBD4201014E19880B2C] - [16/07/2016 12:41:53] - (.© Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) - [30.34 Ko] - (5.1.0.10) - C:\WINDOWS\System32\Drivers\stexstor.sys [MD5.67ABCD5A85571307C8AC64D9380502BA] - [02/09/2016 02:02:50] - (.Copyright (C) Synaptics Incorporated 1996-2016 - Synaptics I2C Driver.) - [64.59 Ko] - (19.2.4.10) - C:\WINDOWS\System32\Drivers\SynRMIHID_Aux.sys [MD5.FFFCCD161BBCFDFD89E6D531AB904EFB] - [09/12/2015 08:34:14] - (.Copyright (C) Synaptics Incorporated 1996-2016 - Synaptics Touchpad Win64 Driver.) - [843.09 Ko] - (19.2.4.10) - C:\WINDOWS\System32\Drivers\SynTP.sys [MD5.FD9BCB8920973CEAD4D49DC7A6D8A618] - [16/07/2016 12:41:53] - (.Copyright (C) VIA Technologies 1992-2007 - VIA RAID DRIVER FOR AMD-X86-64.) - [162.84 Ko] - (7.0.9600.6352) - C:\WINDOWS\System32\Drivers\vsmraid.sys [MD5.0C111F220798CCE80484026E06822379] - [16/07/2016 12:41:53] - (.Copyright (C) 2008 VIA Corporation - VIA StorX RAID Controller Driver.) - [298.34 Ko] - (8.0.9200.8110) - C:\WINDOWS\System32\Drivers\VSTXRAID.SYS [MD5.A556768CC1FA4F36022BEE2F0EDE2566] - [12/11/2015 21:50:10] - (.© 2006-2015 Western Digital Technologies, Inc. - Western Digital SCSI Architecture Model (SAM) driver.) - [26.25 Ko] - (1.1.0.0) - C:\WINDOWS\System32\Drivers\wdcsam64.sys [MD5.F95DE20312ACCA7761446DE152BD1F7C] - [16/07/2016 12:41:53] - (.Copyright© 2009 Mellanox Technologies Ltd - Kernel WinMad.) - [31.34 Ko] - (5.1.11548.0) - C:\WINDOWS\System32\Drivers\winmad.sys [MD5.8B9AFF5F08E66A6F1F1063DEC9457FB6] - [16/07/2016 12:41:53] - (.Copyright© 2009 Mellanox Technologies Ltd - Kernel WinVerbs.) - [63.34 Ko] - (5.1.11548.0) - C:\WINDOWS\System32\Drivers\winverbs.sys [MD5.4F2A80D65AE6F845776E2F06AE6782ED] - [22/07/2013 16:45:58] - (.Copyright (C) 2000-2012 Hewlett-Packard Development Company, L.P. - HP Wireless Button Driver.) - [20.31 Ko] - (1.0.6.1) - C:\WINDOWS\System32\Drivers\WirelessButtonDriver64.sys ---------- | Uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\7-Zip] : (7-Zip 16.02 (x64).-.Igor Pavlov) -> C:\Program Files\7-Zip\Uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AMD Catalyst Install Manager] : (AMD Software.-.Advanced Micro Devices, Inc.) -> "C:\Program Files\AMD\CIM\Bin64\RadeonInstaller.exe" /EXPRESS_UNINSTALL /IGNORE_UPGRADE /ON_REBOOT_MESSAGE:NO ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\sp6] : (Logitech SetPoint 6.67.-.Logitech) -> C:\Program Files\Common Files\LogiShrd\sp6_Uninstall\setup.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Speccy] : (Speccy.-.Piriform) -> "C:\Program Files\Speccy\uninst.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 227940] : (Heroes & Generals.-.Reto-Moto) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/227940 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 230410] : (Warframe.-.Digital Extremes) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/230410 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 240] : (Counter-Strike: Source.-.Valve) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/240 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 271590] : (Grand Theft Auto V.-.Rockstar North) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/271590 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 300] : (Day of Defeat: Source.-.Valve) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/300 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 316010] : (Magic Duels.-.Stainless Games Ltd.) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/316010 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 346110] : (ARK: Survival Evolved.-.Studio Wildcard) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/346110 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 360760] : (Run and Fire.-.Galaxy Gate) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/360760 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 407530] : (ARK: Survival Of The Fittest.-.Studio Wildcard) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/407530 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 536930] : (MOBIUS FINAL FANTASY.-.SQUARE ENIX CO., LTD.) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/536930 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 555570] : (Infestation: The New Z.-.Fredaikis AB) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/555570 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 730] : (Counter-Strike: Global Offensive.-.Valve) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/730 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SynTPDeinstKey] : (Synaptics ClickPad Driver.-.Synaptics Incorporated) -> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\TeamSpeak 3 Client] : (TeamSpeak 3 Client.-.TeamSpeak Systems GmbH) -> "C:\Program Files\TeamSpeak 3 Client\uninstall.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VulkanRT1.0.37.0] : (Vulkan Run Time Libraries 1.0.37.0.-.LunarG, Inc.) -> C:\Program Files (x86)\VulkanRT\1.0.37.0\UninstallVulkanRT.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{11850353-18A1-A256-8758-991A2D660A78}] : (Catalyst Control Center Next Localization DE.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{11E75CBF-7A8C-FE23-0E7B-1620C070D2D3}] : (AMD Start Now.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{132778FD-AAAF-8250-1B51-28BCE67D900C}] : (AMD Problem Report Wizard.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{132778FD-AAAF-8250-1B51-28BCE67D900C} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{138FAB7C-35FE-0D1F-3B10-2E2C2ADCF9E7}] : (AMD Fuel.-.Nom de votre société) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{17064B25-0C53-09D2-B027-E6FF5A57EAC8}] : (AMD Start Now.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{174854A4-50A1-AD45-6618-74B42AD66A1D}] : (ccc-utility64.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{178B916E-BCCA-464A-82B1-16FBCE86E30B}] : (AMD Settings - Branding.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /I{178B916E-BCCA-464A-82B1-16FBCE86E30B} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{23170F69-40C1-2702-1604-000001000000}] : (7-Zip 16.04 (x64 edition).-.Igor Pavlov) -> MsiExec.exe /I{23170F69-40C1-2702-1604-000001000000} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2CA10ACF-657C-B05C-740F-1182A0C30F9F}] : (Catalyst Control Center Next Localization NL.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{32257F1B-11CC-6DCD-45AA-53681C519C7E}] : (Catalyst Control Center Next Localization SV.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{3C28BFD4-90C7-3138-87EF-418DC16E9598}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}] : (Energy Star.-.Hewlett-Packard Company) -> MsiExec.exe /I{465CA2B6-98AF-4E77-BE22-A908C34BB9EC} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{59C900CF-ABC9-B296-A642-159EC6812678}] : (Catalyst Control Center Next Localization KO.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}] : (Cyberlink PhotoDirector.-.Nom de votre société) -> "C:\Program Files (x86)\InstallShield Installation Information\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{5AF4E09F-5C9B-3AAF-B731-544D3DC821DD}] : (.-.) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{62B7D06F-CEA5-F480-1232-CF7FCC25FDD9}] : (Catalyst Control Center Next Localization PL.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{66790941-2BFC-EA12-3C53-1ADE091B5C49}] : (Catalyst Control Center Next Localization CS.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}] : (Bonjour.-.Apple Inc.) -> MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7414FC19-804A-6F39-816A-DE254B5903C1}] : (Catalyst Control Center Next Localization CHS.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}] : (DisableMSDefender.-.Hewlett-Packard Company) -> MsiExec.exe /I{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{75F44A87-E627-E186-CB9F-C8689D85797E}] : (Catalyst Control Center Next Localization FR.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{86961F79-DF88-1290-A052-F8311E5F61B3}] : (Catalyst Control Center Next Localization EL.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{965E055B-5AC1-A700-3C9B-92A3E994914B}] : (AMD Radeon Settings.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{ACA1E2A4-75D6-D43A-F82C-13C48B74153B}] : (Catalyst Control Center Next Localization TH.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B27743AF-85E9-1B77-94B4-70354BFC3F44}] : (AMD Accelerated Video Transcoding.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{B27743AF-85E9-1B77-94B4-70354BFC3F44} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2AE855C-8392-C822-D457-98B9D0285722}] : (Catalyst Control Center Next Localization CHT.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{BD84BC3F-E24C-67AF-D13E-A1ED75B012B1}] : (Catalyst Control Center Next Localization HU.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{BE5CA264-6ABB-17EE-9C77-750549E6FAF5}] : (Catalyst Control Center Next Localization DA.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{BF6BBB2F-8770-E5D8-6E2F-655D9821CCD0}] : (Catalyst Control Center Next Localization NO.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{CC4A9956-3556-FACA-8D66-6718B29BF1EF}] : (Catalyst Control Center Next Localization BR.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D1E8F2D7-7794-4245-B286-87ED86C1893C}] : (HP Registration Service.-.Hewlett-Packard) -> MsiExec.exe /X{D1E8F2D7-7794-4245-B286-87ED86C1893C} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D3536C71-00CD-457F-8624-CBD51FD43F1C}] : (DriversCloud.com (64 bits).-.Cybelsoft) -> MsiExec.exe /X{D3536C71-00CD-457F-8624-CBD51FD43F1C} ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D564B11A-E386-8FF6-3CC1-3CF3E1F34152}] : (Catalyst Control Center Next Localization IT.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D901D3D6-E86C-2F82-0072-01725635850F}] : (Catalyst Control Center Next Localization FI.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{DBE7E9D0-147F-B968-C1C5-9DE72F40DB41}] : (Catalyst Control Center Next Localization RU.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E04861A9-C527-8415-A862-F2A5C5C4800A}] : (Catalyst Control Center Next Localization TR.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E1646825-D391-42A0-93AA-27FA810DA093}] : (CyberLink PowerDirector 12.-.Nom de votre société) -> "C:\Program Files (x86)\InstallShield Installation Information\{E1646825-D391-42A0-93AA-27FA810DA093}\Setup.exe" /z-uninstall ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E95258DB-9122-5B62-811B-2A6E1912DA32}] : (Catalyst Control Center Next Localization JA.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{EE92B6FB-CA32-62D1-32B7-812DD0A60FEF}] : (Catalyst Control Center Next Localization ES.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F6196387-D588-51DB-77B4-F020B3D8543F}] : (AMD Software.-.Advanced Micro Devices, Inc.) -> msiexec /q/x{F6196387-D588-51DB-77B4-F020B3D8543F} REBOOT=ReallySuppress [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Flash Player PPAPI] : (Adobe Flash Player 24 PPAPI.-.Adobe Systems Incorporated) -> C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_221_pepper.exe -maintain pepperplugin [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Shockwave Player] : (Adobe Shockwave Player 12.2.-.Adobe Systems, Inc.) -> "C:\WINDOWS\SysWOW64\Adobe\Shockwave 12\uninstaller.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Avast Antivirus] : (Avast Antivirus Gratuit.-.AVAST Software) -> C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Battle.net] : (Battle.net.-.Blizzard Entertainment) -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=frFR --uid=battle.net --displayname="Battle.net" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\BlueStacks] : (BlueStacks App Player.-.BlueStack Systems, Inc.) -> C:\Program Files (x86)\Bluestacks\BluestacksUninstaller.exe :tmp ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Free Window Registry Repair] : (Free Window Registry Repair.-.) -> C:\PROGRA~2\FREEWI~1\UNWISE.EXE C:\PROGRA~2\FREEWI~1\INSTALL.LOG [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Glary Utilities 5] : (Glary Utilities 5.69.-.Glarysoft Ltd) -> C:\Program Files (x86)\Glary Utilities 5\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Glyph] : (Glyph.-.Trion Worlds, Inc.) -> C:\Program Files (x86)\Glyph\glyphuninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Glyph Archeage] : (Archeage.-.Trion Worlds, Inc.) -> C:\Program Files (x86)\Glyph\GlyphClientApp.exe -uninstall -game 120 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Google Chrome] : (Google Chrome.-.Google Inc.) -> "C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\Installer\setup.exe" --uninstall --system-level [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Hearthstone] : (Hearthstone.-.Blizzard Entertainment) -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=frFR --uid=hs_beta --displayname="Hearthstone" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Heroes & Generals] : (Heroes & Generals.-.Reto-Moto) -> C:\Program Files (x86)\Heroes & Generals\Uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}] : (CyberLink YouCam.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}] : (CyberLink Media Suite 10.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}] : (CyberLink Power2Go 8.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}] : (CyberLink PowerBackup 2.6.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{ADD5DB49-72CF-11D8-9D75-000129760D75}\setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}] : (CyberLink Power Media Player 12.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}] : (Blade & Soul.-.NC Interactive, LLC) -> "C:\Program Files (x86)\InstallShield Installation Information\{C3F383C1-D050-4A40-843F-8171A6A02C3A}\setup.exe" -runfromtemp -l0x040c -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\NCLauncher_NCWest] : (NCSOFT Game Launcher.-.NCSOFT) -> C:\Program Files (x86)\NCWest\NCLauncher\Uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Nexon Nexon Launcher] : (Nexon Launcher.-.Nexon) -> "C:\Program Files (x86)\Nexon\Nexon Launcher\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Rockstar Games Social Club] : (Rockstar Games Social Club.-.Rockstar Games) -> C:\Program Files\Rockstar Games\Social Club\uninstallRGSCRedistributable.exe ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SafeZone 3.55.2393.561] : (SafeZone Stable 3.55.2393.561.-.Avast Software) -> "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SandboxAlbionOnline] : (Albion Online.-.Sandbox Interactive GmbH) -> "C:\Program Files (x86)\AlbionOnline\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam] : (Steam.-.Valve Corporation) -> C:\Program Files (x86)\Steam\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\UnHackMe Update - Reanimator_is1] : (RegRun Reanimator.-.Greatis Software, LLC.) -> "C:\Program Files (x86)\Greatis\Reanimator\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall] : (Jeux WildTangent.-.WildTangent) -> "C:\Program Files (x86)\WildGames\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGameProvider-hp-genres] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGameProvider-hp-main] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - main\Uninstall.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGDF-hp-edgeworld] : (.-.WildTangent) -> "C:\Program Files (x86)\WildTangent Games\Web Link - Edgeworld\Uninstall.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGDF-hp-godfatherfivefamilies] : (.-.WildTangent) -> "C:\Program Files (x86)\WildTangent Games\Web Link - The Godfather Five Families\Uninstall.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGDF-hp-mahjonggdarkdimensions] : (.-.WildTangent) -> "C:\Program Files (x86)\WildTangent Games\Web Link - Mahjongg Dark Dimensions\Uninstall.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGDF-hp-seafight] : (.-.WildTangent) -> "C:\Program Files (x86)\WildTangent Games\Web Link - Seafight\Uninstall.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-1894dce8-5e88-4ae8-930d-16912a3728d3] : (Vacation Quest™ - Australia.-.WildTangent) -> "C:\Program Files (x86)\WildGames\Vacation Quest - Australia\uninstall\uninstaller.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-2579029c-3b8f-4f36-ab6c-0f3a319d7b54] : (Polar Bowler 1st Frame.-.WildTangent) -> "C:\Program Files (x86)\WildGames\Polar Bowler 1st Frame\uninstall\uninstaller.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-2584b5df-b6e4-4dd7-aa9b-0b25796ea377] : (Build-a-lot.-.WildTangent) -> "C:\Program Files (x86)\WildGames\Build-a-lot\uninstall\uninstaller.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-2a875cc8-73ee-4112-a855-be79f25741ae] : (Virtual Families.-.WildTangent) -> "C:\Program Files (x86)\WildGames\Virtual Families\uninstall\uninstaller.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-6fd2aeaf-a4df-41fa-b596-21a93d8e3675] : (Building the Great Wall of China Collector's Edition.-.WildTangent) -> "C:\Program Files (x86)\WildGames\Building the Great Wall of China Collectors Edition\uninstall\uninstaller.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-83497ef3-02a2-4d88-8083-caf313519a4b] : (Trinklit Supreme.-.WildTangent) -> "C:\Program Files (x86)\WildGames\Trinklit Supreme\uninstall\uninstaller.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-934b8f19-04ef-4d4e-8d5e-73a1cadc8122] : (Jewel Match 3.-.WildTangent) -> "C:\Program Files (x86)\WildGames\Jewel Match 3\uninstall\uninstaller.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-b6211ddc-271d-4dcf-a746-a3f95f5a9c49] : (Bejeweled 3.-.WildTangent) -> "C:\Program Files (x86)\WildGames\Bejeweled 3\uninstall\uninstaller.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-b961ce54-2b0b-4eb2-889e-12eaae89f79d] : (Farm Frenzy.-.WildTangent) -> "C:\Program Files (x86)\WildGames\Farm Frenzy\uninstall\uninstaller.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-cbb944fd-26f0-481f-9149-2f67e611bba5] : (Wedding Dash.-.WildTangent) -> "C:\Program Files (x86)\WildGames\Wedding Dash\uninstall\uninstaller.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-d513fa9c-ee02-4310-8c3e-0b3d6904b5df] : (Ranch Rush 2 - Premium Edition.-.WildTangent) -> "C:\Program Files (x86)\WildGames\Ranch Rush 2 - Premium Edition\uninstall\uninstaller.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-e0d967fe-0dbc-40ad-9c47-9c181410322e] : (Plants vs. Zombies - Game of the Year.-.WildTangent) -> "C:\Program Files (x86)\WildGames\Plants vs Zombies - Game of the Year\uninstall\uninstaller.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-e2ab7b1d-5114-4419-9e65-f9fd326e2b0d] : (Governor of Poker 2 Premium Edition.-.WildTangent) -> "C:\Program Files (x86)\WildGames\Governor of Poker 2 Premium Edition\uninstall\uninstaller.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-f0f24f3f-e273-4d6c-8db7-6c4a8adb22d8] : (Crazy Chicken Soccer.-.WildTangent) -> "C:\Program Files (x86)\WildGames\Crazy Chicken Soccer\uninstall\uninstaller.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-f2265ad0-8183-42f8-83df-badbb01cfe6c] : (Youda Jewel Shop.-.WildTangent) -> "C:\Program Files (x86)\WildGames\Youda Jewel Shop\uninstall\uninstaller.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{01FB4998-33C4-4431-85ED-079E3EEFE75D}] : (CyberLink YouCam.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe" /z-uninstall ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0347A860-AC51-D8F0-72E7-6D5261BC057E}] : (CCC Help Chinese Standard.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{068A38AB-39AE-8D99-72C3-521BAB3B8B18}] : (CCC Help Dutch.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{07FA4960-B038-49EB-891B-9F95930AA544}] : (HP Customer Experience Enhancements.-.Hewlett-Packard) -> MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}] : (Cisco PEAP Module.-.Cisco Systems, Inc.) -> MsiExec.exe /I{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{13133E99-B0D5-4143-B832-AAD55C62A41C}] : (HP 3D DriveGuard.-.Hewlett-Packard Company) -> MsiExec.exe /X{13133E99-B0D5-4143-B832-AAD55C62A41C} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{15B95497-0A01-4296-96AB-FB0055D27A03}] : (CCC Help Portuguese.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1A118318-580D-679D-9F71-BB90E69922A7}] : (CCC Help Turkish.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1D464EFF-EC8B-F225-2F74-F74143200DDF}] : (OEM Application Profile.-.Nom de votre société) -> MsiExec.exe /X{1D464EFF-EC8B-F225-2F74-F74143200DDF} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}] : (CyberLink Media Suite 10.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F32180121F0}] : (Java 8 Update 121.-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F32180121F0} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}] : (CyberLink Power2Go 8.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\Setup.exe" /z-uninstall ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App] : (Update Installer for WildTangent Games App.-.WildTangent) -> "C:\Program Files (x86)\WildTangent Games\App\Uninstall.exe" ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2FB7B4FA-7220-A507-6A65-4351B9265186}] : (CCC Help Swedish.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}] : (HP Wireless Button Driver.-.Hewlett-Packard Company) -> MsiExec.exe /X{30B2D1D8-0A07-4B71-9553-0710C5D31E35} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3C595537-D968-48D5-AAB1-CCB2E90FA59A}] : (TomTom HOME.-.Nom de votre société) -> MsiExec.exe /I{3C595537-D968-48D5-AAB1-CCB2E90FA59A} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3EAB872D-57C2-569D-FA86-2DD253E6C4E3}] : (AMD Settings.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4260341E-22EA-21DB-905B-8AAE51DB099B}] : (CCC Help Greek.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{43D9C5F8-19E3-154B-FF53-F488C2E817A0}] : (CCC Help French.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{49E3D573-281A-14EC-F822-AF47EA6C38C0}] : (CCC Help Chinese Traditional.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5186DCDE-CD40-27E2-2F8A-DEF3F4096EBE}] : (CCC Help Japanese.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{582876EC-A178-44D4-9823-C10D6C62EAFF}] : (.-.) -> MsiExec /X{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{597A58EC-42D6-4940-8739-FB94491B013C}] : (Dropbox 25 GB.-.Dropbox, Inc.) -> MsiExec.exe /I{597A58EC-42D6-4940-8739-FB94491B013C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}\Setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}] : (Realtek Card Reader.-.Realtek Semiconductor Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}\setup.exe" -runfromtemp -removeonly ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{612C34C7-5E90-47D8-9B5C-0F717DD82726}] : (swMSM.-.Adobe Systems, Inc) -> MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{64BAA990-F1FC-4145-A7B1-E41FBBC9DA47}] : (HP Recovery Manager.-.Hewlett-Packard) -> MsiExec.exe /I{64BAA990-F1FC-4145-A7B1-E41FBBC9DA47} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}] : (Cisco EAP-FAST Module.-.Cisco Systems, Inc.) -> MsiExec.exe /I{64BF0187-F3D2-498B-99EA-163AF9AE6EC9} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6A8AEF63-6C18-67D1-EDDF-DC3393270EC3}] : (Catalyst Control Center Graphics Previews Common.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6AAEDF97-4B93-4169-8FCA-FCB0378CED52}] : (HP Documentation.-.Hewlett-Packard) -> MsiExec.exe /X{6AAEDF97-4B93-4169-8FCA-FCB0378CED52} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6C3521EB-645D-DBE8-C430-AFA5D84CEE80}] : (CCC Help German.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6DD664F8-71CE-4FC9-D5AC-15AED62F77B1}] : (CCC Help Russian.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6F340107-F9AA-47C6-B54C-C3A19F11553F}] : (Hewlett-Packard ACLM.NET v1.2.2.3.-.Hewlett-Packard Company) -> MsiExec.exe /I{6F340107-F9AA-47C6-B54C-C3A19F11553F} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp] : (WildTangent Games App pour HP.-.WildTangent) -> "C:\Program Files (x86)\WildTangent Games\Touchpoints\hp\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7BE5C4D3-D496-4EC5-A22C-31DFA2B705BD}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{80107F16-CB2E-42AB-AB9D-6C11540D5A8B}] : (.-.) -> C:\ProgramData\{B96EB44A-7860-4F13-BC9A-0A73CA5F11C2}\WinThrusterSetup.exe ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8144CD0B-7995-45CF-7773-239D71F8FB5B}] : (CCC Help Norwegian.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}] : (Realtek Ethernet Controller Driver.-.Realtek) -> C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.exe -runfromtemp -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{89BF1D4D-1D62-451E-9496-B971BDE82720}] : (Foxit PhantomPDF.-.Foxit Corporation) -> MsiExec.exe /I{89BF1D4D-1D62-451E-9496-B971BDE82720} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8B4EE87E-6D40-4C91-B5E8-0DC77DC412F1}] : (HP System Event Utility.-.Hewlett-Packard Company) -> MsiExec.exe /I{8B4EE87E-6D40-4C91-B5E8-0DC77DC412F1} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{904822F1-6C7D-4B91-B936-6A1C0810544C}] : (.-.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{93C79E5E-24E2-1890-A68F-E9E7E4C8D01A}] : (CCC Help Finnish.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{977D566D-3352-FFCE-7741-76FC6E99C279}] : (CCC Help Danish.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9ADBB902-3DE4-2F2C-0EA8-17AC41FF31E6}] : (CCC Help Hungarian.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9C4959DD-352B-2F1B-3AC6-F804D6A00273}] : (CCC Help Czech.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9D3D8C60-A5EF-4123-B2B9-172095903AB}] : (REALTEK Bluetooth Driver.-.REALTEK Semiconductor Corp.) -> C:\Program Files (x86)\InstallShield Installation Information\{9D3D8C60-A5EF-4123-B2B9-172095903AB}\Install.exe -uninst -l0x40C ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A3E21452-8042-5B65-0559-D9C7E38370EF}] : (CCC Help Italian.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A5107464-AA9B-4177-8129-5FF2F42DD322}] : (REALTEK Wireless LAN Driver.-.REALTEK Semiconductor Corp.) -> C:\Program Files (x86)\InstallShield Installation Information\{A5107464-AA9B-4177-8129-5FF2F42DD322}\Install.exe -uninst -l0x40C [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A542301D-0A88-4AE4-B158-B8BB563A51DE}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A542D366-9877-11E5-B101-005056951CAD}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A550A62C-8CB9-11E5-A5A9-005056951CAD}] : (.-.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AA1F19BA-3A27-1DAD-F886-D4299AEF22B5}] : (Catalyst Control Center Localization All.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ADD5DB49-72CF-11D8-9D75-000129760D75}] : (CyberLink PowerBackup 2.6.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{ADD5DB49-72CF-11D8-9D75-000129760D75}\setup.exe" /z-uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}] : (HP CoolSense.-.Hewlett-Packard Company) -> MsiExec.exe /I{ADE2F6A7-E7BD-4955-BD66-30903B223DDF} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AF312B06-5C5C-468E-89B3-BE6DE2645722}] : (Cisco LEAP Module.-.Cisco Systems, Inc.) -> MsiExec.exe /I{AF312B06-5C5C-468E-89B3-BE6DE2645722} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}] : (CyberLink Power Media Player 12.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}\Setup.exe" /z-uninstall ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C0182A9F-E457-4E92-1877-86BBE880A2D7}] : (CCC Help Thai.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C3F383C1-D050-4A40-843F-8171A6A02C3A}] : (Blade & Soul.-.NC Interactive, LLC) -> MsiExec.exe /X{C3F383C1-D050-4A40-843F-8171A6A02C3A} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C9EF1AAF-B542-41C8-A537-1142DA5D4AEC}] : (HP Customer Experience Enhancements.-.Hewlett-Packard) -> MsiExec.exe /X{C9EF1AAF-B542-41C8-A537-1142DA5D4AEC} ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CA970EAA-43CF-5930-01EA-0542C3E17BDD}] : (CCC Help Korean.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CF7A9C86-17D1-58D7-870F-E8E5D53D5317}] : (AMD Catalyst Control Center.-.Nom de votre société) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CFA6C3DD-B32A-CF08-4906-CF072515CAC9}] : (CCC Help Polish.-.Advanced Micro Devices, Inc.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D3C49D06-7FA6-CE04-A17A-2074E314DBB6}] : (Catalyst Control Center - Branding.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /I{D3C49D06-7FA6-CE04-A17A-2074E314DBB6} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D7E3588F-25E6-4A93-8B1C-596F7951CA38}] : (.-.) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DD43EA67-DAF3-4879-BFF7-E534675BDEA5}] : (HP PC Hardware Diagnostics UEFI.-.Hewlett-Packard) -> ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DDEB3C82-2311-C5C7-AB75-DDA0D8B06AA5}] : (CCC Help English.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}] : (NVIDIA PhysX.-.NVIDIA Corporation) -> MsiExec.exe /X{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E1646825-D391-42A0-93AA-27FA810DA093}] : (.-.CyberLink Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{E1646825-D391-42A0-93AA-27FA810DA093}\Setup.exe" /z-uninstall ##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E630E59A-CFBB-DD9B-6E91-9101CA4151AA}] : (CCC Help Spanish.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EB571A8A-81E0-11E6-8CC1-005056950253}] : (Evernote v. 6.3.3.-.Evernote Corp.) -> MsiExec.exe /X{EB571A8A-81E0-11E6-8CC1-005056950253} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ED5CE45D-842B-4C18-A002-87E16EA39BB3}] : (HP Support Solutions Framework.-.Hewlett-Packard Company) -> MsiExec.exe /X{ED5CE45D-842B-4C18-A002-87E16EA39BB3} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] : (Realtek High Definition Audio Driver.-.Realtek Semiconductor Corp.) -> C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{f761359c-9ced-45ae-9a51-9d6605cd55c4}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FC4A0E2E-0CD3-11E6-B80E-005056951CAD}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FC965A47-4839-40CA-B618-18F486F042C6}] : (Skype™ 7.32.-.Skype Technologies S.A.) -> MsiExec.exe /X{FC965A47-4839-40CA-B618-18F486F042C6} ---------- | Installer [HKCR\Installer\Products\068A743015CA0F8D277ED62516CB50E7] : CCC Help Chinese Standard -> C:\Windows\Installer\{0347A860-AC51-D8F0-72E7-6D5261BC057E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\0694AF70830BBE9498B1F95939A05A44] : HP Customer Experience Enhancements -> C:\windows\Installer\{07FA4960-B038-49EB-891B-9F95930AA544}\ARPPRODUCTICON.exe [HKCR\Installer\Products\099AAB46CF1F54147A1B4EF1BB9CAD74] : HP Recovery Manager -> C:\windows\Installer\{64BAA990-F1FC-4145-A7B1-E41FBBC9DA47}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\0A93EF4767BFDC7448AB192EBB1BE72F] : DisableMSDefender [HKCR\Installer\Products\0D9E7EBDF741869B1C5CD97EF204BD14] : Catalyst Control Center Next Localization RU -> C:\WINDOWS\Installer\{DBE7E9D0-147F-B968-C1C5-9DE72F40DB41}\ARPPRODUCTICON.exe [HKCR\Installer\Products\14909766CFB221AEC335A1ED90B1C594] : Catalyst Control Center Next Localization CS -> C:\WINDOWS\Installer\{66790941-2BFC-EA12-3C53-1ADE091B5C49}\ARPPRODUCTICON.exe [HKCR\Installer\Products\17C6353DDC00F7546842BC5DF14DF3C1] : DriversCloud.com (64 bits) -> C:\WINDOWS\Installer\{D3536C71-00CD-457F-8624-CBD51FD43F1C}\maconfico [HKCR\Installer\Products\1C383F3C050D04A448F318176A0AC2A3] : Blade & Soul -> C:\WINDOWS\Installer\{C3F383C1-D050-4A40-843F-8171A6A02C3A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\209BBDA94ED3C2F2E08A71CA14FF136E] : CCC Help Hungarian -> C:\Windows\Installer\{9ADBB902-3DE4-2F2C-0EA8-17AC41FF31E6}\ARPPRODUCTICON.exe [HKCR\Installer\Products\25412E3A240856B550959D7C3E3807FE] : CCC Help Italian -> C:\Windows\Installer\{A3E21452-8042-5B65-0559-D9C7E38370EF}\ARPPRODUCTICON.exe [HKCR\Installer\Products\28C3BEDD11327C5CBA57DD0A8D0BA65A] : CCC Help English -> C:\Windows\Installer\{DDEB3C82-2311-C5C7-AB75-DDA0D8B06AA5}\ARPPRODUCTICON.exe [HKCR\Installer\Products\2B0163E6D0340BE4183EB2758E9BEDD8] : Bonjour -> C:\Windows\Installer\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}\Bonjour.ico [HKCR\Installer\Products\353058111A81652A788599A1D266A087] : Catalyst Control Center Next Localization DE -> C:\WINDOWS\Installer\{11850353-18A1-A256-8758-991A2D660A78}\ARPPRODUCTICON.exe [HKCR\Installer\Products\36FEA8A681C61D76DEFDCD333972E03C] : Catalyst Control Center Graphics Previews Common -> C:\Windows\Installer\{6A8AEF63-6C18-67D1-EDDF-DC3393270EC3}\ARPPRODUCTICON.exe [HKCR\Installer\Products\375D3E94A182CE418F22FA74AEC6830C] : CCC Help Chinese Traditional -> C:\Windows\Installer\{49E3D573-281A-14EC-F822-AF47EA6C38C0}\ARPPRODUCTICON.exe [HKCR\Installer\Products\42C6FBF1Df1C10144AB2C065F4E9E897] : Media Suite -> C:\Windows\Installer\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}\ARPPRODUCTICON.exe [HKCR\Installer\Products\462AC5EBBBA6EE71C9775750946EAF5F] : Catalyst Control Center Next Localization DA -> C:\WINDOWS\Installer\{BE5CA264-6ABB-17EE-9C77-750549E6FAF5}\ARPPRODUCTICON.exe [HKCR\Installer\Products\4A2E1ACA6D57A34D8FC2314CB84751B3] : Catalyst Control Center Next Localization TH -> C:\WINDOWS\Installer\{ACA1E2A4-75D6-D43A-F82C-13C48B74153B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\4A4584711A0554DA6681474BA26DA6D1] : ccc-utility64 -> C:\Windows\Installer\{174854A4-50A1-AD45-6618-74B42AD66A1D}\ARPPRODUCTICON.exe [HKCR\Installer\Products\4EA42A62D9304AC4784BF2238110120F] : Java 8 Update 121 -> C:\Program Files (x86)\Java\jre1.8.0_121\\bin\javaws.exe [HKCR\Installer\Products\50A45C97641F0AE4A8074DFE6E81E125] : HP Support Assistant -> C:\WINDOWS\Installer\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}\ARPPRODUCTICON.exe [HKCR\Installer\Products\5286461E193D0A2439AA72AF18D00A39] : PowerDirector -> C:\Windows\Installer\{E1646825-D391-42A0-93AA-27FA810DA093}\ARPPRODUCTICON.exe [HKCR\Installer\Products\52B4607135C02D900B726EFFA575AE8C] : AMD Start Now -> C:\Windows\Installer\{17064B25-0C53-09D2-B027-E6FF5A57EAC8}\ARPPRODUCTICON.exe [HKCR\Installer\Products\5CE454A5A7125a24C81ED2ED4C7EE010] : PhotoDirector -> C:\Windows\Installer\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}\ARPPRODUCTICON.exe [HKCR\Installer\Products\60B213FAC5C5E864983BEBD62E467522] : Cisco LEAP Module [HKCR\Installer\Products\60D94C3D6AF740EC1AA702473E41BD6B] : Catalyst Control Center - Branding -> C:\Windows\Installer\{D3C49D06-7FA6-CE04-A17A-2074E314DBB6}\ARPPRODUCTICON.exe [HKCR\Installer\Products\63AEB64B17B0E4A4EA1478426134AFA0] : Power Media Player -> C:\Windows\Installer\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\6599A4CC6553ACAFD86676812BB91FFE] : Catalyst Control Center Next Localization BR -> C:\WINDOWS\Installer\{CC4A9956-3556-FACA-8D66-6718B29BF1EF}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68C9A7FC1D717D8578F08E5E5DD33571] : AMD Catalyst Control Center -> C:\Windows\Installer\{CF7A9C86-17D1-58D7-870F-E8E5D53D5317}\ARPPRODUCTICON.exe [HKCR\Installer\Products\6B2AC564FA8977E4EB229A803CB49BCE] : Energy Star -> C:\Windows\Installer\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\6D3D109DC68E28F200271027655358F0] : Catalyst Control Center Next Localization FI -> C:\WINDOWS\Installer\{D901D3D6-E86C-2F82-0072-01725635850F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\6E0FE4A0219AEDC47A3FE6657E1CA3F2] : Cisco PEAP Module [HKCR\Installer\Products\701043F6AA9F6C745BC43C1AF91155F3] : Hewlett-Packard ACLM.NET v1.2.2.3 -> C:\windows\Installer\{6F340107-F9AA-47C6-B54C-C3A19F11553F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\735595C3869D5D84AA1BCC2B9EF05AA9] : TomTom HOME -> C:\WINDOWS\Installer\{3C595537-D968-48D5-AAB1-CCB2E90FA59A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\74A569CF9384AC046B81814F680F246C] : Skype™ 7.32 -> C:\WINDOWS\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe [HKCR\Installer\Products\76AE34DD3FAD9784FB7F5E4376B5ED5A] : HP PC Hardware Diagnostics UEFI -> C:\Windows\Installer\{DD43EA67-DAF3-4879-BFF7-E534675BDEA5}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7810FB462D3FB89499AE61A39FEAE69C] : Cisco EAP-FAST Module [HKCR\Installer\Products\7836916F885DBD15774B0F023B8D45F3] : AMD Software -> C:\WINDOWS\Installer\{F6196387-D588-51DB-77B4-F020B3D8543F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\78A44F57726E681EBCF98C86D95897E7] : Catalyst Control Center Next Localization FR -> C:\WINDOWS\Installer\{75F44A87-E627-E186-CB9F-C8689D85797E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\79459B5110A0692469BABF00552DA730] : CCC Help Portuguese -> C:\Windows\Installer\{15B95497-0A01-4296-96AB-FB0055D27A03}\ARPPRODUCTICON.exe [HKCR\Installer\Products\79FDEAA639B49614F8ACCF0B73C8DE25] : HP Documentation -> C:\Windows\Installer\{6AAEDF97-4B93-4169-8FCA-FCB0378CED52}\NotebookDocs.exe [HKCR\Installer\Products\7A6F2EDADB7E5594DB660309B322D3FD] : HP CoolSense -> C:\windows\Installer\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\7C43C21609E58D74B9C5F017D78D7262] : swMSM -> C:\windows\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7D2F8E1D497754242B6878DE681C98C3] : HP Registration Service -> C:\Windows\Installer\{D1E8F2D7-7794-4245-B286-87ED86C1893C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\813811A1D085D976F917BB096E99227A] : CCC Help Turkish -> C:\Windows\Installer\{1A118318-580D-679D-9F71-BB90E69922A7}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8994BF104C33134458DE70E9E3FE7ED5] : YouCam -> C:\Windows\Installer\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8D1D2B0370A017B4593570015C3DE153] : HP Wireless Button Driver -> C:\Windows\Installer\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8F466DD6EC179CF45DCA51EA6DF2771B] : CCC Help Russian -> C:\Windows\Installer\{6DD664F8-71CE-4FC9-D5AC-15AED62F77B1}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8F5C9D343E91B451FF354F882C8E710A] : CCC Help French -> C:\Windows\Installer\{43D9C5F8-19E3-154B-FF53-F488C2E817A0}\ARPPRODUCTICON.exe [HKCR\Installer\Products\91CF4147A40893F618A6ED52B495301C] : Catalyst Control Center Next Localization CHS -> C:\WINDOWS\Installer\{7414FC19-804A-6F39-816A-DE254B5903C1}\ARPPRODUCTICON.exe [HKCR\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E] : Google Update Helper [HKCR\Installer\Products\94BD5DDAFC278D11D95700109267D057] : PowerBackup -> C:\Windows\Installer\{ADD5DB49-72CF-11D8-9D75-000129760D75}\ARPPRODUCTICON.exe [HKCR\Installer\Products\96F071321C0420726140000010000000] : 7-Zip 16.04 (x64 edition) [HKCR\Installer\Products\97F1696888FD09210A258F13E1F5163B] : Catalyst Control Center Next Localization EL -> C:\WINDOWS\Installer\{86961F79-DF88-1290-A052-F8311E5F61B3}\ARPPRODUCTICON.exe [HKCR\Installer\Products\99E331315D0B34148B23AA5DC5264AC1] : HP 3D DriveGuard -> C:\Windows\Installer\{13133E99-B0D5-4143-B832-AAD55C62A41C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\9A16840E725C51488A262F5A5C4C08A0] : Catalyst Control Center Next Localization TR -> C:\WINDOWS\Installer\{E04861A9-C527-8415-A862-F2A5C5C4800A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\A11B465D683E6FF8C31CC33F1E3F1425] : Catalyst Control Center Next Localization IT -> C:\WINDOWS\Installer\{D564B11A-E386-8FF6-3CC1-3CF3E1F34152}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A8A175BE0E186E11C81C000565592035] : Evernote v. 6.3.3 -> C:\WINDOWS\Installer\{EB571A8A-81E0-11E6-8CC1-005056950253}\Evernote.ico [HKCR\Installer\Products\A95E036EBBFCB9DDE6191910AC1415AA] : CCC Help Spanish -> C:\Windows\Installer\{E630E59A-CFBB-DD9B-6E91-9101CA4151AA}\ARPPRODUCTICON.exe [HKCR\Installer\Products\AAE079ACFC34039510AE50243C1EB7DD] : CCC Help Korean -> C:\Windows\Installer\{CA970EAA-43CF-5930-01EA-0542C3E17BDD}\ARPPRODUCTICON.exe [HKCR\Installer\Products\AB91F1AA72A3DAD18F684D92A9FE225B] : Catalyst Control Center Localization All -> C:\Windows\Installer\{AA1F19BA-3A27-1DAD-F886-D4299AEF22B5}\ARPPRODUCTICON.exe [HKCR\Installer\Products\AD5BD01E675EAE047ACFC12B7A2B386A] : NVIDIA PhysX [HKCR\Installer\Products\AF4B7BF20227705AA65634159B621568] : CCC Help Swedish -> C:\Windows\Installer\{2FB7B4FA-7220-A507-6A65-4351B9265186}\ARPPRODUCTICON.exe [HKCR\Installer\Products\B0DC44185997FC54773732D9178FBFB5] : CCC Help Norwegian -> C:\Windows\Installer\{8144CD0B-7995-45CF-7773-239D71F8FB5B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\B1F75223CC11DCD654AA3586C115C9E7] : Catalyst Control Center Next Localization SV -> C:\WINDOWS\Installer\{32257F1B-11CC-6DCD-45AA-53681C519C7E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\B550E5691CA5007AC3B9293A9E4919B4] : AMD Radeon Settings -> C:\WINDOWS\Installer\{965E055B-5AC1-A700-3C9B-92A3E994914B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\BA83A860EA9399D8273C25B1BAB3B881] : CCC Help Dutch -> C:\Windows\Installer\{068A38AB-39AE-8D99-72C3-521BAB3B8B18}\ARPPRODUCTICON.exe [HKCR\Installer\Products\BD85259E221926B518B1A2E69121AD23] : Catalyst Control Center Next Localization JA -> C:\WINDOWS\Installer\{E95258DB-9122-5B62-811B-2A6E1912DA32}\ARPPRODUCTICON.exe [HKCR\Installer\Products\BE1253C6D5468EBD4C03FA5A8DC4EE08] : CCC Help German -> C:\Windows\Installer\{6C3521EB-645D-DBE8-C430-AFA5D84CEE80}\ARPPRODUCTICON.exe [HKCR\Installer\Products\BF6B29EE23AC1D26237B18D20D6AF0FE] : Catalyst Control Center Next Localization ES -> C:\WINDOWS\Installer\{EE92B6FB-CA32-62D1-32B7-812DD0A60FEF}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C558EA2B2938228C4D75899B0D827522] : Catalyst Control Center Next Localization CHT -> C:\WINDOWS\Installer\{B2AE855C-8392-C822-D457-98B9D0285722}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C7BAF831EF53F1D0B301E2C2A2CD9F7E] : AMD Fuel -> C:\Windows\Installer\{138FAB7C-35FE-0D1F-3B10-2E2C2ADCF9E7}\ARPPRODUCTICON.exe [HKCR\Installer\Products\CE85A7956D2404947893BF4994B110C3] : Dropbox 25 GB -> C:\windows\Installer\{597A58EC-42D6-4940-8739-FB94491B013C}\DropboxOEM.exe [HKCR\Installer\Products\D278BAE32C75D965AF68D22D356E4C3E] : AMD Settings -> C:\WINDOWS\Installer\{3EAB872D-57C2-569D-FA86-2DD253E6C4E3}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D4D1FB9826D1E15449699B17DB8E7202] : Foxit PhantomPDF -> C:\windows\Installer\{89BF1D4D-1D62-451E-9496-B971BDE82720}\IconName.exe [HKCR\Installer\Products\D54EC5DEB24881C40A20781EE63AB93B] : HP Support Solutions Framework -> C:\WINDOWS\Installer\{ED5CE45D-842B-4C18-A002-87E16EA39BB3}\icon.ico [HKCR\Installer\Products\D665D7792533ECFF771467CFE6992C97] : CCC Help Danish -> C:\Windows\Installer\{977D566D-3352-FFCE-7741-76FC6E99C279}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D84D78A2FDF3df1479DC1A3E07FEFF2E] : Power2Go -> C:\Windows\Installer\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}\ARPPRODUCTICON.exe [HKCR\Installer\Products\DD3C6AFCA23B80FC9460FC705251AC9C] : CCC Help Polish -> C:\Windows\Installer\{CFA6C3DD-B32A-CF08-4906-CF072515CAC9}\ARPPRODUCTICON.exe [HKCR\Installer\Products\DD9594C9B253B1F2A36C8F406D0A2037] : CCC Help Czech -> C:\Windows\Installer\{9C4959DD-352B-2F1B-3AC6-F804D6A00273}\ARPPRODUCTICON.exe [HKCR\Installer\Products\DF877231FAAA0528B11582CB6ED709C0] : AMD Problem Report Wizard -> C:\WINDOWS\Installer\{132778FD-AAAF-8250-1B51-28BCE67D900C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E1430624AE22BD1209B5A8EA15BD90B9] : CCC Help Greek -> C:\Windows\Installer\{4260341E-22EA-21DB-905B-8AAE51DB099B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E5E97C392E4209816AF89E7E4E8C0DA1] : CCC Help Finnish -> C:\Windows\Installer\{93C79E5E-24E2-1890-A68F-E9E7E4C8D01A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E619B871ACCBA464281B61BFEC683EB0] : AMD Settings - Branding -> C:\WINDOWS\Installer\{178B916E-BCCA-464A-82B1-16FBCE86E30B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E78EE4B804D619C45B8ED07CD74C211F] : HP System Event Utility -> c:\WINDOWS\Installer\{8B4EE87E-6D40-4C91-B5E8-0DC77DC412F1}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\EDCD681504DC2E72F2A8ED3F4F90E6EB] : CCC Help Japanese -> C:\Windows\Installer\{5186DCDE-CD40-27E2-2F8A-DEF3F4096EBE}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F2BBB6FB07788D5EE6F256D58912CC0D] : Catalyst Control Center Next Localization NO -> C:\WINDOWS\Installer\{BF6BBB2F-8770-E5D8-6E2F-655D9821CCD0}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F3CB48DBC42EFA761DE31ADE570B211B] : Catalyst Control Center Next Localization HU -> C:\WINDOWS\Installer\{BD84BC3F-E24C-67AF-D13E-A1ED75B012B1}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater [HKCR\Installer\Products\F60D7B265AEC084F2123FCF7CC52DF9D] : Catalyst Control Center Next Localization PL -> C:\WINDOWS\Installer\{62B7D06F-CEA5-F480-1232-CF7FCC25FDD9}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F9A2810C754E29E4817768BB8E082A7D] : CCC Help Thai -> C:\Windows\Installer\{C0182A9F-E457-4E92-1877-86BBE880A2D7}\ARPPRODUCTICON.exe [HKCR\Installer\Products\FA34772B9E5877B1494B0753B4CFF344] : AMD Accelerated Video Transcoding -> C:\Windows\Installer\{B27743AF-85E9-1B77-94B4-70354BFC3F44}\ARPPRODUCTICON.exe [HKCR\Installer\Products\FAA1FE9C245B8C145A731124ADD5A4CE] : HP Customer Experience Enhancements -> C:\WINDOWS\Installer\{C9EF1AAF-B542-41C8-A537-1142DA5D4AEC}\ARPPRODUCTICON.exe [HKCR\Installer\Products\FBC57E11C8A732EFE0B761020C072D3D] : AMD Start Now -> C:\WINDOWS\Installer\{11E75CBF-7A8C-FE23-0E7B-1620C070D2D3}\ARPPRODUCTICON.exe [HKCR\Installer\Products\FC009C959CBA692B6A2451E96C186287] : Catalyst Control Center Next Localization KO -> C:\WINDOWS\Installer\{59C900CF-ABC9-B296-A642-159EC6812678}\ARPPRODUCTICON.exe [HKCR\Installer\Products\FCA01AC2C756C50B47F011280A3CF0F9] : Catalyst Control Center Next Localization NL -> C:\WINDOWS\Installer\{2CA10ACF-657C-B05C-740F-1182A0C30F9F}\ARPPRODUCTICON.exe ---------- | ADS ---------- | Drives Disk: 0 Size=715G Pos MBRndx Type/Name Size Active Hide Start Sector Sectors --- ------ ---------- ---- ------ ---- ------------ ------------ 0 0 EE-UNKNWN 21.0T No No 1 294,967,295 ---------- | MBR Windows Version: Windows Information: (build 9200), 64-bit Base Board Manufacturer: Hewlett-Packard BIOS Manufacturer: American Megatrends Inc. System Manufacturer: Hewlett-Packard System Product Name: HP Pavilion 17 Notebook PC Logical Drives Mask: 0x0000001c Analysis of file "C:\QuickDiag\MBR.bin": Unknown MBR code 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Task Scheduling Error: m->NextScheduledSPRetry 17250 ------------ Task Scheduling Error: m->NextScheduledEvent 17250 ------------ Task Scheduling Error: Continuously busy for more than a second ------------ Échec de la procédure d’ouverture pour le service « BITS » dans la DLL « C:\Windows\System32\bitsperf.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur. ------------ Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft. System Error: Accès refusé. . ------------ Échec de la procédure d’ouverture pour le service « WmiApRpl » dans la DLL « C:\WINDOWS\system32\wbem\wmiaprpl.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur. ------------ Nom de l’application défaillante HPWMISVC.exe, version : 1.4.1.0, horodatage : 0x55910776 Nom du module défaillant : OLEAUT32.dll, version : 10.0.14393.447, horodatage : 0x5819c2b5 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0001bf74 ID du processus défaillant : 0x9ec Heure de début de l’application défaillante : 0x01d28edb49b88f3e Chemin d’accès de l’application défaillante : c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\OLEAUT32.dll ID de rapport : 9d496522-2e7f-4982-8bf8-f540c49a232b Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code d’état. ------------ Échec de la procédure d’ouverture pour le service « MSDTC » dans la DLL « C:\WINDOWS\system32\msdtcuiu.DLL ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur. ------------ Échec de la procédure d’ouverture pour le service « Lsa » dans la DLL « C:\Windows\System32\Secur32.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur. ------------ Échec de la procédure d’ouverture pour le service « ESENT » dans la DLL « C:\WINDOWS\system32\esentprf.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur. ------------ Échec de la procédure d’ouverture pour le service « BITS » dans la DLL « C:\Windows\System32\bitsperf.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur. ------------ Échec de la procédure d’ouverture pour le service « WmiApRpl » dans la DLL « C:\WINDOWS\system32\wbem\wmiaprpl.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur. ------------ Impossible d’ouvrir l’objet de performance pour le service Serveur. Les quatre premiers octets (DWORD) de la section Data contiennent le code d’état. ------------ Échec de la procédure d’ouverture pour le service « MSDTC » dans la DLL « C:\WINDOWS\system32\msdtcuiu.DLL ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur. ------------ Échec de la procédure d’ouverture pour le service « Lsa » dans la DLL « C:\Windows\System32\Secur32.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur. ------------ Échec de la procédure d’ouverture pour le service « ESENT » dans la DLL « C:\WINDOWS\system32\esentprf.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur. ------------ Échec de la procédure d’ouverture pour le service « BITS » dans la DLL « C:\Windows\System32\bitsperf.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur. ------------ Windows ne parvient pas à charger la DLL de compteur extensible rdyboost. Le premier mot (DWORD) de la section Données contient le code d’erreur Windows. ------------ ----------( EOF)---------- - 4120 | 19:19:49